With healthcare’s shift toward digitization and customer centricity, business and operations risks are also evolving, requiring a rethinking of risk management and controls. As organizations look to transform their operations, they need to be vigilant in anticipating and managing their risks in compliance, operations, finance and technology. Amid these daunting challenges, however, lies opportunity. With the right approach, coordination and tools, providers can mitigate these risks and emerge stronger to deliver better value to their many stakeholders.
With proper coordination across operations, compliance and internal audit, and armed with technology and data insights, providers can mitigate these risks and position themselves for growth and resilience. Here are some of the top risks facing providers and potential mitigating actions as outlined in our latest provider risk report.
Recruiting and retention: Implement retention tactics, including expanded remote and flexible-work options, career training, education and diversity, equity and inclusion (DE&I) initiatives. Conduct audits/analytics around the employee life cycle.
Patient safety and quality of care: Upgrade patient safety systems to track near misses and adverse events, creating standardized workflows, developing checklists and capturing actionable data based on safety trends.
Cybersecurity: Perform continuous monitoring of cyber exposure for additional review and testing. Track regulatory changes to ensure compliance and leverage external insights on new threats.
Margin pressure and cost management: Implement controls against duplicate vendor payments. Invest in or optimize enterprise resource planning (ERP) solutions and data analytics. Pay increased attention to charge capture, clinical documentation completeness, denial management and payroll overpayments.
New entrants and business transformation: Inventory new entrant technologies, partnerships and contractual relationships to mitigate risk through business continuity/resilience planning. Establish innovation arms to develop apps and platforms, subject to testing and review for contractual compliance. Require more due diligence, compliance reviews and auditing of compensation and contractual arrangements to mitigate Stark law, anti-kickback and false claims violations.
Sustainability and ESG: Develop a governance structure and internal controls over sustainability programs, metrics and reporting.
Digital transformation and automation: Take an enterprise-wide approach to data governance, discovery, protection and minimization. Optimize IT infrastructure to support continued digitization across the patient population and the move to a remote or hybrid workforce. The technology platforms, applications and tools your company uses should undergo the same level of scrutiny and testing applied to network devices and users.
Fraud, waste and abuse: Strengthen review and monitoring to flag overpayments, denials, write-offs, claims, contractual breaches and scams. Improve monitoring of regulation updates to implement an effective regulatory change management process.
Pharmacy: Deploy third-party analytical tools, including split-billing software and technologies, to help pharmacy departments adopt a data-driven approach to managing inventory and 340B program compliance risks better. Complement those tools with increased monitoring and auditing.
Trust and customer engagement: Take steps to improve patient access to care. Establish patient advisory boards to gather insights on patient needs and preferences. Prioritize diversity in workforce and leadership and invest in serving underserved communities. Assess and optimize patient-satisfaction monitoring processes.
For more in-depth information, read PwC’s latest provider risk report.