Kusserow on Compliance: OIG provides Medicaid fraud and overpayment update to Congress

The OIG testified before the Senate Committee on Homeland Security and Governmental Affairs regarding Medicaid Fraud and Overpayments. Up front, it was noted that the Medicaid program has 67 million beneficiaries, costing $600 billion annually with projected improper Medicaid payments at about $59 billion. Key points of the testimony were:

  1. Complete and reliable national Medicaid data—which is necessary for effective program oversight and to quickly detect and address improper payments, fraud, waste, or quality concerns—is limited.
  2. Transformed Medicaid Statistical Information System (T-MSIS) data was mandated to address problems with national Medicaid claims and eligibility data. All states except Wisconsin and the District of Columbia have begun reporting data to T‐MSIS, but the data elements may not mean the same thing across states. CMS must ensure that the same data elements are consistently reported and uniformly interpreted across states.
  3. Eighty percent of all Medicaid beneficiaries receive part or all of their services through managed care entities who are required to report medical claims data to states who then report it to CMS via T‐MSIS. Without accurate and timely data, it is not possible to analyze costs, utilization or trends; evaluate benefits; or determine the quality of services being provided.  Medicaid managed care encounter data was found to be incomplete and CMS needs to ensure this corrected.
  4.  Lack of quality national Medicaid data to identify fraud schemes and other vulnerabilities that cross state lines is hampering enforcement efforts. Identifying schemes in one state can alert other states to patterns of fraudulent or abusive practices that may be occurring in their jurisdiction and can be referred to law enforcement agencies. CMS must improve Medicaid data to ensure T‐MSIS achieves its full potential.
  5. States have not fully enacted enhanced provider screening that prevents bad actors from entering the Medicaid program to reduce improper payments and protect patients from harm, such as conducting fingerprint‐based criminal background checks and site visits. States need timely, complete, and accurate data to identify the providers seeking access to Medicaid monies and patients. CMS must ensure that states timely and fully implement critical safeguards.
  6. The Medicaid improper payment rate is 10.1 percent and CMS is working with state Medicaid agencies to develop corrective action plans that address state‐specific reasons for improper payments as a part of CMS’s Payment Error Rate Measurement Program (PERM). Additional guidance to the states by CMS is needed. OIG has also identified a number of states that inflate payment rates to increase their Federal Medicaid funding and CMS needs to closely review state Medicaid plans and plan amendments for potentially inappropriate cost‐shifting from states to the federal government.
  7. The OIG has found that states are not always correctly determining Medicaid eligibility for beneficiaries. The Affordable Care Act (ACA) allowed states to expand Medicaid eligibility and claim a higher Federal Medical Assistance Percentage, but incorrectly determining beneficiaries’ eligibility could result in the improper shift of costs from the state to the federal government. States must comply with requirements to verify applicants’ income, citizenship, identity, and other eligibility criteria in order to verify eligibility criteria.
  8. Medicaid is overpaying for prescription drugs due to underpaid rebates. Manufacturers are generally required to pay rebates to the states for covered outpatient drugs under the Medicaid Drug Rebate Program that includes reporting product and pricing information to CMS that is used to calculate the rebates owed. Manufacturer misreporting can result in manufacturers’ underpaying rebates, which inappropriately increases federal and state Medicaid costs. Overseeing states’ collection of manufacturer rebates remains a challenge for HHS.
  9. Medicaid must know with whom it is doing business, not only to prevent improper payments to ineligible providers, but also to protect beneficiaries from low‐quality care. The varying standards, and in some cases, minimal vetting, for Medicaid personal care services (PCS) providers, potentially expose the Medicaid program to financial fraud and Medicaid beneficiaries to abuse and neglect. CMS needs to improve states’ ability to monitor billing and care quality by enrolling PCS attendants as providers, or require them to register with their state Medicaid agencies, and assign each attendant a unique identifier.
  10. The OIG found that up to 99 percent of critical incidents of abuse and neglect of developmentally disabled were not reported to the appropriate law enforcement or state agencies as required. The OIG worked with the HHS Administration for Community Living, Office for Civil Rights, CMS, as well as with the DOJ and States to create a joint report entitled Ensuring Beneficiary Health and Safety in Group Homes Through State Implementation of Comprehensive Compliance Oversight. It features suggested model practices for states and CMS with four main aspects of handling critical incidents: investigation, reporting, correction, and transparency and accountability. It also detailed suggestions as to what actions states should take when group homes repeatedly fail to report incidents.
  11. The OIG partners with state Medicaid Fraud Control Units (MFCUs) which, last year, reported more than 1,500 convictions, nearly 1,000 civil settlements and judgments, and more than $1.8 billion in criminal and civil recoveries. The 50 existing MFCUs receive 75 percent of their funding on a matching basis from the federal government but often they encounter severe restrictions on their ability to maintain or expand staff.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: OIG cases involving sanctioned parties and tips to avoid violations

Compliance Officers must screen employees against the List of Excluded Individuals and Entities (LEIE). This is stressed in all of the OIG’s compliance guidance documents. CMS makes it a condition of participation and enrollment. The LEIE continues to change and grow with more than 3,000 exclusions added annually. Failure to screen employees, medical staff, contractors, and vendors results in a great risk. The OIG may consider claims that include work or products from a sanctioned party to be false and fraudulent. Violations can result in monetary penalties. Most cases that deal with this issue are brought to the OIG’s attention through the “Self-Disclosure Protocol.”  In all the recent cases posted, the OIG imposed penalties, but the penalties were mitigated by the fact the matters were self-disclosed—as a result, none of these cases resulted in a Corporate Integrity Agreement (CIA). The OIG posts a number of these cases on its website. The following are examples of recent actions against organizations that engaged individuals they knew or should have known were excluded from participation in the federal health care programs:

  • Southwest Trinity Management, LLC (STM), in Oklahoma paid $141,986.36 in settlement for employing an excluded licensed practical nurse that provided items or services that were billed to Federal health care programs.
  • Diamonds & Pearls Health Services, LLC (DPHS), Cleveland, Ohio paid $75,471.92 for employing an excluded individual who was a scheduling/staffing coordinator, provided items or services to DPHS patients that were billed to Federal health care programs.
  • Center for Ear, Nose Throat & Allergy, P.C. (CENTA) in Indiana, paid $51,564.14 for employing an excluded medical records file clerk, provided items or services to CENTA’s patients that were billed to Federal health care programs.
  • MHMR, Fort Worth, Texas, paid $97,869.78 for employing a program director who had been excluded to provide items or services to clients who were receiving services funded by a Medicaid waiver program.
  • Shawnee Health Services (Shawnee), Carterville, Illinois, paid $107,761.08 as result of employing an excluded individual as a case manager, provided items or services to clients that were receiving services under a Medicaid waiver program.
  • Arkansas Department of Health (ADH) paid $39,343.61 as result of employing an excluded hospice social worker that provided items or services to patients of a community based hospice operated by ADH.
  • Century Pharmacy (Century), Brooklyn, New York, paid $10,000 for an employed excluded individual, who assisted in filling prescriptions in addition to performing other clerical tasks, provided items or services to Century patients that were billed to Federal health care programs.
  • Sundance Behavioral Healthcare System (Sundance), Texas, paid $49,183.48 for an employed sanctioned licensed vocational nurse that provided items or services to patients that were billed to Federal health care programs.
  • ASAP Professional Home Health (ASAP), Houston, Texas, paid $21,797.76 for an employed excluded attendant, provided items or services to ASAP patients that were billed to Federal health care programs.

Practical Screening Tips

  1. Ensure periodic sanction screening of employees, medical staff, contractors, and vendors against the LEIE—best practice is monthly screening.
  2. Inasmuch as most states have developed their own exclusion database, with many states mandating monthly screenings, care should be taken to understand and meet state screening requirements.
  3. Inasmuch as most LEIE exclusions arise from another underlying court, state agency, or licensure board action, it is advisable to also conduct background checks and seek written assurances in applications that prospective employees, contractors, and vendors have not been subject to any prior court or licensure board actions.
  4. It is common for individuals that may be the subject of an investigation, but not yet sanctioned with final actions, to be under investigation for considerable time, therefore it is a best practice to require as a condition of employment, gaining staff privileges, or engagement for the applicant to attest that they have not been, nor are they now, the subject of an investigation by any duly authorized regulatory or enforcement agency. It is also advisable to add a condition that they must promptly report any notice of investigation that involves them.
  5. Educate and inform management and employees on their obligation to promptly report any notification of an adverse action by any duly authorized regulatory or enforcement agency.

Daniel Peake of the Compliance Resource Center (CRC) works with many organizations in ensuring proper sanction screening and from that experience offers a number of practical tips to avoid creating an actionable violation.  He can be reached at dpeake@strategicm.com or (703) 236-9850.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Appealing exclusions–practical advice

Attorneys and consultants frequently have sanctioned clients desperately wanting to appeal and overturn the HHS Office of Inspector General (OIG) decision on exclusion, adding them to the List of Excluded Individuals and Entities (LEIE). The desperation is driven by the fact that exclusion is tantamount to putting them out of business. Few health care providers of services and products can function without access to federal health care programs and trying to continue servicing in that area after exclusion represents further violation of law with increased penalties.

Tom Herrmann, J.D., served over 20 years in the Office of Counsel to the Inspector General and as Appellate Judge for the Medicare Appeals Counsel and is frequently engaged to assist in Medicare appeals. He explained that there is, indeed, a process for appeal on exclusion to an HHS Administrative Law Judge (“ALJ”), the HHS Departmental Appeals Board (“DAB”), and ultimately the federal courts.  However, he warns that trying to appeal exclusions imposed by the OIG is not generally advisable, in that they are rarely overturned.  This is because most exclusion actions, both mandatory and discretionary, are derivative of a prior official action, whether it is court conviction or licensure board revocation.  Upon appeal, the underlying predicate action for exclusion may not be challenged through the established administrative and judicial review process.  The governing regulations provide further that an ALJ may not “review the exercise of discretion by the OIG to exclude an individual or entity under section 1128(b) of the Act, or determine the scope or effect of the exclusion.”   Moreover, the ALJ is prohibited from setting “a period of exclusion at zero, or reduce[ing] a period of exclusion to zero, in any case where the ALJ finds that an individual or entity committed an act described in section 1128(b) of the Act.”

Furthermore, an excluded party can affect entities with who affiliated. Should a provider permit an excluded party to be involved in services, it will create a liability to that organization.  As a condition of participation in Medicare/Medicaid, it is the affirmative duty and responsibility of the organization to ensure that any provider of services or products that is included in claims submitted for payment to those programs are licensed, qualified and NOT excluded.  To engage excluded parties places in jeopardy the entity’s status as a provider.  Furthermore, it is the OIG’s position that all claims submitted that include anything from a sanctioned provided may be considered false and potentially fraudulent.  Providers should take steps to avoid being poisoned by excluded parties.  Sanction screening can be a challenge because of multiple exclusion databases and variations of names and data.

Practical tips

Organizations should consider the following:

  • The fact that most exclusions arise from court or licensing agency actions underscores the importance of sanction screening and conducting background investigations prior to engaging employees, contractors, and vendors, to ensure they have not been subject to adverse actions by these authorities.
  • Screen parties before engaging them and thereafter periodically (e.g. monthly) against the LEIE or relevant State sanction lists.
  • Ensure data used in screening is accurate and up to date. Frequently, sanctioned parties disguise their exclusion with a name change (e.g. spouse surname), variations on name (particularly significant in the case of names that are transliterated).
  • Include on any application for employment or for medical privilege a statement that they are not under investigation and have not been subject of adverse action by any duly authorized enforcement agency.
  • Check the enrollment and exclusion status of physicians and other non-physician practitioners that routinely order or prescribe, as any services ordered or prescribed by an excluded health care practitioner will not be eligible for program payments.
  • If a party is verified to be on an exclusion list, take immediate action to terminate the party; determine the monetary exposure of the services involving that party that was billed to Federal health care programs; and disclose the findings to the OIG.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Factors OIG considers in deciding exclusions

The HHS Office of Inspector General (OIG) has authority exclude any individual or entity engaging in prohibited activities from participation in the federal health care programs, and add him or her to their List of Excluded Individuals and Entities (LEIE). The effect of this is that no payment may be made for any items or services furnished by an excluded individual or entity, or directed or prescribed by an excluded physician. This authority is anchored in legislation going back to 1977; the OIG was delegated authority to impose civil monetary penalties (CMPs), assessments, and program exclusion on health care providers and others determined to have submitted, or caused the submission of, false or fraudulent claims to the Medicare or Medicaid programs. During my 11-year tenure as Inspector General (IG), the administrative remedies were broadened to address additional types of misconduct. This has continued over the years.  Passage of the Patient Protection and Affordable Care Act (ACA) (P.L. 111-148) amended and expanded the existing authority for the OIG to impose CMPs and exclusions.

 Factors in exclusion decisions

The LEIE database is very large, with 3,000 new exclusions being added annually. About half of the exclusions included in the database are for criminal convictions related to health care programs and for patient abuse or neglect. These are mandatory exclusion.  In addition, the OIG has discretionary authority to exclude for other types of misconduct, such as license revocation or suspension, exclusion or suspension from another federal or state health care program, provision of unnecessary or substandard services, fraud or kickbacks, and default on a health education loan.

Tom Herrmann, J.D. served over 20 years in the Office of Counsel to the Inspector General. He explained that when exercising its discretionary authority to exclude, the OIG takes into consideration a number of factors, including the following:

  • Nature and circumstances of conduct. This includes determining adverse physical, mental, financial, or other impact to program beneficiaries, recipients, or other patients.
  •  Financial loss. Conduct  that (1) was part of a pattern of wrongdoing; (2) occurred over a substantial period of time; (3) was continual or repeated; and (4) continued until or after the person learned of the Government’s investigation indicates higher risk.
  • Leadership role. If the individual organized, led, or planned the unlawful conduct.
  • History of prior fraudulent conduct. History of judgments, convictions, decisions, or settlements in prior enforcement actions, as well as (1) refusal to have entered into a corporate integrity agreement (CIA), (2) breach of a prior CIA, or (3) lies or failure to cooperate with the OIG while under a CIA.
  • Conduct during investigation. Any (1) obstruction in the investigation or audit; (2) taking any steps to conceal the conduct from the government; or (3) failure to comply with a subpoena.
  • Resolution. The inability to pay an appropriate monetary amount (including damages, assessments, and penalties) to resolve a fraud case.
  • Absence of compliance program. Absence of a compliance program that incorporates the seven elements of an effective compliance program.

Avoiding exclusion

There are a number of steps that can be taken to reduce the likelihood of the OIG exercising its discretion to exclude parties and put them on the LEIE. These include being able to evidence:

  1. Initiating internal investigation and sharing results before the government gets involved;
  2. Self-disclosing an internal investigation;
  3. Cooperating with the government, if it initiate an investigation;
  4. Taking appropriate disciplinary action against individuals responsible for bad conduct;
  5. Implementing an effective compliance program, prior to government investigation;
  6. Devoting increased/improved support for the compliance program; and
  7. Having in the past self-disclosed overpayments in good faith to the OIG and CMS.

LEIE sanction screening

Screening individuals and entities prior to engagement and periodically thereafter is not optional–it is a necessity.   The best practice is to screen monthly against the LEIE and any state exclusion database where business is conducted, in that CMS has set this as a standard for Medicaid Directors.   In addition to screening against the LEIE, most states require screening against their database of sanction parties. Often there are delays in resolution of cases, so that a party may not be included in a sanction database at time of engagement, but is added later. Furthermore, inasmuch as most state Medicaid Fraud Control Units report their criminal actions to the OIG, that in turn includes them in the LEIE, resulting in frequent cases of multiple hits for the same underlying action. This is further complicated by the fact that there are delays when actions by state agencies are reported to the OIG for their determination to add them to the LEIE.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.