Kusserow on Compliance: OIG Strategic plan outlines top priorities for 2020 – 2025

 The HHS Office of Inspector General (OIG) has identified seven major initiatives as part of its strategic plan for the period between 2020 and 2025. The initiatives include: (1) fraud and abuse protections; (2) safeguarding the Medicare trust funds; (3) protecting beneficiaries from prescription drug abuse; (4) combating health care cybersecurity threats; (5) promoting patient safety and accuracy of payments in home and community settings; (6) leveraging technology; and (7) ensuring HHS managed care and new health care models produce value.

  1. Fraud and Abuse Protections. OIG audits of national Medicaid data found substantial improper payments to providers for Medicaid Services; states were not always correctly determining lack of eligibility of individuals for Medicaid benefits. These two areas will be a focus for OIG oversight.
  2. Safeguarding the Medicare Trust Funds. The OIG plans to use data analytics to identify program areas and geographic areas of high-risk. It should provide strategic oversight of emergency preparedness and response affecting Medicare beneficiaries, Medicare Advantage, prescription drug spending, and the transition to value-based care.
  3. Protecting Beneficiaries from Prescription Drug Abuse, Including Opioids. The OIG’s efforts will focus on identifying opportunities to improve the efficiency and effectiveness of monitoring and identifying and holding accountable those engaged in fraud and abuse related to prescription drugs. Major efforts will include empowering partners through data sharing and education.
  1. Combatting Health Care Cybersecurity Threats. The OIG will increase efforts to combat cybersecurity threats, including hacking attacks, manipulation of medical devices, and inappropriate access to U.S. genomic data. The OIG will perform more cybersecurity audits of HHS agencies and programs, in partnership with other agencies, to conduct investigations that may involve espionage or foreign threats.
  1. Promoting Patient Safety and Accuracy of Payments in Home and Community Settings. The OIG plans increased efforts to reduce improper payments for services in noninstitutional settings, including home health. The OIG’s plans include outreach, education, audits, evaluations, inspections, investigations, and administrative enforcement.
  1. Leveraging Technology as it Intersects with HHS Programs. The OIG highlights that technology can be used to increase the efficiency, quality, and accessibility of the health care system. The OIG will work with other HHS agencies, patients, and providers to educate and oversee the use of health technology to positively impact providers and patients. The OIG will also assess how it can use Artificial Intelligence to foster value and quality in HHS programs.
  1. Ensuring HHS Managed Care and New Healthcare Models Produce Value. As CMS programs shift to value-based care and payment, the OIG has identified three elements that are critical to achieving better value, quality, and outcomes: (1) aligning program incentives with improved health outcomes; (2) strengthening program integrity; and (3) delivering innovative technology. The OIG will oversee the continued transition to value-based programs and will address and combat any issues of fraud, waste, and abuse.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2020 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Arrest of the University of Pittsburgh Medical Center hacker

An individual was indicted by a federal grand jury in Pittsburgh and arrested on charges associated with the 2014 “hacking” theft of University of Pittsburgh Medical Center (UPMC) human resources database that included personally identifiable information (PII) of over 65,000 UPMC employees. He was charged with fraud, aggravated identity theft, and selling of the information on the dark web to buyers around the world. The buyers, in turn, engaged in massive campaign of further scams and theft, including the filing of thousands of false IRS tax returns, leading to $1.7 million in false tax return refunds.

Additionally, the indictment alleges that the hacker, from 2014 through 2017, using the acronyms “TDS” or “DS,” regularly sold other PII to buyers on dark web forums, which could be used to commit identity theft and bank fraud. According to the Indictment, the hacker sold the stolen information on dark web forums for use by conspirators, who promptly filed hundreds of false tax return Form-1040 using UPMC employee PII. These false 1040 filings claimed hundreds of thousands of dollars of false tax refunds, which they converted into Amazon.com gift cards, which were then used to purchase Amazon merchandise which was shipped to Venezuela. The case was investigated by the Secret Service, IRS, and Postal Inspection Service. As a side note, six years ago, the case resulted in a major legal battle after employees sued UPMC for negligence and breach of contract. The state high court also ruled that UPMC may be responsible monetary damages if the plaintiffs can prove the health system acted negligently.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2020 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: DOJ moves on first criminal cases of COVID-19 fraud

The Department of Justice (DOJ) brought fraud charges against the president of a medical technology company in connection with a scheme to commit health care fraud with the submission of over $69 million in false and fraudulent claims for allergy and COVID-19 testing. The allegation is that he defrauded Medicare through illegal kickbacks and bribes and then turned to exploiting the pandemic by fraudulently promoting an unproven COVID-19 test to the market. The hoax leveraged off the fear of the pandemic with the company touting that his laboratory was the only one in the world that offered revolutionary “microarray technology,” which tested allergies and COVID-19 based on a drop of blood that was 250,000 times smaller than the amount required by technology touted by others.

The press announcement stated that beginning in or around 2018 and continuing to in or around February 2020, the company president and others paid kickbacks and bribes to recruiters and doctors to run an allergy screening test, using his Arrayit product, on every patient regardless of medical necessity, and then made numerous misrepresentations about the results. As the COVID-19 crisis began to escalate in March 2020, he and others made false claims concerning Arrayit’s ability to provide accurate, fast, reliable and cheap COVID-19 tests in compliance with state and federal regulations, and made numerous misrepresentations to potential investors about the COVID-19 tests and Arrayit’s future prospects for COVID-19 testing. The company president stated that it was simple to develop a test for COVID-19 because the switch from testing for allergies to testing for COVID-19 was a simple and easy step, but he and others never disclosed that there were questions about the validity of its data and the accuracy of its COVID-19 test. The press announcement reaffirmed that investigating COVID-19 fraud scams billed to federal health programs continues to be a top priority, noting that ongoing public health crisis has spawned a rash of fraudulent schemes.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2020 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: FBI’s latest report on efforts to curb cyber-crimes

The FBI’s Internet Crime Complaint Center (IC3) was created to gather data on a new but rapidly growing type of crime. In its first full year of operation, the center received 50,000 complaints that has grown to over 5 million reports of thefts, scams, frauds, and other crimes with an online nexus, resulting in over $10 billion in losses since 2015 alone. In its report, the FBI made note that threat mitigation is its top priority regarding cyber-crime. The IC3 has allowed for increased reporting and information sharing, which often prevents further victimization, and enables accountability.

The crimes catalogued by the IC3 have mirrored the evolution of the web across two decades, including the growth in sophistication of crimes as well as the number of crimes as the web has become a central feature of daily life. In the first full year of IC3 reporting, the most commonly reported crimes included internet auction fraud, non-delivery schemes, advance payment schemes, and credit card fraud. Since then, threats have evolved into more destructive and costly data breaches and network intrusions, ransomware, romance scams, and sophisticated financial crimes such as business email compromise. Scammers are ready to exploit various tragedies and disasters, such as Hurricanes Rita and Katrina, and the Boston bombings.

During the current COVID-19 pandemic crisis, scammers are working overtime with fake cures, investments schemes, selling personal protective equipment without the inventory on hand, and looking to take advantage of a more concentrated online presence during a time of increased telework and distance learning. Criminals are exploiting a public health emergency to steal from and deceive people who are vulnerable, worried, or seeking vital supplies and assistance.

In 2018, there was the creation of the FBI’s Recovery Asset Team (RAT) to streamline communication between financial institutions and FBI field offices to prevent criminals from successfully obtaining funds through fraudulent transactions. The RAT effectively recovered over $300 million in 2019 alone. Last year, the RAT, along with IC3’s Recovery and Investigative Development (RAID) team, brought together law enforcement and financial institutions to share data to gain a better understanding of the networks and methods used by cyber fraudsters resulting in the enhanced ability to identify criminals.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2020 Strategic Management Services, LLC. Published with permission.