The U.S. Department of Justice (DOJ) released new updates to the Evaluation of Corporate Compliance Programs (ECCP) guidelines in September 2024. Prosecutors use this guidance to evaluate corporate compliance programs for potential criminal investigations. The new updates affect three key areas: risk assessment, confidential reporting, and data resources and access, including a section regarding artificial intelligence (AI).
Impact to Healthcare?
The ECCP is applicable to all corporations, including healthcare corporations. When the government is investigating potential False Claims Act (FCA) violations, it also will investigate the corporate compliance program to determine if proper measures were put in place to prevent violations and allow for confidential reporting. If the compliance program is implemented and there is proof of its effectiveness, this can be a negotiating aspect if there is evidence of an FCA violation. “Prosecutors may credit the quality and effectiveness of a risk-based compliance program that devotes appropriate attention and resources to high-risk transactions, even if it fails to prevent an infraction,” according to the ECCP.1
The update made to the risk assessment area is “first of its kind” guidance for AI in relation to compliance programs. This section guides prosecutors through questions to determine if the program is well designed. There are now AI-related questions included in this section. “How does the company assess the potential impact of new technologies, such as artificial intelligence (AI)?” and “How is the accountability over use of AI monitored and enforced?”1 are just two of the 10 questions in this AI-related section.
AI Is in Demand
Automation of many tasks in revenue cycle management is growing quickly and is already part of some electronic health record (EHR) vendor platforms. Healthcare organizations are eager to use the functionality to help reduce lengthy manual steps and payors also are wanting to use it for increased productivity. AKASA surveyed 450 chief financial officers at hospitals in health systems using the Healthcare Financial Management Associate (HFMA) Pulse Survey and 74% of healthcare organizations are already actively automating a portion of their revenue cycle management.2 It is imperative to understand the AI functionality that is being used to develop monitoring protocols to prove to the DOJ that the potential risk has a mitigation plan.
How Forvis Mazars Can Help
We are a full-service firm with knowledgeable professionals in healthcare compliance, revenue cycle management, and electronic health record vendors. AI regulations will continue to grow as usage increases. We can assist with implementing processes to help you comply with the new guidance for AI in corporate compliance and look over your current revenue cycle processes. If you have any questions or need assistance with your compliance program and revenue cycle, please reach out to a professional at Forvis Mazars.