Audit Expectations and Challenges

When it comes to hospitals providing best-in-class health care, stress comes with the territory. From stabilizing trauma victims, to accurately distributing medications, to physicians and nurses working long shifts, increased demands are everywhere — including operations not directly involved with patient care. One demand that can turn daily routines completely upside-down and compound stress is an audit. A GRC compliance audit can be conducted internally by various hospital committees or externally, often by government-approved contractors.

Internal Audits

An internal audit seeks to determine if a hospital’s financial and operational controls, and their related policies and procedures, meet compliance and risk management demands.

Based on a hospital’s risk assessment, management develops and reviews the scope and goals of an audit. Running the audit is then delegated to a committee, with the most common committees focusing on:

  • Patient safety
  • Nursing staffing
  • Clinical quality
  • Medical staff

An internal audit involves interviews and evaluating personnel or procedures. Upon the audit’s completion, a report of its findings is prepared by the appropriate committee and shared with management. Corrective recommendations of action to any areas of noncompliance are collaboratively developed, and a finalized report is presented to the hospital’s board of directors, chief compliance officer, and audit and compliance committee.

The ultimate goal of an internal audit is to improve patient care. Who in a hospital wouldn’t want to improve it, right? But the truth is that an audit can diminish quality of care while it’s in progress. That’s because committees are often comprised of physicians, nurses, and technologists who are pulled away from patient-care responsibilities to work on compliance administrative tasks.

External Audits

According to a 2017 AHA report, four federal agencies — the Centers for Medicare & Medicaid Services, the Office of Inspector General, the Office of Civil Rights, and the Office of the National Coordinator for Health Information Technology — are the primary drivers of regulations and compliance costs across eight domains for hospitals:

  • Hospital conditions of participation
  • Billing and coverage verification requirements
  • Meaningful use of electronic health records
  • Quality reporting
  • Privacy and security
  • Fraud and abuse
  • Program integrity
  • New models of care

The frequency and pace of regulatory changes implemented by multiple federal agencies are dizzying. Hospitals are often required to comply with regulations in very short timeframes, requiring a significant investment of staff time and finances. What’s more, responding to multiple external audits increases administrative costs, and funds could be tied up in lengthy appeals processes contesting an auditor’s inappropriate determination.

External audits are conservatively estimated at $100 per hour. For example, consider the total costs of a HIPAA audit:

  • HIPAA Gap Assessment — Identifies gaps and provides remediation plans for those gaps
    (40 hours average, $24,000–34,000)
  • Full HIPAA Audit — Assesses hospitals against all the requirements in the HIPAA Security Rule
    (100 hours average, $30,000–60,000)
  • Validated HITRUST Assessment — Provides the most complete, certifiable framework for HIPAA to mirror PCI compliance (400 hours average, $100,000–160,000 — with costs much higher for larger organizations)

Protect Your Hospital

If your hospital is like most others, it’s spending too much staff time and money dealing with a blizzard of regulations and an avalanche of red tape. Fortunately, there are solutions. youCompli GRC risk management software monitors, reads, and translates complicated regulations into plain English. Our solution enables you to fully understand which rules are pertinent to maintaining compliance, further simplifying the auditing process. And it tracks everything, from end to end, making audits much less painful.

Learn how youCompli regulatory compliance management software protects your hospital.

Who Needs an “Easy” Button? Regulatory Compliance for Teaching Hospitals and Academic Medical Centers

Nobody chooses to pursue a career in healthcare at a teaching hospital or academic medical center (AMC) so they could process regulatory compliance paperwork. Right?! Nevertheless, health systems spend $39 billion on admin duties to comply with no fewer than 600 regulatory requirements. Most of the time they are juggling these requirements (and a whole lot more) without an effective compliance management system. It’s anybody’s guess what is truly being done to comply.

The regulatory landscape continues to change. It’s even more complex for teaching hospitals and AMCs that have specialized facilities such as children’s hospitals and cancer centers. And it’s nearly impossible to know for sure what is being done to comply with the regs when students and researchers are added to the mix. Compliance oversight is already challenging enough when it includes only clinical and hospital staff, business associates and contractors.

Ever-increasing regulation ushers in more documentation requirements. Satisfying the reporting requirements steals time away from patient care and contributes to burnout. Plus, more regs and more people equals a big compliance headache.

These healthcare systems not only have the pressure to comply with regulations, improve care and cut costs as other hospitals do, but they have the critical mandate to educate future medical professionals and dedicate resources to research.

According to the Association of American Medical Colleges, academic medical centers in the United States contribute $562 billion in annual economic impact. But, what’s even more significant is the impact these facilities have on the health of our society. Medicine moves forward in teaching hospitals and academic medical centers. When people are faced with a health crisis and grasping for innovative treatment and cures, they flock to these systems. Oftentimes this is their last shot at a healthy future. Teaching hospitals and academic medical centers are the epicenter of first breakthroughs. They are also the last resort for patients who have tried everything else. As a result, teaching hospitals have more costly cases and often bear the brunt of safety-net and charity care.

Shouldn’t there be an “easy” button for them?

Academic medical centers and teaching hospitals have a great need for an effective compliance management system. These systems save valuable time and money. But they also make it easy to see what is being done by whom to comply with regs. No more ad-hoc spreadsheets. Thoughtfully applied technology can make regulatory oversight a piece of cake.

The more effective the compliance management system, the more time is freed up for medical professionals to do what they are passionate about—provide the best patient care and focus on their mission of treatment, research and education. And who couldn’t use an “easy” button for compliance regulation?

Are you ready to explore a compliance management system that is easy to use and effective? If you’re ready to transform your regulatory compliance process, schedule a call today!

Is Your Budget Keeping Pace With Your Workload?

Every admission to a hospital triggers $1,200 in regulatory compliance costs, according to an American Hospital Association (AHA) report.

That’s because each hospital with post-acute care beds has to comply with 629 different federal regulations – plus any and all new ones that come along.

Best practices call for you to be constantly scanning the Federal Register and other sources, not just for new regulations but also for changes to old ones. To translate them from “Regulish” to English, so you can analyze what they mean. To decide which parts of which regulations apply to your hospital. To define and assign compliance tasks. And to update your IT, if needed, to monitor and document compliance.

That doesn’t come cheap.

An average 161-bed community hospital spends more than $7.5 million a year on federal compliance – $9 million if it has PAC beds. Plus an average of $411,000 on IT upgrades each year to monitor and document compliance.

While your compliance department is doing this, compliance departments at another 6,145 US hospitals are doing the exact same thing, the exact same way, running up the same kinds of costs.

No wonder American hospitals and health systems spend more than $38 billion a year duplicating each other’s compliance work.

But what if there were one online expert source that could cut out all that needless duplication? That could tell you what you need to know and let you manage your own hospital’s compliance progress in real time, 24/7/365, with just a few mouse clicks?

There is. And it can cut compliance costs through economies of scale, the way Henry Ford did for cars.

With more regulatory changes in the pipeline every year, you’re going to need more budget, more staff and more other resources. Odds are three-to-one you won’t get them. A 2018 study reported that fully 75% of compliance officers surveyed predicted that their budgets would either stay the same or get cut.

Want to beat those odds? Then you’ll want to learn more about a system that lets your compliance department accomplish more for much less.

The Inefficiency of the Status Quo

When it comes to maintaining your hospital’s compliance in the face of with ever-changing regulations, the struggle is real and expensive. Hospitals of all sizes spend boatloads of money on GRC and risk solutions to stay compliant. Plus, clinical teams working on compliance –physicians, nurses, technologists – spend inordinate amounts of time away from patient-care responsibilities trying to decipher and implement the latest rules.

Do you know just how expensive it is for hospitals to stay compliant and maintain the status quo? Let’s look at state-level expenses first.

State of Shock

Last year, the Oregon Association of Hospitals and Health Systems and Pacific University collaborated on a report titled Cost Burden: Evaluating the Financial Impact of Oregon State Regulatory Compliance on Oregon Hospitals and Health Systems. Some of its key findings:

  • In 2018, Oregon hospitals spent a total of $126 million on labor to comply with over 2,000 rules created by the state
  • Of these facilities, large hospitals each spent approximately $3.9 million on labor, and smaller hospitals each spent close
    to $0.5 million
  • Staff salaries represented 85% of total compliance costs for all hospitals
  • At large hospitals, 50% of compliance departments spent 40 hours or more a week overseeing state regulations
  • Many new state laws and regulations are effective as soon as the governor signs them, giving hospitals no time to understand the new rules, train their staffs, or establish procedures — and instantly making them non-compliant

National Numbers

Costs skyrocket when hospitals in all 50 states try to meet federal regulations, as detailed in the 2017 AHA report, Regulatory Overload: Assessing the Regulatory Burden on Health Systems, Hospitals and Post-acute Care Providers. Here are just some of the average costs that community hospitals (160 beds) incurred in 2016:

  • Nearly $7.6 million on administrative activities
  • Almost $760,000 to meet meaningful use administrative requirements
  • Around $411,000 in systems upgrades
  • Approximately $709,000 annually on the administrative aspects of quality reporting

Naturally, the larger the hospital size, the greater the administrative costs. Hospitals with post-acute care beds paid $9 million, whereas large hospitals with at least 400 beds paid $18.8 million in administrative costs. Hospitals of all sizes also spent $3.1 million on administrative compliance activities related to conditions of participation for Medicare programs, plus another $1.6 million on billing and coverage verification.

In 2016, the administrative aspects of federal regulatory compliance worked out to $38.6 billion — or more than $47,000 per hospital bed. And every time a patient was admitted in 2016, hospitals would incur $1,200 in regulatory burdens alone. As high as the $38.6 billion figure is, it does not account for complying with regulations made by federal agencies, such as the FDA.

Thus, the “complete” costs of federal regulatory compliance for hospitals is likely much, much higher.

Simplifying Regulatory Compliance

The proliferation and vast amount of regulatory changes can easily exceed your hospital’s ability to understand and implement them in a timely manner. And if your hospital’s spending a lot of money but still can’t maintain compliance with state, federal, and agency regulations, that could spell disaster.

You need a more effective spend stat. Take a look at what youCompli can do to help you monitor, translate, act upon and track compliance activity throughout your hospital. Get started here.