Areas of Expertise
- Compliance Programs
- Corporate Integrity Agreements
- Denials Management
- Documentation, Coding, Billing & Claim Reviews
- End-to-End Revenue Cycle Optimization
- Enterprise Risk Management
& Internal Audit
- Forensic Analytics
- Healthcare Fraud
- HIPAA Privacy & Security
- Independent Review
Organization (IRO)- Claim & Arrangement Reviews
- Litigation Support
- Payer Special Investigation Unit (SIU) Support
- Provider/Payer Audit and Recoupment Defense
- Reimbursement Model Analysis (e.g. fee-for-service, risk adjustment, accountable care organization, etc.)
- Technology Assessments & Implementations
- Conducted a Center for Medicare & Medicaid Services required Readiness Assessment and NIST (National Institute of Standards and Technology) Controls Review for an internet healthcare broker. This was a requirement for direct enrollment (“DE”) entities (qualified health plan) issuers and web-brokers to use a “proxy DE” pathway, which eliminated the prior, consumer-facing “double redirect” requirement for certain individual market exchange enrollments. Received accolades from CMS for the completion of the reporting which CMS stated would serve as an example for future reports.
- Served as an extension of the SIU for the largest single health carrier in the US, among others. Provide independent and objective investigation of suspect providers, including review of medical records, claims data, licensure, accreditation, onsite inspection and live interviews. Assist in-house/outside counsel with overpayment recovery efforts.
- Provided risk mitigation services for one of the largest multi-institutional Catholic health care delivery systems in the nation, including external investigations, internal audit/monitoring, and compliance infrastructure development. Managed response to government inquiries and recoupment requests. Served as interim staffing for the Regional Privacy Officer position.
- Provide services as an Independent Review Organization (IRO) for providers entering into Corporate Integrity Agreement (CIA). Conduct independent and objective assessment of claims data, as well as systems review and arrangement transaction review for compliance with regulatory requirements in accordance with the terms of the specific CIA. Issue annual reports for conveyance to the OIG.
- BA (Psychology/Sociology) Wilkes University
- BA (Accounting) Kings College
- 2 Years with Firm
- 16 Years of Relevant Experience
Ms. O'Donnell successfully assists clients in identifying strategic solutions to identify risk, establish internal controls and improve operational efficiencies.
She has more than 18 years of healthcare internal audit, health care management and investigative experience. She has conducted various compliance and internal control reviews and operational, financial, compliance and information system audits for health plans, hospitals healthcare management organizations and attorneys. She has served as lead auditor in multiple IRO (independent review organization) reviews and specializes in Focused Arrangement reviews.
In a prior position, Jeannie worked as an information systems auditor in a large healthcare system. During her tenure with the organization, she was responsible for conducting reviews that included planning, testing and reporting within the scope of the healthcare system's internal audit plan. She evaluated Sarbanes Oxley and COBIT internal controls, reviewed policies and contracts for regulatory compliance, conducted risk assessments for software applications and devices, and served in a project management role for new system implementations and upgrades, including a new data center and a major data center upgrade.
Ms. O'Donnell has served as a Fiscal, Compliance and IT Auditor for a Regional Support Network providing public mental health services. Her responsibilities included audits of counties and providers and training internal and external staff for HIPAA compliance. In addition, she created and directed a Safety Program and served as the Risk Management Officer and Privacy/Security Officer for HIPAA Compliance during her tenure.
Ms. O'Donnell was an audit manager for an Audit Network and responsible for the Risk Assessment and Audit Plan for two hospital systems. She conducted financial, operational, compliance and IT audits and was a Corporate Responsibility Committee member. As a compliance security analyst at a health plan management company, she was responsible for application access security, including testing and post implementation reviews. She managed external audits and conducted internal and external regulatory affairs. Additionally, she served as the Corporate Business Continuity Officer, where she created, updated and tested the Business Continuity Plan/Disaster Recovery Plan for the corporate office and affiliates nationwide.
Prior to her health care audit experience, Ms. O'Donnell spent 20 years in accounting, budgeting and cost, including 8 years as a Budget Director. Ms. O'Donnell also has intensive Information Systems experience and created and implemented customized database applications.
Ms. O'Donnell received her Bachelor of Arts in Psychology/Sociology from Wilkes University (Wilkes-Barre, Pennsylvania) and added a Major in Accounting from Kings College (Wilkes-Barre, Pennsylvania). She also completed classes in the College of Health and Human Services' Master of Health Services Administration Program at Marywood University. She is credentialed as a Certified Internal Auditor, Certified Information System Auditor, Certified Professional Coder, Certified in Healthcare Compliance, and Certified Healthcare Internal Audit Professional.
Selected Engagements and Experience
- Conducted a CMS required Readiness Assessment and NIST (National Institute of Standards and Technology) Controls Review for an internet healthcare broker. This was a requirement for direct enrollment ("DE") entities (qualified health plan) issuers and web-brokers to use a "proxy DE" pathway, which eliminated the prior, consumer-facing "double redirect" requirement for certain individual market exchange enrollments.
- Served as Interim Regional Privacy Officer at a large healthcare system. Provided oversight of the maintenance of the privacy and integrity of a hospitals' protected health information. This included documentation, investigations and reporting.
- Created a security structure for a multi-state healthcare organization including relevant policies and procedures with a focus on HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) regulations and NIST (National Institute of Standards and Technology) controls. Included gap identification, risk analysis and recommendations.
- Conducted a Hospital Pharmacy Implementation Review, including validating compliance with policy, data tracing and testing.
- Validated compliance with 340B regulations and evaluated if adequate internal controls were in place to prevent or detect errors in the purchasing and dispensing process of 340B inventory.
- Created and maintained a Business Continuity/Disaster Recovery Plan for a national health management organization. Managed relationships with state compliance managers to maintain the plan. Conducted desktop and live testing exercises.
- As an Information Technology Auditor conducted risk assessments including access review, change management monitoring, backup testing and initial and annual security reviews of all applications and devices.
- Responded to clients' requests for review following security breaches. Reviewed root cause of the breach and implemented controls.
- Reviewed internal controls for financial applications including general ledger, accounts payable, accounts receivable, supply chain and payroll. Analyzed gaps, created policies and implemented appropriate controls.