Skip to main content


Cornell Student Articles on Topical Affairs

How to Find the Best Pharmacy Compliance Specialist or Consultant

Key Points:

  • Pharmacies are ill-advised to handle insurance or government audits themselves.
  • Outside auditors must be familiar with state and federal regulations and they must offer policies and protocols designed to ensure ongoing compliance.
  • Outside auditors should have a significant pharmacy law experience, for example by way of having served as a former DEA or OIG investigator or someone with a PBM history.

Pharmacy audits are on the rise. What began with a wave of audits and investigations in the context of compounds, medically unnecessary prescriptions, and excessive fillings of opioids has since transformed into widespread and nationwide scrutinization of pharmacies and specialty pharmacies. If you own or operate a pharmacy, or if you are the pharmacist-in-charge and thus professionally responsible for every order and script leaving your store, you need to make sure to avoid the common mistakes PICs and owners make before, during, and after a pharmacy audit.

Audits Have Become More Common, More Intrusive—and More Dangerous

Until not too long ago, pharmacies would in a somewhat regular fashion receive an audit request, sometimes a recoupment request for an accidental overbilling, or otherwise be asked to participate in routine control protocols. In the last five years, this has changed. Pharmacy audits are not just more common, and more intrusive, they are also less and less routine. Commercial insurance companies and government agencies, including the DEA and Medicaid, have intensified their efforts to detect billing and medical necessity issues early. The system that these agencies have established over time in the background is data driven. This means that the mere fact that you fill more prescriptions than someone else in your county or your zip code, could target you for suspicious conduct. Indeed, the paradigm shift with respect to pharmacy audits has turned into an unfair mathematical and numeric game whereby more successful pharmacies may be disadvantaged by being more likely subject to audits. Often, these audits not just ask for prescription copies or patient charts, but also for underlying corporate documents, communication records, and even marketing agreements. PBM audits are more and more structured that way.

Every Two Years, An Experienced Outside Auditor Should Conduct a Voluntary Self-Audit Checking on Medical Necessity, Inventory, and OIG/DEA Compliance

Just like a student should not grade his own paper, a pharmacy is ill-advised to be in charge of its own compliance. Here is why: audits that are less likely to be successful are those where an audit request comes in, and some staff member simply puts the requested charts together, sends them off, without there being any form of critical self-review or checks and balances. The better approach is to recommend a voluntary self-audit by an outside auditor every two years. This auditor would review, or where needed create, the policies and protocols pertinent and expected from any compliant pharmacy. These documents, and demonstrated compliance with them, will have a big impact on any future audit, whether private insurance or government.

  • False Claims Act Compliance
  • Stark Law and Anti-Kickback Compliance
  • DEA Inventory Compliance
  • DEA Diversion Compliance
  • Checks and Balances for Medical Necessity
  • HIPAA Compliance
  • Opioid Protocols
  • Controlled Substances Act Compliance
  • Security and Surveillance Logs
  • State Pharmacy Board Compliance
  • Signature Logs and Claim Transaction Record
  • DEA Forms 106 and 222
  • Medicare Part B Pharmacy Audit Experience
  • Reverse Distributor Records
  • FDA Labeling and FDA Compliance
  • CMS Exclusion Check
  • Healthcare Billing Compliance
  • Compliance Training
  • How to Handle a Government Subpoena

This outside auditor will review the pharmacy’s documentation and communication protocols. For example, if a pharmacy receives a suspicious opioid filling request, the experienced pharmacy compliance auditor would want to see the document chain and documentation how the PIC not just blindly filled but second-guessed and communicated his concerns with the prescribing physician. In general, professional outside auditors are expected to satisfy these essential duties:

  • Work with or train existing pharmacy compliance officer
  • Develop and implement audit program and risk assessment documentation
  • Conduct billing and coding compliance audits
  • Provide oversight to staff and work with PIC
  • Identify compliance risks
  • Assist with corrective action
  • Create long-term audit tools

If Your Pharmacy Is under Audit, Call an Experienced Pharmacy Compliance Specialist

The two most common scenarios to go through an audit is either when DEA diversion investigators walk through the door—unannounced—or you receive notice of an PMB audit. In both situations, you should carefully analyze the audit request and discuss potential advantages of hiring a law firm experienced with pharmacy audits or pharmacy compliance consultants to serve as objective outside experts. Even though you may think that an audit is not a big deal (it is, or, at least, it really can be), consider looking for a “retired DEA Supervisory Special Agent” or a “former DEA Diversion Investigator” or a “PMB pharmacy audit expert.”

Not just does the such a former federal agent or retired insurance auditor have the experience and knowledge of how to handle and how not to respond to a pharmacy audit. Also, in particular when dealing with current DEA diversion investigators, their former colleague instantly possesses credibility and authority and the investigators will be more likely to listen to one of them, rather than the necessarily biased pharmacy owner or PIC whose license may be under attack.

Ideally, such a retired agent would work under an attorney’s umbrella to maintain the attorney-client privilege. This means that if the former agent who is now helping you with the wealth of his or her experience to obtain a good audit result comes across items that are non-compliant, these findings would be protected and must not be disclosed to the government. Vice-versa, if, for example, as it happens all the time, the DEA comes in and establishes an alleged error rate that seems way too high (and may trigger significant penalties), the job of your pharmacy compliance consultant would be to disprove the government’s findings and present the true (significantly lower) error margins. Again, if shared with the DEA in the interest of a rapid resolution, the DEA would be less inclined to question a former colleague, in particular if that colleague was ranked higher and objectively has more experience.

Same is true with non-governmental audits. Insurance companies are overloaded and understaffed. Any auditor will appreciate knowing that the targeted pharmacy is demonstrating cooperation and assistance. If this help comes by establishing an early dialogue with the insurance company and involves a true authority, chances that the overworked auditor will welcome the support are high—especially if this help comes from someone whose law enforcement credentials speak for themselves and implicitly demonstrate expertise, trust, and good judgment.

If you need help with compliance for your pharmacy, please check out Oberheiden P.C. today.

Skip to toolbar