The audit scope included MDC program activities over the 12 month period from September 1, 2017 to August 31, 2018. Specifically, the audit included:
- MDC provider registration applications received during that time period;
- Authorization of and payments for MDC services rendered during that time period; and
- An analysis of POC 12 transactions to identify trends, unregistered clinics, and duplicate payments during that time period.
Objective | Criteria |
---|---|
1. To determine whether the controls for the registration of multi-disciplinary clinics (MDCs) / providers are effective. | A. Employees have access to appropriate and sufficient tools (e.g. industry best practices, work methodologies and operating procedures) to discharge their responsibilities for registration decisions (approvals/denials). B. MDC provider registration form/process is adhered to. C. Provider registration decisions are processed in a timely manner. |
2. To determine whether the controls for multi-disciplinary clinics in the authorization, monitoring and payment of services exist and are effective. | A. Authority is formally delegated and delegated authority is aligned with individuals’ responsibilities. B. Authorization process is adequate and appropriately adhered to by VAC employees. C. Authorization process is adequate and appropriately adhered to by the third party contractor. D. Controls are in place to ensure accuracy of transaction coding and processing. E. MDC status reports are submitted to VAC, provide sufficient information, and are correctly coded for billing (Assessment reports, Progress reports, End of treatment report.) |
* The audit team confirmed that all of the above criteria were met unless otherwise stated in this audit report.
Methodology
The audit findings and conclusions contained in this report are based on sufficient and appropriate audit evidence gathered in accordance with procedures that meet the Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing as supported by the results of the quality assurance and improvement program. The opinions expressed in this report are based on conditions as they existed at the time of the audit and apply only to the entity examined.
Methodology | Purpose |
---|---|
Interviews | Interviews were conducted with stakeholders involved in the processing of treatment benefits. VAC field staff were interviewed (11) to gain an understanding of the authorization process for MDC treatments. Third party processing staff were also interviewed in regards to the provider registration, claims processing and government business audit processes. VAC senior management and program management were interviewed to discuss governance, controls and challenges related to the registration of MDC’s and the authorization and payment of services by MDCs. Audit team also interviewed VAC Finance staff to gain an understanding of the post payment verification processes for MDCs and duplicate payments. |
Direct Observation | Direct observation was conducted for each of the primary steps of the MDC process. VAC staff (3) at a field office were observed using the electronic client management system and processes to create an Authorization for MDC services. FHCPS contractor staff (2) were observed creating the electronic approval and notification process informing the service provider of the specific services approved. The final step was observed at the third party processing site where the audit team observed the matching of the submitted claim to the authorized treatment and the release of payment. |
Documentation Review | Documentation was reviewed to determine the governance of MDCs and whether VAC employees have access to the appropriate tools and training (guidance, methodologies, and procedures) for assessing MDC applications, authorization, monitoring, and payments to MDCs. Documentation was compiled, reviewed, and analysed for the provider registration process for MDC’s. The audit team assessed the decision tools used for provider registration. Delegated authority instruments and authority levels/limits were reviewed to determine alignment with individual’s responsibilities and if departmental delegation authorization processes are adhered to. |
File Review | Three distinct file reviews were conducted: The population of MDC provider registration applications processed during the audit scope period (25) was reviewed to assess whether processes were adhered to and whether decisions were made in a timely manner. The population of unprocessed registration applications outstanding as of the date of audit field work (55) was reviewed to assess timeliness and to determine the reasons for any delays. A sample of authorized MDC services (48) was reviewed to determine whether controls were effective over the authorization, monitoring, and payment of services. |
Data Analysis | Audit team conducted various analyses on POC 5 and POC 12 data to determine whether there were any duplicate payments. Audit team conducted various analyses on the POC 5 data of transactions to identify any unusual patterns or trends. |