Corporate Compliance Program Updates
National Association of State Veterans
Homes
March 2015
Presented by: Eileen Denzel RHIA, CCS
Director of Compliance/Privacy Officer
Long Island State Veterans Home
Stony Brook, New York
Eileen.Denzel@LISVH.Org
(631) 444-8646
Celebrate Corporate Compliance & Ethics
Week November 1-7, 2015
Many organizations use the week as an
opportunity to raise awareness about
compliance and ethics and engage employees
about these difficult yet vitally important
topics. Others use the week to rollout a new
compliance training program or hold its
annual compliance training activities.
Celebrate Corporate Compliance & Ethics Week the
first full week of November in 2015. To better align
the timing of Corporate Compliance & Ethics Week
with the implementation of the Federal Sentencing
Guidelines (Nov. 1, 2004), it will now be held during
the first full week in November every year
Identified Compliance
Program
Best Practices
Element (1) Written policies and procedures:
1. Publication of code of conduct and/or
compliance plan document on the provider’s
intranet and/or public Web site.
1. Language in the compliance plan outlines the
benefits of a corporate compliance program as
a way to obtain buy‐in from the provider’s
constituency.
Element (2) Designate an employee vested with
responsibility:
1. The compliance officer reports directly to the
governing board, with dotted line responsibility to a
member of senior management.
2. The chief executive officer receives regular reports
from the compliance officer if the compliance officer
does not report directly to the CEO.
Element (3) Training and Education:
1. Use of an electronic training and education system that
tracks mandatory compliance education of employees
via an electronic system which:
a. is customized to the organization;
b. sends an individualized e‐mail to employees to
announce upcoming required and elective training;
and
c. tracks each employee’s required compliance training
and educational needs.
2. Results of online compliance education quiz scores are
analyzed and tracked to identify areas of weakness for
both the education program and for those being
trained.
Element (3) Training and Education:
3. Additional training and education is provided
based on this analysis. Results of the online
post‐test quizzes are utilized to identify risk areas
and assess the need for internal monitoring and
auditing.
4. The compliance training and educational materials
are tailored to the needs of differing organizational
levels as well as the educational backgrounds of all
employees.
5. The compliance manual/code of
distributed annually and upon hire.
conduct
is
Element (4) Communication lines to the
responsible compliance position:
1. The compliance program operates in an
environment of transparency throughout
the
organization
and
includes
communication
lines
among
the
president/director, senior management, and
employees.
2. Human
resource
department’s
exit
interviews of employees include specific
compliance‐related questions that are fed
back to the compliance function.
Element (5) Disciplinary policies to encourage good faith
participation:
1. Employee performance evaluations incorporate
compliance as one indicator of performance, as well
as an employee’s adherence to applicable laws,
regulations, and policies.
Element (6) A system for routine identification of
compliance risk areas:
1. The Compliance Program uses a comprehensive
self‐assessment tool to plan and develop an annual
compliance work plan.
Element (6) A system for routine identification of
compliance risk areas:
2. A compliance dashboard centralizes information to
track and provide reports on compliance activities.
3. Internal monitoring and auditing systems are used
throughout the agency as evidenced by:
a. Teams of cross‐trained peer reviewers, who
conduct quarterly case record reviews in each
program area to ensure that documentation complies
with established requirements and to ensure quality
of service provided. This review is conducted as part
of a quality improvement program.
b. A pre‐claim review process is used prior to
submission of claims to address billing and coding
errors and weaknesses.
Element (6) A system for routine identification of
compliance risk areas:
4. Identified risk areas are tracked month to month,
analyzed, and trended to monitor the identified risk
area activity. The data is shared with committee
members and the governing board with the goal of
improving the number of identified risk areas,
processes, and outcomes.
5. Individualized sampling of medical records is
conducted to assess the accuracy of ordered services
and whether the services were actually rendered.
Element (7) A system for responding to compliance
issues:
1. Review OMIG’s, OIG’s and CMS’ Web sites for
regulatory work plans and alerts associated with
specific areas of focus, assess organizational risk
in those areas and develop appropriate action
plans to address the risk or weakness.
Element (8) A policy of non‐intimidation and
non‐retaliation:
1. Exit interviews with employees include an
interview with the Compliance Officer who
inquires about cases of intimidation or
retaliation related to the employee who is
departing service and;
related to what the departing employee may
have observed while employed.
Compliance Meeting Agenda Items










Sanction Screening
Gifts
Helpline Calls
Departmental Auditing Monitoring
External Audits
OIG/ OMIG Work Plan Items
Compliance News
HIPAA
Consultant Update
Compliance Activities in the Industry
Program Integrity and Quality of Care–An
Overview for Nursing Home Providers
Content Summary
This booklet is written for nursing home providers and
contains information on the definitions for fraud, waste, and
abuse, and common types of fraud in the nursing home
environment. This booklet also discusses improper payments
and government anti-fraud efforts.
After addressing common program integrity issues, the
booklet covers quality of care in the nursing home, such as
quality of life, resident rights, and resident freedom from
fraud and abuse. The booklet concludes with information on
how to report concerns and problems in the nursing home.
http://www.cms.gov/Medicare-MedicaidCoordination/Fraud-Prevention/Medicaid-IntegrityEducation/Downloads/nursinghome-provider-booklet.pdf
HEAT Provider Compliance Training
Videos
Videos and Audio Podcasts
This page contains videos and audio podcasts
that are part of the award-winning Health
Care Fraud Prevention and Enforcement
Action Team (HEAT) Provider Compliance
Training initiative. These are educational
presentations designed to help prevent fraud,
waste, and abuse.
https://oig.hhs.gov/newsroom/video/2011/heat_modules.asp
OIG Wants Medicare to Probe
EHR Audit Logs for Fraud
A particular OIG concern is how CMS contractors
address fraud vulnerabilities directly related to Medicare
health claims. OIG notes that audit logs can be used to
analyze historical patterns that can identify data
inconsistencies. To provide the most benefit in fraud
protection, audit logs should always be operational, be
stored as long as clinical records, and never be altered.
OIG goes further in noting that few integrity contractors
analyze audit logs as part of medical review.
EHR Audit Logs
OIG recommends that CMS direct its contractors to review
providers’ audit logs. As OIG pointed out, “experts in
health information technology caution that HER
technology can make it easier to commit fraud.” For
instance, the copy paste feature allows users to replicate
information in one source and transfer the information to
another source. Overuse or inappropriate use of
copy-paste could produce inaccurate information and
facilitate fraudulent claims. In addition, some EHRs
provide templates that auto-populate fields by a single
click, resulting in extensive documentation. As OIG notes,
the use of audit logs may reveal such data inconsistencies
and“provide the most benefit in fraud detection.”
EHR Audit Logs
What an Audit Trail Reveals:
An audit log is a record of how information is entered,
revised, or deleted in an EHR.
identify the patient;
identify the EHR user;
identify the type of action, such as printing or copying
data, submitting data queries, or entering, revising, or
deleting data; and
identify the patient data being accessed.
LISVH
COMPLIANCE ASSURANCE
HOTLINE
If you have a compliance question or
concern …
Call the
CONFIDENTIAL
Compliance Hotline at
631-689-2179
Or Contact Eileen Denzel,
Compliance Officer,
444-8646
Eileen.denzel@lisvh.org
CDC Website for LTC
Website launched January 23, 2014 Focuses on
Infection Control prevention in Long term care facilities
CDC Infection Prevention website for long term care
http://www.cdc.gov/longtermcare/
Email list for PEPPER
www.pepperresources.com
Medicare Update Info
http://www.cms.gov/mlnmattersarticles
OCTOBER 2015 ICD-10 COMPLIANCE DATE
http://www.cms.gov/Medicare/Coding/ICD10/ProviderResour
ces.html
CMS Releases Two New ICD-10 Videos
The Centers for Medicare & Medicaid Services (CMS) has
released two animated shorts that explain key ICD-10
concepts.
Less than 4 minutes each, the videos are available at:
cms.gov/ICD-10
Introduction to ICD-10 Coding gives an overview of ICD10’s features and explains the benefits of the new code set
to patients and to the health care community.
ICD-10 Coding and Diabetes uses diabetes as an example
to show how the code set captures important clinical
details.
Keep
Up
to
Date
on
ICD-10
Visit the CMS ICD-10 website for the latest news and
resources to help you prepare.
CMS Issues Official ICD-10-CM Guidelines
http://www.cdc.gov/nchs/data/icd/icd10cm_gui
delines_2015.pdf
These guidelines should be used as a
companion document to the official version of
the ICD-10-CM as published on the NCHS
website.
Disposal of PHI
• All PHI must be disposed of
properly in a GRAY
confidential bin.
– Examples of PHI include resident name,
resident photo, diagnosis, room #, account and
medical record #, address, phone number, birth
date, social security #.
– Examples include phone messages, pharmacy
and medical record labels, faxes, statements and
reports.
• If your bin requires service,
please call Environmental
Services at x790.
HIPAA Updates
New rule protects patient privacy, secures health
information Enhanced standards improve privacy
protections and security safeguards for consumer
health data .
The U.S. Department of Health and Human
Services (HHS) moved forward to strengthen the
privacy and security protections for health
information established under the Health
Insurance Portability and Accountability Act of
1996 (HIPAA).
Notice of Privacy Practices (NPP)-update
Business Associate Agreements (BAA)-update
Notice of Privacy Practices Updates:
A statement that the following uses and disclosures
will be made only with authorization from
the
individual:
• uses and disclosures for marketing purposes;
• uses and disclosures that constitute the sale of
PHI;
• most uses and disclosures of psychotherapy
notes (if the covered entity maintains
psychotherapy notes); and
• other uses and disclosures not described in the
notice
A statement regarding an individual’s right to notice
in the event of a breach.
Notice of Privacy Practices Updates:
Notice of the right to opt out of fundraising communications
(if the covered entity conducts fundraising) .
Health care providers must include in their notice of privacy
practices a statement about an individual’s right to restrict
disclosures of protected health information to health plans if
an individual has paid for services out of pocket in full.
All covered entities must revise their notice of privacy
practices by September 23, 2013. The revisions constitute a
material modification to the notice, and therefore the revised
notice must be made available to individuals as follows:
Notice of Privacy Practices Updates:
Health care providers: The revised notice must
be available to existing patients upon request,
and must be posted both to the provider’s
website (if they have a website) and in a
prominent location on the premises. New
patients must be provided with a copy of the
revised notice.
Business Associates Updates:
Business Associates (BA) are now defined to
include a broader array of contractors that store
and touch PHI — including, for example,
document storage companies and other
contractors that “maintain” PHI, even if they do
not actually view the information in their
possession.
Business Associates Updates:
For BA agreements you already had in place as of Jan.
25, 2013, you have until Sept. 22, 2014, to bring them
into compliance with the 2013 HIPAA omnibus rules.
Remember, if you amend an existing BA agreement after
Jan. 25, 2013, the amended version must be in
compliance with the 2013 HIPAA omnibus rules.
The rules also extended liability under the HIPAA
privacy and security rules to BAs as well as to their
subcontractors.
QAPI
QAPI is a data-driven, proactive approach to
improving the quality of life, care, and services
in nursing homes. The activities of QAPI
involve members at all levels of the organization
to: identify opportunities for improvement;
address gaps in systems or processes; develop
and implement an improvement or corrective
plan; and continuously monitor effectiveness of
interventions.
QAPI Update
A Process Tool Framework has been created to
crosswalk each CMS Process Tool to the QAPI
Five Elements. This framework includes a
description of the purpose or goal for each tool
that is hyperlinked within the framework.
http://www.cms.gov/Medicare/Provider-Enrollmentand-Certification/QAPI/NHQAPI.html
http://www.cms.gov/Medicare/Provider-Enrollmentand-Certification/QAPI/qapitools.html
Office of Inspector General
Work Plan
Fiscal Year 2015
http://oig.hhs.gov/reports-andpublications/archives/workplan/2015/FY15-Work-Plan.pdf
Medicare Part A billing by skilled nursing facilities:
We will describe changes in SNF billing practices from
FYs 2011 to 2013. Prior OIG work found that
SNFs increasingly billed for the highest level of therapy
even though beneficiary characteristics remained largely
unchanged. OIG also found that SNFs billed one-quarter
of all 2009 claims in error; this erroneous billing resulted
in $1.5 billion in inappropriate Medicare payments.
CMS has made substantial changes to how SNFs bill for
services for Medicare Part A stays. (OEI; 02-13-00610;
various reviews; expected issue date: FY 2015)
Office of Inspector General
Work Plan
Fiscal Year 2015
Questionable billing patterns for Part B services during
nursing home stays:
We will identify questionable billing patterns associated with
nursing homes and Medicare providers for Part B services
provided to nursing home residents during stays not paid
under Part A (for example, stays during which benefits are
exhausted or the 3-day prior-inpatient-stay requirement is not
met). A series of studies will examine several broad categories
of services, such as foot care. Congress directed OIG to
monitor Part B billing for abuse during non-Part A stays to
ensure that no excessive services are provided. (OEI; 06-1400160; various reviews; expected issue date: FY 2015)
HHS OIG Work Plan | FY 2015 Medicare Program
Office of Inspector General
Work Plan
Fiscal Year 2015
State agency verification of deficiency corrections:
We will determine whether State survey agencies verified
correction plans for deficiencies identified during nursing home
recertification surveys. A prior OIG review found that one State
survey agency did not always verify that nursing homes corrected
deficiencies identified during surveys in accordance with Federal
requirements. Federal regulations require nursing homes to submit
correction plans to the State survey agency or CMS for
deficiencies identified during surveys. (42 CFR § 488.402(d).)
CMS requires State survey agencies to verify the correction of
identified deficiencies through onsite reviews or by obtaining
other evidence of correction. (State Operations Manual, Pub. No.
100-07, § 7300.3.) various reviews; expected issue date: FY 2015)
Office of Inspector General
Work Plan
Fiscal Year 2015
Program for national background checks for long-term-care
employees:
We will review the procedures implemented by participating
States for long-term-care facilities or providers to conduct
background checks on prospective employees and providers
who would have direct access to patients and determine the
costs of conducting background checks. We will determine the
outcomes of the States' programs and determine whether the
programs led to any unintended consequences.
Office of Inspector General
Work Plan
Fiscal Year 2015
Section 6201 of the Patient Protection and Affordable
Care Act (ACA) requires the Secretary of Health and
Human Services to carry out a nationwide program for
States to conduct national and State background checks
for prospective direct patient access employees of
nursing facilities and other long-term-care providers.
Office of Inspector General
Work Plan
Fiscal Year 2015
The program is administered by CMS. To carry out the
nationwide program, CMS has issued solicitations for grant
awards. All States, the District of Columbia, and U.S.
territories are eligible to be considered for a grant award. OIG
is required under the ACA to submit a report to Congress
evaluating this program. This mandated work is ongoing and
will be issued at the program's conclusion, as required. (ACA,
§ 6401.) (OEI; 07-10-00420; expected issue date: FY 2015;
ACA)
Office of Inspector General
Work Plan
Fiscal Year 2015
Hospitalizations of nursing home residents
manageable and preventable conditions:
for
We will determine the extent to which Medicare
beneficiaries residing in nursing homes are hospitalized as a
result of conditions thought to be manageable or preventable
in the nursing home setting. A 2013 OIG review found that
25 percent of Medicare beneficiaries were hospitalized for
any reason in FY 2011. Hospitalizations of nursing home
residents are costly to Medicare and may indicate quality-ofcare problems in nursing homes. (OEI; 06-11-00041;
expected issue date: FY 2015)
New York State Office of the Medicaid Inspector
General (OMIG) 2014-15 Work Plan
http://www.omig.ny.gov/images/stories/work_plan/201415_work_plan.pdf
The Residential Health Care Facilities (RHCF) Business
Line Team reviews nursing facilities and assisted living
programs (ALP). RHCFs are reimbursed for covered
services to eligible consumers based on determined
rates. An ALP provides long-term residential care, room,
board, housekeeping, personal care, supervision, and
provides or arranges for home health services to five or
more eligible residents unrelated to the operator.
.
New York State Office of the Medicaid Inspector General
(OMIG) 2014-15 Work Plan
Base Year Audits:
RHCFs use the same reported costs, with appropriate trend factors,
for multiple years of reimbursement. The Office of the Medicaid
Inspector General (OMIG) will review new base year rates approved
by the Department of Health (DOH). OMIG reviews will focus on
inappropriate and unallowable costs included in the new RHCF
rates. OMIG will also review add-ons to determine whether they
were appropriately calculated.
Capital:
Reported RHCF capital costs are used as a basis for the capital
component of the RHCF Medicaid rate. OMIG will audit
underlining costs included within the capital component and if
necessary, make appropriate adjustments to the rates
New York State Office of the Medicaid Inspector General
(OMIG) 2014-15 Work Plan
Medicaid Rate Part B Offset
Medicaid rates for nursing facilities include billable rates for
Medicaid consumers who may or may not be eligible for
Medicare Part B service reimbursement. The difference
between the non-eligible and eligible rates is called the “Part
B Offset.” OMIG has developed an approach to systematically
capture the Part B reimbursement information associated with
Medicaid consumers through data gathering and computer
matches with the Centers for Medicare and Medicaid Services.
OMIG will conduct risk assessments and perform reviews of
the Part B Offset for facilities that are rated as high risk and
will also review any appeals processed by DOH.
New York State Office of the Medicaid Inspector
General (OMIG) 2014-15 Work Plan
Bed Reservations:
When qualifying criteria are met, the Medicaid program
reimburses nursing facilities on a per diem basis to hold a
resident’s bed while that resident is temporarily absent
from the facility. OMIG will review nursing facilities
reserved bed payments to determine whether facilities are
qualified to receive these payments.
New York State Office of the Medicaid Inspector General
(OMIG) 2014-15 Work Plan
Minimum Data Set:
OMIG will review Minimum Data Set submissions from nursing
facilities. During State Fiscal Year 2014-2015, OMIG will
collaborate with DOH to initiate reviews of data submissions.
Notice of Rate Changes (Rollovers):
Reported base year operating costs are increased by an inflation
factor (also known as a trend factor) and used as a basis for
RHCF rates for subsequent years. OMIG will carry forward base
year operating cost audit findings and adjust rates accordingly.
Rate Appeals:
RHCFs may file rate appeals with DOH to contest their Medicaid
rates. OMIG will review rate appeals that have been approved
by DOH and, where indicated, audit underlying costs associated
with those appeals to determine the appropriateness of each
appeal issue.
Sanction Screening
Under Federal law, no payment will be made by
any Federal health care program, including
Medicare or Medicaid, for any items or services
furnished, ordered, or prescribed by an excluded
individual or entity. Exclusions from participation
in Federal health care programs are imposed by
the Department of Health and Human Services
(DHHS) Office of Inspector General (OIG). The
OIG advises that all current and new employees,
medical personnel, contractors, and vendors
should be screened against the latest version of the
OIG List of Excluded Individuals and Entities
(LEIE), which is published on its web site:
https://oig.hhs.gov/exclusions/index.asp on a
monthly basis.
Sanction Screening
• The OIG further recommends regular screening of the
General Services Administration System of Awards
Management (SAM) List of Parties Excluded from
Federal Procurement and Non-procurement Programs).
Similarly, the DHHS Centers for Medicare & Medicaid
Services (CMS), has advised that providers may not
employ, contract with or receive Medicare or Medicaid
payments for items or services furnished by individuals or
entities excluded from participation in any health care
program, or debarred by the SAM, or receive Medicare or
Medicaid payments for items or services furnished,
ordered, or prescribed by an excluded individual or entity.
https://www.sam.gov/portal/public/SAM/
Sanction Screening
Who can be sanctioned? Individuals and businesses/entities.
Why?
Default on health education loan or scholarship obligations.
Failure to meet statutory obligations of practitioners and
providers to provide' medically necessary services meeting
professionally recognized standards of health care
Conviction relating to patient abuse or neglect.
Felony conviction relating to health care fraud.
Felony conviction relating to controlled substance.
Claims for excessive charges, unnecessary services or services
which fail to meet professionally recognized standards of
health care, or failure of an HMO to furnish medically
necessary services.
Sanction Screening
CMS has further advised States that they should require
Medicaid providers to search the OIG’s LEIE on a
monthly basis. In addition, states have independent
legal authority to exclude individuals and entities from
participation in their individual state Medicaid
programs. Many states have developed their own lists
of sanctioned and excluded individuals and entities that
should be searched in addition to the federal OIG and
SAM lists. For example, the New York Office of
Medicaid Inspector General (OMIG) issues its own List
of Restricted, Terminated, and Excluded Individuals
and Entities, and advises that health care providers
check the OMIG list, as well as the LEIE and SAM on
a monthly basis.
Sanction Screening
Section 6501 of the Affordable Care Act states that
if an individual or entity is excluded in one state,
then he/she or it, is excluded in all states. This
means that healthcare employers and companies
need to make sure their compliance program
includes searching all available state Medicaid
exclusion registries as well as the federal
exclusions lists.
States that have Medicaid
exclusion registries:
Alabama
Arizona
Arkansas
California
Connecticut
District of Columbia
Florida
Hawaii
Idaho
Illinois
Kansas
Kentucky
Massachusetts
Maryland
Maine
Michigan
Mississippi
Nebraska
New Jersey
Nevada
New York
Ohio
Pennsylvania
South Carolina
Tennessee
Texas
Washington
West Virginia
Wyoming
Sanction Screening
Require current employees to report to the nursing
facility if, subsequent to their employment, they are
convicted of an offense that would preclude
employment in a nursing facility or are excluded from
participation in any Federal health care program; and
Regardless of the size or resources of the nursing
facility, employee screening is critical. Nursing
facilities, like all corporations, must act through their
employees and are held accountable for their actions.
Written Agreement with a Hospice Provider
This final rule specifies, for the facility, what the
written agreement with the hospice should address. It is
important to note that not every requirement of the new
rule must be in the written agreement. Only the
following obligations set forth in § 483.75(t)(2)(ii) are
specifically required to be included in the agreement:
Written Agreement with a Hospice Provider
A. The services the hospice will provide
B. The hospice’s responsibilities for determining the hospice plan of
care
C. The services the LTC facility will continue to provide, based on
each resident’s plan of care
D. A communication process, including how communication will be
documented between the LTC facility and hospice
E. That the LTC facility must immediately notify the hospice about:
A. Significant change in the resident’s physical, mental, social or
emotional status;
B. Clinical complications that suggest a need to alter the plan of
care;
C. Need to transfer the resident from the facility for any
condition; or
D. Resident’s death
Written Agreement with a Hospice Provider
I.
That LTC facility personnel may assist in the
administration of prescribed therapies when permitted
by state law and specified by the facility.
J. That the LTC facility must immediately report all
alleged violations involving mistreatment, neglect,
abuse, misappropriation of patient property by
hospice personnel to the hospice administrator .
K. The responsibilities of the hospice and the LTC
facility to provide bereavement to LTC staff.
Written Agreement with a Hospice Provider
That the hospice assumes responsibility for determining the appropriate
course of hospice care, including level of care
A. The LTC facility’s role in providing 24-hour room and board care to
meet the resident’s personal care and nursing needs, in coordination
with the hospice representative
The hospice’s responsibilities for services, including, but not
limited to:
Medical direction and management of the patient
Nursing
Counseling (including spiritual, dietary and bereavement)
Social work
Supplies, DME and drugs
All other hospice services that are necessary for the care of the
resident's terminal illness and related conditions
Resources
AHIMA Documentation and Practice Guidelines Long Term Care
http://www.ahima.org/infocenter/guidelines/l
tcs/index
CMS Certification and compliance
http://www.cms.gov/certificationandcompliance/
Office of the Inspector General
http://www.oig.hhs.gov
Minimum Data Set 3.0 Training Materials
http://www.cms.gov/nursinghomequalityinits/
Appendix P Survey Protocol
Appendix PP Interpretive Guidelines
http://www.cms.gov/manuals
SNF Pepper User’s Guide First Edition
http://pepperresources.org/TrainingResources/Skill
edNursingFacilities
Hospice Services Provided in a Long Term
Care Facility
http://www.nhpco.org/sites/default/files/public
/regulatory/Hospice_Nursing_Facility.pdf
http://www.nhpco.org/sites/default/files/public
/regulatory/NH_Comp-Final-Rule_July2013.pdf