When Ohio providers hear “review” or “audit,” one of the first questions is almost always about policies and procedures.
Do we have them?
Are they current?
Are they enough?
The truth is, the Ohio Department of Medicaid isn’t just checking whether policies exist. During reviews, ODM looks at how policies are written, how they align with operations, and whether staff actually follow them.
Understanding what ODM really looks for—and where providers often fall short—can make the difference between a smooth review and costly findings.
Why Policies & Procedures Matter in ODM Reviews
From ODM’s perspective, policies and procedures are not paperwork—they are risk controls.
They answer four key questions:
- Does the provider understand Medicaid requirements?
- Has the provider defined how compliance happens day to day?
- Are expectations clear to staff?
- Can the provider consistently deliver and document services correctly?
If policies don’t clearly support those goals, they won’t hold up under review.
What ODM Is Actually Evaluating
- Policies Must Match Current Practice
One of the most common review findings isn’t “missing policies”—it’s policies that don’t reflect reality.
Examples ODM flags:
- Policies describe workflows the organization no longer uses
- Procedures reference outdated systems or forms
- EVV processes described on paper don’t match what staff actually do
If staff behavior contradicts written policy, ODM assumes the policy is ineffective—or meaningless.
- Policies Must Align With Medicaid Rules
ODM reviewers compare policies against:
- Ohio Administrative Code requirements
- Medicaid waiver conditions
- EVV rules
- Billing and documentation standards
If your policy allows something Medicaid does not, that policy becomes a liability.
Common problem areas:
- Billing timelines
- Documentation standards
- EVV exception handling
- Authorization verification
Policies must reflect current Ohio Medicaid requirements, not “how we’ve always done it.”
- Procedures Must Be Specific—Not Generic
Generic, one-size-fits-all policy templates are easy to spot.
ODM looks for procedures that clearly answer:
- Who is responsible?
- When does this happen?
- How is it done?
- What happens if it isn’t done correctly?
For example, a strong billing procedure explains:
- Who verifies authorizations
- When EVV is reviewed
- What happens before claims are submitted
- How denials are tracked and corrected
Vague language like “as appropriate” or “when necessary” raises red flags.
- EVV Policies Are Now High-Priority
With EVV acting as a payment gatekeeper, ODM pays close attention to EVV-related policies.
Reviewers often check whether policies clearly explain:
- How visits are captured
- How EVV exceptions are identified
- Who resolves exceptions
- When EVV data is validated before billing
- How EVV data is retained
If EVV policies are thin or outdated, reviewers assume EVV compliance is inconsistent.
- Documentation Standards Must Be Clear
ODM expects documentation policies to clearly define:
- What must be documented
- Required elements in service notes
- Timeframes for documentation
- Signature requirements
- Correction and amendment rules
If documentation expectations aren’t spelled out, ODM assumes documentation quality will vary—and that creates compliance risk.
- Policies Must Support Audit Readiness
ODM reviews often involve record requests. Policies should support:
- Record retention timelines
- Secure storage
- Timely retrieval
- Staff responsibility during audits or reviews
If records are hard to find, inconsistent, or incomplete, reviewers may question whether controls exist at all.
- Staff Must Be Trained on Policies
Having policies no one understands is the same as not having them.
ODM reviewers may:
- Ask staff questions about procedures
- Request training records
- Look for evidence that policies are communicated and reinforced
If staff responses don’t align with written policies, that disconnect becomes a finding.
Common Policy & Procedure Mistakes ODM Finds
Providers often run into trouble because:
- Policies haven’t been updated in years
- Policies were copied from templates without customization
- EVV policies don’t reflect enforcement changes
- Billing and compliance procedures are undocumented
- Policies exist but staff were never trained on them
These issues don’t usually stem from bad intent—they come from growth, turnover, and outdated systems.
How to Strengthen Policies Before a Review
Strong providers treat policies as living operational tools, not static binders.
Practical best practices include:
- Reviewing policies annually (or when rules change)
- Updating procedures when systems or workflows change
- Cross-checking policies against real workflows
- Training staff whenever policies are revised
- Conducting mock reviews to test alignment
Policies should make it easier to do the right thing—not harder.
The Bottom Line
During ODM reviews, policies and procedures are evaluated as evidence of control, consistency, and accountability.
ODM isn’t looking for perfect language or fancy binders. They’re looking for:
- Clear expectations
- Alignment with Medicaid rules
- Consistent execution
- Documentation that supports what’s billed
If policies match practice—and practice matches Medicaid requirements—reviews go much more smoothly.
How Capstone Helps
Capstone Business Solutions helps Ohio providers:
- Review and update policies and procedures
- Align written policies with real-world operations
- Strengthen EVV, billing, and documentation controls
- Prepare for ODM reviews and audits with confidence
If your policies haven’t been revisited recently, they may be doing more harm than good.