Fraud and Abuse Compliance Program 101: Do You Have a Plan? Is That Plan Effective?

Transcription

1 Fraud and Abuse Compliance Program 101: Do You Have a Plan? Is That Plan Effective? Long-Term Care Webinar - December 15, 2015 Jonell B. Beeler Gina G. Greenwood Shareholder Shareholder Jackson, Mississippi Atlanta, Georgia office office jbeeler@bakerdonelson.com ggreenwood@bakerdonelson.com Baker, Donelson, Bearman, Caldwell & Berkowitz, PC has civil and criminal litigators and fraud and abuse compliance attorneys who represent clients across the U.S. from offices located in Alabama, Florida, Georgia, Louisiana, Mississippi, Tennessee, Texas and Washington, D.C.

2 Jonell B. Beeler Jonell Beeler, shareholder in the Jackson office of Baker Donelson, concentrates her practice in health care. She serves as leader of the Firm's Health Care Government Investigations Group and the Health Care Regulatory Task Force. Her experience includes health care compliance; Medicare and Medicaid reimbursement, provider enrollment, conditions of participation and regulatory matters; federal and state fraud and abuse laws, anti-referral laws and corporate practice of medicine laws; managed care; and health care acquisitions and joint venture arrangements She regularly advises clients on the Medicare Anti-Kickback Statute, the Stark Law, the Civil Monetary Penalties Statute, the False Claims Act and other federal and state legal, regulatory and business issues related to the health care industry. She has defended clients in civil, criminal and administrative investigations, advised on self disclosure and repayments and negotiated Settlement Agreements and Corporate Integrity Agreements. 2

3 Gina Ginn Greenwood Gina Greenwood practices from the Atlanta/Macon offices of Baker Donelson and concentrates her practice on a wide range of matters, including fraud and abuse (Stark Law, Anti-Kickback Statute and FCA) compliance and investigations; cyber liability and identity theft; HIPAA Privacy and Security Rule compliance and breach notification; IT and certified EHR implementation; meaningful use; EMTALA compliance, CMS and state licensure survey plans of correction responses and hearings; Joint Commission training and compliance; self reporting; risk management strategies; peer review; corporate health care transactions; contract drafting and general business advice; and many other regulatory matters pertinent to all types of health care entities and companies. Gina has authored numerous health care materials and is a frequent speaker for Georgia Hospital Association and professional compliance organizations on fraud and abuse, HIPAA compliance, data breaches and EMTALA compliance. Gina was recognized by Chambers USA as a leading health care lawyer in America (2011 and 2012). Voted Georgia Trend Legal Elite in Healthcare. Served as 2014 expert witness and provided US Congressional testimony on EMTALA and mental health to the United States Commission on Civil Rights in Washington, DC. 3

4 EARLY OIG VOLUNTARY COMPLIANCE GUIDANCE Compliance Program Guidance for Nursing Facilities (2000) (65 Fed. Reg ) Listed 7 basic elements Listed risk areas to include Quality of care and residents rights Employee screening Billing and cost reporting Vendor relationships (kickbacks, inducements and self-referrals) and Record keeping and documentation 4

5 EARLY OIG VOLUNTARY COMPLIANCE GUIDANCE (cont.) Supplemental Compliance Program Guidance for Nursing Facilities (2008) (73 Fed. Reg ) Recommended regular periodic review of implementation and execution of compliance programs Reiterated 7 basic elements Expanded discussion of risk areas of Quality of care Accurate claims submissions Federal Anti-Kickback law HIPAA privacy and security rules Stark physician self-referrals Anti-supplementation Medicare Part D 5

6 SEVEN BASIC ELEMENTS 1) Compliance Officer and Compliance Committee 2) Compliance Policies and Procedures, including Standards of Conduct 3) Open Lines of Communication 4) Training and Teaching 5) Internal Monitoring and Auditing 6) Response to Detected Deficiencies 7) Enforcement of Disciplinary Standards 6

7 POTENTIAL RISK AREAS 2008 OIG SUPPLEMENTAL GUIDANCE Quality of Care Risk Areas Sufficient staffing Implementation of comprehensive resident care plans Proper medication management Appropriate use of psychotropic medications, including use of chemical restraints and avoidance of unnecessary drugs Resident safety, protection from abuse, from staff and other residents 7

8 POTENTIAL RISK AREAS 2008 OIG SUPPLEMENTAL GUIDANCE (cont.) Risks Relating to Claims Accuracy Classification into appropriate RUG assignments Delivery of therapy services, including proper utilization of RUG classifications Adequate screening for individuals and entities excluded from federal health care programs Provision of restorative and personal care services (care to avoid pressure ulcers, active and passive range of motion, ambulation, fall prevention, incontinence management, bathing, dressing and grooming activities) 8

9 POTENTIAL RISK AREAS 2008 OIG SUPPLEMENTAL GUIDANCE (cont.) Anti-Kickback Law Areas of Scrutiny Provision of free goods or services to a referral source as kickback (examples - pharmaceutical consultant, laboratory services, computers and software with independent value, DME) Use of service contracts to hide payments for referrals Discount arrangements, including price reductions and swapping Relationships between hospices and nursing homes designed to induce referrals Reserved nursing home bed arrangements by hospitals 9

10 ANNUALLY UPDATE PROGRAM DISCUSSION AND POLICIES ON RISK AREAS OIG Work Plan, Advisory Opinions, Special Fraud Alerts, Advisory Bulletins and Inspection and Audit Reports RAC Issues Lists Survey Report Deficiencies Quality Assessment and Assurance Committee reports Ombudsman s Identified Quality of Care Risk Areas Facility s Pepper Report 10

11 CURRENT COMPLIANCE RISKS FY 2016 Work Plan National Background Check Program for long term care employees Skilled Nursing Facility prospective payment requirements Hospice general inpatient care 11

12 CURRENT COMPLIANCE RISKS (cont.) FY 2015 Work Plan Medicare Part A billing by skilled nursing facilities Questionable billing patterns for Part B services during nursing home stays State agency verification of deficiency corrections Program for national background checks for long term care employees Hospitalizations of nursing home residents for manageable and preventable conditions 12

13 AUDIT SCRUTINY AND WHISTLEBLOWER ACTIONS High % of ultra-high therapy RUGs RUG rate upcoding Average length of stay Billing Medicare for stays that do not qualify for Medicare reimbursement, such as not having a qualifying stay in a hospital prior to being transferred to the SNF Billing Medicare for more than 150 days for one spell of illness Physician certifications 13

14 RECENT CASES AND INVESTIGATIONS HCR ManorCare Government intervened in three whistleblower cases and filed a consolidated complaint against HCR ManorCare alleging that ManorCare knowingly and routinely submitted false claims to Medicare and Tricare for rehabilitation therapy services that were not medically reasonable and necessary 14

15 RECENT CASES AND INVESTIGATIONS (cont.) Amedisys Inc. $150 million to the federal government to resolve allegations that from 2008 to 2010 it billed Medicare for nursing and therapy services that were medically unnecessary or provided to patients who were not homebound, and otherwise misrepresented patients conditions to increase payments 15

16 AFFORDABLE CARE ACT New tools to improve oversight and enforcement of Skilled Nursing Facilities (SNF) and Nursing Facilities (NF) Section 6102 (b) Mandates SNF and NF to have effective Compliance and Ethics (C&E) Programs Must have C&E program that effectively prevents and detects criminal, civil, and administrative violations and promotes quality of care (March 23, 2013) C&E programs must include core elements (to be defined by HHS in regulation) Must periodically reassess program and identify needed changes HHS to evaluate and report to Congress (March 2015) Section 6401 Providers of medical or other items or services or suppliers within a particular industry sector or category shall establish a compliance program as a condition of enrollment in Medicare, Medicaid or CHIP 16

17 PROPOSED RULE - July 16, 2015 Updates and revises Long Term Care Facility Requirements of Participation and includes implementation of provisions from Affordable Care Act Section 6102(b) of ACA, Compliance and Ethics Program Section 6102(c) of ACA, Quality Assurance and Performance Improvement (QAPI) Section 6703(b)(3) of ACA, Reporting to Law Enforcement Suspicion of Crimes Section 6121 of ACA, Dementia and Abuse Training Section 2 of the IMPACT Act, Discharge Planning Requirements for SNFs CMS 3260-P Reform of Requirements for Long-Term Care Facilities, published in Federal Register on July 16,

18 CURRENT AND PROPOSED REGULATION Current 42 C.F.R (b) must be in compliance with all applicable Federal, State and local laws, regulations and codes C.F.R (c)) must be in compliance with the applicable provisions of other HHS regulations, including but not limited to those pertaining to fraud and abuse (42 C.F.R. part 455) Proposed Added new 42 C.F.R entitled Compliance and Ethics Program 18

19 42 C.F.R General Rule: Beginning on [1 year after the effective date of the final rule], the operating organization for each facility must have in operation a compliance and ethics program that meets the requirements of this section. 19

20 42 C.F.R (a) DEFINITIONS Operating organization means the individual(s) or entity that operates a facility Compliance and ethics program means with respect to a facility, a program of the operating organization that Has been reasonably designed, implemented, and enforced so that it is likely to be effective in preventing and detecting criminal, civil, and administrative violations under the SSA and in promoting quality of care; and Includes minimum required components specified in (c) 20

21 42 C.F.R (a) DEFINITIONS (cont.) High-level personnel means individual(s) who have substantial control over the operating organization or who have a substantial role in the making of policy within the operating organization CMS Comments: Examples: director, executive officer, individual in charge of major business or functional unit, individual with a substantial ownership interest Intent: only individuals who exercise the greatest control over operating organization are to have overall responsibility and oversee its compliance and ethics program 21

22 REQUIRED COMPONENTS FOR ALL FACILITIES 1. Have written compliance and ethics standards, policies and procedures 2. Assign high-level personnel with overall responsibility to oversee compliance 3. Provide sufficient resources and authority to specified high-level personnel 4. Exercise due care in delegating discretionary authority 5. Communicate standards, policies and procedure 6. Take reasonable steps to achieve compliance 7. Assure consistent enforcement through disciplinary action 8. Take all reasonable steps to respond to violations and prevent further violations 22

23 COMPONENTS 1. Have written compliance and ethics standards, policies and procedures Must be reasonably capable of reducing the prospect of criminal, civil, and administrative violations under the Act and promote quality of care Designate appropriate contact to which individuals may report suspected violations Have alternate method of reporting suspected violations anonymously without fear of retribution Set out disciplinary standards with consequences for committing violations for entire staff; individuals providing services under a contractual arrangement volunteers, consistent with the volunteers' expected roles 23

24 COMPONENTS (cont.) 2. Assign high-level personnel with overall responsibility to oversee compliance Assign high-level personnel with overall responsibility to oversee compliance with the operating organization's compliance and ethics program's standards, policies, and procedures the chief executive officer (CEO) members of the board of directors or directors of major divisions in the operating organization 24

25 COMPONENTS (cont.) 3. Provide sufficient resources and authority to specified highlevel personnel Provide sufficient resources Delegate authority Reasonably assure compliance 25

26 COMPONENTS (cont.) 4. Exercise due care in delegating discretionary authority Cannot delegate substantial discretionary authority to individuals who the operating organization knew, or should have known through the exercise of due diligence, had a propensity to engage in criminal, civil, and administrative violations under the Social Security Act. 26

27 COMPONENTS (cont.) 5. Communicate standards, policies and procedure Must effectively communicate the standards, policies, and procedures to entire staff individuals providing services under a contractual arrangement volunteers, consistent with the volunteers' expected roles Must have mandatory participation in training as set forth at (f) or orientation programs Must disseminate information that explains in a practical manner what is required under the program 27

28 COMPONENTS (cont.) 6. Take reasonable steps to achieve compliance Monitoring and auditing systems reasonably designed to detect criminal, civil, and administrative violations under the Social Security Act by any of staff, individuals providing services under a contractual arrangement, or volunteers Having in place and publicizing a reporting system to report violations by others anonymously within the operating organization without fear of retribution Having a process for ensuring the integrity of any reported data 28

29 COMPONENTS (cont.) 7. Assure consistent enforcement through disciplinary action Consistent enforcement of the operating organization's standards, policies, and procedures through appropriate disciplinary mechanisms Includes discipline of individuals responsible for the failure to detect and report a violation to the compliance and ethics program contact identified in the operating organization's compliance and ethics program 29

30 COMPONENTS (cont.) 8. Take all reasonable steps to respond to violations and prevent further violations After a violation is detected, must ensure that all reasonable steps identified in its program are taken to respond appropriately to the violation and to prevent further similar violations, including any necessary modification to the program to prevent and detect criminal, civil, and administrative violations under the Act 30

31 ADDITIONAL REQUIRED COMPONENTS FOR OPERATING ORGANIZATIONS WITH FIVE OR MORE FACILITIES Operating organizations that operate five or more facilities must also include, at a minimum, the following components in their compliance and ethics program: (1) A mandatory annual training program on the operating organization's compliance and ethics program that meets the requirements set forth in (f) (2) A designated compliance officer for whom the operating organization's compliance and ethics program is a major responsibility. This individual must report directly to the operating organization's governing body and not be subordinate to the general counsel, chief financial officer or chief operating officer (3) Designated compliance liaisons located at each of the operating organization's facilities 31

32 TRAINING FOR COMPLIANCE AND ETHICS PROGRAM 42 CFR (f) Mandatory annual compliance and ethics program training program must be (1) An effective way to communicate program's standards, policies, and procedures through a training program or in another practical manner which explains the requirements under the program (2) Annual training if the operating organization operates five or more facilities 32

33 OTHER MANDATED TRAINING UNDER 42 CFR (F) Training topics must include but are not limited to Communication Residents rights and facility responsibilities Abuse, neglect and exploitation Quality assurance and performance improvement Infection control Required in-service training for nurse aides Required training of feeding assistants Behavioral health 33

34 ANNUAL REVIEW The operating organization for each facility must review its compliance and ethics program annually and revise its program as needed to reflect changes in all applicable laws or regulations and within the operating organization and its facilities to improve its performance in deterring, reducing, and detecting violations under Act and in promoting quality of care 34

35 EXAMPLE POLICIES AND PROCEDURES Billing and Cost Reporting Contracting with Referral Sources Compliance Hotline Conflict of Interest Employee Licensing and Certification Employee Screening Vendor Relationships/Gifts Investigation of Compliance Issues Required Education and Training Monitoring and Periodic Auditing Non-Retaliation Reporting and Repayment of Overpayments 35

36 SAMPLE POLICIES AND PROCEDURES (cont.) Physician Agreements (Medical Director, Leases, etc.) Quality Assessments and Assurance Committee Quality of Care Sufficient Staffing Care Plans Medical Management Resident Safety Quality of Life Record Retention Recordkeeping and Documentation Red Flag Policy/Procedure 36

37 SAMPLE POLICIES AND PROCEDURES (cont.) Resident Inducements Resident Referrals Residents Rights HIPAA - Protection of PHI Therapy Contracts and Services Vendor Agreements Responding to Government Inquiries 37

38 INDICATORS OF INEFFECTIVE COMPLIANCE PROGRAM Compliance officer does not report directly to the board/ceo No Compliance Committee No reporting system in place Employees are afraid of retaliation by supervisor/management Program does not audit; no formal audit plan Limited scope of response to results of investigations Repeated occurrence of deficiencies Ineffective disciplinary actions Allegations are not effectively investigated Infrequent employee or vendor/contractor debarment/exclusion checks 38

39 QUESTIONS FOR... Jonell B. Beeler Gina G. Greenwood Shareholder Shareholder Jackson, Mississippi Atlanta, Georgia office office 39

40 BAKER DONELSON FOOTPRINT Baker, Donelson, Bearman, Caldwell & Berkowitz, PC has civil and criminal litigators and fraud and abuse compliance attorneys who represent clients across the U.S. from offices located in Alabama, Florida, Georgia, Louisiana, Mississippi, Tennessee, Texas and Washington, D.C. 40