Hello,
Penn State Health is in the process of transitioning to Epic, and our compliance team is eager to learn from the experiences of other organizations that have already implemented the system. We're particularly interested in understanding how compliance risks and operations are managed in an Epic environment.
To that end, we would appreciate any insights you can share regarding your compliance-related experiences with Epic. Some of the key questions we're exploring include:
-
How do you ensure accurate and compliant documentation and coding within Epic?
-
What audit tools and reporting functionalities do you find most useful for compliance monitoring?
-
How have you configured Epic to support medical necessity documentation?
-
What guardrails have you implemented to prevent copy/paste or cloning issues?
-
How do you manage privacy and access controls, including monitoring for inappropriate access?
-
Have you integrated compliance work plans or corrective action tracking into Epic workflows?
-
How do you oversee provider billing and teaching physician attestation requirements?
-
Are there particular risk areas you monitor more closely post-implementation?
-
What role does Compliance play in Epic build decisions and workflow design?
-
What lessons learned or best practices would you recommend to a compliance team new to Epic?
We greatly value your time and expertise and would welcome any input, documentation, or guidance you're willing to share.
Thank you in advance.
------------------------------
Ian Mattis
Director of Compliance
Penn State Health, Milton S. Hershey Medical Center and Medical Groups
------------------------------