Research and identify the compliance issues that have occurred or have been raised in your practice over the past year. (If no issues have arisen, identify a possiblecompliance issue that could occur in your own or another practice environment.) • Categorise these into broad groupings based on the type of issue, and indicate the severity, the frequency of each type of issue and the level of risk arising from these, and compare this data with performance indicators for compliance set by your practice (or for the industry or sector in general). • Gather feedback on the compliance issues you have identified. This feedback may come from talking to the practice owners, partners or other senior staff, along with other staff from your own practice or from similar practices. Review the feedback you have gathered and include appropriate details in your report.Ensure you include a visual representation (such as graphs, charts or tables) to compare the compliance breach issues with the performance indicators identified. • Provide at least two (2) recommendations to reduce the level, frequency or severity of the compliance breaches in the future.
Research and identify the compliance issues that have occurred or have been raised in your practice over the past year.
Incidents/complaints management:Access of doctor’s (practise’s) computer systems by 3 rd party representative, trying to install their own software, without Owner’s/Principal’s authorisation or knowledge.
Management of Patient Records –breach of Effectiveness of care: Due to staff shortage, patients records has not been scanned into patient’s computerised files on time, but have been sitting on receptionist desk for 2 weeks – patient’s, as well as doctors, did not had access to
XYZ practice’s Key performance indicators (KPIs) for a reception area, such as
- Number of incidents/breaches reported
- Severity of incidents/breaches reported
- Frequency of incidents/breaches reported
- Speed of progress in reducing compliance risk
are a high level measurable indicators of overall performance of the practice against possible compliance issue’s.
Analyses of report gathered from similar practises:
The basic principles that underpin any compliance system are identified in AS 3806-2006 as:
- Monitoring and measuring
- Continual improvement*
Ref. Study material p.61
The objective of a compliance program is to create a process for identifying and reducing risk and improving internal controls.
It is important within every practice to have a well-established compliance management system that is understood and implemented by all staff. Good monitoring system becomes a part of ongoing process of detecting any compliance breaches and checking issues reported against a performance indicators set up by a practice.
As per feedback given, every practice should set up its own resources to successfully monitor compliance issues/breaches arisen (internal audit), as every practice will have its own compliance culture and it is a responsibility of a management to develop it.
Monitoring involves a record keeping, auditing of records, and external checking.
Example: reviewing staff knowledge and understanding of policies and procedures.
Review of effectiveness of an already set up compliance system will include review of its effectiveness and monitor of a sources of information gathered.
Documenting processes in a correct manner prevents further breaches from occurring. Inclusion of such documents allow business to know that it has taken every required step.
Some further suggestions gathered from feedback were:
In an instance of potential non-compliance reported or suspected:
- Promptly halt the non-compliance and halt to the extent possible any ongoing harm caused by the suspected non-compliance/breach
- Fairly and thoroughly investigate possible breach, to determine the existence,scope and seriousness of the noncompliance, and identify the underlying conduct or process that caused the non-compliance.
- Respond with appropriate corrective action to confirmed non-compliance.
- Implement preventative measures to avoid similar instances of misconduct in the future.
Practises timely and thorough response to discovered impropriety may be the most accurate barometer of practices well set up compliance culture.
To reduce level, frequency or severity of the outcome of compliance breaches in the future it has been recommended:
- Immediate practice security policy review.
- A 3rd party providers access to premises policy to be added to a current security policy of the practice.
- A 3rd party providers access to premises policy is to be a part of the induction for all new staff members.
- Implementation of recommendations.
- Annual review of compliance policy.