MPM Publications
Compliance Plans: Effective Risk Management
Crackdown on Fraud. The Health Care Financing Administration (HCFA) has specified that 14 percent of all services billed to Medicare are fraudulent. As a result, the Federal Bureau of Investigation is targeting health care fraud as its top priority-second only to violent crime. Meanwhile the Clinton Administration has increased the amount of money government agencies receive for upholding fraud and abuse laws with a program called Operation Restore Trust. Not surprisingly, the Office of the Inspector General (OIG) continues to target Medicare fraud in its Work Plans, resulting in a shift from the government merely collecting overpayments to treating incorrect billing/billing errors as false claims.
The False Claims Act was developed to hold any person liable who knowingly presents a false, falsified or fraudulent claim to secure payment of government funds. "Knowingly" is defined as actual knowledge, deliberate ignorance or reckless disregard for truth or falsity of information.
Although the Act was not designed with health care providers in mind, the government is using it as a billion-dollar opportunity. The consequences of exposure are extensive and expensive. Providers are liable for three times the amount of damage sustained by the government, a civil penalty between $5,000 and $10,000
per line item, potential exclusion from Medicare and Medicaid programs, possible conviction of mail fraud, and even incarceration.
In addition to heavily funded fraud units, highly trained investigators and supercomputers, the government has a new weapon in its arsenal-the whistleblower. In other words, your employees. Whistleblowers have access to non-public information and may file suit under seal (secretly) on behalf of the government, otherwise referred to as
qui tam lawsuits. A whistleblower's reward can be up to 30 percent of what the government recovers in its investigations. So how do you reduce your risk against the aforementioned penalties? Develop a Compliance Plan.
An Ounce of Prevention. The government's current policy on enforcement emphasizes prevention. A Compliance Plan is the most effective proactive strategy that can be implemented to prevent fraud, correct violations and reduce the risk of penalties. If your practice is investigated and you don't have a Compliance Plan in place, the government may impose one as part of the settlement. The provisions of a government-imposed compliance program are severe. While not limited to these examples, the government-imposed program must include the following: a minimum duration of five years, authority for the government to interview employees without your counsel present, involve annual reviews and audits conducted by independent third-parties, require prompt disclosure of any misconduct by employees (including contractors), waive attorney-client privilege on a complaint of a suspected violation, and finally, will be imposed on any subsequently acquired facilities or entities.
Compliance Plan Overview. Developing an effective Compliance Program for the physician practice means balancing a sufficiently comprehensive plan to cover potential areas of fraud and abuse while remaining practical. "Comprehensive yet practical" will be a challenge to achieve. An effective Compliance Plan consists of the following elements: performing a Legal Audit, identifying and correcting improper practices before implementation of the plan, developing a Code of Conduct, appointing a Compliance Officer, implementing an employee education program, and periodic reviews and audits to ensure continued compliance.
The purpose of a Legal Audit is to determine if the practice's current operations conform to legal and regulatory requirements. An audit would focus on: kickback violations, the False Claims Act, lease contracts, physician employment contracts and performance obligations, employee handbooks and procedure manuals, billing methods, document destruction/retention policies, review of any internal or external audits performed, and financial reporting. Should an audit reveal potential regulatory violations, those instances would be examined in depth and then corrected.
Once a Legal Audit has been completed, the next step is developing Codes of Conduct specifically designed to address the very real risks a practice faces. Codes of Conduct are the statements of values on which the practice stands. The Codes emphasize commitment to compliance and integrity in all the practice's operations.
A Compliance Officer (CO) is responsible for implementing the Codes of Conduct and is usually someone who works independently of the practice's functions. For those practices that establish a hotline, the CO documents all hotline calls and any actions taken. The CO also facilitates employee communication, which serves to discourage employees from filing
qui tam lawsuits out of frustration.
Make employee education ongoing and well documented. Elements to discuss include relating the practice's commitment to compliance and integrity as well as describing what activities are acceptable. While internal whistleblowers should not be punished, employees who suspect illegal conduct and do not report violations should be disciplined. The CO should review disciplinary action and determine that the action was appropriate. Again, the government would look to the consistency and severity of employee actions as an indication of the effectiveness of a Compliance Plan.
The Investigation. A Compliance Plan also should address how personnel should respond to external investigations by relaying clearly defined procedures and establishing employee responsibilities. Confused responses to inspections lead to further scrutiny and will not benefit the practice.
It is becoming more likely today that you or your practice will encounter investigations, fines and penalties. An effective Compliance Plan has many benefits: it prevents violations of the law, mitigates penalties should action be taken, decreases the possibility of a government-imposed Compliance Program and limits a provider being held personally responsible for damages sustained by the negligent practice. View this essential tool as an opportunity to add value to your practice by providing a measurable service that reduces risk and exposure, increases employee and patient confidence, and boosts practice accountability.
|
