In June 2020, The Society of Corporate Compliance and Ethics and the Health Care Compliance Association published survey results: Compliance and the COVID-19 Pandemic.
This survey of compliance professionals found:
"The COVID-19 pandemic has upended countless organizations and how people work... compliance programs have also felt the impact. Teams have had to adjust the way they work to ensure that regulatory mandates are still met - all while staying on top of the myriad regulation changes meant to address the pandemic."
I think we can all agree it has not been easy.
Here is what your healthcare professional peers say about COVID-19's effect on compliance:
37% are exclusively working remotely; 33% are mostly working remotely.
This surge in remote work happened suddenly for many providers. It is crucial that providers examine the HIPAA consequences of working remotely, and implement controls necessary to safeguard protected health information from the increase in malware attacks during the pandemic.
It is equally important to address the communication consequences of remote work. Have your Compliance Officer (and your Privacy Officer, and Security Officer) lost visibility in the organization? If these parties aren't on site to walk the halls and receive questions and complaints, how can this be replicated from afar? Likewise, have the compliance and HIPAA officers' communications with department leaders declined? This communication is key to identifying and discussing compliance concerns, before they become problems. Use whatever remote tools you have available to keep up visibility and communication to the maximum extent possible.
15% reported a large increase in compliance inquiries; 27% reported somewhat of an increase.
15% believe COVID-19 greatly increases the risk of compliance failures; 68% believe the risk of compliance failures is somewhat increased.
Sadly, these numbers should not surprise us. The mountain of COVID-19 guidance has had compliance officers burning the midnight oil. But our "regular" compliance risks - the items that concerned us before the pandemic - actually might be even more significant now. Kickbacks, vendor gifts, vendor agreements, resident rights in nursing homes, and employee screening practices for an evolving workforce, might be higher risk for you in the midst of COVID-19. Create a plan to address ALL of these risks - COVID and non-COVID. Triage them according to the risk they pose to your organization, and create a work plan to address the risks. Be prepared to adjust the plan when new risks arise, as they will.
15% said their compliance budget was reduced a great deal by the pandemic; 25% say their compliance budgets were reduced somewhat.
Most of the providers we work with felt under-resourced before the pandemic. COVID-19 has brought more work to do and fewer funds to get it done. This makes your compliance triage and work plan even more essential: document what you need to do and how you will do it - and the reasons behind any hard decisions.
MPA can help
Wondering if your compliance program is up-to-date?
Would you like to chat with an MPA expert about the general well-being of your compliance program - and what you should be focusing on?
Schedule a free compliance consultation - we'd love to chat.