Kusserow on Compliance: OIG continues distancing itself from the GSA debarment list

The HHS Office of Inspector General (OIG) has never called for all health care organizations to screen against the General Services Administration (GSA) System for Award Management (SAM). In the past, the OIG has noted in its various compliance guidance documents that the GSA maintains a federal debarment list and cited it as an additional resource available to health care organizations. The fact that SAM was mentioned by the OIG often leads organizations to believe that they must screen against both the OIG’s List of Excluded Individuals and Entities (LEIE) and SAM.

Yet, for the last several years, the OIG has distanced themselves from the recommendation to health care organizations to screen SAM. In the OIG’s 2013 “Special Advisory Bulletin on the Effect of Exclusion from Participation in Federal Health Care Programs” the agency addressed questions regarding its position on screening against SAM and contrasted the LEIE and SAM. The OIG made it clear that it would take action only on parties found on the LEIE and that they had no interest or authority to address confirmed hits on the GSA SAM. It also noted that in January 2011, CMS issued final guidance mandating states to screen all enrolled providers monthly against both the LEIE and SAM, but that was CMS’ position, not the OIG’s position.

This means CMS is the only federal government agency calling for health care providers and plans to screen SAM. The CMS Medicare Enrollment Application for Institutional Providers requires applicant hospitals to have a compliance plan that states that the hospital checks all managing employees against the exclusion/debarment lists of both the OIG LEIE and the GSA SAM. For health plans, the regulation states that they cannot contract with any individuals or entities that are debarred by GSA as a condition to maintaining active enrollment status. CMS also requires managed care plans to screen prior to the hiring or contracting of any new employee, temporary employee, volunteer, consultant, governing body member, or First Tier, Downstream or Related Entity (FDR), and on a monthly basis thereafter. It is worthwhile to remember that CMS has not established any enforcement mechanism to deal with providers who have relationships with parties on the SAM debarment list.

As such, distance is growing between OIG and CMS regarding screening against SAM, which has never been user-friendly for health care organizations and yields numerous false matches that then take time and effort in resolve and verify. SAM records simply have very limited identifying information on individuals and entities. GSA designed their system to be used by federal government agencies for procurement purposes, and not for any other purpose or for use by non-federal organizations.

The latest policy statement by the OIG was announced at the recent Health Care Compliance Association (HCCA) Compliance Institute. An OIG Deputy Branch Chief noted that the OIG will soon no longer include screening the SAM as part of compliance integrity agreement (CIA) requirements. The OIG must recognize the added burden on organizations to resolve false hits to SAM. However, the agency made it clear that screening against the LEIE is mandatory, whether or not an entity is under a CIA. So, providers and plans are still confronted with CMS’ position on the subject and continue to struggle with all the problems presented by the user unfriendly SAM system.

Jillian Bower, a compliance screening expert stated that “any provider with a large work force, or that engages many contractors or vendors, finds manual screening too costly, especially when multiple federal and state exclusion lists must be included. Most organizations turn to using a vendor that offers a sanction screening application that can greatly facilitate the process by enabling providers to conduct batch screenings of a large number of names simultaneously against multiple federal and state exclusion lists. However, there remains the problem of resolving potential matches and for many the answer is to simply outsource the entire process to a vendor who will conduct sanction screening against all identified exclusion lists, as well as resolving potential matches.”

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2016 Strategic Management Services, LLC. Published with permission.

 

Kusserow on Compliance: More on the new OIG guidance on exclusions

The HHS Office of Inspector General (OIG) has authority under the Social Security Act to exclude any individual or entity from participation in the federal health care programs for engaging in prohibited conduct. Those programs may not pay for any items or services furnished, ordered, or prescribed by an excluded party. Going back to 1997, the OIG published a policy statement with non-binding criteria to be used by the OIG in assessing whether to impose exclusion under its authorities and has used this in evaluating whether to impose exclusion ever since. This policy has also been used as an OIG authority in the creation of Corporate Integrity Agreements (CIAs), or the use of some other approach to mitigate risks of future misconduct with OIG oversight. The OIG has now published a revised superseding policy.

The OIG position in favor of sanctions is rooted in the idea that some period of exclusion should be imposed against a person who has defrauded Medicare or any other federal health care program. The new OIG guidance document sets forth circumstances in which this presumption may be rebutted and the non-binding factors that the OIG will use to make such a determination, as well as describing how they will evaluate risk to the federal health care programs in using its other available remedies. The OIG outlined a “risk spectrum” range of options when settling a civil or administrative health care fraud case that includes the following remedies: (1) exclusion; (2) heightened scrutiny (e.g., implement unilateral monitoring); (3) integrity obligations; (4) take no further action; or (5) in the case of a good faith and cooperative self-disclosure, release exclusion with no integrity obligations.

The OIG often concludes that exclusion is not necessary if there is agreement to appropriate integrity obligations, in exchange for a release of exclusion, such as with a CIA. The CIAs are designed to strengthen and promote an entities’ compliance program so that future issues can be prevented or identified, reported, and corrected. Integrity obligations also enhance the OIG’s oversight of the entity. Failure to agree to terms of a CIA may result in pursuing exclusion or the exercise of other administrative actions, as deemed appropriate to “unilaterally monitor” compliance with federal health care programs. If the OIG determines a party presents a relatively low risk to federal health care programs, neither exclusion nor integrity obligations will be deemed necessary. These situations include the absence of egregious conduct, such as patient harm or intentional fraud, relatively low financial harm, and where a successor owner, after the misconduct, is resolving the matter.

There are two limited circumstances in which OIG will usually give a person a release of exclusion without requiring integrity obligations: (1) when the person self- discloses the fraudulent conduct, cooperatively and in good faith, to the OIG; or (2) when the person agrees to robust integrity obligations with a state or the Department of Justice (DOJ) and OIG determines these obligations are sufficient to protect the federal health care programs.

It is worthwhile to review the revised exclusion policy statement and evaluate how your compliance programs, self-disclosure protocols, and other practices measure against the standards described by the OIG.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2016 Strategic Management Services, LLC. Published with permission.

 

 

Kusserow on Compliance: OIG requests 172 more staffers, $68M for Medicare and Medicaid fraud investigations

The HHS Office of Inspector General (OIG) presented its fiscal year (FY) 2017 budget requests, which included a scheduled $334 million to support the oversight of the Medicare and Medicaid programs. This constitutes an increase of $68,096,000 to fund an additional 172 full time employees (FTEs) for the Office of Investigations (OI) to enhance law enforcement efforts, including the Medicare Strike Force teams and affirmative litigation of civil monetary penalty cases, which will increase recoveries and deter future fraud. The OIG budget justification notes the agency will be moving to strengthen its emphasis on targeting improper payments, questionable billing, wasteful payment policies, patient safety and quality of care, and security of data and technology. The OIG also cited some of its major accomplishments in the past year and efforts to expand on prior success in the budget justification.

In 2015, 481 out of the 565 FTEs in the OI were devoted to Medicare and Medicaid enforcement efforts, with the balance addressing other departmental programs. The OI received 3,044 complaints related to those programs that resulted in 1,650 cases being opened for investigation. The results from these investigations resulted in $2.2 billion in investigative receivables. There were 925 criminal actions against individuals or organizations that engaged in crimes against HHS programs. Additionally, 682 civil and administrative enforcement actions were taken as result of implicating the federal False Claims Act (FCA) and unjust enrichment suits filed in federal district court, Civil Monetary Penalty (CMP) law settlements, and administrative recoveries related to provider self-disclosure matters. There were also 4,112 individuals and organizations excluded from participation in federal health care programs and included on the OIG List of Excluded Individuals and Entities (LEIE).

HHS has more than 100 programs that includes the Public Health Service (PHS), the Food and Drug Administration (FDA), the National Institute of Health (NIH), the Centers for Disease Control and Prevention (CDC), and the Indian Health Service (IHS) as well as a host of social programs such as Temporary Assistance for Needy Families (TANF), Head Start, child care, and child support help individuals, families, and communities. However, the CMS programs stand out as the top investigative priority as evidenced by the OIG budget justification, which devotes 85 percent of its investigative resources to police those programs.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2016 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: OIG updates the LEIE

Many may have not noticed that the HHS Office of Inspector General (OIG) continues to upgrade their List of Excluded Individuals and Entities (LEIE) system to make it more user-friendly. Anyone who has sanctioned-screened against the LEIE and the General Services Administration (GSA) Excluded Party Listing System knows how unfriendly the GSA system can be to users. The most recent upgrading by the OIG has been to link their sanctioned individuals and entities to the National Provider Identifier (NPI) records, which are part of the CMS National Plan and Provider Enumeration System (NPPES). The result of this upgrade is an improved system, which makes it much easier to determine whether a potential hit is actually identifiable to an individual.

Before the implementation of the upgrade, it was possible to miss a confirmed hit because the name screened may have been incorrect in some manner. This could happen even if a user searched by name through the NPI registry. This has occurred many times, leaving an entity to believe all their practitioners were clear of the LEIE, only to learn later that was not the case. Now that this new feature is included in the LEIE, the chances of missing a hit because of a flawed name entry have been all but eliminated. This also underscores the importance of following a proper resolution process. Failing to do so may create potential penalties.

The National Provider Identifier (NPI) is a Health Insurance Portability and Accountability Act (HIPAA) (P.L. 104-191) Administrative Simplification Standard and is a unique identification number for covered health care providers. Covered health care providers and all health plans and health care clearinghouses must use the NPIs in the administrative and financial transactions adopted under HIPAA. The NPI is a 10-position, intelligence-free numeric identifier. This means that the numbers do not carry other information about health care providers, such as the state in which they live or their medical specialty. CMS updates the NPI files weekly to provide users with more up-to-date information, which includes newly assigned NPIs, updates to NPI data, and newly deactivated NPIs covering that week. This weekly incremental NPI file is a supplemental file designed to be used in conjunction with the full replacement monthly NPI file until the next full replacement monthly NPI file is made available.

Tips

  • Be sure to have the NPI for any provider being screened against the LEIE.
  • Take steps to ensure that the names being searched are complete and reflect the information in the credentialing process.
  • For more information on how to properly screen and resolve potential hits, visit the Compliance Resource Center.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2016 Strategic Management Services, LLC. Published with permission.