AUDIT OF HOSPITALS

SUBMITTED BY: SUBMITTED TO:

MIHIR SINGH DR. DEEPIKA GAUTAM
1120202174 ASSISTANT PROFESSOR,
MANAGEMENT
BBA LLB
HIMACHAL PRADESH
1st SEMESTER
NATIONAL LAW
UNIVERSITY, SHIMLA.
 ACKNOWLEDGEMENT

This project's progress and final result involved a lot of encouragement and support from
many people, and I am incredibly fortunate to have them during the completion of my
project. Everything I have done is solely because of such supervision and support, and I will
not fail to thank them.

I appreciate and thank Dr. Deepika Gautam for giving me the opportunity to do this
assignment and for providing us with all the support and encouragement that helped me to
duly complete the assignment. I am extremely grateful to her for giving such strong advice
and encouragement.
I am grateful and lucky enough to receive continuous motivation, support and guidance from
my teacher to help me achieve our project work successfully. Thank you for your
encouragement!

INDEX
SERIAL NO. CONTENT
1 Introduction
2 Risks
3 Internal Audit Process
4 Limitations
5 Conclusion

INTRODUCTION
What is Auditing?

Auditing is the on-site verification activity, like inspection or examination, of a process or

quality system, to confirm compliance to requirements. An audit can apply to a whole
organization or could be specific to a function, process, or production step. Some audits have
special administrative purposes, like auditing documents, risk, or performance, or following
abreast of completed corrective actions.

Types of Auditing:

ISO 19011:2018 defines an audit as a "systematic, independent and documented process for
obtaining audit evidence [records, statements of fact or other information which are relevant
and verifiable] and evaluating it objectively to see the extent to which the audit criteria [a set
of policies, procedures or requirements] are fulfilled."1 There are three main forms of audits:

Process audit: this kind of audit verifies that processes are working within established limits.
It assesses an operation or method against pre-established instructions or standards to
measure conformance to those standards and also the productiveness of the instructions. A
process audit may:

Check conformance to defined requirements like time, accuracy, temperature, pressure,

composition, responsiveness, amperage, and component mixture.

Examine the resources (equipment, materials, people) applied to rework the inputs into
outputs, the environment, the methods (procedures, instructions) followed, and also the
measures collected to work out process performance.

Check the adequacy and effectiveness of the method controls established by procedures,
work instructions, flowcharts, and training and process specifications.

Product audit: this kind of audit is an examination of a selected product or service, like
hardware, processed material, or software, to gauge whether it conforms to requirements (i.e.,
specifications, performance standards, and customer requirements).

1
https://www.iso.org
System audit: An audit conducted on a management system. It is often described as a
documented activity performed to verify, by examination and evaluation of objective
evidence, that applicable elements of the system are appropriate and effective and are
developed, documented, and implemented in accordance and in conjunction with specified
requirements.

A quality management system audit evaluates an existing quality management program to

work out its conformance to company policies, contract commitments, and regulatory
requirements.

Similarly, an environmental system audit examines an environmental management system, a

food safety system audit examines a food safety management system, and a security system
audit examines the protection management system.

Medical Auditing

Medical auditing is a distinct style of audit utilized by health care providers. Its method
consists of the analysis of retrospective data obtained from records.2 Quality assessments by a
planned collection of information are not audits but should be called prospective quality
studies.

In an audit, assessment is completed on recorded data originating from the complete patient
population or a sub-population made of those belonging to an outlined category. However,
the entire exercise still starts with studying the standard achieved in individual cases. It may
be defined as below:

‘Medical audit could be a systematic, critical appraisal and quantified comparison against
explicit standards, of the standard of current practice, including the procedures used for
diagnosis and treatment, the utilization of resources, and also the resulting outcome and
quality of life for the patient so as to enhance the standard of care to patients.’3

2
https://drdollah.com
3
Department of Health (1989) Working for patients, Working paper 6, command 555, London: HMSO.
 RISKS

As the day-to-day operations of today’s hospitals and health care organizations became more
intricate, so have the character of the risks they face. With the myriad of functions that have
got to achieve success accomplished to be successful, risks to organizations will be diverse,
starting from financial and operational to a growing amount of regulatory compliance
concerns. Here are some relevant inquiries to help identify risks within a health care
organization.4

Charge Description Master: is that the hospital reviewing this area on a daily basis to create
sure they capture charges correctly? Is there one who helps coordinate and makes sure that
this can be occurring? Coding and charge information can change frequently and if a
procedure is recorded incorrectly, a hospital might not receive the proper reimbursement
amount.

One-day stays: What are the factors for admissions? How are the standards applied for
medical observation? Is the billing corrected if the factors don't seem to be met? How are
physicians and hospital staff educated?

Managing cash activities: How is cash accounted for? How are receipts given out? What
kinds of receipts are utilized? How is this information recorded into a patient’s account?
could be a lockbox accustomed to hold onto cash until deposited to a central location? How
often is cash collected and deposited? What controls are in situ for cash handling and who
handles the cash?

Laboratory: Is the laboratory in compliance with OIG guidelines? Do reference forms

contain all needed diagnostic information? Is there a maximum limit for standing orders?
How does the laboratory charge?

4
https://docplayer.net
If the health system doesn't currently have an audit function, then hospital management and
also the Board must decide whether to just accept all the danger identified without a call to
action or to usher in outside help to perform the interior audit work and/or develop an
enclosed audit department.

INTERNAL AUDIT PROCESS

An internal audit is an independent appraisal to supply assurance to the organization that its
financial and operational controls are sufficient. This procedure compares organizational
policies and procedures in reference to required compliance demands.
Auditors aren't accountable for executing organizational activities; however, they advise
management and also the board of directors on a way to more efficiently execute their
operations.

Based on a risk assessment of the organization, internal auditors, management, and oversight
boards establish and agree upon an annual audit plan. Typically, this plan will provide a
short overview of the entities to be reviewed and therefore the timeframe for the audit to be
performed. Before the audit commences, organization management develops and reviews the
scope and objectives of the audit.5

The internal audit will then proceed into fieldwork, which incorporates interviews with
appropriate management and testing, counting on the particular scope of the audit. The audit
evaluates the controls the organization has in place and taking current risks and compliance
demands into consideration — determines if new processes or controls are needed. Upon
completion, a report of the audit findings is ready and shared with the organization where
corrective actions are collaboratively developed. After a finalized report is ready and
approved by management, it's presented to the organization’s audit committee.

Internal audit goals

Every area of your operations will be reviewed as part of an enclosed audit, including some
facets which will not appear to be exposed to risk. Internal audit objectives associated
with the previously outlined risk areas include:6

5
https://theartofservice.com
6
https://core.ac.uk
Charge Description Master: the aim of this review is to gauge processes and controls over
the accuracy, completeness and timeliness of capturing, recording and reconciling patient
charges; and to gauge system access controls.

Pharmacy: the aim of this review is to gauge areas like purchasing and receiving, contract
administration, internal control, drug distribution, charge capture, controlled substances,
security, compliance, employee prescription purchases, information systems
and outpatient pharmacy operations.

One-day stays: the aim of this review is to assess the effectiveness of the interior controls as
they relate to medical reasonableness of inpatient admissions, also because the ability to
detect admissions that don't meet inpatient criteria to accommodates CMS regulations and
OIG guidelines.

Managing cash activities: the aim of the review is to work out whether the inner controls are
adequate for areas that handle cash directly. This includes, but isn't limited to, all patient
cashiering areas, all monetary fund funds, cafeteria cashiering and vending machines.

Laboratory: the aim of this review is to gauge the adequacy of the system of internal
controls for the laboratory department; determine whether the systems of controls are
functioning as intended; to confirm compliance with applicable policies and procedures.

There are a spread of strategies for executing an inside audit. RSM’s methodology could be
a four-step process (see image below), taking a holistic examine the organization and its
processes. These steps are risk assessment (as discussed earlier), annual internal audit plan
development, programme development and execution, and findings and suggestions.

LIMITATIONS

Like any management tool, operational audits must be understood and used properly for
satisfactory results. Furthermore, they need the full backing of top management. Three of
their principal constraints include time, knowledge and cost.

Time is a limitation because managers must be advised about the state of affairs in their areas
of responsibility promptly enough that they can act effectively. Therefore, audits must be
performed regularly and often enough so the problems can be caught before they become big
or entrenched. On the other hand, audit engagements must not disrupt either productivity or
morale. If they are to be performed with regularity, timeliness, and convenience, operations
audits cannot be lengthy, drawn-out affairs.
Knowledge is a constraint because no one is an expert in all business fields, nor can a
company afford to have on its staff a specialist on every aspect of the business that is to be
audited. Necessarily, then, operational audits must be performed by individuals who are
trained more fully in auditing than in what is being audited. Among other things, that means
that operations audits cannot be used as a vacuum cleaner to clean up every problem;
realistically, they can be used only to search for major deficiencies and opportunities for
improvement. The operations auditor will not turn away from the small problems and
opportunities, but discovering them will be a by-product. In any event, the auditor will detail
and seek to prove only the deficiencies and opportunities for improvement that are significant
in terms of dollars or effectiveness. Together, time and knowledge as constraints produce the
third limitation of Cost. When the cost of a single operations audit rises above, say Rs.
100,000 or Rs. 200,000, it is likely that a good deal more than the discovery and delineation
of problems or opportunities for improvement has been undertaken. As a result, auditors are
often thrust into the manager's or specialist's province and, despite the greatest precautions,
hostility is often stimulated. Going beyond the above factors, the most important problem of
operations auditing is that it might negatively affect a manager's morale, which could
adversely affect the productivity of his area of responsibility and accountability. Utmost tact
and diplomacy are required on the part of the auditor, or the operations audit will cause
dysfunctional effects on those reviewed. Overall, an audit that examines the effectiveness and
efficiency, of operations is entering a sensitive area and must be handled with a keen
awareness of the human relations aspects by both the auditor and senior management. Thus,
"the people problem" emerges as the most critical factor in undertaking an operations audit.
In addition to making the business more efficient and profitable in the long run, an
operational audit almost always provides a company with some new, fresh perspectives. It
makes executives aware of problems that might not have been found otherwise and lets them
evaluate risks for the future. Managers also can use results to motivate employees, as the
company always has something to work towards, at the end of the process. Reviewing
operational processes can be very time-consuming and costly. When employees and
managers are working with the auditor, they can't do other activities that might benefit the
business, so projects or production might slow temporarily. Sometimes, the changes that a
business makes are hard for workers to get used to, which can increase conflicts or confusion.

CONCLUSION

The current business atmosphere among health care organizations is very complex and
competitive. There are pervasive risks in all facets of your operations and an increasing
number of regulatory requirements that your organization must comply with. As management
sets objectives and identifies processes, a successful risk assessment and internal audit can
help to locate high-risk areas within your operations as well as potential opportunities. This
process will allow your organization to more efficiently determine where resources should be
allocated.

Operational Audit assesses the existing business model, in -terms of its operations and
primary market. Auditor analyses the current state from the health of the existing
configuration, compliance to objectives, and assess whether the operations meets current
business objective statements. As a result of an assessment, there is formulation of a
recommended plan of action to ensure that the operations are positively affected to give better
profitability. In certain cases, the efficacy and effectiveness of the organization maybe
hampered due to existing com-petition and market conditions. For negating outside
influences like these and to be in a position to be able to give worthwhile suggestions a
market survey is also carried forward.

Operational Audit assesses the

existing business model, in -terms of
its opera-
tions and primary market. Auditor
analyzes the current state from the
health of
the existing configuration,
compliance to objectives, and assess
whether the oper-
ations meets current business
objective statements. As a result of
an assessment,
there is formulation of a
recommended plan of action to
ensure that the opera-
tions are positively affected to give
better profitability. In certain cases
the effi-
cacy and effectiveness of the
organization maybe hampered due
to existing com-
petition and market conditions. For
negating outside influences like
these and to
be in a position to be able to give
worthwhile suggestions a market
survey is also
carried forward
Operational Audit assesses the
existing business model, in -terms of
its opera-
tions and primary market. Auditor
analyzes the current state from the
health of
the existing configuration,
compliance to objectives, and assess
whether the oper-
ations meets current business
objective statements. As a result of
an assessment,
there is formulation of a
recommended plan of action to
ensure that the opera-
tions are positively affected to give
better profitability. In certain cases
the effi-
cacy and effectiveness of the
organization maybe hampered due
to existing com-
petition and market conditions. For
negating outside influences like
these and to
be in a position to be able to give
worthwhile suggestions a market
survey is also
carried forward