The Four Pillars of Incident Management

Are you missing out on an important opportunity to vastly improve your organization’s compliance program and prevent potential fines, legal actions, and bad press?

“Fundamentally, compliance efforts are designed to establish a culture...that promotes prevention, detection and resolution of instances of conduct that do not conform to Federal and State law, and Federal, State and private payor health care program requirements, as well as...ethical and business policies.”---HHS OIG

The mission of every compliance program is to find and correct mistakes. Most compliance programs refer to this as incident management. Now, as compliance professionals, we often aim for perfection, but the OIG stated that it “recognizes that mistakes will occur” but that “employees have an affirmative, ethical duty to come forward and report erroneous or fraudulent conduct, so that it may be corrected.”

If your compliance program has no record of any mistakes or corrective actions, your program is probably ineffective. In reality, internal reports should be welcomed and viewed positively because internal reports, and correctly managed incidents, give you the ability to improve your compliance program and prevent external reporting.

1. Discovery: The discovery of events and issues can come from a number of sources, incident report, risk management referral, complaints, citations, etc. Oftentimes, incidents are reported internally before they’re reported externally. These internally reported issues should be viewed as little gifts, opportunities to strengthen your program.
2. Conduct Investigations: When conducting an investigation you’ll generally want to conduct interviews. Before jumping in, gather as many facts as possible and try to become an expert before interview. Review relevant documents, and if possibly, seek outside counsel, auditors, or other healthcare experts.
3. Corrective Action Plan: Determine the root causes of each potential violation, then, design and implement changes to eliminate the root causes. The OIG stated that “detected but uncorrected misconduct can seriously endanger” your organization’s “mission, reputation, and legal status.”
4. Documentation: Providers should maintain records that accurately and fully document their investigation efforts to demonstrate that they acted in a diligent and timely manner.

Watch our recent webinar on-demand, "The Consequences of Poor Incident Management", to make sure your compliance program is effective by following best practices in incident management.