A Financial Planning Leader Streamlines Audit, Risk and Compliance
Healthcare Audit Compliance
1. CASE STUDY
MetricStream A Leading Home Healthcare Provider Fortifies Audit and Compli-
ance While Maintaining Utmost Security of Confidential Information
Customer
The company is a premier home healthcare provider in the United States delivering personalizes
healtcare sevices.
Overview
With innovation as its forte, the company is constantly raising the bar of quality care and coordination
through state-of-the-art technology and programs. It offers a variety of home and hospice healthcare
service such as nursing, physical therapy and counseling.
Paramount importance is given to maintaining the highest standards of quality and process compli-
Customer ance. But operating in today’s regulatory environment is nothing short of complex. Healthcare provid-
A leading home healthcare giver in the United States ers are under constant pressure to meet a plethora of compliance regulations while caring for patients,
improving profitability, reducing costs and rising above the competition. The recent healthcare
overhaul has only complicated matters further by introducing newer, more stringent regulations.
Benefits
The introduction of Recovery Audit Contractors (RAC) and its permanent status have added to the
regulatory complexity for healthcare providers in the United States. In response, healthcare providers
Visibility into audit management, RAC audit prepa-
ration and compliance: MetricStream’s centralized have begun redefining their business strategy. Corporate governance has occupied center stage, and
dashboards enhance visibility into the company’s risk and compliance management have become key priorities.
audit management process and the preparation for
RAC audits, enabling managers to track their prog- Medicare Recovery Audit Contractor (RAC)
ress easily. The solution enables the company to gain The Centers for Medicare and Medicaid Services (CMS) started the RAC project to detect and correct
a complete view of the appeals at every stage. On the improper payments in the Medicare Fee-for-Service program. CMS hired Recovery Audit Contractors
compliance front, the central compliance library and
(RACs) who review, audit and identify improper Medicare payments.
issue tracking system present an accurate picture of
the company’s compliance quotient at all times.
Congress made RAC permanent across the United States from January 1, 2010. All healthcare provid-
ers that bill Medicare under its Fee-for-Service program require RAC Audits. They include hospitals,
Increased preparedness for RAC: With Metric-
Stream’s solution for RAC audit management, the physician practices, nursing homes, home health agencies, hospice agencies and durable medical
company’s readiness for RAC audits has improved equipment suppliers.
considerably. This has resulted in a significant
decrease in the number of improper payments and
denied insurance claims for the company. Challenges
Tracking of confidential patient information
Collaboration for foolproof audits: The solution With the wide-spread reach of the company and the enormous number of patients being served every
provides a common platform and centrally organized
day, the company found it challenging to track the confidential information of each patient, without
information. This helps the stakeholders in the com-
pany to collaborate effectively in billing adjustments, compromising its security. Each patient’s personal information, illness details, medical records, bill-
prepare better for RAC audits and run the audit integ- ing information, number of visits and payment details were recorded after each visit for future use.
rity function impeccably, with minimum issues. However, the company lacked a powerful and secure system to track this huge pool of information for
every patient and integrate each patient’s chart within its audit information.
Complete compliance: MetricStream’s ability to
track regulatory information applicable to the health- Increasing regulatory pressure
care industry, coupled with automated workflows,
The company, like most healthcare providers, has witnessed tremendous change in the regulatory
ensures complete compliance with regulations
and assures total protection of confidential patient arena over the past decade. Increasing compliance regulations, high regulatory scrutiny and non-
information. compliance penalties have become the order of the day.
The company had already established a system to manage these pressures. However, as the regula-
tions multiplied and changed, the system was unable to keep up. The company needed to manage a
variety of national regulations such as the Health Insurance Portability and Accountability Act (HIPAA),
the Gramm-Leach-Bliley Act (GLBA) and the Sarbanes-Oxley Act (SOX), as well as mandates that var-
ied across state, region and locality. Each regulation consisted of hundreds of requirements for which
strong IT expertise and focused attention to detail was required.
Manual processes
Most processes related to information handling and audit management at the company were chiefly
manual or semi-manual. Spreadsheets were used for auditing patient chart information, while phones
and emails were used as the primary channels of collaboration among different teams. These methods
were proving to be time consuming, expensive as well as unreliable, due to the large role of the hu-
man error factor innate to manual processes.
2. MetricStream
Insufficient collaboration
The various teams and stakeholders within the company were unable to collaborate in real time in
the absence of a common platform. This was particularly affecting the audit integrity function within
the company which required patient chart information and billing adjustments to be audited at regular
intervals. This in turn had a downstream impact on the preparation for RAC audits, where the claim
related information was audited.
Solution
The company needed to create a central system with a scalable governance, risk and compliance
(GRC) platform architecture for managing its regulatory compliance, ensuring the integrity of patient
information and preparing itself for RAC audits. MetricStream was selected as the solution provider
based on its track record as well as its functional and technical capabilities to meet the company’s
specific requirements.
MetricStream delivered a highly sophisticated and integrated GRC solution to the company, encom-
passing audit integrity, RAC audit management, issue management, and compliance management.
The solution is a comprehensive, Web-based application deployed on MetricStream GRC Platform,
and provides a common framework, automated workflows and an integrated approach to manage all
compliance and audit requirements in the organization.
MetricStream’s platform supports the company’s organizational model across all business divisions,
units and departments, as well as their mapping to different roles and reporting relationships. The
portal views are based on the user’s profile and organizational mapping. Users have a role-based
portal access with options required for initiating actions, scheduling tasks and viewing reports and
dashboards limited to their roles.
“MetricStream has implemented a rich solution to support our specific audit and compli-
ance needs. With clear visibility into audit status and complete automation in these areas,
we have achieved stronger compliance and secure audits across the organization. With
MetricStream Solution, we feel well-equipped to meet newer challenges in the health-
care space and serve our patients better than ever”
- says the spokesperson of the company
RAC audit management
MetricStream Solution helps the audit managers track and monitor improper payments and insurance
claims denied earlier. It also enables them to identify trends that can avoid future improper payments,
and to develop an internal process that streamlines the response to RAC audit requests.
MetricStream’s comprehensive solution automates, streamlines and integrates the company’s prepa-
ration for RAC audits. It has also introduced a proactive approach. The solution includes systematic
workflows that help the audit team complete record requests, submit them on time, send determina-
tions and appeals, and manage all aspects of RAC audit requirements on a single centralized platform.
Built-in status tracking and reporting, integrated document management, remediation action work-
flows and auto generation of letters allow the company to implement industry best practices for
regular self-assessments and internal audits.
In case of a complex review, the solution allows different stakeholders to collaborate and create,
compile and review claim data. Built-in workflows enable the automatic routing of information to vari-
ous stakeholders such as the Revenue Recovery department and the Appeals Coordinator. The entire
appeals process is simplified by automating the task of preparing, reviewing, approving and finalizing
appeals. Complex reviews usually involve several iterations which MetricStream Solution manages
seamlessly for the company.
3. MetricStream
When an automated review is required, MetricStream Solution helps the audit team manage the dif-
Why MetricStream ferent steps of creating, compiling and reviewing claims, collaborating with different stakeholders and
managing appeals in a smooth and efficient manner. The reporting capabilities of the solution provide
MetricStream offers a broad set of solutions on a trends and graphical charts based on a wide range of variables including the service that is being
Web-based platform with capabilities to address all audited, the physician associated with the service and diagnosis codes.
GRC and quality process within the company. Metric-
Stream’s solution provides a unified approach and an
Audit integrity
integrated solution to meet overall objectives, as well
as regulatory and compliance requirements. MetricStream Audit integrity Module helps the company’s audit team audit the vast amount of
patient-related information entered on patient charts. Multiple stakeholders are involved in completing
the audit: Audit Plan Owner, Audit Plan Approver, Patient Chart Auditor, Patient Chart Audit Reviewer,
MetricStream Solution is built and deployed on
MetricStream GRC Platform, a robust and scalable and Operational Reviewer.
infrastructure that contains powerful capabilities
such as automated workflows, configurable forms, The elaborate workflow built within the solution allows all these stakeholders to collaborate for the
collaboration, real-time exception tracking, email creation, review and approval of the audit plan. It also enables them to initiate patient chart audits,
alerts and notifications, integration, reports, executive and perform, approve and close the patient audits.
dashboards, business intelligence, analytics, and
secure access control.
Initiating, reviewing and approving patient billing adjustments is automated, and audits are performed
to ensure the accuracy of these adjustments. MetricStream Audit Integrity Module, along with RAC
MetricStream has deep domain experience in health- Audits Management Module, is integrated with the Issue Management Module for flawless tracking
care, as well as an in-depth understanding of issues
of incidents and fool-proof efficiency of audit integrity.
related to information security and prevention of fraud
and abuse.
Issue management
MetricStream Issue Management Module enables the company to identify and resolve documentation
discrepancies, gaps, coding errors and other issues that might result in a RAC audit failure as well
as non-compliance with applicable regulations. These issues are form-based and action owners are
assigned for particular issues related to audits and regulatory compliance. Each audit at the company
includes findings, recommendations, actions and issue owners.
The system assigns a unique ID to each issue, making it easy to track the issues from one stage to
the next. Issues are categorized based on predefined criteria with detailed information on each. Auto-
matic alerts and notifications are sent to the appropriate personnel for remedial action. Failure inves-
tigations are also conducted to determine the root cause of the issue. The investigation is conducted
using collaborative workflows, with each investigative task assigned to an appropriate individual.
Once a corrective action is initiated, the case closes only after the action plan is carried out.
Compliance management
MetricStream Solution captures and compiles requirements and regulatory information about industry-
specific controls, industry guidance, international and country-specific governance, laws and regula-
tions - all on a central platform.
Compliance managers at the company can access an exhaustive compliance library within the ap-
plication, identify relevant regulations, document specific requirements for the organization, and define
a monitoring process to comply with requirements.
MetricStream Solution provides a common framework and an integrated approach to manage all
compliance requirements faced by the company, including HIPAA/HITECH. Leveraging the solution, the
company can define and maintain a centralized structure of the overall compliance and control hierar-
chy including processes and assets in scope, risks for the processes and assets, controls to address
the risks and mechanisms to assess the controls.
For more information, visit
www.metricstream.com
Copyright 2011. All Rights Reserved.