Welcome to our inaugural quarterly newsletter!  We plan to include timely audit and compliance topics and resources to help us all be better stewards of the assets and resources of USA Health. If you ever need additional information, contact information for each department is at the end of the newsletter.

Internal Audit Risk Assessments  In general, a risk assessment is the process used to identify risk factors that have the potential to negatively impact achievement of an organization’s goals or objectives. Beginning in April and continuing through July, Internal Audit will be working on two different risk assessments which assist us in planning and prioritizing the work of our department.  Two Risk Assessments?? Can’t there be just one?? We too wish there could just be one large risk assessment, unfortunately, the purpose, respondent groups, method of delivery and timing make this difficult and may cause added confusion or frustration. Details of each risk assessment are below:  Fraud Risk Assessment – To be completed by the Office of Internal Audit in April via a short Qualtrics survey to a wide group of employees at all levels. This assessment will gauge, among other things, the understanding of what fraud is, the level of fraud training provided and the understanding of how to report suspected fraud.  Annual Risk Assessment – To be completed by the Office of Internal Audit in June-July via a combination of interviews with senior leaders and managers, and other quantitative factors. This assessment will identify the enterprise risks that USA Health is facing and is a key component in the creation of the annual audit plan.

Policy Spotlight  Below you will find summaries and links to policies that were recently reviewed and/or updated.  Ethics and Compliance Hotline Policy: Faculty, employees, residents and students are encouraged to report violations of conduct (including bias or discrimination), state or federal laws/regulations, and USA Health policies or procedures, to supervisors. Our Ethics and Compliance Hotline is ideally suited for reporting anonymously.  Minimum Necessary Policy: Health information should only be accessed, used or disclosed by authorized personnel and dependent on your role in the patient’s care. Information should be restricted to the minimum necessary to execute your job responsibilities.

In the next issue >> Common Fraud Schemes  

The South Compass is a joint newsletter from the Offices of Internal Audit and Compliance at the University of South Alabama. HELPFUL RESOURCES Ethics & Compliance Hotline or Direct Dial 1-844-666-3569 Office of Internal Audit Website PolicyStat Employee Hub: Regulatory & Compliance EE