Cyber-security, regulatory change, and risk management top the priorities list.
Five areas top priorities for 2021 healthcare audit and compliance, according to a new report from consulting firm KPMG.
These five priorities are cyber-security risk, regulatory change, harnessing enterprise risk management (ERM) to better anticipate risk, internal controls and finance transformation, and third-party risk.
Ransomware, SolarWinds Orion malware, and malicious targeting of COVID-19 research are behind the recent surge in cyber threats, KPMG said. New tools and techniques are emerging daily to thwart these attacks, which also target the increasing value of data in medical records.
KPMG recommends taking a holistic approach to data governance, examining the processes and protocols overseeing the integrity, protection, availability, and use of data.
Healthcare providers will need to increase their vigilance around compliance activities, due to a recent announcement by the U.S. Department of Health and Human Services of the False Claims Working Group, in conjunction with the U.S. Department of Justice and the U.S. Department of Health and Human Services, Office of the Inspector General, the KPMG report says. Price transparency reporting requirements that started January 1 have significant implications and present risk around data integrity and possible payer dislocation, the report said.
Other regulatory activities in play during 2021 include CARES Act compliance and government auditing, value-based care, Medicare Disproportionate Share Hospital adjustments, the 340B Drug Pricing Program, clinical research billing, and whatever potential changes may emerge from the Biden administration, KPMG said.
Enterprises should continue to harness ERM to better manage and anticipate risk. New tools and techniques, such as data and analytics, artificial intelligence, and sensory repositories, are required to permit stress-testing of risk assessments, scenario testing, and crisis protocols, KPMG says.
Organizations can best prepare for possible unexpected events by detecting risks as they emerge, before they fully materialize. Big data can lead to knowledge gains on emerging issues, the report said.
The shift to remote working and virtual financial reporting processes increase the risk of internal control breakdowns, so KPMG recommends leveraging robotics and cloud technology to automate manual activities.
With the major supply chain disruption caused by the pandemic, KPMG suggests clarifying roles and responsibilities to identify and assess each risk type.
Scott Mace is a contributing writer for HealthLeaders.