CMS Audit preparation aren’t something you can cram for at the last minute and expect good outcomes. If health plans aren’t continuously monitoring all CMS universes for compliance issues, not only can errors creep into regulatory compliance tables, it highlights how member care isn’t being positioned as a high priority.
Remember, CMS isn’t looking for perfection. They conduct these assessments to see if commitment to member care is embraced every single day. After all, CMS regulations exist for the members, not the health plans.
With that in mind, health plans should address the following questions before receiving a CMS Program Audit notice:
- Have you performed a risk assessment recently?
- Have you conducted your FWA and Code of Conduct training?
- Have you reviewed your Policies & Procedures to ensure there are in line with current CMS guidelines?
- Have you implemented the SNP-MOC changes?
- Have you implemented AIP Letters?
- Have you updated the Notice of Denial of Medicare Prescription Drug Coverage?
- Are you getting regular updates from your FDRs and reviewing them to confirm that they adhere to CMS requirements?
If you can answer Yes to these questions, you’re now in a position to execute CMS audit preparation game plan.
Create Audit Playbook
First, you should create an audit playbook. Using an audit playbook enables a plan to help auditors understand exactly how each of the automated processes functions and how decisions are made.
This plan should include a comprehensive rundown of how each activity maps to your internal plan policies and the appropriate compliance regulations. With enhanced visibility into compliance processes, and the ability to analyze and manage transactions at a detailed level, you can begin to create your audit playbook.
Audit Playbook Elements
The audit playbook is comprised of all methodologies related to pulling data into the reports required by auditors. It should include your current administrative policies and procedures related to important decision-making processes. This allows you and regulators to ensure that the right data is being compiled and used to determine compliance — something that may be surprisingly difficult to get right in some situations, especially when time-sensitive information is relayed through multiple checkpoints.
However, the ability to trace each data element through all the touchpoints is essential for demonstrating that a health plan is remaining compliant with relevant rules and regulations. Maintaining an organized, comprehensive playbook of these pathways, policies and decision trees can eliminate confusion, help identify necessary improvements, and ensure a smooth and successful audit. In essence, this effort will simplify your audit process.
Exercise Mock Audits
Key benefits for scheduling mock audits regularly:
- Gain continuous visibility into admin processes, member relations and clinical decisions
- Ensure CMS audit readiness, even at a moment’s notice
Audit Engagement and Universe Submission
How should health plans prepare for audit engagement and universe submission?
- Audit Engagement: This is the time to call out the internal and external troops, since health plans have to disclose any identified non-compliance issues to CMS within five business days of receiving an engagement letter
- Universe Submission: A health plan’s ability to produce clean universes is critical to CMS compliance since you get a mere 15 days and three attempts to get it right
(Note: If you’ve been creating and reviewing universes routinely, you’d be ahead of the game.)
Audit Field Work
What should health plans do during audit field work?
- CPE Audit: A CPE audit may be conducted onsite or through a webinar, where sample selections are collected about two weeks prior to the CPE entrance conference — and, for SNP-MOC, on the Thursday before the entrance conference — so health plans are advised to complete a tracer review for each audit
(Note: While this seems like extra work, keep in mind it can be simpler to perform tracer reviews when the particulars of an audit or monitoring are fresh, as opposed to going back months later and scrambling to put this together.)
- HPMS Memo: You can also be asked to do a tracer for an HPMS memo, so make sure to keep clear information concerning how you communicated these, including what the responses were and any documentation to support it
Audit Reporting
What should health plans do to prepare for audit reporting?
- Condition Classification and Audit Scoring: Even before getting the preliminary audit report, you should have a fair idea of the probable audit findings, so start working on those areas before you get the formal notification
- Draft Audit Report: A draft audit report will be prepared within 60 days of the Exit Interview and your plan’s response to the Draft Audit Report is to be provided within 10 business days
- Final Audit Report: Plan your response to the Corrective Action Request (CAR) with Corrective Action Plans (CAPs) within seven days of receiving the final audit report
Audit Validation and Closeout
How should health plans execute Audit Validation & Closeout?
The last phase of a CMS Program Audit involves CAP submission, and health plans will likely experience some back and forth until CMS accepts their CAPs. However, here are a few things that you should take care of during this process:
- Be mindful of the words used in the CAP Submission Report, as they should represent only what is indicated in the CAR to avoid inadvertently expanding the scope
- Include an implementation timeframe
- Document the effectiveness of the CAP by providing:
- Measures/timeframes
- Methodology used to identify the weak areas and resolutions (e.g., root cause, beneficiary impact, universes to review and show the positive trends)
- Electronic folders for each CAR to assist with validation, such as policies and procedures, reports, training decks, sign-in sheets, audit/monitoring results, communications, etc. to mitigate scope creep
- Perform audit validation within 180 calendar days of CAP acceptance
- Begin planning at the time of engagement notice
- Request extension, if necessary (e.g., for new system implementation)
- Create ongoing oversight activities for each condition
- Report any new conditions discovered during validation to the CMS
After successfully completing these activities, health plans need to practice lessons learned during the audit.
Post-audit Activity
If you approach CMS Program Audits with a desire to ensure operational health, these processes never really end. Yes, the actual audit may conclude and, if everything goes well, you may receive a few observations — and perhaps a CAR — but hopefully no ICARs. However, health plans need to continuously monitor its compliance activities.
This is where Inovaare can make your life simpler. Inovaare knows the world of Medicare, Medicaid and commercial health plans from decades of hands-on Audit & Monitoring department oversight. Our integrated Audit & Monitoring package helps you instill compliance within your culture and make it a way of life. Inovaare helps ensure your health plan sustains audit readiness at all times.audit preparation