Outsourced Chief Compliance Officer for Hospitals

Outsourced Chief Compliance Officer signing document

For many healthcare organizations, especially smaller or rural hospitals, resources are scarce, and outsourcing can often be beneficial for hospitals.  One effective option is to outsource the management of a corporate compliance program, specifically to a company that can take over the responsibility to function as an outsourced chief compliance officer. 

When healthcare organizations attempt to combine the duties of a compliance officer with another position such as risk management personnel, a board member, or performance improvement specialists, these arrangements eventually fail. Or, at the very least, they will leave serious holes in compliance responsibilities, making the organization vulnerable to crisis.

Unlike combining duties within a medical setting or relying on non-expert personnel, the outsourced chief compliance officer working for a reputable consulting firm is vigilant. The outsourced chief compliance officer, in fact, does everything necessary to organize and implement compliance programs with a laser focus on sustainability.


Chief Compliance Officer Best Practices in Hospitals

Too often, while compliance policies are written, the most important rules and regulations are not fully enforced. This happens for a variety of reasons, including daily routines that go off without hiccups over an extended period. Unfortunately, costly issues can occur without warning, and complacency – because things have been running smoothly for so long – is one of the biggest factors leading to a sudden crisis.  Therefore, best practices must include:

  • Evaluation of compliance risk areas and guide change.
  • Hiring practices that complement compliance policies, including the screening of new hires for exclusion and sanctions by the Office of Inspector General (OIG).
  • Healthcare insurance and billing practices that ensure privacy and adhere to federal and state laws, including current procedural terminology (CPT) and risk-based coding.
  • Evaluation of medical records releases and informed consent policies.
  • Professional courtesy discounts for services.
  • Diagnosis and procedure coding for medical services.
  • Medical necessity and documentation.
  • Business and medical records retention.
  • Confidentiality across all areas of the healthcare organization, including a third party or outsourced chief compliance officer who will answer employee and management questions or address concerns with discretion.
  • Best practices and astute knowledge when it comes to patient rights – both in corporate policy and in external regulations.
  • Employee safety and rights expertise – vital to any sustainable healthcare organization.
  • Environmental concerns – both for public relations purposes and bio-hazard/safety.


Responsibilities of Hospital’s Outsourced Chief Compliance Officer

Outsourcing compliance needs to be done right and the hospital cannot “delegate” all risk to an outsourced compliance officer!  In our experience, healthcare organizations always need to participate fully because, without diligent focus and enforcement, compliance programs lose their effectiveness, and the organization courts disaster. One department might believe another is handling a certain element of compliance, but in reality, key points are being missed across the board.  Or a key person leaves, and no one continues the proper practices that the departed employee stayed on top of.  Make sure that key responsibilities include:

  • Skillfully conducting internal monitoring and auditing across the entire healthcare organization, including conducting periodic HIPAA Risk Analyses.
  • Developing compliance policies and procedures that adhere to company guidelines and to federal and state laws and regulations.
  • Implementing and enforcing policies and procedures across the entire organization, including periodic compliance evaluations.
  • Designating a compliance officer or expert who can multitask – handling strict compliance issues and addressing situations and questions quickly.
  • Conducting appropriate training, educating staff on the very latest federal and state laws, which change and evolve over time.
  • Responding to offenses and developing corrective actions that repair situations, including the implementation of immediate strategies to prevent similar circumstances in the future.


Outsourcing the Compliance Officer Saves Money, Consolidate Responsibilities, and Lowers Risk

This case study of a Corporate Compliance Program at a Rural Hospital shows that the risk, such as damaged reputation, legal wrangling, possible shutdown and otherwise – when compliance expectations are not met,  are too important to even consider utilizing anyone in this capacity other than a focused expert.  The hospital was exposed to a significant compliance crisis with both staff and policies, involving legal counsel. It was essential to audit stringently and to help the hospital adopt a corporate compliance work plan.  Results included saving the hospital substantial money in legal fees and bringing their corporate compliance program in line, significantly lowering future risks.

An outsourced chief compliance officer and an outsourced corporate compliance program is an effective tool for smaller and rural hospitals lacking expert resources.  If you have questions, see our outsourcing checklist and learn more about our cost-effective solutions.

When you need proven expertise and performance

Cindy Winn-Garnigan, MBA, CHSP

Ms. Cindy Winn has over 20 years of healthcare experience and expertise in operations, project management, and is certified as a HIPAA Security Professional (CHSP).