Corporate Compliance

1. How to analyze your outlier exposure
2. Audit and monitor HIPAA privacy compliance
3. Gov't audit insider

Healthcare Auditing Weekly, June 1, 2003

Health Care Auditing Strategies
NEW Newsletter
Guide to Compliance Auditing: Applying OIG Techniques and Tools
Strategies for Health Care Compliance
June 17, 2003
Vol. 1, No. 7

SUBSCRIBE to Health Care Auditing Weekly




For practical, must-have tips, tools, and information on today's toughest compliance challenges, this new book and CD-ROM set ("Compliance Troubleshooter: Tackling the Top 10 Compliance Challenges"), covers 10 of today's most pressing compliance challenges-gleaned from sources such as the OIG 2003 Work Plan, the latest Medicare memos, the Federal Register, and the daily news. You'll find practical tips, advice, ideas, and tools to help you solve the problems associated with each issue.

To learn more, including how you can save 10%, click here.

Or, call 800/650-6787 and mention source code EB0394E.



Auditing news and tips

Sample audit programs (For subscribers to Health Care Auditing Strategies only)

Sample compliance policies and procedures. (For subscribers to Strategies for Health Care Compliance only)

The OIG Work Plan for Fiscal Year 2003

Ask the Expert

Tip of the Week

Compliance Hot Topics: Auditing, Billing and Coding, EMTALA, Stark, HIPAA

Question of the Week

In This Week's Issue

  1. How to analyze your outlier exposure
  2. Audit and monitor HIPAA privacy compliance
  3. Gov't audit insider

This Week's Headlines

1. How to analyze your outlier exposure

The government is cracking down on outlier payments. On June 11, the Centers for Medicare and Medicaid Services released the final version of a rule governing outlier payments to hospitals and long term care hospitals.

To reduce outlier exposure, it's best to conduct a shadow audit. Do this in advance of a government audit, or at least at the same time. It's important for you to go through your billing records, find out what increases in charges occurred (if any), when they occurred, and the context in which they occurred. Potentially suspicious increases in charges sometimes turn out to be legitimate reactions to outside factors or internal difficulties, including the following:

  • Managed care contract reimbursement cuts that force offsetting charge increases
  • Long-term failures to update chargemasters that necessitate significant increases in a single year or over a series of years
  • Losses involving ancillary ventures
  • Decreases in hospital admissions or the volume of outpatient services
  • Changes in the acuity of patients
  • The purchase of expensive equipment or supplies
  • An increase in the incidence of unfounded care

    For more on analyzing your outlier exposure, order the book "Compliance Troubleshooter: Tackling the Top 10 Compliance Challenges." This book features information on The False Claims Act, outlier payments, quality of care, economic and traditional economic credentialing criteria, EMTALA, nonphysician practitioners, billing and documentation, outpatient prospective payment system, Stark, and inpatient compliance issues. Click here for more information or to order.

    Back to top

    Looking for an audit tool from a proven source?

    Coding compliance book streamlines your audit process

    Accurate medical records documentation and coding is a universal, perennial concern that's becoming all the more critical in today's environment of fraud and abuse investigations. "Coding Compliance: A Practical Guide to the Audit Process" will help you to make your medical records/coding compliance audits effective and efficient! For more information, go to Click here or call our customer service department at 800-650-6787. Be sure to mention source code EB1269B.

    2. Audit and monitor HIPAA privacy compliance

    Now that your organization has implemented the Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy rule, add elements to your auditing and monitoring plan to make sure your organization meets its compliance obligations.

    Risk assessments
    With policies and procedures in place, it's important to keep your risk assessment moving, according to Sheryl Vacca, director of Deloitte & Touche's West coast health care compliance practice in Costa Mesa, CA. Try the following:

    1. Identify, measure, and prioritize compliance risks to evaluate and test critical controls
    2. Identify key subject matter experts in departments such as compliance, human resources, claims, billing, marketing, research, and other areas that use and disclose PHI to help you identify risks
    3. Develop a dynamic corporate audit plan that identifies proposed audit coverage and knowledge resource requirements pertaining to security and privacy requirements

    For all five steps, as well as information on auditing administrative requirements, use and disclosure of PHI, patient rights, and business associates, order the pay-per-view article "Strategies for auditing and monitoring HIPAA compliance." The article costs $10. Subscribers to the online version of Health Care Auditing Strategies have free access to it. Subscribers to the print edition can find it in their May issues.

    Or for only $23 per month, you can get even more auditing best practices and how-to articles by subscribing to Health Care Auditing Strategies. Save 10% by ordering online.

    Back to top


    In addition to each 12-page monthly newsletter, Health Care Auditing Strategies (HCAS) subscribers receive the following benefits:

  • Audit talk-This is a free forum to network, share ideas, and solve problems for HCAS subscribers.

  • Audit advantage-Readers log on each month to the HCAS subscriber-only Web page that lists sample audit plans and government documents. Go to and enter the password that is printed in each issue of HCAS.

  • Fax and email alerts-When there's late breaking news that just can't wait until the next issue of HCAS, we'll fax or email the pertinent information to you immediately.

  • Editorial special reports-When there's a new regulation or news on laws related to health care auditors, our expert writers gather the necessary information and compile a special report. Subscribers received a free special report on the Sarbanes-Oxley Act with their May issues.

    Take advantage of these subscriber benefits, as well as auditing best practices and how-to articles by subscribing to Health Care Auditing Strategies. Save 10% by ordering online.


    Medicaid drug rebate program-North Carolina

    The Office of Inspector (OIG) used the following objective, scope, and methodology in its recent audit of the Medicaid drug rebate program in the state of North Carolina:

    The objective of the OIG's audit was to evaluate whether the North Carolina Division of Medical Assistance (DMA) had established adequate accountability and internal controls over the Medicaid drug rebate program.

    The OIG performed this audit in accordance with generally accepted auditing standards. It reviewed DMA and electronic data system (EDS) policies, procedures, and controls with regard to manufacturer drug rebates from July 1, 2001 through June 30, 2002. The OIG limited its review of internal controls to those concerning drug rebate billings, collections, and dispute resolutions. This was accomplished through interviews and testing pertaining exclusively to the drug rebate program.

    To accomplish its audit objective, the OIG obtained the state's Medicaid Drug Rebate Schedule (Form CMS 64.9R) for the one-year period ending June 30, 2002. It then reviewed supporting documentation to assess the reliability of the outpatient drug rebates information reported to CMS. The OIG reviewed accounts receivable and subsidiary records and compared the information with the data presented in the Form CMS 64.9R report. It also interviewed DMA, EDS, and the state controller's office staff who performed functions related to the drug rebate program to determine existing policies, procedures, and controls as of June 30, 2002.

    For more information on the OIG audit "Audit of the Medicaid Drug Rebate Program in the State of North Carolina," go to 06009.htm.

    Back to top


    To learn more about the Sarbanes-Oxley Act and how it affects internal auditors and compliance officers, order the special report "Sarbanes-Oxley Act: Impact on Health Care Organizations"

    Share the news!

    You've been benefiting from our informative e-mail newsletter, so why not pass on this resource to your peers? Sign up a colleague and get $20 off your next purchase on HCPro's Healthcare Marketplace!

    Send your comments and questions about Health Care Auditing Weekly to:

    Melissa Osborn
    Managing Editor

  • Health Care Auditing Weekly (c) 2003 HCPro, Inc. You have permission to forward Health Care Auditing Weekly, in its entirety only, to your colleagues, provided this copyright notice remains part of your transmission. Better yet, send them to where they can subscribe to the newsletter directly. All other rights reserved. None of this material may be reprinted without the expressed written permission of HCPro, Inc.

    DISCLAIMER Advice given is general, and readers should consult professional counsel for specific legal, ethical, or clinical questions. Users of this service should consult attorneys who are familiar with federal and state health laws.

    SPONSORSHIPS For information about sponsoring Health Care Auditing Weekly, contact Margo Padios at or call 781/639-1872 ext 3145. If you would like further information about any of HCPro's products, including books, seminars, videos, consulting services, or newsletters please visit

    YOUR SUBSCRIPTION You are receiving this message as a subscriber to Health Care Auditing Weekly. If you would like to unsubscribe, please visit If you do not have web access, please forward this email to: and type "Remove" in the body.

    Copyright 2003 HCPro, Inc.

    Most Popular