Kusserow on Compliance: Most organizations reported encounters with government authorities

• Most organizations have made disclosures for HIPAA breaches and overpayments
• One third received demand letters
• Other encounters report were with OIG and DOJ

It is widely recognized that regulatory and legal enforcement activities have been increasing over the last few years. The results should be a warning bell to all compliance officers that regulators and enforcement officials are right around the corner, necessitating increased efforts on ongoing monitoring and auditing to mitigate exposure of compliance-related risk areas. In the soon to be released national healthcare “2019 Compliance Benchmark Survey” most respondents reported having encountered issues with government agencies in last five years. Ranking at the top, with nearly two-thirds of the respondents, was disclosure to the HHS Office for Civil Rights (OCR) for breaches of privacy under the Health Insurance Portability and Accountability Act (HIPAA). Over half reported making self-disclosures of overpayments received and addressing audits or investigations by government agencies. One-third reported responding to a demand letter from a government agency or contractor. Serious legal encounters with the government was reported at a much lower level.  One out of five respondents reported self-disclosure to the DOJ, OIG and CMS.  About one out of eight respondents reported their organization being involved in the settlement process with DOJ, self-disclosing to the OIG engagement of sanctioned individuals/entities, and being involved in a settlement process for a corporate integrity agreement (CIA).

The “2019 Compliance Benchmark Survey” report will be available without charge at the upcoming HCCA conference in Boston at Strategic Management Services, Booth 420. 

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Board compliance expertise needed to protect against liabilities

– OIG “White Papers” and CIAs are must-reads for compliance officer

– CIA board member certification mandates is a “game changer”

– Boards need “compliance literate” members

– Compliance officers should not wait for boards’ engagement of experts

Government regulators have advised for decades that effective Compliance Programs begin at the top with the Board and cascade down through the executive leadership and the compliance officer to all employees. The OIG and American Health Lawyers Association (AHLA) issued three communications that underscore the Board compliance duties and responsibilities. The most recent is “Practical Guidance for Health Care Governing Boards on Compliance Oversight” which advised Boards to have compliance expertise available to make sure they meet all fiduciary duties and obligations in overseeing corporate compliance.

Carrie Kusserow, with 20 years experience as a compliance officer and consultant who brought organizations through CIA mandates, has found the Practical Guidance particularly significant.  It calls for Boards to engage Compliance Experts to assist them in meeting their obligations and it is noteworthy that it provides almost identical language to the language used in CIAs regarding Boards’ use of Compliance Experts. In cases where the OIG finds that the Board has not been providing the proper oversight of the compliance program, the OIG really nails the organization down in the CIA mandates, which now require personal certifications of board members. She suggests that Compliance Officers should review recent CIAs to learn what the OIG considers as best practices for a Board in engaging a Compliance Expert to be on call for advisory services.

Steve Forman, a CPA with more than twenty years experience as a Compliance Officer, compliance consultant, and has been engaged on many occasions as Board Compliance Expert.  He notes that the CIA mandates for Boards to engage a Compliance Expert because most board compliance oversight lacks members who are experts in compliance. Whereas Board Audit Committees always include “financially literate” members, most Board committees providing compliance program oversight lack members who are “compliance literate.” The result is relatively few boards have with anyone with compliance expertise to assist in proper oversight and support for the Compliance Program. His best advice for Boards is to include someone who is “compliance literate” that knows what questions to be asked and assess program effectiveness.

For more information on this subject, contact Carrie Kusserow (ckusserow@strategicm.com)

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Understanding and addressing whistleblowers

The vast majority of the cases resolved by the Civil Division of the Department of Justice (DOJ) were cases brought by “whistleblowers” under the qui tam provision of the False Claims Act (FCA). Whistleblowers are responsible for an even higher percentage of cases resulting in OIG Corporate Integrity Agreements (CIAs). Although most compliance officers are well aware of this program, many remain unclear as to how the process works. Tom Herrmann, J.D., who served over 20 years in the Office of Counsel to the OIG and as an Appellate Judge for the Medicare Appeals Board, explained that Congress permitted a whisltleblower called the “Relator” to file a case with the DOJ under the FCA.  Since this provision of law went into effect in 1986, there have been over 10,000 qui tam cases filed with a current average of one such case being filed every day of the year. The intent was to create incentives for private parties to detect and pursue fraud under the FCA. In return for reporting this information, Relators receive a portion (usually about 15 to 25 percent) of any recovered damages.  Once the lawsuit is filed, it is placed “under seal”, meaning that it is kept secret from everyone but the government, in order to give the DOJ enough time to investigate the allegations in deciding whether to join (“intervene”) in the case. Intervention by the DOJ occurs only in about one in five qui tam lawsuits, leaving whistleblowers the option to pursue cases on their own, however the chances of success are much lower than in cases when the government joins. Most successful qui tam cases are resolved through settlement negotiations rather than a court trial, although trials may occur.

Kash Chopra, J.D., noted that the overwhelming number of cases that result in a CIA, arise from whistleblowers and these, in turn, are based upon violations of the federal Anti-Kickback Statute (AKS). It is the government’s position that all claims arising from a corrupt arrangement violating the AKS or in some cases, the Stark Law, are considered fraudulent. This is even when the services rendered were needed and provided appropriately.  She advises here clients that the best ways to manage the whistleblower risk is to ensure that they are channeled through internal communication channels and their complaints are promptly evaluated, investigated, and resolved.  It is worth considering the following:

  1. Using outside experts to independently audit arrangements with physicians and evaluate compliance communication channel effectiveness.
  2. Ensuring a 24/7 hotline operated externally by experts in recognizing health care compliance issues.
  3. Reviewing/updating hotline-related polices/procedures (confidentiality, anonymity, non-retaliation, duty to report, etc.).
  4. Making sure that the duty to report suspected wrongdoing is explained in the Code, policies and training.
  5. Having trained and competent people on hand to conduct prompt and competent investigations of matters raised through the hotline.
  6. Moving quickly to use CMS and OIG self disclosure protocols when there is credible evidence of violations; and not wait until the DOJ gets involved.

For more information on this subject, Kashish Parikh-Chopra can be reached at kchopra@strategicm.com or via telephone at (703) 535-1413.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: OIG cases involving sanctioned parties and tips to avoid violations

Compliance Officers must screen employees against the List of Excluded Individuals and Entities (LEIE). This is stressed in all of the OIG’s compliance guidance documents. CMS makes it a condition of participation and enrollment. The LEIE continues to change and grow with more than 3,000 exclusions added annually. Failure to screen employees, medical staff, contractors, and vendors results in a great risk. The OIG may consider claims that include work or products from a sanctioned party to be false and fraudulent. Violations can result in monetary penalties. Most cases that deal with this issue are brought to the OIG’s attention through the “Self-Disclosure Protocol.”  In all the recent cases posted, the OIG imposed penalties, but the penalties were mitigated by the fact the matters were self-disclosed—as a result, none of these cases resulted in a Corporate Integrity Agreement (CIA). The OIG posts a number of these cases on its website. The following are examples of recent actions against organizations that engaged individuals they knew or should have known were excluded from participation in the federal health care programs:

  • Southwest Trinity Management, LLC (STM), in Oklahoma paid $141,986.36 in settlement for employing an excluded licensed practical nurse that provided items or services that were billed to Federal health care programs.
  • Diamonds & Pearls Health Services, LLC (DPHS), Cleveland, Ohio paid $75,471.92 for employing an excluded individual who was a scheduling/staffing coordinator, provided items or services to DPHS patients that were billed to Federal health care programs.
  • Center for Ear, Nose Throat & Allergy, P.C. (CENTA) in Indiana, paid $51,564.14 for employing an excluded medical records file clerk, provided items or services to CENTA’s patients that were billed to Federal health care programs.
  • MHMR, Fort Worth, Texas, paid $97,869.78 for employing a program director who had been excluded to provide items or services to clients who were receiving services funded by a Medicaid waiver program.
  • Shawnee Health Services (Shawnee), Carterville, Illinois, paid $107,761.08 as result of employing an excluded individual as a case manager, provided items or services to clients that were receiving services under a Medicaid waiver program.
  • Arkansas Department of Health (ADH) paid $39,343.61 as result of employing an excluded hospice social worker that provided items or services to patients of a community based hospice operated by ADH.
  • Century Pharmacy (Century), Brooklyn, New York, paid $10,000 for an employed excluded individual, who assisted in filling prescriptions in addition to performing other clerical tasks, provided items or services to Century patients that were billed to Federal health care programs.
  • Sundance Behavioral Healthcare System (Sundance), Texas, paid $49,183.48 for an employed sanctioned licensed vocational nurse that provided items or services to patients that were billed to Federal health care programs.
  • ASAP Professional Home Health (ASAP), Houston, Texas, paid $21,797.76 for an employed excluded attendant, provided items or services to ASAP patients that were billed to Federal health care programs.

Practical Screening Tips

  1. Ensure periodic sanction screening of employees, medical staff, contractors, and vendors against the LEIE—best practice is monthly screening.
  2. Inasmuch as most states have developed their own exclusion database, with many states mandating monthly screenings, care should be taken to understand and meet state screening requirements.
  3. Inasmuch as most LEIE exclusions arise from another underlying court, state agency, or licensure board action, it is advisable to also conduct background checks and seek written assurances in applications that prospective employees, contractors, and vendors have not been subject to any prior court or licensure board actions.
  4. It is common for individuals that may be the subject of an investigation, but not yet sanctioned with final actions, to be under investigation for considerable time, therefore it is a best practice to require as a condition of employment, gaining staff privileges, or engagement for the applicant to attest that they have not been, nor are they now, the subject of an investigation by any duly authorized regulatory or enforcement agency. It is also advisable to add a condition that they must promptly report any notice of investigation that involves them.
  5. Educate and inform management and employees on their obligation to promptly report any notification of an adverse action by any duly authorized regulatory or enforcement agency.

Daniel Peake of the Compliance Resource Center (CRC) works with many organizations in ensuring proper sanction screening and from that experience offers a number of practical tips to avoid creating an actionable violation.  He can be reached at dpeake@strategicm.com or (703) 236-9850.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.