Kusserow on Compliance: Compliance officers cite HIPAA as their highest priority

The 2019 Compliance Benchmark Survey respondents reported that compliance officers are finding dealing with data breaches as their highest-ranked priority, with two-thirds of respondents citing HIPAA Security/Cyber-security and over half for HIPAA Privacy as their number one concern. This represented the biggest change since last year’s survey. Coupled with this finding was that nearly 75 percent of respondents reported the compliance office has assumed responsibility for HIPAA Privacy and nearly one-third assumed responsibility for HIPAA Security. So far this year, OCR has reportedly received upwards of a quarter million HIPAA privacy complaints.

The Survey did not focus on privacy laws and regulations emerging on the state level, nor did it provide much understanding on how organizations and compliance offices were responding to the challenges. As such, a separate 2019 survey has been designed to gather that information along with a variety of other issues.  It is designed to provide a general understanding of levels and nature of current commitment to this area.  Those who wish to participate in the 2019 HIPAA Compliance Survey can do so by clicking on the following hyperlink.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Meeting nursing home compliance program legal mandates

The November 28, 2019 deadline approaches for skilled nursing facilities and nursing homes to adopt and implement an effective compliance and ethics program as a condition of participation in the Medicare and Medicaid programs. At that time, state survey agencies will begin assessing facility compliance with implementation of an effective compliance and ethics program. Yet, the OIG continues to find major problems with that health care sector. The OIG recently reported that posthospital extended care services or Medicare beneficiary coverage must be preceded by an inpatient stay in a hospital for not less than three consecutive calendar days. The OIG found that CMS improperly paid 65 of the 99 skilled nursing facility (SNF) claims sampled by the OIG.  Projecting from its sample, the OIG estimated that CMS improperly paid $84 million for SNF services over a two-year period.

Those nursing homes that followed the OIG guidance will have little problem in meeting the new mandate, but those who did not have only months to come into compliance. Organizations trying to catch up should consider having a compliance expert perform a gap analysis to identify elements needed for the compliance program and how be able to evidence program effectiveness. A gap analysis should provide a “road map” and step-by-step plan for bringing a facility into compliance with the mandates. Those that have already implemented a compliance program should consider having an effectiveness evaluation conducted by experts to verify that the program will meet mandated standards.

For more information about meeting the standards of these new mandates, Tom Herrmann may be reached at thermmann@strategicm.com or at (703) 535-1410.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Top initiatives for compliance programs in 2019

In the 2019 survey of health care compliance professionals, compliance professionals were asked about their initiatives for improving their program this year. The responses can be categorized in three tiers. The major focus for respondents was risk identification and mitigation—three of the four highest ranked selections deal with this area. The second tier—earning the third and fifth rankings—involved issues related to HIPAA compliance. The four items at the bottom of the list related to independent assessment compliance program effectiveness: effectiveness evaluation and gap analysis, arrangements with physicians, and compliance knowledge surveys. The third tier included four items, including use of independent parties for gap analysis, effectiveness evaluations, arrangements review, and surveying. The following are the results in descending order:

  1. Working with program managers to improve ongoing monitoring of their risk area (57 percent)
  2. Building a more robust ongoing auditing program (51 percent)
  3. Enterprise-Wide Regulatory Risk Assessment (34 percent)
  4. HIPAA Privacy and Security Assessment (43 percent)
  5. HIPAA Security/Cyber-Security Compliance Evaluation (31 percent)
  6. Independent Compliance Program Effectiveness Evaluation (22 percent)
  7. Independent Compliance Program Gap Analysis (14 percent)
  8. Independent Compliance Review of Arrangements with Physicians (9 percent)
  9. Independently developed/administered Compliance Knowledge Survey (6 percent)

Also noteworthy is the fact that approximately one quarter of those participating in the survey passed on answering this question, either because they have not yet developed a plan, had it approved, or don’t have annual work plans.

For more information regarding results of the Survey, contact Richard Kusserow, CEO, Strategic Management (rkusserow@strategicm.com).

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Huge fraud schemes involving telemedicine and DME

– Charges against two dozen people involving over $1.2 billion

 – Administrative Action against 130 DMEs submitting $1.7 Billion in claims

The DOJ announced charges against 24 defendants—including the CEOs, COOs, and others associated with five telemedicine companies, the owners of dozens of durable medical equipment (DME) companies, and three licensed medical professionals—associated with health care fraud schemes involving more than $1.2 billion. CMS and the Center for Program Integrity (CPI) have taken adverse administrative action against 130 DME companies that had submitted over $1.7 billion in claims and were paid over $900 million. The scheme involved payment of illegal kickbacks and bribes by DME companies in exchange for the referral of Medicare beneficiaries by medical professionals working with fraudulent telemedicine companies for back, shoulder, wrist, and knee braces that were medically unnecessary.

The DOJ alleges those charged with paying doctors to prescribe DME either without any patient interaction or with only a brief telephonic conversation with patients they had never met or seen. The proceeds of the fraudulent scheme were allegedly laundered through international shell corporations and used to purchase exotic automobiles, yachts, and luxury real estate in the United States and abroad. Some of the defendants obtained patients for the scheme by using an international call center that advertised to Medicare beneficiaries and “up-sold” the beneficiaries to get them to accept numerous “free or low-cost” DME braces, regardless of medical necessity. The international call center allegedly paid illegal kickbacks and bribes to telemedicine companies to obtain DME orders for these Medicare beneficiaries. The telemedicine companies then allegedly paid physicians to write medically unnecessary DME orders. Finally, the international call center sold the DME orders that it obtained from the telemedicine companies to DME companies, which fraudulently billed Medicare. Collectively, the CEOs, COOs, executives, business owners and medical professionals involved in the conspiracy are accused of causing over $1 billion in loss.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.