Kusserow on Compliance: Board compliance experts and certifications under corporate integrity agreements

The HHS Office of Inspector General (OIG) now requires in its corporate integrity agreements (CIAs) the engagement of independent compliance experts to assist it in meeting its obligations of oversight of compliance programs. This trend has been part of a movement to hold members of governing boards more accountable for compliance program oversight.  Those engaged as compliance experts must create a compliance review work plan, perform the program review, and provide a compliance program review report.  The report has to describe the review performed, findings, and any recommendations for program improvement.  The board must review the report and act upon any findings and recommendations. A copy of the report must be sent to the OIG as part of each CIA annual report.   In addition, any materials provided by a compliance expert, as well as any minutes of meetings must be available to the OIG upon request

Carrie Kusserow has a long history as a compliance officer and as a compliance consultant working on compliance with CIAs.  She noted that the “real game changer” in CIAs has been the movement toward increased certifications by executives, compliance officers, and board members.  Board members now have the burden to adopt and sign a resolution for each CIA Reporting Period.  This is serious business, in that making false certifications could criminally violate federal law (18 U.S.C. §1001).  In order to hold boards fully accountable, the OIG mandates that they engage a compliance expert to assist them in carrying out their compliance program oversight and to assist them in being able to make their certification.  Selecting the right compliance expert is critical; once selected, they are likely to be doing this work for five years.  Kusserow also warns that time is not an ally when CIAs are signed.  The attorneys handling the litigation and settlement process often are working ahead of the organization and those who will have to implement the terms and conditions of the CIA. This means that many organizations find themselves in a race against time to do all that is required, including engaging independent review organizations (IROs) and compliance experts.   She advises organizations moving toward settlement to begin looking and evaluating potential parties to be engaged as outsider experts.

Tom Herrmann, J.D. has many years’ experience managing the CIA process with the OIG, as well as having been engaged by numerous organizations in meeting CIA obligations.  He believes that it is important to remember that moving from settlement to meeting obligations under a CIA is also moving from having parties advocating on behalf of the organization to parties  assisting in meeting the requirements that have been agreed to. He speaks from firsthand experience when he says that the OIG does not like parties trying to re-litigate a case, and any effort to do so will likely prove counter-productive.  This means that the compliance experts engaged must focus implementation on the terms of the agreement.  To do this, they must be free of any conflicts of interest if they are to meet the independence and objective standards required by the OIG.  The OIG wants to see organizations select true experts who will carry out their responsibilities with independence and integrity.  As such, Herrmann agrees that the more experience that parties have as experts under the CIA, the better known they are to the OIG and more credible will be their work.

Selecting compliance experts

Organizations selecting compliance experts should keep the following tips in mind:

  • An independent expert must be properly qualified to perform the work described in the CIA.
  • The work to be performed consists of operational reviews, not financial audits.
  • The focus is on compliance program expertise.
  • A CIA may require several different types of expert (e.g. IROs, compliance experts).
  • Those selected should be qualified and experienced in the industry sector covered by CIA.
  • Lack of expertise in the area for which the experts are engaged equals potential problems with OIG.
  • Sub-standard reports risk loss of compliance credibility.
  • Work performed by experts must be professionally independent and objective.
  • Compliance experts follow Government Accountability Office Government Audit Standards (GAGAS) standards for operational reviews.
  • Experts should certify to OIG professional standards.
  • Entities should ensure and seek certification that the experts have no conflicts of interest with the entities.

Steve Forman, CPA has been engaged as a compliance expert on behalf of several organizations. Based upon his experience, he offered tips on how to go about selecting an outside compliance expert. He believes it is very important engage parties with considerable experience doing this kind of work.   Using people inexperienced in compliance or using them as compliance experts is risky. Those lacking experience tend to be more costly, as they charge for their time in learning what needs to be done at the expense of those that have engaged them. The more experience they have doing this kind of work under a CIA, the better. As such, it is advisable to find experts who have been engaged by entities under CIAs on multiple occasions. It also permits reference checking on how well the experts did with organizations that used them. Forman also added that having served many years as a compliance officer, in addition to serving as a health care consultant, was critical in being able to deal with real and practical considerations in acting as a board compliance expert. He believes having that combination of experience provided those organizations using his services with the most efficient results.

Reference-checking questions

Appropriate reference-checking questions include:

  • Did the firm meet its obligations satisfactorily?
  • Were there any problems?
  • Did the OIG find a firm’s work satisfactory?
  • Did a firm perform services economically and efficiently?
  • Was a firm sensitive to the entity’s operations and needs?
  • Was a firm’s work professional, competent, and timely?

Last tip

One last piece of advice for compliance officers is that they educate their boards on this new trend, whether or not the organization may be involved in settlements with the government. What the OIG mandates is what it believes all organizations should do–that is, provide greater board oversight of the compliance program. As such, all boards should add members who are “compliance literate” and/or secure outside experts to advise them on the progress in development of an effective compliance program.

Kusserow on Compliance: When a CIA looms, it is time to seek a new job, career change, or hiding place, or take action

When organizations fall under the spotlight of the Department of Justice (DOJ), there is a period of many months before a settlement is negotiated that is followed by another negotiation process with the HHS Office of Inspector General (OIG) that leads to a corporate integrity agreement (CIA). By time of settlement, or shortly thereafter, it is common to find the compliance officer has left, as many  see the warning signals and decide to leave, or later are asked to do so.  When this happens, there begins a struggle to replace the compliance officer.   This is not an easy thing to accomplish as it take three to five months on average to find someone qualified and is complicated by the fact that many would-be candidates may not wish to take on a “fire storm” job at the outset of a five-year stringent CIA set of terms and condition.   All this takes place at a time when CIA terms will be adding great new burdens on the compliance program.

Replacing compliance officers

One short-term solution, when replacing the compliance officer, is to designate someone in-house to act until the gap can be filled by a permanent appointment.   This is seldom a good solution.  At a time when a steady, experienced, aggressive, and professional hand is needed to meet the immediate challenges of meeting the stringent compliance mandates of a CIA, the temporary appointee will be just trying to hold things together, without creating any future problems for themselves.   The alternative is hiring an interim compliance officer, until the right permanent solution can be found. This has the benefit of using someone who knows what has to be done and will be replaced within a matter of a few months.  This permits a steadier hand and includes the benefit of having someone to independently assess the state of the program and move on a plan to strengthen it.

Compliance officers who want to keep their jobs

Those desiring to keep their jobs cannot afford to wait in the wings to see what develops while the attorneys are negotiating with the DOJ and OIG.   It is dangerous and career-threatening.  They need to shore up the program and be considered part of the solution.  While negotiations are underway, the attorneys focus on the transaction terms with the government to resolve the pending issues, and not necessarily the consequences of living with the negotiated terms.  This may take many months, during which time the compliance officer needs to act affirmatively and with celerity to strengthen his or her position, before the CIA descends and the attention is redirected back to compliance.  The OIG follows predictable patterns in setting terms and conditions. Anticipating and preparing for what is coming with the CIA is being smart and, quite frankly, a job security effort.   The time should be used to educate management and the Board on what to expect, as well as preparing for what will come.

Evidencing compliance program effectiveness

Compliance officers should move at the earliest date to develop independent evidence that the program is operating the way it should and the problems that gave rise to the government intervention were an aberration. This also will help the attorneys in negotiating terms and conditions. It is wise to consider having an independent compliance program evaluation done by experts far in advance of the CIA mandates going into effect that will mandate the Board to hire a compliance expert to do the same thing. This will provide evidence of program strengths and identify areas of opportunities for improvement, as well as provide time for taking corrective action to address any weaknesses.  Results can be presented to the executive leadership and Board; attorneys may find them useful in negotiating settlement terms.  This further keeps the whole effort under direction of the compliance officer, who can take credit for the identified strengths in the program, as well as in addressing any findings otherwise.  If this is not done well in advance, then all findings will come from the Board-engaged compliance expert and reflect negatively on the compliance officer. There is a big added benefit, in that the independent assessment will likely become the framework for the Board-engaged compliance expert to focus attention to determine if all the corrective action measures have been addressed, rather than developing his or her own review criteria.

Help identify potential Board compliance experts

After a settlement, there usually is a big scramble to find qualified parties to be the independent review organization (IRO) and Board compliance expert.   It takes a lot more time and effort to find the right qualified parties to do this kind of work than to properly vet them.   The fact is there are relatively few such experts with the requisite experience.  It is therefore useful for the compliance officer to have researched the subject long before any CIA is signed or anyone else is focused on this.   Laying a proper foundation for identifying qualified candidates can help the compliance officer to be seen as part of the solution to the challenges facing the organization.  When it comes to compliance experts, it is very important engage parties with considerable experience doing this kind of work. Engaging inexperienced people as compliance experts is risky and unpredictable. Inexperienced people also tend to be more costly as they charge money while learning what needs to be done.  The more experience with this kind of work under a CIA, the better for gaining efficient result.  Those who have done this work before know what needs to be done and have a track record with the OIG.  It also permits reference checking on how well they did with organizations that used them.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: OIG raises nominal value threshold for beneficiary gifts

A frequent issue that compliance officers have to address is whether offering something of value to beneficiaries may implicate federal law. The release by the HHS Office of Inspector General (OIG) of a new policy statement on the subject can answer those questions. Under section 1128A(a)(5) of the Social Security Act (SSA), enacted as part of the Health Care Portability and Accountability Act (HIPAA) (P.L. 104-191), a person who offers or transfers to a Medicare or Medicaid beneficiary any remuneration that the person knows or should know is likely to influence the beneficiary’s selection of a particular provider, practitioner, or supplier of Medicare or Medicaid payable items or services may be liable for civil monetary penalties (CMPs) of up to $10,000 for each wrongful act. Congress thus broadly prohibited offering remuneration to Medicare and Medicaid beneficiaries, subject to limited, well-defined exceptions. To the extent that providers have programs in place that do not meet any exception, the OIG, in exercising its enforcement discretion, will take into consideration whether the providers terminate prohibited programs expeditiously following publication of this Bulletin.

What this means is that offering valuable gifts to beneficiaries to influence their choice of a Medicare or Medicaid provider raises quality and cost concerns, and many providers may have an economic incentive to offset the additional costs attributable to the giveaway by providing unnecessary services or by substituting cheaper or lower quality services. The use of giveaways to attract business also favors large providers with greater financial resources for such activities, disadvantaging smaller providers and businesses.

The policy statement includes the following definitions:

  • Remuneration. Includes, without limitation, waivers of copayments and deductible amounts and transfers of items or services for free or for other than fair market value, with a limited number of exceptions.
  • Inducement. The offer of valuable (i.e., not inexpensive) goods and services as part of a marketing or promotional activity, regardless of whether the marketing or promotional activity is active or passive. In addition, the OIG considers the provision of free goods or services to existing customers who have an ongoing relationship with a provider likely to influence those customers’ future purchases.

Congress expressed its intent that inexpensive gifts of nominal value should be permitted.   In a Special Advisory Bulletin in 2002, the OIG expressed its interpretation of “inexpensive” or “nominal value” to mean a retail value of no more than $10 with an aggregate limit of $50 annually, noting it would periodically review these limits and adjust them according to inflation.  In December, 2016, the OIG adjusted the figures as to what it would interpret as “nominal value” for the first time since 2000 to be a retail value of no more than $15 per item, or $75 in the aggregate per patient on an annual basis.  It made it clear, however that the items may not be cash or cash equivalents.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: OIG expanded exclusion authorities go into effect

On February 13, 2017, the HHS Office of Inspector General (OIG) Final rule amending the regulations related to its exclusion authority goes into effect. It incorporates recent statutory changes, early reinstatement provisions, and recent policy changes, and clarifies existing regulatory provisions. It is the most substantial revision to the exclusion regulations in many years and reflects changes made by the Patient Protection and Affordable Care Act (ACA) (P.L. 111-148) in 2010 and the Medicare Modernization Act (MMA) in 2003, as well as informal practices that the OIG has now codified in regulations. Most of the changes in the final rule are largely technical in nature; however they significantly expand and solidify the OIG’s authority to exclude providers.

The scope of OIG oversight now will move beyond claims submission based on the ACA’s permissive exclusion authority over an individual or entity that knowingly makes or causes to be made any false statement, omission, or misrepresentation of material fact in any application, agreement, bid, or contract to participate or enroll as a provider of services or supplier under a federal health care program. Under the new rules, the OIG’s authority has been extended to exclude based on the following:

  • conviction relating to obstruction of an investigation or audit;
  • failure to provide payment information by individuals who “order, refer for furnishing, or certify the need for” items or services paid for by Medicare or state health care programs;
  • those who refer patients or certify the need for items or services, even if they do not provide the items or services; and
  • making false statements or misrepresenting material facts in applications to participate as a provider or supplier under a federal health care program.

The OIG also will now consider materials obtained from various entities, including CMS, state Medicaid agencies, fiscal agents or contractors, private insurance companies, state or local licensing or certification authorities, and law enforcement. This information may be considered in determining the length of exclusion.  Also, a number of technical changes were made regarding key terms, such as replacing the language “who submit claims to” with “who request or receive payment from” in the definitions of “directly” and “indirectly,” thereby clarifying the scope of individuals and entities subject to oversight by the OIG.

The OIG may impose exclusion up to a 10-year period from the time the conduct occurred. It may consider a request for a waiver from a federal health care program administrator, as opposed to only waivers submitted by state health care program administrators. It also makes several changes to the aggravating and mitigating factors that the agency considers in determining whether to increase the length of exclusion above the minimum required. Mitigating factors are only considered if OIG has established one or more aggravating factors. Other changes include:

  • updating the dollar amounts for aggravating and mitigating factors that consider the financial loss to federal health care programs as a result of the misconduct from $15,000 to $50,000;
  • reworking the existing aggravating factors regarding other offenses to include considering adverse actions based on offenses separate from those forming the basis of the exclusion and adverse actions based on the same offenses; and
  • removing the mitigating factor related to availability of alternative sources of the type of health care items or services furnished by the person.