1 medicare compliance and fraud, waste and abuse (fwa) training 12/11/2013

1 Medicare Compliance and Fraud, Waste and Abuse (FWA) Training 12/11/2013

FRAUD, WASTE AND ABUSE (FWA) EXECPTION-NOTICE There is one exception to the FWA training and education requirement. Regulations effective June 7, 2010 implemented a deeming exception which exempts FDRs who are enrolled in Medicare Parts A or B from annual FWA training and education. Therefore, if an entity or an individual is enrolled in Medicare Parts A or B, the FWA training and education requirement has already been satisfied. If you are unsure if this deeming exception applies to you please contact an IEHP Compliance Manager at [email protected] for more information. [email protected] 2

3 Overview & Objectives What: Compliance, Fraud, Waste, & Abuse (FWA) program requirements Inform you about what you need to be aware of and implement into your practices Meet the regulatory requirements for training and education Provide information on laws pertaining to fraud, waste, and abuse Why: Compliance programs help raise awareness and provide mechanisms to detect, prevent, and correct FWA Provide information on how to report fraud, waste, and abuse You must report non compliance and suspected or known FWA activities to a compliance officer or compliance department representative How: Training and education You must demonstrate training through completion of this training or an equivalent training You must be able to ensure that training was completed for each of your staff and that you have a process for new hires. Training to be completed by 12/31/2013

Why Do I Need Training? Every year millions of dollars are improperly spent because of fraud, waste, and abuse. It affects everyone, including YOU. This training will help you detect, correct, and prevent fraud, waste, and abuse. YOU are part of the solution. 4

Where Do I Fit In? As a First Tier, Downstream, or Related Entity (FDR) who provides health or administrative services to a Part C or Part D IEHP Member You are required to comply with all applicable statutory, regulatory, and other Part C or Part D requirements, including adopting and implementing an effective compliance program You have a duty to the Medicare Program to report any violations of laws of which you may be aware You have a duty to follow your organizations Code of Conduct that articulates your and your organization's commitment to standards of conduct and ethical rule of behavior. 5

Requirements The Social Security Act and CMS regulations and guidance govern the Medicare program, including parts C and D. Part C and Part D sponsors must have an effective compliance program which includes measure to prevent, detect and correct Medicare non-compliance as well as measures to prevent, detect and correct fraud, waste, and abuse. IEHP must have an effective training program for employees, managers, and directors, as well as their first tier, downstream, and related entities. (42 C.F.R. 422.503 and 42 C.F.R. 423.504 6

An Effective Compliance Program Must at a minimum, include the 7 core compliance program requirements Written compliance policies, procedures, and standards of conduct A Compliance Officer, Compliance Committee, and High Level Oversight Effective training and education Effective lines of communication Well publicized disciplinary standards Effective system for routine monitoring and identification of compliance risks Procedures and system for prompt response to compliance issues 7

DETECTION 8

UNDERSTANDING FRUAD, WASTE, AND ABUSE In order to detect fraud, waste, and abuse you need to know the Law CRIMINAL FRAUD: Knowingly and willfully executing, or attempting to execute, a scheme or artifice to defraud any health care benefit program; or to obtain, by means of false or fraudulent pretenses, representations, or promises, any of the money or property owned by, or under the custody or control of, any health care benefit program. 18 United States Code 1347 9

Waste and Abuse WASTE: Overutilization of services or other practices that directly or indirectly result in unnecessary costs to the Medicare Program. Abuse: Includes actions that may directly or indirectly result in unnecessary costs to the Medicare Program. 10

Differences Between Fraud, Waste, and Abuse Criminal Fraud: Intentionally submitting false information to the government or a government contractor in order to get money or a benefit. Person has intent to obtain payment or benefit and the knowledge that their actions are wrong. Waste and Abuse: May involve obtaining an improper payment, but does not require the same intent and knowledge. 11

12 Examples of Fraud Examples of Abuse Examples of Waste Billing for services not furnished Billing for services at a higher rate than is actually justified Soliciting, offering or receiving a kickback, bribe or rebate Deliberately misrepresenting services, resulting in unnecessary cost, improper payments or overpayment Violations of the physician self- referral (Stark) prohibition Source: 1. Medicare Physician Guide: A Resource for Residents, Practicing Physicians, & Other Health Care Professionals, 10 th Edition (10/08) Charging in excess for services or supplies Providing medically unnecessary services Providing services that do not meet professionally recognized standards Billing Medicare based on a higher fee schedule than is used for patients not on Medicare Source: 2. CMS Medicare Fraud and Abuse Web-based Training (April 2007) Over-utilization of services Misuse of resources Quick Reference Chart

REPORTING 13

Reporting Fraud, Waste, and Abuse Do not be concerned about proving whether it is fraud, waste, or abuse. You do not have to prove FWA to report it, you only need to suspect it to report it! Report any concerns to your Compliance Department or the IEHP Compliance Department. IEHPs Compliance Department will investigate and make the proper determination. 14

Required Reporting Violations of the code of conduct, ethics or any fraud, waste or abuse must be reported. Not reporting fraud or suspected fraud can make you a party to a case by allowing the fraud to continue. Everyone is required to report suspected instances of fraud, waste, and abuse which is clearly stated in the IEHP Code of Conduct Your organization must have internal mechanisms for reporting compliance & FWA concerns (i.e., your Compliance Officer or a Compliance Hotline) IEHP may not retaliate against you for making a good faith effort in reporting. Fraud or suspected fraud may be reported anonymously to IEHP, your internal reporting mechanisms, or MEDICS at 1-800-MEDICARE Refer to the following slide regarding IEHP compliance reporting options 15

16 Health Plan Hotline Information IEHP Compliance Hotline 866-355-9038 IEHP Compliance Department Email [email protected] [email protected] IEHP Compliance Department Fax # 909-890-2973 Mailing Address Compliance Officer IEHP P.O. Box 1800 Rancho Cucamonga, CA 91729-1800 Required Reporting (continued)

Everyone has the right and responsibility to report possible fraud, waste, or abuse. REMEMBER: You may report anonymously and retaliation is prohibited when you report a concern in good faith. WHEN IN DOUBT: Call IEHP fraud, waste, and abuse Hotline or the Compliance Department IEHP Compliance Hotline 866-355-9038 17

Types of FWA Medicare Advantage Organization (MAO) or Part D Plan (PDP) Fraud Member Fraud Provider Fraud Pharmacy Fraud Each carries a set of implications that we need to be aware of as part of our daily activities to help prevent FWA 18

MAO / PDP PLAN FWA (examples) Failure to Provide Medically Necessary Services Medically necessary items or services fail to be provided which the organization is required to provide (under law or under the contract) to a Part C or Part D plan enrollee, and that failure adversely affects (or is likely to affect) the enrollee. Inappropriate Enrollment / Disenrollment Improperly reporting enrollment and disenrollment data to CMS to inflate prospective payments. For example, Sponsor fails to effect timely disenrollment of beneficiary from CMS systems upon beneficiarys request. 19

MAO / PDP PLAN FWA (examples continued) Marketing Schemes Offering beneficiaries a cash payment as an encouragement to enroll in a Plan. Gifts that are above the CMS allowed $15 exemption, gifts convertible to cash, or meals (anything beyond the light snacks that guidance allows) Unsolicited door-to-door marketing. Use of unlicensed agents, where required by state law. Enrollment of individual in a Medicare Plan without knowledge or consent. Stating that a marketing agent / broker works for or is contracted with the Social Security Administration or CMS Formulary or Coverage Decisions Making inappropriate formulary decisions or coverage decisions based on inducements. Delaying access to necessary covered drugs. 20

Beneficiary (Member) FWA (examples) The following are examples of fraud by Medicare beneficiaries (members): Identity Theft Using a different members I.D. card to obtain prescriptions, services, equipment, supplies, doctor visits, and / or hospital stays. Individuals who loan their I.D. card face significant risks to care (i.e., wrong blood type in their medical record) Doctor Shopping Visiting several different doctors to obtain multiple prescriptions for painkillers or other drugs might point to an underlying scheme (stockpiling or black market resale). Improper Coordination of Benefits Beneficiary fails to disclose multiple coverage policies, or leverages various coverage policies to game the system. Prescription Fraud Resale of Drugs on Black Market. Falsely reporting loss or theft of drugs or feigns illness to obtain drugs for resale on the black market. Falsifying or modifying a prescription. 21

22 Provider FWA (examples) Kickbacks: Soliciting, offering, or receiving a kickback, bribe, or rebate For example, paying for a referral of patients in exchange for the ordering of diagnostic tests and other services or medical equipment. Inducements: Such as copay waivers or free services to retain patients Caution required when dispensing free medications from pharmacy companies. Should have consistent policies reviewed by legal. False Claims: Billing for services not rendered or supplies not provided For example, billing for appointments the patient failed to keep. Billing for a gang visit in which a physician visits a nursing home and bills for 20 nursing home visits without furnishing any specific service to individual patients. Double billing: Such as billing both Medicare and the beneficiary, or billing both Medicare and another insurer.

23 Provider FWA (examples continued) Date of Service: Misrepresenting the date services were rendered. Identity: Misrepresenting the identity of the individual who received the services. Rendering Provider: Misrepresenting who rendered the service. Such as billing for an office visit when the only services were an injection by a medical assistant. False Coding or Services: Billing for a covered item or service when the actual item or service provided was a non-covered item or service. Unnecessary Care: Providing unnecessary procedures or prescribing unnecessary drugs. This includes appropriate review that patients meet the Certification of Medical Necessity requirements

24 Provider FWA (examples continued) Altering Medical Records: Erroneous or false or late entries in the medical record. Late entry in the record, such as an addendum must be entered sequentially in the record according to coding rules Delay in Care: Delay in authorizing or providing access to medically necessary care. Physician office errors in non-timely submission of auth requests can result in delay in care. Patient Dumping: Encouraging disenrollment for high cost patients to defer costs and care to original Medicare when in a capitated model.

25 Provider Prescription Drug FWA (examples) Over Prescribing: Over-prescription or false prescription of narcotics Selling Prescriptions: Participating in illegal remuneration schemes, such as selling prescriptions. Inducements: Prescribing medications based on illegal inducements, rather than the clinical needs of the patient. Such as pharmacy manufacturer incentives or discounted services Not Medically Necessary: Writing prescriptions for drugs that are not medically necessary, often in mass quantities, and often for individuals that are not patients of a provider.

26 Provider Prescription Drug FWA (examples continued) Theft Identity Fraud: Theft of a prescribers Drug Enforcement Agency (DEA) number, prescription pad, or e-prescribing log-in information. Falsifying Justification: Falsifying information in order to justify coverage, such as ruling out lower cost generics Dilution or Illegal Importation: Diluted substances or substituted provider administered drugs that may be either less than effective or contraindicated or illegal importation of drugs used or sold as covered drugs.

27 Pharmacists FWA (examples) False Billing: Billing for prescriptions that are never picked up. Billing for a brand name when generics are dispensed. Billing for non-covered prescriptions as covered items. Splitting prescriptions: For example, by splitting a 30-day prescription into 4 7-day prescriptions to get additional copayments and dispensing fees. Steering & Kickbacks: Engaging in unlawful remuneration, such as remuneration for steering a beneficiary toward a certain plan or drug, or for formulary placement. Overcharging: Failing to offer negotiated prices. Collecting higher copays than specified. Short Fills: Prescription drug shorting: Provides less than the prescribed quantity and bills for the fully-prescribed amount.

28 Pharmacists FWA (examples continued) Bait and switch pricing: When a beneficiary is led to believe that a drug will cost one price, but at the point of sale, the beneficiary is charged a higher amount. Forging and altering prescriptions: Modification to scripts or dosage Modifications to allowable refills Expired Drugs or Tainted Drugs: Dispensing drugs that are expired or have not been stored or handled in accordance with manufacturer and FDA requirements. Manipulating the True Out-of-Pocket cost: When a pharmacy falsely pushes a beneficiary through the coverage gap, into catastrophic coverage before they are eligible, or keeps a beneficiary in the coverage gap so that catastrophic coverage never occurs.

29 Pharmaceutical Wholesaler FWA (examples) Counterfeit Drugs: Counterfeit and adulterated drugs through black and grey market purchases. This includes but is not limited to fake, diluted, expired, and illegally imported drugs. Diverters: Brokers who illegally gain control of discounted medicines intended for places such as nursing homes, hospices and AIDS clinics. Diverters take the discounted drugs, mark up the prices, and rapidly move them to small wholesalers. In some cases, the pharmaceuticals may be marked up six times before being sold to the consumer. Inappropriate documentation of pricing information: Submitting false or inaccurate pricing or rebate information to, or that may be used by any, Federal health care program.

30 Pharmaceutical Manufacturer FWA (examples) Kickbacks, inducements, and other illegal remuneration: Inappropriate marketing and/or promotion of products. Inducements offered if the purchased products are reimbursable by any of the federal health care programs such as discounts, inappropriate product support services, educational grants, research funding, etc. Records Management: Lack of integrity of data to establish payment and/or determine reimbursement, such as missing or inappropriate documentation of pricing information. Formulary and formulary support activities: Inappropriate relationships with Pharmacy & Therapeutic Services Committee Members. Payments to PBMs for formulary placement.

31 Pharmaceutical Manufacturer FWA (examples continued) Inappropriate relationships with physicians: Switching arrangements, when manufacturers offer physicians cash payments or other benefits each time a patients prescription is changed to the manufacturers product from a competing product. Incentives offered to physicians to prescribe medically unnecessary drugs. Improper entertainment or incentives offered by sales agents. Off Label Use: Illegal promotion of off-label drug usage. Billing for Free Samples: Illegal usage of free samples to physicians knowing and expecting those physicians to bill the federal health care programs for the samples.

PREVENTION IS KEY 32

PREVENTION Make sure you are up-to-date with laws, regulations, policies Ensure you coordinate with other payers. Ensure data/billing is both accurate and timely Verify information provided to you Be on the lookout for suspicious activity 33

POLICY AND PROCEDURES Per contractual agreements, every sponsor, first tier, downstream, and related entity must have policies and procedures in place to address fraud, waste, and abuse. These procedures should assist you in detecting, correcting, and preventing fraud, waste, and abuse. Make sure you are familiar with your entitys policies and procedures. 34

Distribution of Compliance Policies & Procedures and Standards of Conduct The distribution of compliance policies, procedures and Standards of Conduct is essential to effectiveness. CMS expects Sponsors to ensure that its employees and employees of FDRs, as a condition of employment, read and agree to comply with all written compliance policies, procedures and Standards of Conduct within 90 days of the date of hire, when there are updates to the polices and procedures, and annually thereafter. IEHP shall demonstrate to CMS that all employees and employees of FDRs meet these requirements through the distribution of training materials and tracking of attestation documentation. 35

36 Best Practices for Preventing FWA Develop an effective compliance program tailored to your organization Perform regular internal audits & monitoring against regulatory standards Review for outliers / deviations from the norm Confirm UM decisions, coding and claims are timely / accurate. Confirm prompt refunds of overpayments (within 60 days) Ensure effective training & education is occurring, minimally for: New hires within 90 days and annually for all Staff Confirm training occurs on HIPAA Privacy and breach reporting Provide training updates and policy updates when regulations change Provide refresher training on policies as part of any Corrective Action Plan

37 Best Practices for Preventing FWA Establish effective lines of communication with colleagues and staff members. Ensure ALL staff are aware of how to report potential/actual FWA or compliance concerns Take action! If you identify a FWA issue you must report it. Ask about potential compliance issues during exit interviews Remember: The Provider, Hospital, IPA and the MAO or PDP plan are each ultimately responsible for all claims and encounters that are submitted for payment with your name on the claim.

Web FWA Resources ResourceLink Department of Health and Human Services Office of Inspector General: http://oig.hhs.gov/fraud/hotline/ Centers for Medicare and Medicaid Services (CMS): http://www.cms.hhs.gov/FraudAbuseforProfs/ CMS Information about the Physician Self Referral Law: www.cms.hhs.gov/PhysicianSelfReferral CMS Prescription Drug Benefit Manualhttp://www.cms.hhs.gov/PrescriptionDrugCovContr a/Downloads/PDBManual_Chapter9_FWA.pdf Medicare Learning Network (MLN) Fraud & Abuse Job Aid https://www.cms.gov/Outreach-and- Education/Training/NationalMedicareTrainingProgr am/Training-Library-Items/CMS1248271.html 38 Federal government web sites are sources of information regarding detection, correction, and prevention of fraud, waste, and abuse:

CORRECTION 39

Correction Identified fraud, waste, or abuse must be promptly corrected. Correcting the problem saves the government money and ensures you are in compliance with CMS requirements. 40

How Do I Correct Issues? Once issues have been identified, a plan to correct them needs to be developed. Consult your Compliance Officer or the IEHP Compliance Officer to find out the process for corrective action plan (CAP) development. The actual CAP is going to vary, depending on the specific circumstances. 41

LAWS YOU NEED TO KNOW ABOUT 42

Civil Fraud Civil Fraud Claims Act Prohibits: Presenting a false claim for payment or approval; Making or using a false record or statement in support of a false claim; Conspiring to violate the False Claims Act; Falsely certifying the type/amount of property to be used by the Government; Certifying receipt of property without knowing if its true; Buying property from an unauthorized Government officer; and Knowingly concealing or knowingly and improperly avoiding or decreasing an obligation to pay the Government. 31 United States Code 3729-3733 43

Laws The following slides provide very high level information about specific laws. For details about the specific laws, such as safe harbor provisions, consult the applicable statute and regulations concerning the law. 44

Physician Self-Referral Prohibition Statute (Stark Law) The Physician Self-Referral Prohibition Statute, commonly referred to as the Stark Law, prohibits: A physician from making a referral for certain designated health services to an entity in which the physician (or a member of his or her family) has an ownership/investment interest or with which he or she has a compensation arrangement (exceptions apply). Stark Statute Damages and Penalties Medicare claims tainted by an arrangement that does not comply with Stark are not payable. Penalties may include up to a $15,000 fine for each service provided or up to a $100,000 fine for entering into an arrangement or scheme. 42 United States Code 1395nn 45

Anti-Kickback Statute Prohibits: Knowingly and willfully soliciting, receiving, offering or paying remuneration (including any kickback, bribe, or rebate) for referrals for services that are paid in whole or in part under a federal health care program (which includes the Medicare program). 42 United States Code 1320a-7b(b) 46

Health Insurance Portability and Accountability Act (HIPAA) Health Insurance Portability and Accountability Act of 1996 (P.L. 104-191) Created greater access to health care insurance, protection of privacy of health care data, and promoted standardization and efficiency in the health care industry. Safeguards to prevent unauthorized access to protected health care information. As an individual who has access to protected health care information, you are responsible for adhering to HIPAA. 47

Remember to Protect Confidentiality Carefully handle all data that can identify the member: This includes any of the elements noted below: Social Security, Medicare ID (HICN), or Health Plan Member I.D. number Member Name, Address, Phone, Date of Birth Medical Record Number / Patient Account Number Review your internal HIPAA training. Review your internal policies and practices for reporting of any security and privacy breach to your respective HIPAA security or privacy officer. Reporting MUST be done immediately if you become aware of or suspect a breach may have occurred. 48

49 Entities / Individuals Excluded from Medicare or Government Programs Compliance programs must carefully monitor to ensure payments go to proper entities. This includes payments to employees, providers, contractors and subcontractors. Medicare Advantage Organizations, Part D Sponsors and contracted entities are required to review the Department of Health and Human Services (DHHS) OIG List of Excluded Individuals and Entities (LEIE) and the General Services Administration (GSA) System for Award Management (SAM) prior to the hiring or contracting of any new employee, temporary employee, volunteer, consultant, governing body member, or FDR, and monthly thereafter to ensure that none of these persons or entities are excluded or become excluded from participation in federal programs. OIG List of Excluded Individuals/Entities (LEIE): http://exclusions.oig.hhs.gov/search.html http://exclusions.oig.hhs.gov/search.html GSA System for Award Management (SAM): https://www.sam.govhttps://www.sam.gov

Exclusion No Federal Health Care Program payment may be made for any item or service furnished, ordered, or prescribed by an individual or entity excluded by the Office of Inspector General. 42 U.S.C. 1395(e)(1) 42 C.F.R. 1001.1901 50

CONSEQUENCES 51

Consequences of Committing Fraud, Waste, and Abuse The following are potential penalties. The actual consequence depends on the violation. Civil Money Penalties Criminal Conviction/Fines Civil Prosecution Imprisonment Loss of Provider License Exclusion from Federal Health Care programs 52

Penalties and Consequences of FWA Repayment / Restitution is just the start False Claims Act : $5,500 up to $11,000 per claim plus up to triple the amount of the claim in damages Criminal and/or civil prosecution & imprisonment Suspension/loss of provider license / Medicare Provider number Exclusion from the Medicare program / Government Contracts Anti-Kickback Statute Penalties Fine of up to $25,000 Imprisonment up to five (5) years Or both, fine and imprisonment 53

Penalties and Consequences of FWA (continued) Criminal Fraud penalties If convicted, the individual may be fined, imprisoned, or both. If the violations resulted in death, the individual may be imprisoned for any term of years or life 18 United States Code 1347 HIPAA Privacy and Security Breaches Payment for credit monitoring and restoration services Various State and Federal Monetary penalties Health Information Technology for Economic and Clinical Health (HITECH) Act Penalties Penalties up to $1.5 Million for all violations of an identical provision (Note: the Patient Protection and Affordable Care Act (PPACA) may provide for increased penalties and restitution amounts) 54

CASE SCENARIOS 55

Scenario #1 A person comes to your pharmacy to drop off a prescription for a beneficiary who is a regular customer. The prescription is for a controlled substance with a quantity of 160. This beneficiary normally receives a quantity of 60, not 160. You review the prescription and have concerns about possible forgery. What is your next step? 56

Scenario #1 (continued) A. Fill the prescription for 160 B. Fill the prescription for 60 C. Call the prescriber to verify quantity D. Call IEHP compliance department E. Call law enforcement 57

Scenario #1 Answer Answer: C Call the prescriber to verify that the quantity should be 60 and not 160. Your next step should be to immediately call the IEHP Compliance Hotline. IEHP Compliance Department will provide the next course of action. IEHP Compliance Hotline 866-355-9038 58

Scenario #2 Your job is to submit risk diagnosis to CMS for purposes of payment. As part of this job you are to verify, through a certain process, that the data is accurate. Your immediate supervisor tells you to ignore the sponsors process and to adjust/add risk diagnosis codes for certain individuals. What do you do? 59

Scenario #2 (continued) A. Do what is asked of you by your immediate supervisor B. Report the incident to the compliance department (via compliance hotline or other mechanism) C. Discuss concerns with immediate supervisor D. Contact law enforcement 60

Scenario #2 Answer Answer: B Report the incident to the compliance department (via compliance hotline or other mechanism) The compliance department is responsible for investigating and taking appropriate action. Your sponsor/supervisor may NOT intimidate or take retaliatory action against you for good faith reporting concerning a potential compliance, fraud, waste, or abuse issue. 61

Scenario #3 You are in charge of payment of claims submitted from providers. You notice a certain diagnostic provider (Doe Diagnostics) has requested a substantial payment for a large number of members. Many of these claims are for a certain procedure. You review the same type of procedure for other diagnostic providers and realize that Doe Diagnostics claims far exceed any other provider that you reviewed. What do you do? 62

Scenario #3 (continued) A. Call Doe Diagnostics and request additional information for the claims B. Consult with your immediate supervisor for next steps C.Contact the compliance department D.Reject the claims E. Pay the claims 63

Scenario #3 Answer Answers B or C Consult with your immediate supervisor for next steps or Contact the compliance department Either of these answers would be acceptable. You do not want to contact the provider. This may jeopardize an investigation. Nor do you want to pay or reject the claims until further discussions with your supervisor or the compliance department have occurred, including whether additional documentation is necessary. 64

Scenario #4 You are performing a regular inventory of the controlled substances in the pharmacy. You discover a minor inventory discrepancy. What should you do? 65

Scenario #4 (continued) A.Call the local law enforcement B.Perform another review C.Contact your compliance department D.Discuss your concerns with your supervisor E. Follow your pharmacys procedures 66

Scenario #4 Answer Answer E Follow your pharmacys procedures Since this is a minor discrepancy in the inventory you are not required to notify the DEA. You should follow your pharmacys procedures to determine the next steps. 67

68 Thank you for participating and expanding compliance program effectiveness by ensuring you and your organization incorporate the information into your individual compliance program and business practices.

1 medicare compliance and fraud, waste and abuse (fwa) training 12/11/2013

Documents