Insights: Article

Preparing for 340B Drug Pricing Program Audits with Self-Audits

By   Renee Gravalin

January 25, 2016

Audits of the 340B Drug Pricing Program by Health Resources and Services Administration (HRSA), a department of the U.S. Department of Health and Human Services, have increased significantly and it’s only expected to continue to rise, particularly as the much anticipated 2014 “mega reg” intended to clarify the program was scrapped due to another legal challenge. As a health care entity participating in the 340B Drug Pricing Program (Covered Entity), you must be proactive to take steps to ensure compliance. Self-audits are a way to accomplish this and can be completed either by internal personnel or an outside vendor.

The majority of HRSA audits are being done at random, with a few conducted due to whistleblowing or self-reporting. While the Federal Register outlines compliance and audit guidance dating back to 1996, most Covered Entities have had little knowledge of what to expect from a HRSA audit. However, as HRSA audits have become more commonplace, we have gained a better understanding of how the process generally works.

The Audit Process
A 340B audit generally begins with a notice from HRSA. This is followed by a HRSA auditor contacting the Covered Entity to schedule an “entrance conference” by phone. The auditor then schedules the onsite audit and submits a “data request,” asking for multiple documents relating to 340B usage during the six months prior to the audit. Some hospitals have had less than 30 days to prepare the required documentation, which is another reason we highly stress regular self-audits to ensure documentation is consistently ready to provide to HRSA, if needed.

The onsite audit is then conducted and an “exit interview” held with Covered Entity officials. After the audit, the Covered Entity will receive a Preliminary Audit Report from HRSA typically within a few months to more than year from the visit. The Covered Entity has the opportunity to contest and resolve the findings, after which a Final Audit Report is issued.

What is HRSA looking for?
Covered Entities have three major compliance requirements to remain eligible for the program:

  1. 340B drugs must only be dispensed to eligible outpatients of the Covered Entity. This is called “diversion prohibition.” So, every patient that presents at a contracted pharmacy claiming 340B eligibility must be verified to be an eligible patient of the Covered Entity.
  2. 340B drugs cannot be double-discounted by Medicaid rebates. This is referred to as “duplicate discount prohibition.” Covered Entities need to work closely with the state Medicaid program to determine how to appropriately handle Medicaid patients to ensure that duplicate discounts on drugs for Medicaid patients are not happening.
  3. Covered Entities may not obtain any covered outpatient drugs through a group purchasing organization (GPO). This is referred to as “GPO prohibition.”

During an audit, HRSA will examine policies, procedures and processes related to 340B drugs, internal controls to prevent diversion and duplicate discounts to ensure compliance with the GPO prohibition, and test transactions related to 340B drugs. HRSA audits cover the parent site, as well as any registered outpatient facilities and all contracted pharmacies.

What You Can Do Now
HRSA audits can happen with little time to prepare. We recommend that you conduct self-audits on a regular basis to not only be prepared, but protect your health care organization from potential financial impacts of 340B penalties. Self-audits can be conducted by individuals within your organizations who are familiar with the rules and guidelines of the 340B Drug Pricing Program or by outside vendors with that knowledge.

Through the HRSA audit process, Covered Entities have been ordered to pay back discounts to pharmaceutical companies in the event they violate requirements. This becomes a very complicated process, as drug prices generally update quarterly and calculations must be made per quarter. Additionally, refunds must be made to all participating pharma companies, and not paid in one lump sum to one manufacturer. The complexity of the calculations and time spent contacting the individual pharmaceutical companies can be overwhelming, so it is better to avoid the need to refund these discounts.

Additionally, the 340B Drug Pricing Program requires an annual recertification. This needs to be anticipated and monitored so the health care organization does not unknowingly drop out of eligibility and compliance. It is important to keep the information related to the 340B Drug Pricing Program current, such as the name and e-mail addresses of the key people. We have seen several instances where the annual recertification e-mail went to an individual no longer with the health care organization, so the recertification did not get completed.

The bottom line: falling out of compliance can have hefty consequences and cost your facility valuable resources. Self-audits, whether conducted by your internal staff or outsourced to third-party auditors, allow you to track how you are doing and keep you prepared for HRSA audits. In addition, do not be lulled into a false sense of security that your 340B Program will not be audited. With the resources being devoted to monitoring compliance with this program, chances are that you will likely be selected for a HRSA audit at some point.

Latest Insights

May 21, 2018
Firm News
Today, accounting firm Brad Rhodes and Associates of Greenwood Village, Colo.
May 21, 2018
Article
The mission of the organization may sing to your heart strings, but sometimes the nicest people who appear to live for the mission create unimaginable havoc, and you can’t turn a blind eye.
May 21, 2018
Article
Whether it be accidentally or on purpose we have all deleted a file.
May 21, 2018
Article
It is in the best interest of business owners to understand how they might leverage technology to grow.
May 21, 2018
Article
Each month, we strive to bring you the hacks, vulnerabilities and challenges of securing your daily habits and work environment.
May 21, 2018
Article
Fraud can happen at all levels of employment but the question that is on everyone’s mind each time they read about another embezzlement in the news: “Why didn’t the auditors catch it?” It’s a fair question.