Audit Readiness? How about Audit Etiquette? 

healthcare compliance audit readiness

In this blog, experts offer the real scoop on audit readiness in healthcare. Learn the unfiltered truth about compliance audits and what audit etiquette means. Get essential tips on preparing for audits, the role of healthcare compliance auditors, and what to do (and what not do) during an audit.  

What Does Audit Readiness Mean? 

Let’s say a regulator shows up at your door tomorrow. What’s the first thing your team scrambles to find? Is it evidence of task completion? Maybe a list of applicable regs? Updated policies? How about proof of communication to stakeholders? We saw a post this week asking for a current audit preparedness playbook because so many organizations think they’re ready, until they aren’t. 

Raw Truth about Compliance Audits 

Here’s the raw, unfiltered truth; no organization is ever ready for an external auditor or inspector. Ever. If you were, no one would panic when the FDA shows up at the door unannounced, or the state shows up in your lobby. “The state showed up the other day, and I knew why they were coming so I wasn’t unprepared.”  

The truth is you do your best, and you also expect the worst because they’re an auditor or inspector. Duh. It’s what they do.  

It’s like when you hear a funny rattle in your car. You take it to the mechanic. You know he’s gonna find SOMETHING. That’s his job. If you didn’t hear the rattle, you wouldn’t have taken it to him. You’re just hoping it is a minor repair rather than a total overhaul. Same with your audit, your auditor, and the rattle in your compliance practices. 

healthcare compliance audit

What to Know About the Healthcare Compliance Auditor 

Auditing is a formal, independent way to investigate regulatory compliance of a system or process within an organization. In accordance with regulations or industry best practices, an auditor assesses the adherence, adequacy and absence of certain processes.  

What a Healthcare Compliance Auditor Does 

  • Identifies errors, omissions and irregularities.  
  • Investigates the intent of possible wrongdoings. 
  • Provides information regarding auditing procedures.  
  • Submits reports to investigating authorities. 

Okay, A Compliance Audit Is Scheduled – What to Do? 

Once you know an audit is coming, use these five steps to prepare your organization

  1. Make sure you can have as many of your team members available for the audit as possible, in case the auditor wants to schedule interviews with them.  
  2. Provide a few date options for the auditor to choose from. A regulatory body like CAP, CLIA or FDA does not have to give warning of an audit and can arrive unannounced, but most audits are not unannounced. You have time to prep. Use it.  
  3. Ask for an audit agenda as soon as you can. Review it.  
  4. Alert the team that an audit will occur. This allows time to prepare any project-specific documents that may not be complete.  
  5. About a week out from the audit, do a facility walkthrough to make sure there is nothing out of place. Do it two days out and then the day before. Yes, this much. You have people in your office. They move things.  

Once you have these steps under control, preparation becomes a case of do’s and don’ts. In other words, audit etiquette. 

What Is Audit Etiquette? Best Practices for Compliance Behavior 

Audit etiquette covers all the best practices required to facilitate smooth external audits. These vary slightly based on the health system’s existing compliance processes and experience facilitating them.  

In most cases though, following these techniques for what to do and what to avoid will drive positive, less stressful outcomes.  

What to Do in a Compliance Audit 

  • Do listen to an auditor’s question and think before responding.  
  • Do answer only the question that is asked. Stop talking.  
  • Do ask for clarification if you don’t understand the question.  
  • Do answer only those questions relative to your job.  
  • Do be honest and pleasant. 
  • Do treat the auditor with respect and courtesy at all times.  
  • Do dress in business casual attire. 
  • Do prepare to talk to the auditor and anticipate questions. 
  • Do have quality obtain copies of taped conversations. 
  • Do provide well-ordered, clear documents. 
  • Do understand your policies and procedures. 
  • Do keep computers locked when away. 
  • Do close security-controlled doors. 
  • Do keep paperwork organized and out of sight when possible. 
  • Do escort the auditor at all times while on the premises. 

What Not to Do in a Compliance Audit 

Don’t guess. Say you don’t know or that you need to consult an SOP or defer to someone who is more suitable to answer the question. If you want to consult an SOP, describe the procedure in general terms with the auditor and then walk them through the details. Just saying “I have to consult my SOP” gives the impression that you aren’t trained. 

Here are other things NOT to do in an audit:  
  • Don’t try to answer for someone else. 
  • Don’t answer for another department or specialty. 
  • Don’t offer additional information. Again, stop talking.  
  • Don’t elaborate – answer only what is asked. 
  • Don’t use hedge words (examples: I think, usually, normally). 
  • Don’t guess when asked a question. 
  • Don’t sign anything without legal approval.  
  • Don’t argue with the auditor or inspection. Clarify anything the auditor misunderstood.  
  • Don’t be rude or disrespectful to the auditor. 
  • Don’t huddle. 
  • Don’t panic. 
  • Don’t lie. 

Practice Compliance Audit Etiquette with Confidence 

Regulatory bodies will give a report prior to leaving the audit. Ensure you engage with the necessary teams to give sufficient responses and have a plan for any noted observations. The observations and responses in a report will generally be the first items looked at in the next audit. Make sure you stay on top of these action plans and complete the items you have committed to. 

Also remember that auditors may be experts or novices based on the type and scope of the audit being performed. Do not assume you are the smartest person in the room when communicating with an auditor. Understand that the inherent authority of the auditor is dictated by the interested party they are advising. Their ability to influence a decision (that may have a significant impact on your organization) is the foundation of a desired outcome for you. That’s one reason why we recommend practicing good audit etiquette. 

hospital compliance audit leaving

More Resources about Compliance and Audit Readiness 

John R. Nocero, Ph.D., and Andrea L. Bordonaro, MAT, blog on LinkedIn as “The Q-Kids,” discussing everything related to clinical research education, inspiration, and professional connection. 

John is the Director of Quality at River Vista in Columbus, Ohio. He has worked in clinical research since 2003 and is inspired by the Irish professional wrestler Becky Lynch, whose personal and professional story centers on achievement, tenacity, grit, and overcoming adversity.  

Andrea has taught first grade in Willoughby, Ohio for 25 years. She earned a Bachelor of Science in elementary education from John Carroll University and a Master’s Degree in the Art of Teaching and Education from Marygrove College. 

Download our Latest Whitepaper
Sign-up for our Weekly Newsletter
Schedule a quick overview