2013 compliance ppt
DESCRIPTION
TRANSCRIPT
Sound the Alarms:
Compliance Training
2013
NY State Medicaid Office of Inspector General (OMIG) has mandated compliance for providers who meet state requirements.
The Patient Protection and Affordable Care Act (PPACA) mandates compliance programs for all.
Compliance 2013
What does this mean for you? You are encouraged to report issues that you suspect are
violations of compliance or fraud, waste and abuse. Call the company hotline number posted at all sites or
speak to your superior or your Compliance Officer. Know who your Compliance Officer is. Henrietta’s
Compliance Officers are: Matt Comer and Matt Jarrett
Compliance 2013
Compliance includes everyone at all levels. From management to field providers to business associates.
Participation is required, it will become a part of your evaluations, You are encouraged to report any issues whether it is patient care, operational, procedural,
suspected non-compliance, Fraud, Waste or Abuse.
Compliance 2013
Guidance for identifying Fraud, Waste and Abuse.
Mistake = Error
Inefficiency = Waste Bending the Rules = Abuse Intentional Deception = Fraud
Compliance 2013
Code of Conduct
Everyone must have made a commitment to ethical behavior
Respect for the patient and each other Business is conducted with absolute
integrity Employees and Management all have
responsibility to adhere to state and federal regulations
Compliance 2013
8 Elements of Compliance:
1. Written compliance plan and code of conduct 2. Designation of a Compliance Officer 3. Compliance Training and Education 4. Communication 5. Consistent Disciplinary Policies 6. Auditing and Monitoring 7. Response and Investigation 8. Non-intimidation and Non-retaliation
Compliance 2013
“Effective” Compliance Program per NYS OMIG. 18 NY CRR Part 521
1. A written policy or procedure in a Code of Conduct that describes compliance expectations.
2.The designation of a Chief Compliance Officer responsible for day to day operation of the compliance program who must report directly to the CEO or other senior administrator and also report periodically to the Governing Board.
Compliance 2013
3. Training and Education to appropriate employees, volunteers including executives and Governing Board members regarding compliance expectations which occurs periodically and is part of orientation.
Compliance 2013
4. Chief Compliance Officer must be accessible to staff with a mechanism for confidential reporting (Hotline Number).
5. Consistent disciplinary policies to encourage good faith participation in the compliance program which must be clear and include participation in non-compliant behavior and failure to report suspected problems as grounds for discipline.
Compliance 2013
6. A mechanism for the “routine identification of compliance risk areas” and an implementation of internal and external audits for evaluation of non-compliance.
7. A mechanism for responding to compliance issues as they develop and for reporting issues to the Department of health or OMIG and a mechanism for refunding over payments.
Compliance 2013
8. A policy of non-intimidation and non-retaliation for good-faith participation in the compliance program.
PLUS
Fraud Waste and Abuse –on the radar screen of State and Federal governments.
Compliance 2013
Fraud – any Intentional act or omission designed to deceive patients or the government as payor, resulting in the patients or government suffering a loss and/or the perpetrator achieving a gain.
Examples: Overbilling billing for services not rendered falsifying documentation for any reason
Compliance 2013
Waste - the careless expenditure, consumption, mismanagement or use of resources, whether intentional or unintentional, resulting in charge to patients or the government.
Examples: The use of supplies or rendering of services for which
medical necessity was not clearly documented. Inefficiency
Compliance 2013
Abuse - mistreatment of patients or destructive misuse or diversion of assets and resources, and activities that are inconsistent with sound medical or professional practices.
Examples: physical or mental mistreatment of patients providing substandard or inferior care or treatment of patients billing for substandard care or services waste to such a scale that it is more than careless destruction or acts which shorten the useful life of equipment
used by the provider. Not following protocol- Bending the Rules
Compliance 2013
OMIG has identified Focus Items to audit:
Not Medically Necessary 90 Day exception codes – July 1, 2003 – December 31, 2005 Services billed when patient is an inpatient Non-emergency ambulance services Documentation review Compliance programs.
Compliance 2013
Lin-Wil Transportation February 2011 A review of payments to Lin-Wil Transportation Inc.
for services paid by Medicaid Jan 1, 2005 – Dec. 31, 2008
3,963 services rendered Sample size 200 with Medicaid overpayments of
$16,162.14 Extrapolation of the sample findings across the
universe of cases resulting in $320,253.00 due back to Medicaid.
Compliance 2013
Audit Focus for Linwil:
Drivers/vehicles were properly licensed, inspected, certified and/or registered
prior authorizations were obtained All billing and rate requirements were met Mcd reimburseable services were rendered for the dates billed Appropriate procedure codes were billed for services rendered Vendor records contained the documentation required by the regulations Claims for payment were submitted in accordance with Dept regulations
and the Provider Manuals for Transportation.
Lin-Wil failed to comply with Title(s) 10, 14, and/or 18 of the Official Compilation of Codes, Rules and regulations of the State of NY (NYCRR) and the MMIS Provider Manual for Transportation
Compliance 2013
TYMPF Co. Inc $85,000 TLC Ambulette Corp $36,210 Rzan Medical Transportation $642,983 Medical Answering Services CIA
*CIA – Corporate Integrity Agreement Civil settlement mandating the provider to implement
compliance procedures often at considerable expense, including retaining an independent review organization for oversight, government involvement for a period of years, hiring a Compliance Officer. Typical term of a CIA is five years.
Compliance 2013
Rural Metro – CIA since 2007 $2.5 million fine Violated anti-kickback statute, medically unnecessary services
billed Whistleblower lawsuit – DOJ has joined FBI search – KY Investigation ongoing CIA June 2011 in OHIO - Overpayments
Metropolitan Ambulance and First Aid (SEZ Metro Corp.) Metro North Ambulance Corp. Big Apple Ambulance Service One owner- 3 companies $2.85 million fine Appealed Medicare decision with falsified documents.
Compliance 2013
Expanded Risk Areas: Quality of care Mandatory Reporting Credentialing Exclusion list checks Self-Reporting “other risk areas that are or should with due diligence
be identified by the provider”
Compliance 2013
Risk Assessments Internal processes reviewing internal practices against regulatory requirements to ensure compliance.
Audit schedules will include results from the analysis of the risk assessment.
Compliance 2013
Auditing and Monitoring Auditing allows for identification of errors which can
be corrected before they become patterns of errors that must be self-reported.
Eyeball – You can help reduce errors by giving your documentation a review before submitting it.
Is the transport medically necessary? Were other means of transportation contraindicated?
Compliance 2013
Auditing and Monitoring
The documentation resulting from audits and monitoring is proof during a state or federal audit that you are complying with the mandated requirements.
All 8 elements plus FWA efforts are being
addressed anddocumented.
Compliance 2013
Anti-Kickback Act – prevents inducements, payments or rewards for referrals of Federal health care program business including Medicare and Medicaid.
(section 1128B(b) of Act (42 U.S.C. 1320a-7b)
Penalties include possible imprisonment, criminal fines, civil monetary penalties, exclusion from government programs.
Note : A person need not have knowledge of the anti-kickback statute or specific intent to commit a violation. PPACA
Compliance 2013
Every claim submitted based on a referral made in violation of the Anti-kickback statute will now automatically constitute a false claims violation under the False Claims Act.
Safe Harbors – describe payment practices that do not violate the Anti-Kickback statute provided the payments fit squarely within a Safe Harbor.
Compliance 2013
Examples of Safe Harbors: Space Rental Equipment Rental Personal Services and Management Contracts Discounts Employees Price reductions Offered to Health Care Plans Shared Risk Arrangements Ambulance Restocking Arrangements
Compliance 2013
HIPAA Health Insurance Portability and Accountability Act PROTECT PATIENT HEALTH INFORMATION 1. Privacy – The right of individuals to keep his/her
health information from being disclosed. 2. Security – The mechanism in place to protect the
privacy of health information.
Compliance 2013
Privacy of patient health information (PHI) encompasses controlling who is:
• authorized to access it• under what conditions patient information may
be accessed and used• under what conditions patient information may be disclosed to a third party. National standards exist to protect individuals medical
records and other personal health information.
Compliance 2013
Individuals have the right to review their medical information, copy it as well as correct it.
HIPAA required the Department of Health and Human Services to adopt national standards for electronic health transactions including code sets and specific identifiers.
Compliance 2013
Security Rule –
Controls access to PHI as well as safeguard PHI from unauthorized disclosure, alteration, loss or destruction.
The security rule requires appropriate administrative,
physical and technical safeguards to ensure the confidentiality, integrity and security of electronic PHI.
Compliance 2013
Administrative Safeguards- policies and procedures and disciplinary standards to ensure all personnel protect PHI.
Physical Safeguards – Security of the company’s buildings, offices, server rooms, filing cabinets, etc.; where PHI is stored as well as your computers, workstations and electronic media.
Technical Safeguards- Passwords, back-up and other security features on the company’s computers, networks, PDA’s, laptops, etc.
Compliance 2013
HITECH Health Information Technology for
Economic and Clinical Health Act Contains incentives related to PHI technology Expands the protections guaranteed by HIPAA Increases the financial penalties for violations
Compliance 2013
HITECH protects unsecured PHI Requires notification in the event of a breach Applies a portion of HIPAA’s privacy and security rules
directly to business associates Prohibits sale of PHI without patient authorization If PHI is maintained in electronic format, patients have
a right to receive it in electronic format. Strengthens enforcement mechanisms Patients can opt out of the use of their PHI for
fundraising activities.
Compliance 2013
HIPAA – protects electronic PHIHITECH- protects all other PHI (i.e.paper)
Compliance 2013
HITECH requirements: Providers must conduct annual HIPAA privacy and security
risk assessments, document audit results and take proactive steps to reduce risk of unauthorized exposure of PHI
Conduct an incident specific post-breach risk assessment when a data breach incident occurs. The determination must be made if it is a breach that poses a significant risk of financial, reputation or other harm to the affected individuals
Compliance 2013
Status on Government Audits:
HIPAA/ HITECH audits began 11/11 NY OMIG audits began 10/09 Now include compliance plan
effectiveness audits
Compliance 2013
Do’s and Don’ts Do log off the computer when away Do not leave your paperwork on the copy
machine Do not post pictures on facebook or other
social media sites of yourself with PHI Do not help yourself to PHI with no apparent
reason.
Compliance 2013
Do’s and Don’t
Do not leave PHI unattended Do not discuss patient names and
conditions or details that could identify a patient or occurrence while in public areas or among people who have no need to know.
Do keep cabinets containing PHI locked
Compliance 2013
OMIG Social Service Law 363-d Part of the legislation that established OMIG. Primary objective are to coordinate FWA
activities for all agencies involved with Medicaid. OMIG Final regulations N.Y.C.R.R Part 521 Identifies 8 elements that must be included in the
compliance program
Compliance 2013
OMIG is an independent entity who reports to the Governor. Funded in part by CMS (50%).
NY is committed to make specific fraud and abuse
recoveries and is the most successful state in recoveries.
2008 - $550 million. (target was $215 million) 2009 - $322 million 2010 - $429 million
2011 - $644 million
Compliance 2013
OMIG Financial Sanction: $10,000 for each item of care, service or supply that
is subject to a determination as a basis for a monetary penalty.
If a previous violation in previous 5 years, $30,000 as
applied above. Penalties imposed are in lieu of repaying all or part of
any Medicaid payments.
Compliance 2013
Deficit Reduction Act 6032 Requires employee education about federal and state false claims acts and whistleblower
protections. Mandates compliance programs for providers who
have an annual revenue of $5 million.
Compliance 2013
Whistleblower Protections
Employees are protected by law for reporting incidents to the state and federal government
Employees may be eligible to a percentage of financial penalties imposed if the complaint is valid and the company is fined. Whistleblower complaints could be dismissed if the company self-reports
Compliance 2013
Self Disclosure Protocol – Substantial routine errors, systemic errors and patterns of errors. Advantage: Forgiveness or reduction of interest
payment ( up to 2 years), extended repayment (minimum 15% Mcd Withhold),
possible financial hardship waiver is granted.
Compliance 2013
Advantages Continued:
1. Waiver of penalties or sanctions 2. Timely resolution of overpayment as opposed to
lengthy audit resolution process. 3. Decreased likelihood of Corporate Integrity
agreement (government involvement) 4. May preclude whistleblower actions
Compliance 2013
False Claims Act 31 U.S.C. 3729 ET SEQ
Knowingly presented or caused to be presented a false claim
Sanctions include civil, administrative and criminal penalties
Whistleblower rewards and protections
Compliance 2013
Fraud Enforcement and Recovery Act (FERA)
Primary Goal is to increase government recoveries. (FBI, DOJ)
Extends FCA to private parties if government funds
are involved. Extends prohibited retaliation beyond employees to
agents and contractors.
Compliance 2013
Recap Know who your Compliance Officer is. Know where to find the hotline numbers. Understand the compliance requirements Understand and practice the Code of
Conduct Report issues to management or the
Compliance Officer. Be cognizant of your daily activities. Protect PHI
Compliance 2013