Authored by Chris Shaughnessy
KYdoc, October/November 2012
The Patient Protection and Affordable Care Act ("PPACA") strives to improve our health care system in three main ways: by expanding consumer protections, strengthening Medicare and reducing health care costs. A key goal in PPACA is reducing fraud, waste and abuse. The federal government's commitment to preventing fraud and abuse activity has never been more clearly understood than now. With an allocation of $350 million over the next 10 years to help fight fraud through the newly established Health Care Fraud and Abuse Control Account ("HCFAC"), it is obvious that the controls set forth in PPACA will be vigorously pursued.
With a focus on prevention, penalties and recovery, compliance plans are emerging as a health care provider's best insurance. Increasing penalties by 20-50 percent for crimes involving more than $1,000,000 in losses, the PPACA's backbone is stronger sentencing for health care fraud. With more stringent screening and enrollment requirements, PPACA employs stricter oversight. Fingerprinting, licensure checks, criminal background checks and site visits are potential hoops providers will have to jump through prior to billing approval. Even after clearing all the obstacles, a provider's enrollment can be denied by the Secretary of the United States Department of Health and Human Services, if the cause is preventing or combating fraud, waste and abuse. The Secretary can also withhold Medicare or Medicaid payment if an allegation of fraud is under investigation. This approach to penalties is forcing the medical community to rethink how to avoid these issues within their own practices and facilities.
Prevention is being promoted as a responsibility not only for government agencies enforcing the new law, but for providers and suppliers, as well. This is the driving force behind compliance plans becoming an integral player in the game. In this new environment, it is evident that every provider and facility needs to have a strong compliance plan in place.
The Office of the Inspector General ("OIG") has always encouraged Medicare and Medicaid providers to implement compliance programs. For 14 years, as a matter of fact, OIG has provided compliance guidance in 11 health care sectors (including: hospitals, nursing facilities, home health care, hospice and third-party billers). With compliance plans and programs now mandatory for any provider enrolled in a federal health care program, the OIG compliance tools are no longer just guidance.
Compliance plans and programs vary for different health care organizations. However, OIG has identified seven "core elements" that have to be present in every compliance program:
· Internal Monitoring and Auditing: A regular review of the organization's claim process is necessary in demonstrating the effectiveness of the organization's plan and ability to identify risk areas and violations.
· Written Standards and Procedures: Integral to the success of the compliance program, written standards and procedures inform the organization's members of the compliance requirements.
· Designation of a Compliance Officer: A Compliance Officer is charged with the responsibility of overseeing the program, implementing all functions of the program and acting as the reporting member of the organization for violations or compliance concerns.
· Training and Education: All members of the organization should have effective and appropriate routine training on the standards and procedures for which they are responsible to comply with the program.
· Investigation of Alleged Violations and Appropriate Disclosures: Organizations must investigate alleged compliance violations or issues when they are discovered. If it is determined that a violation of the law or compliance program has occurred, action must be taken immediately to remedy the situation. Return of overpayments, internal discipline, or civil or criminal action may be necessary, depending on the violation.
· Open Lines of Communication: Organization members must have an open line of communication, such as a "hotline," to communicate compliance issues or violations.
· Enforcement of Disciplinary Standards: An organization's members should be made aware of the disciplinary actions that will be taken in the event of failure to comply with the written standards and procedures of the compliance program. These actions should be applied consistently.
The core elements fall in line with the federal Sentencing Guidelines at §8B2.1, and a compliance program that follows these guidelines can be subject to a reduced criminal sentence in the event of a violation. These elements will be the foundation for every successful compliance plan. However, the plan must be tailored to each specific organization/practice, and could possibly be subject to additional requirements under PPACA. Nursing facilities, for example, are also subject to Section 6102, which has eight required elements, and these facilities face a rapidly approaching deadline for compliance, with all programs required to be in place by March, 2013.
Compliance and preparedness are two very real, everyday concerns for long-term care facilities. Not only are these important aspects of daily operations for the safety of the employees and patients, they are paramount because any day an official from the Office of the Inspector General ("OIG") could show up for an inspection.
The OIG is planning unannounced inspections of long-term care facilities as part of the increased crack-down on fraud, waste and abuse in the Medicaid and Medicare programs. Compliance with the new federal regulations will be the purpose of the inspections, which will focus on the management and evaluate the programs looking for any vulnerability, inefficiency or violation that could be considered fraud or abuse. With increased budgetary dollars earmarked for enforcement, facilities can expect inspections to be very vigorous.
Providers and facilities should be taking the necessary steps to improve overall understanding of the controls outlined in PPACA. Training programs, policies and procedures, and record-keeping practices, coupled with a solid compliance plan, can protect against violations. If providers invest in developing a compliance program that meets the new PPACA fraud, waste and abuse controls while satisfying OIG inspection expectations, it will be their best defense. It is not simple to design (or re-design) and implement a plan that will protect your organization from the increased fraud, waste and abuse controls. Preventing simple mistakes can and will make all the difference. Also having an attorney draft or review your compliance plan and program is always a smart safeguard.
Christopher J. Shaughnessy is an attorney at McBrayer, McGinnis, Leslie & Kirkland, PLLC. Mr. Shaughnessy concentrates his practice area in health care law and is located in the firm's Lexington office. He can be reached at firstname.lastname@example.org or at 859-231-8780.
This article is intended as a summary of state law enforcement activities and does not constitute legal advice.