Case Study Success with a. into a Corporate Integrity Agreement (CIA)



Similar documents
PHI Air Medical, L.L.C. Compliance Plan

White Paper: The Seven Elements of an Effective Compliance and Ethics Program

POLICY SUBJECT: EFFECTIVE DATE: 5/31/2013. To be reviewed at least annually by the Ethics & Compliance Committee COMPLIANCE PLAN OVERVIEW

CORPORATE COMPLIANCE PROGRAM

MEDICARE COMPLIANCE TRAINING EMPLOYEES & FDR S Revised

Description of a First Tier, Downstream, and Related Entity

CORPORATE INTEGRITY AGREEMENT I. PREAMBLE

BAPTIST HEALTH CORPORATE COMPLIANCE PLAN

OREGON PROPERLY VERIFIED CORRECTION OF DEFICIENCIES IDENTIFIED DURING SURVEYS OF NURSING HOMES PARTICIPATING IN MEDICARE AND MEDICAID

SUBJECT: FRAUD AND ABUSE POLICY: CP 6018

SCAN Health Plan Policy and Procedure Number: CRP-0067, False Claims Act & Deficit Reduction Act 2005

Mental Health Resources, Inc. Mental Health Resources, Inc. Corporate Compliance Plan Corporate Compliance Plan

HPC Healthcare, Inc. Administrative/Operational Policy and Procedure Manual

MEDICAID COMPLIANCE POLICY

Emptoris Contract Management Solution for Healthcare Providers

General HIPAA Implementation FAQ

ADMINISTRATIVE MANUAL Subject: CORPORATE RESPONSIBILITY Directive #: Present Date: January 2011

Informational Notice

SECTION 18 1 FRAUD, WASTE AND ABUSE

MEDICARE DRUG INTEGRITY CONTRACTORS IDENTIFICATION

COMPLIANCE PROGRAM GUIDANCE FOR MEDICARE FEE-FOR-SERVICE CONTRACTORS

STATE OF NORTH CAROLINA

Fraud, Waste and Abuse: Compliance Program. Section 4: National Provider Network Handbook

Supporting Effective Compliance Programs

Compliance Requirements for Healthcare Carriers

Establishing An Effective Corporate Compliance Program Joan Feldman, Esq. Vincenzo Carannante, Esq. William Roberts, Esq.

2016 OCR AUDIT E-BOOK

Montgomery County, Unique Aspects of the Medicaid Control System

8 Key Requirements of an IT Governance, Risk and Compliance Solution

Standards of. Conduct. Important Phone Number for Reporting Violations

MSO/IPA Compliance Program

APPENDIX E DATA REPORTING REGULATIONS

John Keel, CPA State Auditor Medicaid Fraud Control Activities at the Office of the Attorney General

Question and Answers 42 CFR Part 93

REVIEW OF MEDICARE CONTRACTOR INFORMATION SECURITY PROGRAM EVALUATIONS FOR FISCAL YEAR 2013

Program Integrity (PI) for Network Providers

()FFICE OF INSPECTOR GENERAL

CORPORATE INTEGRITY AGREEMENT BETWEEN THE OFFICE OF INSPECTOR GENERAL OF THE DEPARTMENT OF HEALTH AND HUMAN SERVICES AND C.F. HEALTH MANAGEMENT, INC

HIPAA and HITECH Compliance for Cloud Applications

EFFECTIVE DATE: 10/04. SUBJECT: Primary Care Nurse Practitioners SECTION: CREDENTIALING POLICY NUMBER: CR-31

California Solar Initiative (CSI) Program 2007 Reservation Request Form and Program Contract [follows the second page Reservation Request form]

HEALTH INSURANCE MARKETPLACES GENERALLY PROTECTED PERSONALLY IDENTIFIABLE INFORMATION BUT COULD IMPROVE CERTAIN INFORMATION SECURITY CONTROLS

Compliance Training for Medicare Programs Version 1.0 2/22/2013

The University of Texas Health Science Center at Houston Institutional Healthcare Billing Compliance Plan JANUARY 14, 2013

Providers are expected to conduct their business activities in full compliance with all applicable state and federal laws.

How and When to Disclose and Refund Overpayments

Compliance with False Claims Act

CORPORATE INTEGRITY AGREEMENT BETWEEN THE OFFICE OF INSPECTOR GENERAL OF THE DEPARTMENT OF HEALTH AND HUMAN SERVICES AND REHAB MEDICAL

Amy K. Fehn. I. Overview of Accountable Care Organizations and the Medicare Shared Savings Program

SUBJECT: BUSINESS ETHICS AND REGULATORY COMPLIANCE PROGRAM & PLAN (BERCPP)

Fraud, Waste and Abuse

COUNTY OF ORANGE DEPARTMENT OF HEALTH. Corporate Compliance Plan

Understanding Health Reform s

Audit Report. Effectiveness of IT Controls at the Global Fund Follow-up report. GF-OIG-15-20b 26 November 2015 Geneva, Switzerland

Memo. Professional Accounts, LLC. Corporate Compliance Program

Approved by the Audit and Compliance Committee of the Providence Health & Services Board of Directors

Appendix : Business Associate Agreement

INSTITUTIONAL COMPLIANCE PLAN

VCU HEALTH SYSTEM Compliance Program. Updated August 2015

ONEIDA HEALTHCARE S CORPORATE COMPLIANCE PROGRAM

Compliance Department No. COMP Title: EFFECTIVE SYSTEM FOR ROUTINE MONITORING, AUDITING, AND IDENTIFICATION OF COMPLIANCE RISKS (ELEMENT 6)

Accountable Care Organization. Medicare Shared Savings Program. Compliance Plan

Medicare (Pioneer) Accountable Care Organization. Annual Compliance Training

OIG/GSA Exclusion Review Policy HS 9006

Best Practices for Complying with New Medicare Reporting Requirements What Every Attorney Needs to Know By Ervin A. Gonzalez, Esq.

CORPORATE INTEGRITY AGREEMENT OFFICE OF INSPECTOR GENERAL OF THE DEPARTMENT OF HEALTH AND HUMAN SERVICES AND THE UNIVERSITY OF MEDICINE AND DENTISTRY

HSHS BUSINESS ASSOCIATE AGREEMENT BACKGROUND AND RECITALS

Fraud, Waste and Abuse Prevention and Education Policy

Sample Healthcare Compliance Program

AGREEMENT between OKLAHOMA HEALTH CARE AUTHORITY AND HEALTH PROVIDER FOR MENTAL HEALTH CASE MANAGEMENT SERVICES FOR PERSONS OVER AGE 21 WITNESSETH:

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma

By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN

A SELECTICA GUIDE ALL THINGS STARK LAW WHAT IS STARK LAW, AND HOW CAN CONTRACT MANAGEMENT SOFTWARE HELP YOU COMPLY?

DEPARTMENTAL POLICY. Northwestern Memorial Hospital

HITRUST CSF Assurance Program You Need a HITRUST CSF Assessment Now What?

VILLAGECARE CORPORATE COMPLIANCE POLICY AND PROCEDURE MANUAL ORIGINAL EFFECTIVE DATE: JANUARY 1, 2007

CODE OF CONDUCT And CORPORATE COMPLIANCE PLAN SUMMARY

I. PREAMBLE TERM AND SCOPE OF THE CIA

Corporate Compliance and Ethics Program Effective as adopted on February 21, 2012

Following is a discussion of the Hub s role within the health insurance exchanges, the results of our review, and concluding observations.

UNDERSTANDING THE HIPAA/HITECH BREACH NOTIFICATION RULE 2/25/14

FRAUD AND ABUSE (SECTION-BY-SECTION ANALYSIS)

Transcription:

Case Study Success with a Corporate Integrity Agreement (CIA) More than 100 affiliated physician practices and healthcare facilities Operations in multiple states More than 2,000 Covered Persons under the CIA Successful completion of CIA 90 day milestones and 120 day Implementation Status Report to OIG Expanding use of Compliance 360 to full Enterprise Risk Management BACKGROUND This case study focuses on a large healthcare network with more than 100 affiliated physician practices and healthcare facilities located in multiple states. The organization provides comprehensive management services to its affiliated practices, enabling them to reduce administrative overhead to focus on providing high quality healthcare services and growing their businesses. To protect their interests, the name of the healthcare organization has been withheld from this case study. The accounts of the case study describe the actual experiences and results achieved using Compliance 360 to address the requirements of their Corporate Integrity Agreement. With Compliance 360, each individual compliance program is monitored and managers are immediately alerted to any underlying issues, such as individual conflicts of interest. With this new-found visibility, detailed status updates are proactively provided to the executive team and the board of directors. CHALLENGES Recently, the healthcare organization entered into a Corporate Integrity Agreement (CIA) with the Office of the Inspector General (OIG) of the United States Department of Health and Human Services (HHS). The OIG often negotiates compliance obligations with healthcare providers and health insurance organizations as part of a settlement of federal healthcare program investigations arising under a variety of civil false claims statutes. A healthcare provider may consent to these obligations as part of the civil settlement, in exchange for the OIG's agreement not to seek an exclusion of that provider from participation in Medicare, Medicaid and other Federal healthcare programs. The typical term of a corporate integrity agreement is five years. These compliance measures seek to ensure the integrity of Federal healthcare program claims submitted by the provider. The more comprehensive integrity agreements typically include requirements to: Hire a compliance officer and appoint a compliance committee

Develop and distribute a written code of conduct, standards and policies; and collect attestations of understanding from all Covered Persons in the organization Implement a comprehensive employee training program and collect attestations of training from all Covered Persons in the organization Establish a confidential disclosure program; Restrict employment of ineligible persons; Report overpayments, reportable events, and ongoing investigations/legal proceedings; and Provide implementation status reports and annual reports to the OIG on the status of the entity's compliance activities. The Covered Persons in a corporate integrity agreement generally include all officers, directors and employees of the healthcare provider as well as 3rd party contractors, subcontractors, agents and vendors that may impact the Federal healthcare program. This can include contractors or service providers that provide coding and billing services. The inclusion of non employees in the compliance stipulations of a CIA creates an additional management challenge. Even when the organization is confident that all direct and indirect employees are acting in accordance with the CMS regulations, they must still collect, organize and provide the evidence of compliance for all Covered Persons. The burden of proof of compliance with the CIA rests solely with the healthcare organization. The CIA for healthcare organization in this case study will be in effect for 5 years from the effective date, and requires the healthcare organization to: Develop, implement and distribute their Code of Conduct to all Covered Persons within 90 days of the effective date of the CIA. The CIA also required that all Covered Persons certify in writing that they had received, read, understood and would abide by the Code of Conduct. Implement written policies and procedures regarding the operation of the healthcare organization s compliance program and its compliance with Federal healthcare program requirements. Within 90 days of the effective date of the CIA, the healthcare organization was required to distribute relevant portions of the policies and procedures to the appropriate individuals whose job functions are relevant to the policies and procedures. Provide general and specific compliance training to each Covered Person within 90 days of the effective date of the CIA. Each individual who was required to attend training must certify in writing that he or she has received the required training. Establish a disclosure program within 90 days of the effective date of the CIA. Upon the receipt of a disclosure, the Compliance Officer was required to gather all relevant information and make a preliminary goodfaith inquiry into the allegations. The Compliance Officer was also required to maintain a disclosure log that could be made available to the OIG upon request. The healthcare organization was required to provide an implementation status report to the OIG within 120 days of the effective date of the CIA. The status report was to summarize the implementation of the CIA, including all of the above requirements.

Consistent with most corporate integrity agreements, the healthcare organization was essentially given 90 days to implement comprehensive compliance programs with another 30 days to produce the initial status reports containing detailed evidence of compliance as required by the OIG. The healthcare organization needed to move quickly and also be thorough in their accountability or risk further sanctions including the suspension of, or exclusion from, Federal healthcare programs. RACING AGAINST the CIA CLOCK The healthcare organization first created the new position of Vice President of Quality Improvement and Regulatory Affairs and with the CIA clock ticking, quickly moved forward with recruiting the new position. They found an individual with prior experience establishing compliance programs for one of the nation s largest health insurance organizations. Based on this prior experience, the VP knew that their CIA compliance process could not be supported using e mail and spreadsheets. With so much at stake, the manual overhead of e mail and spreadsheets would be overwhelming and the risk of errors and omissions would be too high. Also based on prior experience and success, with Compliance 360, VP decided to forego the time consuming evaluation of other systems. As an added benefit, the Compliance 360 solution is provided as a hosted online service on the Internet. As a result, the expensive and timeconsuming process of installing hardware and software was eliminated. Instead, the project was kicked off with a focus on solving the business issues of the CIA. The first step was a scoping process to identify the specific configuration that would be optimal for the healthcare organization. Planning and scoping of the project was completed within 60 days, and the rapid deployment completed within 40 days. This left the healthcare organization with approximately 20 calendar days to prepare and deliver their first CIA status update to the OIG. CHALLENGES ADDRESSED with COMPLIANCE 360 Management of the Code of Conduct and Other Policies The healthcare organization started with their Code of Conduct and policies. As these were loaded into Compliance 360, the advanced workflow capabilities of the system were used to manage the process of reviewing, editing and sign offs with the appropriate people throughout the organization. Multiple revisions were automatically tracked by Compliance 360 with each version of the documents saved in the event that any prior revisions needed to be retrieved. Detailed status reports provided visibility into any delays and other potential issues throughout the process. This was critical as delays in this first step in the process would have resulted in missed CIA deadlines later on. Surveys and Attestations Once their Code of Conduct and relevant policies were finalized in the Compliance 360 central repository, the healthcare organization used the Compliance 360 Projects and Surveys tools to send e mail notifications to their Covered Persons with requests for their action in reviewing the Code of Conduct and each relevant policy. Using the highly configurable workflow in Compliance 360, the healthcare organization was able to target the e mail messages to ensure that Covered Persons throughout their diverse organization were only asked to review and attest to policies that were relevant to them. The configurable workflow of Compliance 360 was an important contributor to the success of our project. Without this capability, it would have been virtually impossible to target attestation requests to the appropriate people. As an added

bonus, the healthcare organization avoided additional delays because they were able to set up the workflow within the Compliance team, without the need for technical assistance. Recipients of the e mails accessed the Code of Conduct and policies through a simple, secure Internet screen that didn t require a user ID and login. Removing common obstacles, such as setting up accounts and passwords for every employee, further enhanced the response rates and timeliness of the employee reviews and attestations of compliance with the regulations. Throughout the Code of Conduct, policy survey and attestation process, the Compliance team used detailed status reports to monitor the progress and any issues that arose. They monitored each individual program and were immediately alerted to any underlying detail compliance issues, such as individual conflicts of interest as they arose. With this visibility, they were able to provide detailed status updates to the rest of the Executive tean and the board of directors throughout the process. As the healthcare organization rolled out the training required by the corporate integrity agreement, the Compliance team used the Compliance 360 system to verify individual class completions just as they had collected the attestations for the Code of Conduct. With all of their attestations collected into one central repository, broad visibility into the status of their overall compliance program was greatly facilitated. Disclosures, Reportable Events and Investigations In addition to the policy management, survey management and status reporting capabilities of Compliance 360, the Incident Management system was used to help establish the disclosure and investigation process as mandated by the CIA. The Incident Management system helps healthcare providers manage a wide variety of healthcare issues such as slips and falls, hotline tips, potential fraud and abuse occurrences, audit findings and potential conflicts of interest. As potential issues were identified through the survey process within the healthcare organization, the Incident Management system was used to collect and store relevant documents and set up the review process using the workflow capabilities of Compliance 360. As an investigation progressed, Incident Management was used to manage team collaboration and provide a complete audit trail of actions and signoffs for accountability. Incident specific status reports provide both operational and management visibility into the status of individual incidents as well as the overall status to support the request of a disclosure log by the OIG. Additionally, Compliance Managers will frequently use this capability for audit committee meetings and board meeting presentations. 120 Day Implementation Status Report and Proof of Compliance With success achieved in policy management, surveys, and attestations for the Code of Conduct and training, as well as disclosures, reportable events and investigations, the healthcare organization still had to produce and deliver the 120 day implementation status report as required by the CIA. A significant misstep with the status report could result in further sanctions from the OIG, regardless of the actual compliance improvements achieved. Because the healthcare organization had centrally managed the CIA project using the Compliance 360 platform, their status information was readily accessible. To collect all the compliance data and link it to the relevant CIA stipulations, the healthcare organization used the unique Virtual Evidence Room in Compliance 360.

The Virtual Evidence Room provides a central location where all compliance activities and documents are easily tracked and linked back to the related laws, regulations and standards. The Virtual Evidence Room facilitates audits, investigations and surveys such as a CMS audits, state audits, Joint Commission tracer surveys or OIG (Office of the Inspector General) investigations related to claims errors. Using the Virtual Evidence Room, the healthcare organization linked surveys, attestations, conflicts of interest, compliance gaps, remediation plans and summary reports to each stipulation in the corporate integrity agreement. Should any ad hoc compliance questions arise, the healthcare organization is audit ready with all proof of compliance organized in the Virtual Evidence Room. The supporting information needed to prepare the 120 day implementation status report was also consolidated in the Virtual Evidence Room. The volume of detailed information in the healthcare organization s implementation status report turned out to be too much for e mail. They found a work around for e mail and sent the status report to the OIG on time. However, because of that unexpected challenge, the healthcare organization plans to provide direct access to the Virtual Evidence Room, for the OIG inspector the future. Doing so will streamline the transmission to the OIG and should also enhance their credibility by displaying confidence and cooperation with an open door policy. CIA Status The healthcare organization is still early in the 5 year term of their corporate integrity agreement, but they have already made significant strides to ensure compliance with CMS and OIG guidelines. They have also successfully passed the initial checkpoints. Very few issues were identified by the OIG and with the help of Compliance 360 the healthcare organization has laid the foundation for a very strong compliance program going forward. Looking Ahead With the risks of the initial hurdles of the CIA now behind them, the healthcare organization is diligently continuing with the CIA process and also looking at additional opportunities for using their Compliance 360 system. The healthcare organization must cope with regulations that vary from state to state. Compliance 360 will serve as their platform for collecting and managing these regulations in a central repository and help them efficiently establish and mange their corresponding compliance policies. The success of the healthcare organization s business model depends on their ability to relieve the individual physician practices of the overhead of regulatory compliance. They can accomplish this goal by centralizing and streamlining the management of compliance programs as much as possible. This strategy, enabled by Compliance 360, is expected to be more efficient and help ensure a more consistent approach to compliance across the company going forward. Looking beyond the scope of compliance programs, the healthcare organization s VP of Risk Management has completed an evaluation of systems to help manage the risks associated with malpractice claims. Through the evaluation, they concluded that Compliance 360 will address these new requirements. The comprehensive platform is expected to efficiently support the healthcare organization s broad requirements in compliance, incident management and risk management. ABOUT COMPLIANCE 360, Inc. For more information about Compliance 360, visit /Healthcare, and /Insurance

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information