We use cookies to improve your experience and optimize user-friendliness. Read our cookie policy for more information on the cookies we use and how to delete or block them. To continue browsing our site, please click accept.

Healthcare Risk Assessment and Internal Audit Considerations

Groundbreaking changes in the healthcare industry have increased the scope and complexity of a healthcare organization’s risks.  Healthcare risk areas appear to be around every corner, from legislation and regulatory developments to operational and financial concerns. It is becoming more imperative that an organization go through a robust comprehensive enterprise-wide risk assessment that goes beyond traditional boundaries and reaches more clinical, operational and strategic areas.  The results of the risk assessment will be the basis of internal audit plan areas reflecting the priority of risks for a healthcare organization.

2017 Top Healthcare Risk Areas

Chief Audit Executives and Internal Audit Leaders performed by Protiviti partnering with the Association of Healthcare Internal Auditors (AHIA), the following were the top healthcare audit plan areas for 2017:

  • Information System Controls
  • Billing and Collections
  • Accounting/Finance
  • Information Security/Cybersecurity Program Effectiveness
  • Charge Capture
  • Electronic Health Records
  • Compliance and Regulatory Monitoring
  • Ancillary Services
  • Accounts Payable
  • Data Information Governance
  • HIPAA Compliance
  • Fraud, Waste and Abuse
  • Clinical Systems
  • Supply Chain
  • Denials Management

Internal Audit Focus

Internal audit’s traditional focus on transactions and related financial business cycles has been sufficient for healthcare organizations in the volume-driven system in the past. That approach needs to be modified now that healthcare organizations are continuing to move from a reimbursement structure based on claims and production to a system of rewards based on value, including quality, safety, efficiency and appropriateness of care. Under value-based care, a provider can be financially penalized for failing to meet quality standards. Internal audit needs to evolve and consider expanding the use of data analytics as a tool in evaluating risks associated with a value-based healthcare environment.

Conclusion

An internal audit infrastructure based on the use of data analytics will support more efficient and effective coverage of traditional audit areas while allowing more time and resources to assess and address the new and emerging healthcare risk areas under value-based reimbursement. This approach will enable internal audit to generate and protect value within a healthcare organization.

For questions or more information, contact a member of our Healthcare Services team by filling out the form below.

 

How Can We Help?

Previous Post
Next Post
Article Sidebar Logo Stay Informed with Withum Subscribe
X

Get news updates and event information from Withum

Subscribe