physician practice compliance programs i04 october 9, 2013 8:45 – 10:15 a.m. 1 marcia brauchler,...
TRANSCRIPT
PHYSICIAN PRACTICE COMPLIANCE PROGRAMS
I04October 9, 2013
8:45 – 10:15 a.m.
1
Marcia Brauchler, MPH CPC, CPC-H, CPC-I, CPHQ
All Rights Reserved.
Daryl Smith, FACMPE
2
What brought us here?
• Marcia Brauchler MPH, CPC-I, CPHQ–President, Physicians’ Ally, Inc.
–The payer contract• Physician Practice must maintain compliance
–HIPAA Training Assistance• Hundreds of practices are struggling with this
still
3
Nobody wants to say it . . .
4
What brought us here?
• Daryl Smith, FACMPE–Surgical Division Administrator,
Central Utah Clinic–Staff Training–Experience!
5
To Set the Stage…Informal survey provided to small practices in the Denver area:
Does your practice have a Compliance Officer?
6
No 21%
Yes 79%
Does your Compliance Officer have a position
description ?
7
No 67%
Yes 33%
Written Position Description
My practice has written policies and procedures.
8
No 47%
Yes 53%
Everyone in the practice knows where the written compliance policies and procedures are
located.
9
No 57%
Yes 43%
To the best of my knowledge, “compliance” was last addressed in my practice in this year:
10
2012 2011 2010 2009 2008 2007 Greater than 6 years
or Never
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
50%
For my practice, “compliance” efforts should be allotted an annual budget of:
For the practices that gave a dollar amount, the annual average was:
11
$1,215
37.5% of respondents said “0” or “no budget.”
12
Disclaimer:• This is not legal advice and represents
only recommendations and observations in general compliance issues.
• We recommend you use this information to better examine your practices and to open a dialogue with your legal counsel.
13
Objectives:1: Describe the importance of a compliance program2: Explain the basics of creating and maintaining a compliance program3: Review specific elements of a physician practice compliance plan
14
Objective:Describe the importance of a compliance program
15
What is Compliance? • Practical
definition:• We should all
follow the rules & regulations
• But how?
16
What is Compliance? • … to conform,
submit or adapt (as to a regulation)
• Compliance happens in every organization, as employers strive to comply with employment and labor law guidelines for safe workplaces and a responsible organization, including:
17
What is Health Care Compliance?
Health care industry has to comply with the federal government’s expectations for participating in and receiving payment from its Medicaid and Medicare health insurance programs
18
About the Office of Inspector General (OIG)
Daniel R. Levinson– As mandated by Inspector General Act (Public
Law 95-452), the mission of the OIG is to protect the integrity of Department of Health and Human Services (HHS) programs and the health and welfare of program beneficiaries
– OIG also plans, conducts and participates in a variety of interagency cooperative projects and undertakings relating to fraud and abuse with the Department of Justice (DOJ), the Centers for Medicare & Medicaid Services (CMS) and other governmental agencies
19
Why YOU should care about Compliance?
• Tangible benefits– Abide by applicable laws and
regulations– Reduce exposure to civil damages,
criminal sanctions, and administrative remedies, such as program exclusion
– Demonstrate commitment to good corporate conduct
• May reduce or mitigate risks to your practice
20
Why care about Compliance?
• Tangible benefits of complying– Identify & prevent
criminal and unethical conduct
– Procedures for prompt, thorough investigations of alleged misconduct
– Initiate immediate and appropriate corrective action
21
Why care about Compliance?
Tangible benefits of complying–Centralized source of information
on health care regulations–Methodology encouraging
employees to report problems–Improve quality of patient care
22
Why care about Compliance? Intangible benefits
of complying
Good investment in your practice
–Peace of mind that rules are being followed
23
Why care about Compliance?• Intangible benefits of
complying –Decrease the risk of
whistleblowers –Clear and
consistent message to employees
• An improved practice culture!
24
A Basic Compliance Program • Good business for any
workplace• Should include
prevention and detection of criminal conduct and
• Enforcement of the rules
25
This all started with…HIPAA of 1996*
• Doubled Office of Inspector (OIG) auditors and investigators
• Expanded Federal Bureau of Investigation’s (FBI) ability to investigate health care fraud
• Created Medicare Integrity Program (MIP)– Federal government may enter into contracts with private
entities to review and audit activities where Medicare provides coverage
• Established reward program to encourage Medicare beneficiaries to report questionable behavior
* HIPAA = Health Insurance Portability and Accountability Act
26
OIG Model Compliance Plan(s) “Voluntary” Guidance(s) for creating a Compliance Programs for:– Individual and small group physician
practices p– Third party medical billing companies– Hospitals– Nursing homes– Etc.
http://oig.hhs.gov/compliance/compliance-guidance/index.asp
I am aware of the OIG Individual and Small Group Voluntary Compliance Plan
from 2000.
27
No 46%Yes
54%
28
“Mandatory” Compliance Programs Coming “Soon”…
2 PPACA provisions mandate compliance programs for Medicare and Medicaid providers
– § 6401 applies to ALL Medicare and Medicaid providers
– § 6402 applies to Medicare skilled nursing facilities & Medicaid nursing facilities ONLY
Patient Protection and Affordable Care Act (PPACA)
I am aware that the Patient Protection and Affordable Care Act will require all
Medicare and Medicaid providers to have mandatory compliance plans in the future.
29
No 43%
Yes 57%
30
CMS Comment to Providers:• Implementing a Compliance program is “not
just a paper exercise” • Must be able to demonstrate that they have a
“systemic process for proactively and promptly fixing noncompliance issues”
• Must be effective
31
Objective:Explain the basics of creating and maintaining a compliance program
32
Start with a SnapshotOIG suggests at inception of a Compliance Program, a review “snapshot” of operations be done to judge later progress in reducing or eliminating potential areas of vulnerability
33
Baseline Audit “How To”• OIG Work Plan issues • Any previous audit findings • Existing policies
– Are they appropriate? Followed? Missing?• Analysis of current education & training
– Attestation & attendance forms?• Government regulations
– Updates?• Professional association insights into current issues/trends • Professional liability carrier newsletter of potential risk areas • Interview staff
– Write-up & let them review• Minutes of Board or Compliance Committee
Does your practice have a Code of
Conduct?
34
No 53%
Yes 47%
35
What a Code of Conduct Does
• Creates communication channels
• Sets up ethical guidelines for how you go about your day-to-day activities
• Helps to create an enjoyable work environment
HANDOUT: SAMPLE CODE OF CONDUCT
37
The 7 ElementsThe OIG believes any Compliance Plan has 7 basic elements…
1. Written Policies and Procedures2. Designating a compliance officer or contact3. Conduct appropriate training and education4. Effective lines of communication5. Internal Monitoring6. Enforcement of Standards7. Prompt Response
And an informal 8th…8. Ensure it is effective – Periodically reassess
38
• Written Policies & Procedures–Up-to-date–User friendly–Reflect what is actually going on
in the practice!
• Employee Handbook
Compliance Plan - Element #1
39
Compliance Plan - Element #2
• Designate a compliance officer or contact
• Give them reporting authority to go ‘to the top’ when necessary
40
Conduct appropriate training and education
• Make training part of the job
• Test employee knowledge
• Ensure compliance officer job education and training too!
Compliance Plan - Element #3
41
Effective lines of communication–Solicit feedback
–Maintain visibility with staff members
Compliance Plan - Element #4
42
Internal Monitoring
–Create an audit plan to audit:
Coding Contracts Care
Compliance Plan - Element #5
43
Enforcement of Standards
–Enforce disciplinary standards through well-publicized guidelines (i.e. your Sanctions Policy!)
–Act promptly when issue arise
–Take corrective action
–Document it all!
Compliance Plan - Element #6
44
Compliance Plan - Element #7
• Respond promptly to identified risks or compliance issues
• Conduct an investigation
• Create a Corrective Action Plan
• Train staff (if necessary)• Tell the government (if
determined necessary)• Modify your program
(if necessary)
45
Make it “effective” (#8)
Once the Plan is established, develop a process to evaluate it and measure its effectiveness
46
Evaluating Effectiveness IdeasPossible Metrics of an effective Compliance Program:• Staff knowledge
– Pre & post tests– Quizzes– Skits/role play
• Educational sessions• # hrs. logged on compliance • # policies & procedures reviewed • # charts audited
47
Evaluating Effectiveness Ideas
Possible Metrics of an effective Compliance Program:• % of denials in claims • # mtgs with compliance on agenda (Staff, RN, BoD,
Compliance Cmte, finance, billing) • # of CPCs on staff/MDs• # of CHCs on staff/MDs • # of networking contacts for compliance related
questions/issues in contacts database
48
Objective:Review specific elements of a physician practice compliance plan
“I didn’t know”
Is no longer an excuse . . .
49
50
OIG – Billing risk areas for small practice (and 3rd party billing)
Examples of necessary general coding & billing policies: • Unbundling• Upcoding the level of service provided• Inappropriate balance billing • Etc.
51
OIG – 2013 Work Plan Issues: • Noncompliance with assignment rules . . . • Incident To services by non-physicians • Place of Service coding errors • Modifiers during global surgery period, etc.
https://oig.hhs.gov/reports-and-publications/archives/workplan/2013/Work-Plan-2013.pdf
COMPLIANCE HEAT MAP
52
RISK ASSESSMENT
PROBABILITY
RISK
0
2
3
4
5
1
1 2 3 4 5
HIPAA
Medical Records
FCA
OSHAHR
Overpayment
Anti-KickbackStarkADA
DEA
Anti-Trust
53
A NOTE ABOUT SLIDE FORMAT
• 1st Bullet = What is the regulation? • 2nd Bullet = Why should your practice care? • 3rd Bullet = Where do you get help to comply?
HIPAA
54
What? HIPAA is the Federal Standards for Privacy of Individually Identifiable Health Information and/or the Security Standards for the Protection of Electronic Protected Health Information (45 Code of Federal Regulations [CFR] Parts 160 162 and 164.
Why? Enforcement is increased due to ARRA. Maximum fine increased to $1.5 million per incident.
Where? www.hhs.gov/ocr/privacy/HIPAA/understanding/coveredentities/index.html
55
Medical Records - Documentation
What?The way to defend yourself Why?Proving compliance with laws Where?http://www.ncqa.org/tabid/125/Default.aspx
56
Correct CodingWhat?Medicare National Correct Coding Initiative (NCCI) edits apply now under ACA [Section 1902(a)(42)(B)(i) to Medicaid agencies
Why?Recovery Audit Contractor (RAC) Program
• Allows government to contract with 3rd parties to audit billing and coding practices
October 1, 2014—Transition from ICD-9 codes (13,000) to ICD-10 codes (65,000)
Where?http://static.aapc.com/0691bfc6-725a-408e-beb5-a8a398d6c5b9/83e77b77-d67b-4429-8233-288d0a6b4c61/a353c6f1-3d02-41b8-a0e4-8f1449625837.pdf
57
False Claims ActWhat? Prohibits the submission of false or fraudulent claims to the federal government 31 U.S.C. §§ 3729 - 3733
Why?• Federal government’s #1 tool for fighting fraud and abuse. The
OIG has returned over $30 billion to the federal government. • Expected recoveries from 2012 alone = $6.9 billion • Penalty is $5k-$10k & 3x damages to the federal program
Where?
www.OIG.hhs.gov
58
Overpayment RefundsWhat? Section 6402(a) of PPACA Requires providers to report and return an overpayment to the appropriate Medicaid state agency or Medicare contractor within 60 days of identificationWhy?False Claims Act liability Where?http://www.gpo.gov/fdsys/pkg/FR-2012-02-16/pdf/2012-3642.pdf (Proposed Rule)
59
HR: Non-DiscriminationWhat?• Civil Rights Act of 1964 (Title VII) • U.S. Equal Employment Opportunity Commission (EEOC)
promotes equal opportunity in employment • Required to investigate all employment discrimination charges
Why?• EEOC may file claims in federal court• Substantial civil damages• Loss of reputation
Where?www.eeoc.gov
60
HR: Sexual HarassmentWhat?Sexual harassment is a form of sex discrimination that violates Title VII of the Civil Rights Act of 1964
Why?Penalties (via litigation)
– Lost wages– Compensatory damages– Punitive damages
Where?• Title VII of the Civil Rights Act of 1964 : http://www.eeoc.gov/laws/statutes/titlevii.cfm • Guidelines: http
://www.gpo.gov/fdsys/pkg/CFR-2011-title29-vol4/xml/CFR-2011-title29-vol4-part1604.xml
61
HR: Family Medical Leave Act (FMLA)
What? Family Medical Leave Act of 1993• Applies to employers with 50 or more employees• Provides entitlement of up to 12 weeks of job-protected leave during any
12-month period for birth of a child, care of an immediate family member, employee’s own serious health condition, or an immediate family member is on active military duty.
Why?• Enforced by the Department of Labor, Wage and Hour Division
• Court actions to compel compliance• Civil actions filed by employees
Where?FMLA: http://www.dol.gov/whd/regs/statutes/fmla.htmDOL Poster: http://www.dol.gov/whd/regs/compliance/posters/fmlaen.pdf
62
HR: Fair Labor Standards Act (FLSA)What?
Fair Labor Standards Act of 1938, as amended 29 U.S.C. 201Basic minimum wage and overtime pay
Why?Enforced by Department of Labor, Wage and Hour Division
– Civil suits for back wages, liquidated damages, and expenses– Civil money penalties (up to $100,000 each violation for some child labor
violations)– Criminal penalties including fines and imprisonment– Protection of employees filing complaints
Where?– http://www.dol.gov/whd/– http://www.dol.gov/whd/regs/compliance/posters/flsa.html
63
HR: Americans with Disabilities Act (ADA)
What?ADA Employment (Title I) [42 U.S.C. § 12111 - 12117]
– Employers with 15 or more employees must provide qualified individuals with disabilities an equal opportunity to the full range of employment-related opportunities available to others.
– Prohibits discrimination in recruitment, hiring, promotions, training, pay, social activities and other employment privileges.
Why?• Enforcement through Department of Justice
Where?• Current text of ADA Law - http://www.ada.gov/pubs/ada.htm • Guide to Disability Rights Laws - http://www.ada.gov/cguide.htm• ADA Q&A - http://www.ada.gov/q%26aeng02.htm
64
OSHA Medical PracticeWhat? Occupational Safety and Health Act of 1970 Safe and healthful workplace Primary OSHA standards affecting physician practices:
1. Bloodborne Pathogens2. Hazardous Chemicals 3. Exit routes 4. Electrical5. Reporting occupational injuries and illness (state-law) 6. OSHA Poster 7. Ionizing Radiation (only if you have it)
Why?Enforced by OSHAPenalties of up to $63,000 per instance for willful violationsWhere?https://www.osha.gov/law-regs.html www.OSHA.gov/publications/poster.html
65
Anti-Kickback StatuteWhat?• Anti-Kickback Statute [42 U.S.C. § 1320a-7b(b)]• Prohibits knowing & willful payment of remuneration to induce or reward
patient referrals• Don’t confuse with STARK rules
Why?• Enforced by the Office of the Inspector General (OIG) • Civil penalties: <$50,000 per and administrative sanctions (i.e. exclusion) • Criminal penalties—fines up to $25K each occurrence/prison sentence up
to 5 years
Where?http://bphc.hrsa.gov/policiesregulations/policies/pal199510.htmlhttp://oig.hhs.gov/fraud/safeharborregulations.asp
66
STARKWhat?• Physician Self-Referral Law [42 U.S.C. § 1395nn]• Prohibits physicians from referring patients to a health facility
in which the physician has a financial interest• OIG 3 Questions
Why?Enforced by OIG. Penalties include:
– Refunds, FCA liability, program exclusion– CMP up to $15K per service; $100K per arrangement– Civil assessments up to 3x the claim
Where?http://www.cms/gov/physicianselfreferral.com
67
Self-Disclosure Protocol What?Section 6409(a) of PPACA
Why?A tool for your Compliance Program
Where?https://oig.hhs.gov/compliance/Self-Disclosure-Info/files/Provider-Self-Disclosure-Protocol.pdf
NEW!
68
Americans with Disabilities Act (ADA)
What? ADA Employment (Title I) [42 U.S.C. § 12186(b)]Public accommodations (Title III)
– Prohibits discrimination, exclusion, segregation and unequal treatment– Architectural standards– Reasonable modifications to policies, practices, and procedures
• Example: Service animals– Effective communication with people with hearing, vision, or speech
disabilities • Example: Interpreters for hearing impaired
Why?• Enforcement through Department of Justice
Where?• http://www.ada.gov/regs2010/titleIII_2010/titleIII_2010_withbold.htm
69
DEAWhat?• Title 21 CFR, Part 1300-1399• Drug Enforcement Administration (DEA) • Provider must apply for DEA certificate to
handle controlled substances Why?DEA Audits. Loss of DEA Certificate prevents prescribing appropriate medications. Where?http://www.deadiversion.usdoj.gov/pubs/manuals/pract/index.html
70
FDAWhat?Approved drugs are found in the Food & Drug Administration (FDA) Orange Book• Off-Label use
– Physician must be well informed– Use “firm scientific rationale” and “medical evidence”– Maintain records of use and effects
• Order only FDA-approved drugs
Why?• Can lead to a violation of the FCA, and a RAC audit.
Where?• http://www.fda.gov/RegulatoryInformation/Guidances/ucm126486.htm#
71
Electronic ClaimsWhat?• Administrative Simplification Compliance Act (ASCA) requires
electronic filing of Medicare claims• As of January 2014, all Medicare claims must be filed
electronically• Each provider must complete an Electronic Data Interchange (EDI)
enrollment form
Why? Medicare will only pay on claims submitted electronically on claims after 1/1/2014.
Where?http://www.cms.gov/Medicare/Billing/ElectronicBillingEDITrans/SystemAccess.html
72
Use of Non-Physician Providers
What? Medicare billing options:–NPPs own provider #–NPP can use physician provider # in certain circumstances (“incident to”) –Inpatient = Shared visitWhy?False Claims Act liability. Higher reimbursement rate. In 2012 and 2013 OIG Work Plans. Where?www.cms.gov/manuals/Downloads/bp102c15.pdf
73
Medicare Incentive ProgramsWhat?
Programs such as Meaningful Use, PQRS, eRx, ACOs, and others that offer additional bonus payments and/or penalties for meeting specific criteria. Must be able to document that criteria are actually met.
Why?• Receive incentives• Avoid penalties• Avoid implication of False Claims or Fraud/Abuse
Where?• Meaningful Use -
http://www.cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/index.html?redirect=/ehrincentiveprograms/
• PQRS and others - http://www.mgma.com/federal-quality-reporting/
74
Patient Check-InWhat?• Collecting Co-pays and Deductibles; • Advance Beneficiary Notice (ABN)• Financial Hardships; Professional Courtesies
Why?• False Claims Act & Anti-Kickback Statute. Penalties include jail time.
Where?Not collecting co-pays, deductibles on a regular basis could constitute fraud.http://www.assetlawyer.com/legal-blog/2009/10/28/asset-protection-for-doctors-not-collecting-copayments-could-mean-lawsuits/
Professional Courtesy: http://www.ama-assn.org/ama/pub/physician-resources/legal-topics/regulatory-compliance-topics/health-care-fraud-abuse/professional-courtesy-in-context-health-care.page#
Advanced Beneficiary Notice: http://www.cms.gov/Medicare/Medicare-General-Information/BNI/Downloads/RevABNManualInstructions.pdf
75
Antitrust LawsWhat?• Sherman Act (1890) outlaws or restricts business practices that are
monopolistic or restrain interstate commerce• Clayton Act (1914) prohibits pricing discrimination among
customers and prohibits business combinations the effect of which “substantially lessens competition”
Why?• Enforced Federal Trade Commission (FTC) and Department of
Justice (DOJ) • Injunction, civil penalties, or consumer redress
Where?http://www.ftc.gov/bc/antitrust/
76
Sunshine ActWhat?Physician Payment Sunshine Act Final Rule - ACA Section 1128G• Anything over $10 or $100/yr per manufacturer or Group
Purchasing Organization (GPO) must be reported by them.
Why?• Possible reputation and whistleblower risk to physicians and practices• No legal ramifications for providers yet
Where?https://www.ama-assn.org/ama/pub/advocacy/topics/sunshine-act-and-physician-financial-transparency-reports.page
NEW!
77
Dismissing a PatientWhat?• State law and risk management area. • Legal and ethical compliance issues.
Why?You must be careful when terminating patient relationships so that you do not discriminate or terminate in such a way as to violate your legal and ethical obligations to the patient.
Where?http://www.ama-assn.org/ama/pub/physician-resources/legal-topics/patient-physician-relationship-topics/ending-patient-physician-relationship.page• Check with state medical board to ensure compliance with state-
specific rules• Malpractice carrier.
78
Informed ConsentsWhat?• Basic principle of law and ethics • Center for Medicare & Medicaid Services (CMS)
Conditions of Participation
Why?Discussion and disclosure (Malpractice risk)
Where?• http://www.ama-assn.org//
ama/pub/physician-resources/legal-topics/patient-physician-relationship-topics/informed-consent.page
• State law • Malpractice carrier
79
Medicare Provider Exclusion LawWhat?Sections 1128 & 1156 of the Social Security Act • Office of Inspector General (OIG) maintains a list that identifies
individuals found guilty of fraudulent billing, misrepresentation of credentials, etc.
Why?• Office of the Inspector General - can’t bill Medicare or Medicaid • Private insurers are running the lists of providers as well • Practice policy should be to not employ or contract with
individuals on the list
Where? www.oig.hhs.gov • http://exclusions.oig.hhs.gov/ for List of Excluded
Individuals/Entities (LEIE)
80
In-Office LabsWhat?Clinical Laboratory Improvements Amendments (CLIA) 42 CFR Part 493Certification required to receive federal funds for services
Why?False Claims Act implication. (enforced by the OIG) Criminal penalties and Civil Monetary Penalties. Program exclusion.
Where?http://wwwn.cdc.gov/clia/Regulatory/default.aspx
http://www.cms.gov/Regulations-and-Guidance/Legislation/CLIA/index.html?redirect=/CLIA/01_Overview.asp
81
On-Call/Emergency TreatmentWhat?• Emergency Medical Treatment and Labor Act (EMTALA) 42 USC Sec. 1395dd • Impacts hospitals w/ ED (mostly) and on-call physicians • On-call lists must be current and signed
– Physician must arrive within a reasonable amount of time (30-60 min)
Why?Average of 400 investigations/year
– CMP up to $50k per penalty– Termination from CMS (exclusion)
Where?• http://
www.cms.gov/Regulations-and-Guidance/Guidance/Manuals/Downloads/som107ap_v_emerg.pdf
82
Collections for Bad DebtWhat?• Fair and Accurate Credit Transactions Act (FACTA)• Fair Debt Collection Act (FDCR) • Collections of bad debt pose unique problems for health care
providers and entities
Why?Enforced by the Federal Trade Commission (FTC)
Where?• http://www.consumer.ftc.gov/articles/pdf-0097-fair-debt-coll
ection-practices-act.pdf
83
Objectives:1: Describe the importance of a Compliance program2: Explain the basics of creating and maintaining a compliance program3: Review specific elements of a physician practice compliance plan
84
Questions?• Daryl Smith
– Central Utah Clinic– [email protected]– 801-429-8123
• Marcia Brauchler– Physicians’ Ally, Inc. – [email protected]– 303-586-9390