subscribe now
Not getting email updates?

Measuring the Effectiveness of Your Compliance Program

June 8, 2018

Understanding the Programs, Services & Tools You Need to Protect Your Members and Your Business

From the time we, as healthcare professionals, enter the healthcare environment, the elements of an effective compliance program are impressed upon us. Enterprise compliance programs, policies and procedures, daily monitoring and oversight activities, and operational processes are all governed by these fundamental principles. The Office of Inspector General (OIG) explicitly defines these compliance elements, which are likewise spelled out in Centers for Medicare and Medicaid Services' (CMS) Prescription Drug Benefit Manual, Chapter 9.[1, 2] The Code of Federal Regulations (CFR) reinforces these elements and further notes that Medicare plan sponsors must “adopt and implement an effective compliance program, which must include measures that prevent, detect, and correct non-compliance with CMS’ program requirements as well as measures that prevent, detect, and correct fraud, waste, and abuse.”

With all of these governing bodies defining compliance for us, we have a good place to start. But how do you know if your program is effective?

Fundamental Elements of an Effective Compliance Program

erxo - compliance_blog_article_compliance article_18-2176_v5

A 2018 Healthcare Compliance Benchmark Report conducted by SAI Global notes that although much work building out compliance programs has transpired, “evidence suggests that many of these programs are not fully developed or effective." [3]

Ensuring basic elements are in place is simply not enough. A new priority with data protection has emerged that encompasses cybersecurity and HIPAA Privacy. This only complicates how to achieve regulatory compliance and demonstrate effectiveness because these factors require robust collaboration between health plan compliance departments and their internal business partners, as well as a plan's first tier and downstream entities, such as pharmacy benefit manager (PBM) partners.    

Using the seven elements outlined in this article to define roles and responsibilities is certainly a must. The harder part entails deeper dives into how a compliance program can make a real impact, directly reflecting the organization’s commitment to compliance. Operational compliance and continuous improvement needs to be hardwired into the overall culture. Compliance cannot be a concern only for the compliance department; it must include all partners.

Is your compliance program working or are you just checking all of the necessary boxes? Use the list below to measure the true effectiveness of your program.

  1. Are you using automated policy and procedure reviews? Automated policy and procedure reviews and tracking within a policy library is a must. Manual tracking with hard copies or spreadsheets is not only inefficient and time consuming, but increases the chances of missing annual review requirements.

  2. Are your plan and PBM aligned? Plan policies and practices should link and speak to PBM policies, which also demonstrates proper PBM oversight and governance for delegated activities.  

  3. Are your risk management and internal audit teams integrated? Risk management principles conducted by enterprise risk management/internal audit teams should be readily merged into traditional compliance oversight practices and run hand-in-hand, leveraging expertise from both departments.

  4. Are you prioritizing appropriately? Results from functional area monitoring, compliance team oversight, auditing, and trending analytics that drive compliance department work plans should be reviewed and prioritized accordingly.

  5. Are you offering multiple channels for compliance concerns to be reported? There should be options available for escalating compliance concerns using more than one channel, including offering anonymous reporting via live operator and web.

  6. Are you doing regular sanction screenings? Sanction screening should occur monthly for all employees, prescribers, network pharmacies, and network pharmacists.

Using these six compliance checks, you can get a good idea of where your program stands. The good news is that health plans, healthcare providers, PBMs, and government agencies all have the same goal: to ensure beneficiaries receive the right care, at the right time, and keep beneficiaries’/patients’ best interests in mind at all times. An effective compliance program serves as a layer of defense to ensure beneficiaries remain a top priority. Regulations, quality, and beneficiary experiences are all intertwined and your PBM should be an integral piece of your compliance puzzle, helping drive your compliance program forward to true effectiveness.

Take the next step. Learn how you can achieve compliance effectiveness in your program. Download our compliance guide.

Download Compliance Guide Bottom Banner v2

[1] Office of the Inspector General, Compliance Program Guidance for the Healthcare Industry:

[2] CMS Prescription Drug Benefit Manual, Chapter 9: 

[3] 2018 Healthcare Compliance Benchmark Report by SAI Global:

register blog graphic