Kusserow on Compliance: CMS to issue new Medicare card to 60 million beneficiaries

New cards will no longer contain Social Security number

Over 2.5 million beneficiaries are victims of identity theft incidents

CMS is readying a fraud prevention initiative that removes Social Security numbers from Medicare cards to help combat identity theft, and safeguard taxpayer dollars.  This is being done to meet the congressional deadline for replacing all Medicare cards by April 2019 that followed the passage of the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA). CMS will assign all Medicare beneficiaries a new, unique a Medicare Beneficiary Identifier (MBI) number which will contain a combination of numbers and uppercase letters. Beneficiaries will be instructed to safely and securely destroy their current Medicare cards and keep the new MBI confidential. Issuance of the new MBI will not change the benefits a Medicare beneficiary receives and will be designed to help protect against personal identity theft affects a large and growing number of seniors.  According to the DOJ, people age 65 or older are increasingly the victims of this type of crime that now are estimated to affect 2.6 million seniors a year. Two-thirds of all identity theft victims reported a direct financial loss with also the problems associated with disrupting lives, damage credit ratings, and result in inaccuracies in medical records and costly false claims.

New card will be mailed beginning in April 2018 and will use the unique, randomly-assigned MIB number to replace the Social Security-based Health Insurance Claim Number (HICN) currently used on the Medicare card.  Providers and beneficiaries will both be able to use secure look up tools that will support quick access to MBIs when they need them. There will also be a 21-month transition period where providers will be able to use either the MBI or the HICN further easing the transition.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Human resources management compliance jurisdiction

The great majority of internal investigations arise from complaints filed with the human resources management office (HRM) or through the compliance office hotline. Both functions have their own jurisdiction for dealing with sensitive issues, and this can raise tension and conflict if not addressed properly. HRM has a mission to assist employees in a host of ways, ranging from salaries and benefits to working conditions. It is therefore not surprising that the department is a front-line recipient of questions, concerns, complaints, and allegations related to the workplace. For all practical purposes, the primary responsibility for investigating and resolving personnel-related issues, including unfair labor practices, discrimination and harassment, lies with HRM.

Specific rules must be followed when conducting such investigations and the federal agency providing guidance and oversight is not the HHS Office of Inspector General (OIG) or the Department of Justice (DOJ), but the Equal Employment Opportunity Commission (EEOC). Furthermore, in some states, individuals conducting these types of investigations must undergo a designated number of hours of specialized training on the laws and rules governing employees in the workplace.

The sources of workplace complaints are varied, but their emergence is all but inevitable. With that in mind, it is important to have a clearly communicated and consistently applied policy detailing the specific procedure for reporting complaints. Many organizations encourage employees to utilize the “traditional” chain of command approach to reporting and resolution, while others have established more progressive open door communication policies to encourage unrestricted communication. Direct reporting to HRM is also an option for employees.  Allowing employees to report issues via an employee hotline, generally managed by the compliance officer, is yet another mechanism of reporting.  With most hotline calls have issues that fall under HRM primary jurisdiction, it requires careful coordination to guard against a matter falling between the cracks. This does not necessarily create a bright line of authority between the two functions, as many concerns raised may cross the line from being personnel issues to being compliance issues. It is essential that the compliance office and HRM maintain open communications and establish reciprocal reporting obligations for the purpose of ensuring the appropriate department is apprised of issues that are its primary concern. They must be able to coordinate investigative and resolution activity to avoid unnecessary duplication of efforts.

All of these reporting approaches provide a stream of information that can result in the need for internal inquiry or investigation. It is very important to note that, in order to have an effective reporting program that employees will actually utilize, it must be coupled with a clearly stated anti-retaliation policy. Employees must know that retaliation or attempted retaliation in response to lodging a complaint or invoking the complaint process is strictly prohibited by the organization. In August of 2016, the EEOC issued “Enforcement Guidance on Retaliation and Related Issues”, the EEOC’s first comprehensive review of retaliation since 1998. This was in direct response to the fact that retaliation is now the most frequently alleged basis of discrimination that EEOC receives.

The compliance officer focuses much attention on the Anti-Kickback Statute, Stark Laws, False Claims Act, and other fraud laws with considerable attention given to the OIG, DOJ, and state Medicaid Fraud Control Units. By contrast, the laws that most often occupy HRM interest include Title VII of the Civil Rights Act 1964; the Age Discrimination in Employment Act; the Americans with Disabilities Act; the Family and Medical Leave Act; the Fair Labor Standards Act; the Uniform Services Employment/Reemployment Rights Act; the Employee Retirement Security Act’s governing compensation and benefit plans; and the Patient Protection and Affordable Care Act (ACA) (P.L. 111-148) for employer-sponsored health benefits, among others.  The government agencies that oversee these areas are the U.S. Department of Labor, the Equal Employment Opportunity Commission (EEOC), and a variety of state agencies.  Violations can result in serious penalties.

Regarding matters that HRM must investigate and resolve, one area long overshadows (numerically) compliance matters raised to the compliance officer to handle: discrimination and unlawful harassment. Complaints to the federal EEOC and state counterparts number over 100,000 annually.  Many other complaints are received by HRM that never go so far as to be reported to outside authorities.   To meet the challenge of avoiding such complaints, HRM must implement a variety of compliance policies and train everyone on them.  These activities are familiar to compliance officers, who must do the same within their risk areas. However, in the case of some of the HRM-related laws and regulations, federal and state governments establish special rules for standards for related policies and mandatory training.  Special rules extend to the manner by which these types of cases are to be investigated and by whom, when there is a formal complaint.

One example of a compliance risk area requiring care relates to unlawful (sexual) harassment. In a series of Supreme Court cases, the High Court set forth the principle that no employer can mount an affirmative defense to allegations of unlawful harassment unless they can meet three standards: (1) they have zero tolerance policies and procedures in place; (2) all employees and managers are trained on these policies; and (3) the organization has taken steps to identify emerging issues and do not just wait until a complaint takes place.  On this last point, examples of action steps by management include screening hotline calls for any indications of emerging issues, conducting exit interviews and asking about employee work environment issues, and using training on the subject as a means to open discussion of potential problems.  In the latter case, having people stay behind to make further inquiries is more likely to open doors that public statement during formal training.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Feds allege 412 individuals responsible for $1.3B in Medicare fraud

In the largest health care fraud enforcement action by the Medicare Fraud Strike Force, 412 individuals allegedly participated in schemes involving almost $1.3 billion in false billings. The Department of Justice (DOJ) and HHS noted that the charges were levied against the individuals across 41 federal districts and included 115 doctors, nurses, and other licensed medical professionals. Over 120 defendants were named, including doctors for their roles in prescribing and distributing opioids and other dangerous narcotics. Thirty state Medicaid Fraud Control Units participated in the arrests. HHS also initiated suspension actions 295 providers, including doctors, nurses and pharmacists.

The Medicare Fraud Strike Force cases are being prosecuted and investigated by U.S. Attorney’s Offices in the states of Florida, Michigan, New York, Texas, California, Louisiana, and Illinois, along with Medicare Fraud Strike Force teams from the Criminal Division’s Fraud Section, the FBI, DEA, and various state fraud entities. In addition to the Strike Force locations, enforcement actions included cases and investigations brought by an additional 31 U.S. Attorney’s Offices.


The charges focus on Medicare, Medicaid, and TRICARE billing schemes for medically unnecessary prescription drugs and compounded medications that often were never purchased or distributed to beneficiaries. According to court documents, patient recruiters, beneficiaries and other co-conspirators were allegedly paid cash kickbacks in return for supplying beneficiary information to providers, so that the providers could then submit fraudulent bills to Medicare for services that were medically unnecessary or never performed. The fraud schemes also involved medical professionals who unlawfully distributed opioids and other prescription narcotics.

For example, in the Southern District of Florida, a total of 77 defendants were charged with offenses relating to their participation in various fraud schemes involving over $141 million in false billings for services including home health care, mental health services, and pharmacy fraud. The DOJ highlighted one case where the owner and operator of a purported addiction treatment center and home for recovering addicts and one other individual were charged in a scheme involving the submission of over $58 million in fraudulent medical insurance claims for purported drug treatment services. The allegations included recruiting patients to move to South Florida in order to bill insurance companies. Patients were provided kickbacks in the form of gift cards, free airline travel, casino trips, and drugs.

Seven defendants in Louisiana were charged in connection with health care fraud, wire fraud, and kickback schemes involving more than $207 million in fraudulent billing. In another instance, a pharmacist was charged with submitting and causing the submission of $192 million in false and fraudulent claims to TRICARE and other health care benefit programs for dispensing compounded medications that were not medically necessary and often based on prescriptions induced by illegal kickback payments

Fraud perpetrators receive lengthy prison sentences for false claims, kickbacks

Two health care fraud scheme perpetrators in separate cases successfully prosecuted by the Department of Justice (DOJ) have been sentenced for their crimes. A physician who accepted kickbacks and committed tax fraud received a sentence of seven years in prison. A Detroit medical biller received a sentence of 50 months in prison for her role in billing $7.3 million in fraudulent claims to Medicare and Medicaid.


A Pennsylvania physician was sentenced to 84 months in prison with three years’ supervised release, 60 months of which run concurrently with a sentence imposed by a Florida district court. The DOJ presented information to the court showing that the physician, who practiced anesthesiology and pain management, owned and operated pain management clinics. The physician conspired to receive kickbacks from a drug testing lab in exchange for referring patients to the lab, totaling over $2.3 million. Medicare and Medicaid paid the lab over $4.5 million based on the physician’s referrals. The physician also failed to remit employment taxes for a corporation of which he was a 100-percent shareholder.

Medical biller

At trial, the DOJ showed that the medical biller submitted fraudulent bills on behalf of a physician for services that she knew could not have been rendered or were not rendered as billed as part of a $7.3 million fraud scheme. She received 6 percent of the total billings received from Medicare. She was sentenced to 50 months in prison with one year of supervised release and ordered to pay restitution of $3.2 million jointly and severally with co-defendants.