A major challenge for healthcare organizations is how to efficiently deliver services while improving the overall health of the patient population. Complicating the issue are mandates from state and federal government that are forcing organizations to rethink their strategic and financial planning and focus efforts on talent management. For instance, in 2008, the Institute for Healthcare Improvement announced the Triple Aim, which advocates for better-quality patient experience, improved population health, and lower healthcare costs. In 2010, the Affordable Care Act mandated the seven components of an effective compliance programs as a condition of enrollment in Medicare, Medicaid, or the Children’s Health Insurance Program. These two mandates have raised the need for comprehensive compliance and effective talent management programs.
As healthcare providers, we are committed to providing quality patient care and operating under the highest ethical and moral standards. No doubt, recruiting, retaining, and developing talent are vital to achieving these goals, and in high-performing healthcare organizations, the traditional human resources model is transitioning into more of a strategic talent management partner that is closely aligned with risk management and compliance. Indeed, each of these functions share common goals in recruiting a compliance-oriented workforce, creating and molding organizational culture, implementing policies and procedures, training and educating workers, ensuring competencies, improving communication, conducting performance evaluations, improving employee relations, overseeing incident management, and conducting investigations.
Risk management and compliance can support talent management by identifying organizational risk and gaps in training, as well as collaborating on needs assessments and workforce development. Here’s how.
Implement Written Policies and Procedures
Risk management, compliance, and HR can reduce risk to the organization and improve compliance with applicable federal, state and local laws, regulations and guidelines by ensuring that policies are implemented consistently and the workforce receives appropriate training as to the expectation of following policies and procedures. A centralized policy management system can help an organization track key policies for approval, implementation, workforce education, and periodic review.
Designate a Compliance Officer and Compliance Committee
The compliance officer is primarily responsible for overseeing and managing the compliance program in an organization with the support of the compliance committee comprised of a multidisciplinary group of leaders throughout the organization, including risk management and human resources. Meanwhile, HR has compliance risks including but not limited to labor laws, ensuring equal opportunity, non-discrimination, fair labor standards, and I-9 compliance. Risk management can identify compliance risk areas through incident and event reports, patient and employee complaints, and safety concerns. Compliance work plans should include a risk level, plan of correction, responsible party, completion date and plans for monitoring for improvement.
Conduct Effective Training and Education
The risk management, compliance, and HR departments all have a vested interest in effective training and education of the workforce. Workforce training should begin during the orientation and onboarding process with annual refreshers and more often as compliance risks are identified or there are changes in regulations. Healthcare core competencies include corporate compliance, HIPAA privacy and security, risk management, infection prevention, OSHA, workplace violence, discrimination and harassment prevention.
Workforce training and education needs to be linked to organizational goals by a comprehensive organizational learning and development program that enhances the knowledge, skills, and performance of clinical and non-clinical competencies. The documentation of training can reduce risk to an organization involved in a wrongful termination, discrimination, or unemployment claim and potentially minimize fines and penalties for non-compliance.
Develop Effective Lines of Communication
Effective lines of communication are essential to workforce satisfaction and compliance with federal, state, and local laws and regulations. There must be collaboration among risk management, compliance, and HR to create a culture that encourages workers to report concerns without fear of retaliation or retribution. Examples of collaboration include sharing responsibility for the employee hotline, confidential reporting, and conducting investigations.
In addition, the organization should have an “open door” policy in which staff can report issues to any member of management. In this environment, the manager would need to triage the concern and decide whether it should be referred to the Risk Management, Compliance, or Human Resources department for further investigation. An organization that has not fostered an open culture may be at risk of negative publicity, wrongful termination, harassment, discrimination, or even a whistleblower lawsuit.
Conduct Internal Monitoring and Auditing
All healthcare organizations are subject to internal and external auditing. External auditing includes financial audits, regulatory, and accreditation audits. Internal monitoring and auditing begins with identifying risks as part of an ongoing effort to ensure that policies and procedures are being followed. Monitoring begins with the identification of risks by conducting a baseline audit, developing a plan for ongoing monitoring, and implementing a plan of correction. Internal auditing includes reviewing personnel files, employee access to medical records to ensure role-based access, billing and coding to prevent fraud, and waste and abuse and medical records for quality, completeness, and accuracy of documentation. Any risk areas identified should be part of a plan to provide workforce training in an effort to improve performance.
Enforce Standards Through Well-Publicized Disciplinary Guidelines
Management and workers are held to federal, state, and local standards of compliance. Consequently, every healthcare organization is required to have disciplinary guidelines outlined in policies and procedures for non-compliance with the expected standards of conduct. Employees who engage in retribution, harassment, or any other type of retaliatory action should be subject to well-publicized disciplinary action. Risk management, compliance, and HR are all responsible for ensuring that disciplinary actions are made public and carried out consistently. Collaboration on the implementation written policies and procedures, priming effective lines of communication, and training and education will play a key role.
Respond Promptly to Detected Problems and Undertaking Corrective Action
When an issue has been identified and triaged, there needs to be an organizational commitment to conducting a prompt and thorough investigation. Risk management and compliance involvement in the investigation and corrective action mitigates the possibility of reoccurrence of a similar incident, and HR can focus its efforts on employee corrective action and workforce education. The organizational plans of correction should be monitored by compliance committee. In addition, if the complaint were to be formalized, the corrective action, plans of correction, monitoring, and committee minutes could be used to minimize any future risk to the organization.