Presentation Overview

Transcription

1 Presentation Overview Compliance Atmosphere in the Healthcare Industry Teaming with Deloitte & Touche LLP (Deloitte & Touche) Deloitte & Touche Compliance Program Assessment Process Certain Identified Key Risk Areas in Home Health and Hospice Seven Essential Elements of a Compliance Program Structuring a Compliance Program under each of the Seven Essential Elements Role of Counsel in Compliance and the Privileging Process Q&A Panel Discussion 1

2 Compliance Atmosphere in the Healthcare Industry Certain Compliance-Related Aspects of Health Care Reform: Voluntary Compliance Programs May no Longer be Voluntary. Requirement to Report and Return Overpayments within 60 days after the Overpayment is Identified. Physician Face-to-Face Encounters. Changes in Therapy Requirements. 3 Compliance Atmosphere in the Healthcare Industry The White House announced that in 2009 Medicare and Medicaid improperly paid out $54.2 billion. Of that amount, $24.1 billion came from the Medicare fee-for- service program, which is more than twice as much as was reported in In comparison, the Bush Administration estimated that Medicare fraud only accounted for $17 billion from 2005 to The difference between and 2009 is likely attributable to the new method that CMS is using to measure payment errors. In the past, payment of claims supported by incomplete documentation or records with illegible physician signatures were not considered to be errors. Kathleen Sebelius, Secretary of HHS, said "This year, we made the call to stop calculating our error rate in fee-for-service Medicare the way that the previous Administration did and to start using a more rigorous method in calculating this rate in keeping with our 2

3 Compliance Atmosphere in the Healthcare Industry In it s Semi-Annual Report released to Congress on December 3, 2009, the OIG reported savings and expected recoveries of $20.97 billion for FY 2009, including $492 million in audit receivables and $4 billion in investigative receivables. For FY 2009, the OIG also reports: Exclusions of 2,556 individuals and entities from Federal health care programs; 671 criminal actions against individuals or entities that engaged in crimes against departmental programs; 394 civil actions, which include False Claims Act and unjust enrichment suits, civil monetary penalty settlements, and administrative recoveries related to provider self-disclosures; and As of December 2009, another 2,355 investigations were still pending. -Source: Office of Inspector General December 3, 2009 Compliance Atmosphere in the Healthcare Industry In a GAO report to the Ranking Member, Committee on Finance, U.S. Senate on Medicare Improvements Needed to Address Improper Payments in Home Health released in February 2009, it was reported that Medicare spending on home health totaled $12.9 billion in 2006, up 44% from 2002.* Additionally, concerns have been raised that improper payments from practices indicating fraud and abuse may have contributed to Medicare home health spending and utilization. *See Binder Materials for a copy of the February 2009 GAO Report: Improvements Needed to Address Improper Payments in Home Health 3

4 Compliance Atmosphere in the Healthcare Industry Additional Resources Focusing on Detecting Fraud, Waste and Abuse within the Healthcare Industry: Health Care Fraud Prevention and Enforcement Action Team (HEAT). Illustrates President Obama s commitment to fighting Medicare fraud. Invests $561M to strengthen program integrity in Medicare and Medicaid. Medicare Fraud Strike Forces Currently there are seven located in Miami, Los Angeles, Detroit, Houston, New York, Tampa and Baton Rouge. Federal Programs: Recovery Audit Contractors (RACs) and Zone Program Integrity Contractors (ZPICs). State Programs: Medicaid Integrity Program (MIPs) and Medicaid Fraud Control Units (MFCUs). Compliance Atmosphere in the Healthcare Industry How LHC Group has Prepared for HEAT, RACs, ZPICs and Other Governmental Inquiries: Developed a Task Force to create a consistent approach to respond to audits, records requests and other inquiries. Task Force includes members from the following functional areas: compliance, legal, revenue cycle, quality, operations, financial reporting and licensure/regulatory. Created a tracking mechanism with automated workflow to ensure all audits, requests and inquiries are inventoried, tracked and all responses are timely. Developed a system to receive and evaluate key risk indicator data on all agencies. Use the key risk indicator data collected to identify where to focus compliance auditing efforts. Created an ongoing system to constantly review and improve our documentation. 4

5 Teaming with Deloitte & Touche Deloitte & Touche was engaged in February 2009 to perform two compliance related assessments: (i) a compliance program assessment and (ii) a compliance risk assessment. Deloitte & Touche is consistently ranked by various publications as one of the nation s top healthcare consulting firms. For example, "Deloitte brings deep and broad capabilities to healthcare clients; its balance of financial, technical, and industry consultants allows the firm to respond to more complex and comprehensive engagements." Source: "Healthcare Consulting Marketplace "; Kennedy Information; used with permission. We enhanced, with assistance from Deloitte & Touche, our comprehensive compliance program that includes leading practices and which provides value to our employees and patients. Deloitte & Touche s Compliance Program Assessment Process Impact: an estimate of the severity of adverse effects, the magnitude of a loss, or the potential opportunity cost should a risk be realized; also referred to as gross inherent risk. In other words, it refers to the risk that exists before you address it, i.e., the risk to the company in the absence of any actions the company might take to mitigate the risk. Vulnerability: Vulnerability is the extent to which the functional area may be exposed or unprotected in relation to various risk factors after existing controls have been taken into account; also referred to as net residual risk, or exposure, is the risk that remains after the company has attempted to mitigate inherent risk. 5

6 Deloitte & Touche s Compliance Program Assessment Process H ) Risk Impact on Value INHERENT RISK (IMPACT) Deloitte & Touche s Compliance Program Assessment Process Assurance of Preparedness Privacy/Patient Information A R Redeploy Resources Prevent Detect Correct Escalate Compliance Program Effectiveness Health Care Reform Enhance Risk Mitigation M CI Measure e for Cumulative u Impact Assess Control Design Identify Gaps Determine Remediation Evaluate Mitigation Activities Test Internal Controls Define Worst Case Scenarios Look for Value Killers Rationalize Control Design Cost/Benefit Analysis L Vulnerability RESIDUAL RISK (VULNERABILITY) H 6

7 Certain Identified Key Risks Areas Within the Home Health Industry The following areas for Home Health Agencies are identified in the OIG FY 2010 Work Plan:* Part B Payments for Home Health Beneficiaries Accurately Coding Claims for Medicare Home Health Resource Groups Medicare Home Health Payments for Insulin Injections Home Health Agency Outlier Payments Home Health Prospective System Controls Home Health Agency Profitability Medicare Home Health Payments for Diabetes Self- Management Training Services Oversight of Home Health Agency Outcome and Assessment Information Set Data *See Binder Materials for a copy of the 2010 OIG Work Plan for Home Health Certain Identified Key Risks Areas Within the Home Health Industry Certain Other Key Risk Areas for Home Health Agencies include: Billing for Medically Unnecessary Services Billing for Services Not Actually Rendered Billing for Services for Patients who are not Homebound Disregard for Available, Willing and Able Caregivers when Providing Services Overutilization of Therapy Services Manipulation of the Various Therapy Thresholds OASIS-C Education and Training Length of Stay Episodes with Exactly Five Visits to Avoid a LUPA High Case Mix Adequate Clinical Documentation Relationships with Potential Referral Sources HIPAA Risks Sales and Marketing Efforts and the Anti-Kickback Statute 7

8 Certain Identified Key Risks Areas Within the Hospice Industry The following areas for Hospice Agencies are identified in the OIG FY 2010 Work Plan:* Physician Billing for Medicare Hospice Beneficiaries Trends in Medicare Hospice Utilization *See Binder Materials for a copy of the 2010 OIG Work Plan for Hospice Certain Identified Key Risks Areas Within the Hospice Industry Certain Other Key Risk Areas for Hospice Agencies include: Billing for Medically Unnecessary Services Billing for Services Not Actually Rendered Adequate Clinical Documentation Hospice Care for Nursing Home Residents Improper Relinquishment of Core Services Consent to Elect Medicare Hospice Benefit Patients Receiving Greater than Six Consecutive Months of Services Admitting Patients who are not Terminally Ill Failure to Follow Conditions of Participation Relationships with Potential Referral Sources HIPAA Risks Sales and Marketing Efforts and the Anti-Kickback Statute 8

9 Seven Essential Elements of a Compliance Program* 1. Written Policies, Procedures and Standards of Conduct 2. Designated Compliance Officer and Compliance Committee 3. Effective Training and Education 4. Reporting and Investigating: Effective Lines of Communication 5. Enforcement and Discipline: Well-Publicized Disciplinary Guidelines 6. Strong Monitoring and Auditing Program 7. Response and Prevention: Prompt Response to Detected *See Offenses Binder Materials for a copy of the Federal Sentencing Guidelines: Effective Compliance and Ethics Program LHC Group Has Adopted a Compliance Program Motto Dictionary.com defines integrity as adherence to moral and ethical principles; soundness of moral character; honesty. It s All About Integrity The reputation of our company and the ethical business practices lived out by every LHC Group employee play a critical role in our success. Keith Myers, President and CEO 9

10 Element 1 - Written Policies, Procedures and Standards of Conduct Compliance Policies and Procedures: Separate Company-Wide Policy Manual for all Compliance Policies and Procedures. Routine (no less frequent than annually) review and revision, as appropriate, of compliance policies and procedures. Verification that employees receive and review critical compliance policies and procedures, specifically those directly related to employees job functions. Code of Conduct for Sales, Marketing, Education and Entertainment Activities with Physicians and Other Healthcare Professionals. Element 1 - Written Policies, Procedures and Standards of Conduct Code of Conduct and Ethics:* Among other things, the Code includes the potential consequences to both LHC Group and its employees for failure to comply with certain statutes, t t regulations and guidelines applicable to Federal and State health care programs. Annual review and revision, as appropriate, of the Code. Annual Company-Wide distribution of the Code with mandatory employee review and attestation. Monthly new-hire distribution of the Code with mandatory employee review and attestation. Monthly audit of signed attestations regarding the review and understanding of the Code submitted by employees to confirm that all employees have read and understand the Code. *See Binder Materials for a copy of LHC Group s Code of Conduct and Ethics 10

11 Element 2 - Designated Compliance Officer and Compliance Committee Compliance Officer:* Oversees the implementation and monitoring of the compliance program. Reports to the Board of Directors (Audit Committee) with a dotted reporting line to the Chief Executive Officer and the General Counsel. Oversees the compliance department budget and all compliance personnel. Reports on a quarterly basis on the progress of implementation and related compliance topics to the Audit Committee and the Board of Directors. Oversees the implementation of an educational/training program that focuses on the elements of the compliance program. Independently d investigates t and acts on matters related to compliance and any resulting corrective action plans. Chairs the Compliance Committee. *See Binder Materials for a copy of LHC Group s Chief Compliance Officer Job Description Element 2 - Designated Compliance Officer and Compliance Committee Compliance Committee:* Meets at least quarterly or otherwise at the direction of the Chief Compliance Officer. Reviews operational, financial and other compliance risks and the steps management takes to monitor and control such risks. Reviews and updates, as appropriate, the Code of Conduct and Ethics. Reviews any major issues regarding the status of compliance with laws and regulations and any significant compliance investigations. Evaluates the qualifications, performance and independence of external auditors that may be brought in to assess the status of the compliance program. *See Binder Materials for a copy of LHC Group s Compliance Committee Charter 11

12 Element 3 - Effective Training & Education Board members, as well as members of management, receive compliance training at least annually. Annual, mandatory compliance training is required of all employees. Other job-specific and role-based compliance training is required of certain employees. Routine auditing / monitoring of the certifications to validate that employees are current with compliance training and education. Process in place to evaluate the effectiveness of the compliance training program by obtaining attendee feedback and scorecards. Element 4 - Reporting and Investigating: Effective Lines of Communication Web-based and telephonic compliance hotline ( IntegrityLine ) to create an anonymous way to report compliance concerns via an independent third party hotline vendor. IntegrityLine compliance hotline poster prominently displayed in every location and wallet cards sent to every employee.* Exit Interviews of all former employees via an independent third party vendor, which include compliance-specific questions. Tracking mechanism of all inquiries and complaints from employees as well as subsequent resolution information to validate that all inquiries and complaints are addressed in a timely manner. *See Binder Materials for a copy of LHC Group s IntegrityLine Poster 12

13 Element 4 - Reporting and Investigating: Effective Lines of Communication Two separate forms of quarterly communication from the compliance department to all employees: (i) Compliance Corner and (ii) Compliance Newsletter. Chief Compliance Officer addresses all employees on a regular basis, including frequently participating on weekly quality and operations calls and bi-weekly company-wide calls. Quarterly employee surveys conducted to gauge effectiveness of compliance department. Also, an annual compliance survey to be conducted to determine the ethical climate of the organization. Process in place to communicate issues and resolutions to Compliance Committee, Board of Directors and management, as appropriate. Compliance Department Interaction with Other Departments and Functions Compliance Department Revenue Cycle Internal Audit Quality and Performance Improvement External Auditors 13

14 Element 5 - Enforcement and Discipline: Well-Publicized Disciplinary Accessible and clearly written policies and procedures that Guidelines outline disciplinary guidelines. All compliance-related violations are dealt with urgency and utmost importance. Appropriate discipline, up to and including termination, always follows. Employee performance reviews include emphasis on the compliance component of the employee performance criteria. A component of employee incentive compensation to be tied to the compliance component of the employee performance criteria. We prohibit the employment of or contracting with anyone who may be excluded, debarred or otherwise ineligible for participation in Federal health care programs. A sanctions check is performed on all new employees and vendors, as well as annually on all employees and vendors. Element 6 Strong Monitoring and Auditing Program Business Function Assurance Function Business Unit Operations Process Improvement Internal Audit (Financially Focused) Compliance (Regulatory Focused) Operational Controls Monitoring Independent and Objective Audits Risk Mitigation Process 14

15 Element 6 Strong Monitoring and Auditing Program Performance of an Annual Enterprise, Home Health and Hospice Risk Assessment and review of OIG and other Industry Guidance. Development of an Annual Enterprise Compliance Work Plan. Development of an Annual Home Health Compliance Work Plan. Development of an Annual Hospice Compliance Work Plan. Annual Compliance Work Plans Include Risk-Based Audit Work Plans and Related Audit Tools to perform the Audits.* In addition to OIG and Risk-Based Work Plan Audits, our compliance auditing program includes a comprehensive clinical and billing compliance audit of medical records performed by clinicians and certified home health coders. Element 6 Strong Monitoring and Auditing Program Performance of a monthly review and follow-up audit of all billing compliance indicator findings from the Performance Improvement monitoring activities. Compliance Department receives monthly customized compliance risk indicator reports for every home health agency. Compliance Department manages and directs certain outside vendors who perform additional audits. Audit Frequency Monthly, Semi-Monthly, Quarterly, Bi- Annually or Annually Depending on factors such as risk and vulnerability. 15

16 Element 6 Strong Monitoring and Auditing Program The Compliance Department performs a quarterly review of each agency using a compliance scorecard that scores each agency based on the following criteria:* Compliance Department audit of billing compliance indicators incorporated into the monthly Performance Improvement monitoring activities. Compliance Department clinical and billing compliance medical record audits. Attestation to the Code of Conduct and Ethics (annual and new hire). Completion with a passing score of the annual compliance training course (annual and new hire). HIPAA compliance score. *See Binder Materials for a copy of LHC Group s Quarterly HHA Scorecard Element 7 - Response and Prevention: Prompt Response to Detected Offenses Chief Compliance Officer promptly responds to every compliance inquiry, compliant or allegation. Chief Compliance Officer promptly initiates an investigation of any compliance matter raised or discovered. Chief Compliance Officer has the authority to independently investigate all compliance matters raised or discovered and to engage legal counsel if necessary. Chief Compliance Officer and General Counsel have collaborated on a list of compliance issues/allegations that may require initiating the investigation in a way to preserve the attorney-client privilege. Use of Compliance360 web-based software application: Workflow automation and flexibility. Used to monitor all IntegrityLine compliance hotline allegations and investigations and all other compliance investigations. 16

17 Annual Evaluation of the Effectiveness of our Compliance Program Annual review of our Compliance Department performance and program effectiveness performed by the Internal Audit Department or an outside consultant using a compliance program effectiveness scorecard.* Compliance Oversight Compliance Foundation Compliance Training and Communication Investigations and Follow up Operational Compliance Audit Remediation and Resolution *See Binder Materials for a copy of LHC Group s Annual Compliance Department Scorecard Role of Counsel in Compliance and the Privileging Process The OIG and other industry guidance recommends that the Chief Compliance Officer report to the Board of Directors/Governing Board for independence purposes. If the Chief Compliance Officer is an attorney, it is recommended that he/she should not serve as an attorney for attorney-client privileging purposes. Chief Compliance Officer can obtain attorney-client privilege, when appropriate, through the in-house legal department or outside counsel. When is it appropriate to use the attorney-client privilege for compliance investigations? 17

18 Q&A Panel Discussion Panelist Contact Information John Indest, Special Advisor to the CEO, Director and Former President and Chief Operating Officer, LHC Group, Inc., Lafayette, LA or com Joshua L. Proffitt, Senior Vice President and Chief Compliance Officer, LHC Group, Inc., Lafayette, LA or Cheryl J. Golden, Senior Manager, Health Sciences and Regulatory Risk and Compliance, Deloitte & Touche LLP, Tampa, FL or 18

19 This presentation contains general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte, its affiliates, and related entities shall not be responsible for any loss sustained by any person who relies on this presentation. About Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, and its network of member firms, each of which h is a legally ll separate and independent d entity. Please see for a detailed description of the legal structure of Deloitte Touche Tohmatsu and its member firms. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries