GBMC Ethics and Compliance Program To every patient, every time, we will provide the care that we would want for our own loved ones. Health, healing and hope. Definitions Compliance: •Conformity; acting according to certain accepted standards. Ethics: •The study of: moral values and rules; right and wrong conduct. •Contemporary Ethics focuses on Choices . •Taken together, they define the essence of the GBMC Ethics and Compliance Program: ○A values-based culture that guides our actions in the workplace so that our daily activities are performed with honesty, integrity, and in support of the organization’s Mission, Vision and Values. Ethical Corporate Culture Benefits: •Ethics plays an important role in deterring fraud and abuse in organizations. The overall goal of an effective compliance program is to create an ethical corporate culture. •An ethical corporate culture reduces the chance that fraud and abuse will occur; or if it does occur, it reduces the chance that it will go undetected. Fraud: •Intentional deception, misrepresentation or perversion of truth in order to damage another or to obtain personal gain. Abuse (in healthcare compliance terms): •“Honest” mistakes or errors that organizations should have known were mistakes or errors; Culpable Ignorance – a lack of knowledge for which one can be blamed and held accountable (not an excuse for non-compliance). Consequences: •Millions of Americans cannot afford or are not offered access to health insurance. The main barrier to coverage is cost and the biggest single contributor to unnecessary spending is fraud and abuse. •The price tag for fraud and abuse is estimated at $100 billion each year. The losses caused by fraud and abuse are passed on to individuals through increased insurance premiums, reduced wages, and increased taxation to fund government programs. •Virtually every week, a story appears in the news concerning the government’s investigation of a health care provider or organization. Behind violent crime and terrorism, health care fraud has been targeted as the number one white-collar priority of federal prosecutors. •Since 1996, Congress has significantly increased the funding for health care fraud and abuse enforcement efforts. Additionally, Congress has created powerful new criminal and civil enforcement tools that have enabled the government to expand and intensify the fight against health care fraud and abuse. •Along with these increased investigations, comes the ability of the government to impose significant fines and penalties on healthcare organizations and individuals, including disqualification from health care programs and even prison. •The Office of the Inspector General (OIG) believes that significant reductions in fraud and abuse liability can be accomplished through the use of compliance programs. An effective compliance program can minimize the consequences resulting from a violation of the law and may, in some cases, convince a prosecutor not to pursue criminal action. •The OIG has provided the healthcare industry with model compliance program guidance. There are specific elements that the OIG requires organizations adopt to be considered as having an effective compliance program. GBMC’s Response •Voluntary development of an Ethics and Compliance Program based on the OIG’s requirements that ensures that corporate policies, practices, and culture foster the understanding of, and compliance with, applicable legal requirements. Elements of Ethics & Compliance Program “Tone at the Top” Ethical Corporate Culture Response & Prevention Enforcement & Discipline Monitoring & Audits Education Trustworthy Individuals High Level Oversight Standards & Procedures Elements of a Compliance Program (OIG) GBMC Board of Directors Reinforcement of GBMC’s Commitment to Compliance Element #1 Standards & Procedures •The organization must have established compliance standards and procedures to be followed by its employees that are reasonably capable of reducing the prospect of unlawful activity. ○We have developed and continue to develop policies and procedures to address many legal and regulatory requirements. However, it is impractical to develop policies and procedures that encompass the full body of applicable law and regulation that affects our industry. Obviously, those laws and regulations not covered in organization policies and procedures must be followed. GBMC has a range of expertise within the organization, including legal counsel and numerous functional experts who should be consulted for advice concerning human resources, legal, billing, tax, and other regulatory requirements. Element #1 Standards & Procedures One of the most critical components that supports the OIG requirement for standards and procedures is the GBMC Code of Business Ethics (the “Code”). The purpose of the Code is to articulate GBMC’s message of fair completion and ethical business practices. It addresses some of the complex legal and business ethical issues we face every day and provides guidance for handling some specific compliance scenarios. The Code should be used in conjunction with GBMC policies to provide guidance on regulatory matters. Element #1 Standards & Procedures •The Code is divided into 6 Guiding Principles which are closely aligned with GBMC’s objectives, goals and service excellence behaviors. They are: ○“We Strive to Provide Outstanding Service to Our Patients” ○“We Strive to Abide by the Law and Maintain High Ethical Standards in Our Business Decision Making” ○“We Strive to Maintain a High Standard of Accuracy and Completeness in Our Records” ○“We Strive to Maintain a Professional and Safe Work Environment” ○“We Take Personal Responsibility for Protecting the Organization’s Resources and Achieving Our Ethical Goals” ○“We Report Our Compliance Concerns by Using the Appropriate Chain of Command” Element #2 High Level Oversight •Specific individual(s) within high-level personnel of the organization must be assigned overall responsibility to oversee compliance with such standards and procedures. •The Audit and Compliance Committee of the Board of Directors is responsible for the oversight of the Ethics and Compliance Programs. •Stacey McGreevy, Compliance Officer, is responsible for day-to-day Ethics and Compliance Program activities; as Compliance Officer, she reports to the President & CEO, with an administrative reporting relationship to the EVP & CFO; the Compliance Officer has direct access and provides periodic reports to the Audit Committee. Audit and Compliance Committee of the Board of Directors Dr. John Chessare President & Chief Executive Officer Eric Melchior Executive Vice President & Chief Financial Officer Administrative Reporting Relationship Stacey McGreevy, CPA Chief Audit Executive, Compliance & Privacy Officer Element #3 Trustworthy Individuals •The Organization must have used due care not to delegate substantial discretionary authority to individuals who the organization knew, or should have known through the exercise of due diligence, had a propensity to engage in illegal activities. ○GBMC conducts pre-employment screening, including background checks, on employees. ○The GBMC Compliance Department performs monthly checks against a Federal Government database to ensure no sanctions have been imposed against GBMC employees and physicians that would expose GBMC to any financial risk. Element #4 Education •The organization must have taken steps to communicate effectively its standards and procedures to all employees by requiring participation in training programs or by disseminating publications that explain in a practical manner what is required. ○GBMC has incorporated Ethics and Compliance Program training into the mandatory annual competency plan (That’s why you’re here!!). ○The New Employee Orientation Program contains training on the Ethics and Compliance Program. ○Specialized training is provided on specific compliance areas on an as-needed basis throughout the year by the Compliance Department. Element #5 Monitoring & Auditing •The organization must take reasonable steps to achieve compliance with its standards, e.g., by utilizing monitoring and auditing systems reasonably designed to detect inappropriate conduct by its employees and by having in place and publicizing a reporting system whereby employees can report compliance concerns without fear of retribution. ○Every year, the Compliance Department develops an annual compliance audit plan which outlines the areas that will be audited to ensure compliance with internal policies, laws, regulations, and contracts. Audit areas are determined based on a risk assessment process that considers the likelihood and impact of noncompliance. ○Departments throughout GBMC perform various auditing and monitoring activities to ensure compliance, e.g., the Coding Department, Medical Records, etc. Element #5 Monitoring & Auditing •Employees are educated about the resources available to them to report compliance concerns including: ○Supervisor or Chain of Command ○Compliance Officer, Stacey McGreevy: 443-849-4325 ○Compliance Office email: compliance @gbmc.org ○Compliance Page on the InfoWeb ○Compliance Hotline, a confidential reporting service operated 24 hours a day, 7 days a week at 1-800-299-7991; anonymity of the person placing the report is protected to the extent possible as dictated by federal and state law. Element #6 Enforcement & Discipline •The standards must have been consistently enforced through appropriate disciplinary mechanisms, including, as appropriate, discipline of individuals responsible for the failure to detect an offense. Adequate discipline of individuals responsible for an offense is a necessary component of enforcement; however, the discipline that will be appropriate will be case-specific. ○GBMC has a progressive disciplinary policy in place to deal with individuals who do not comply with internal policies, laws, and regulations. The Compliance Department’s responsibility is to present the facts of the case and provide supporting documentation and details as necessary. The Human Resources Department is ultimately responsible for disciplinary procedures as they deem appropriate. All employees have a duty to report instances of non-compliance in good faith. Individuals who report in good faith will be protected from retaliation. Element #7 Response & Prevention •After an offense has been detected, the organization must have taken all reasonable steps to respond appropriately to the offense and to prevent further similar offenses. ○GBMC requires that issues of noncompliance be responded to in writing by the appropriate management. This response must outline the corrective action to be taken, by whom, and in what timeframe to deter against the possibility of re-occurrence. Corrective action plans are followed up on by the Compliance Department. Areas Where Compliance Risk May Exist •Confidential Patient Information: We realize the sensitive nature of the information and are committed to maintaining its confidentiality. Consistent with HIPAA, we do not use, disclose or discuss patient-specific information with others unless it is necessary to serve the patient or required by law. •Relationships with Physicians: Federal and state laws and regulations govern the relationship between hospitals and physicians who may refer patients to our facilities. It is important that all arrangements with physicians be properly structured to comply with laws such as Stark, Anti-Kickback and IRS regulations. The two fundamental principles we should all keep in mind are that we do not pay for patient referrals, nor do we accept payments for referrals we make. •Licensure and Certification Renewals: GBMC staff who hold positions which require professional licenses, certifications, or other credentials are responsible for maintaining the current status of their credentials and for complying with any federal or state requirements applicable to their roles. GBMC does not allow any colleague, independent contractor, or practitioner to work without valid licenses or credentials. •Billing Practices: GBMC will bill only for services actually rendered. Services rendered must be accurately and completely documented and coded to ensure both proper billing and the integrity of the medical record. Areas Where Compliance Risk May Exist •Conflicts of Interest: A conflict of interest may occur if your activities or personal interests appear to or may influence your ability to make objective decisions required of your job at GBMC We try to minimize these situations, but if they do occur, we disclose them to management. •Receiving Gifts and Business Courtesies: GBMC has straightforward, clear cut guidelines outlined in a policy regarding what types of courtesies are appropriate for GBMC staff to accept from a person or organization that does business or may want to do business with GBMC. For Employee who work in the Medical Center What I Need to Know About the FCA and GBMC What is the Deficit Reduction Action •One issue addressed under the Deficit Reduction Act of 2005 (DRA) is the increasing problem of fraud and abuse against the Medicaid and Medicare programs funded by the federal and state governments. •Under the DRA, any employee who receives move than $5 million per year in Medicaid payments is required to provide certain education to its employees. Because GBMC meets the monetary threshold in payments received from Medicaid, we must provide information and education regarding: ○The Federal and Maryland False Claims Acts, ○Penalties for violating the False Claims Acts. ○Whistleblower protections ○GBMC’s policies and procedures for detecting and preventing fraud, waste, and abuse, ○Reporting Concerns and ○GBMC Responsibility Penalties For Violating The False Claims Act •Healthcare providers who violate the False Claims Act can be subject to civil and monetary penalties ranging from $5,500 to $11,000 for each false claim submitted. •Healthcare providers can also be required to pay three times the amount of damages sustained by the U.S. government. •If the provider is convicted of a False Claims Act violation, the Office of Inspector General (OIG) may exclude the provider from participation in federal health care programs. •GBMC may not employ anyone who has been excluded by the OIG, therefore at the time of hire and on an ongoing monthly basis all employees and physicians are checked against the exclusion database to ensure that we are in compliance. False Claims Act •There is a federal False Claims Act (FCA) and a Maryland state version of the FCA covers fraud involving any federally funded contract or program in which a person knowingly presents a false or fraudulent claim to the U.S. government for payment. Similarly the Maryland FCA applies to anyone who submits false or fraudulent claims to the Medicaid Program. •Health care providers can be prosecuted for a wide variety of conduct that leads to the submission of fraudulent claims to the government, such as: ○Knowingly making false statements, ○Falsifying records, ○Double-billing for items or services, or ○Submitting bills for services never performed or items never furnished. Whistleblower Protections •GBMC offers protection to anyone who suspects and reports a compliance problem. •You may report all of your compliance concerns using any one of the options listed below: ○Contact the Compliance Hotline at 1-800-299-7991 (allows for anonymous reporting) ○Contact GBMC’s Compliance Officers at (443)849-4325 ○Email the GBMC Compliance Department at compliance@gbmc.org •You may also file a lawsuit on behalf of the U.S. government should you have actual knowledge of allegedly false claims to the government, however specific steps must be followed should a person file a lawsuit. Detains regarding the process may be obtained from the GBMC Compliance Department GBMC’s Administrative Policies and Procedures For Detecting And Preventing Fraud, Waste & Abuse •#009 False Claims Act and Whistleblower Protections Policy •#003 Compliance Program Policy •#010 Medicare – Medical Necessity for Ancillary Services •#005 Conflicts of Interest Policy for Board Members and Officers •#011 Advanced Beneficiary Notices •#006 Conflicts of Interest Policy for Management •#012 Extending Business Services to Division •#007 Receiving Business Courtesies Heads/Chiefs/Chairmen Reporting Concerns •Resources for Guidance ○To obtain guidance on a compliance issue or to report a concern, individuals may choose from several options: ▪We encourage human resources-related issues to be handled by the Human Resources Department experts. ▪As an expected good practice, when you are comfortable in doing so and think it appropriate under the circumstances, raise concerns first with your supervisor. ▪If you are uncomfortable in going to your supervisor or it is inappropriate considering the situation, you may contact another member of management, the Compliance Officer, or use the GBMC Business Ethics Line. All of these resources are clearly defined in the Code along with corresponding contact information. Employees should never feel that they have no where to go when they want to discuss a compliance-related concern.