. IMPLEMENTING A SUCCESSFUL COMPLIANCE PROGRAM Presented by Jeffrey S. Baird, Esq. © 2015 Brown & Fortunato, P.C. Introduction • The HME industry is young. • The industry grew up relatively unregulated. • Another challenge is that few people with CMS and on Capitol Hill have ever set foot in an HME company. • As the government is famous for doing, it overreacted. Introduction • The pendulum will eventually swing back towards the middle. • Until that time, however, the HME industry will have to deal with intrusive government scrutiny. • The demand for what the industry has to offer will only increase exponentially. Introduction • There are 78 million baby boomers. • The “irresistible force” (demand) meets the “immovable object” (reduced reimbursement). • And so while we are in strange times, the future is bright for well-run, innovative HME providers. Introduction • It is crucial that the HME supplier understand and comply with payment and coverage policies and comply with the many anti-fraud laws. Challenge to the Supplier • A challenge for the HME provider are the inquiries and investigations being conducted by DME MACs, RACs, CERTs, ZPICs, the NSC, and accrediting organizations. Challenge to the Supplier • DME MACs, and particularly ZPICs, are aggressively conducting prepayment reviews and post-payment audits. • The accrediting organizations (“AOs”) are being required by CMS to ask probing questions and report to CMS and the NSC any activities that the AOs believe are improper. Challenge to the Supplier • The ZPICs are directing DME MACs to suspend payments when the ZPICs conclude that improper activities are occurring. • In response to reports from the ZPICs, the NSC is suspending/revoking supplier numbers. Challenge to the Supplier • When conducting post-payment audits, the DME MACs and ZPICs are asking questions that go far beyond whether the provider has complete and accurate documentation. • The NSC is aggressively conducting unannounced on-site inspections; in so doing, the NSC inspectors are asking questions that go beyond the rudimentary questions that have been posed in the past. The Patient Protection and Affordable Care Act The Patient Protection and Affordable Care Act • The Senate Health Reform Bill, H.R. 3590, entitled the “Patient Protection and Affordable Care Act” (PPACA), was passed by the U.S. Senate on December 24, 2009. • The House of Representatives passed the Senate Bill on March 22, 2010, and the President signed it into law on March 23, 2010. • The following is a discussion of some of the PPACA’s provisions that are relevant to HME providers. PPACA Provisions Sec. 6401 - Provider Screening • Providers enrolling or re-enrolling in Medicare, Medicaid, or CHIP will be subject to screening measures. • The Secretary is required to determine the level of screening according to the risk of fraud, waste, and abuse with respect to each category of provider. PPACA Provisions Sec. 6401 - Provider Screening • All providers will be subject to licensure checks and, if the Secretary so determines, additional screening measures, such as criminal background checks, fingerprinting, database checks, and unscheduled and unannounced site visits. • The government is moving away from “pay and chase” to “guarding the henhouse.” PPACA Provisions Sec. 6401 - Provider Screening • The HME and home health industries are experiencing unannounced site visits from a variety of sources: − the NSC − the OIG − a state Medicaid program − an accrediting organization or − a Medicare contractor PPACA Provisions Sec. 6401 – Disclosure Requirements • Providers enrolling or re-enrolling in Medicare, Medicaid, or CHIP will be subject to new disclosure requirements. PPACA Provisions Sec. 6401 – Disclosure Requirements • Applicants will be required to disclose current or previous affiliations, directly or indirectly, with any provider that has uncollected debt, been subject to payment suspension under a federal health care program, has been excluded from participating in a Federal health care program, or has had its billing privileges denied or revoked. PPACA Provisions Sec. 6401 – Disclosure Requirements • The Secretary may deny enrollment or re-enrollment if such affiliations pose an undue risk of fraud, waste, or abuse. PPACA Provisions Sec. 6401 – Offset Payments* • The Secretary may adjust payments to a provider that has the same tax ID number as a provider that owes past-due obligations under Medicare, Medicaid, or CHIP, regardless of such provider’s Medicare billing number or NPI. *From Providers with Same Tax ID Number PPACA Provisions Sec. 6401 – Temporary Moratorium • The Secretary may impose a temporary moratorium on the enrollment of new providers if the Secretary determines that such action is necessary to prevent or combat fraud, waste, or abuse. PPACA Provisions Sec. 6401 – Compliance Programs • By a date determined by the Secretary, certain providers will be required to establish a compliance program. • Such compliance program must contain core elements, which will be established by the Secretary in consultation with the OIG. PPACA Provisions Sec. 6402 – Medicare and Medicaid* Reporting and Returning Overpayments • Any provider that receives an overpayment must (i) report the overpayment to the Secretary, carrier, or other appropriate person and (ii) provide written notice of the reason for the overpayment. *Enhanced Medicare and Medicaid Program Integrity Provisions PPACA Provisions Sec. 6402 – Medicare and Medicaid* Reporting and Returning Overpayments • An overpayment must be reported and returned no later than 60 days after it is identified or the date of any corresponding cost report (if applicable). • Failure to do so may result in civil money penalties. *Enhanced Medicare and Medicaid Program Integrity Provisions PPACA Provisions Sec. 6402 – Medicare and Medicaid* Anti-kickback Statute and False Claims Act • A claim that includes items or services resulting from a violation of the Medicare/Medicaid anti-kickback statute constitutes a false or fraudulent claim under the Civil False Claims Act (31 USC § 3729). *Enhanced Medicare and Medicaid Program Integrity Provisions PPACA Provisions Sec. 6411 – RAC Program Expansion of the Recovery Audit Contractor (RAC) Program • States must establish contracts with one or more RACs for the purpose of identifying underpayments and overpayments and recouping overpayments under the state Medicaid plan or any waiver of the state plan. Steps to Reduce the Risk of Being Subjected to an Enforcement Action Effective Corporate Compliance Program • The OIG stresses the importance of compliance programs by issuing guidance to various provider and supplier types concerning the implementation of compliance programs. Why Implement a Compliance Program • A very simple answer to this question can be found by reading the quality standards for suppliers of durable medical equipment, prosthetics or products and supplies issued on August 14, 2006. Why Implement a Compliance Program • According to the final quality standards, the supplier shall implement business practices to prevent and control fraud, waste and abuse by: − Using procedures that articulate standards of conduct to ensure the organization’s compliance with applicable laws and regulations; and − Designating one or more individuals in leadership position to address compliance issues. Why Implement a Compliance Program • The following are reasons that DME suppliers should implement corporate compliance programs… Ten Reasons to Implement a Compliance Program 1- Adopting a compliance program concretely demonstrates to the community at large that a provider has a strong commitment to honesty and responsible corporate citizenship. 2- Compliance programs reinforce employees’ innate sense of right and wrong. Ten Reasons to Implement a Compliance Program 3- An effective compliance program helps a provider fulfill its legal duty to government and private payors. 4- Compliance programs are cost effective. Ten Reasons to Implement a Compliance Program 5- A compliance program provides a more accurate view of employee and contractor behavior relating to fraud and abuse. 6- The quality of care provided to patients is enhanced by an effective compliance program. Ten Reasons to Implement a Compliance Program 7- A compliance program provides procedures to promptly correct misconduct . 8- An effective compliance program may mitigate any sanction imposed by the government. Ten Reasons to Implement a Compliance Program 9- Voluntarily implementing a compliance program is preferable to waiting for the OIG to impose a corporate integrity agreement. 10- Effective corporate compliance programs may protect corporate directors from personal liability. Compliance Obstacles • Following are ten obstacles that suppliers may face in implementing effective compliance programs… Ten Obstacles in Implementing a Compliance Program 12345- Creating buy-in and enthusiasm Changing past behavior Lack of or poor communication Too many roles for compliance officer Not enough financial support Ten Obstacles in Implementing a Compliance Program 6- Integrating compliance with other systems 7- Overcoming fear of retaliation/retribution 8- Finding qualified people 9- Lack of procedures 10- Education and training How a Corporate Compliance Program Should Be Structured Seven Required Elements of OIG Compliance Guidelines The OIG’s compliance guidelines for DME suppliers lists seven required elements of an effective compliance program. 1. Written Policies and Procedures 2. Designation of a Compliance Officer and Compliance Committee 3. Conducting Effective Training and Education Seven Required Elements of OIG Compliance Guidelines 4. Developing Effective Lines of Communication 5. Enforcement of Disciplinary Standards 6. Auditing and Monitoring 7. Response to Offenses and Corrective Action Identifying Risk Areas • It is not enough for suppliers to implement policies and procedures generally geared at educating staff and identifying potential regulatory and statutory violations. • The organization is required to implement policies and procedures targeted at specific risk areas of concern to the individual company. Compliance Program Follow-Up • Once the corporate compliance program is implemented, the supplier must continue to take steps on an on-going basis to ensure that the plan remains effective. Table of Contents I. CODE OF CONDUCT/INTRODUCTION A. Relationships with Physicians and Others in a Position to Influence Our Business 1. 2. 3. 4. 5. 6. Stark Law Anti-Kickback Law False Claims Laws Civil Money Penalty Law Contracts and Contract Administration Referrals to Other Providers Table of Contents B. Inappropriate Relationships Between and Among Employees and/or Patients C. Conflicts of Interest 1. In General 2. Prior Approval for Potential Conflicts D. Receipt of Improper Payments or Gifts E. Use of ABC Medical Funds for Improper Payments or Gifts Table of Contents F. Honesty in Business Dealings G. Confidentiality H. Employment Practices I. Reporting Abuse J. Quality of Care K. Physician Orders and Certificates of Medical Necessity L. Billing Practices M. Medical Documentation Table of Contents N. ABC Medical Property 1. Propriety Information 2. Use of At Home Medical Property O. At Home Medical Organizational and Financial Records 1. General Information 2. Transaction Records 3. Audit Procedure Table of Contents P. Q. R. S. T. U. Licenses, Permits and Certifications Marketing Document Retention Education and Training Investigations and Corrective Action Program Monitoring and Auditing Table of Contents II. ENFORCEMENT AND DISCIPLINE A. Persons Subject to Action B. Consideration C. Legal Actions III. COMPLIANCE PROGRAM OPERATION A. Compliance Officer B. Compliance Committee C. Officer Reports Table of Contents IV. A. B. C. D. E. F. G. POLICIES Certificate of Medical Necessity Claim Review Compliance Training Conflict of Interest Employee Screening Enforcement False Statements Table of Contents H. Marketing Expense Budget and Gift Policy 1. Marketing Mission Statement and Underlying Law 2. Marketing Expense Budget 3. Gifts to Individuals Who Are Not Physicians or Patients 4. Gifts to Physicians 5. Gifts to Patients 6. Gift Certificates/Cash Equivalents 7. Disciplinary Guidelines Table of Contents I. HCPCS Coding J. Inexpensive or Other Routinely Purchased DME Items and Capped Rental Items K. Internal Reporting L. Investigations M. KX Modifier N. Medical Necessity O. Medicare Assignment Table of Contents P. Q. R. S. T. Payment Likely to Be Denied Physician Orders Plan Auditing Refusing to Submit a Claim to Medicare Routine Waiver of Deductibles and Coinsurance U. Wiretapping Table of Contents V. Forms A. B. C. D. E. Stark Law Compliance Checklist Supervisor’s Compliance Certificate Employee’s Compliance Certificate Compliance Report Form Document Retention Schedule Compliance Manual Summary • Code of Conduct − Stark − Medicare/Medicaid – Anti-Kickback Statute − False Claims Laws − Civil Monetary Penalties − Contracts − Referrals to Other Providers − Inappropriate Relationships with Patients Compliance Manual Summary • Code of Conduct − Conflict of Interest In General Prior Approval for Potential Conflicts Examples − Improper Payments − Confidentiality − Employment Practices Compliance Manual Summary • Code of Conduct − Reporting Abuse − Quality of Care − Physician Orders and Certificates of Medical Necessity − Medical Record Documentation − Company Property and Proprietary Information − Corporate and Financial Records Compliance Manual Summary • Code of Conduct − Marketing − Document Retention − Education and Training − Duties of Compliance Officer • Enforcement and Discipline − Reporting − Persons Subject to Action − Consideration Compliance Manual Summary • Compliance Program Operation − Compliance Officer − Corporate Compliance Committee − Officer Report • Additional Policies − Auditing − Background Screening − Claim Review Compliance Manual Summary • Additional Policies (continued) − HCPCS − Telephone Solicitation − Advance Beneficiary Notice (“ABN”) Marketing Expense Budget and Gift Policy • Marketing Mission Statement and Underlying Law • Marketing Expense Budget • Gifts to Individuals Who Are Not Physicians or Patients • Gifts to Physicians (Gifts to physicians who are also patients must meet the requirements of Sections D and E) Marketing Expense Budget and Gift Policy • Gifts to Patients (Gifts to patients who are also physicians must meet the requirements of Sections D and E) • Gift Certificates/Cash Equivalents • Disciplinary Guidelines Self Audits Why Perform a Self-Audit? • One of the primary advantages, if the supplier has a corporate compliance program, is to provide evidence that the corporate compliance program is effective. • This is important because an effective corporate compliance program can greatly reduce any fines or penalties that might result from a government investigation. Why Perform a Self-Audit? • An effective corporate compliance program may also result in the government not requiring the supplier to enter into a corporate integrity agreement as part of a settlement resulting from an investigation. Hallmarks of Effective Self-Audits Routine • An effective internal audit process will become part of what the supplier does. Hallmarks of Effective Self-Audits Periodic • An effective audit procedure takes place periodically. • The exact period does not matter so much as that an audit happens at defined time intervals. Hallmarks of Effective Self-Audits Periodic • Also, note that how often self-audits occur is influenced by and, in turn, influences the scope of the audit. Hallmarks of Effective Self-Audits Eventually cover all areas of exposure • Whether the audits are monthly, quarterly, or annually, the audits should address all risk areas for the supplier. Hallmarks of Effective Self-Audits Individuals held accountable • Individuals should be held accountable both for the performance of the audits and for implementing any changes that result from the audits. Hallmarks of Effective Self-Audits Documentation of the audit • Proper documentation of the audit must be maintained and the documentation must include the following: – the specific risk areas the audit addressed – the individuals performing the audit – the time frame of the audit Hallmarks of Effective Self-Audits • Proper documentation (continued): – a copy of the audit tool – the results of the audit – recommendations for changes to policies and procedures Hallmarks of Effective Self-Audits • Proper documentation (continued): – specific changes that were, in fact, implemented as a result of the audit – a subsequent re-audit to verify that the changes in policies and procedures took root Specific Self-Audit Areas and Procedures • Review denials received from the MACs to determine if there are any patterns to the denials. • Review the supplier's accounts receivable history. • Review the OIG's annual workplan. Specific Self-Audit Areas and Procedures • Review recent reports published by various HHS departments. – Reports on abuses in the marketing of diabetes testing supplies should have prompted suppliers providing diabetes testing supplies to review and evaluate their marketing practices. Specific Self-Audit Areas and Procedures • Review the results of Medicare hearings, appeals, and reviews. – These will often pinpoint, with laserlike specificity, any problems in the supplier’s underlying medical necessity documentation. Specific Self-Audit Areas and Procedures • Upon hiring new individuals, and at least once per year thereafter, verify that the individual does not appear on the OIG's list of excluded individuals. • Test various employees (especially billing personnel) to verify their knowledge of correct procedures. Specific Self-Audit Areas and Procedures • Review the size and age of the supplier’s credit balances. • Review the OIG's Corporate Compliance Program Guidance for DME Suppliers. • Review the audits conducted and develop statistics. Post-Audit Follow-Up • The audit summary should be reported to the supplier’s president on a routine basis. Post-Audit Follow-Up Other follow-up actions may include, but are not limited to: • Revising policies and procedures. This can be helpful in correcting systemic errors. • Providing additional training in specific areas. • Making refunds, if appropriate. • Taking disciplinary action, if necessary. Post-Audit Follow-Up Other follow-up actions (continued): • Changing the focus of the audits. – Audit plans should be flexible and revised based upon the results of previous audits. – There is no magic formula for how many internal audits must be conducted and what each audit should contain. Post-Audit Follow-Up Other follow-up actions (continued): • Documenting specific changes that were, in fact, implemented as a result of the audit, and subsequent re-audits to verify that the changes in policies and procedures and that corrective actions have been implemented successfully. Post-Audit Follow-Up • All audit plans, audit summaries and completed audit tools should be maintained and secured in an organized manner . • The supplier should also review its denials received from the MACs and other payor sources to determine if there are any patterns to the denials. Post-Audit Follow-Up • The accounts receivable history, hardship waivers, co-payments and deductible payments and usage of the KX modifier are items that should be reviewed during audits. • The supplier should become familiar with the major investigative targets. Post-Audit Follow-Up • Key sources of information on “hot” targets include the annual work plan from the OIG, fraud alerts issued by the OIG, and focused medical reviews described in payors’ provider bulletins. Preparing for a Government Investigation Introduction • Assume that a DME company suspects it is under investigation. • Perhaps the clues were a series of particularly detailed or expansive documentation requests or audits. Introduction • Or perhaps referring physicians reported receiving telephone calls from Medicare or another governmental agency inquiring about the relationship the physicians have with the DME company, what kinds of equipment were ordered and the names of the patients. Introduction • Or perhaps patients were interviewed in person by FBI agents. • In any case, the DME company fears a larger investigation is under way and wishes to minimize the shock and fallout of further investigative actions. Preparatory Steps • There are a number of steps the DME company can take to prepare itself for a possible government investigation. Preparatory Steps • Corporate Compliance Program • Regular Computer System Backups – The company should regularly back up its computer system and keep the backup files in a secure offsite location. Preparatory Steps • Comprehensive Document Inventory – The company should maintain a detailed inventory of documents and their locations on the premises, e.g., a list of patient files, and which office and/or file cabinets they are kept in. • Appoint a Company Spokesperson Preparatory Steps • Employee Training – It is important to remember that the company should not instruct its employees to refuse to speak with investigators, because this could be construed as obstruction of justice. – Rather, the company should instruct employees that it is their choice whether or not to answer the investigator’s questions, and that they have the right not to do so. – It is also their right to request that an attorney be present during questioning. Preparatory Steps • Rehearsal – Too frequently, investigators take advantage of situations where unsuspecting, frightened employees act impulsively to release information that may be outside the boundaries of the investigation. – It is easy, after the fact, for government agents to claim that the employees released the information voluntarily. – A “fire drill” approach to rehearsing such a scenario is an effective way to prepare employees for the real thing. Preparatory Steps • Retain a Health Care Attorney THE END A production of: Brown & Fortunato, P.C. 905 S. Fillmore, Suite 400 Amarillo, TX 79101 806-345-6300 www.bf-law.com Jeffrey S. Baird, Esq. jbaird@bf-law.com 806-345-6320