10.1 Audit Policies

This policy applies to all providers enrolled in PharmaCare by way of:

• PharmaCare Enrolment Agreement
• Pharmacy Participation Agreement
• British Columbia PharmaCare Non-Pharmaceutical Supplier Participation Agreement
• British Columbia PharmaCare Pharmacy Participation Agreement for the Provision of PharmaCare Services to Long Term Care Facilities
• Methadone Maintenance Payment Program Addendum to Pharmacy Participation Agreement, and
• Pharmaceutical Services Act and regulations.

The Pharmaceutical Services Act and Provider Regulation establishes the following with regard to audit: 

• The Minister may appoint inspectors to conduct audits and inspections for the following purposes:
  • to determine compliance with the Pharmaceutical Services Act
  • to fulfill a prescribed purpose.
• The following matters may be the subject of an audit or inspection:
  • a claim
  • the billing and business practices of a person referred to above
  • prescribed matters

An inspector may audit or inspect in respect of:

• A provider, a manufacturer, a supplier, a franchisor or an alternate payee
• A former provider, manufacturer, supplier, franchisor or alternate payee
• A person who is prohibited from providing or receiving incentives under the Act
• A person who was formerly a person who is prohibited from providing or receiving incentives under the Act.

All PharmaCare claims are subject to audit to confirm compliance with the provisions of the following:

• The Pharmaceutical Service Act;
• The Health Professions Act;
• The Pharmacy Operations and Drug Scheduling Act;
• A prescribed enactment of British Columbia or Canada; or
• The regulations made, or a limiting condition imposed, under any of the above Acts

Note: The above list includes College of Pharmacists of BC bylaws, PharmaCare policies and procedures, and policy and procedural updates communicated in PharmaCare Newsletters which the above Acts, enactments, regulations or limiting conditions require providers to follow.

Audits are performed by PharmaCare Audit and Audit Intelligence and Operations, Audit and Investigations Branch, Financial and Corporate Services Division, Ministry of Health.

PharmaCare auditors are appointed as inspectors by the Minister of Health pursuant to the Pharmaceutical Services Act for the purposes of conducting audits.

Under the Pharmaceutical Services Act, a person who is subject to an audit must do all of the following on the request of the audit team:

• Produce or provide electronic access to, and permit inspection of, the records requested by the audit team;
• Supply copies of or extracts from the records; and
• Answer all questions of the audit team respecting any matter relating to the records or to the audit generally.

If records that are required are not located on the premises, the person who has possession of those records must produce and permit inspection of those records if requested by the audit team.

If the audit team is not provided with sufficient information to conduct the audit, an adverse inference may be drawn. The result may be a denial of claims for which the audit team has not been provided sufficient information.

In addition, knowingly providing false or misleading information to the audit team, or willfully interfering or obstructing the audit team constitutes an offence under the PSA. A person who commits such an offence is liable on conviction to a fine up to $200,000 or to imprisonment for a term up to six months, or to both.

PharmaCare auditors will complete a Temporary Removal of Documents form with the manager of the provider site being audited when records are removed.

In the event that PharmaCare auditors remove any records from a provider site or the location where the records are kept, the records will be returned within 20 business days, except for prescription records, which will be returned within 5 business days.

Access to electronic records for audits and inspections

For electronic records to be deemed accessible, inspectors must be able to sort and filter the records based on one or more of the following data elements:

The point of sale (POS) system must support export of a record or collection of records (a set of images) usable for subsequent reference. The collection of records must be able to be transferred off-site via secure file transfer processes or via encrypted email for small files. The transfer of encrypted emails must be confirmed before the data transfer. Both transfer methods must be compliant with all relevant legislation.

The export images must be PDF. The file name must include the following, separated by dashes (-):

• PHN
• Prescription number, and
• Date/time of image creation

Providers must abide by the record-keeping requirements as specified in the Pharmaceutical Services Act and Regulations, including Section 12, 13 and 14 of the Provider Regulation.

For the purposes of calculating non-compliant claims amounts, information a provider obtains from a prescriber/other provider after an onsite audit cannot be used to support a disallowed prescription claim.

Electronic recordkeeping

The PharmaCare program allows electronic recordkeeping if the provider meets the standards set out in this policy.

In scope

• Community pharmacies, including those that provide general medical supplies, and pharmacies enrolled in the device class (see section 5.2 of the PharmaCare Provider Enrolment Guide)
• Paper prescriptions supporting PharmaNet records
• PharmaCare forms and College of Pharmacists of British Columbia (CPBC) forms listed at the end of this section, and any other forms that support PharmaCare claims
• PharmaCare claims records that pharmacies have transferred to another pharmacy and the records of pharmacies that have closed

Out of scope

• If the limits or conditions on a pharmacy’s enrolment as a PharmaCare provider require it to maintain hardcopy original records, then it may not keep electronic records only
• Non-pharmacy device providers submitting claims. The PharmaCare Prosthetics and Orthotics Policy Manual requires the retention and provision of original hardcopy documentation
• Prescriptions for drugs in the controlled prescription program and part-fill accountability logs associated with opioid agonist treatment prescriptions
• Hospital pharmacies with outpatient services, not licensed as community pharmacies
• Electronic prescribing, defined as the secure electronic creation and transmission of a prescription between an authorized prescriber and a patient’s pharmacy of choice, using clinical electronic medical record (EMR) and pharmacy management software

Policy

Electronic recordkeeping does not diminish the responsibility to maintain records or comply with obligations under the Pharmaceutical Services Act (PSA). The following standards apply to all electronic records supporting PharmaCare claims, including prescriptions, PharmaCare forms and certain CPBC forms (listed at the end of this section). Any claims based on digital-only records that do not meet these standards will be subject to full recovery.

Please note that in this policy, the terms "electronic record” and “digital record” are used interchangeably since both terms are used in related documents (Pharmacy Operations and Drug Scheduling Act (PODSA); Health Professions Act (HPA); and PharmaNet conformance standards).

Where applicable, PharmaCare’s requirements are supported by technical requirements defined in the Ministry of Health Conformance Standards, Volume 4C– Application Enforced Rules for PharmaNet. This volume of the conformance standards defines the application rules that must be enforced by POS systems when accessing PharmaNet.

New rules were added on September 30, 2021 to Volume 4C, section 3.6.1 (version 3.3) of the conformance standards to support electronic recordkeeping, although as of the writing of this policy the conformance testing of these rules had not been completed and a deadline for conformance testing had not been established. Further, the conformance standards and associated rules are subject to change.

Provision and retention of original records

The PharmaCare program’s requirement for providers to retain original records in digital form is satisfied if there exists reliable assurance as to the integrity, legibility and accessibility of the record.

Records must be maintained for the longest applicable period stipulated by the PODSA bylaws or the Provider Regulation (under the PSA) at a minimum. In effect, this is 4 years for 1-year prescriptions, 5 years for 2-year prescriptions (i.e., birth control), and 4 years for PharmaCare forms, or until an audit or inspection is complete, whichever is longer.

If storing digital records for paper/fax prescriptions and/or PharmaCare record types in the point of service (POS) system, each of the requirements described in the PharmaNet conformance standards (3.6.1 PNetTx8.2 and PNetTx9.1) must be met. Should these requirements be amended in the future, the amended requirements must be met.

• PNetTx8.2 Storing the Local Dispense Record
• PNetTx9.1 Digital Records for Paper/Fax Prescriptions and/or PharmaCare Record Types

Custody and control of information in digital records

When a pharmacy collects personal information and records it on a PharmaCare form, the pharmacy is creating its own record, over which it has custody and control. However, once the data in the record is submitted to the Ministry of Health (the Ministry), the Ministry will have custody and control of the submitted record. The pharmacy still has custody and control of any record remaining on its local system.

Record preservation and back-up

Digital records must be preserved and backed up at least once daily and stored in a location resistant to environmental perils including, but not limited to, fires and floods. They must be secure from unauthorized access, use, modification, destruction, and disclosure. The backed-up records, once restored, must also be compliant with applicable legislation, regulations, policies and bylaws.

Amendments to records

Once an electronic version of a record is created, the original electronic record must remain verifiably complete and unaltered and its integrity must be maintained. In the event a record is amended to correct an error or omission, the new record must be created as a separate document, with the original document and full evidentiary trail of changes maintained and accessible.

Recordkeeping policy and confidentiality undertakings

Documentation regarding the filing system adopted by the provider must be maintained by the provider and must be made available to the Ministry upon request. The documentation must include a description of the process for preservation, storage and back-up of electronic records, how they can be accessed by authorized individuals, and the effective date the provider adopted electronic recordkeeping.

The electronic records collected, used and retained on the pharmacy’s local POS system, contain personal and other information that can be easily disclosed when in an electronic format. The registrant must maintain confidentiality by disclosing the electronic record only for the purposes listed in the HPA Bylaws, s. 72. The CPBC requires the pharmacy manager, the registrant, the pharmacy support staff and the vendor to sign confidentiality undertakings to protect the confidentiality of both PharmaNet and pharmacy POS system records, including prescription and non-prescription records. In addition, the legislation, including the PSA, and bylaws are very clear that there may be no disclosure for market research.

Change in recordkeeping systems

In the event of a change in the recordkeeping system, the provider maintains responsibility for retention of and access to all records prior to the change. Any claims made based on records that cannot be produced will be subject to full recovery.

Transfer of records between providers

In the event of a change in provider ownership, the new owner is responsible for the retention of and access to the transferred records and the integrity of the records received from the previous owner.

Any claims based on invalid records or records that cannot be produced will be subject to full recovery.

Pharmacy closures

The policy remains in effect in the event of a pharmacy closure. If a pharmacy closes permanently, it is required to either transfer its records to another pharmacy or to a secure storage site. The owner of the closing pharmacy remains responsible for all records in storage for their retention time as required by applicable legislation, regulations and bylaws. The owner of the closing pharmacy is also required to produce records to support claims and is liable for full recovery. Transferred records become the responsibility of the owner(s) of the receiving pharmacy.

Any claims made based on invalid records or records that cannot be produced will be subject to full recovery.

Definition of signature

For prescriptions, the requirements for signatures are defined by the CPBC.

For PharmaCare and CPBC forms that support PharmaCare claims and require prescriber, provider or patient signatures, there must be safeguards against repudiation, and the signature and process for obtaining the signature must definitively verify the identity of the signing party. The signature must be unique and applied by a human hand and must be an integral part of the original content. Records containing a stock electronic signature that is not unique or is not under control at all times of the individual whose signature it is are not acceptable. An image of a signature subsequently attached to the document is also not acceptable. Records with invalid signatures are subject to full recovery.

When paper originals are scanned for electronic storage, the “wet” signature of the prescriber, provider or patient is scanned as part of the document scanning process. This is a valid representation of the signature.

Image quality

Records stored electronically must include an image file that accurately reflects the prescription, form or other document, including the colour composition of that document; therefore, any physical records that are converted to an electronic record must be scanned in colour. The requirement for colour scanning ensures image quality requirements are met. If the record is not scanned as a colour image, it is not considered a valid record for audit purposes and will be subject to full recovery. The PharmaCare program’s colour requirement matches that of the HPA Bylaws s. 65.1(5) and PODSA Bylaws s. 23.1(5) and extends to any record supporting PharmaCare claims.

Readability

All necessary details available on a hardcopy document must be available and clearly legible on the electronic version of the record. Determination that a record does not meet the standard of readability will be made by the Ministry, in its sole discretion, at the point of review. If any elements of the record that are required for an audit or inspection are determined to be unreadable, the record will not be valid and any claim associated with the record will be subject to full recovery.

Access to electronic records for audits and inspections

Per ss. 36, 38 and 39 of the PSA, electronic records must be accessible by inspectors upon request.

For a record to be deemed accessible, the application must be able to search and export digital records as described in the PharmaNet conformance standards (3.6.1, PNetTx9.2 and PNetTx9.4). If the POS system allows users to sort and/or filter digital records of paper/fax prescriptions and/or PharmaCare record types, the application must meet PharmaNet conformance standards PNetTx9.3. Should these requirements be amended in the future, the amended requirements must be met.

• PNetTx9.2 Searching Digital Records
• PNetTx9.3 Sorting and/or Filtering Digital Records
• PNetTx9.4 Exporting Digital Records

Failure to produce electronic records

If a claim is based on electronic records only and those records cannot be produced, the claim will be subject to full recovery.

Policy implementation

The Ministry cannot require a pharmacy’s POS system to have the functionality outlined in the standards before conformance testing is completed. The standards were released on September 30, 2021, but the conformance testing deadline is not yet established.

However, some vendors have developed some related capacities in response to the College’s 2018 changes to its bylaws under the HPA and PODSA permitting an electronic-only option for storage of prescriptions and other records. If that functionality can be used to manage digital records before the conformance testing, and the pharmacy can meet the other requirements of this policy, the pharmacy is not required to keep hardcopy records.

If the system cannot meet the requirements of this policy, a paper copy of the records in scope for this policy must be retained and available for the purposes of inspection or audit.

Forward-facing application of policy

This policy and its stipulations for electronic recordkeeping will only apply to pharmacy records from the policy’s implementation date (March 1, 2022). Records entered prior to implementation must meet previous standards; the new policy will not apply retrospectively.

List of records subject to the electronic recordkeeping policy

Note: Inspectors may review any form related to a PharmaCare claim; this list is only a sample.

1. Original prescriptions (except controlled prescription program prescriptions)
2. PharmaCare forms

• Frequent Dispensing Authorization (HLTH 5378) (PDF, 1174KB)
• BC Smoking Cessation Program Declaration and Notification (HLTH 5464) (PDF, 1071KB)
• Best Possible Medication History (BPMH) (Word, 282KB)
• Drug Therapy Problem (DTP) (Word, 227KB)
• Best Possible Medication History Worksheet (Word, 135KB)
• Travel Declaration (acquired through HIBC)
• Compound Costing Worksheet (HLTH 5425) (PDF, 521KB)
• Plan W OTC Recommendation (HLTH 4571) (PDF, 932KB)
• PharmaCare Claim (HLTH 5336)
• PharmaCare Prescription Invoice (HLTH 5335)

1. College of Pharmacist of BC (CPBC) Forms

• Pharmacist Prescription Adaptation Documentation and Notification Form (PDF, 82KB) or equivalent documentation

Note that the CPBC OAT Part-Fill Accountability Log is not included in the electronic recordkeeping policy at this time, as the hardcopy records of a prescription for drugs included in the controlled prescription program are also excluded from electronic recordkeeping.

The Pharmaceutical Services Act establishes the following with regard to recoveries:

• An amount is a non-entitled amount if the amount is paid by the Minister to a provider or an alternate payee, or a former provider or alternate payee, who, under the Pharmaceutical Services Act, is not entitled to the amount, including any amount paid
  • for a drug, device, substance or related service provided to a person who was not a beneficiary, at the time of the claim
  • for a drug, device, substance or related service that was not a benefit,
  • in respect of a claim for payment
    • for a benefit that was not provided, or
    • that is not supported by the records kept or produced under this Act,
  • after relying on a representation of fact that was untrue,
  • by mistake, or
  • if, in providing the benefit or making the claim, the person acts contrary to
    • the Pharmaceutical Service Act
    • the Health Professions Act
    • the Pharmacy Operations and Drug Scheduling Act
    • a prescribed enactment of British Columbia or Canada;
    • the regulations made, or a limiting condition imposed, under any of the above Acts. 
      
      ​Note: The above list includes the College of Pharmacists of BC bylaws, PharmaCare policies and procedures, and policy and procedural updates communicated in PharmaCare Newsletters, which the above Acts, enactments, regulations or limiting conditions require providers to follow.
      ​
• Without limiting any action the minister could take under section 46 [enforcement orders] of the Pharmaceutical Services Act, if the minister determines that a non-entitled amount was paid to a provider, the minister may require the provider to
  • repay the non-entitled amount,
  • pay a prescribed surcharge, and
  • pay interest on the amounts owing due to non-entitled amounts or prescribed surcharges.
• The total amount that a person is liable to pay under the section above is a debt due to the government and may be
  • deducted from any subsequent payment that may be made to the person under this Act, including under an agreement made under this Act, or
  • recovered in a court of competent jurisdiction.
• Where any amount is found to be owing by the Provider to the Province, the Province may require and the Provider shall repay, no later than thirty (30) days from the receipt of the demand, the amount owing.
• Without limiting other remedies available to the Province at law, if the Provider fails to make any repayment required under the section above, the amount owing may be deducted from any money owing by the Province to the Provider. The Province will collect the recovery by set-off (i.e. by deducting the recovery amount from a current or future payment) 30 days from the receipt of the amount owing.

Once a recovery amount is 30 days overdue it becomes subject to interest pursuant to the Financial Administration Act, Section 20: Interest on Overdue Accounts.

Selection of a provider for audit may be made by statistical analysis and comparison of claims data, random selection, direct selection, or other means.

The method of selection will be identified in the Audit Reports.

Providers are informed by formal notice of an audit, including a letter—by fax, hand delivery or courier—confirming the auditors as duly authorized inspectors pursuant to the Pharmaceutical Services Act.

An inspector when conducting an audit, may determine the results of an audit under the Pharmaceutical Services Act, in accordance with Ministerial Order number M066 dated March 11, 2015, including

• Utilizing “Probability Proportionate to Size Sampling” (also known as “Monetary Unit Sampling” or “Dollar Unit Sampling”) to select samples of claims for audit testing.
• Selecting samples of claims using recognized statistical sampling software and/or related methodologies to select the sample on a systematic basis where the probability of selection is proportional to the size of the claim.
• Where the inspector determines it to be appropriate, stratifying the Population into sub-populations (known as "strata") where 100 percent of the claims in the stratum, or a sample of claims in the stratum, may be selected and examined.
• Selecting samples of claims with the objective of generating an estimate of the overpayment amount with a 90 percent confidence level.
• Preparing an estimate of overpayments in the population by calculating the average exception rate of all claims in the sample and extrapolating by applying the exception rate to the dollar value of the pharmacy's claims population. If the population is examined in two or more strata, separate exception rates are calculated from each stratum's sample and applied to each stratum's sub-population.

The PharmaCare Audit inspectors prepare a Draft Audit Report for all audits they perform.

The Draft Audit Report identifies the

• preliminary results of the audit and the methodologies used to determine the results.
• total of the claim amounts submitted by the pharmacy during the Audit Period for claims that were not in compliance with the Pharmaceutical Services Act and the methodology used to calculate this amount.

Providers have 30 days to respond to Draft Audit Reports by providing any further records, information or documentation that can confirm the audited claims were in compliance with the Pharmaceutical Services Act.

Provider responses to Draft Audit Reports are reviewed by the PharmaCare Audit inspectors and are considered prior to preparing the Audit Report.

The results of the audit set out in the Audit Report are provided to the person subject to the Audit.

In the event of a recovery of non-entitled amounts, the covering letter of the Audit Report outlines the repayment options.

Repayment is pursued in the manner established in the Pharmaceutical Services Act.

Results of audits may be referred to the College of Pharmacists of BC or other regulatory bodies, if appropriate.

The Confirmation Letter Program is used to randomly or selectively confirm PharmaCare claims information with patients or physicians.

Random confirmation letters

PharmaCare Audit mails a confirmation letter to a random sample of patients selected from a random sample of pharmacies.

The letter requests confirmation that the patient has received the medications or services that PharmaCare claims data identifies as having been dispensed to the patient in the previous months (refer to the sample confirmation letter below).

Results from returned confirmation letters are compiled and anomalies reported by patients (e.g., medications a patient indicates were not received) are investigated.

Select confirmation letters

Select confirmation letters may be used to support provider audits at the discretion of PharmaCare Audit.

Letters may be mailed to physicians or patients to verify PharmaCare claims information.

Results from returned confirmation letters are compiled and included in the audit file.