Kusserow on compliance: OIG report on Medicare payments for clinical diagnostic lab tests

The OIG analyzed claims data for lab tests that CMS paid under Medicare’s Clinical Laboratory Fee Schedule, under Medicare Part B. Effective this year, CMS replaced payment rates with new rates for clinical diagnostic laboratory tests. This was the first reform in three decades to Medicare’s payment system for lab tests. Congress mandated that the OIG monitor Medicare payments for lab tests and the implementation and effect of the new payment system for those tests. The OIG concluded the new payment system for lab tests took for this year has resulted in significant changes to the Medicare payment rates for lab tests. The OIG used the data collected to date as a benchmark against which to measure the effects of changes to the payment system when new data from 2018 become available. The OIG report provided the fourth set of annual baseline analyses of the top 25 lab tests. The OIG identified the top 25 tests based on Medicare payments in 2017 and found:

  • In 2017, Medicare paid $7.1 billion for Part B lab tests, at about the same level for last 4-years.
  • The top 25 tests totaled $4.5 billion, 64 percent of the total and about the same rate for prior years.
  • A total of 50,000 labs received payment in 2017 and three labs received $1.1 billion, 15 percent of the total payments.
  • The top 25 tests were similarly concentrated among a few labs: 1 percent of labs received 55 percent of all Medicare payments for the top 25 lab tests in 2017.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: CMS increases audits to address Medicaid fraud and abuse

In efforts to prevent Medicaid fraud and reduce improper payments, CMS is in the process of implementing eight “new or enhanced” program integrity initiatives and strategies to address reported billions in improper Medicaid payments. These initiatives include target auditing of selected state programs and known vulnerabilities. The stated aim is to promote transparency and accountability. The CMS announcement noted that Medicaid spending has risen more than 26 percent in the three years leading up to 2017, from $456 to $576 billion. A significant part of the increase was as result of states expanding their Medicaid programs under the Patient Protection and Affordable Care Act (ACA). Most of this increase was covered by the federal government, with its share rising 38 percent, from $263 billion to $363 billion, over the same three-year period. CMS efforts include evaluating the impact of this expansion on program integrity. The announced new initiatives followed a Senate hearing that lambasted CMS, reporting that Medicaid pays out $37 billion a year of improper payments, an increase of 157 percent since 2013.  The new initiatives will be designed to address previously identified activities that harmed Medicaid’s program integrity, and address problems identified by the GAO and OIG and include:

  1. Targeted audits of certain state MCOs. CMS will review financial reports from MCOs in targeted states to ensure they match actual claims experience.
  2. New audits of beneficiary eligibility. States that had OIG reviews of Medicaid beneficiary eligibility will have follow-up determinations reviewed by CMS.
  3. Claims and provider data optimization. CMS will validate the quality and completeness of state-provided data in the Transformed Medicaid Statistical Information System (TMSIS) using data analytics and other techniques to improve data quality and to flag potential problems that require further investigation.
  4. Data analytics pilots. CMS will use analytics and other IT tools on state-provided data to optimize state data to identify areas that need additional investigation.
  5. Provider screening on an opt-in basis. CMS will pilot a plan to screen Medicaid providers on behalf of states, in the belief that centralizing this process will improve efficiency and coordination across Medicare and Medicaid. This, in turn, should reduce state and provider burden, and address one of the biggest sources of error as measured by the Payment Error Rate Measurement (PERM) program.
  6. State-federal data sharing and collaboration. CMS is giving states access to the SSA’s master file of death records to help with managing provider enrollment.
  7. Publicly report state performance. The Medicaid scorecard will indicate how well states perform on certain measures pertaining to their Medicaid programs. This scorecard will include the state’s “integrity performance measures,” such as PERM.
  8. Provider education to reduce improper payments. CMS will bolster education efforts for Medicaid providers to reduce billing errors, including targeting comparative billing reports and provider-facing tools currently in development.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Stark law to undergo interagency review

The CMS Administrator announced plans to convene an inter-agency group to focus on how to minimize the regulatory barriers created by Stark law, which was established in 1989 and underwent expansion in the 1990s. Providers have raised concerns from the beginning of the implementation of the Stark law. The agencies involved in the review will include CMS, OIG, HHS General Counsel, and the DOJ. The Stark law prohibits doctors from referring Medicare patients to hospitals, labs and colleagues with whom they have financial relationships unless they fall under certain exceptions. It also prevents hospitals from paying providers more when they meet certain quality measures, such as reducing hospital-acquired infections, while paying less to those who miss the goals. The result is the law is viewed as making it difficult for physicians to enter innovative payment arrangements because they are not susceptible to fair market value assessment—a Stark requirement. These prohibitions are seen as interfering with key factors related to value-based care. Unlike the Anti-Kickback Statute, which is enforced by the OIG, the Stark law is considered regulatory and falls under CMS jurisdiction. From a regulatory standpoint, there is only so much that CMS can do to make substantive changes. Any real changes in the law will have to come from Congress.

This is not the first time the CMS has tried to move the easing of rules concerning the Stark law.  In 2015, CMS published a Proposed rule relaxing aspects of the Stark law, including easing of some of the strict liability features of the law and CMS’ burden in dealing with the interpretation of key terms, requirements, and other issues. After reviewing an enormous amount of self-disclosures, CMS realized that a large part of the docket involved arrangements that may technically violate the statute but do not actually pose significant risks of abuse. Therefore, it appears that CMS seeks to reduce the number of self-disclosures reported. However, the proposed update is also intended to account for recent changes relating to health care reform and advancements in patient care and payment methodologies. CMS wanted to ensure that Stark does not inhibit Patient Protection and Affordable Care Act (ACA) (P.L. 111-148) reforms and these are the same concerns driving the latest initiative.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Conducting compliance risk assessments

The issue of conducting compliance risk assessments continues to be a challenge for Compliance Officers. In the SAI Global’s ninth annual Compliance Benchmark Survey conducted with Strategic Management Services, nearly four out of ten responding organizations reported that the Compliance Office had responsibility for all risk management, not just for the compliance program.  As with all program managers, Compliance Officers have responsibility for risk management in the areas of their areas of responsibilities. This includes conducting risk assessments as part of ongoing monitoring.  However, there remains a lot of confusion among compliance officers and organizations regarding the whole subject. However, regardless of who assumes the responsibility for assessing risk areas, the subject should begin with how regulatory bodies define risk assessment.

Defining risk assessment 

Federal Regulations. (e) Annual review. The operating organization for each facility must review its compliance and ethics program annually and revise its program as needed to reflect changes in all applicable laws or regulations and within the operating organization and its facilities to improve its performance in deterring, reducing, and detecting violations under the Act and in promoting quality of care  (see 42 C.F.R. 483.85).

US Sentencing Commission Guidelines Manual. 2(a)(5) The organization shall take reasonable steps—(B) to evaluate periodically the effectiveness of the organization’s compliance and ethics program (§8B2.1 Nov. 2016).

OIG Compliance Guidance Documents.  The OIG has in a variety of compliance guidance documents called for compliance risk assessments. For example, in their Compliance Guidance for Nursing Faculties they “recommend that all nursing facilities evaluate their current compliance policies and procedures by conducting a baseline assessment of risk areas, as well as subsequent reevaluations. . .” How a nursing facility assesses its compliance program performance is therefore integral to its success. The attributes of each individual element of a compliance program must be evaluated in order to assess the program’s ‘‘effectiveness’’ as a whole. Examining the comprehensiveness of policies and procedures implemented to satisfy these elements is merely the first step. Evaluating how a compliance program performs during the provider’s day-to-day operations becomes the critical indicator.

When conducting a risk assessment it is necessary to determine the objectives. The following relates to ideas and tips concerning compliance program risk assessment.

Compliance program risk assessment objectives

  • Verify all the elements of the compliance program have been implemented
  • Determine whether all the elements are functioning as planned
  • Evaluate the documentation evidencing effectiveness of the program
  • Identify compliance program strengths, as well as areas warranting improvement
  • Develop a work plan to measure program improvements and address any weaknesses

Questions to ask about compliance risk areas

  • Were levels of risk and vulnerabilities assigned?
  • Is there an annual work plan to address identified high-risk areas?
  • Are their internal controls and policies addressing high-risk areas?
  • Are policies periodically reviewed and updated?
  • Do policies address applicable regulations, recent OIG Work Plans, etc?
  • Were compliance-related policies distributed to all covered persons?
  • Is there a Code of Conduct that provides compliance guidelines for employees?
  • Do employees signed receipt evidencing receipt of Code of Conduct?
  • What evidence is there that employees were trained on the Code and policies?
  • What evidence exist that employees understood and remembered lessons?

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.