Solutions

Solutions powered by
Learn More.
abaqis for Skilled Nursing

abaqis®

Mitigate risk and elevate your quality of care. Improving both clinical and business outcomes starts with a smarter, more integrated approach to regulatory training, continuing education and quality management.

Learn More

NEW TO THE STORE

hStream Content Marketplace

NurseGrid Learn

Online store for Clinical Learners. Individual CE Credit and industry products for Clinical Learners are now available through NurseGrid Learn (Beta). Explore our robust collection of courses that provides an unparalleled level of flexibility and choice.

DEA MATE Opioid and Substance Use for Practitioners

Meet the DEA's new requirement under the Medication Access and Training Expansion (MATE) Act in an online and self-paced 8-hour DEA MATE Act course specifically designed for practitioners, including Physicians, PAs, NPs, Pharmacists, Dentists and others.

LATEST & POPULAR

BLOG

Nurse Strikes are Scary, but License Verification Doesn’t Have to be
BLOG

Mind Matters: The Interplay of Staff Wellness in Quality Outcomes
BLOG

Unlocking Revenue in Healthcare: The Power of Efficient Credentialing
On-Demand Webinar

Understanding ENA’s Emergency Severity Index Handbook, 5th Edition
On-Demand Webinar

From Regulations to Realities: Nurse Staffing, Unions, and the ShiftWizard Advantage
On-Demand Webinar

myClinicalExchange Empowers Logan Health to Transform Student Onboarding

< HealthStream Resources

What is Compliance-Image

What Is Healthcare Compliance?

September 30, 2021
September 30, 2021

Healthcare Compliance – Definition and Scope

Healthcare compliance is an ongoing process for meeting the legal, ethical and professional standards that are applicable to healthcare organizations and providers. The scope of compliance for healthcare organizations is extremely broad and includes an array of areas covering patient care, patient confidentiality, reimbursement, Joint Commission standards, Health Insurance Portability and Accountability Act (HIPAA), research standards and managed care contracting. The requirements of federal, state and local regulatory agencies as well as business and ethical standards are also covered by compliance.   

Why It Matters

Providing healthcare comes with enormous risks – to both providers and patients. Healthcare organizations that have established robust compliance programs can reduce their exposure to these risks. However, it is not an easy job. The rules tend to be very complex; there are a huge number of them; and they change frequently. Compliance can be difficult to achieve, but is essential to the creation of a high-performing, safe, reliable and low-risk environment. 

The cost of non-compliance can be enormous – literally. Protected Health Information (PHI) and the requirements of HIPAA are areas of significant vulnerability for healthcare organizations and insurers. In 2015, the Office of Civil Rights (OCR) fined a health insurance provider $16 million for a data breach that exposed the PHI and other personal information of nearly 79 million subscribers. In 2018, the Centers for Medicare and Medicaid Services (CMS) fined a healthcare organization $2.5 million when a provider’s laptop was stolen which resulted in the PHI of approximately 1,400 patients being exposed. Post-incident investigations revealed that these organizations had not properly assessed their risk, lacked procedures to notify patients who had their PHI compromised and obviously both had failed to keep PHI secure. 

Establishing a Culture of Compliance

The Office of the Inspector General (OIG) has helped to define compliance for healthcare organizations. Their guidance includes a recommendation that organizations strive to build a culture of compliance. The OIG provides resources that help hospitals, physicians and other healthcare providers remain in compliance with current federal regulations. While the OIG recognizes that there is not a one-size-fits-all compliance program that will work for every organization, there are some essential elements. 

  • Written Policies and Procedures:  The OIG recommends that they be written clearly and specifically for the organization, be shared freely and that the organization have a regular means of monitoring compliance with and understanding of policies and procedures. 
  • Designate a Compliance Officer and Committee: This serves as the backbone for the organization’s compliance program and should be run by a well-qualified compliance officer that is well-resourced with a regular responsibility to report to senior leaders and the organization’s board. 
  • Develop Open Lines of Communication: Open communication without fear of retaliation should be established including hotlines for anonymous reporting of compliance violations. 
  • Internal Monitoring and Auditing: Effective monitoring and audits help insure accurate claims and the identification of risks, particularly in high-volume services. 
  • Compliance Education: Avoid risk by conducting annual, job-specific training for employees with regular reviews of the content to insure that it is still relevant. 
  • Respond To Deficiencies: Develop action plans to correct any deficiencies that are identified and conduct periodic reviews to insure ongoing compliance. 
  • Enforce Disciplinary Standards: Well publicized, consistently-applied standards are essential to any compliance program. 

Quality and compliance in healthcare is possible. Be sure that your organization is working to establish a culture of compliance.