Kusserow on Compliance: Using culture surveys to measure compliance program effectiveness

Organizations are increasingly making use of employee perception and attitudes in measuring the compliance culture through using surveys. Increasingly, board directors, given their oversight duties and personal exposure, see the value of an independently administered survey to better understand the status of the compliance program. Using surveys to measure compliance culture has long been advocated by regulatory bodies.  The U.S. Sentencing Commission explicitly recognizes the significance of culture in its 2004 Amendments to the Federal Sentencing Guidelines, stating that businesses must “promote an organizational culture that encourages ethical conduct and a commitment to compliance with the law.”  The HHS Office of Inspector General (OIG) from its earliest compliance guidance documents has recommended the use of “[q]uestionnaires developed to solicit impressions of a broad cross section” of the workforce to evaluate program effectiveness that can measure the compliance culture of the organization. In the Compliance Program Guidance for Hospitals and Supplemental Compliance Program Guidance for Hospitals, it states that “fundamentally, compliance efforts are designed to establish a culture within a hospital that promotes prevention, detection and resolution of instances of conduct that do not conform to Federal and State law, and Federal, State and private payor health care program requirements, as well as the hospital’s ethical and business policies . . . As part of the review process, the compliance officer or reviewers should consider techniques such as using questionnaires developed to solicit impressions of a broad cross-section of the hospital’s employees and staff . . . Organizations should evaluate all elements of a compliance program through employee surveys.” In its Compliance Guidance for Nursing Facilities, it recommended evaluations of the compliance program through “employee surveys, management assessments, and periodic review of benchmarks established for audits, investigations, disciplinary action, overpayments, and employee feedback.”

Jillian Bower, a health care compliance consultant, has been overseeing, on behalf of the Compliance Resource Center, the administration of the Compliance Benchmark Survey© for six years to assess the compliance culture.  It has been administered to hundreds of health care organizations and more than a half million surveyed population since 1993. It measures perceptions and attitudes of employees on a number of issues, as they relate to them personally, their immediate work group, their supervisor, and the management of the organization. The results provide important insights as to organization’s strengths on which to advance the compliance culture and areas warranting special attention.  Results from the survey can measure the outcome of the compliance program and examine the extent to which individuals, coworkers, supervisors, and leaders demonstrate commitment to compliance. These can be extremely useful tools for assessing the current state of the compliance climate or culture of an organization.  Reports from the survey run 30-50 pages and include tips for addressing weaknesses. They also benchmark results against the huge universe of those who have used the same survey in three ways: (1) overall results, (2) by category, and (3) individual questions. Use of the same survey has an advantage to benchmark or measure survey results from the current year against past years. Most importantly for those using the survey, results can be benchmarked against peer organizations that utilized the same survey. This provides invaluable metrics of program effectiveness.

Steve Forman, CPA, has 35 years’ experience as a full-time compliance officer at major health care organizations, as well as in assisting organizations in developing and evaluating their compliance programs.   In all his evaluations of compliance programs, he urges clients to consider including a survey of employees because the combination of the consultant’s findings and recommendations are reinforced in the survey report. He also cautions that to have a valid and tested survey instrument that produces reliable results is a serious business.  The survey needs to be developed by experts who validate and test the instruments over many organizations.  Any survey developed in-house is not likely to meet these standards.  They also can be viewed by employees as suspect and designed to bias the results in favor of management and will lack credibility to any outside authorities. As such, they will have little value in providing credible evidence of an effective compliance program.  Furthermore, the administration of the survey process is critical to useful results.  It must be independently administered that ensures the confidentiality and anonymity of participants.

Al Bassett, J.D., is another nationally recognized compliance expert with over 30 years’ experience in the OIG and as a consultant. He has found the use of surveys to evidence compliance program effectiveness is quite inexpensive, costing a small fraction of a full consultant-led compliance program effectiveness evaluation. As such, many of his clients opt for conducting the survey as a standalone engagement.  Another feature of using standardized surveys is that they can be supplemented with organization-specific questions and/or open-ended questions designed to provide more dimension to the information gathered.  He frequently links survey results in conducting focus group meetings and interviews when evaluating program effectiveness to shed additional light on the reason why there may be a problem, as might be suggested in survey response to certain questions. This can assist if certain issues require deeper probing and more nuanced evaluation.

Carrie Kusserow is another expert with 15 years’ experience as a compliance officer and consultant who has used compliance culture surveys extensively. She believes surveys can provide great insight into the compliance program’s effectiveness and very importantly can benchmark the progress of the program.  Reports can identify both strengths in the compliance program and potential gaps needing attention. Results can also be used as a benchmark for measuring progress and track improvements in the operation of the compliance program over time.  This is very important. She cites the OIG Compliance Program Guidance for Hospitals that states that “[t]he existence of benchmarks that demonstrate implementation and achievements are essential to any effective compliance program.” Another benefit of using an employee survey is that it can communicate a strong message to employees that their opinions are valued, the organization is committed to them as individuals, and their input is being used to make positive changes.  These messages can have a powerful influence on increased compliance, reduced violations, and heightened integrity.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

MedPAC votes to recommend recalculation of MA benchmarks

The Medicare Payment Advisory Commission (MedPAC) unanimously voted to recommend that the HHS Secretary modify the calculation of Medicare Advantage (MA) benchmarks. The recommended change, discussed at the January 12, 2017, MedPAC meeting, would increase spending between $750 million and $2 billion over one year and between $5 billion to $10 billion over five years. Mark Miller, executive director of MedPAC, suggested, however, that previous coding recommendations from the June 2016 report could offset the increased cost.

CMS sets the MA county benchmark based on the average risk-adjusted per capita Part A and Part B fee-for-service (FFS) spending in the county. While this calculation includes all beneficiaries in Part A or Part B, MA enrollees must be in both Part A and Part B. MedPAC policy analyst Scott Harrison noted that 12 percent of FFS beneficiaries are enrolled in Part A only, and Part A-only beneficiaries spend less than half than what those with Part A and Part B spend on Part A. This, he said results in an underestimate of FFS spending compared to MA spending, which leads, in turn, to an understatement of MA benchmarks.

To make calculations more reflective of MA enrollment, the members voted on a draft recommendation, which they also discussed at the December 2016 meeting, that the HHS Secretary should calculate MA benchmarks using FFS spending data only for beneficiaries enrolled in both Part A and Part B.

CMS already adjusts the rate calculation in Puerto Rico so that it is based on beneficiaries who are enrolled in both Part A and Part B. In the April 2016 Announcement of Calendar Year 2017 Medicare Advantage Capitation Rates and Medicare Advantage and Part D Payment Policies and Final Call Letter, CMS stated in response to a comment that it would consider expanding this Part A and Part B adjustment to all counties in the future.

At the same meeting, MedPAC also voted to recommend that the Secretary should require hospitals to add a modifier on claims for all surgical services provided at off-campus, stand-alone emergency department facilities. The modifier would allow Congress and CMS to track the growth of off-campus emergency departments, which are reimbursed at higher rates than urgent care centers.

Highlight on Oregon: Medicaid fraud control unit gets report card from OIG

A 2016 study by the HHS Office of Inspector General (OIG) of Oregon’s Medicaid Fraud Control Unit (MFCU) found that for fiscal years (FYs) 2013 through 2015, the Oregon Unit reported 92 criminal convictions, 34 civil judgments and settlements, and combined criminal and civil recoveries of nearly $33 million.

The OIG study also found that while the Oregon Unit was generally in compliance with applicable laws, regulations, and policy transmittals, it identified three areas where the Unit should improve its adherence to performance standards and its compliance with applicable federal requirements. Specifically, the Unit: (1) did not fully secure its case files; (2) part of the Unit’s memorandum of understanding (MOU) with two of its state partners was inconsistent with the federal regulation governing Medicaid payment suspensions; and (3) the Unit did not report some convictions and adverse actions to federal partners within the appropriate timeframes.

MFCU program

The mission of MFCUs is to investigate and prosecute Medicaid provider fraud and patient abuse or neglect under state law. Section 1902(a)(61) of the Social Security Act requires each state to operate a MFCU, unless the Secretary of HHS determines that operation of a Unit would not be cost-effective because minimal Medicaid fraud exists in a particular state and the state has other adequate safeguards to protect Medicaid beneficiaries from abuse and neglect. Currently, 49 states and the District of Columbia have MFCUs.

Section 1903(a)(6)(B) gives the HHS Secretary the authority to delegate the administration of the MFCU grant program. The authority to administer the MFCU grant program has been delegated to the OIG. To receive federal reimbursement, each Unit must submit an initial application to OIG for approval and be recertified each year thereafter. In annually recertifying the Units, OIG evaluates Unit compliance with federal requirements and adherence to performance standards.

Study details

Of the Unit’s 92 convictions over the three-year period, the OIG found that 78 involved provider fraud and 14 involved patient abuse or neglect. Of the Unit’s 34 civil judgments and settlements, 33 were from “global” cases and one was from a state-only civil case. “Global” cases are civil False Claims Act (FCA) cases that are litigated in federal court by the U.S. Department of Justice and involve a group of MFCUs. According to Unit management, the Unit prioritizes the investigation of cases that will result in a criminal conviction and thus pursues few state-only civil cases.

Global cases accounted for $24 million of the $33 million in total recoveries. Of the approximately $8 million in recoveries from nonglobal cases, $2 million were from criminal cases and $6 million were from a state-only civil case in FY 2013.

Unsecured case files

During the onsite review, the OIG observed that the Unit’s paper case files were not secured from access by non-Unit staff. The OIG observed that the Unit stored case files for closed cases in cabinets without locks, located in general office space. And although individuals must use a coded access card to enter the Unit’s general office space, non-Unit staff could access the space without supervision during non-business hours. In addition, the Unit did not have policies or procedures in place for securing paper case files from unauthorized access.

MOU inconsistent with federal regulations

The OIG found that in its MOU with the Oregon Health Authority (OHA) and the Department of Human Services (DHS), the Unit requested that in all cases in which a credible allegation of fraud is referred to the Unit, the Medicaid agency find good cause not to impose a payment suspension. Such a “blanket” request pertaining to all referrals is inconsistent with the federal regulation governing Medicaid payment suspensions, which requires that a Medicaid agency suspend payments to a provider when there is a credible allegation of fraud against the provider, unless the Medicaid agency determines that good cause exists not to suspend payments. Unit management reported to the OIG that they were aware that the MOU needed to be revised to remove the blanket request and stated that they planned to make revisions in 2017. Unit management also told the OIG that although it had not updated the MOU to reflect the change, in January 2015 the it began making case-by-case determinations on whether to request that the Medicaid agency not impose payment suspensions for each referral.

Late reporting of convictions/adverse actions 

The study found that although the Unit reported nearly all convictions to the OIG and all adverse actions to the National Practitioner Data Bank (NPDB), it did not report some within the appropriate 30 day timeframes.

Specifically, out of 92 convictions, the Unit reported 14 convictions to the OIG more than 90 days after sentencing, 12 within 61 to 90 days after sentencing, and 28 within 31 to 60 days after sentencing. According to the OIG, late reporting of convictions could delay the initiation of the program exclusion process, resulting in improper payments to providers by Medicare or other federal health care programs, or possible harm to beneficiaries.

In addition, the OIG found that while the Unit reported 95 adverse actions to the NPDB, it reported 67 of these more than 30 days after the adverse action. Specifically, the Unit reported 21 adverse actions more than 90 days after the action, 8 within 61 to 90 days after the action, and 38 within 31 to 60 days after the action. The NPDB is designed to restrict the ability of physicians, dentists, and other health care practitioners to move from state to state without disclosure or discovery of previous medical malpractice and adverse actions. As with program exclusions, late reporting of adverse actions to the NPDB could result in improper payments or beneficiary harm.

OIG recommendations

The OIG report recommended that the Unit: (1) implement procedures for securing case files; (2) revise its MOU with state partners to be consistent with federal regulation; and (3) implement processes to ensure it reports convictions and adverse actions to federal partners within the appropriate timeframes. The Unit concurred with all three recommendations.

Kusserow on Compliance: GAO reported continued fraud vulnerability under the Affordable Care Act

The Government Accountability Office (GAO) issued a report that the Affordable Care Act (ACA) marketplaces remain “vulnerable to fraud,” after the agency successfully applied for coverage for multiple fake people, who hadn’t filed tax returns for 2014 but were still able to get tax credits to help pay their monthly premiums for 2016 coverage. The GAO engaged in testing by using undercover attempts to obtain health-plan coverage from the federal marketplace and selected state marketplaces for 2015. The tests found the federal marketplace and selected state marketplaces approved each of 10 fictitious application for subsidized health plans. All 10 were approved, even though eight of these 10 fictitious applications failed the initial online identity-checking process.

Four applications used Social Security numbers that were never been issued. Other applicants obtained duplicate enrollment or obtained coverage by claiming that their employer did not provide insurance that met minimum essential coverage. Three of GAO’s applications were approved for Medicaid, although GAO provided identity information that would not have matched Social Security. For two applications, the marketplace or state Medicaid agency directed the fictitious applicants to submit supporting documents, and GAO provided fake information that resulted in the applications were approved. A third marketplace did not seek supporting documentation, and the application was approved by phone. CMS, California, Kentucky, and North Dakota, advised the GAO that they are only inspecting for supporting documentation that has obviously been altered; otherwise documentation submitted would not be questioned for authenticity.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2016 Strategic Management Services, LLC. Published with permission.