Preparing for an OIG Compliance Audit in Five Steps

For the past few years, the Office of Inspector General ("OIG") of the United States Department of Health and Human Services ("HHS") has been reviewing Medicare payments to hospitals to determine compliance with selected billing requirements. The OIG focuses its audits on specific areas identified as being at risk for noncompliance with Medicare billing requirements, and selects hospitals for review based on the use of computer matching and data mining techniques.  While these audits may initially be limited in scope, they are oftentimes expanded and the OIG has increasingly used the results of these reviews in an attempt to recover "overpayments" and identify providers with a pattern of improper claims submission.

The purpose of this article is to provide some key steps that hospitals can take to prepare for an OIG compliance audit through the development of an effective response plan. By taking the following steps now, a hospital can be better poised to address an audit:

1. Get Educated About the Process. Hospitals should get educated about the audit process before it happens. By understanding what requests hospitals will receive, the timeframes for responding and the requirements related to document production, a hospital can identify gaps in needed resources and personnel.
2. Develop a Response Team. It is important to identify who will be involved in an audit and what resources they will need. Identifying these individuals and getting them up to speed on the audit process, as well as potential document production requirements, will best situate your organization to be able to respond to an audit in a timely and organized manner. Your response team will be responsible for wearing many hats, from gathering documents to reviewing responses. As such, hospitals should consider including the following individuals on their response team: legal counsel, compliance officer, patient accounting representatives, claims specialists, IT specialists and medical records custodians. Each member of the response team should have a good understanding of their roles and responsibilities with respect to an audit, and hospitals should select one individual to serve as the point person for an audit to ensure continued progress. It is essential that the point person understand the importance of including legal counsel at the outset of any audit. Among other items, legal counsel should play an active role in reviewing document and information requests and reviewing and responding to the audit report. This will best position the hospital to preserve certain appeal rights.
3. Develop a Written Audit Plan. In order to manage the large number of document exchanges and information during the audit process, hospitals should consider developing a written audit plan. The audit plan shall, among other things, identify the contact person for the hospital with respect to the audit, describe how audits should be reported internally, delineate the roles and responsibilities of each response team member with respect to an audit, and outline procedures for exchanging data and information during the audit process. The written audit plan should ensure involvement of legal counsel at the outset of and throughout the audit process.
4. Consider What Outside Resources Are Necessary. Hospitals should consider up front what outside resources may be necessary with respect to an audit. For example, many hospitals choose to engage outside counsel to gain additional expertise and to establish and preserve attorney‑client privilege (which may be even more essential in the event of an appeal). In addition to outside counsel, hospitals may wish to engage consultants with billing expertise. Forming prior relationships or continued engagements with such consultants will allow for more timely assistance. In such cases, hospitals should consider whether legal counsel should directly engage the consultant on its behalf for purposes of preserving privilege.
5. Review Annual Work Plans for Risk Areas. Hospitals can learn some of the most valuable information to prepare for an audit by reviewing the OIG Annual Work Plan. Each year, in its Annual Work Plan, the OIG lists those areas that it identifies as "high risk" for which it will focus its audits. Hospitals should consider including these "high risk" areas on its own audit plan to learn about and rectify any issues before an actual OIG audit.

Reinhart's Health Care team is available to assist you in preparing for and/or responding to OIG audits. Please feel free to contact Larri Broomfield, Heather Fields or any member of Reinhart's Health Care team, or your Reinhart attorney to discuss any questions or concerns related to your hospital or health system.