Audit, Compliance, and Regulatory...

1

Some set disclaimer thingy-----

Audit, Compliance, and Regulatory GuidelinesPresented by: Rae Jimenez, CPC, CPB, CPMA, CPPM, CPC-I, CCS

Some set disclaimer thingy-----

Federal RegulationsFraud and Abuse Regulations

2

Fraud and Abuse

3

Fraud

Making false statements or misrepresenting

facts to obtain an undeserved benefit or

payment from a federal health care

program.

Abuse

An action that results in unnecessary costs

to a federal health care program, either

directly or indirectly

Fraud and Abuse

4

Fraud examples:

•Billing for services and/or supplies that you

know were not furnished or provided

•Altering claim forms and/or receipts to

receive a higher payment amount

•Billing a Medicare patient above the

allowed amount for their service

•Billing for services at a higher level than

provided or necessary

•Misrepresenting the diagnosis to justify

payment

Abuse examples:

•Misusing codes on a claim

•Charging excessively for services or

supplies

•Billing for services that were not medically

necessary

•Failure to maintain adequate medical or

financial records

•Improper billing practices

•Billing Medicare patients a higher fee

schedule than non-Medicare patients

3

Federal RegulationsFraud and Abuse

Federal False

Claims Act

The False Claims Act

prohibits the submission

of false or fraudulent

claims to the Government.

Stark Law and

Anti-Kickback Law

The Stark Law Bans

referrals to entities for a

DHS. The Anti-Kickback

Law prevent providers

from receiving

remuneration for referrals.

The Exclusions

Statute

Under the Exclusions

Statute, a physician may

be banned from

participating in any

Federal or State health

care program by the OIG.

Civil Monetary

Penalties Law

The Civil Monetary

Penalties Law allows the

OIG to seek Civil

Monetary Penalties for a

wide variety of conduct.

Federal False Claims Act 31 U.S.C. §3729(a).1.

6

Prohibits the submission of false or fraudulent claims to the Government

The FCA is not violated merely by submitting a false claim, but rather by submitting (or causing to be submitted) a false claim with knowledge that it is false. Section 3729 b.1 defines the terms “knowing” and “knowingly” such that a person must act in deliberate ignorance of the truth or falsity of the relevant information, or acts in reckless disregard of the truth or falsity of the information; however, the Act states that a violation may occur even if there no intent to defraud.

Examples:

•Falsifying a medical chart notation

•Submitting claims for services not performed, not requested, or unnecessary

•Submitting claims for expired drugs

•Upcoding and/or unbundling services

•Submitting claims for physician services performed by a non-physician provider (NPP) without regard to Incident-to guidelines

4

Federal False Claims Act

7

Qui Tam Provision

The Department of Justice obtained more than $3.5 billion in settlements and judgments from civil cases

involving fraud and false claims against the government in the fiscal year ending Sept. 30, Principal

Deputy Assistant Attorney General Benjamin C. Mizer, head of the Justice Department’s Civil Division,

announced today. This is the fourth year in a row that the department has exceeded $3.5 billion in cases

under the False Claims Act, and brings total recoveries from January 2009 to the end of the fiscal year to

$26.4 billion.

Most false claims actions are filed under the Act’s whistleblower, or qui tam, provisions that allow

individuals to file lawsuits alleging false claims on behalf of the government. If the government prevails in

the action, the whistleblower, also known as the relator, receives up to 30 percent of the

recovery. Whistleblowers filed 638 qui tam suits in fiscal year 2015 and the department recovered $2.8

billion in these and earlier filed suits this past year. Whistleblower awards during the same period totaled

$597 million.


8

Qui Tam Rewards

Blue Cross Blue Shield of Massachusetts paid $2.75 million after putting in false Medicare

reports, inflating the number of claims it processed and exaggerating the speed with which

claims were processed. Because of this fraudulent activity, it received larger Government

reimbursements than it was entitled to. The relator was a former employee of BCBS

Massachusetts and recovered $550,000.

Blue Cross Blue Shield of Michigan paid $27,600,000 in a Qui Tam action for submitting false

documentation and fraudulent billing. The fraud occurred when the Government tried to

review a specific set of audits and BCBS backdated their audits to hide what it had done. Mr.

Flynn, a man who had performed audits for Blue Cross Blue Shield, blew the whistle

and was rewarded $5,500,000.

5


9

Qui Tam Rewards

For Unnecessary Tests, False Billings, Medicare Fraud

Damon Clinical Laboratories, Inc. fraudulently billed Medicare, Medicaid and CHAMPUS by

bundling medically unnecessary tests not knowingly ordered by doctors. The Government

recovered $83,700,000 and Jeanne Byrne, one of three whistleblowers, received

$9,000,000.

For Laboratory Billing Practices; Medicare/Medicaid Fraud

In another Medicare/Medicaid case involving GlaxoSmithKline and a whistleblower – in which

a man named Merena blew the whistle on fraudulent laboratory billing practices – the

Department of Justice received $333 million. After a seven day evidentiary hearing to

determine the relator’s share, Mr. Merena was awarded $52,049,126.00.


10

False Claims Act Penalties

The statute originally provided for a civil penalty of not less than $5,000, and not more than $10,000, per claim, plus three times the amount of the Government damages if FCA liability was found. This amount is occasionally increased based on the Federal Civil Penalties Inflation Adjustment Act (FCPIA). Current penalties are $5,500 to $11,000 per claim. The person in violation will also be liable for the costs of the civil action brought to recover any such penalty or damages.

Example:

A company was found to have submitted 554 false and fraudulent claims to Medicare, totaling approximately $309,456.

554 claims x $11,000 = $6,094,000

Loss to government $309,456 x 3 = $928,368

$6,094,000 + $928, 368 = $7,022,368 total fines

6


11

False Claims Act Penalties

The FCA allows for reduced penalties (mitigation) if the person committing the violation self-

discloses. §3729 a.2 states that the court may assess not less than two times the amount of

damages (as opposed to three times), which the Government sustains because of the act of that

person, if:

•the person responsible furnishes officials of the United States responsible for investigating false

claims violations with all information known to such person about the violation within 30 days after

the date on which the defendant first obtained the information;

•such person fully cooperates with the investigation of such violation; and

•at the time such person furnishes the information about the violation, no criminal prosecution, civil

action, or administrative action has commenced under this title with respect to such violation, and

the person did not have actual knowledge of the existence of an investigation into such violation.

Physician Self-Referral Law42 U.S.C. § 1395nn

12

Bans referrals to entities for a DHS

The Physician Self-Referral law is also known as the

Stark law as it was named after Pete Stark. This law

prohibits physicians from referring patients to receive

“designated health services” from entities with which the

physician or an immediate family member has a financial

relationship, with a few exceptions. This law applies to

services payable by Medicare or Medicaid.

Proof of specific intent to violate the law is not required.

Penalties for physicians who violate the Stark law include

fines as well as exclusion from participation in the federal

health care program.

•$15,000 per service

•Three times the amount claimed

Designated Health Services (DHS)

• clinical laboratory services;

• physical therapy services;

• occupational therapy services;

• radiology services;

• radiation therapy services;

• durable medical equipment and

supplies;

• parenteral and enteral nutrients,

equipment, and supplies;

• prosthetic and orthotic devices and

supplies;

• home health services;

• outpatient prescription drugs; and

• inpatient and outpatient hospital services

7

Examples of Violations of Stark Law

13

$237,454,195 judgment against Tuomey Healthcare System (Tuomey), a small, nonprofit

hospital in Sumter, South Carolina, on July 2, 2015.

The heart of the case involves 19 part-time physician employment agreements that Tuomey

entered into with surgeons on its medical staff. The impetus for these arrangements

apparently arose from a concern that these physicians were increasingly performing

outpatient surgeries at their offices or at ambulatory surgery center (ASC) facilities, rather

than as outpatient hospital surgeries, and thus Tuomey was losing revenue it would otherwise

receive from the facility fees generated by outpatient hospital services. According to the

whistleblower and the government, Tuomey entered into these part-time employment

agreements in order to stem the loss of this business.

Anti-Kickback Law

42 U.S.C. § 1320a-7b(b)

14

Prohibits remuneration to induce or reward patient referrals

The Anti-Kickback law is similar to the Stark law but imposes more severe penalties, making

it a felony to receive payment or remuneration in return for referring a patient to another

entity. This law requires proof of intention, and states that the person must “knowingly and

willfully” violate the law. This law applies to referrals from anyone, not just physicians and

applies to any items or services.

Penalties include criminal fines of up to $25,000 per violation and up to a 5 year prison term

per violation. In addition, civil penalties may be applied including:

•False Claims Act liability

•Civil monetary penalties and program exclusions

•Potential $50,000 CMP per violation

•Civil assessment of up to three times the amount of kickback

8

Anti-Kickback Law

42 U.S.C. § 1320a-7b(b)

15

Example:

Medicare and Medicaid programs require patients to pay copays for service.

Physicians are required to collect the copays due from the patients. When these

copays are routinely waived, the physician could violate the Anti-Kickback law.

You may waive a copy if an individual determination is made that the patient cannot

afford to pay, or if you have made reasonable collection efforts and they have failed.

Waive Amounts Owed by Medicare Beneficiaries for

Self-Administered Drugs

16

OIG Policy Statement Regarding Hospitals That Discount or Waive Amounts Owed by Medicare Beneficiaries for

Self-Administered Drugs Dispensed in Outpatient Settings

http://oig.hhs.gov/compliance/alerts/guidance/policy-10302015.pdf

Ordinarily, routine discounts or waivers of costs owed by Medicare beneficiaries, including cost-sharing amounts,

potentially implicate the Federal anti-kickback statute,6 the civil monetary penalty and exclusion laws related to

kickbacks,7 and the Federal civil monetary penalty law prohibiting inducements to beneficiaries.8 Nonetheless, in the

limited circumstances described in this Policy Statement, hospitals will not be subject to OIG administrative sanctions if

they discount or waive amounts that Medicare beneficiaries owe for Noncovered SADs (including Noncovered SADs that

may be covered under Medicare Part D) the beneficiaries receive in outpatient settings, subject to the following

conditions: • This Policy Statement applies only to discounts on, or waivers of, amounts Medicare beneficiaries owe for

Noncovered SADs that the beneficiaries receive for ingestion or administration in outpatient settings;9 • Hospitals must

uniformly apply their policies regarding discounts or waivers on Noncovered SADs (e.g., without regard to a beneficiary’s

diagnosis or type of treatment); • Hospitals must not market or advertise the discounts or waivers; and • Hospitals must

not claim the discounted or waived amounts as bad debt or otherwise shift the burden of these costs to the Medicare or

Medicaid programs, other payers, or individuals.

9

The Exclusions Statute42 U.S.C. § 1320a-7

17

Requires the OIG to exclude providers from federal healthcare programs for

certain violations

The Exclusion Statute legally requires the OIG to exclude individuals or entities from

participation in all federal health care programs who have been convicted of:

•Medicare or Medicaid fraud or other offenses related to the delivery of items or services

under Medicare or Medicaid.

•Patient abuse or neglect

•Felony convictions for other health care related fraud, theft, or other financial misconduct

•Felony convictions for unlawful manufacture, distribution, prescription or dispensing of

controlled substances

Exclusion can be mandatory or permissive. The exclusion will not be less than five years, but

could be longer if aggravating factors exist.

Civil Monetary Penalties Law42 U.S.C. § 1320a-7a

18

Allows the OIG to seek Civil Monetary Penalties for a wide variety of conduct

The Social Security Act authorizes the Secretary of HHS to seek civil monetary penalties, assessments, and exclusions for many types of conduct. The Secretary of HHS has delegated many of these authorities to the OIG. The Civil Monetary Penalties Law(CMPL) contains many of the OIG’s civil monetary penalties (CMPs). One of the reasons the OIG may seek CMPs against a person is for improper filing of claims. The law states that any person is in violation if he or she knowingly presents, or causes to be presented, a claim to any Federal or State agency that the Secretary determines:

• is for a medical service or other item or service that the person knows or should know was not provided as claimed, including any person who engages in a pattern or practice of presenting or causing to be presented a claim for an item or service that is based on a code that the person knows or should know will result in a greater payment to the person than the code the person knows or should know is applicable to the item or service actually provided (upcoding, miscoding, etc);

• is for a medical or other item or service and the person knows or should know the claim is false or fraudulent;

• is presented for a physician’s service, or item or service incident to a physician’s service, by a person who knows or should know that the individual who furnished or supervised the service was not a licensed physician, was a licensed physician but with a license obtained through a misrepresentation of material fact, or represented to the patient at the time the services was furnished that the physician was certified in a medical specialty by a medical specialty board when they individual was not so certified;

• is for a medical or other service that was furnished during a period in which the person was excluded from the Federal healthcare program under which the claims was made;

• is for a pattern of medical or other items or services that a person knows or should know are not medically necessary.

10


19

Process

The OIG will initiate the case by sending a demand letter outlining the CMP,

assessment, and/or exclusions sought by the OIG, and the facts supporting the

sanction. If the subject of the action disagrees, he/she can request a hearing before

an HHS administrative law judge (ALJ).

The OIG will seek to settle the allegations before proceeding to action. If a

settlement is not reached, the law provides for the method of proceeding. There is

also a provision for review by a court of appeals that a defendant may file within 60

days of a determination of guilt.


20

Penalties

CMPs may range from up to $10,000 to $50,000 per violation, depending on the type of violation and the entity. They may also include an assessment of up to three times the amount claimed for each item or service, or up to three times the amount of remuneration offered, paid, solicited, or received. For example, for fraudulent claims, the OIG may seek a penalty of up to $10,000 for each item or service improperly claimed, and an assessment of up to three times the amount of the improperly claimed.

Example

The OIG investigates a provider for billing

for services that were not rendered. It is

determined the provider submitted 25

fraudulent claims, resulting in $20,000 in

over-payments made to the provider.

The maximum penalty the OIG may seek

for fraudulent claims is $10,000 per item or

services and an assessment of up to three

times the amount of the over-payments.

Calculation of maximum penalty:

25 claims x $10,000 = $250,000

$20,000 in overpayments x 3 = $60,000

$250,000 + $60,000 = $310,000 maximum

penalty that can be assessed.

11

Office of Inspector GeneralU.S. Department of Health & Human Services

OIG Work Plan

Sets forth various projects to be addressed during the fiscal year by the Office of Audit Services, Office of

Evaluation and Inspection, Office of Investigations, and

Office of Counsel to the Inspector General.

Corporate Integrity

Agreements

Negotiated as part of a

settlement of federal

health care program

investigations arising

under a variety of civil

false claims statutes.

Compliance Plans

Compliance program guidance to encourages development and use of

internal controls to monitor adherence to applicable statutes, regulations, and program requirements.

OIG Work Plan

22

Example

NEW Physician home visits–reasonableness of services We will determine whether Medicare payments to physicians for evaluation and management home visits were reasonable and made in accordance with Medicare requirements. Since January 2013, Medicare made $559 million in payments for physician home visits. Physicians are required to document the medical necessity of a home visit in lieu of an office or outpatient visit. Medicare will not pay for items or services that are not "reasonable and necessary." (Social Security Act, §1862(a)(1)(A)) (OAS; W-00-15-35754; expected issue date: FY 2016)

12

OIG Work Plan

23

Example

NEW Prolonged services–reasonableness of services We will determine whether Medicare payments to physicians for prolonged evaluation and management (E/M) services were reasonable and made in accordance with Medicare requirements. Prolonged services are for additional care provided to a beneficiary after an evaluation and management service has been performed. Physicians submit claims for prolonged services when they spend additional time beyond the time spent with a beneficiary for a usual companion evaluation and management service. The necessity of prolonged services are considered to be rare and unusual. The Medicare Claims Process (MCP) manual includes requirements that must be met in order to bill a prolonged E/M service code. (MCP manual, Pub. 100-04, Ch. 12, Sec. 30.6.15.1(OAS; W-00-15-35755; expected issue date: FY 2016)

Corporate Integrity Agreements

24

Negotiated as part of a settlement of federal health care program

investigations arising under a variety of civil false claims statutes

Most CIAs have the same core requirements, along with specific steps for the individual or entity that are related to the

conduct that led to the settlement. The core requirements are as follows for an individual or entity engaged in a

corporate integrity agreement:

•Hiring a compliance officer/appointing a compliance committee;

• Developing written standards and policies;

• Implementing a comprehensive employee training program;

• Retaining an independent review organization (IRO) to conduct annual reviews;

• Establishing a confidential disclosure program;

• Restricting employment of ineligible persons;

• Reporting overpayments, reportable events, and ongoing investigations/legal proceedings; and

• Providing an implementation report and annual reports to the OIG on the status of the entity’s compliance activities.

13

Corporate Integrity Agreements

25

Independent Review Organization (IRO)

• Retaining an independent review organization (IRO) to conduct annual

reviews

• The CIA will contain the details of the IRO and the responsibility of the

individual or entity in respect to the IRO

• Discover Sample – 50 sampling units

• Error rate exceeding 5% prompts Full Sample

• Statistical sampling program – RAT STATS

Compliance Plans

26

Compliance plan core elements

The OIG has identified seven elements that should be present in every compliance plan based on

criteria adopted by the federal government in the federal sentencing guidelines. The OIG lists seven

fundamental elements for an effective compliance program, which are:

1. Implementing written policies, procedures and standards of conduct;

2. Designating a compliance officer and/or compliance committee;

3. Conducting effective training and education;

4. Developing effective lines of communication;

5. Enforcing standards through well-publicized disciplinary guidelines;

6. Conducting internal monitoring and auditing; and

7. Responding promptly to detected offenses and developing corrective action

14

Compliance Plans

27

Non-compliance

The compliance guidance also indicates that whenever non-compliance is identified by the

compliance staff, corrective action must be taken, although there can be varying degrees of

disciplinary action. Any finding of non-compliant conduct must be documented in the compliance

files and should include:

•date of incident

•name of the reporting party

•name of the person responsible for taking action

•the follow-up action taken

Compliance Plans

28

Potential benefits

• Increasing accuracy of documentation;

• Increasing the speed and optimization of proper payment of claims;

• Minimizing billing mistakes;

• Reducing the chances that an audit will be conducted by CMS or the OIG;

and

• Avoiding conflicts with the self-referral and anti-kickback statutes.

15

Compliance Plans

29

CMS’ five practical tips for creating a culture of compliance:

1. Make compliance plans a priority now.

2. Know your fraud and abuse risk areas.

3. Manage your financial relationships.

4. Just because your competitor is doing something doesn’t mean you can,

or should.

5. When in doubt, ask for help.

Centers for Medicare & Medicaid

ServicesCMS Guidelines

CoP/CfC

Conditions of Participation

and Conditions for

Coverage

RACs

Recovery Audit

Contractors

NCCI & MUE

National Correct Coding

Initiative and Medically

Unlikely Edits

16

Conditions of Participation/Conditions for Coverage

31

Standards that must be met in order to participate

The Federal Register sets forth standards in Conditions of Participation (CoP) and Conditions for Coverage (CfC) that

must be met to participate in Medicare and Medicaid Programs. The standards include guidelines for documentation and

apply to both hospitals and ambulatory surgery centers.

42 CFR §482.24 outlines the Conditions of Participation for medical record services. The conditions include that each

patient should have a medical record; medical records must be organized to allow for prompt completion, filing, and

retrieval; record must be retained for at least five years; and, patient confidentiality should be protected.

Although there are not Conditions of Participation specifically for providers, an auditor should understand the CoPs exist,

and often define medical record standards for facilities.

Conditions of Participation/Conditions for Coverage

32

§ 482.24 Condition of participation: Medical record services.

(4) All records must document the following, as appropriate:

(i) Evidence of—

(A) A medical history and physical examination completed and documented no more than 30 days before or 24 hours after admission or registration, but prior to surgery or a procedure requiring anesthesia services. The medical history and physical examination must be placed in the patient's medical record within 24 hours after admission or registration, but prior to surgery or a procedure requiring anesthesia services.

(B) An updated examination of the patient, including any changes in the patient's condition, when the medical history and physical examination are completed within 30 days before admission or registration. Documentation of the updated examination must be placed in the patient's medical record within 24 hours after admission or registration, but prior to surgery or a procedure requiring anesthesia services.

(ii) Admitting diagnosis.

(iii) Results of all consultative evaluations of the patient and appropriate findings by clinical and other staff involved in the care of the patient.

(iv) Documentation of complications, hospital acquired infections, and unfavorable reactions to drugs and anesthesia.

(v) Properly executed informed consent forms for procedures and treatments specified by the medical staff, or by Federal or State law if applicable, to require written patient consent.

(vi) All practitioners' orders, nursing notes, reports of treatment, medication records, radiology, and laboratory reports, and vital signs and other information necessary to monitor the patient's condition.

(vii) Discharge summary with outcome of hospitalization, disposition of case, and provisions for follow-up care.

(viii) Final diagnosis with completion of medical records within 30 days following discharge.

17

National Correct Coding Initiative (NCCI)

33

Background

• Implemented to:

• promote correct coding methodologies; and

• control improper assignment of codes that result in inappropriate

reimbursement.

• Based on:

• Standard medical and surgical practice;

• Coding conventions included in CPT;

• Coding guidelines developed by national medical societies;

• Local and national coverage determinations; and

• Review of current coding practices.

National Correct Coding Initiative (NCCI)

34

NCCI Policy Manual

“Occasionally a provider may perform two procedures that should not be

reported together based on an NCCI edit. If the edit allows use of NCCI-

associated modifiers to bypass it and the clinical circumstances justify use

of one of these modifiers, both services may be reported with the NCCI-

associated modifier. However, if the NCCI edit does not allow use of

NCCI-associated modifiers to bypass it and the procedure qualifies as an

unusual procedural service, the physician may report the column one

HCPCS/CPT code of the NCCI edit with modifier 22. The Carrier (A/B

MAC processing practitioner service claims) may then evaluate the

unusual procedural service to determine whether additional payment is

justified.“

18

Medically Unlikely Edits (MUE)

35

Edits based on units of service

• Lower the Medicare Fee-For-Service Paid Claims Error Rate

• Define maximum units of service that a provider would report:

• Under most circumstances

• For a single beneficiary

• One a single date of service

• For a specific HCPCS/CPT code

Recovery Audit Contractors (RACs)

36

Overview

Recovery Audit Contractors by region:• Region A: Performant Recovery

• Region B: CGI Federal, Inc.

• Region C: Connolly, Inc.

• Region D: HealthDataInsights, Inc.

RAC Requirements: • Maintain 95% accuracy rate

• Maintain overturn rate of less than 10%

19


37

What do RACs audit?

• CMS approved issues

• Examples include:

• Cataract surgery-Complex

• Inpatient rehab-Complex

• Incorrect billing of hydration therapy-Automated

• Major joint replacement-Automated

• Incorrect billing of E/M-Complex


38

Types of review

• Automated - no medical record needed. Improper payments are

determined based solely on the submitted claims and regulatory

guidelines such as National Coverage Determinations, Local Coverage

Determinations, and the CMS Manuals.

• Semi-Automated - claims review using data and potential human review of

a medical record or other documentation. Medical records are supplied at

the discretion of the provider to support a claim identified by data analysis

as an improper payment.

• Complex - medical record required.

20

Recovery Audit Contractors

39

Recovery Audit Contractors

40

21

Recovery Audit Contractor (RAC)

41

RAC

identifies improper payment

Provider agrees:

- Submit payment

- request recoupment

- extended payment plan

Provider disagrees:

- submit a discussion period request

- submit a rebuttal

- redetermination request

Audit, Compliance, and Regulatory...

Documents

Transcript of Audit, Compliance, and Regulatory...