Lessons Learned – How compliance officers can better protect their organizations (Part 4)


This fourth installment in a series of bulletins discusses some of the challenges compliance officers face and offers best practices to show how health care providers and their compliance officers can work cooperatively to establish and maintain effective compliance programs, avoiding False Claims Act whistleblower lawsuits.

Internal Monitoring and Auditing

Effective auditing and monitoring plans will help organizations avoid the submission of incorrect claims to federal health care program payors and detect billing compliance issues before the government does. Health care providers should develop detailed annual audit plans designed to minimize the risks associated with improper claims and billing practices. Some factors to consider include:

  • How does the organization set the audit plan? Is the Office of Inspector General (OIG) Work Plan and the organization’s PEPPER (Program for Evaluating Payment Patterns Electronic Report) report used (if applicable)? Hint: They both should be (if available)! The government expects that organizations will be paying attention to both of these publications and using them to inform and construct their audit plans and compliance activities. Failure to pay attention to these resources may set you up as a target for an OIG audit or investigation.
  • Does the organization do an annual risk assessment? Who within the organization is polled as part of the risk assessment?
  • Is the audit plan re-evaluated annually, and does it address the proper areas of concern, considering, for example, findings from previous years' audits, risk areas identified as part of the annual risk assessment, and high volume services?
  • Does the audit plan include a PEPPER report assessment of billing systems, in addition to claims accuracy, in an effort to identify the root cause of billing errors?
  • Is the role of the auditors clearly established? Are coding and audit personnel independent and qualified, with the requisite certifications?
  • Has the organization evaluated the error rates identified in the annual audits? Does the organization do follow-up reviews and audits to make sure that corrective action plans are completed, that the underlying cause of the billing issue has been corrected, and that similar errors do not continue to occur?
  • If the error rates are not decreasing, has the organization conducted a further investigation into other aspects of the compliance program in an effort to determine hidden weaknesses and deficiencies?


Where the compliance officer or a member of senior management discovers credible evidence of misconduct from any source and, after a reasonable inquiry, believes that the misconduct may violate criminal, civil, or administrative law, the organization should conduct a prompt and thorough investigation of the matter. If the concerns are confirmed, the organization should promptly report the existence of misconduct to the appropriate federal and state authorities within a reasonable period of time. This includes refunding identified overpayments within 60 days of identifying the overpayment in order to avoid potential false claims liability.

Under federal law, failure to refund an overpayment within 60 days of identification can convert a mere overpayment into the basis for a false claims action (i.e., fodder for a whistleblower). It is important that the organization has mechanisms in place to promptly investigate and quantify billing issues and then refund the overpayments to the appropriate government payors. When the issue identified is more than just an overpayment and has the potential for administrative, civil, and criminal liability, the organization should work with compliance counsel to determine the best way to resolve the organization’s liability. A voluntary disclosure to the United States Attorneys’ Office, the OIG, or CMS may be warranted in circumstances where a claims adjustment or refund of an overpayment will not adequately address the compliance issue identified.

In the next and final installment, we'll provide a few final tips.

Industries & Practices

Media Contact

Subscribe to Receive Updates
Jump to Page

Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.