Kusserow on Compliance: Understanding and addressing whistleblowers

The vast majority of the cases resolved by the Civil Division of the Department of Justice (DOJ) were cases brought by “whistleblowers” under the qui tam provision of the False Claims Act (FCA). Whistleblowers are responsible for an even higher percentage of cases resulting in OIG Corporate Integrity Agreements (CIAs). Although most compliance officers are well aware of this program, many remain unclear as to how the process works. Tom Herrmann, J.D., who served over 20 years in the Office of Counsel to the OIG and as an Appellate Judge for the Medicare Appeals Board, explained that Congress permitted a whisltleblower called the “Relator” to file a case with the DOJ under the FCA.  Since this provision of law went into effect in 1986, there have been over 10,000 qui tam cases filed with a current average of one such case being filed every day of the year. The intent was to create incentives for private parties to detect and pursue fraud under the FCA. In return for reporting this information, Relators receive a portion (usually about 15 to 25 percent) of any recovered damages.  Once the lawsuit is filed, it is placed “under seal”, meaning that it is kept secret from everyone but the government, in order to give the DOJ enough time to investigate the allegations in deciding whether to join (“intervene”) in the case. Intervention by the DOJ occurs only in about one in five qui tam lawsuits, leaving whistleblowers the option to pursue cases on their own, however the chances of success are much lower than in cases when the government joins. Most successful qui tam cases are resolved through settlement negotiations rather than a court trial, although trials may occur.

Kash Chopra, J.D., noted that the overwhelming number of cases that result in a CIA, arise from whistleblowers and these, in turn, are based upon violations of the federal Anti-Kickback Statute (AKS). It is the government’s position that all claims arising from a corrupt arrangement violating the AKS or in some cases, the Stark Law, are considered fraudulent. This is even when the services rendered were needed and provided appropriately.  She advises here clients that the best ways to manage the whistleblower risk is to ensure that they are channeled through internal communication channels and their complaints are promptly evaluated, investigated, and resolved.  It is worth considering the following:

  1. Using outside experts to independently audit arrangements with physicians and evaluate compliance communication channel effectiveness.
  2. Ensuring a 24/7 hotline operated externally by experts in recognizing health care compliance issues.
  3. Reviewing/updating hotline-related polices/procedures (confidentiality, anonymity, non-retaliation, duty to report, etc.).
  4. Making sure that the duty to report suspected wrongdoing is explained in the Code, policies and training.
  5. Having trained and competent people on hand to conduct prompt and competent investigations of matters raised through the hotline.
  6. Moving quickly to use CMS and OIG self disclosure protocols when there is credible evidence of violations; and not wait until the DOJ gets involved.

For more information on this subject, Kashish Parikh-Chopra can be reached at kchopra@strategicm.com or via telephone at (703) 535-1413.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: DOJ establishes new Medicare Strike Force for the Newark/Philadelphia area

The DOJ announced the formation of the Newark/Philadelphia Regional Medicare Fraud Strike Force (Regional Strike Force). The Strike Force operations are part of a joint initiative between the DOJ and HHS to focus their efforts to prevent and deter fraud and enforce current anti-fraud laws around the country. Since its inception in March 2007, the prosecutors in the 10 Medicare Fraud Strike Force locations have charged over 3,700 defendants who collectively have falsely billed the Medicare program for over $14 billion. The new Strike Force will focus its efforts on aggressively investigating and prosecuting cases involving fraud, waste, and abuse within the federal health care programs, and cases involving illegal prescribing and distribution of opioids and other dangerous narcotics. Prior to the announcement, there were only 10 cities that had such tasks forces.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Stark law to undergo interagency review

The CMS Administrator announced plans to convene an inter-agency group to focus on how to minimize the regulatory barriers created by Stark law, which was established in 1989 and underwent expansion in the 1990s. Providers have raised concerns from the beginning of the implementation of the Stark law. The agencies involved in the review will include CMS, OIG, HHS General Counsel, and the DOJ. The Stark law prohibits doctors from referring Medicare patients to hospitals, labs and colleagues with whom they have financial relationships unless they fall under certain exceptions. It also prevents hospitals from paying providers more when they meet certain quality measures, such as reducing hospital-acquired infections, while paying less to those who miss the goals. The result is the law is viewed as making it difficult for physicians to enter innovative payment arrangements because they are not susceptible to fair market value assessment—a Stark requirement. These prohibitions are seen as interfering with key factors related to value-based care. Unlike the Anti-Kickback Statute, which is enforced by the OIG, the Stark law is considered regulatory and falls under CMS jurisdiction. From a regulatory standpoint, there is only so much that CMS can do to make substantive changes. Any real changes in the law will have to come from Congress.

This is not the first time the CMS has tried to move the easing of rules concerning the Stark law.  In 2015, CMS published a Proposed rule relaxing aspects of the Stark law, including easing of some of the strict liability features of the law and CMS’ burden in dealing with the interpretation of key terms, requirements, and other issues. After reviewing an enormous amount of self-disclosures, CMS realized that a large part of the docket involved arrangements that may technically violate the statute but do not actually pose significant risks of abuse. Therefore, it appears that CMS seeks to reduce the number of self-disclosures reported. However, the proposed update is also intended to account for recent changes relating to health care reform and advancements in patient care and payment methodologies. CMS wanted to ensure that Stark does not inhibit Patient Protection and Affordable Care Act (ACA) (P.L. 111-148) reforms and these are the same concerns driving the latest initiative.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Tips on developing and revising the ‘Code of Conduct’

All compliance guidance from the U.S. Sentencing Commission to the HHS Office of Inspector General (OIG) and DOJ has called for having a Code of Conduct as a foundation document for any effective compliance program. However, many such codes are far out of date and fail to provide the needed guidance for employees on their obligations towards compliance. The initiation of compliance program guidance by the OIG was a major stimulant for having Codes of Conduct. In the early days of responding to such guidance, many organizations quickly developed a “Compliance Plan” that included all seven elements of the program, including a Code. Unfortunately, plans are statements of intent, not an operating program and converting them into fully functioning and effective programs has years. This has included reviewing, revising and updating their Code of Conduct and compliance-related policies.

Daniel Peake of the Compliance Resource Center (CRC) (dpeake@compliancereource.com (703)-236-9854) works with compliance officers to provide a variety of compliance related services that includes the Policy Resource Center (PRC) which provides templates for compliance-related documents, including Codes, charters, policies, audit guides, etc. He notes that the PRC offers Code templates, but it is important that the Code should reflect the organization’s spirit, tone, and culture. If it doesn’t ring true to staff, securing their participation and cooperation in the compliance program will be much more difficult. The Code should be tailored to be an extension the mission and vision of the organization. It needs to be part of an ongoing monitoring effort subject to periodic reviews to ensure it remains up to date with the ever-changing regulatory environment.  He offered the following tips:

11 tips for developing or revising the Code of Conduct

 

  1. Determine whether it is time to review and possibly update the Code. Answering the following will help in making that determination: (a) When the Code was last reviewed/revised? (b) Any significant changes in law, regulation, or guidance since last revision? (c) Any changes/updates to compliance policies since last revision?
  1. Review Code templates and examples of other similar organizations. It is useful to review the codes of other organization to help focus on what is needed; and this can save a lot of time and effort. However, copying a Code from another source may prove to be problematic, if it runs counter to the culture of the organization.
  1. Gain buy-in from executive leadership. This is critical and needs to include personal involvement of the Compliance Officer, as well as HRM and Legal Counsel.
  1. Introductory letter from the CEO. It is a best practice to have the CEO introduce and endorse the Code, along with stating that (a) everyone is equally obligated to adhere to it, (b) everyone has a duty to report potential violations without fear of retaliation, (c) a confidential hotline is available to report confidentially or anonymously, etc.
  1. Reference the Code against compliance-related policies. The Code must not conflict with policies and procedures, as it would risk potential liabilities.
  1. Consider using experts to facilitate process. No need to “reinvent the wheel.”  Code development/revision can be simplified, facilitated, and guided by compliance experts in this field; and can ensure inclusion of key concepts, including those called for by the HHS OIG.
  1. Determine Core Code Content. Key to developing a successful Code is to ensure that it addresses the needs of all stakeholders (i.e. management, employees, Board, regulatory agencies, etc.).
  1. Code must detail procedures for addressing compliance issues. Employees should feel comfortable in approaching his or her supervisor, other members of management, HR or the Compliance Office. In addition there must be an option to report to a confidential hotline.
  2. Dissemination of the Code. The Code must be made available to all covered persons through an Intranet, in hard copy with signature receipt, through compliance training, or a combination of all. If the Code is not new, but one that has been revised, then steps need to be made to stop dissemination of the old version.
  3. Translating Code into other languages. A decision is needed as to whether the Code is to be provided only in English, or with versions in other languages. If it will be disseminated in multiple languages, the challenge will be to ensure the Code is written in simple terms, avoiding slang or jargon that will create problems in translating to be equivalent in meaning.
  4. Ensure all out of date Codes are removed from the website and hard copies collected. Having more than one version of the Code in circulation at the same time is a formula for creating problems.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.