Groundbreaking changes in the healthcare industry have increased the scope and complexity of a healthcare organization’s risks. Healthcare risk areas appear to be around every corner, from legislation and regulatory developments to operational and financial concerns. It is becoming more imperative that an organization go through a robust comprehensive enterprise-wide internal audit and risk assessment that goes beyond traditional boundaries and reaches more clinical, operational and strategic areas. The results of the risk assessment will be the basis of internal audit plan areas reflecting the priority of risks for a healthcare organization.
Top Healthcare Risk Areas
Chief Audit Executives and Internal Audit Leaders performed by Protiviti partnering with the Association of Healthcare Internal Auditors (AHIA), the following were the top healthcare audit plan areas for 2017:
- Information System Controls
- Billing and Collections
- Accounting/Finance
- Information Security/Cybersecurity Program Effectiveness
- Charge Capture
- Electronic Health Records
- Compliance and Regulatory Monitoring
- Ancillary Services
- Accounts Payable
- Data Information Governance
- HIPAA Compliance
- Fraud, Waste and Abuse
- Clinical Systems
- Supply Chain
- Denials Management
Healthcare Internal Audit Focus
Internal audit’s traditional focus on transactions and related financial business cycles has been sufficient for healthcare organizations in the volume-driven system in the past. That approach needs to be modified now that healthcare organizations are continuing to move from a reimbursement structure based on claims and production to a system of rewards based on value, including quality, safety, efficiency and appropriateness of care. Under value-based care, a provider can be financially penalized for failing to meet quality standards. Internal audit needs to evolve and consider expanding the use of data analytics as a tool in evaluating risks associated with a value-based healthcare environment.
Conclusion
A healthcare internal audit infrastructure based on the use of data analytics will support more efficient and effective coverage of traditional audit areas while allowing more time and resources to assess and address the new and emerging healthcare risk areas under value-based reimbursement. This approach will enable internal audit to generate and protect value within a healthcare organization.
Contact Us
For more information on this topic, please contact a member of Withum’s Healthcare Services Team.
