Kusserow on Compliance: Advice on selecting an Independent Review Organization (IRO)

The HHS Office of Inspector General (OIG) has over 300 active Corporate Integrity Agreements (CIAs) in force. They result from a settlement of a civil false claims case with the Department of Justice (DOJ). Under a CIA, a provider or entity consents to certain defined obligations as part of “the civil settlement and in exchange for the OIG’s agreement not to seek an exclusion of that health care provider or entity from participation in Medicare, Medicaid, and other federal health care programs.” The CIAs normally are five years in duration and include requirements for an Independent Review Organization (IRO) to ensure compliance with its terms and requirements that include addressing the specific issues that gave rise to the settlement (physician arrangements, off-label use of drugs, inappropriate billing, or marketing practices, etc.).

Financial audits are not normally part of the agreement; as such, IROs usually are firms with expert health care consultants, rather than financial auditors. IRO selection is a critical decision process that should not be taken lightly. The wrong IRO can also prove to be a very costly both in terms of what they charge and how they perform their services, but also in the credibility and quality of their work. It is the responsibility of the entity, not the OIG, to select the IRO. The OIG does not provide advice on how to select one or endorse any organizations to be the IRO, however it reserves the right to approve or deny the entities or provider’s choice of IRO, if found deficient in meeting its guidelines. This is done within 30 days after it receives written notice of the identity of the IRO. Any problems the OIG finds with an IRO will reflect badly on the organization and could aggravate matters.

Thomas Herrmann, J.D., is an expert without peer with regards to IROs, as result of having been previously responsible on behalf of the OIG for negotiating CIAs and monitoring compliance; and subsequently, as years of experience as a consultant involved in more than a dozen IRO engagements. He offered the following advice in selecting the right IRO to oversee an organization’s compliance with the terms and conditions of a CIA:

  • Select a firm that is highly experienced as having served as an IRO to ensure effective reporting and communication with both the entity and the OIG. Expecting a firm to have so served as an IRO six or more times is not unreasonable.
  • Find a firm with many years of health care experience, the more the better, in the particular healthcare sector (there is a huge difference between a provider, managed care organization, and a pharmaceutical manufacturing company). This should not be a learning opportunity at the entity’s expense.
  • Ensure the prospective IRO has the specific qualifications and expertise to properly address the specific scope of work under the CIA. These vary considerably and the more complex a case, the more important that the IRO be highly experienced in that area. Absence of program expertise can lead to hidden costs in learning the business and may result in difficulties meeting the obligations and possibly in terms of credibility in the eyes of the OIG.
  • Require references where the prospective IRO served in that capacity in the past to find out what kind of job they have done, professionally, competently, reasonably, and without up charging unreasonably over their estimate.
  • Avoid a “bait and switch” wherein the people negotiating to become the IRO are quickly switched to lesser qualified individuals to perform the work. Insist on the prospective IRO to specifically identify the key persons assigned to the engagement, along with their personal qualifications.
  • Require written attestation that they have no conflicts of interest problem. The OIG has enumerated many examples of conflict of interest, but, in short, this means that the IRO cannot be involved in reviewing any work in which they had a role in developing and must not have their work conflict with any previous work they have done with the entity. Even the appearance of conflict can be a serious problem.
  • Require the IRO to agree in writing that they will meet the OIG required General Accountability Office (GAO) “Generally Accepted Government Audit Standards” for operational reviews. Operational reviews and financial reviews are dealt with separately in those standards.
  • Fee rates and charges can range considerably and it is important to consider that cost right alongside of experience, professionalism, and industry knowledge.

For more information on this topic, please consider registering for the upcoming WK webinar, “CIA Lessons Learned—Negotiating Terms, Selecting an IRO, Meeting Obligations”, featuring Richard Kusserow.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2015 Strategic Management Services, LLC. Published with permission.