Compliance is a “moving target” that keeps shifting and changing depending on the notable activities in the industry as well as new enforcement priorities within regulatory bodies. Auditors also customize their inspection to allow the accommodation of any new regulations. As you plan and refine your compliance program heading into the new year, consider our 2018 Compliance Checklist:
1. Document all Compliance Aspects - The core of any compliance program is a proper set of documentation. Policies and Procedures form the foundation of any compliance program. Documentation not only helps a company in safeguarding themselves in the event of a legal or regulatory risk, they also serve as great training material and greatly help with audits.
2. Maintain Document Controls - A well-defined process for document management is as important as the documentation itself. You should define how you plan to review your documents, update and track changes, and distribute the changes to your employees. You should always ensure that that everyone is only referring to the latest drafts of the documents.
3. Inspect and Test - A robust compliance program should also have a process for inspection and testing to test if all the employees are complying with the policies and processes. For this, you should consider using an independent auditor. Hiring an external company or a group who audits your company before your clients do provides you an objective baseline.
4. Remediate your Audit Findings - Define a process and assign individuals responsible for ensuring that proper actions are taken on non-conformances to policies and processes. Diligently track the audit findings until corrective actions are taken and the findings are closed.
5. Incorporate Vendor Oversight – Vendors are an extension of your staff and are an integral part of the business. Many vendors also have access to your data or facility. In order to protect consumer information and client data, you need to ensure you are working with reputable vendors. Auditing your vendors is also as important as auditing your internal processes. Make sure to conduct due diligence covering their licensing, data security, and practices.
6. Ensure Staff Training & Testing – What is the use of policies and procedures if the staff is not trained on them? The best way to ensure and demonstrate that your staff understands your policies, procedures, client requirements, and regulations, is to train and test them. Testing also helps in identifying gaps in training that help reduce potential risks to the company.
7. Never Discount the Significance of Disaster Preparation – Nearly 40% of small businesses close after a disaster, according to the Federal Emergency Management Agency and only 25% of businesses that close due to a major disaster ever reopen. Disaster preparedness is a unique part of a compliance program that many businesses fail to include. Make sure you have a disaster recovery and business continuity plan that it is actionable, tested, and properly updated.
8. Have a Good Overall CMS System – Document management and compliance activity tracking can be time-consuming and complex processes with significant implications. Consider leveraging technology to help enforce your standards and automate manual tracking to reduce errors.
Follow this checklist and your Compliance Program will be in tip-top shape moving into 2018.
Considering a technology platform to support your CMS? Check out Provana’s Integrated Performance Audit & Compliance Software (IPACS.)