compliance folder and charts

What Compliance Metrics Does Your Medical Office Have to Meet?

Compliance-Metric-Charts-and-Binder.jpeg In order for your medical office to have an effective medical waste compliance program, it needs to cover all areas of regulations that apply to your practice. The cornerstone of your program is your compliance officer. This person is responsible for developing and implementing the compliance program. Compliance is not just a one-time goal; it has to be maintained. There is no standard policy or procedure that can guarantee your compliance—it’s different for each practice. So while you want to initially achieve core compliance, you also want to improve over time. Think of compliance as a way to help enforce adherence to the highest standards of conduct. It’s a commitment to appropriate conduct and best practices, and it drives the culture of your medical practice as an integral part of your core values.

Why Do I Need Compliance Metrics?

Metrics are useful for several reasons. They can help guide the development of an existing HIPAA or OSHA program, for example, and they can help you measure how effective you’ve been in implementing the program. Metrics are useful in communicating your progress to the executive staff in your practice and they can also be used to drive buy-in for compliance programs, including funding and resource support.

How Do I Set Compliance Metrics?

A common criteria used for setting metrics is the acronym SMART. Metrics should be Specific, Measurable, Achievable, Reasonable, and Timely. They should cover each of the main elements of your compliance program and answer questions such as:

  • Where were we last year?
  • What have we done?
  • What to Measure?
  • How to Measure?
  • What is our policy?
  • What is our procedure?
  • What is our process?

Your metrics program should be flexible, and scalable. Determine what you will measure weekly, monthly, and/or annually.

Sample Training & Education Compliance Metrics

These metrics are related to the completion of required compliance training and educational programs. You would set metrics for HIPAA and OSHA training as well as any other training such as state mandated programs.

For example:

  • Percentage of employees who complete compliance training requirements, within the specified timeframe.
  • Percentage of employees who receive and acknowledge HIPAA Privacy compliance education and training, within the specified timeframe.
  • Percentage of employees who receive specialized training according to the compliance education plan within the specified timeframe.

While the completion of training is important, what employees do after the training is just as important. How do you test and validate that the training is actually working?

Sample Privacy Compliance Metrics

Privacy metrics will show you how well your internal policies and procedures are working to safeguard your patients’ information and will establish evidence of data privacy compliance.

For example:  

  • Number of breaches at a given facility, categorized by low and high risk criteria.
  • Number of privacy incidents reported (per facility, if you have multiple locations.)
  • Results of annual privacy auditing and monitoring against target.

Your goal with privacy compliance metrics is to assess potential risks to Patient Healthcare Information (PHI). You need to develop and implement measures to address those risks, then document those measures and keep them current.

Sample Audit & Monitoring Compliance Metrics

These metrics are related to your compliance department’s monitoring activities.

For example:

  • Completion and submission of a periodic compliance report within the specified timeframe.
  • Development and percent completion of a compliance plan (location specific, if you have multiple offices.)
  • Number of remediation activities associated with risks identified during the audit.

Sample Operations Compliance Metrics

Metrics related to the activities performed by your compliance function on behalf of the medical practice.

For example:

  • Percentage of employees who acknowledge receipt of compliance code within the specified timeframe.
  • Number of calls to Compliance related to possible breaches.
  • Nature of calls to Compliance related to possible breaches.

Developing a compliance metrics system will help you effectively manage your compliance program and drive understanding and ownership of compliance throughout your medical practice. Your metrics will be individualized for your practice and aligned with your unique compliance goals. When everyone is committed to compliance and accountable for their part in the process, it’s much easier for your practice to comply with regulations and guidelines.

Ready to start developing your practice’s process or refining the ones you currently have? Download our latest compliance checklist to identify how your office can imporve its procedures and processes to be more compliant by clicking the button below.


Simplify your job and stay up-to-date on medical and hazardous waste compliance for healthcare and industry.

    By subscribing to our blog you agree to our Privacy Policy.