July 26, 2024
By: Sean Weiss
The Role of the Auditor
The National Alliance of Medical Auditing Specialists (NAMAS) asked if I had any interest in writing something for their blog, and of course, I take any opportunity I get to talk or write about compliance. In this blog, I thought, “since I am writing for an auditing organization, why not write about the role of an auditor?”. When I think about the role of an auditor in healthcare organizations, I quickly think about the fact the role is multifaceted and one of the most crucial for ensuring compliance, efficiency, and financial integrity. I cut my teeth in this industry 30 years ago as a coder and, throughout the years, matriculated to the role of an auditor, administrator, compliance officer, and other roles of significance within some of the largest healthcare organizations in the world. However, auditing outside of compliance is still one of the areas of my job I enjoy the most. Each day, I get to work with and learn from some of the best and brightest in the industry, and it never ceases to amaze me just how varied interpretations can be on things that you might not think would be so controversial.
There is so much ambiguity and subjectivity with what we do based on the fact that the governing authorities (HHS/OGI/DOJ/CMS) write in all sorts of lovely shades of grey! Beyond that, the reliance on sub-regulatory guidance documents (e.g., Local Coverage Determinations (LCDs) and Local Coverage Articles (LCAs), which are just that… guidelines/best practices, if you will, raises the probability that differing opinions will exist!
Below are my thoughts on the roles and responsibilities of an auditor:
- Compliance Auditing: Organizations must comply with numerous regulations and standards, such as those set by government agencies like the Centers for Medicare & Medicaid Services (CMS), Office of Inspector General (OIG), Department of Justice (DOJ), or the Office of Civil Rights for the Health Insurance Portability and Accountability Act (HIPAA). Auditors assess whether the organization complies with these requirements and identify areas for improvement and minimizing risk(s) for non-compliance.
- Operational Auditing: Auditors evaluate the efficiency and effectiveness of operational processes within healthcare organizations. This includes assessing workflow efficiency, resource utilization, and the effectiveness of internal controls to mitigate risks.
- Risk Assessment: Auditors identify potential risks and vulnerabilities within their organizations that impact financial stability, patient safety, and/or regulatory compliance. Auditors play a key role in developing strategies to mitigate risks and strengthen internal controls. This can be done through GAP Analysis and the creation of Corrective Action Plans (CAPs).
- Fraud Detection and Prevention: Auditors play a crucial role in detecting and preventing fraud, waste, and abuse within their organizations. Auditors investigate suspicious activities, analyze patterns of fraudulent behavior, and implement controls to prevent future occurrences.
- Quality Assurance: Clinical Auditors assess the quality of patient care by reviewing clinical documentation, treatment protocols, and adherence to best practices. These healthcare professionals identify areas for quality improvement and provide recommendations for enhancing patient outcomes.
- Financial Auditing: Auditors examine financial records (Look into attaining the CFE Certification), statements, and transactions to ensure accuracy, compliance with “GAAP” standards, and adherence to regulatory requirements. Auditors identify discrepancies, errors, or irregularities that may indicate fraud, embezzlement, or financial mismanagement (Fiduciary Responsibilities).
- Information Systems Auditing: IT or HIMS Auditors play a critical role with the increasing reliance on digital systems and electronic health records (EHRs). Auditors evaluate the security, integrity, and confidentiality of electronic data systems. These professionals assess compliance with cybersecurity standards and regulatory requirements to safeguard patient information.
- Education and Training: Auditors play a critical role in staff education and training in compliance, best practices, and internal controls. This ensures employees understand their roles and responsibilities in maintaining regulatory compliance and financial integrity.
Auditors are vital in promoting transparency, accountability, and trust within organizations. By conducting thorough audits and providing actionable recommendations, auditors help safeguard the financial health, regulatory compliance, and quality of care provided to patients. Beyond that, they can and do play crucial roles in litigation (prosecution and defense). There is no doubt that as the regulatory landscape becomes more complex, auditors will continue to play vital roles within their organization(s).