Hot Topics ppt - HCCA Official Site · Using Social Media to Enhance Ethics and Compliance •...
Transcript of Hot Topics ppt - HCCA Official Site · Using Social Media to Enhance Ethics and Compliance •...
10/17/2013
1
Hot Topics in Compliance
Jay P. Anstine, JD
Lyn Snow, BSW, MPA, CHC
Sara Iams, JD
Audience Participation
• Change of format this year…
• If you know it…shout it!
10/17/2013
2
2013 OIG Activity
2013 OIG Activity
Work Plan
• DRG Payment Window
• Provider-Based Compliance
Special Alerts &
Guidance
• Physician-Owned Distributorships
• Self-Disclosure Protocol
• Exclusion Guidance
Other
• Advisory Opinions
• Report on Hospital Observation Services
OIG Self-Disclosure Protocol
• Overview of OIG Self-Disclosure Protocol (SDP)
– Process for providers to voluntarily disclose potential
violations of federal law which may result in CMP
liability
• Available to all providers and suppliers
• Not available for Stark Law-only disclosures (CMS’s SRDP)
– Original SDP published in October 1998 (63 Fed. Reg.
58399); Open Letters (2006, 2008, 2009)
– Since 1998: 800 disclosures, recovering $280 million*
• Updated OIG SDP effective April 17, 2013
10/17/2013
3
OIG SDP, cont.
• Relatively clear process
and submission
requirements
• Clarity on damages (1.5
multiplier is the floor)
• Reduced likelihood of
Corporate Integrity
Agreement (CIA)
• Mitigate 60-day
overpayment exposure
• Must specifically identify the
laws violated
• Must acknowledge the
potential violation – with no
guarantee of being accepted
to the SDP
• OIG will “coordinate” with
DOJ and CMS
• No False Claims Act release
• Minimum 1.5 multiplier for
damages
Physician-Owned Distributorships
(PODs)
• OIG Special Fraud Alert (March 26, 2013)
– PODs are entities that derive revenue from selling
medical devices that their physician-owners use in
procedures at hospitals or ASCs
– OIG: “PODs are inherently suspect under the anti-
kickback statute”
• Consistent with pattern of heightened scrutiny
– Special Fraud Alert on Joint Ventures (1989)
– Universal Shockwave Services Settlement (2010) (lithotripsy)
– Senate Finance Committee (2011)
PODs, cont.
• AKS Risk for Hospitals/ASCs– Hospitals’ purchase of devices from PODs seen as
“securing” physician-owner referrals
• Ways to Mitigate Risk in Contracting with a POD � Written purchase agreement
� Pricing (FMV, better or equal to terms with non-physician-owned vendors, no variation with referrals)
� No “leveraging” of referrals by physicians
� Not exclusive /physicians given choice in products *
� Commercially reasonable warranties, return policies
� Require physician disclosure of POD ownership*
10/17/2013
4
OIG Special Advisory Bulletin on Exclusion
What• Screening for exclusion from Federal health care program participation
Who
• ANYONE providing services directly or indirectly payable by a Federal health care program (entities, employees, temps, volunteers, drivers)
Where
• OIG’s List of Excluded Individuals and Entities (LEIE)
• GSA (incorporates LEIE)
• All 50 states
When• At your discretion… but monthly is safest
Why
• Payment for services denied
• CMP Liability
OIG Exclusion, cont
• Did you know…– Over 5,400 people are currently excluded due to
defaulting on student loans (govt.-backed)*
Source: ModernHealthcare.com: Exclusion Efforts
(May 18, 2013)
– Exclusion follows the person
• An excluded pharmacist remains excluded even if obtains and works under a separate health care license (e.g., MD)
– An excluded provider may refer a patient to a non-excluded provider
HIPAA
10/17/2013
5
HIPAA OMNIBUS
• Effective Sept. 23, 2013
High Level Changes
• Business Associates
• Marketing & Fundraising
• Sale of PHI
• Right to request restrictions
• Electronic Access
• Breach Notification
• GINA
Other Modifications
• Research
• Notice of Privacy Practices
• Decedents
• Student Immunizations
10/17/2013
6
Breach Notification Requirements
Breach Notification Requirements
• Nature & Extent of PHI Involved
• Who Received or Accessed the PHI
• Potential the PHI was Actually Viewed or Acquired
• Extent to Which the Risk to the PHI was Mitigated
New Omnibus rule requires the
Risk Assessment to Include, at a
Minimum:
• Demonstrate required notifications have been provided, or
• Demonstrate a use or disclosure of unsecured PHI did not constitute a breach.
• Have written policies & procedures regarding breach notification
• Train employees on policies & procedures
• Develop appropriate sanctions for noncompliance
Burden of Proof on CEs to:
10/17/2013
7
• Notify individual by first class mail or email, if
individual has agreed to receive such notices
electronically
• If entity unable to locate > 10 individuals must post
on home page of website, or provide notice on
broadcast media or major print where individuals are
likely to reside
• Notice must be provided no longer than 60 days
following discovery of breach
Breach Requirements
The Breach
Notices
Must contain a toll-
free number
individuals can call to
determine if their PHI
was involved in the
breach
• Breaches of > than 500 must be
reported to HHS @ the same time the
notice is given to the affected
individuals
• Breaches of < 500 may be kept on a log
and reported no later than 60 days after
the end of the calendar year
Notification to the Secretary of
HHS
10/17/2013
8
HIPAA Patient Rights
� Notice of Privacy Practices (NPP)
� Request for Privacy Protections
� Access and/or Obtain Copy of Records
� Request Amendment to Records
� Accounting of Disclosure
� Notice of Breach of PHI
� Restrict Information to Health Plan if Paying out-of Pocket
� Receive electronic copies of medical records
• HITECH Accounting of Disclosure Rule
• HITECH Minimum Necessary Guidance
• HIPAA/CLIA Patient Access to
Laboratory Test Reports Rule
• HITECH Distribution of Penalties to
Harmed Individuals
Not in Omnibus
State Regulatory Update
10/17/2013
9
Health Insurance Exchange?
Marketplace?
• True or False…A “Health Insurance Exchange” is different from a “Health Insurance Marketplace”?
False
DHHS changed the name of the new individual insurance plan market from Health Insurance Exchange to Healthcare Marketplace in January 2013.
• Source: The Hill, Healthwatch, 1/20/13
Colorado
• 2013 Key Legislation
– ACA Implementation:
• HB 13-1266: Health Ins. Alignment w/ Fed Law
• HB 13-1245: Funding-Colorado Marketplace
– New Medicaid Reporting Requirements
• HB 13-1068: Inspections of Medicaid Providers
• SB 13-137: Medicaid Fraud, Waste & Abuse Prevention
• SB 13-277: Uniform Prior Authorization-Drug Benefits
Wyoming
• 2013 Key Legislation
– ACA Implementation:
• HB 0203-Health Benefit Exchange Study/Select
Committee
– Medicaid Reform
• SF0060: Authorizes increased Fraud Prevention
• SF0083: Creates Wyoming Medicaid FCA
10/17/2013
10
Utah
• 2013 Key Legislation
– ACA Implementation:
• Hybrid Federal/State Run Marketplace
• HB 391-Prohibiting Medicaid Expansion
– Medicaid Reform:
• HB 315-Medicaid Inspector General
• SB 20- Medicaid Security Breach Legislation
New Mexico
• 2013 Key Legislation
– ACA Implementation:
• HB 168-State Run Marketplace
– Immunization Reporting
• SB 58-Mandatory
– Medicaid Fraud Prevention: 2012
• HB 66 Medicaid Fraud Prevention & Detection-DIED
• HB 80-Medicaid False Claims Act-DIED
Sources
• Colorado Legislature
– http://www.leg.state.co.us/clics/clics2013A/cslFro
ntPages.nsf/HomeSplash?OpenForm
• Wyoming Legislature
– http://legisweb.state.wy.us/LSOWEB/Default.aspx
• Utah Legislature
– http://le.utah.gov/
• New Mexico Legislature
– http://www.nmlegis.gov/lcs/
10/17/2013
11
Federal Regulatory Update
Stark & Medicaid
• Does the Stark Law Apply to Medicaid :
a) Directly
b) Indirectly
c) Not at all
d) Unclear
Stark & Medicaid, cont.
• DOJ’s Theory – Statute prohibits FFP for Medicaid services if
furnished pursuant to a referral that would be prohibited in Medicare context.
• (42 U.S.C. §1396b(s)
– Provider “causes” Medicaid to submit a false claim to federal government when it seeks payment for such services.
• What To Watch For– U.S. ex rel. Baklid-Kunz v. Halifax Medical Center
– U.S. ex rel. Osheroff v. Tenet Healthcare Corp.
10/17/2013
12
Two-Midnight Rule for Hospital Admissions
• Inpatient vs. Outpatient/Observation
– Shands Healthcare ($26 million)
– Beth Israel ($5.3 million)
– Morton Plant Mease Healthcare ($10.1 million)
• 2014 IPPS Final Rule intends to clarify the guidelines for appropriate inpatient admissions:
– Two-Midnight Benchmark
– Two-Midnight Presumption
Two-Midnight Rule, cont.
• Reasonable expectation of inpatient stay crossing two-midnights = justification for admission
• Used by admitting practitioner/hospital
• Clock starts with first outpatient service
Benchmark
• Inpatient stays of >2 midnights will be presumed “generally appropriate”
• Used by CMS auditors
• Clock starts with physician order for inpatient services
Presumption
Two-Midnight Rule, cont.
• CMS Follow-Up Guidance
– “Implementation period” – Oct. 1 to Dec. 31, 2013
• No MAC or RAC review of claims spanning two or more
midnights
• No RAC scrutiny of claims spanning one midnight or
less during this time (and no retroactive scrutiny, per
Open Door Forum)
• MACs will conduct prepayment probe sample (10-25
claims) for “education” purposes
10/17/2013
13
Inpatient Order Requirement
• True or False
– There is no difference between a physician
order for inpatient services and a physician
certification for inpatient services
FALSE
Inpatient Order Requirement
• Physician “Orders” (historically)
– Hospital Conditions of Participation require physician
“recommendation” for admission
– Statute requires physician certification for inpatient services furnished
“over a period of time”
• Physician Orders (as of Oct. 1, 2013)
– CMS also requires physician admission order in the medical record as
a condition of Part A payment
• Order must be supported by physician admission and progress notes in
the medical record
• Must be furnished at or before the time of admission
Inpatient Orders, cont.
• Order Requirements
– Order verbiage must indicate specific intent to
admit “as an inpatient” (“Admit to Tower 7”
insufficient)
– Verbal orders
• CMS: hospital “should not” submit a claim for Part A
payment until the verbal admission order is
documented and authenticated in the medical record
• Verbal order must be countersigned by the practitioner
who gave the verbal order*
10/17/2013
14
Social Media
Social Media
Many social network users are
communicating in their virtual
underwear with few inhibitions
10/17/2013
15
“No it is not acceptable for physicians or
licensed independent practitioners to text
orders for patients to the hospital or
other healthcare setting. This method
provides no ability to verify the identity
of the person sending the text and there
is no way to keep the original message as
validation of what is entered into the
medical record.”
The Joint Commission November 10, 2011
10/17/2013
16
maintain physical control of your mobile device/computer
unsecured
networks
unintentional disclosure
10/17/2013
17
Does Your Agency or Organization
Have a Social Media Policy??
Colorado Law Update
• On May 12, 2013, Colorado’s governor signed
H.B. 1046 into law to forbid employers from
requiring or requesting that prospective and
current employees disclose their username
and password to their personal social media
accounts.
Other States
• Several other states have codified similar laws,
including Maryland, Illinois, California,
Michigan, Utah, New Mexico (which ostensibly
applies to prospective employees only), and
Arkansas. A number of other states and the
U.S. Congress have introduced such
legislation.
10/17/2013
18
Using Social Media to Enhance
Ethics and Compliance
• Policies
• Training
• Education
• Supervisor Responsibility
References
• Sources:
– Center for the Application of Substance
Abuse Technologies, Reno, Nevada
Looking ahead…2014
10/17/2013
19
What’s Out/What’s In
for Compliance in 2014
What’s Out…. What’s In….
• 2013 Work Plan 2013 2014 Work Plan
• Traditional Inpt vs. Obs 2 Midnight Rule
• “Harm Threshold” “Low Probability”
• Phys Owned Spec Hosp? Phys Owned Distributors
• Big Pharma Settlements? Big Hospital Settlements?
• HIPAA Privacy :
“I thought you should know” “You better lawyer Up!”
• ACA Implementation ACA Fraud
What Hot Topics Do you have?
• New Stories?
• Rumor Mill?
• Hypo’s?
• Any Questions?