Evaluation and Management Services
advertisement
REGULATORY COMPLIANCE TRAINING Fraud and Abuse HIPAA Compliance Training Objectives • • • • • • • • • • Define what constitutes Medicare and Medicaid Fraud and Abuse Prevention of Fraud and Abuse Overview of the Federal Fraud and Abuse laws and penalties New York State False Claims Act Methods of reporting suspected fraud and abuse Conflict of Interest Billing, Coding and Documentation Teaching Physician Supervision Rules Joint Commission HIPAA and HITECH 2 HealthCare Compliance • • • • Required by law Regulates billing and coding Prevents improper treatment and billing Protects the organization by following laws and regulations 3 Medicare and Medicaid Fraud Obtaining a federal or state health care payment through misrepresentation or concealment of facts….. 4 Examples of Fraud • Billing for services that were not provided • Altering medical records or claims to receive a higher payment 5 Medicare and Medicaid Abuse Abuse results in unnecessary costs to governmental programs and is inconsistent with the goals of providing patients with services that are medically necessary. 6 Examples of Abuse • Billing for unnecessary services • Billing inaccurate diagnosis and procedure codes on claims to ensure payment 7 Fraud and Abuse Laws • • • • False Claims Act Anti-Kickback Statute Physician Self-Referral Law (Stark Law) New York State Laws 8 False Claims Act Knowingly submitting a false or fraudulent claim to the government: • Acting in deliberate ignorance of the truth • Reckless disregard of the truth http://downloads.cms.gov/cmsgov/archived-downloads/SMDL/downloads/smd032207att2.pdf 9 False Claims Act Examples • Improperly admitting patients to the hospital for services that should have been provided in an outpatient setting • Billing for tests that were not medically necessary 10 Anti-Kickback Statute Prohibits knowingly and willfully offering, paying, soliciting or receiving any remuneration to induce referrals of service reimbursable by a federal health care program. Anti-Kickback Statute examples: • Cash for referrals • Free staff in exchange for referrals • Free rent or below market value rent for referrals 11 Stark Law Prohibits physicians from referring Medicare beneficiaries for certain designated health services to an entity in which the physician or their immediate family member has an ownership/investment interest. Stark Law Example: • A physician refers a patient to a laboratory that he owns. http://oig.hhs.gov/compliance/provider-compliance-training/files/starkandakscharthandout508.pdf 12 New York False Claims Act The New York False Claims Act closely tracts the Federal False Claims Act. Penalties and fines imposed for obtaining payment from any government program such as Medicaid for filing false claims. 13 Whistleblower Protection • Whistleblowers may not be discharged, demoted, suspended, threatened, harassed or in any manner discriminated against as a result of reporting fraud or abuse. http://www.ag.ny.gov/sites/default/files/pdfs/bureaus/whistleblowers/NYS_FALSE_CLAIMS_ACT.pdf 14 Penalties Federal health care fraud and enforcement efforts recovers >$4 billion annually in penalties & fines. • • • • Civil Monetary Penalties Civil and Criminal Prosecution Exclusion from Medicare and Medicaid programs Suspension of payments 15 Fraud and Abuse Prevention • Follow the Compliance Program Code of Conduct • Teaching physicians should be physically present for the service in order to submit a bill • Maintain accurate and complete medical records and documentation • Avoid submitting claims for unnecessary services • Submit accurate coding and billing • Avoid illegal conduct • If you are not sure of the appropriateness of an action, call the Compliance Officer 16 Conflict of Interest The Ethics law and SBUH policy prohibit situations that can create a Conflict of Interest. Conflicts of Interest arise when a person’s judgment and discretion is or may be influenced by personal considerations, or the interests of SBUH. Examples: 1. Accepting gifts from vendors 2. Misuse of hospital assets 3. Activities that violate principles governing research http://www.jcope.ny.gov/ 17 Conflict of Interest According to the New York State Ethics Commission, a gift may be in the form of: – – – – – – – Money Loans Travel Meals Refreshments Entertainment Any services or goods 18 Conflict of Interest Violations of Ethics Law regarding gifts: New York State employees are not allowed to accept gifts valued above nominal Value. Examples of nominal value gifts: • • • • Coffee mugs Pads Pens Key tags Penalties imposed by the Ethics Commission are up to $10,000 per incident. 19 EMTALA It requires hospital Emergency Departments that accept payments from Medicare to provide an appropriate medical screening examination to individuals seeking treatment for a medical condition, regardless of citizenship, legal status or ability to pay. Participating hospitals may not transfer or discharge patients needing emergency treatment except: • With the patient’s informed consent, or • Stabilization of the patient, or • When their condition requires transfer to a hospital better equipped to administer the treatment. https://www.cms.gov/Regulations-and-Guidance/Legislation/EMTALA/index.html?redirect=/EMTALA/ 20 Billing, Coding and Documentation Billing is based on: • • • A Procedure code (CPT), A Diagnosis code (ICD-10), and A Modifier (if applicable, helps further describe a procedure code without changing the definition) Billing is based on services actually rendered CPT and ICD-10 Code Selection: • • Code and modifier selection is based on the service rendered and documented in the medical record Code and modifier selection should never be based on whether they guarantee payment 21 Billing, Coding and Documentation Documentation: Medicare’s rules for billing: “If its not documented, it didn’t happen”. • Medical record documentation is required to record pertinent facts, findings, and observations about an individual’s health history including past and present illnesses, examinations, tests, treatments, and outcomes. • The medical record should be complete and legible. • All tests should have an order and support the medical necessity for performing the test. 22 Billing, Coding and Documentation The documentation of each patient encounter should include: • The reason for encounter and relevant history, physical examination findings, and prior diagnostic test results • An assessment, clinical impression, or diagnosis • Plan for care • If not documented, the rationale for ordering diagnostic and other ancillary services should be easily inferred • Past and present diagnoses should be accessible to the treating and/or consulting physician • Appropriate health risk factors should be identified 23 Medical Record Documentation Cloned Documentation Could Result in Medicare Denials for Payment With the advent of Certified Electronic Health Record Technology, the government is closely watching electronic health record documentation practices. Medicare has noted an increase in frequency of medical records that contain identical documentation across services. Cloning has been defined by Medicare as: • Each entry in the medical record for a beneficiary is worded exactly like or similar to the previous entries, or • When medical documentation is exactly the same from beneficiary to beneficiary. • It can also occur when the documentation is exactly the same from patient to patient. • Cloned documentation will be considered misrepresentation of the medical necessity requirement for coverage of services due to the lack of specific individual information for each unique patient. http://oig.hhs.gov/oei/reports/oei-01-11-00571.pdf 24 Evaluation and Management Services (E/M) Evaluation and Management Services are categorized by: • Place of service- e.g. Inpatient or Office • Type of Service- New Patient Visit, Initial Hospital Visit 25 Evaluation and Management Services (E/M) The descriptors for the levels of E/M services recognize three key components which are used in defining the levels of E/M services. These components are: • History • Physical Examination • Medical decision making Medical necessity of a service is the overarching criterion for payment in addition to the individual requirements of a CPT code. The volume of documentation should not be the primary influence upon which a specific level of evaluation and management service is billed. 26 Evaluation and Management Services (E/M) • The level of service is determined by the elements documented in the medical record. • Because the level of E/M service is dependent on two or three key components, performance and documentation of one component (e.g.,. examination) at the highest level does not necessarily mean that the encounter in its entirety qualifies for the highest level of E/M service. • In the case of visits which consist predominantly of counseling or coordination of care, time is the key or controlling factor to qualify for a particular level of E/M service. – Time spent counseling must be greater than 50% of the encounter. 1995 Guidelines: https://www.cms.gov/Outreach-and-Education/Medicare-Learning-Network-MLN/MLNEdWebGuide/Downloads/95Docguidelines.pdf 1997 Guidelines https://www.cms.gov/Outreach-and-Education/Medicare-Learning-Network-MLN/MLNEdWebGuide/Downloads/97Docguidelines.pdf 27 Physicians at Teaching Hospitals (“PATH”) Payment for Physicians at Teaching Settings: The attending physician must be present during every billable service when rendered by an intern, resident or fellow. Physical Presence Requirements: Evaluation and Management Services • • • • The Teaching Physician must personally attest to their physical presence. The Teaching Physician must specifically document that they reviewed the resident’s progress note. The Teaching Physician must document that they agree with the management and plan as documented by the resident. The Teaching Physician must revise the progress note if needed. 28 Physicians at Teaching Hospitals (“PATH”) Single Surgery The Teaching Physician’s presence may be documented by an “attestation statement” by the resident or teaching physician. Two Overlapping Surgeries • • • • The Teaching Physician must be present during the key portions of both surgeries. The Teaching Physician must make a personal entry into the medical record documenting his/her presence during the key portion of each procedure The key portions may not overlap The Teaching Physician must be immediately available During non-critical or non-key portions of the surgery, if the teaching physician is not physically present, he/she must be immediately available to return to the procedure. If circumstances prevent a teaching physician from being immediately available, then he/she must arrange for another qualified surgeon to be immediately available to assist with the procedure, if needed. 29 Physicians at Teaching Hospitals (“PATH”) Procedures • The Teaching Physician must be physically present during all high risk or other complex procedures. • The Teaching Physician’s presence may be documented by an “attestation statement” by the resident or teaching physician if they are present during the entire procedure. Minor Procedures (5 minutes or less) • The Teaching Physician must be present for the entire procedure. • The Teaching Physician’s presence may be documented by an “attestation statement” by the resident or teaching physician. 30 Physicians at Teaching Hospitals (“PATH”) Diagnostic Test Interpretation • • • The Teaching must personally review the data, image, tracing or specimen. The Teaching Physician must personally document that they reviewed the data, image, tracing or specimen The Teaching Physician must review the resident’s interpretation and agree or modify the findings. Endoscopy • • The Teaching Physician must be present for the entire viewing, including scope insertion and removal. The Teaching Physician’s presence may be documented by an “attestation statement” by the resident or teaching physician. 31 Physicians at Teaching Hospitals (“PATH”) Anesthesia • The Teaching Physician must be present during all key elements including induction and emergence. • The Teaching Physician must personally document their physical presence. • The Teaching Physician must sign the anesthesia record. Maternity Services • The Teaching Physician must be present for the delivery. • The Teaching Physician must be present for the minimum number of antenatal visits listed in CPT when billing globally. 32 The Joint Commission The Joint Commission accredits and certifies health care organizations. A private agency entrusted by Medicare to certify that healthcare organizations meet a set of established standards. These criteria are incorporated in Medicare's Conditions of Participation. Purpose: Maintain a high standard of institutional care, by both establishing guidelines for the operation of health care organizations through surveys and periodic inspections. 33 The Joint Commission Standards The standards focus on important patient, individual, or resident care and organization functions that are essential to providing safe and high quality care. In addition, the Joint Commission: • • • • • • • • Helps organize and strengthen patient safety efforts Strengthens community confidence in the quality and safety of care, treatment and services Provides a competitive edge in the marketplace Improves risk management and risk reduction Provides education to improve business operations Provides professional advice and counsel, enhancing staff education Provides a framework for organizational structure and management Provides practical tools to strengthen or maintain performance excellence 34 The Joint Commission Standards Joint Commission standards are the basis of an objective evaluation process that can help health care organizations: • Measure • Assess • Improve performance The Joint Commission’s standards set expectations for organization performance that are: • Reasonable and • Achievable 35 Health Insurance Portability and Accountability Act HIPAA The rule establishes national standards to protect an individual’s medical records and health information. Applies to Covered Entities: • • • Health plans Health care clearinghouses Health care providers The rule sets limits and conditions on the uses and disclosures that may be made of “Protected Health Information” without patient authorization. The rule gives patients rights over their health information, including rights to examine and obtain a copy of their health records, and to request corrections. http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/privacysummary.pdf 36 HIPAA Privacy The Privacy Rule is to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public's health and well being. The Privacy Rule sets the standards for who may have access to protected health information. A covered entity may use and disclose protected health information for: • Treatment, • Payment, and • Health care operations 37 Protected Health Information (PHI) Any form of information that can identify, relate or be associated with an individual obtaining healthcare services. The Privacy Rule protects all protected health information transmitted by a covered entity or its business associate, in any form or media. It may be: • Electronic • Paper • Verbal PHI is composed of: • Personal Information • Medical Information • Technical Information 38 PHI Examples of Personal Information: • • • • • • • • • Name Address Telephone Number Fax Number E-mail address Birth Date Social Security Number Certificate/license number Vehicle identification numbers 39 PHI Examples Medical Information: • • • • • • Medical record number Health plan information Test results Clinical notes Care plans Diagnoses 40 PHI Examples Technical Information: • • • • • Biometric identifiers Photographic images Web URLs IP addresses Account numbers 41 Patient Rights Under HIPAA • • • • • • Receive Notice of Privacy Practices Request an amendment to medical record Access and request a copy of medical record Request special privacy protection for PHI Request an accounting of disclosures File a complaint if their rights are violated 42 Maintain Confidentiality • Do not discuss patient information in public places • Limit unnecessary or inappropriate access to and disclosure of protected health information • Discard PHI in the confidential HIPAA bins • Log off computers when leaving it unattended • Do not share passwords • Do not snoop • Do not leave PHI open to public viewing • Do not send PHI over the internet or unsecured E-mail http://it.cc.stonybrook.edu/site_documents/google/hipaa_hitech_fact_sheet.pdf 43 Health Information Technology for Economic and Clinical Health Act (HITECH) New rule protects patient privacy, secures health information which include: • • • • • • • Patients may request a copy of their medical record in an electronic format Patients may restrict disclosures if they pay out-of-pocket for the service Restrictions on Marketing, Fundraising and the sale of PHI Clarification regarding “Minimum Necessary” Increased penalties Increased enforcement and oversight activities Enhanced breach notification rules 44 HIPAA Security The Security Rule sets the standards for ensuring that only those who should have access to electronic PHI will have access. The Security Rule requires covered entities to maintain reasonable and appropriate administrative, technical, and physical safeguards for protecting electronic PH(e-PHI). Specifically, covered entities must: • • • • Ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit. Identify and protect against reasonably anticipated threats to the security or integrity of the information. Protect against reasonably anticipated, impermissible uses or disclosures; and Ensure compliance by their workforce. http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html 45 HIPAA Security The Security Rule requires covered entities to Protect electronic PHI by maintaining reasonable and appropriate safeguards: Administrative-policies and procedures, training, general oversight Technical-security measures such as firewalls, virus and malware protection, encryption Physical-physical measures to protect against: • Natural disasters (hurricanes, storms) emergency back-up, redundant servers • Environmental hazards (fires) data center with halon sprinklers • Unauthorized intrusion (unauthorized access) secure areas with ID badge card entry 46 The Effects of a Compromise • Business Impact • Loss of revenue • Legal liability • Bad press • Financial Penalties 47 Contacts Stony Brook University Hospital Interim Compliance Officer: John Ruth Telephone: 631-444-5776 Stony Brook Medicine Information Technology Chief Information Privacy and Security Officer: Stephanie Musso-Mantione Telephone: 631-444-5796 SB Clinical Practice Management Plan, Inc. Chief Compliance and Regulatory Officer: Cathy Cahill-Egolf Telephone: 444-8026 48 Quiz 1. Medicare abuse describes practices that either directly or indirectly, result in unnecessary costs to the Medicare Program. o True o False 2. The Federal laws used to address fraud and abuse are the False Claims Act, the Anti-kickback Statute and the Stark law. o True o False 3. Penalties for Medicare and Medicaid fraud and abuse include exclusion from participating in all federal and state health care programs. o True o False 4. When leaving your desk, you should log off your computer. o True o False 5. The attending physician must be present during every billable service when rendered by an intern, resident or fellow. o True o False 49 Certificate of Completion Please print, complete and return to Cathy Cahill in room 048 on level 5 of the Health Sciences Center (Zip=8552) or email at Cathy.Cahill@StonyBrookMedicine.edu This Certificate is presented __________________________________ Print Name For successfully completing : Regulatory Compliance Training Fraud and Abuse HIPAA ____________________ Signature _________________ Date of Completion 50
