The tremendous growth in outsourcing in the revenue cycle management industry, along with increasingly stringent government mandates for security and compliance, have made it necessary for companies like Hollis Cobb to consider external audits for the purpose of ensuring all client data is kept secure at all times. Hollis Cobb’s Compliance Department opted to be proactive by completing an audit of internal controls that impact clients. The Service Organization Control (SOC) reporting process audits policies, procedures and technologies that are implemented to protect client data and patient information.
The project lead for this endeavor was Sandrea Brooks, Quality Assurance Analyst in Hollis Cobb’s Compliance and Quality Assurance area. Sandrea is responsible for performing internal compliance audits, writing and implementing policies and procedures, and ensuring the company adheres to state and federal regulations governing our industry. She took on the challenge of completing the SOC examination for Hollis Cobb, and the final report from independent auditors indicated that the company has demonstrable competence in the area of compliance and quality control. This is a significant achievement for Hollis Cobb and the culmination of many months of work by Sandrea Brooks and others in the compliance area. Most importantly, the commitment to solid internal controls underscores a culture tone embedded within the Hollis Cobb organization.
SOC Reports
Outsourcing companies that work for other entities in processing health insurance claims, obtaining medical records, accessing healthcare systems and otherwise housing PHI (Private Health Information) often commit to getting SOC audit conducted to demonstrate compliance in critical areas including Operations, Information Technology, Compliance/Quality Assurance, Client Services and Human Resources. It is important for outsourcing companies to be able to provide reports to clients detailing their security controls surrounding financial information and compliance processes. The SOC report specifically audits an organization’s controls that are implemented to protect all client data. This is essential for an outsourcing firm in the healthcare revenue cycle arena to ensure that all patient information is secure.
Benefit to Hollis Cobb Clients
Hollis Cobb elected to complete the SOC examination for the benefit of our clients who may have to justify the security and maturity of vendors with whom they choose to partner. There is a common theme in the marketplace, especially where PHI is involved, to know your business partners and make sure their standards meet a minimum when it comes to their internal controls. Hollis Cobb’s clients can now read our SOC report, which was completed by an independent CPA firm, and have a solid understanding of how their information will be received, handled and protected. Hollis Cobb set up our relevant controls, our auditors have attested to their effectiveness, and our clients can rely on them. That is a huge benefit for Hollis Cobb’s clients.