Kusserow on Compliance: Appealing exclusions–practical advice

Attorneys and consultants frequently have sanctioned clients desperately wanting to appeal and overturn the HHS Office of Inspector General (OIG) decision on exclusion, adding them to the List of Excluded Individuals and Entities (LEIE). The desperation is driven by the fact that exclusion is tantamount to putting them out of business. Few health care providers of services and products can function without access to federal health care programs and trying to continue servicing in that area after exclusion represents further violation of law with increased penalties.

Tom Herrmann, J.D., served over 20 years in the Office of Counsel to the Inspector General and as Appellate Judge for the Medicare Appeals Counsel and is frequently engaged to assist in Medicare appeals. He explained that there is, indeed, a process for appeal on exclusion to an HHS Administrative Law Judge (“ALJ”), the HHS Departmental Appeals Board (“DAB”), and ultimately the federal courts.  However, he warns that trying to appeal exclusions imposed by the OIG is not generally advisable, in that they are rarely overturned.  This is because most exclusion actions, both mandatory and discretionary, are derivative of a prior official action, whether it is court conviction or licensure board revocation.  Upon appeal, the underlying predicate action for exclusion may not be challenged through the established administrative and judicial review process.  The governing regulations provide further that an ALJ may not “review the exercise of discretion by the OIG to exclude an individual or entity under section 1128(b) of the Act, or determine the scope or effect of the exclusion.”   Moreover, the ALJ is prohibited from setting “a period of exclusion at zero, or reduce[ing] a period of exclusion to zero, in any case where the ALJ finds that an individual or entity committed an act described in section 1128(b) of the Act.”

Furthermore, an excluded party can affect entities with who affiliated. Should a provider permit an excluded party to be involved in services, it will create a liability to that organization.  As a condition of participation in Medicare/Medicaid, it is the affirmative duty and responsibility of the organization to ensure that any provider of services or products that is included in claims submitted for payment to those programs are licensed, qualified and NOT excluded.  To engage excluded parties places in jeopardy the entity’s status as a provider.  Furthermore, it is the OIG’s position that all claims submitted that include anything from a sanctioned provided may be considered false and potentially fraudulent.  Providers should take steps to avoid being poisoned by excluded parties.  Sanction screening can be a challenge because of multiple exclusion databases and variations of names and data.

Practical tips

Organizations should consider the following:

  • The fact that most exclusions arise from court or licensing agency actions underscores the importance of sanction screening and conducting background investigations prior to engaging employees, contractors, and vendors, to ensure they have not been subject to adverse actions by these authorities.
  • Screen parties before engaging them and thereafter periodically (e.g. monthly) against the LEIE or relevant State sanction lists.
  • Ensure data used in screening is accurate and up to date. Frequently, sanctioned parties disguise their exclusion with a name change (e.g. spouse surname), variations on name (particularly significant in the case of names that are transliterated).
  • Include on any application for employment or for medical privilege a statement that they are not under investigation and have not been subject of adverse action by any duly authorized enforcement agency.
  • Check the enrollment and exclusion status of physicians and other non-physician practitioners that routinely order or prescribe, as any services ordered or prescribed by an excluded health care practitioner will not be eligible for program payments.
  • If a party is verified to be on an exclusion list, take immediate action to terminate the party; determine the monetary exposure of the services involving that party that was billed to Federal health care programs; and disclose the findings to the OIG.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Meeting sanction-screening requirements

As the HHS Inspector General, I created what is now referred to as the List of Excluded Individuals and Entities (LEIE). This was followed by various HHS Office of Inspector General (OIG) compliance guidance documents that call for screening employees, physicians, vendors, and contractors against the LEIE. Subsequently, the OIG encouraged screening against the General Service Administration’s (GSA) Excluded Parties List System (EPLS), now part of the System for Award Management (SAM).  Other federal sanction databases worth screening are maintained by the Drug Enforcement Administration (DEA) and FDA, as well as the Department of the Treasury Office of Foreign Assets Control (OFAC) Terrorist Watch List. As a condition of enrollment, providers may not employ or contract with individuals or entities that are excluded from participation in any federal health care program.  All claims and costs associated with an excluded party may be viewed as false and fraudulent and, potentially, leading to significant financial penalties and more.  The OIG Special Advisory Bulleting on the Effect of Exclusion provides very useful information in assessing this risk area

CMS calls for screening, not only against the LEIE, but also the GSA debarment list. It sent letters to State Medicaid Directors calling on them to screen their enrolled providers for exclusions against state Medicaid exclusion databases on a monthly basis. To date, 40 states have moved to establish their own Medicaid sanction lists, with a number of other states in the process of doing the same. This has increased the sanction screening burden exponentially, not only for the compliance office but other departments as well. Human resources management (HRM) normally has the responsibility of screening new hires and periodically screening current employees.  Procurement is also affected because it handles the screening of vendors and contractors.  Lastly, the Medical Credentialing Office must be involved in order to screen physicians who have been granted staff privileges.

Alena Treen, of the Compliance Resource Center (CRC), has more than 15 years’ experience with sanction screening services. She notes that spending time, money, and resources on developing and maintaining a search engine and regularly collecting and updating sanction information from many databases is not very cost effective. This all has to be done before you begin the search process and resolving potential hits.  This option is prohibitive in terms of costs, time, effort, and quality control to guard against errors or omissions.

Carrie Kusserow also has over 15 years’ experience in sanction screening as a compliance officer and consultant. She makes the point that the high cost of using internal resources to develop and manage the sanction-screening process has resulted in the great majority of health care entities subscribing to a vendor service that provides a search engine to their established databases. Vendors can afford the high cost of maintaining the currency of the data because they amortize the costs over many clients. The problem is that vendor quality, cost, and reliability can vary enormously. From experience, she offers the following tips for those considering a vendor:

  1. Know the cost up front with a fixed rate, not based upon per click searches.
  2. The contract should permit cancelling, without cause at any time, if dissatisfied.
  3. Ensure the vendor has liability insurance (preferably $1-3 million).
  4. Determine other services included (e.g. policy templates, regulatory updates, etc.).
  5. Determine how much “help desk” assistance is available to resolve potential hits.

Outsourcing sanction screening process

Jillian Bower has been providing sanction-screening services for years. She says using a vendor’s sanction screening tool to conduct screenings is only part of easing the burden.  The bulk of the effort remains in conducting the actual screening, resolving potential “hits,” and preparing a report for the record to evidence it was all done correctly.  In seeking the right vendor, look for one that includes all those steps in its agreements, but also permits–without added charge–the use of the vendor’s tool for ad hoc and individual screening, as needed.  The vendor also should be prepared to provide certified reports on the results of each round of screening that can be made part of the organization’s permanent record to evidence its completion; it should be available if the OIG or another government agency challenges the organization on meeting this compliance obligation.  Bower says the additional cost of going beyond just using a vendor’s sanction screening tool to having the vendor actually perform the searching and resolve the potential hit is surprisingly inexpensive, when compared against the time and cost of doing the work in-house.  In many cases, it may be actually be less than what some vendors would charge for only using their screening tools.  She stresses the importance of maintaining records of all sanction screenings to evidence that it was conducted properly to avoid penalties.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Factors OIG considers in deciding exclusions

The HHS Office of Inspector General (OIG) has authority exclude any individual or entity engaging in prohibited activities from participation in the federal health care programs, and add him or her to their List of Excluded Individuals and Entities (LEIE). The effect of this is that no payment may be made for any items or services furnished by an excluded individual or entity, or directed or prescribed by an excluded physician. This authority is anchored in legislation going back to 1977; the OIG was delegated authority to impose civil monetary penalties (CMPs), assessments, and program exclusion on health care providers and others determined to have submitted, or caused the submission of, false or fraudulent claims to the Medicare or Medicaid programs. During my 11-year tenure as Inspector General (IG), the administrative remedies were broadened to address additional types of misconduct. This has continued over the years.  Passage of the Patient Protection and Affordable Care Act (ACA) (P.L. 111-148) amended and expanded the existing authority for the OIG to impose CMPs and exclusions.

 Factors in exclusion decisions

The LEIE database is very large, with 3,000 new exclusions being added annually. About half of the exclusions included in the database are for criminal convictions related to health care programs and for patient abuse or neglect. These are mandatory exclusion.  In addition, the OIG has discretionary authority to exclude for other types of misconduct, such as license revocation or suspension, exclusion or suspension from another federal or state health care program, provision of unnecessary or substandard services, fraud or kickbacks, and default on a health education loan.

Tom Herrmann, J.D. served over 20 years in the Office of Counsel to the Inspector General. He explained that when exercising its discretionary authority to exclude, the OIG takes into consideration a number of factors, including the following:

  • Nature and circumstances of conduct. This includes determining adverse physical, mental, financial, or other impact to program beneficiaries, recipients, or other patients.
  •  Financial loss. Conduct  that (1) was part of a pattern of wrongdoing; (2) occurred over a substantial period of time; (3) was continual or repeated; and (4) continued until or after the person learned of the Government’s investigation indicates higher risk.
  • Leadership role. If the individual organized, led, or planned the unlawful conduct.
  • History of prior fraudulent conduct. History of judgments, convictions, decisions, or settlements in prior enforcement actions, as well as (1) refusal to have entered into a corporate integrity agreement (CIA), (2) breach of a prior CIA, or (3) lies or failure to cooperate with the OIG while under a CIA.
  • Conduct during investigation. Any (1) obstruction in the investigation or audit; (2) taking any steps to conceal the conduct from the government; or (3) failure to comply with a subpoena.
  • Resolution. The inability to pay an appropriate monetary amount (including damages, assessments, and penalties) to resolve a fraud case.
  • Absence of compliance program. Absence of a compliance program that incorporates the seven elements of an effective compliance program.

Avoiding exclusion

There are a number of steps that can be taken to reduce the likelihood of the OIG exercising its discretion to exclude parties and put them on the LEIE. These include being able to evidence:

  1. Initiating internal investigation and sharing results before the government gets involved;
  2. Self-disclosing an internal investigation;
  3. Cooperating with the government, if it initiate an investigation;
  4. Taking appropriate disciplinary action against individuals responsible for bad conduct;
  5. Implementing an effective compliance program, prior to government investigation;
  6. Devoting increased/improved support for the compliance program; and
  7. Having in the past self-disclosed overpayments in good faith to the OIG and CMS.

LEIE sanction screening

Screening individuals and entities prior to engagement and periodically thereafter is not optional–it is a necessity.   The best practice is to screen monthly against the LEIE and any state exclusion database where business is conducted, in that CMS has set this as a standard for Medicaid Directors.   In addition to screening against the LEIE, most states require screening against their database of sanction parties. Often there are delays in resolution of cases, so that a party may not be included in a sanction database at time of engagement, but is added later. Furthermore, inasmuch as most state Medicaid Fraud Control Units report their criminal actions to the OIG, that in turn includes them in the LEIE, resulting in frequent cases of multiple hits for the same underlying action. This is further complicated by the fact that there are delays when actions by state agencies are reported to the OIG for their determination to add them to the LEIE.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: OIG imposed penalties for noncompliance with corporate integrity agreements

Health care organizations continue to enter into corporate integrity agreements (CIAs) with the HHS Office of Inspector General (OIG) in exchange for the OIG not seeking an exclusion from participation in federal health care programs. There are serious “stipulated penalties” or, in the case of a material breach, possible exclusion from Medicare and Medicaid for non-compliance with CIA terms and conditions.

Carrie Kusserow, a nationally recognized expert on CIA compliance, found that a real “game changer” has been the inclusion of certifications in CIAs by members of the board, executive leadership, and compliance officers. Under the CIA, there are stipulated penalties for false certifications.  Furthermore, they could also be considered a material false statement or representation implicating the False Claims Act. To take away any defenses to false certifications by board members, the OIG requires they engage a compliance expert to assist them in meeting their obligations. The expert reports must be included with those provided to the OIG. This places direct burden on board members for compliance with the CIA and subjects them to personal peril for non-compliance.  This, in turn, adds pressure on the compliance officer and executive leadership to be able to evidence meeting all the compliance obligations.  Many boards and executive leadership members wake up after a CIA is signed to realize how much must be done to meet the tight deadlines required under the agreement.

Stipulated penalties

Stipulated penalties include:

  • Daily penalties for failure to (a) comply with terms and conditions related to the compliance program; (b) engage and use an independent review organization (IRO); (c) submit a complete implementation report, annual report, or any certifications on time; and (d) submit any mandated claims review report.
  • $50,000 per false certification in (a) implementation reports, (b) annual reports, and (c) other OIG requested documentation.
  • $1,000 per day for each compliance failure with any obligation of the CIA.

Material breaches

Material breaches include:

  • Not responding to an OIG demand letter;
  • Not reporting a reportable event;
  • Not taking corrective action of CIA violations;
  • Not making appropriate refunds of overpayments;
  • Not responding to demands for stipulated penalties payments; and
  • Not engaging and using an IRO.

Enforcement actions

Tom Herrmann, J.D., former executive in the Office of Counsel to the Inspector General and an appellate judge for the Medicare Appeals Board, notes an organization can request a hearing before an HHS administrative law judge to dispute the OIG’s determination of noncompliance resulting in a stipulated penalty or exclusion, but this rarely proves to be a viable alternative. The OIG is not reluctant to use its authority to enforce compliance with CIAs and noted the following recent examples of enforcement actions taken by the agency for violations of CIA terms and conditions:

  1. Special Care Hospital Management Corp. and its CEO paid $30,000 for failure to conduct legal review of new, renewed, and existing focus arrangements and to timely submit its first annual report.
  2. Kindred Healthcare paid $3,073,961 for failing to correct improper billing practices in the fourth year of its CIA.
  3. A Maryland cardiology practice and physicians paid $2,800 for failure to timely submit its second annual report.
  4. A North Carolina physician paid $10,000 for not prominently posting the HHS OIG Fraud Hotline telephone number; failing to provide the required amount of compliance training within 60 days of the CIA; not screening employees and contractors; and submitting the implementation report late.
  5. Roberts Physical and Aquatic Therapy and its owner were excluded for six years for failing to report and to repay an IRO-identified overpayment and stipulated penalties.
  6. A pain management company was excluded for five years for not paying stipulated penalties of $34,000 and $239,961.80 in overpayments identified by its IRO.
  7. A Florida physician paid $20,000.00 for late submission of his first annual report.
  8. A renal dialysis company paid $450,000 for failure to comply with focus arrangements procedures and requirements.
  9. A Florida physician paid $12,000 for failure to: timely submit his third quarterly claims review report, provide training, retain an IRO, perform sanction screening, and timely submit an implementation report.
  10. A health services company was excluded for failing to timely retain an IRO and had to retain a quality monitor and extension on its CIA.
  11. A sleep clinic paid $5,000 for failure to disclose two reportable events involving the Anti-Kickback Statute.
  12. A Florida medical device company paid $15,000 for failure to: screen employees and contractors, distribute revised policies and procedures, and provide parties to focus arrangements with a copy of its code and Anti-Kickback Statute policies and procedures.
  13. A Puerto Rican physician paid $6,300 for failure to engage a new IRO within 60 days of terminating his previous one.
  14. A Maryland practice management company was penalized for failure to timely submit an implementation report and thereafter filed for bankruptcy.
  15. A health management company was excluded for failure to: implement compliance policies and procedures; report quality of care reportable events; develop and maintain a disclosure program and log; hire regional dental directors; perform onsite review; report and refund overpayments; conduct training and education; provide accurate certifications; and report quality of care reportable events.
  16. A pain management company, ambulatory center, and owner paid $5,000 for failure to designate and maintain a compliance contact, as required.
  17. A California hospital paid $105,000 for failing to comply with arrangements procedures and focus arrangements requirements.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.