Data analytics have recently been used as an innovative tool in the health care industry for many purposes, including internal auditing. Cutting-edge methods for identifying and managing risk are key in this complex, compliance-driven environment. By transforming and modeling health care data, analytics help streamline and significantly enhance the internal audit process.
Historically, data analytics in health care internal auditing were used for continuous monitoring and a more focused sample selection tool:
- For continuous auditing, procedures can be automated for integration into the internal audit process for key risk areas, providing global coverage of available data on an ongoing basis to increase effectiveness and efficiency.
- For sampling, analyzing an entire population for internal audit testing (instead of statistical sampling) enhances efficiency by analyzing more data on key risk areas, such as fictitious vendors, ghost employees, duplicate payments and other irregular activity.
A more recent trend is using health care data analytics for internal audit planning. Analytics can be part of the risk assessment process to help identify potential risk areas before interviews with key stakeholders.
Preparing a summary that highlights irregular activity patterns before the interviews can help the discussion. If there isn’t sufficient explanation for the patterns, the internal audit team should consider whether to include the respective areas in the annual internal audit plan.
Data analytics also can be used after the interviews, as additional support/validation of areas identified as vulnerable to risk.
Risk areas to analyze before interviews might include:
- Key processes, e.g., the revenue cycle, looking for trends or inconsistencies, such as:
- Delays in patient billing
- Claim denials
- Late charges
- Patient credit balances
- Compliance areas, such as:
- Payment card information
- 30-day readmissions
- One-day patient stays
- Financial and operational areas could include:
- Supply chain, such as vendor payments exceeding approval limits
- Payroll areas, such as excessive overtime
- Financial reporting, such as late journal entries
Data for these areas could be provided by month, department, financial class, physician or vendor, depending on the pattern the internal audit team chooses to analyze.
If trends indicate red flags in these areas, the data could be used in the questionnaire process to determine why certain patterns occurred and as additional support to include an area in the proposed internal audit plan.
Health care senior management, compliance and audit committees also could gain a better appreciation for data analytics tools. One method could be a dashboard approach summarizing identified patterns to support the final risk assessment and resulting annual internal audit plan. This may generate discussions on other ways analytics can aid the organization, as health care issues keep expanding in complexity.
Latest posts by Gary Moss (see all)
- Using Data Analytics for Health Care Risk Assessments - September 12, 2016