(1) "Compliance audit" means a voluntary internal evaluation, review, assessment, audit or investigation that is undertaken to identify or prevent noncompliance with, or promote compliance with, laws, regulations, orders or professional standards, and that is conducted by or on behalf of a coordinated care organization.
(2)(a) "Compliance self-evaluative audit document" means a document prepared as a result of or in connection with a compliance audit.
(b) "Compliance self-evaluative audit document" includes, but is not limited to:
(A) A written response to the findings of a compliance audit.
(B) Field notes and records of observations, findings, opinions, suggestions, conclusions, drafts, memoranda, drawings, photographs, exhibits, computer-generated or electronically recorded information, phone records, maps, charts, graphs and surveys, provided this supporting information is collected or developed solely for the purpose of a compliance audit.
(C) A compliance audit report prepared by an auditor, who may be an employee of the coordinated care organization or an independent contractor, which may include the scope of the audit, the information gained in the audit and conclusions and recommendations, with exhibits and appendices.
(D) Memoranda and documents analyzing portions or all of the compliance audit report and discussing potential implementation issues.
(E) An implementation plan that addresses correcting past noncompliance, improving current compliance and preventing future noncompliance.
(F) Analytic data generated in the course of conducting the compliance audit, not including any analytic data that exists independently of the audit or existed before the audit was conducted. [2019 c.478 §16]