Content

Compliance ProgramAll employees need to be familiar with the concept of the compliance program. They should know who the compliance officer is, where to find the compliance officer, how to contact the compliance officer and should feel comfortable bringing compliance questions and concerns to first their supervisor and second, the compliance officer. Whatever the structure of your program, ensure that employees are familiar with the compliance office, staff and policies and procedures. 

Many compliance officers include an overview of the 7 Elements of an Effective Compliance program during annual training and new employee orientation. This provides a good framework for discussing the compliance program and the responsibility of employees. The 7 Elements include:

1. Written standards of conduct and policies and procedures

2. Designation of a chief compliance officer, staff and compliance committee

3. Compliance education and training

4. Anonymous compliance hotline and open-door policy

5. System of response and enforcement/ disciplinary action

6. Auditing and monitoring

7. Investigation and remediation of identified issues/ sanctions

Fraud, Waste and Abuse

With the implementation of the Deficit Reduction Act of 2005 and annual training requirements for Medicare Advantage and Prescription Drug Plans to provide fraud, waste and abuse training, most compliance training programs now provide this information. Typically, the information provides is way over the top. Fraud case examples are a good way to illustrate the issues and penalties that ensue. 

Stark, Anti-kickback, False Claims, EMTALA

For the general audience, the basics on the Stark Law, Anti-kickback Statute, False Claims and EMTALA should be presented. As with Fraud, Waste and Abuse training, it's best to use case examples to illustrate how the laws should be followed and any consequences of noncompliance. Employees should understand the policies and procedures surrounding false claims and whistleblower protection.

HIPAA Privacy

All employees, contractors, students and volunteers should be trainined on HIPAA Privacy and confidentiality. This audience needs to understand how to keep information confidential and following the "need to know" principle for accessing and disclosing protected health information (PHI). Employees should understand their responsibility and also the rights of the patient under HIPAA.

HIPAA Security

As with HIPAA Privacy training, HIPAA Security training should be conducted annually, with ongoing reminders throughout the year. The HIPAA security rule includes four "addressable" topics that should be included in training content for all employees:

• • Periodic security updates

  • Procedures for guarding against, detecting, and reporting malicious software

  • Procedures for monitoring log-in attempts and reporting discrepancies

  • Procedures for creating, changing, and safeguarding passwords 

(AHIMA. "HIPAA Privacy and Security Training (Updated)." (Updated November 2010))

Specific Training

Billing and Reimbursement Topics

Coding

Hot Topics and Regulatory Changes

Recovery Audit Contractors

OCR Audits