Blog Post

Incorporating Compliance Program Analytics

Natalie S. Lesnick | February 2024

Healthcare Compliance Program reliance on data analytics has dramatically increased in recent years. Organizations have developed internal methods to gather information that can be used to avoid or mitigate the risks of potential liabilities for non-compliance. The number of vendors that have entered the market with programs has resulted in the advancement of controls and tools available to compliance professionals. Additionally, federal regulatory and enforcement agencies continue to stress the importance of organizations using data to identify and address compliance risks and exposure. The DOJ, in its 2023 Evaluation of Corporate Compliance Program Guidance, directs their prosecutors to ask “[d]o compliance and control personnel have sufficient direct or indirect access to relevant sources of data to allow for timely and effective monitoring and/or testing of policies, controls, and transactions?” The OIG, in its recently published General Compliance Program Guidance, states that “[e]ntities should consider using data analytics, i.e., analyzing its data, to identify compliance risk areas…Data analytics efforts may range from simple to complex depending on an entity’s volume of data as well as the entity’s data analytics capabilities and resources.” This emphasizes the importance of organizations utilizing data analytics, if they have not already started.

The following are suggestions on how data analytics may be employed within your areas of responsibility:

  1. Use What You Have. Unless you are already well-versed in data analytics, integrating it into your program from scratch can be overwhelming. But it does not need to be. Using already established tools to pull reports you can share with your executive team and Board members can be a great starting point, particularly for smaller organizations. Many organizations use a Hotline to track investigations and other contacts to the Compliance Department, which can be used to pull reports. If your organization has multiple facilities, consider where most of your calls are coming from. Does one location or department generate more calls than others? Is there a specific topic that comes up more often than others? There is much to be learned from the spreadsheets and systems you already use.
  2. Begin With the Obvious. As compliance professionals, we know our organization’s weaknesses and risks. These are the areas that can be high-impact places to start. Once you understand where to start, then begin to look for patterns. Are there any completion deficiencies in the compliance training? What is the time to completion for compliance investigations? What is the time to completion for corrective actions by operations on compliance-related issues? Are there incomplete or lapsed physician contracts that have not been renewed? Beginning with the areas of the highest concern lets organizations attack the lowest-hanging fruit, allowing them to address those issues quickly and efficiently.
  3. Engage Your Operational and Executive Leaders. As much as we would like, we cannot be everywhere, have knowledge of, or access everything all at once. Your organization’s business and operational leaders will have access to and can run reports on the items you can immediately leverage – use their expertise. If you are fortunate to have a Chief Technology Officer or an IT Department at your organization, build relationships with those folks. They can also help you get the data you need and may be able to help build platforms (or show you what platforms you can use) to begin extracting information from your company’s data. Your leaders are also the individuals you should report your findings to in your Management/Executive Compliance Committee meetings. Take the information you learn from your reports, create a dashboard for them, and demonstrate how data analytics can be a valuable tool in detecting, evaluating, and mitigating compliance risks.  

Data analytics is not something to fear but something to be embraced in lessening the risks of compliance failures. It can be an extremely powerful tool in the hands of a compliance professional and positively transform your program.

For more information on this topic, you can contact Natalie Lesnick, JD, CHC, CHPC at [email protected].

You can also keep up-to-date with Strategic Management Services by following us on LinkedIn.

About the Author

Natalie Lesnick is a Consultant at Strategic Management Services, LLC. Ms. Lesnick has expertise in assessing provider compliance with the federal healthcare program rules and federal healthcare laws, including HIPAA and the Affordable Care Act.

Subscribe to blog