For many payers, the new year may signal a countdown to the government program audit.
Healthcare consultant Cody is currently working with more than a dozen managed care insurers who are preparing for the Centers of Medicare and Medicaid Services audit.
CMS sends out its last audit notifications for the year in October. The next cycle begins in February.
"It's horribly invasive," said Brad Boyer, Cody's senior vice president for Sales and Marketing. "It's six weeks from the letter to on-site."
Once inside, it's all hands on deck.
Over the last year there has been a huge increase in these program audits, according to Boyer, who works with insurers to prepare.
"CMS is increasing oversight," Boyer said. "It has truly become, this is not a matter of if, but when. You're not going to skate by year-after-year-after-year. They're making a more concerted effort."
Also, smaller health plans may believe they are less of a target than the larger systems, which is not true anymore, Boyer said.
Having gone through an audit in 2016 doesn't mean CMS gives a pass for 2017. Each year CMS updates its audit protocols.
"One CMS memo update could impact multiple areas of an organization," he said.
[Also: Be prepared for HIPAA audits]
Moreover, non-compliance comes with enormous penalties.
"These fines have gone into the millions of dollars for health plans," Boyer said. "It has caused CMS to shut down enrollment efforts."
This happened earlier this year to Cigna on its Medicare Advantage plans. Among other violations, CMS said Cigna had inappropriately denied medical care and prescription drugs to members and allegedly gave no good explanation as to why they weren't covered.
Cody recommends holding a mock audit to expose gaps in the organization and implementing the software tools necessary to prove to CMS you're doing what you're supposed to be doing.
"It's all about systems and technology," Boyer said.
[Also: RAC contractor signs licensing deal for care guidelines used in CMS audits]
Key areas of compliance include policies and procedures, Health Plan Management System memos, and the distribution of member materials such as Evidence of Coverage, Annual Notice of Change, and Summary of Benefits.
To be preparedt, Cody recommends several measures.
First, ensure that you're current with all Health Plan Management System memos. On average, health plans receive 10 to 20 HPMS memos each week. With a number of these requiring action within a specified timeframe, it's important that plans track required responses and due dates. Memos should also be attached to the rules they impact.
Second, track responses to policy and procedure documents. In addition to updating policy and procedure documents each year, health plans must ensure that all affected employees have reviewed and understand the updated information.
Triple-check required member materials for errors, have a compliance expert review the documents, or outsource the creation of these materials to a third-party advisor. With so many requirements around the mailings of Annual Notice of Change, Evidence of Coverage and Summary of Benefits, it's important to make sure these documents are error-free.
Identify compliance issues before they are flagged by CMS. To ensure compliance with all mandated regulations and requirements, health plans should regularly pull reports that identify potential compliance violations.
Finally, conduct a mock audit to identify weaknesses. This should include a thorough review of all areas under CMS' compliance program policies such as written policies, procedures and standards of conduct. It should include a compliance officer, compliance committee and a governing body, and cover effective training, education and lines of communication.
Twitter: @SusanJMorse