Navigating critical healthcare areas through internal audit

Recent high-profile cyberattacks against healthcare organisations underscore an ever-present and evolving threat landscape. It’s no surprise that cybersecurity and IT governance continue to top the list of internal audit  priorities in our 2024 survey. Other top-ranking priorities include user access management and ensuring robust IT governance.

Financial integrity issues continue to rank in the top 10 priorities for internal audit, with accounts payable (AP) tied for third-largest concern in the 2024 survey. Accounts payable departments have key functions and experience disruptive events that merit their consideration for inclusion on internal audit plans. These include changes to the ecosystem due to emerging technologies, fragmentation of people and processes due to trends in outsourcing to external parties, and interruptions such as cyberattacks or other system downtime that prevents payment for goods and services.

Financial losses due to healthcare fraud amount to tens of billions of dollars each year, so it’s no surprise that this is tied with accounts payable for respondents’ third-highest priority. Risk exposure continues to rise as healthcare organisations face challenges to combat the evolving sophistication, frequency and types of internal and external fraud perpetuated.

Recent events that have crippled many healthcare industry participants have drawn more attention to risks associated with increased reliance on third parties. The February 2024 healthcare cybersecurity incident highlighted the significant impact third-party vendors can have on business continuity. It also exposed categories of third parties that previously might not have been evaluated through vendor risk assessments and the like, such as claims processors and/or clearinghouses.

According to the 2024 SHRM Talent Trends Report, more than 75% of organisations have had difficulty in the last 12 months recruiting for full-time, regular positions and nearly half have had difficulties retaining these employees. For many organisations, talent (finding it, keeping it and ensuring the business has the best) is an enduring challenge. Internal audit departments play an important role in ensuring that an organisation’s talent function operates effectively and adheres to established policies and regulations.

Hospitals can improve their revenue cycle operations and deliver measurable returns by prioritising compliance and accuracy in the identification, capture, reporting and reconciliation of chargeable items. Ineffective processes lead to poor charge entry, negatively affecting healthcare organisations and resulting in revenue losses. Regular audits are key to evaluating the effectiveness of charge capture processes.