Case Study

A Leading Home Healthcare Provider Fortifies Audit and Compliance While Maintaining Utmost Security of Confidential Information

The Client: A Leading Home Healthcare Provider



With innovation as its forte, the company is constantly raising the bar of quality care and coordination through state-of-the-art technology and programs. It offers a variety of home and hospice healthcare service such as nursing, physical therapy and counseling.

Paramount importance is given to maintaining the highest standards of quality and process compliance. But operating in today’s regulatory environment is nothing short of complex. Healthcare providers are under constant pressure to meet a plethora of compliance regulations while caring for patients, improving profitability, reducing costs and rising above the competition. The recent healthcare overhaul has only complicated matters further by introducing newer, more stringent regulations.

The introduction of Recovery Audit Contractors (RAC) and its permanent status have added to the regulatory complexity for healthcare providers in the United States.

In response, healthcare providers have begun redefining their business strategy. Corporate governance has occupied center stage, and risk and compliance management have become key priorities.

Medicare Recovery Audit Contractor (RAC) - The Centers for Medicare and Medicaid Services (CMS) started the RAC project to detect and correct improper payments in the Medicare Fee-for-Service program. CMS hired Recovery Audit Contractors (RACs) who review, audit and identify improper Medicare payments.

Congress made RAC permanent across the United States from January 1, 2010. All healthcare providers that bill Medicare under its Fee-for-Service program require RAC Audits. They include hospitals, physician practices, nursing homes, home health agencies, hospice agencies and durable medical equipment suppliers.


The company needed to create a central system with a scalable governance, risk and compliance (GRC) platform architecture for managing its regulatory compliance, ensuring the integrity of patient information and preparing itself for RAC audits. MetricStream was selected as the solution provider based on its track record as well as its functional and technical capabilities to meet the company’s specific requirements.

MetricStream delivered a highly sophisticated and integrated GRC solution to the company, encompassing audit integrity, RAC audit management, issue management, and compliance management. The solution is a comprehensive, Web-based application deployed on MetricStream GRC Platform, and provides a common framework, automated workflows and an integrated approach to manage all compliance and audit requirements in the organization.

MetricStream’s platform supports the company’s organizational model across all business divisions, units and departments, as well as their mapping to different roles and reporting relationships. The portal views are based on the user’s profile and organizational mapping. Users have a role-based portal access with options required for initiating actions, scheduling tasks and viewing reports and dashboards limited to their roles.

RAC audit management: MetricStream Solution helps the audit managers track and monitor improper payments and insurance claims denied earlier. It also enables them to identify trends that can avoid future improper payments, and to develop an internal process that streamlines the response to RAC audit requests.

MetricStream’s comprehensive solution automates, streamlines and integrates the company’s preparation for RAC audits. It has also introduced a proactive approach. The solution includes systematic workflows that help the audit team complete record requests, submit them on time, send determinations and appeals, and manage all aspects of RAC audit requirements on a single centralized platform.

Built-in status tracking and reporting, integrated document management, remediation action workflows and auto generation of letters allow the company to implement industry best practices for regular self-assessments and internal audits.

In case of a complex review, the solution allows different stakeholders to collaborate and create, compile and review claim data. Built-in workflows enable the automatic routing of information to various stakeholders such as the Revenue Recovery department and the Appeals Coordinator. The entire appeals process is simplified by automating the task of preparing, reviewing, approving and finalizing appeals. Complex reviews usually involve several iterations which MetricStream Solution manages seamlessly for the company.

When an automated review is required, MetricStream Solution helps the audit team manage the different steps of creating, compiling and reviewing claims, collaborating with different stakeholders and managing appeals in a smooth and efficient manner.

The reporting capabilities of the solution provide trends and graphical charts based on a wide range of variables including the service that is being audited, the physician associated with the service and diagnosis codes.

Audit integrity: MetricStream Audit integrity Module helps the company’s audit team audit the vast amount of patient-related information entered on patient charts. Multiple stakeholders are involved in completing the audit: Audit Plan Owner, Audit Plan Approver, Patient Chart Auditor, Patient Chart Audit Reviewer, and Operational Reviewer.

The elaborate workflow built within the solution allows all these stakeholders to collaborate for the creation, review and approval of the audit plan. It also enables them to initiate patient chart audits, and perform, approve and close the patient audits.

Initiating, reviewing and approving patient billing adjustments is automated, and audits are performed to ensure the accuracy of these adjustments.

MetricStream Audit Integrity Module, along with RAC Audits Management Module, is integrated with the Issue Management Module for flawless tracking of incidents and fool-proof efficiency of audit integrity.

Issue management: MetricStream Issue Management Module enables the company to identify and resolve documentation discrepancies, gaps, coding errors and other issues that might result in a RAC audit failure as well as non-compliance with applicable regulations. These issues are form-based and action owners are assigned for particular issues related to audits and regulatory compliance. Each audit at the company includes findings, recommendations, actions and issue owners.

The system assigns a unique ID to each issue, making it easy to track the issues from one stage to the next. Issues are categorized based on predefined criteria with detailed information on each.

Automatic alerts and notifications are sent to the appropriate personnel for remedial action. Failure investigations are also conducted to determine the root cause of the issue. The investigation is conducted using collaborative workflows, with each investigative task assigned to an appropriate individual. Once a corrective action is initiated, the case closes only after the action plan is carried out.

Compliance management: MetricStream Solution captures and compiles requirements and regulatory information about industry-specific controls, industry guidance, international and country-specific governance, laws and regulations - all on a central platform.

Compliance managers at the company can access an exhaustive compliance library within the application, identify relevant regulations, document specific requirements for the organization, and define a monitoring process to comply with requirements.

MetricStream Solution provides a common framework and an integrated approach to manage all compliance requirements faced by the company, including HIPAA/HITECH. Leveraging the solution, the company can define and maintain a centralized structure of the overall compliance and control hierarchy including processes and assets in scope, risks for the processes and assets, controls to address the risks and mechanisms to assess the controls.

Why the Company Selected MetricStream?

MetricStream offers a broad set of solutions on a Web-based platform with capabilities to address all GRC and quality process within the company. MetricStream’s solution provides a unified approach and an integrated solution to meet overall objectives, as well as regulatory and compliance requirements.

MetricStream Solution is built and deployed on MetricStream GRC Platform, a robust and scalable infrastructure that contains powerful capabilities such as automated workflows, configurable forms, collaboration, real-time exception tracking, email alerts and notifications, integration, reports, executive dashboards, business intelligence, analytics, and secure access control.

MetricStream has deep domain experience in healthcare, as well as an in-depth understanding of issues related to information security and prevention of fraud and abuse.


Tracking of confidential patient information: With the wide-spread reach of the company and the enormous number of patients being served every day, the company found it challenging to track the confidential information of each patient, without compromising its security. Each patient’s personal information, illness details, medical records, billing information, number of visits and payment details were recorded after each visit for future use. However, the company lacked a powerful and secure system to track this huge pool of information for every patient and integrate each patient’s chart within its audit information.

Increasing regulatory pressure: The company, like most healthcare providers, has witnessed tremendous change in the regulatory arena over the past decade. Increasing compliance regulations, high regulatory scrutiny and non-compliance penalties have become the order of the day.

The company had already established a system to manage these pressures. However, as the regulations multiplied and changed, the system was unable to keep up.

The company needed to manage a variety of national regulations such as the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA) and the Sarbanes-Oxley Act (SOX), as well as mandates that varied across state, region and locality. Each regulation consisted of hundreds of requirements for which strong IT expertise and focused attention to detail was required.

Manual processes: Most processes related to information handling and audit management at the company were chiefly manual or semi-manual. Spreadsheets were used for auditing patient chart information, while phones and emails were used as the primary channels of collaboration among different teams. These methods were proving to be time consuming, expensive as well as unreliable, due to the large role of the human error factor innate to manual processes.

Insufficient collaboration: The various teams and stakeholders within the company were unable to collaborate in real time in the absence of a common platform. This was particularly affecting the audit integrity function within the company which required patient chart information and billing adjustments to be audited at regular intervals. This in turn had a downstream impact on the preparation for RAC audits, where the claim related information was audited.

Customer Quote

“MetricStream has implemented a rich solution to support our specific audit and compliance needs. With clear visibility into audit status and complete automation in these areas, we have achieved stronger compliance and secure audits across the organization. With MetricStream Solution, we feel well-equipped to meet newer challenges in the healthcare space and serve our patients better than ever,” says the spokesperson of the company.


  • Visibility into audit management, RAC audit preparation and compliance:
    MetricStream’s centralized dashboards enhance visibility into the company’s audit management process and the preparation for RAC audits, enabling managers to track their progress easily. The solution enables the company to gain a complete view of the appeals at every stage. On the compliance front, the central compliance library and issue tracking system present an accurate picture of the company’s compliance quotient at all times.
  • Increased preparedness for RAC:
    With MetricStream’s solution for RAC audit management, the company’s readiness for RAC audits has improved considerably. This has resulted in a significant decrease in the number of improper payments and denied insurance claims for the company.
  • Collaboration for foolproof audits: 
    The solution provides a common platform and centrally organized information. This helps the stakeholders in the company to collaborate effectively in billing adjustments, prepare better for RAC audits and run the audit integrity function impeccably, with minimum issues.
  • Complete compliance:
    MetricStream’s ability to track regulatory information applicable to the healthcare industry, coupled with automated workflows, ensures complete compliance with regulations and assures total protection of confidential patient information.

Ready to get started?

Speak to our experts Let’s talk