Kusserow on Compliance: OIG issues detailed report on state Medicaid Fraud Control Units

1,564 Criminal Convictions

1,000 Civil Settlements

Almost $2 billion in recoveries

The OIG Office of Evaluation and Inspection (OEI) issued a more detailed analysis of statistical results from the State Medicaid Fraud Control Units (MFCUs) for 2016. The OIG is the designated Federal agency that oversees them and has been instrumental in establishing the Units.  As Inspector General, I worked to establish a number of these MFCUs that currently operate in 49 States and the District of Columbia (States). Once established the OIG administers a grant to each of the units that provides 75 percent of their funding and set performance standards, reviews each state’s program, provides technical assistance identify best practices, and collect and analyze statistics. The mission of MFCUs is to investigate and prosecute, under State law, Medicaid provider fraud and patient abuse or neglect. In FY 2016, the OIG reported 1,564 convictions, over one-third of which involved personal care services attendants. The OIG reported nearly 1,000 civil settlements and judgments, with settlements with pharmaceutical manufacturers making up almost half of settlements; along with almost $1.9 billion in criminal and civil recoveries. The OIG works often with the MFCUs and in 2016 the OIG Medicaid cases resulted in 312 indictments, 348 criminal actions, and 222 civil actions. These Medicaid cases—some of which also involved Medicare—resulted in almost $3 billion dollars in expected recoveries. However, in most cases the MFCUs work their own cases without assistance from other agencies.

It is noteworthy that current funding for Medicaid fraud control is at a higher level than for the federally funded and administered Medicare program. Medicaid annual expenditures exceed $500 billion dollars and funding for the MFCUs was also at a high level of $258,698,147 in 2016.  The staffing level of investigators, auditors, and attorneys was 1,965. Those entities investigated 15,505 fraud cases and another 3,221 abuse and neglect cases. The largest category of convictions involved personal care services (PCS) (35 percent). Nursing care came in second (11 percent) and involved of licensed practical nurses (LPN), registered nurses (RN), physician assistants (PA), or nurse practitioners (NP). Convictions of nurse-aides represented the third largest category (10 percent).

In this report, the OIG provided a detailed breakdown of the types of cases and trending data. Statistical results by state are included in the OIG Report.  Comparison of results to the prior year can be made by referring to the OIG issued report for 2015 that noted MFCUs achieving 1,553 convictions, 731 civil settlements and judgments, and $744 million in criminal and civil recoveries.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on
Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: More details on new DOJ corporate compliance guidelines

Previous blogs outlined the Department of Justice (DOJ) Fraud Section’s “Evaluation of Corporate Compliance Programs” guidance for compliance officers. Since then, many have inquired about getting more specific details on questions the DOJ is now using to determine the adequacy of compliance programs, particularly as they relate to management and Board oversight.  Subsequent to the publishing of the Evaluation, the HHS Office of Inspector General (OIG) at the recent Health Care Compliance Association (HCCA) Compliance Institute also reported modifying its corporate integrity agreements (CIAs) to increase accountability of organization leadership, including the Board, that follows a similar path to that of the DOJ.  With these changes in mind, the following recaps in more detail the DOJ list of “important topics and sample questions” it now uses when evaluating the effectiveness of corporate compliance programs. This 119-question resource offers great insights for compliance officers working to build and enhance their compliance programs. These guidelines have grown out of the DOJ’s hiring of Compliance Counsel Expert Hui Chen in November 2015. One thing to remember about these guidelines is that they relate to all industry sectors.  As such, they track with the U.S. Sentencing Guidelines, but don’t focus on the health care sector in the way the OIG compliance guidance documents do.

Filip Factors

The Principles of Federal Prosecution of Business Organizations in the United States Attorney’s Manual describes specific factors that prosecutors should consider in conducting an investigation of a corporate entity, determining whether to bring charges, and negotiating plea or other agreements. Commonly known as the Filip Factors, they include “the existence and effectiveness of the corporation’s pre-existing compliance program” and the corporation’s remedial efforts “to implement an effective corporate compliance program or to improve an existing one.” The guidance was formulated to evaluate compliance programs after violations have been discovered and examining the existing misconduct as the benchmark against which the compliance program will be evaluated. It focuses on testing existing compliance programs and outlining steps that should be taken when problems are discovered to demonstrate a pre-existing commitment to compliance. It is also intended to inform the public about federal prosecutors’ review of compliance programs under the Filip Factors. There were eleven highlighted topics covered, as noted below, along with tie-in with OIG guidance, and followed with types of questions that one can expect the DOJ to ask when it confronts corporate misconduct.

 1. Analysis and remediation of underlying misconduct. The OIG guidance stresses seeking out weaknesses identified to ensure they are addressed and prevent misconduct in the future.

  • Has the organization done an analysis to see if there was a systematic failure in compliance?
  • Did the company miss prior opportunities to detect the misconduct?
  • Has the company evaluated why those opportunities were missed?
  • What remediation was undertaken once a problem was discovered?
  • What specific changes has the company made to reduce the risk of a reoccurrence?

2. Senior and middle management. This tracks to the OIG call for “top-down” compliance programs beginning at the Board and executive levels and cascading down through all levels of management.

  • Did senior managers, through their words and actions, encourage or discourage the misconduct in question?
  • Has senior leadership taken concrete steps to demonstrate commitment?
  • Does the Board have access to the right expertise to help it perform its oversight function?

3. Autonomy and resources. Prosecutors look for signs of “autonomy,” such as whether compliance personnel have “direct reporting lines to anyone on the board of directors” and whether “relevant control personnel in the field have reporting lines to headquarters.” The OIG has been calling for this type of independence for compliance offices for decades, which permits unfiltered information to flow between the compliance officer, CEO, and Board. The DOJ also looks for signs of “empowerment,” such as instances where “specific transactions or deals . . . were stopped, modified, or more closely examined as a result of compliance concerns.”  With the relatively recent hiring of full-time compliance counsel at the Fraud Section, this has been a particular point of focus.

  • Does the compliance function have the right resources and stature within the company to perform effectively?
  • Was the compliance department involved in the training and decisions relevant to any misconduct?
  • Does the compliance department have appropriate independence?

4. Policies and procedures. Policies and procedures are a foundational component of any corporate compliance program, and the Compliance Program Guidance devotes considerable attention to this topic, as does the OIG in its guidance documents. As a threshold matter, prosecutors consider the “design and accessibility” of policies and procedures—including whether they are tailored to a company’s risk profile, have been effectively implemented and communicated, and have been evaluated to ensure usefulness. Prosecutors also consider the “operational integration” of a company’s compliance policies and procedures—including the adequacy of payment systems and other controls that should have helped detect or prevent misconduct.

  • Did the company have policies and procedures in place that prohibited the misconduct?
  • Has the company assessed whether its policies and procedures were effectively implemented?
  • Are key gatekeepers adequately trained?
  • Was the program properly integrated and were adequate controls put in place to detect misconduct?

5. Risk assessment. This factor relates to the OIG guidance relating to ongoing monitoring and auditing of high risk areas.

  • What methodology has been used to identify, analyze and address the risks the organization faced?
  • Does the company collect information and metrics to adequately assess risks?

6. Training and communications. As with the OIG guidance, there is considerable expectation that all covered persons will undergo compliance training on high risk areas, governing laws and regulations, and what to do when misconduct is believed to have occurred.

  • What training was in place and is it properly tailored for high-risk or control employees?
  • Is the training offered in the right form and language for the target employees?
  • How does the company communicate to employees about any misconduct that does occur?

7. Confidential reporting and investigation. Like the OIG, the new guidelines focus on the means by which employees and others may report potential wrongdoing, as well as how this information is acted upon by the organization.

  • Does the company have in place an effective way of collecting and analyzing allegations of misconduct?
  • Does the company ensure investigations have been properly scoped, conducted, and documented?
  • Did the investigation look to root causes of the misconduct?
  • Did the investigation go high up enough in the company?

8. Incentives and disciplinary measures. The OIG stresses consistent implementation of disciplinary action for wrongdoers, without regard to station within the organization.

  • Is there proper accountability, as demonstrated by discipline for managers under whose watch misconduct occurred?
  • Is the application of discipline consistent?
  • Is there an incentive program for good compliance and ethical behavior?
  • Can the company point to specific examples of actions taken (such as promotions or awards denied) as a result of compliance and ethics considerations?

9. Continuous improvement, periodic testing, and review. The OIG calls for compliance officers to ensure that there is an audit work plan that focuses on identified high-risk areas. Many of these high-risk areas are specifically identified in its compliance guidance documents, advisory opinions, annual work plans, etc.

  • What types of audits would have identified the misconduct at issue and were they conducted?
  • Did management and the board follow up on audit findings and failures? Does the company test its controls?
  • Does the company routinely update its compliance program and make sure it adequately addresses current risks?

10. Third party management. In the case of the OIG, considerable attention and concern is placed on arrangements with individuals in a position to influence the flow of business. It calls for an Arrangements Database that includes processes, policies, and monitoring of such agreements.

  • Does the company’s third party management process adequately analyze risk?
  • Are there appropriate controls with regard to third parties?
  • Does the company adequately respond to third-party red flags?
  • Has company suspended, terminated, or audited a third party as a result of compliance issues?

11. Mergers and acquisitions (M&A). This analysis focuses on due diligence and integration.

  • In the event misconduct is discovered after a merger, was proper due diligence conducted during the M&A process?
  • How has the compliance function been integrated into the M&A process?

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

 

Highlight on Maine: Able-bodied MaineCare recipients could be subject to more stringent requirements

“Able-bodied adults” would be subject to work/education requirements and a lifetime limit of five years under changes Mary Mayhew, director of the Maine Department of Health and Human Services, proposed to Maine’s Medicaid program, MaineCare. In a letter to HHS Secretary Tom Price, Mayhew said she would be seeking the changes in a forthcoming formal 1115 demonstration waiver request.

Mayhew’s letter comes at the heels of a referendum campaign to expand Medicaid in Maine at, according to Mayhew, a cost of $400 million over the next five years. A second motivation is the apparently sympathetic Trump Administration, which has proposed replacing Medicaid with block grants.

Mayhew said that the state has expanded its Medicaid program over decades, resulting in the use of hundreds of millions of state dollars “to turn Medicaid into an entitlement program for working-age, able-bodied adults.” MaineCare serves 270,000 individuals, just over 20 percent of Maine’s population, which, Mayhew said, represents a 22 percent reduction in enrollment since 2011.

Mayhew’s Medicaid proposals include the following:

  • work or education requirements for able-bodied adults in the Medicaid program, similar to the work requirements for Temporary Assistance for Needy Families (TANF) or Able-Bodied Adults Without Dependents (ABAWDs) in the Supplemental Nutrition Assistance Program (SNAP);
  • a five-year lifetime limitation on able-bodied adults’ eligibility for Medicaid;
  • limiting non-emergency transportation (NET) to situations where the underlying service to or from which individuals are being transported is a required Medicaid service and requiring them to access existing transportation resources before accessing NET;
  • requiring monthly premiums for adults who are able to earn income;
  • requiring monthly coinsurance of a set amount (approximately $20) for all members, cost-sharing of $20 for using the emergency department, and fees for missed appointments;
  • applying a reasonable asset test to Medicaid; and
  • waiver of the retroactive coverage of services incurred during the 90 days before Medicaid eligibility.

 

Kusserow on Compliance: Civil monetary penalty rules revised regarding inducements

In December 2016, the HHS Office of Inspector General (OIG) issued a Final rule applying to the Civil Monetary Penalty Law (CMPL) administered by the OIG. The legislation creating the law came about in 1981, upon my request as HHS Inspector General. In testimony before Congress, I requested legislation to provide an administrative alternative to the False Claims Act.  This was to permit taking action against wrongdoers administratively, rather than through the court system. The resulting legislation authorized the imposition of administrative penalties and assessments on any person who “offers to or transfers remuneration to any individual eligible for benefits” under a federal health care program “that such person knows or should know is likely to influence such individual to order or receive from a particular provider, practitioner, or supplier any item or service for which payment may be made, in whole or in part” by a federal health care program–in short, it imposes financial penalties and exclusion from federal health care programs and participation in any state health care programs. The HHS Secretary assigned these authorities to the OIG. Remuneration is a major element in the CMPL and is implicated in other legislation, including the Anti-Kickback Statute and Stark Laws. It has undergone changes in definition over time.  The following outlines the five new exceptions to its definition under CMPL.

Five new exceptions to the definition of remuneration

  1. Reduction in copayment for certain outpatient services. The rule adds a cost-sharing exception permitting reduction in the copayment amount for covered outpatient department services, but does not apply to physician practice billing.
  2. Remuneration that poses a low risk of harm and promotes access to care. A provider can avoid the CMPL when it provides items or services that improve a beneficiary’s ability to obtain items and services payable by Medicare or Medicaid, and pose a low risk of harm to beneficiaries and the programs. This does mean it permits remuneration that would be likely to influence a patient to access unnecessary care. The inclusion of “items and services” revises the earlier proposed language, “medically necessary health care items and services.”  Cash and cash equivalents would not meet the criteria for the exception.
  3. Retailer rewards and discounts. Retailers may offer or transfer items or services for free or less than fair market value without being subject to civil monetary penalties. However, they must consist of coupons, rebates, or other rewards from a retailer; be offered or transferred on equal terms available to the general public, regardless of health insurance status; and must not be tied to the provision of other items or services reimbursed in whole or in part by a federal health care program.
  4. Remuneration to financially needy individuals. The regulations also provide for a financial need-based exception to the definition of remuneration, wherein a person may offer or transfer items or services for free or less than fair market value if: the items or services are not offered as part of an advertisement or solicitation and are not tied to the provision of other items or services reimbursed in whole or in part by a Federal health care program; there is a reasonable connection between the items or services and the medical care of the individual; and the person providing the items or services must determine in good faith that the individual is in financial need.
  5. Copayment waivers for the first fill of generic drugs. A Medicare Part D Plan sponsor may waive any copayment for the first fill of a covered Part D drug that is a generic drug, as long as the waiver is included in the benefit design package submitted to CMS.

These regulatory changes are effective January 6, 2017. A separate section of the same rule package focused on revision of the Anti-Kickback provisions.  For information about those changes, see my December 29, 2016, post.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2016 Strategic Management Services, LLC. Published with permission.