Corporate Compliance Program Updates National Association of State Veterans Homes March 2015 Presented by: Eileen Denzel RHIA, CCS Director of Compliance/Privacy Officer Long Island State Veterans Home Stony Brook, New York Eileen.Denzel@LISVH.Org (631) 444-8646 Celebrate Corporate Compliance & Ethics Week November 1-7, 2015 Many organizations use the week as an opportunity to raise awareness about compliance and ethics and engage employees about these difficult yet vitally important topics. Others use the week to rollout a new compliance training program or hold its annual compliance training activities. Celebrate Corporate Compliance & Ethics Week the first full week of November in 2015. To better align the timing of Corporate Compliance & Ethics Week with the implementation of the Federal Sentencing Guidelines (Nov. 1, 2004), it will now be held during the first full week in November every year Identified Compliance Program Best Practices Element (1) Written policies and procedures: 1. Publication of code of conduct and/or compliance plan document on the provider’s intranet and/or public Web site. 1. Language in the compliance plan outlines the benefits of a corporate compliance program as a way to obtain buy‐in from the provider’s constituency. Element (2) Designate an employee vested with responsibility: 1. The compliance officer reports directly to the governing board, with dotted line responsibility to a member of senior management. 2. The chief executive officer receives regular reports from the compliance officer if the compliance officer does not report directly to the CEO. Element (3) Training and Education: 1. Use of an electronic training and education system that tracks mandatory compliance education of employees via an electronic system which: a. is customized to the organization; b. sends an individualized e‐mail to employees to announce upcoming required and elective training; and c. tracks each employee’s required compliance training and educational needs. 2. Results of online compliance education quiz scores are analyzed and tracked to identify areas of weakness for both the education program and for those being trained. Element (3) Training and Education: 3. Additional training and education is provided based on this analysis. Results of the online post‐test quizzes are utilized to identify risk areas and assess the need for internal monitoring and auditing. 4. The compliance training and educational materials are tailored to the needs of differing organizational levels as well as the educational backgrounds of all employees. 5. The compliance manual/code of distributed annually and upon hire. conduct is Element (4) Communication lines to the responsible compliance position: 1. The compliance program operates in an environment of transparency throughout the organization and includes communication lines among the president/director, senior management, and employees. 2. Human resource department’s exit interviews of employees include specific compliance‐related questions that are fed back to the compliance function. Element (5) Disciplinary policies to encourage good faith participation: 1. Employee performance evaluations incorporate compliance as one indicator of performance, as well as an employee’s adherence to applicable laws, regulations, and policies. Element (6) A system for routine identification of compliance risk areas: 1. The Compliance Program uses a comprehensive self‐assessment tool to plan and develop an annual compliance work plan. Element (6) A system for routine identification of compliance risk areas: 2. A compliance dashboard centralizes information to track and provide reports on compliance activities. 3. Internal monitoring and auditing systems are used throughout the agency as evidenced by: a. Teams of cross‐trained peer reviewers, who conduct quarterly case record reviews in each program area to ensure that documentation complies with established requirements and to ensure quality of service provided. This review is conducted as part of a quality improvement program. b. A pre‐claim review process is used prior to submission of claims to address billing and coding errors and weaknesses. Element (6) A system for routine identification of compliance risk areas: 4. Identified risk areas are tracked month to month, analyzed, and trended to monitor the identified risk area activity. The data is shared with committee members and the governing board with the goal of improving the number of identified risk areas, processes, and outcomes. 5. Individualized sampling of medical records is conducted to assess the accuracy of ordered services and whether the services were actually rendered. Element (7) A system for responding to compliance issues: 1. Review OMIG’s, OIG’s and CMS’ Web sites for regulatory work plans and alerts associated with specific areas of focus, assess organizational risk in those areas and develop appropriate action plans to address the risk or weakness. Element (8) A policy of non‐intimidation and non‐retaliation: 1. Exit interviews with employees include an interview with the Compliance Officer who inquires about cases of intimidation or retaliation related to the employee who is departing service and; related to what the departing employee may have observed while employed. Compliance Meeting Agenda Items Sanction Screening Gifts Helpline Calls Departmental Auditing Monitoring External Audits OIG/ OMIG Work Plan Items Compliance News HIPAA Consultant Update Compliance Activities in the Industry Program Integrity and Quality of Care–An Overview for Nursing Home Providers Content Summary This booklet is written for nursing home providers and contains information on the definitions for fraud, waste, and abuse, and common types of fraud in the nursing home environment. This booklet also discusses improper payments and government anti-fraud efforts. After addressing common program integrity issues, the booklet covers quality of care in the nursing home, such as quality of life, resident rights, and resident freedom from fraud and abuse. The booklet concludes with information on how to report concerns and problems in the nursing home. http://www.cms.gov/Medicare-MedicaidCoordination/Fraud-Prevention/Medicaid-IntegrityEducation/Downloads/nursinghome-provider-booklet.pdf HEAT Provider Compliance Training Videos Videos and Audio Podcasts This page contains videos and audio podcasts that are part of the award-winning Health Care Fraud Prevention and Enforcement Action Team (HEAT) Provider Compliance Training initiative. These are educational presentations designed to help prevent fraud, waste, and abuse. https://oig.hhs.gov/newsroom/video/2011/heat_modules.asp OIG Wants Medicare to Probe EHR Audit Logs for Fraud A particular OIG concern is how CMS contractors address fraud vulnerabilities directly related to Medicare health claims. OIG notes that audit logs can be used to analyze historical patterns that can identify data inconsistencies. To provide the most benefit in fraud protection, audit logs should always be operational, be stored as long as clinical records, and never be altered. OIG goes further in noting that few integrity contractors analyze audit logs as part of medical review. EHR Audit Logs OIG recommends that CMS direct its contractors to review providers’ audit logs. As OIG pointed out, “experts in health information technology caution that HER technology can make it easier to commit fraud.” For instance, the copy paste feature allows users to replicate information in one source and transfer the information to another source. Overuse or inappropriate use of copy-paste could produce inaccurate information and facilitate fraudulent claims. In addition, some EHRs provide templates that auto-populate fields by a single click, resulting in extensive documentation. As OIG notes, the use of audit logs may reveal such data inconsistencies and“provide the most benefit in fraud detection.” EHR Audit Logs What an Audit Trail Reveals: An audit log is a record of how information is entered, revised, or deleted in an EHR. identify the patient; identify the EHR user; identify the type of action, such as printing or copying data, submitting data queries, or entering, revising, or deleting data; and identify the patient data being accessed. LISVH COMPLIANCE ASSURANCE HOTLINE If you have a compliance question or concern … Call the CONFIDENTIAL Compliance Hotline at 631-689-2179 Or Contact Eileen Denzel, Compliance Officer, 444-8646 Eileen.denzel@lisvh.org CDC Website for LTC Website launched January 23, 2014 Focuses on Infection Control prevention in Long term care facilities CDC Infection Prevention website for long term care http://www.cdc.gov/longtermcare/ Email list for PEPPER www.pepperresources.com Medicare Update Info http://www.cms.gov/mlnmattersarticles OCTOBER 2015 ICD-10 COMPLIANCE DATE http://www.cms.gov/Medicare/Coding/ICD10/ProviderResour ces.html CMS Releases Two New ICD-10 Videos The Centers for Medicare & Medicaid Services (CMS) has released two animated shorts that explain key ICD-10 concepts. Less than 4 minutes each, the videos are available at: cms.gov/ICD-10 Introduction to ICD-10 Coding gives an overview of ICD10’s features and explains the benefits of the new code set to patients and to the health care community. ICD-10 Coding and Diabetes uses diabetes as an example to show how the code set captures important clinical details. Keep Up to Date on ICD-10 Visit the CMS ICD-10 website for the latest news and resources to help you prepare. CMS Issues Official ICD-10-CM Guidelines http://www.cdc.gov/nchs/data/icd/icd10cm_gui delines_2015.pdf These guidelines should be used as a companion document to the official version of the ICD-10-CM as published on the NCHS website. Disposal of PHI • All PHI must be disposed of properly in a GRAY confidential bin. – Examples of PHI include resident name, resident photo, diagnosis, room #, account and medical record #, address, phone number, birth date, social security #. – Examples include phone messages, pharmacy and medical record labels, faxes, statements and reports. • If your bin requires service, please call Environmental Services at x790. HIPAA Updates New rule protects patient privacy, secures health information Enhanced standards improve privacy protections and security safeguards for consumer health data . The U.S. Department of Health and Human Services (HHS) moved forward to strengthen the privacy and security protections for health information established under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Notice of Privacy Practices (NPP)-update Business Associate Agreements (BAA)-update Notice of Privacy Practices Updates: A statement that the following uses and disclosures will be made only with authorization from the individual: • uses and disclosures for marketing purposes; • uses and disclosures that constitute the sale of PHI; • most uses and disclosures of psychotherapy notes (if the covered entity maintains psychotherapy notes); and • other uses and disclosures not described in the notice A statement regarding an individual’s right to notice in the event of a breach. Notice of Privacy Practices Updates: Notice of the right to opt out of fundraising communications (if the covered entity conducts fundraising) . Health care providers must include in their notice of privacy practices a statement about an individual’s right to restrict disclosures of protected health information to health plans if an individual has paid for services out of pocket in full. All covered entities must revise their notice of privacy practices by September 23, 2013. The revisions constitute a material modification to the notice, and therefore the revised notice must be made available to individuals as follows: Notice of Privacy Practices Updates: Health care providers: The revised notice must be available to existing patients upon request, and must be posted both to the provider’s website (if they have a website) and in a prominent location on the premises. New patients must be provided with a copy of the revised notice. Business Associates Updates: Business Associates (BA) are now defined to include a broader array of contractors that store and touch PHI — including, for example, document storage companies and other contractors that “maintain” PHI, even if they do not actually view the information in their possession. Business Associates Updates: For BA agreements you already had in place as of Jan. 25, 2013, you have until Sept. 22, 2014, to bring them into compliance with the 2013 HIPAA omnibus rules. Remember, if you amend an existing BA agreement after Jan. 25, 2013, the amended version must be in compliance with the 2013 HIPAA omnibus rules. The rules also extended liability under the HIPAA privacy and security rules to BAs as well as to their subcontractors. QAPI QAPI is a data-driven, proactive approach to improving the quality of life, care, and services in nursing homes. The activities of QAPI involve members at all levels of the organization to: identify opportunities for improvement; address gaps in systems or processes; develop and implement an improvement or corrective plan; and continuously monitor effectiveness of interventions. QAPI Update A Process Tool Framework has been created to crosswalk each CMS Process Tool to the QAPI Five Elements. This framework includes a description of the purpose or goal for each tool that is hyperlinked within the framework. http://www.cms.gov/Medicare/Provider-Enrollmentand-Certification/QAPI/NHQAPI.html http://www.cms.gov/Medicare/Provider-Enrollmentand-Certification/QAPI/qapitools.html Office of Inspector General Work Plan Fiscal Year 2015 http://oig.hhs.gov/reports-andpublications/archives/workplan/2015/FY15-Work-Plan.pdf Medicare Part A billing by skilled nursing facilities: We will describe changes in SNF billing practices from FYs 2011 to 2013. Prior OIG work found that SNFs increasingly billed for the highest level of therapy even though beneficiary characteristics remained largely unchanged. OIG also found that SNFs billed one-quarter of all 2009 claims in error; this erroneous billing resulted in $1.5 billion in inappropriate Medicare payments. CMS has made substantial changes to how SNFs bill for services for Medicare Part A stays. (OEI; 02-13-00610; various reviews; expected issue date: FY 2015) Office of Inspector General Work Plan Fiscal Year 2015 Questionable billing patterns for Part B services during nursing home stays: We will identify questionable billing patterns associated with nursing homes and Medicare providers for Part B services provided to nursing home residents during stays not paid under Part A (for example, stays during which benefits are exhausted or the 3-day prior-inpatient-stay requirement is not met). A series of studies will examine several broad categories of services, such as foot care. Congress directed OIG to monitor Part B billing for abuse during non-Part A stays to ensure that no excessive services are provided. (OEI; 06-1400160; various reviews; expected issue date: FY 2015) HHS OIG Work Plan | FY 2015 Medicare Program Office of Inspector General Work Plan Fiscal Year 2015 State agency verification of deficiency corrections: We will determine whether State survey agencies verified correction plans for deficiencies identified during nursing home recertification surveys. A prior OIG review found that one State survey agency did not always verify that nursing homes corrected deficiencies identified during surveys in accordance with Federal requirements. Federal regulations require nursing homes to submit correction plans to the State survey agency or CMS for deficiencies identified during surveys. (42 CFR § 488.402(d).) CMS requires State survey agencies to verify the correction of identified deficiencies through onsite reviews or by obtaining other evidence of correction. (State Operations Manual, Pub. No. 100-07, § 7300.3.) various reviews; expected issue date: FY 2015) Office of Inspector General Work Plan Fiscal Year 2015 Program for national background checks for long-term-care employees: We will review the procedures implemented by participating States for long-term-care facilities or providers to conduct background checks on prospective employees and providers who would have direct access to patients and determine the costs of conducting background checks. We will determine the outcomes of the States' programs and determine whether the programs led to any unintended consequences. Office of Inspector General Work Plan Fiscal Year 2015 Section 6201 of the Patient Protection and Affordable Care Act (ACA) requires the Secretary of Health and Human Services to carry out a nationwide program for States to conduct national and State background checks for prospective direct patient access employees of nursing facilities and other long-term-care providers. Office of Inspector General Work Plan Fiscal Year 2015 The program is administered by CMS. To carry out the nationwide program, CMS has issued solicitations for grant awards. All States, the District of Columbia, and U.S. territories are eligible to be considered for a grant award. OIG is required under the ACA to submit a report to Congress evaluating this program. This mandated work is ongoing and will be issued at the program's conclusion, as required. (ACA, § 6401.) (OEI; 07-10-00420; expected issue date: FY 2015; ACA) Office of Inspector General Work Plan Fiscal Year 2015 Hospitalizations of nursing home residents manageable and preventable conditions: for We will determine the extent to which Medicare beneficiaries residing in nursing homes are hospitalized as a result of conditions thought to be manageable or preventable in the nursing home setting. A 2013 OIG review found that 25 percent of Medicare beneficiaries were hospitalized for any reason in FY 2011. Hospitalizations of nursing home residents are costly to Medicare and may indicate quality-ofcare problems in nursing homes. (OEI; 06-11-00041; expected issue date: FY 2015) New York State Office of the Medicaid Inspector General (OMIG) 2014-15 Work Plan http://www.omig.ny.gov/images/stories/work_plan/201415_work_plan.pdf The Residential Health Care Facilities (RHCF) Business Line Team reviews nursing facilities and assisted living programs (ALP). RHCFs are reimbursed for covered services to eligible consumers based on determined rates. An ALP provides long-term residential care, room, board, housekeeping, personal care, supervision, and provides or arranges for home health services to five or more eligible residents unrelated to the operator. . New York State Office of the Medicaid Inspector General (OMIG) 2014-15 Work Plan Base Year Audits: RHCFs use the same reported costs, with appropriate trend factors, for multiple years of reimbursement. The Office of the Medicaid Inspector General (OMIG) will review new base year rates approved by the Department of Health (DOH). OMIG reviews will focus on inappropriate and unallowable costs included in the new RHCF rates. OMIG will also review add-ons to determine whether they were appropriately calculated. Capital: Reported RHCF capital costs are used as a basis for the capital component of the RHCF Medicaid rate. OMIG will audit underlining costs included within the capital component and if necessary, make appropriate adjustments to the rates New York State Office of the Medicaid Inspector General (OMIG) 2014-15 Work Plan Medicaid Rate Part B Offset Medicaid rates for nursing facilities include billable rates for Medicaid consumers who may or may not be eligible for Medicare Part B service reimbursement. The difference between the non-eligible and eligible rates is called the “Part B Offset.” OMIG has developed an approach to systematically capture the Part B reimbursement information associated with Medicaid consumers through data gathering and computer matches with the Centers for Medicare and Medicaid Services. OMIG will conduct risk assessments and perform reviews of the Part B Offset for facilities that are rated as high risk and will also review any appeals processed by DOH. New York State Office of the Medicaid Inspector General (OMIG) 2014-15 Work Plan Bed Reservations: When qualifying criteria are met, the Medicaid program reimburses nursing facilities on a per diem basis to hold a resident’s bed while that resident is temporarily absent from the facility. OMIG will review nursing facilities reserved bed payments to determine whether facilities are qualified to receive these payments. New York State Office of the Medicaid Inspector General (OMIG) 2014-15 Work Plan Minimum Data Set: OMIG will review Minimum Data Set submissions from nursing facilities. During State Fiscal Year 2014-2015, OMIG will collaborate with DOH to initiate reviews of data submissions. Notice of Rate Changes (Rollovers): Reported base year operating costs are increased by an inflation factor (also known as a trend factor) and used as a basis for RHCF rates for subsequent years. OMIG will carry forward base year operating cost audit findings and adjust rates accordingly. Rate Appeals: RHCFs may file rate appeals with DOH to contest their Medicaid rates. OMIG will review rate appeals that have been approved by DOH and, where indicated, audit underlying costs associated with those appeals to determine the appropriateness of each appeal issue. Sanction Screening Under Federal law, no payment will be made by any Federal health care program, including Medicare or Medicaid, for any items or services furnished, ordered, or prescribed by an excluded individual or entity. Exclusions from participation in Federal health care programs are imposed by the Department of Health and Human Services (DHHS) Office of Inspector General (OIG). The OIG advises that all current and new employees, medical personnel, contractors, and vendors should be screened against the latest version of the OIG List of Excluded Individuals and Entities (LEIE), which is published on its web site: https://oig.hhs.gov/exclusions/index.asp on a monthly basis. Sanction Screening • The OIG further recommends regular screening of the General Services Administration System of Awards Management (SAM) List of Parties Excluded from Federal Procurement and Non-procurement Programs). Similarly, the DHHS Centers for Medicare & Medicaid Services (CMS), has advised that providers may not employ, contract with or receive Medicare or Medicaid payments for items or services furnished by individuals or entities excluded from participation in any health care program, or debarred by the SAM, or receive Medicare or Medicaid payments for items or services furnished, ordered, or prescribed by an excluded individual or entity. https://www.sam.gov/portal/public/SAM/ Sanction Screening Who can be sanctioned? Individuals and businesses/entities. Why? Default on health education loan or scholarship obligations. Failure to meet statutory obligations of practitioners and providers to provide' medically necessary services meeting professionally recognized standards of health care Conviction relating to patient abuse or neglect. Felony conviction relating to health care fraud. Felony conviction relating to controlled substance. Claims for excessive charges, unnecessary services or services which fail to meet professionally recognized standards of health care, or failure of an HMO to furnish medically necessary services. Sanction Screening CMS has further advised States that they should require Medicaid providers to search the OIG’s LEIE on a monthly basis. In addition, states have independent legal authority to exclude individuals and entities from participation in their individual state Medicaid programs. Many states have developed their own lists of sanctioned and excluded individuals and entities that should be searched in addition to the federal OIG and SAM lists. For example, the New York Office of Medicaid Inspector General (OMIG) issues its own List of Restricted, Terminated, and Excluded Individuals and Entities, and advises that health care providers check the OMIG list, as well as the LEIE and SAM on a monthly basis. Sanction Screening Section 6501 of the Affordable Care Act states that if an individual or entity is excluded in one state, then he/she or it, is excluded in all states. This means that healthcare employers and companies need to make sure their compliance program includes searching all available state Medicaid exclusion registries as well as the federal exclusions lists. States that have Medicaid exclusion registries: Alabama Arizona Arkansas California Connecticut District of Columbia Florida Hawaii Idaho Illinois Kansas Kentucky Massachusetts Maryland Maine Michigan Mississippi Nebraska New Jersey Nevada New York Ohio Pennsylvania South Carolina Tennessee Texas Washington West Virginia Wyoming Sanction Screening Require current employees to report to the nursing facility if, subsequent to their employment, they are convicted of an offense that would preclude employment in a nursing facility or are excluded from participation in any Federal health care program; and Regardless of the size or resources of the nursing facility, employee screening is critical. Nursing facilities, like all corporations, must act through their employees and are held accountable for their actions. Written Agreement with a Hospice Provider This final rule specifies, for the facility, what the written agreement with the hospice should address. It is important to note that not every requirement of the new rule must be in the written agreement. Only the following obligations set forth in § 483.75(t)(2)(ii) are specifically required to be included in the agreement: Written Agreement with a Hospice Provider A. The services the hospice will provide B. The hospice’s responsibilities for determining the hospice plan of care C. The services the LTC facility will continue to provide, based on each resident’s plan of care D. A communication process, including how communication will be documented between the LTC facility and hospice E. That the LTC facility must immediately notify the hospice about: A. Significant change in the resident’s physical, mental, social or emotional status; B. Clinical complications that suggest a need to alter the plan of care; C. Need to transfer the resident from the facility for any condition; or D. Resident’s death Written Agreement with a Hospice Provider I. That LTC facility personnel may assist in the administration of prescribed therapies when permitted by state law and specified by the facility. J. That the LTC facility must immediately report all alleged violations involving mistreatment, neglect, abuse, misappropriation of patient property by hospice personnel to the hospice administrator . K. The responsibilities of the hospice and the LTC facility to provide bereavement to LTC staff. Written Agreement with a Hospice Provider That the hospice assumes responsibility for determining the appropriate course of hospice care, including level of care A. The LTC facility’s role in providing 24-hour room and board care to meet the resident’s personal care and nursing needs, in coordination with the hospice representative The hospice’s responsibilities for services, including, but not limited to: Medical direction and management of the patient Nursing Counseling (including spiritual, dietary and bereavement) Social work Supplies, DME and drugs All other hospice services that are necessary for the care of the resident's terminal illness and related conditions Resources AHIMA Documentation and Practice Guidelines Long Term Care http://www.ahima.org/infocenter/guidelines/l tcs/index CMS Certification and compliance http://www.cms.gov/certificationandcompliance/ Office of the Inspector General http://www.oig.hhs.gov Minimum Data Set 3.0 Training Materials http://www.cms.gov/nursinghomequalityinits/ Appendix P Survey Protocol Appendix PP Interpretive Guidelines http://www.cms.gov/manuals SNF Pepper User’s Guide First Edition http://pepperresources.org/TrainingResources/Skill edNursingFacilities Hospice Services Provided in a Long Term Care Facility http://www.nhpco.org/sites/default/files/public /regulatory/Hospice_Nursing_Facility.pdf http://www.nhpco.org/sites/default/files/public /regulatory/NH_Comp-Final-Rule_July2013.pdf