environment - hcca official site · 3/16/2016 2 2015 activity • doj recovered more than $3.5...
TRANSCRIPT
3/16/2016
1
EFFECTIVE COMPLIANCE: LESSONS
LEARNED FROM THE PAST AND
PREPARING FOR THE FUTURE
Bret Bissey, Senior VP, Compliance Services, MediTract, Inc.
Sean McKenna, Partner, Haynes and Boone, LLP
Kenneth Zeko, Senior VP, CHAN Healthcare, LLC
© 2016 CHAN Healthcare
Outline
• Current compliance environment• New governmental resources• 2015 Activity• Data analytics• Hospital/physician arrangements - risks• Enforcement outlook
• Steps to ensure effective compliance• Securing executive leadership buy-in• Embedding compliance in operations• Demonstrating compliance effectiveness
• Corporate integrity agreements and mandated compliance• Examples• Trends
2
Current Compliance Environment
3
3/16/2016
2
2015 Activity• DOJ recovered more than $3.5 billion in FY 2015
• Down from last year’s $5.6 billion recovery• But continues 4-year record of recoveries over $3 billion
• Of $3.5 billion –• $1.9 billion from healthcare industry, including $330 million from
hospitals • $2.8 billion (more than half) from cases filed by whistleblowers
• Number of qui tam suits exceeded 600• Down from last year’s 700• But way up from 1987’s 30• Whistleblowers received record $597 million
4
Data Analytics: An Evolution
• Investment into data analytics• Prevent payment of fraudulent claims
• Identify trends and red flags
• Identify outliers
• New Investigative and Enforcement Strategies• The “Fraud Prevention System”
• Automated provider screening program
• Next Generation Desktop
5
The Fraud Prevention System• “The Fraud Prevention System is the state-of-the-art
predictive analytics technology required under the Small Business Jobs Act of 2010.” • Since June 30, 2011, it has run predictive algorithms and other
sophisticated analytics nationwide against all Medicare fee-for-service claims prior to payment.”
• “For the first time in the history of the program, CMS is systematically applying advanced analytics against Medicare FFS claims on a streaming, nationwide basis as part of its comprehensive program integrity strategy.”• Report to Congress: Fraud Prevention System, Second
Implementation Year 2014
6
3/16/2016
3
Healthcare Fraud Prevention Partnership
Purpose is to improve the detection and prevention of healthcare fraud by:• Exchanging data and information between the public and
private sectors• Leveraging various analytic tools against data sets provided by
partners• Providing a forum for public and private leaders and subject
matter experts to share successful anti-fraud practices and effective methodologies for detecting and preventing healthcare fraud
See https://hfpp.cms.gov/about/index.html
7
Enforcement Outlook • Government budget shortfalls
• Innovative methods to save healthcare dollars
• Criminal and administrative activity increasing
• Greater attention by DOJ and OIG-HHS on individuals and arrangements
• Investigations becoming more complex• Unprecedented focus on punishing medical decisions
• e.g., implantable cardiac defibrillators
• Entire industry segments under scrutiny
• Conduct of ancillary player affecting physicians and systems
8
• Creation of Health Care Fraud Prevention and Enforcement Action Team (HEAT)• New laws and new tools for the Government to fight fraud, waste, and
abuse
• On June 30, 2015 HHS OIG announced formation of a new affirmative litigation team to focus exclusively on pursuing civil monetary penalties and exclusions• Doubles the number of dedicated litigators to bring cases under the
civil health care laws, • Team will be look at FCA cases as sources of potential enforcement
actions
9
New OIG Resources
3/16/2016
4
Yates Memorandum• Issued September 2015
• Entitled “Individual Accountability for Corporate Wrongdoing”
• Emphasizes DOJ’s commitment to combat fraud “by individuals”
• Recommends:
• Not to give cooperation credit unless company provides facts re: individuals
• To focus investigations on individuals “from the inception”
• Not to release “culpable individuals” from liability absent “extraordinary circumstances”
• Not to settle with company without “clear plan to resolve related individual cases”
10
Physician Quality Reporting System (PQRS) Accuracy and Consistency*** Incentive to Report, Participate
• PQRS is a quality reporting program that uses negative payment adjustments to promote reporting of quality information by individual EPs and group practices
• Those who do not satisfactorily report data on quality measures for covered Medicare Physician Fee Schedule services furnished to Medicare Part B beneficiaries [including Railroad Retirement Board, Medicare Secondary Payer and Critical Access Hospitals method II] will be subject to a negative payment adjustment under PQRS. Medicare Part C–Medicare Advantage beneficiaries not included
• Beginning in 2015, CAHs using billing method II may participate in PQRS by all reporting mechanisms, including claims-based reporting
11
Physician Quality Reporting System 2015 Measures Listhttps://www.cms.gov/Medicare/Quality-Initiatives-Patient-Assessment-Instruments/PQRS/MeasuresCodes.html
12
3/16/2016
5
Quality “Measurement Fatigue”
• Public sector• Today more than 500 different state and regional quality measures
• Only 20% used by more than 1 program
• Private Insurers – unique evaluation measures• More than 550 additional performance measures
• Source of enormous inefficiency
• Could this lead to compliance problems?
13
Physician Compensation ConcernsAgreements between hospitals & physicians in New Quality Model• June 2015 – OIG Fraud Alert focuses on Physician Compensation
Arrangements
• Targeted at physicians and directs that all compensation arrangements need to be fair market value and reflect payment for bona fide services that have been provided
• If any purpose of the arrangement is to compensate a physician for past or future referrals, the potential does exist for violation of the Anti-Kickback Statute
• This could result in possible criminal, civil or administrative sanctions, including but not limited to exclusion from the federal healthcare programs and potential draconian penalties via the False Claims Act
• Many new Clinical Integration Models which will need to be reviewed and monitored
14
Why Should a Provider Be Compliant?
• Quality reporting is the future• Population-based medicine models of future care
• Reputational risk• Both locally and regionally
• Never good to have bad data• If this data (coding) is not accurate…what else is not
properly being done?• Where do auditors focus their energies - the good guys or the bad
guys?• Learned whistleblowers• False Claims Act potential?
• Reduction in pay of 2-3 percent
15
3/16/2016
6
Disclosure of “Violations”• ACA requires repayment within 60 days
• CMS now issued final rule
• Disclosure to DOJ• Possible non-prosecution of business entity
• See USAM § 9-28.000, et seq.
• Limited civil FCA multiplier• See FCA § 3729
• HHS-OIG Self-Disclosure Protocol• Lower damages/no integrity obligations
• CMS Voluntary Self-Referral Disclosure Protocol• Do not disclose both to CMS and OIG• Use OIG protocol if implicates other laws• 81 Fed. Reg. 7653
16
17
Steps to Ensure Effective Compliance
United States Federal Sentencing Guidelines
• USSG § 8B2.1. Effective Compliance and Ethics Program• Exercise due diligence to prevent and detect criminal conduct
• Promote an organizational culture that encourages ethical conduct and a commitment to compliance with the law
18
Securing Leadership Buy-in
3/16/2016
7
19
Guidance on Board Responsibilities
20
Guidance, cont’d
Board Governance – Leading Practices
• Does board receive tailored education to what is occurring (internally and externally)?
• Does board understand various types of risk?• Compliance officer can communicate with the board whenever he or she
wants without hesitation?• Does CCO have routinely scheduled executive sessions with board?
• Does CCO report to board?
• Does the board have any role in CCO’s performance evaluation? • Is there a formal compliance committee of the board?• Are board members involved in the compliance program oversight?• What is the compliance knowledge level of board?
• Engage experts to assist in program functioning/validation of “effectiveness” of compliance program
• Is external assistance available when necessary?
• Does board receive updates from the organization?
21
3/16/2016
8
Board Attestation
22
CEO Attestation
23
Executive Leadership – Leading Practices
• Does leadership understand the seven elements of compliance?
• Does the CCO report to the CEO?• How frequently does the CCO meet with the CEO?
• Are the meetings formally scheduled?• Are agendas prepared? • Are notes taken? • Are minutes taken?• How often are these meetings canceled/rescheduled?
• Can employees give examples of leadership’s commitment to compliance?• Does CCO have an understanding of employees’ perceptions of
executive leadership’s commitment to compliance?
24
3/16/2016
9
Leadership – Leading Practices, cont’d.
• Does leadership participate in operational compliance committee/matters?
• Does leadership provide outreach to employees regarding compliance
• Does leadership evaluate/consider suggestions regarding:• Risks
• Value
• Strategic Vision
• Growth
25
Leadership – Leading Practices, cont’d.
• Does leadership kickoff annual compliance risk assessment process?
• Does leadership introduce the hotline at least annual?
• Does leadership offer frequent/comprehensive compliance training?
• Does leadership compensation include compliance metrics?
26
27
Embedding Compliance in Operations
3/16/2016
10
Effective Compliance
28
Employee Attestation
29
Compliance
Legal/risk management
Internal Audit
HIM
Utilization management
Quality
Revenue Cycle/finance
Pharmacy
Laboratory
30
Leading Practice Committee ExamplesNon-executive participants, but department leaders or delegates. Typically includes:
Research
Admitting/registration
Emergency department
Radiology
Physician leadership
Nursing
IT
HR
Health plan
3/16/2016
11
31
Leading Committee Examples, cont’d.Typical functions:• Compliance risk identification• Compliance risk mitigation• Compliance training• Monitoring and auditing • Addressing findings from monitoring/auditing• Monitoring status of corrective actions
Sample agendas items: • Regulatory and compliance updates• Discussion of operational compliance monitoring and auditing by each
member of committee• Compliance training update• Discussion of necessary action items to continue to evolution of
compliance program• Addressing ad-hoc issues as necessary
32
Demonstrating Effective Compliance
33
Road Map for Compliance Program DocumentationManuals, plan, or other documents that describe approach to the compliance program,such as:• Organizational chart• Budget• Board meetings• Compliance program document• Compliance program roles, responsibilities• Code of conduct• Annual report
Boards' resolutions, agendas, or minutes that describe role in overseeing compliance:• Board audit/compliance committee charter• Compliance committee charter• Compliance department charter• Operational compliance committee charter• Operational compliance committee and Board audit/compliance committee agendas
and meeting minutes that the committees' roles in overseeing compliance program
3/16/2016
12
Road Map, cont’d. Summaries of self-reporting, disclosures, incidents and corrective action plans:• If organization’s compliance efforts result in reduced overpayments, compliance should track• Disciplinary measures, if any associated with incidents
Compliance policies and supporting documents:• Self-disclosure• Non-retaliation• Corrective action• Training• Conflict of interest• Risk assessment
Hotline information:• Reports• Tracking, trending metrics• Significant incidents reports• Efforts undertaken to raise hotline awareness
34
Road Map, cont’d. Compliance risk assessments:• Risk assessment process• Risk assessment results
Compliance auditing/monitoring:• Auditing/monitoring findings• Reports• Corrective action plans• Key Compliance and Operational metrics focused on outcomes.
Compliance Training and communications regarding compliance:• Training modules• Newsletters• Updates• Tracking/trending (what happens when 100% don't complete)
Documentation describing how business areas with compliance risks interact with the compliance program:• Mini-compliance plan documents for areas that have compliance risks• The departmental plan should be based upon the traditional elements of effective compliance programs
35
Elements to Consider in Your Benchmarking Efforts
3636
Other Data Points to Trend by Year
Annual Audit Work Plan Completion
Budget Analytics
Audit Benchmarking Scorecard
Audit/Monitoring
Potential Areas of Trending Your Coding, Billing Results
Education
Hotline Calls
• Refunds.• Physician
arrangements• Survey results
3/16/2016
13
Physician Arrangements - Leading Practices• Ensure that systems are in place to track, monitor and
report time and effort• Track nonmonetary compensation• Conflicts of interest disclosures• Keep documentation of negotiations• Proactively manage complaints or concerns and ensure
corrective action• Track remuneration to and from all parties • Track services and activity logs• Monitor use of leased space or equipment• Regularly audit logs and reports to substantiate payments
37
Arrangement Leading Practices, cont’d.
• Identify potential sources of obligations to repay• Claims submissions• Enrollment forms• Contracts• Certifications
• Keep up with evolving legal standards• Receivables monitoring, auditing, disclosure• Listen and investigate when an employee, contractor,
agent, or anyone tells you that there is a “problem” at the company• Remediate promptly• Consider self-disclosure, repayment strategies, and obligations
38
39
CIA Trends & Effect on Compliance Programs
3/16/2016
14
CIA Trends
• Executive leadership, management, and board attestations/certifications
• Disgorgement of compensation for bad actors
• Supplemental documentation requests
• Multi-issue CIAs
• Quality of care CIAs
• Arrangement reviews
40
Factors Resulting in CIAs
• Scope of allegations• Amount of damages
• Nature of allegations • Failure of care vs. billing
• Provider type• Large providers/companies may already have compliance function
• Repeat offenders
• Poor tone at the top/lack of compliance programs
• Reputation of provider
41
Notable Broward CIA Requirements Include:• Extensive management certifications
• Focus arrangement database and process, policies, etc.
• Risk assessment and internal review process regarding arrangements and focus arrangements
• Independent review organization (IRO)• Arrangements systems review – systems, processes, policies and
procedures relating to the initiation, review, approval and tracking of arrangements
• Arrangements transaction review – 50 to determine whether they complied with the focus arrangement procedures and requirements
42
3/16/2016
15
Recent Medical Necessity CIAs
• King’s Daughters Medical Center - May 2014• $40.9 million settlement
• 5-year CIA
• Saint Joseph London - January 2014• $16.9 million settlement
• 5-year CIA
43
Nason Medical Center – Management Certifications• Certifying employees specifically expected to monitor and
oversee activities within their areas of authority and annually certify compliance with applicable federal healthcare program requirements
• Persons include employees with management responsibilities, such as: • Billing manager • Director of Human Resources • Medical directors• Manager and CEO • Laboratory director • Radiology director • Business administration manager • Accounting director • Director of business analysis
44
Nason Medical Center – Employee Certification“I have been trained on and understand the compliance requirements and responsibilities as they relate to [insert name of department, and/or facility], an area under my supervision. My job responsibilities include ensuring compliance with regard to the [insert name of department, and/or facility] with all applicable Federal health care program requirements, obligations of the Corporate Integrity Agreement, and Nason policies, and I have taken steps to promote such compliance. To the best of my knowledge, except as otherwise described herein, the [insert name of department] of Nason is in compliance with all applicable Federal health care program requirements and the obligations of the Corporate Integrity Agreement. I understand that this certification is being provided to and relied upon by the United States."
45
3/16/2016
16
Dignity Health• Appointment of service area compliance officers• Service area compliance committees• Must submit to OIG all documentation reviewed and
actions taken related to compliance oversight• Board resolution of compliance with CIA
• If cannot achieve, explain why
• Certifications:• Executive leadership (9)• Operations leadership (15)• CFO - with annual report submission
• Address inpatient medical necessity• Risk assessment and internal review process
46
Infirmary Health Systems, Inc. • Federal whistle-blower lawsuit that claimed clinics
routinely overpaid doctors to refer radiology patients to hospitals
• Paid $24.5 Million• Whistleblower was physician, received $4.4 million
• Case centered on incentives paid to physicians for referrals
• Signed Corporate Integrity Agreement http://oig.hhs.gov/fraud/cia/agreements/Infirmary_Health_System_07182014.pdf
• Five-year commitment
• Legal IRO required
• Focus arrangement obligations
47
48
Final Thoughts
3/16/2016
17
Compliance Must Be Effective
If an organization is found guilty of a violation of state or federal laws, the government may offer a reduction in penalties if an effectivecompliance program is in place
49
Questions?
50