Related to Product: SectyrHub 340B
Applies to: Service Providers, System Users, Covered Entity Users
Description: This article provides a high-level overview of the HRSA audit/mock audit workflow. This workflow assists covered entities throughout the audit process after notification of a HRSA audit has been received. This workflow is intended to take you through the process of gathering and reviewing HRSA audit documentation and completing the post-audit follow-up.
To save your work at any time, click the "Save and Continue" or “Save and Exit” button located at the bottom of the screen.
- Clicking the “Save and Continue” button will save your work while remaining on the same workscreen.
- Clicking the “Save and Exit” button will save your work then redirect you to the listing page.
This workflow can also be completed as a mock audit to assess HRSA audit-readiness.
HRSA/ Mock audits are completed at the covered entity level.
To access HRSA/Mock audits or start a new HRSA/Mock audit, click the HRSA Audits tile located below the Compliance Events banner on the covered entity dashboard. This will direct you to the listing of all HRSA/Mock audits.
Click the New HRSA Audit button to start documenting a new audit. This will direct you to the tabs that comprise the HRSA/Mock audit workflow.
If a HRSA Mock/Audit is open, a HRSA tile will display with the status at the top of the covered entity dashboard under a red banner, Active Compliance Events. Clicking the tile will take you directly into the open audit.
For more information on HRSA/ Mock audit statuses, refer to article: HRSA/ Mock Audit Statuses and Key Dates.
When a HRSA/ Mock audit is first created, it will be broken into four tabs: Important Dates and Auditor Information, Tips and Tricks, Data Request and Generic Files. Once the "Onsite" date has passed, a fifth tab, Audit Results, will populate.
Important Dates and Auditor Information:
- Indicate if the audit is a mock audit by selecting Yes from the dropdown. This will allow users to differentiate between genuine HRSA audits and mock audits.
-
Enter in the key dates for the audit (Kickoff Call, Data Request Due, On-site, Sample Period Start, Sample Period End).
- If it is a mock audit or virtual audit that will not include an on-site, you may choose to enter the date when lookups will occur.
- If the on-site is only one day, enter the same day for both the start and end date.
- Enter the Auditor, Auditor Email, and any notes that may need to be added regarding these days.
Tips and Tricks:
The tips and tricks have been gathered to guide you through the HRSA audit process. Most importantly, remember to breathe! You've got this!
The tips can be tasked to individuals or simply used as a checklist and marked off as completed. It also includes information that will prove helpful after the on-site visit. Completing this section is optional.
Data request:
The data request tab breaks down the various sections of the HRSA Audit data request and are automatically tailored to your entity type.
The current sections are based upon a September 2020 HRSA Audit Data Request. We strive to keep this information as up to date as possible. However, we highly recommend confirming that all elements included within the Data Request from HRSA are also reflected in the sections. In the event any items are not included, please reach out to us at support@sectyr.zendesk.com immediately and we will review any necessary updates as soon as possible.
Click the down arrow for a given section to view the content (guidelines, documents, contacts, etc) within it.
Due to the size and variations of the data request tab, it is discussed further in the article: Data Request.
Generic Files:
The Generic Files tab allows you to upload any additional documentation related to the audit that you may wish to have available.
During the on-site visit, the auditor may ask for proof of internal oversight. The Associated Audits section allows you to produce the "Audit Details" for audits that were completed within SectyrHub 340B to serve as proof of oversight documentation.
To pull proof of oversight documentation:
- Click the plus button for the audit(s) you wish to show proof of oversight for. If an audit is selected in error, click the X button to deselect it.
- Once the audits have been selected, click Download Proof of Audits to download a zip file of the Audit Detail information to your computer. One PDF cover letter will be made for each selected audit.*
*Sectyr recommends confirming that no audit results or PHI were added to the Audit Details information in error. Auditors should not be able to view the results of internal audits or PHI.
Audit Results:
This tab will populate only after the on-site date has passed. It is intended to assist you through the post-audit process. Once the audit report has been received:
- Enter the date of the report and upload the final audit report.
- Indicate if there were or were not findings by selecting the appropriate button. If the next steps are added in error, click the X to remove them.
- If No Findings is selected, you may choose to add Areas for Improvement (AFI) or close out the audit.
- If Findings is selected, indicate the types of finding(s) (Eligibility, Duplicate Discount, Diversion) by checking the appropriate boxes and how the entity will address the findings by selecting the Add Notice of Disagreement button or Add Corrective Action Plan button. Due dates will populate accordingly.
You may choose to use this section to store working documents as you formulate responses to HRSA. As you communicate with HRSA, enter the dates into the related date boxes.
Closing the Audit:
To close the audit, update the status from "Open" to "Closed Out."
Sectyr recommends addressing all findings and areas for improvement prior to closing the audit. In the event dates/information are missing from the workflow, a warning will display prompting the user to confirm they would like to proceed with closing the audit prior to entering in all information.
Once the audit is closed, all information will be archived for historical review.