Upload
kale-hendon
View
214
Download
0
Tags:
Embed Size (px)
Citation preview
Copyright © 2011. Balch & Bingham LLP.
All rights reserved
Compliance, Disclosures and Enforcement: déjà vu All over
Again
3rd Annual Mississippi Hospital Association Health Law Conference
Madison, MississippiApril 6, 2011
Dinetia M. [email protected]
Copyright © 2010. Balch & Bingham LLP. All rights reserved2
Topics Covered
Voluntary v. Mandatory Compliance Programs What to Do? Where to Start? Compliance – The Four-legged Stool Regulatory Agencies Focus on Four Risk Areas Recipe for Compliance Program Effectiveness Self-Assessment – Strategies Organizational and Operational Best Practices
Copyright © 2010. Balch & Bingham LLP. All rights reserved3
Voluntary v. Mandatory Compliance Programs
Copyright © 2010. Balch & Bingham LLP. All rights reserved4
Voluntary Compliance Program
“The OIG believes that a basic framework for any voluntary compliance program begins with a review of the seven basic components of an effective compliance program. A review of these components provides [providers and suppliers] with an overview of the scope of a fully developed and implemented compliance program. The following list of components, as set forth in previous OIG compliance program guidances, can form the basis of a voluntary compliance program for a [provider or supplier]…”
» 65 Fed. Reg. 59,436 (October 5, 2000)
Copyright © 2010. Balch & Bingham LLP. All rights reserved5
Voluntary Compliance Program
OIG Compliance Program Guidance for Hospitals (2/23/1998)
Conducting internal monitoring and auditing Implementing compliance and practice standards Designating a compliance officer or contact Conducting appropriate training and education Responding appropriately to detected offenses
and developing corrective action Developing open lines of communication; and Enforcing disciplinary standards through well-
publicized guidelines
Copyright © 2010. Balch & Bingham LLP. All rights reserved6
Voluntary Compliance Program
OIG Supplemental Compliance Program Guidance for Hospitals (1/31/05) Focuses on application of compliance program guidance in connection with OIG-perceived
risk areas Fraud and abuse risk areas
Submission of accurate claims and information Self-referral issues (Stark law and Federal Anti-Kickback statute issues) Emergency Medical Treatment and Labor Act Payments to reduce or limit services: gainsharing arrangements Substandard care Relationships with Federal health care beneficiaries Discounts to uninsured patients Preventive Care Services Profession Courtesy
OIG focus directed to effective hospital compliance programs involving hospital’s governing body and management’s commitment, structures and process to create effective internal controls and regular self-assessment and enhancement of the existing compliance program
Evidence of and effective compliance program includes self-reporting of misconduct following discovery of credible evidence from any source and following a reasonable enquiry
Note:OIG mentioned as early as 2005 60 days as being reasonable to report misconduct.
Copyright © 2010. Balch & Bingham LLP. All rights reserved7
OIG’s PPACA Mandate
Keynote Address Delivered by Daniel R. Levinson, Inspector General of DHHS, at the HCCA Annual Compliance Institute (April 19, 2010):
PPACA program integrity provisions include authorities and requirements to:
strengthen provider and supplier enrollment standards and enhance screening;
address certain misalignments between Medicare and Medicaid reimbursements and market prices and create new links between payment and quality;
promote compliance with program requirements, including by requiring providers to implement compliance programs;
enhance program oversight, including by requiring greater reporting and transparency and by improving data access and coordination among government agencies; and strengthen the Government’s response to health care fraud and abuse through new enforcement authorities and tools.
Copyright © 2010. Balch & Bingham LLP. All rights reserved8
PPACA Includes Mandatory Compliance Requirements
Mandatory Compliance Program for All Providers Condition of enrollment in the Medicare program that classes of
providers and suppliers implement compliance programs Secretary discretion to dictate timelines for implementation, types of
providers and suppliers required to adopt compliance programs Secretary to develop core elements for each class of provider or
supplier required to adopt programs September 23, 2010 – CMS requested comments from providers and
suppliers on using as core measures the seven elements from Chap. 8 – Federal Sentencing Guidelines Manual
Note: Medicare Advantage plans were required to have an “effective” compliance “program” as of January 1, 2011. PPACA sets March 23, 2012 as date for HHS’s issuance of compliance program requirements for nursing homes.
Copyright © 2010. Balch & Bingham LLP. All rights reserved9
What to Do? Where to Start?
Copyright © 2010. Balch & Bingham LLP. All rights reserved10
Start where you are with what you have!
Copyright © 2010. Balch & Bingham LLP. All rights reserved11
Compliance as a Four-Legged Stool
4 Major Risk Areas for Hospitals Referral relationships
Billing and coding governmental and commercial payors
Privacy and security of patient information
Quality Issues
Copyright © 2010. Balch & Bingham LLP. All rights reserved12
Government Advice and Enforcementin Risk Areas
Copyright © 2010. Balch & Bingham LLP. All rights reserved13
Government Advice and Enforcement – Referral Relationships
OIG Training & Publications OIG Health Care Fraud Prevention and
Enforcement Action Team: Provider Compliance Training – http://compliance.oig.hhs.gov/
Physician Education Training Manuals – www.oig.hhs.gov/fraud/PhysicianEducation/
OIG Compliance Resource Material – http:www.oig.hhs.gov/fraud/complianceresources.asp
Copyright © 2010. Balch & Bingham LLP. All rights reserved14
Government Advice and Enforcement – Referral Relationships
Copyright © 2010. Balch & Bingham LLP. All rights reserved15
Government Advice and Enforcement – Referral Relationships
Copyright © 2010. Balch & Bingham LLP. All rights reserved16
Government Advice and Enforcement – Referral Relationships
Copyright © 2010. Balch & Bingham LLP. All rights reserved17
Government Advice and Enforcement – Referral Relationships
Enforcement United States ex rel. Drakeford v. Tuomey Healthcare System, Inc. – Allegations
of Anti-kickback/Stark/False Claims Act Violations Tuomey Hospital, Sumter, S.C. Surgeons employed part-time for Outpatient Surgery Center Justice Department alleged compensation exceeded fair market value Hospitals obtained 2 valuation analyses and relied on opinions During trial, hospital placed attorney/client privileged communications in
record (reliance on advice of counsel) Jury awarded $49.4 Million for Stark violations, dismissed FCA claim June 3, 2010 – District Court granted motion for new trial on FCA claims
Based on ruling that certain government evidence was earlier excluded According to government statements, FCA trial’s focus will be on hospital’s
knowledge of whether employment agreements violated Stark law
Copyright © 2010. Balch & Bingham LLP. All rights reserved18
Government Advice and Enforcement – Referral Relationships
Enforcement United States ex rel. Singh v. Bradford Regional Medical Center,
et al Bradford Regional Medical Center, Bradford, PA Lease of nuclear camera by hospital from physician group –
competitor physician group filed qui tam lawsuit alleging Stark law violation (did not meet exception), Anti-kickback violation (false certification) and False Claims violations
Government did not intervene Court could not determine intent for FCA and A/K purposes;
but, lease did not satisfy any Stark exception Issues: whether compensation meets fmv definition even if
written valuation report is obtained (lease plus covenant not to compete compensation); whether fixed compensation can “take into account” volume/value of physician referrals; when is there a failure to be “set out in writing”
Copyright © 2010. Balch & Bingham LLP. All rights reserved19
Government Advice and Enforcement – Referral Relationships
OIG Provider Self-Disclosure Protocol (Anti-kickback) October 30, 1998 Allows provider community to voluntarily disclose self-discovered evidence of
potential fraud with purpose of avoiding cost and/or length and disruption of government investigation
Opportunities for reduced penalties
CMS Voluntary Self-Referral Disclosure Protocol (Stark) September 23, 2010 – mandated by Section 6409 of PPACA Allows suspension of 60 day repayment timeframe for overpayments Does not provide bifurcated disclosure process - traditional route for complex
disclosures and a fast track with set dollar repayment obligations for certain more procedural violations
Not widely embraced – but 55 disclosures in pipeline (Troy Barsky, CMS)
Copyright © 2010. Balch & Bingham LLP. All rights reserved20
Billing and Coding - Governmental and Commercial Payers
CMS Audits:
RACs - errors CERT – Comprehensive Error Rate Testing - errors PSCs – Program Safeguard Contractors - fraud ZPICs – Zone Program Integrity Contractors – fraud
Enrollment
Medicaid Audit MICs – Medicaid Integrity Contractors - fraud Medicaid Fraud Control Unit - fraud PERM - errors
Copyright © 2010. Balch & Bingham LLP. All rights reserved21
Billing and Coding - Governmental and Commercial Payers
Copyright © 2010. Balch & Bingham LLP. All rights reserved22
Billing and Coding - Governmental and Commercial Payers
Copyright © 2010. Balch & Bingham LLP. All rights reserved23
Privacy and Security of Patient Information
HHS/OCR Rulemaking
HIPAA—August 1996
Privacy Rule—April 2003
Security Rule—April 2005
Enforcement Rule—March 2006
American Reinvestment and Recovery Act (“ARRA”)—February 17, 2009
Health Information Technology for Economic and Clinical Health Act (“HITECH”)—ARRA Division A, Title XIII – Health Information Technology, § 13001 et seq
Copyright © 2010. Balch & Bingham LLP. All rights reserved24
Privacy and Security of Patient Information
HHS/OCR Enforcement – Cignet Health of Prince George’s County, Maryland
Family physician practice group with four locations and health insurance plan
Nature of breach
Failure to provide 41 individuals timely access to medical record copies
Failure to cooperate with HHS in OCR’s investigation of patient complaints
Failure to correct violations within 30 days of when Cignet knew or with exercise of reasonable diligence would have know of violations
Penalties Imposed
$100 per day (13,516 days) for failure to provide medical records to patients (total $1.3 million)
$50,000 per day (7,478 days) for failure to cooperate with HHS/OCR (total $3 million)
Copyright © 2010. Balch & Bingham LLP. All rights reserved25
Privacy and Security of Patient Information
General Hospital Corporation & Massachusetts General Physicians Organization, Inc. (Mass General) Nature of Breach
Patients’ charts removed from Mass General’s Infectious Disease Associates outpatient practice and inadvertently left on subway train
Documents included billing and encounter forms with name, date of birth, medical record number, health insurer and policy number, diagnosis and name of provider
Also included daily office schedules with names and medical record numbers of 192 patients (including patients with HIV/Aids)
Settlement Terms Immediate payment of $1 million dollars 3 year Corrective Action Plan requiring policy and procedure
development regarding physical removal and transportation of documents containing PHI, encryption of laptops and USB drives, processes to distribute and update policies and procedures, workforce training, designation of monitor for assembling annual report to HHS
Copyright © 2010. Balch & Bingham LLP. All rights reserved26
Quality Issues – Reports - Roundtables
Copyright © 2010. Balch & Bingham LLP. All rights reserved27
QUALITY ISSUES – GOVERNING BODY
Copyright © 2010. Balch & Bingham LLP. All rights reserved28
Quality Issues – CMS Enforcement
Hospital Inpatient Quality Reporting Program (IQR) (formerly Reporting Hospital Quality Data for Annual Payment Update – RHQDAPU) Reporting of annual quality measures or 20% reduction in annual market
basket update
FY 2017 – Dollars Potentially at Risk - Base DRG payments – 6% Hospital-acquired conditions – 1% starting FY 2015
Readmission – 1% - 3% - phased in over three years starting in FY 2013
Value-Based Purchasing – 1% - 2% reduction starting in FY 2013 (phased in over four years with the opportunity to recoup full amount plus)
Copyright © 2010. Balch & Bingham LLP. All rights reserved29
Recipe for Compliance Program Effectiveness: Governmental Requirements, Audits, Expectations
and Enforcement
Copyright © 2010. Balch & Bingham LLP. All rights reserved30
Recent Governmental Compliance Program
Requirements/Enforcement
Medicare Advantage and Part D Plans Effective 1/1/2011, MA and Part D plans must adopt
and implement an effective compliance program
Program must Prevent, detect, and correct noncompliance with CMS
program requirements
Contain measures that prevent, detect, and correct fraud, waste, and abuse
Contain the 7 core elements of a compliance program
Compliance Officer and Compliance Committee must Report to CEO or other senior management
Report periodically to governing body
Copyright © 2010. Balch & Bingham LLP. All rights reserved31
Recent Governmental Compliance Program
Requirements/Enforcement
Nursing Facilities PPACA requires HHS Secretary to adopt regulations
requiring nursing facilities to implement compliance programs
By March 23, 2012, HHS must promulgate regulations requiring nursing facilities to implement effective compliance programs
The regulations
May include a model compliance program
Must allow for compliance program variations based on organization size (higher standards for organizations with 5 or more facilities)
Copyright © 2010. Balch & Bingham LLP. All rights reserved32
Compliance Program Effectiveness
Copyright © 2010. Balch & Bingham LLP. All rights reserved33
Compliance Program Effectiveness:Where to Start?
Focus on key regulatory obligations Identify specific hospital risk area by looking at hospital
deficiencies; regulators’ lists of key deficiencies; PEPPER reports; OIG Work Plan; OIG list of enforcements
Look at control structure, process, outcomes Consider involvement of governing body and “C” level
executives Identify way to measure performance: metrics, system to
add/deduct points for meeting 7 required elements or lack of structure, processes, regulatory notices, fines, sanctions
Copyright © 2010. Balch & Bingham LLP. All rights reserved34
Compliance Program Effectiveness: Self-Assessment Tool - CMS
Centers for Medicare & Medicaid Services Self-Assessment Tool - modeled after tools developed by New
York State Office of Medicaid Inspector General (OMIG) and HCCA
CMS considering using tool prior to audit to gather information and to aid audit efforts
What is it? Checklist to evaluate program design, to identify
strengths/weaknesses
Tool to identify key components
Not regulatory guidance or list of compliance program requirements
Copyright © 2010. Balch & Bingham LLP. All rights reserved35
Compliance Program Effectiveness: Self-Assessment Tool – New York – OIG
Medicaid
Copyright © 2010. Balch & Bingham LLP. All rights reserved36
Compliance Program Effectiveness: Self-Assessment Tool – CMS
Copyright © 2010. Balch & Bingham LLP. All rights reserved37
Compliance Program Effectiveness: Self-Assessment Tool – CMS
Copyright © 2010. Balch & Bingham LLP. All rights reserved38
Compliance Program Effectiveness: Self-Assessment Tool
Example from Balch & Bingham Compliance Assessment Tool
Source1Policies (Including date last
reviewed) Processes/ Controls Performance Measurement
A. Written Policies and Procedures
1. Formal commitment by governing body to adopt all applicable elements of the OIG Compliance guidelines
63-42412; 64-54033
2. Standards of Conduct address the organization's commitment to compliance and expectations for employees and others covered by the Code. Code is comprehensible and distributed to all employees. Code is regularly updated.
63-42412; 64-54034
3 Special Risk Areas -- Home Healtha. Documentation of patient medical condition, need for home health services and supplies, and the actual provision of such services and supplies in the patient's medical record
63-42415
b. Patient eligibility for home health services(1) Patients meet the definition of "homebound" and homebound status is certified by the patient's physician
GAO 2/ 09 at 14; OIG FA 8/ 95; 63-41415; OIG 6/ 04 at 4
(2) Patients have a need for intermittent skilled nursing services or physical or speech therapy service (not available from a family member of other source)
OIG FA 8/ 95; 63-41415; OIG 6/ 04 at 4
(3) Services are received pursuant to a physician-approved plan of care
63-41416; OIG 6/ 04 at 5
Copyright © 2010. Balch & Bingham LLP. All rights reserved39
Compliance Program Effectiveness: CMS’s Tips for Gauging Non-Effective
Compliance Program According to CMS*, indicators that a compliance program may NOT be
effective include: The compliance officer does not report directly to the board or the chief
executive officer of the provider or supplier. The provider or supplier has no compliance committee. The compliance program does not include confidential or anonymous reporting
of compliance issues. Employees are afraid to communicate any compliance issues “up the chain” of
command. Audits are infrequent and management disregards data obtained through
monitoring efforts. While the provider or supplier responds to incidents, it does not put in place
systemic corrections. Employees who report complaints or other compliance issues receive no or
negative recognition. Discipline is inadequate and inconsistent. Allegations are not affectively investigated.
In summary, the provider or supplier cannot evidence any systemic efforts to build a strong ethical culture.
*American Health Lawyers Association Practice Group Brown Bag Luncheon- February 11, 2011
Copyright © 2010. Balch & Bingham LLP. All rights reserved40
QUESTIONS?
Copyright © 2010. Balch & Bingham LLP. All rights reserved41
Thank YouBalch & Bingham LLP
401 East Capitol Street, Suite 200
Jackson, MS 39201www.balch.com
Dinetia M. Newman
601-956-8169