Our Former HHS, IRS, and OIG Agents Assist Hospitals Nationwide with All Aspects of Compliance, Auditing, Cybersecurity, and Risk Management
Hospitals in the United States face substantial compliance burdens. They also face significant, tangible, and measurable risks on a day-to-day basis. For CEOs and compliance officers, effectively managing these compliance obligations and risks needs to be a top priority, and it is essential to implement compliance policies and risk management protocols from the top down.
We bring extensive high-level experience to helping hospital CEOs and compliance officers protect their facilities, their personnel, and their patients. Our senior hospital consultants include former high-ranking agents with the U.S. Department of Health and Human Services (DHHS), the Internal Revenue Service (IRS), the Drug Enforcement Administration (DEA), and various Offices of Inspector General (OIGs), among other federal agencies. Our consultants are specialists in Medicare, Medicaid, Tricare, U.S. Department of Labor (DOL), and private payor compliance, and we have extensive experience in the areas of cybersecurity, digital forensics, and risk management consulting as well.
Our Consulting Services for Hospitals
If you run a hospital, or if you are responsible for ensuring that a hospital remains compliant and protects its patients’ data on an ongoing basis, we can help you make the right decisions at the right times. Our services for hospitals include:
We assist hospitals of all sizes and in all geographic regions with all aspects of compliance. This includes HIPAA compliance, Medicare and Medicaid billing compliance, and everything in between. As former healthcare fraud investigators with DHHS and other agencies, we have a comprehensive understanding of the types of issues that tend to get hospitals into trouble.
When it comes to managing hospital compliance, conducting internal audits is a key component of the process. We work with our clients to conduct both targeted and comprehensive internal audits, relying on our former federal agents’ investigative expertise to secure all available data from all possible sources. Once we have performed an audit, we assist with interpreting the results and determining appropriate next steps as well.
In addition to conducting and overseeing internal audits, we assist hospitals with external audit defense as well. In addition to DHHS, the IRS, and the DEA, we have significant experience with audits conducted by the Centers for Medicare and Medicaid Services’ fee-for-service auditors (i.e. MACs, RACs, and UPICs) as well. We take a proactive approach to external audit defense, engaging with auditors on behalf of our clients and proactively demonstrating compliance when appropriate.
Cybersecurity is becoming an increasing concern for hospitals. Hospitals have an obligation to protect their employees’ and patients’ data, and these data are a prime target for malicious attacks. We assist hospitals with implementing cybersecurity protocols and procedures, and we conduct internal cybersecurity audits for our clients to determine where their vulnerabilities lie.
When faced with a cybersecurity intrusion, allegations of malpractice or billing fraud, or any of the various other issues that can lead to liability for hospitals, being able to conduct digital forensics can be crucial to mitigating any potential exposure. We have digital forensics specialists on staff who have specific experience working with hospitals and other entities in the healthcare sector.
As a hospital CEO or compliance officer, a big part of your job is managing risk. You must weigh risks with virtually every decision you make, and you must be able to justify your decisions to your hospital’s shareholders and board. We can help you make sound decisions, and we can provide quantitative data to erase any concerns about whether your decisions serve the best interests and meet the needs of your facility.
FAQs: Compliance, Audits, Cybersecurity, Digital Forensics, and Risk Management for Hospitals
Q: What are some of the key areas of compliance for hospitals?
Hospitals face a broad array of compliance obligations. From maintaining patient records to transmitting prescriptions, and from billing Medicare to paying laboratories and other entities, virtually all aspects of hospitals’ operations are subject to laws, rules, and regulations of some form. Some examples of key compliance areas for hospitals include:
Q: How often should hospitals conduct internal compliance audits?
Minimally, hospitals should conduct internal compliance audits on an annual basis. However, there are various factors that might warrant more-frequent or ad hoc internal audits as well. For example, shortly after implementing a compliance program, it may be prudent to conduct periodic audits to assess the effectiveness of the hospital’s implementation efforts. Or, if a specific issue arises (i.e. a cybersecurity breach), then it will be necessary to conduct a targeted internal audit focused on gathering crucial data about the issue at hand.
Q: What are hospitals’ legal obligations with regard to cybersecurity?
Like other businesses, hospitals have a legal obligation to undertake reasonable measures to protect the security of their employees’ and customers’ (or patients’) data. However, hospitals have additional data security obligations as well. Our senior cybersecurity consultants can help your facility meet all requirements established by HIPAA and other pertinent state and federal statutes.
Q: What is the process for responding to an external (i.e. DEA or Medicare) audit?
For hospitals, there are several critical steps involved in responding to an external audit. First, it is necessary to make contact with the auditors and gain a clear understanding of the scope of the inquiry. Then, it is essential to conduct an internal audit in order to assess any potential risk. Once an internal audit has been performed, then the focus can shift to using the data obtained to respond strategically to the external audit and mitigate any potential liability for recoupments or other penalties to the fullest extent possible.
Speak with a Senior Consultant about Your Hospital’s Needs for Free
If you would like more information about how we help hospitals establish compliance, protect their employees’ and patients’ data, and minimize their risk, we encourage you to get in touch. To speak with a senior consultant in confidence, please call 866-352-9324 or request a complimentary consultation online today.