Kusserow on Compliance: Tips for getting the most from your CIA

This was the title of a section in a presentation by Laura Ellis, HHS Office of Inspector General (OIG) Senior Counsel, at the recent Health Care Compliance Association (HCCA) Compliance Institute, where she explained that the settlement process is very lengthy, and that compliance officers should spend that time period preparing for what is to come. Even before matters are referred to the OIG for settlement negotiations, the matter will have been with the Department of Justice (DOJ) for a long time.  It is only after the DOJ turns matters over to the OIG that the agency determines whether or not a corporate integrity agreement (CIA) is necessary, and if so, what terms and condition should be included in the agreement.  Ellis stated that negotiations with the OIG may take up to a year before a CIA emerges.   It is during this rather long lead-up period that the compliance officer should be very busy preparing for what is to come.  Ellis offered a number of suggestions for the compliance officer to follow while this process is underway, including:

Thomas Herrmann, J.D., was previously responsible for negotiating CIAs on behalf of the OIG and in providing monitors with a number of years’ consulting experience, working with more than a dozen clients with CIAs and as an Independent Review Organization (IRO). He agreed with the Ellis statement about the long lead time before a CIA is signed, and that the compliance officer should not waste that valuable time.  Once executed, the clock begins ticking and a lot has to be accomplished in a relatively short time.   Among the most important tasks needing immediate attention is finding and vetting potential outside experts to be the IRO and, in some cases, compliance experts for the Board and quality monitors. The responsibility for selecting these experts lies with the organization, not the OIG.  This may take a lot of time and warrants serious consideration as in all likelihood, the organization will have them for five years.  A mistake in selection will come back to haunt the organization and may aggravate matters with the OIG.  The compliance officer should be very much involved in finding and selecting the right experts with the right expertise.   The more experience the firm selected has in performing this type of work, the less likely there will be problems.  An experienced firm won’t have the learning curve of an inexpert firm that oftentimes adds cost to the engagement and results in poor reports to the OIG.  For an organization that is already in hot water with the DOJ and OIG, this kind of complicating matter is not wanted.

Carrie Kusserow has over 15 years’ compliance officer and consultant experience, and was brought in to be the compliance officer to an organization under a CIA while Laura Ellis was the monitor. Kusserow echoes Ellis’ advice to organizations to take steps to “get the most out of the money” expended on these resources. The more expert they are in the health care sector, the better.  The more experience the individuals assigned to do the work have, particularly experience with the OIG, the better.   The one thing to avoid is hiring an IRO and then paying it to learn about the type of work being done by the organization or how to interact with the OIG. Having top-notch experts can impart considerable added value from prior experience of doing this kind of work. She also pointed out that once these outside experts are engaged, there is another lag period before they begin their work and again when they present reports on the results of their work.  It is a huge mistake to allow these gap periods to elapse without doing serious preparation work.  It is important to begin planning at the earliest date for what is needed to meet CIA terms and conditions, which will assist in this effort, and development of a project plan for execution.   The planning process and timelines for meeting CIA requirements will have to take into account when reports by the IRO, and possibly the compliance expert, are due to the OIG.

Steve Forman, CPA, has over 35 years’ experience, having served as both as a compliance officer and as an IRO many times, and as a compliance expert four times under a CIA. He advises compliance officers that one step that cannot be undertaken too soon is getting the Executive/Management Compliance Committee and Board Compliance Committee involved. They need to understand fully in practical and operational terms their personal obligations, along with what is needed from them to meet CIA obligations.   He also strongly recommends at the first indication that a CIA may be in the future to begin reviewing posted agreements on the OIG website, especially those that involve similar types of organizations.   One point of caution is that the OIG has been changing CIAs significantly as to new requirements, conditions, and certifications by board members and executives. Information derived from these reviews should be translated into a plan of action to ensure the organization is in tune with what the OIG will expect.  He strongly suggests that compliance officers consider engage compliance experts to do two things:

  1. Have the compliance program conduct an independent evaluation and act on findings and recommendations. Having such a report with evidence of correcting any deficiencies can be invaluable evidence to the OIG in making a determination as to whether a CIA is necessary and, if so, mitigating terms and conditions. It will be looking for this evidence.
  2. Once a CIA is executed, immediately engage experts to conduct a mock audit to test the terms and conditions that must be met under the CIA and to have them addressed before the IRO or compliance expert under the CIA begins work.

Taking these two steps can avoid a lot of problems, expenditures and complications under a CIA. The OIG takes evidence of independent experts serious. That is why they rely upon them as IROs, Compliance Experts, and Quality Monitors.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on
Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: What to look for in an independent review organization

At any given time, the HHS Office of Inspector General (OIG) has over 300 active corporate integrity agreements (CIAs) in force, resulting from settlement of a civil false claims case with the Department of Justice (DOJ). A provider or entity consents to certain defined obligations as part of “the civil settlement and in exchange for the OIG’s agreement not to seek an exclusion of that health care provider or entity from participation in Medicare, Medicaid, and other federal health care programs.” The CIAs normally are five years in duration and require an independent review organization (IRO) to act as guarantor that the organization will comply with the terms of the agreement. Financial audits are not normally part of the agreement; as such, IROs usually are firms with expert health care consultants, rather than financial auditors.  IRO selection is a critical decision process that should not be taken lightly, because the wrong IRO can prove to be very costly both in terms of what it charges and how it performs its services, but also in the credibility of its work. The OIG does not select or endorse any organizations to be the IRO; however it reserves the right to approve or deny the entity’s or provider’s choice if found deficient in meeting its guidelines. Any problems the OIG finds with an IRO will reflect badly on the organization and could aggravate matters.

Thomas Herrmann, J.D., is an expert without peer with regard to IROs, as result of having been previously responsible on behalf of the OIG for negotiating CIAs and monitoring compliance, and later serving for years as a consultant involved in more than a dozen IRO engagements. Hermann recommends selecting a firm with an established record of serving successfully as an IRO. Expecting a firm to have so served 10 or 12 times is not unreasonable. An experienced IRO will manage reporting and communicating with the entity and OIG in a clear and efficient manner. The more familiar the OIG is with an IRO entity, the better that communication will be and the more efficient the process.

Carrie Kusserow has 20 years of health care compliance consulting experience and serving as a compliance officer with organizations under a CIA. She noted that one of the added challenges is implementing mandates negotiated by attorneys, normally without much input from the compliance office. Often, there are issues requiring clarification and, in some cases, changes. The reality for compliance officers having to implement the terms of a CIA is that the organization has admitted to have engaged improperly, leaving credibility severely damaged; after months of negotiation, the government has little interest to “re-litigate” any issues, including any modifying or clarifying terms and conditions.   A solid professional relationship with the IRO is in the best interest of both the organization and the OIG. Any issues that may arise that require clarification or modification will have a much better chance of a favorable hearing from the OIG if supported by the IRO. If they are inexperienced or lack expertise, it may add confusion and problems in efforts to comply with all the terms of the Agreement. As such, it is important to ensure the firm selected has the specific qualifications, experience, and expertise to properly address the defined scope of work under the CIA. Absence of program expertise can lead to hidden costs in learning the business and may result in difficulties meeting the obligations; and possibly proper level of OIG credibility.

Steve Forman, a CPA with more than thirty years’ experience as a compliance officer, consultant, and OIG executive has worked on numerous CIAs. He believes that the more experienced the IRO, the better the result in terms of efficiency of work, cost, and credibility of results with the OIG. This should not be a learning opportunity for the firm at organization expense.   It is also important to avoid a “bait and switch” and insist on the identification of all key persons that would be assigned to the engagement.   Only engage an IRO that will attest to meeting the OIG required Government Accountability Office (GAO) “Generally Accepted Government Auditing Standards” for operational reviews. Operational reviews and financial reviews are dealt with separately in those standards. The OIG requires IROs meeting certain of these standards. Always require references that speak to the level of professionalism, competence, reasonableness, and if there were unreasonable up-charging over their estimate.

Dr. Cornelia Dorfschmid has 25 years’ experience as a compliance officer and consultant. She has worked on more than a dozen IRO engagements. Dorfschmid noted that one of the criteria upon which the OIG insists is absence of conflicts of interest, which has grown in importance and sensitivity over the last year. As such, it is very advisable to require written attestation of a prospective IRO that it has no conflicts of interest problem. It is best it not have done any work for the organization for the past three years, or have prospective work with the organization that would overlap the IRO engagement. Even the appearance of conflict can be a serious problem. Fee rates and charges can range considerably and it is important to consider that cost right alongside of experience, professionalism, and industry knowledge.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: When a CIA looms, it is time to seek a new job, career change, or hiding place, or take action

When organizations fall under the spotlight of the Department of Justice (DOJ), there is a period of many months before a settlement is negotiated that is followed by another negotiation process with the HHS Office of Inspector General (OIG) that leads to a corporate integrity agreement (CIA). By time of settlement, or shortly thereafter, it is common to find the compliance officer has left, as many  see the warning signals and decide to leave, or later are asked to do so.  When this happens, there begins a struggle to replace the compliance officer.   This is not an easy thing to accomplish as it take three to five months on average to find someone qualified and is complicated by the fact that many would-be candidates may not wish to take on a “fire storm” job at the outset of a five-year stringent CIA set of terms and condition.   All this takes place at a time when CIA terms will be adding great new burdens on the compliance program.

Replacing compliance officers

One short-term solution, when replacing the compliance officer, is to designate someone in-house to act until the gap can be filled by a permanent appointment.   This is seldom a good solution.  At a time when a steady, experienced, aggressive, and professional hand is needed to meet the immediate challenges of meeting the stringent compliance mandates of a CIA, the temporary appointee will be just trying to hold things together, without creating any future problems for themselves.   The alternative is hiring an interim compliance officer, until the right permanent solution can be found. This has the benefit of using someone who knows what has to be done and will be replaced within a matter of a few months.  This permits a steadier hand and includes the benefit of having someone to independently assess the state of the program and move on a plan to strengthen it.

Compliance officers who want to keep their jobs

Those desiring to keep their jobs cannot afford to wait in the wings to see what develops while the attorneys are negotiating with the DOJ and OIG.   It is dangerous and career-threatening.  They need to shore up the program and be considered part of the solution.  While negotiations are underway, the attorneys focus on the transaction terms with the government to resolve the pending issues, and not necessarily the consequences of living with the negotiated terms.  This may take many months, during which time the compliance officer needs to act affirmatively and with celerity to strengthen his or her position, before the CIA descends and the attention is redirected back to compliance.  The OIG follows predictable patterns in setting terms and conditions. Anticipating and preparing for what is coming with the CIA is being smart and, quite frankly, a job security effort.   The time should be used to educate management and the Board on what to expect, as well as preparing for what will come.

Evidencing compliance program effectiveness

Compliance officers should move at the earliest date to develop independent evidence that the program is operating the way it should and the problems that gave rise to the government intervention were an aberration. This also will help the attorneys in negotiating terms and conditions. It is wise to consider having an independent compliance program evaluation done by experts far in advance of the CIA mandates going into effect that will mandate the Board to hire a compliance expert to do the same thing. This will provide evidence of program strengths and identify areas of opportunities for improvement, as well as provide time for taking corrective action to address any weaknesses.  Results can be presented to the executive leadership and Board; attorneys may find them useful in negotiating settlement terms.  This further keeps the whole effort under direction of the compliance officer, who can take credit for the identified strengths in the program, as well as in addressing any findings otherwise.  If this is not done well in advance, then all findings will come from the Board-engaged compliance expert and reflect negatively on the compliance officer. There is a big added benefit, in that the independent assessment will likely become the framework for the Board-engaged compliance expert to focus attention to determine if all the corrective action measures have been addressed, rather than developing his or her own review criteria.

Help identify potential Board compliance experts

After a settlement, there usually is a big scramble to find qualified parties to be the independent review organization (IRO) and Board compliance expert.   It takes a lot more time and effort to find the right qualified parties to do this kind of work than to properly vet them.   The fact is there are relatively few such experts with the requisite experience.  It is therefore useful for the compliance officer to have researched the subject long before any CIA is signed or anyone else is focused on this.   Laying a proper foundation for identifying qualified candidates can help the compliance officer to be seen as part of the solution to the challenges facing the organization.  When it comes to compliance experts, it is very important engage parties with considerable experience doing this kind of work. Engaging inexperienced people as compliance experts is risky and unpredictable. Inexperienced people also tend to be more costly as they charge money while learning what needs to be done.  The more experience with this kind of work under a CIA, the better for gaining efficient result.  Those who have done this work before know what needs to be done and have a track record with the OIG.  It also permits reference checking on how well they did with organizations that used them.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.