Overview

Compliance & Corrective Action

Prepared by Mae Regalado

Presented by Linda Hagen

Compliance Slide Deck Disclaimer

“This brief presentation will review operational alignment with billing procedures and is strictly informational in nature. While we refer to health law and regulations, we are not providing legal advice and nothing in this presentation or in what is said should be construed as legal advice. If you need help answering legal questions or have concerns about your organization’s compliance, you should contact your legal counsel. She/he may be able to provide you with guidance or may make a referral to a specialist.”

Presentation Outline1. Overview: Why are we talking about Compliance?

2. Context: Federal and State Laws related to reimbursement

3. Compliance: What does it mean for providers to be compliant?

4. Effective Compliance Program

5. What is Non-Compliance?

6. Audits & Corrective Action

7. Question and Answer Period

Why are we talking about Compliance?

A few startling reasons to talk compliance:• The federal Department of Justice, Office of

Inspector General (OIG), state Medicaid fraud control units, and other enforcement agencies have brought multiple enforcement actions against various health-care practices, including small practices.

• The personal risks of noncompliance have changed too from money return to exclusion from government programs and loss of practice license.

• Administrators can be barred from working in the healthcare industry and clinicians, and managers, can be jailed for healthcare fraud and abuse.

Overview- Health Care Fraud Prevention & Enforcement Action Team (HEAT)

In May 2009, Attorney General Eric Holder and Health and Human Services (HHS) Secretary Kathleen Sebelius announced the creation of the Health Care Fraud Prevention and Enforcement Action Team (HEAT) and renewed their commitment to fighting health care fraud as a Cabinet-level priority at both departments.

Mission of HEAT• To marshal significant resources across government to prevent

fraud, waste and abuse (FWA) in the Medicare and Medicaid programs.

• To crack down on the fraud perpetrators who are abusing the system and costing us all billions of dollars.

• To reduce skyrocketing health care costs and improve quality of care by eliminating the system of perpetrators who are preying on Medicare and Medicaid beneficiaries.

• To highlight best practices by providers and public sector employees who are dedicated to ending FWA .

• To build upon existing partnerships that already exist between the two agencies, including our Medicare Fraud Strike Forces to reduce fraud and recover taxpayer dollars

Context – Federal LawHealth and Healthcare Financing Laws

• Patient Protection and Affordable Care Act (Health Care Reform)

• Mental Health Parity and Addiction Equity Act (MHPAEA)

• Deficit Reduction Act (DRA)

• Consolidated Omnibus Budget Reconciliation Act (COBRA)

• Emergency Medical Treatment and Active Labor Act (EMTALA)

• Children’s Health Insurance Program (CHIP)

Health Information • Health Insurance Portability and Accountability Act (HIPAA)• Code of Federal Regulations (CFR) Title 42, Public Health

Information Technology • Health Information Technology for Economic and Clinical Health (HITECH) Act• Electronic Data Interchange (EDI) Standard Transaction Code Sets (ANSI, X12, HL7) • HIPAA 5010 (X12 revisions)

Context• The laws in the previous slides (and all of the

accompanying amendments, rules and regulations) create the context for the manner in which health care is reimbursed

• Laws are concerned with access to coverage and services, access to information, “fraud, waste and abuse”, right to privacy and security, interoperable infrastructure, and standardized coding that simplifies the administration of health care and reimbursement

• These laws and the agencies responsible for their implementation determine use of such billing-related tools as the ICD-9 (ICD-10 in 2013), National Provider Identifier (NPI), EDI standards, and forms like the UB04 and CMS 1500

Context – Federal Oversight

• Health and Human Services (HHS)

• Centers for Medicare and Medicaid Services (CMS)

• Office of Inspector General (OIG)

• Substance Abuse and Mental Health Services Administration (SAMHSA)

• Office of the National Coordinator for Health Information Technology (ONC)

Context – State Law

• State health insurance laws vary from one state to another

• State Medicaid programs and rules vary from state to state as well

• State Department of Insurance or Insurance Commissioner provides regulatory oversight of health care coverage in each state and enforces state rules specific to his/her state

Context – Local health Plans

• Traditional indemnity health plans (fully insured) and the wide range of managed care plans have to comply with federal and state law

• Self-insured plans (large employers) and their third-party administrators have to comply with federal laws only

What do we mean by Compliance?1. Becoming and remaining basically fluent in the laws, rules,

regulations and policies that govern your business2. Avoiding practices that are wasteful or abusive or otherwise

disadvantage or deceive the payer (including the patient) 3. Avoiding outright fraud and clear violations of the law (seeking

reimbursement for services you didn’t provide, for instance)4. Using correct codes, providing accurate information and

following procedures in a timely manner 5. Using appropriate technology and means to submit billing in

order to produce greater efficiencies while protecting health and financial information

6. Abiding by contract terms and conditions7. Conforming to generally-recognized accounting principles and

demonstrating transparency

Compliance is Evident in…1. Your policies and procedures2. Your information systems and hardware3. Your physical environment4. Your data and reporting5. Your billing practices6. Your employee training7. Your applicable certification and licensure and

standards for professionalism8. Your workflow and business processes, controls,

checks and balances9. Your contracts and agreements10.Your internal audit of all the above

• Data and system interface and interchange (including batch file transfers)

• System security, ID, and password management (protocols concerning access, authentication, authority, intrusion, and vulnerability protection)

• Disaster recovery, back-up and business continuity

• Training

Areas where Compliance Matters

Areas where Compliance Matters• Eligibility verification• Clinical documentation including dates

and signatures• Information/data management and

exchange• Service capture, coding and billing

practices• Cash management and banking

practices

Things you can do now:1. Review billing policies and procedures2. Review contracts and provider billing manuals3. Observe workflow in light of standards4. Assess staff knowledge5. Assess training materials6. Make improvements to workflow and business

processes7. Sample billing data and validate accuracy8. Work with billing system vendor to identify

enhancements including system functionality, configuration, interface, security, and back-up

Compliance: Internal Audit and Review

Compliance: Internal Audit and Review

• Commonly review for:– Fee schedule and claim pricing– Unique contract requirements– Accuracy – Timeliness– Coding and other data (provider ID, patient ID, diagnosis,

service, place of service, date of service, etc.)– Cash collections– Duplicate claims– Over-billing – Fidelity with privacy and security procedures– Clinical documentation– Validating system transactions and any interfaces

Effective Compliance Program

An effective compliance program to prevent and detect violations of law should include some of the elements listed below:

1. Written polices and standards of conduct

2. Designating a compliance officer

3. Conducting training

4. Developing effective lines of communication

5. Enforcing standards using discipline

Effective Compliance Program6. Internal monitoring and auditing. Some examples for specific items for monitoring

include:Billing for items or services not renderedSubmitting claims for supplies and services that are not

reasonable and necessary Double billing Billing for non-covered services Failure to properly use coding modifiersUp-coding Improper billing for incident-to services

7. Prompt response to offenses and developing corrective action

Law, Rules and Regulations

Contracts

Policies and Procedures

Training

Business Process Workflow

System Configuration

Claim File

Compliance Line-of-Sight

What is Non-Compliance?

• Medical Billing non-compliance also known as fraud and abuse is widespread and very costly to America's health-care system.

• No precise dollar amount can be determined, some authorities say that insurance fraud constitutes a $100-billion-a-year problem.

Examples of Non-Compliance

Double Billing: 1. Double billing for services and then falsifying records to support them.

For instance, a patient receives a psychiatric evaluation to rule-out dual-diagnosis and the provider falsifies the dates of service in order to have it appear as though the patient was seen on more than one occasion by the psychiatrist.

2. Double billing often occurs when the provider obtains payment from two sources. Two insurers or public programs, or both, may be billed for the same service. If a State-funded (Block Grant-funded) patient is found to be insured by his/her parents or employer and the provider bills both the State and the insurer without disclosing knowledge of both forms of benefit coverage, collecting monies from both payers, that would constitute double-billing.

More Examples of Non-Compliance

Services not rendered/add-on services:

1. Billing for services that were never delivered to patients. For example, some providers bill Medicare or Medicaid for services they never provided and residential providers might bill for supplies that were never actually used.

2. Billing for unnecessary procedures or services that have been added to a bill for legitimate charges is another type of fraudulent claim.

3. There is often some falsification of records to support improper billings.

More on Examples of Non-Compliance

Up-Coding:

• Charging for a more complex service than was actually provided. This usually involves billing for longer or more complex services such as a full 3-hour assessment when what was actually provided was a brief screening.

Audits & Corrective Action• State and/or federal agencies can periodically conduct onsite

audits therefore one of the most important audit strategies is preparation. You must understand how to handle an unannounced onsite audit and how to respond to a chart review.

• Internal audit and self-initiated corrective actions are always in your best interest. They demonstrate a willingness to identify and correct mistakes, maintain fidelity and compliance, improve business practices and evidence of transparency.

Audits & Corrective Action

• Comprehending the OIG Work Plan is also key to designing coding and reimbursement processes that keep your practice compliant and profitable.

• It is important to understand audit findings and to promptly respond to offenses by developing corrective action(s).

• Common problems reported during audits include a lack of testing, out-of-date policies and procedures that do not reflect current guidelines and incomplete training.

Corrective Action PlanWhat should be included in a corrective action plan (CAP)

• Commit to rectifying the underlying causes of the deficiencies.

• The CAP should demonstrate what issues led to the deficiencies and institute safeguards to prevent a recurrence.

• Upon notice, a sound internal plan of correction should be developed that includes established measurement benchmarks and documentation describing how the deficiency will be rectified.

Corrective Action Plan

Most successful CAPs require/include the following remedial actions:

• Training or re-training• Policy and procedure and documentation

development and revision• Process improvement• Systems modification • Documentation of the entire CAP process

Compliance Related Links

Comprehensive Medicaid Integrity Plan (CMIP)https://www.cms.gov/DeficitReductionAct/02_CMIP.asp#TopOfPage

Report to Congresshttps://www.cms.gov/DeficitReductionAct/021_repcongress.asp#TopOfPage

How to Report Fraudhttps://www.cms.gov/FraudAbuseforConsumers/

Provider Audits

https://www.cms.gov/ProviderAudits/

Compliance Related LinksState Program Integrity Support & Assistance

https://www.cms.gov/FraudAbuseforProfs/

Deficit Reduction Act (DRA) of 2005

https://www.cms.gov/DeficitReductionAct/

State Contacts

https://www.cms.gov/apps/contacts/

Medicare Fraud - How to Report

http://www.medicare.gov/FraudAbuse/HowToReport.asp

http://www.thenationalcouncil.org/cs/public_policy/medicaid_deficit_reduction_act

Compliance Training Sessions

OIG Announces Free Provider Compliance Training Sessions Around the Country

• The Office of the Inspector General (OIG) at the Department of Health and Human Services has announced it will conduct six free compliance training programs for health care providers in 2011.

• These training sessions will focus on helping attendees understand recent legislation to fight fraud and abuse.

• Sessions will also offer information about how to create effective compliance plans and handle compliance violations.

• The half-day programs will feature speakers from OIG, the Centers for Medicare and Medicaid Services, the U.S. attorneys’ offices, and state Medicaid fraud control units.

• Sessions will be held in Houston, TX (Feb. 16); Tampa, FL (March 2); Kansas City, MO (March 23); Baton Rouge,LA (April 12); Denver, CO (May 3); and Washington, D.C. (May 18). Additional details are available online at http://compliance.oig.hhs.gov/.

Thank You! Questions?

888-898-3280www.ahpnet.com