Kusserow on Compliance: Many states are not in compliance with mandates to conduct provider criminal background checks

CMS required all states to conduct criminal background checks on high-risk providers before allowing them to receive Medicaid payments by July 2018. CMS could consider as overpayments any payments made to high-risk providers in those states that have not undergone a criminal background check. Those providers must return to CMS the federal share of those overpayment. The OIG found that 18 states failed to comply with the requirement by a CMS deadline of July 2018 and 13 still had not complied as of January 1, 2019. States cited three reasons for not complying:

  1. A lack of authority:Three states said their Medicaid agencies did not have proper oversight power for these background checks, requiring legislative or executive action to do this.
  2. A lack of resources:One state reported it did not have the necessary staff to do the background checks.
  3. A lack of criteria to determine “high-risk providers”: One state said it was actively revising its criteria based on concerns from the provider community, delaying compliance.

The OIG recommended CMS to (1) ensure all States fully implement fingerprint based criminal background checks for high-risk Medicaid providers; (2) amend its guidance so that states cannot forgo conducting criminal background checks on high risk providers applying for Medicaid, unless Medicare has conducted the checks; (c) compare high risk Medicaid providers’ self-reported ownership information to Medicare’s provider ownership information to help states identify discrepancies. CMS concurred with the first recommendation.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Increased CMS Spotlight on Nursing Facilities

CMS and states visit nursing homes on a regular basis with “survey” or “inspection” teams to determine if the nursing homes are providing the quality of care that is required by Medicare and Medicaid, as well as to identify deficiencies in meeting CMS safety requirements. When deficiencies are identified, they must be corrected, and, if serious ones are not corrected, it may lead to termination from participation in Medicare and Medicaid.

Most facilities correct their problems within a reasonable period. However, some have significantly more problems that the norm with a pattern of serious problems persisting over three or more years. Although some facilities institute enough improvement that they are in substantial compliance on one survey, significant problems often resurface by the time of the next survey. Such facilities are referred to by CMS as a “yo-yo” or “in and out” compliance history. These facilities rarely address underlying systemic problems that are giving rise to repeated cycles of serious deficiencies. To address this problem CMS created the “Special Focus Facility” (SFF) initiative that is a listing of problematic nursing homes that have had a history of serious quality issues and are included in a special program to stimulate improvements in their quality of care.

Those on the SFF list are visited in person by survey teams twice as frequently as other nursing homes (about twice per year). The longer the problems persist, the more stringent the enforcement actions, including imposition of civil monetary penalties (“fines”) or termination from Medicare and Medicaid.  Within about 18 to 24 months after a facility is identified by CMS as an SFF nursing home, CMS expects: (1) improvement & graduation off the SFF; (2) termination from participation in Medicare/Medicaid programs; or (3) extension of time on SFF because of some progress or change of ownership. For more information check the CMS website that posts SFF Nursing Homes in five (5) categories:

  1. newly added to the SFF;
  2. failing to show significant improvement since being posted on the SFF;
  3. showing significant improvement by the most recent survey, and CMS is monitoring;
  4. graduating off the SFF because they not only improved, but they sustained significant improvement for about 12 months (through two standard surveys); and
  5. terminated by CMS from participation in Medicare and Medicaid within, or voluntarily chose not to continue such participation.

To assist in improving Nursing Home quality, CMS began rating all nursing homes using a Five-Star Quality Rating System that can be found at https://www.medicare.gov/NHCompare.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Tips on mergers and acquisitions due diligence

– Failing to engage in regulatory due diligence may result in legal exposure

– Most M&As in health care fail to adequately check regulatory risk liabilities

Tom Herrmann, a former senior executive in the Office of Counsel to the Inspector General (OCIG) and Medicare Appeals Council Appellate Judge, provides interesting insights on this subject as result of his government experience and work with due diligence reviews.  Traditionally, law firms conducting due diligence reviews focus on contracts and other legal obligations. They examine a multitude of areas including an entity’s structure; contractual, intellectual and property obligations; securities and financing compliance; tax exposure risks; and previous and current litigation. Public accounting firms assess the financial accountability and viability of an entity. It is not uncommon for the accounting and law firms to have the scope of their due diligence reviews limited to their areas of expertise, which often do not include health care regulatory compliance. This may result in a failure to adequately review and address potential problems in the regulatory compliance arena. Regulatory due diligence is a specialized review process that requires the application of certain protocols, and protocols and can be performed quickly and efficiently to identify areas of regulatory risk and vulnerability. A review should include assessing the effectiveness of the entity’s compliance program; evaluating internal monitoring of high-risk areas; conducting sample of claims audits and extrapolations; and the ongoing internal audit process of a company. Regulatory compliance experts know where to look for weaknesses without having to do a “deep dive.” Thus, such a review can be performed in an efficient and cost-effective manner. He offers the following tips for those engaged in M&A:

  1. Any party considering an acquisition or entering into a merger should adequately assess potential future government enforcement or regulatory action. This provides an incentive for an acquiring party to require the disclosure prior to a merger or acquisition of any information or documentation relating to a pending or potential government enforcement or regulatory action.

 

  1. The matters disclosed during a regulatory due diligence review may encompass a broad range of issues, including employing or contracting with an excluded party, a flawed arrangement with a physician, or Medicare or Medicaid overpayments.

 

  1. Once a potential legal or regulatory violation is identified, a resolution of the matter, including self disclosure to appropriate government authorities, should be addressed by the parties.

Tom Herrmann may be reached at thermmann@strategicm.com or at (703) 535-1410 for more information on this topic.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: What boards do and do not need to know about compliance investigations

 The board needs to know about pending compliance issues, to meet its fiduciary obligations in providing proper oversight of a compliance program. The board needs to understand the processes by which issues are investigated and resolved. Not seeking and receiving this type of information borders on dereliction of responsibilities. The board does not need and should not receive details about raw and unsubstantiated allegations without the compliance officer and legal counsel first addressing them. If details of allegations of violation of laws and regulations are provided to the board, it risks that they will be accountable for how it is investigated and resolved. These are management issues, not oversight by the board. Any reporting on allegations that are being investigated should be general in nature to assure the board that it is being addressed appropriately.  The board should meet in executive sessions without the presence of members of management to query the compliance officer about any sensitive investigations, such as those involving senior members of management. Questions by the Board to the compliance officer and legal counsel certainly should include:

  1. How many allegations of violation of law were made and investigated to what result?
  2. What policies govern the investigative processes; and are they kept current?
  3. What processes are in place to ensure that complaints and allegations are fully investigated?
  4. What evidence is there those processes are being followed?
  5. Are there adequately trained individuals capable of conducting sensitive investigations?
  6. What processes are in place to appropriate react to and remedy?
  7. What processes ensure the board will have adequate notice about developments?
  8. What disclosure processes and policies are there for reporting suspected violations of law?
  9. Are there working investigative protocols between legal counsel and compliance?
  10. Are there any allegations received of wrongdoing made against members of senior management?
  11. What have been the results of significant investigations of wrongdoing?
  12. Has substantiated wrongdoing result in remedial action?
  13. What disclosures have been made to government agencies and were they timely?
  14. Has there been any reaction as result of disclosures to government agencies?
  15. Is there evidence of enforcement agency investigations involving the organization and if so what?
  16. Were any patterns identified from allegations warranting management actions?

For more information on this subject, see compliance.com or contact former HHS IG and FBI executive, Richard Kusserow, at rkusserow@strategicm.com.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.