Corporate Compliance vs. QAPI/QA

Property & Casualty, Risk, Senior Living & Social Services

A formal corporate compliance and ethics program is required in Medicare-certified nursing homes, but strongly recommended in all care settings. Many managed care organizations and other funding sources also require a corporate compliance and ethics program for any care settings in which their members reside. In addition, insurance carriers placing directors and officers (D&O) liability insurance may require a corporate compliance and ethics program in order for a provider to obtain fraud and abuse coverage.

How are Corporate Compliance and QAPI/QA different, and how do they relate with one another?

The purpose of a corporate compliance and ethics program is to use internal controls (i.e. an organization’s policies and procedures) to efficiently monitor adherence to applicable statutes, regulations, and program requirements. An organization’s Quality Assurance/Quality Assurance Performance Improvement (QAPI/QA) program is another vastly important component of operation to oversee the quality of services provided, so it can be challenging to see the functional difference between the two programs.

Disclosure: Please be advised this resource and the recommendations outlined below are not intended as legal advice and should not be used as or relied upon as legal advice. It is for general informational purposes only.

Corporate Compliance and QAPI/QA: How They Relate

  • Corporate Compliance and Quality Assurance Performance Improvement (QAPI)/QA serve different roles in an organization, but must communicate and collaborate
  • If the Corporate Compliance Committee identifies an issue through auditing or receiving a complaint and the area of concern is under QAPI/QA oversight, the Corporate Compliance Committee could assign the QAPI/QA Committee to investigate and implement a PIP if necessary. The QAPI/QA Committee would report back to the Corporate Compliance Committee
  • If the QAPI/QA Committee identifies an issue in the realm of Corporate Compliance, this should be escalated to the Corporate Compliance Committee to investigate
  • The Corporate Compliance and QAPI/QA Committees must delineate roles in order to avoid duplicity
  • The privilege of QAPI/QA may be compromised if combined with compliance

Functions of QAPI/QA:

  • Systematic, comprehensive, and data-driven approach to maintaining and improving safety and quality
  • Assuring that care is maintained at acceptable levels in relation to standards
  • Continuously improving processes involved in care delivery and quality of life
  • Implements action/solutions to a particular problem
  • Areas of focus:
    • Clinical outcomes
    • Customer satisfaction
    • Employee retention
    • Staff workflow efficiency

Functions of Corporate Compliance:

  • Use of internal controls (organizational policies and procedures) to adhere to statutes, regulations, and program requirements at an organizational level
  • Preventing and detecting criminal, civil, and administrative violations
  • Conducts audits and investigations
  • Reviews QAPI/QA outcomes and continued functioning
  • Areas of focus:
    • Policy and procedure management
    • Standards of conduct
    • Financial fraud, waste, and abuse
    • Resident/Client rights
    • HIPAA
    • Adherence to law

Both committees should recognize what concerns may warrant escalation to leadership, including the CEO and/or Board of Directors.

Identified concerns that may warrant escalation to the CEO and Board of Directors:

  • Financial concerns regarding fraud and abuse, such as claims development and submission processes, and financial arrangements with physicians and other outside parties
  • HIPAA breaches
  • Lawsuits involving the organization
  • Allegations of abuse, neglect, misappropriation, exploitation
  • Citations from regulators involving substandard quality of care, actual harm, fines, or denial of payment

Significant personnel concerns, such as employees working with expired, suspended, or revoked license/certifications, performance based terminations, known complaints made to outside entities (DQA, OSHA, DOL), employees found on OIG exclusion list, employees convicted of a crime, and harassment/workplace violence incidents.

Disclosure: Please be advised this resource is not intended as legal advice, and should not be used as or relied upon as legal advice. It is for general information purposes only.

Back to Insight Center