Kusserow on Compliance: Board members must meet their compliance obligations

Both the DOJ and OIG have been moving to make board members more accountable for meeting fiduciary duties and obligations in overseeing the Compliance Program. The OIG has long called for a top-down compliance program, beginning at the board level. The OIG and American Health Lawyers Association published “Corporate Responsibility and Corporate Compliance: A resource for Health Care Boards of Directors” that sets forth how these obligations should be met. These standards are being included in Corporate Integrity Agreements that mandate personal attestations from board members regarding the effectiveness of the Compliance Program.

Traditionally, Outside Directors were the primary watchdogs of any board that oversaw of the audit, compliance, and compensation committees, rather than directors from the management of the enterprise. An Independent Director should not be affiliated with the organization as an adviser, auditor or consultant or have personal services contract(s) with the Company. One type of Independent Director that should be on the board is one that is also “compliance literate,” meaning having intimate knowledge of compliance as result of having been a compliance officer, an attorney who has dealt with compliance issues, experience as a compliance consultant, etc. They should have the requisite knowledge and skills to be able to critically evaluate the information and needs relating to the Compliance Program. If not already done, it is advisable for Compliance Officers to work on educating the board on their fiduciary obligations and the merits of having a compliance literate board member.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2020 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Most organizations reported encounters with government authorities

• Most organizations have made disclosures for HIPAA breaches and overpayments
• One third received demand letters
• Other encounters report were with OIG and DOJ

It is widely recognized that regulatory and legal enforcement activities have been increasing over the last few years. The results should be a warning bell to all compliance officers that regulators and enforcement officials are right around the corner, necessitating increased efforts on ongoing monitoring and auditing to mitigate exposure of compliance-related risk areas. In the soon to be released national healthcare “2019 Compliance Benchmark Survey” most respondents reported having encountered issues with government agencies in last five years. Ranking at the top, with nearly two-thirds of the respondents, was disclosure to the HHS Office for Civil Rights (OCR) for breaches of privacy under the Health Insurance Portability and Accountability Act (HIPAA). Over half reported making self-disclosures of overpayments received and addressing audits or investigations by government agencies. One-third reported responding to a demand letter from a government agency or contractor. Serious legal encounters with the government was reported at a much lower level.  One out of five respondents reported self-disclosure to the DOJ, OIG and CMS.  About one out of eight respondents reported their organization being involved in the settlement process with DOJ, self-disclosing to the OIG engagement of sanctioned individuals/entities, and being involved in a settlement process for a corporate integrity agreement (CIA).

The “2019 Compliance Benchmark Survey” report will be available without charge at the upcoming HCCA conference in Boston at Strategic Management Services, Booth 420. 

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Board compliance expertise needed to protect against liabilities

– OIG “White Papers” and CIAs are must-reads for compliance officer

– CIA board member certification mandates is a “game changer”

– Boards need “compliance literate” members

– Compliance officers should not wait for boards’ engagement of experts

Government regulators have advised for decades that effective Compliance Programs begin at the top with the Board and cascade down through the executive leadership and the compliance officer to all employees. The OIG and American Health Lawyers Association (AHLA) issued three communications that underscore the Board compliance duties and responsibilities. The most recent is “Practical Guidance for Health Care Governing Boards on Compliance Oversight” which advised Boards to have compliance expertise available to make sure they meet all fiduciary duties and obligations in overseeing corporate compliance.

Carrie Kusserow, with 20 years experience as a compliance officer and consultant who brought organizations through CIA mandates, has found the Practical Guidance particularly significant.  It calls for Boards to engage Compliance Experts to assist them in meeting their obligations and it is noteworthy that it provides almost identical language to the language used in CIAs regarding Boards’ use of Compliance Experts. In cases where the OIG finds that the Board has not been providing the proper oversight of the compliance program, the OIG really nails the organization down in the CIA mandates, which now require personal certifications of board members. She suggests that Compliance Officers should review recent CIAs to learn what the OIG considers as best practices for a Board in engaging a Compliance Expert to be on call for advisory services.

Steve Forman, a CPA with more than twenty years experience as a Compliance Officer, compliance consultant, and has been engaged on many occasions as Board Compliance Expert.  He notes that the CIA mandates for Boards to engage a Compliance Expert because most board compliance oversight lacks members who are experts in compliance. Whereas Board Audit Committees always include “financially literate” members, most Board committees providing compliance program oversight lack members who are “compliance literate.” The result is relatively few boards have with anyone with compliance expertise to assist in proper oversight and support for the Compliance Program. His best advice for Boards is to include someone who is “compliance literate” that knows what questions to be asked and assess program effectiveness.

For more information on this subject, contact Carrie Kusserow (ckusserow@strategicm.com)

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Understanding and addressing whistleblowers

The vast majority of the cases resolved by the Civil Division of the Department of Justice (DOJ) were cases brought by “whistleblowers” under the qui tam provision of the False Claims Act (FCA). Whistleblowers are responsible for an even higher percentage of cases resulting in OIG Corporate Integrity Agreements (CIAs). Although most compliance officers are well aware of this program, many remain unclear as to how the process works. Tom Herrmann, J.D., who served over 20 years in the Office of Counsel to the OIG and as an Appellate Judge for the Medicare Appeals Board, explained that Congress permitted a whisltleblower called the “Relator” to file a case with the DOJ under the FCA.  Since this provision of law went into effect in 1986, there have been over 10,000 qui tam cases filed with a current average of one such case being filed every day of the year. The intent was to create incentives for private parties to detect and pursue fraud under the FCA. In return for reporting this information, Relators receive a portion (usually about 15 to 25 percent) of any recovered damages.  Once the lawsuit is filed, it is placed “under seal”, meaning that it is kept secret from everyone but the government, in order to give the DOJ enough time to investigate the allegations in deciding whether to join (“intervene”) in the case. Intervention by the DOJ occurs only in about one in five qui tam lawsuits, leaving whistleblowers the option to pursue cases on their own, however the chances of success are much lower than in cases when the government joins. Most successful qui tam cases are resolved through settlement negotiations rather than a court trial, although trials may occur.

Kash Chopra, J.D., noted that the overwhelming number of cases that result in a CIA, arise from whistleblowers and these, in turn, are based upon violations of the federal Anti-Kickback Statute (AKS). It is the government’s position that all claims arising from a corrupt arrangement violating the AKS or in some cases, the Stark Law, are considered fraudulent. This is even when the services rendered were needed and provided appropriately.  She advises here clients that the best ways to manage the whistleblower risk is to ensure that they are channeled through internal communication channels and their complaints are promptly evaluated, investigated, and resolved.  It is worth considering the following:

  1. Using outside experts to independently audit arrangements with physicians and evaluate compliance communication channel effectiveness.
  2. Ensuring a 24/7 hotline operated externally by experts in recognizing health care compliance issues.
  3. Reviewing/updating hotline-related polices/procedures (confidentiality, anonymity, non-retaliation, duty to report, etc.).
  4. Making sure that the duty to report suspected wrongdoing is explained in the Code, policies and training.
  5. Having trained and competent people on hand to conduct prompt and competent investigations of matters raised through the hotline.
  6. Moving quickly to use CMS and OIG self disclosure protocols when there is credible evidence of violations; and not wait until the DOJ gets involved.

For more information on this subject, Kashish Parikh-Chopra can be reached at kchopra@strategicm.com or via telephone at (703) 535-1413.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.