Kusserow on Compliance: EHR incentive program attestation is serious business

The American Recovery and Reinvestment Act of 2009 (ARRA) (P.L. 111-5) authorized providing incentive payments to eligible health care professionals, hospitals, and Medicare Advantage Organizations (“MAOs”) to promote the adoption and “meaningful use” of health information technology and electronic health record (“EHR”) systems. CMS established the Medicare and Medicaid Electronic Health Record Incentive Programs (EHR Incentive Programs) to make incentive payments to health care professionals and providers that meet specified requirements for the meaningful use of certified EHR technology (CEHRT). The EHR Incentive Programs are intended to bring about improved clinical outcomes and population outcomes, increase transparency and efficiency in health care, empower individuals to make decisions regarding their care, and generate additional research data on health systems. Program participants must report on their performance pertaining to certain clinical quality measures (CQMs) and objectives to CMS (for Medicare) or the authorized state agency (for Medicaid) through an attestation process. Since 2011, the EHR Incentive Programs have made incentive payments to numerous eligible professionals, eligible hospitals, and critical access hospitals (CAHs) that qualify as “meaningful users” by meeting the objectives and CQMs outlined in the various stages of the applicable programs.

Annual attestations required

Eligible providers must annually attest to meeting the specified objectives and measures in order to receive incentive payments under the EHR Incentive Programs. Once they have attested to meeting the identified objectives and measures, they are deemed to be meaningful users and eligible for incentive payments.  CMS, its contractor, and state Medicaid agencies conduct both random and targeted audits to detect inaccuracies in eligibility, reporting, and receipt of payment with respect to the EHR Incentive Programs.  Eligible hospitals may be selected for pre- or post-payment audits. CMS has required that eligible hospitals retain all supporting documentation used in completing the Attestation Module responses in either paper or electronic format for six years post-attestation. Eligible hospitals are responsible for maintaining documentation that fully supports the meaningful use and CQM data submitted during attestation. Those hospitals undergoing pre-payment audits will be required to provide supporting documentation to validate submitted attestation data before receiving payment.

Unsupported and false attestations

Making false statements, including attestations to the federal government, could implicate federal law (18 U.S.C. § 1001), which generally prohibits knowingly and willfully making false or fraudulent statements or concealing information. Although eligible hospitals receiving incentive payments under the Medicare and Medicaid EHR Incentive Programs are not required to follow any particular parameters when spending the payments, they must annually attest to meeting the relevant measures and objectives in order to be entitled to incentive payments. It is critical that eligible hospitals maintain documentation that supports their attestations.  Supporting documentation needs to make clear that the hospital is meeting the terms and conditions of the EHR Incentive Program. A checklist document by itself would be insufficient as supporting documentation. Failure to maintain such supporting documentation creates potential liability. Although no significant enforcement activity has taken place, compliance officers are advised to verify that proper supporting documentation is maintained.  In fact, the responsible program manager should be maintaining documentation as part of ongoing monitoring. As part of ongoing auditing, the compliance office should ensure that monitoring is conducted and validate that it is adequately meeting regulatory requirements.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on
Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

 

 

CPC+ Round 2 taking applications from Louisiana, Nebraska, North Dakota, and Buffalo NY practices

The second round of regions for participation in the Comprehensive Primary Care Plus (CPC+) model, an Advanced Alternative Payment Model (Advanced APM) has been announced by CMS, which is seeking eligible practices in three statewide regions—Louisiana, Nebraska, and North Dakota—and in the Greater Buffalo Region (Erie and Niagara Counties), New York. CPC+ Round 2 will accept applications beginning May 18 through July 13, 2017; accepted practices will be part of an innovative payment structure that rewards value and quality for primary care practices that improve quality, access, and efficiency. The four regions were chosen based on payer alignment and market density.

CPC+ Round 2 is smaller than Round 1, which included 14 regions (see More clinicians able to join Next Generation ACOs, CPC+ for 2018, December 16, 2016), and chosen practices will participate from 2018 through 2022. Practices located in Round 1 regions are not eligible to participate in Round 2, even if they applied for Round 1 and were not accepted or did not apply for Round 1. As part of the announcement for Round 2, CMS also provisionally selected five payer partners to provide additional support in certain Round 1 regions.

CPC+ was developed by the CMS Innovation Center, which was established by section 3021 of the Patient Protection and Affordable Care Act (ACA) (P.L. 111-148). As an Advanced APM, the program is part of the Quality Payment Program (QPP), which is designed to reform Medicare payments to physicians as part of CMS’ implementation of the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA) (P.L. 114-10).

Kusserow on Compliance: Factors OIG considers in deciding exclusions

The HHS Office of Inspector General (OIG) has authority exclude any individual or entity engaging in prohibited activities from participation in the federal health care programs, and add him or her to their List of Excluded Individuals and Entities (LEIE). The effect of this is that no payment may be made for any items or services furnished by an excluded individual or entity, or directed or prescribed by an excluded physician. This authority is anchored in legislation going back to 1977; the OIG was delegated authority to impose civil monetary penalties (CMPs), assessments, and program exclusion on health care providers and others determined to have submitted, or caused the submission of, false or fraudulent claims to the Medicare or Medicaid programs. During my 11-year tenure as Inspector General (IG), the administrative remedies were broadened to address additional types of misconduct. This has continued over the years.  Passage of the Patient Protection and Affordable Care Act (ACA) (P.L. 111-148) amended and expanded the existing authority for the OIG to impose CMPs and exclusions.

 Factors in exclusion decisions

The LEIE database is very large, with 3,000 new exclusions being added annually. About half of the exclusions included in the database are for criminal convictions related to health care programs and for patient abuse or neglect. These are mandatory exclusion.  In addition, the OIG has discretionary authority to exclude for other types of misconduct, such as license revocation or suspension, exclusion or suspension from another federal or state health care program, provision of unnecessary or substandard services, fraud or kickbacks, and default on a health education loan.

Tom Herrmann, J.D. served over 20 years in the Office of Counsel to the Inspector General. He explained that when exercising its discretionary authority to exclude, the OIG takes into consideration a number of factors, including the following:

  • Nature and circumstances of conduct. This includes determining adverse physical, mental, financial, or other impact to program beneficiaries, recipients, or other patients.
  •  Financial loss. Conduct  that (1) was part of a pattern of wrongdoing; (2) occurred over a substantial period of time; (3) was continual or repeated; and (4) continued until or after the person learned of the Government’s investigation indicates higher risk.
  • Leadership role. If the individual organized, led, or planned the unlawful conduct.
  • History of prior fraudulent conduct. History of judgments, convictions, decisions, or settlements in prior enforcement actions, as well as (1) refusal to have entered into a corporate integrity agreement (CIA), (2) breach of a prior CIA, or (3) lies or failure to cooperate with the OIG while under a CIA.
  • Conduct during investigation. Any (1) obstruction in the investigation or audit; (2) taking any steps to conceal the conduct from the government; or (3) failure to comply with a subpoena.
  • Resolution. The inability to pay an appropriate monetary amount (including damages, assessments, and penalties) to resolve a fraud case.
  • Absence of compliance program. Absence of a compliance program that incorporates the seven elements of an effective compliance program.

Avoiding exclusion

There are a number of steps that can be taken to reduce the likelihood of the OIG exercising its discretion to exclude parties and put them on the LEIE. These include being able to evidence:

  1. Initiating internal investigation and sharing results before the government gets involved;
  2. Self-disclosing an internal investigation;
  3. Cooperating with the government, if it initiate an investigation;
  4. Taking appropriate disciplinary action against individuals responsible for bad conduct;
  5. Implementing an effective compliance program, prior to government investigation;
  6. Devoting increased/improved support for the compliance program; and
  7. Having in the past self-disclosed overpayments in good faith to the OIG and CMS.

LEIE sanction screening

Screening individuals and entities prior to engagement and periodically thereafter is not optional–it is a necessity.   The best practice is to screen monthly against the LEIE and any state exclusion database where business is conducted, in that CMS has set this as a standard for Medicaid Directors.   In addition to screening against the LEIE, most states require screening against their database of sanction parties. Often there are delays in resolution of cases, so that a party may not be included in a sanction database at time of engagement, but is added later. Furthermore, inasmuch as most state Medicaid Fraud Control Units report their criminal actions to the OIG, that in turn includes them in the LEIE, resulting in frequent cases of multiple hits for the same underlying action. This is further complicated by the fact that there are delays when actions by state agencies are reported to the OIG for their determination to add them to the LEIE.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

CMS delays implementation of bundled payment models

CMS has further delayed the implementation date of the Cardiac Rehabilitation (CR) Incentive Payment model and modifications to the Comprehensive Care for Joint Replacement (CJR) model by three months. This additional delay, CMS said, is necessary to allow time for additional review, to ensure that the agency has adequate time to undertake notice and comment rulemaking to modify the policy if modifications are warranted, and to ensure that in such a case participants have a clear understanding of the governing rules and are not required to take needless compliance steps due to the rule taking effect for a short duration before any potential modifications are effectuated.

CMS issued a final rule on the two models January 3, 2017. Pursuant to the Trump Administration’s “Regulatory Freeze Pending Review” memorandum, on February 17, 2017, CMS issued a final rule that delayed the effective date of the January 3, 2017 final rule, for provisions that were to become effective on February 18, 2017, to March 21, 2017. CMS’ March 21, 2017, interim final rule postponed the effective date of the January 3, 2017 final rule from March 21, 2017, until May 20, 2017. The applicability date of the new regulations at 42 C.F.R. Part 512 and specific CJR regulations are delayed from July 1, 2017, until October 1, 2017. CMS sought comments on a longer delay of the model start date, including to January 1, 2018.

Under the CJR model, which began April 1, 2016, acute-care hospitals in certain areas receive retrospective bundled payments for episodes of care for hip and knee replacements. All related care within 90 days of hospital discharge from the joint replacement procedure is included in the episode of care. The January 3, 2017, final rule made several changes to the model.

Under the CR Incentive Payment model, acute care hospitals in certain geographic areas will receive retrospective incentive payments for beneficiary utilization of cardiac rehabilitation/intensive cardiac rehabilitation services during the 90 days following hospitalization for an acute myocardial infarction or coronary artery bypass graft surgery.

The American Hospital Association criticized the pace of these mandatory demonstration projects as “too much, too soon” and said, “We will continue to urge that any new bundled payment programs be of a voluntary nature.” In addition, HHS Secretary Tom Price has asserted that CMS exceeded its authority with bundled payment initiatives like the CR and CJR models.