Health Care Practice Strategies – Summer 2013 - Medicare and Medicaid Compliance: How to Stay Out of Trouble
In today’s unforgiving regulatory climate, practices need a plan for complying with the byzantine regulations of the federal health care system.
Today, over 1 billion claims are submitted annually under the Medicare program alone, and the federal government is aggressively monitoring these claims for fraud and abuse. The Office of Inspector General (OIG) has opened new offices across the country, and the U.S. Department of Justice has assigned more FBI agents to ferret out fraud. Likewise, medical necessity Recovery Audit Contractor audits are in full swing and aiming to make significant recoveries.
While the government doesn’t require practices to develop a formal compliance plan, it does make sense to implement at least some basic internal controls to avoid running afoul of the rules. At its most basic, a solid compliance program should include these components:
1) A legal review of contracts and operating procedures.
2) Education and training for employees.
3) Monitoring and auditing mechanisms.
CONDUCT A LEGAL REVIEW
Start by conducting a legal review of your contractual relationships and operating procedures. Here, you’re looking for compliance with the Stark and anti-kickback laws, as well as any relevant state laws.
Of course, the scope of your review will depend upon the nature of your practice. If you run a well-managed practice and follow extremely conservative coding and billing practices, a limited review may be sufficient. But if you see a number of Medicare/Medicaid patients, a more extensive legal review may be in order — especially if you have contractual relationships with other providers or ancillary centers.
- Review – Have an attorney review written policies and procedures as well as contracts with vendors and potential patient referral relationships. As an added benefit, assistance from a lawyer can trigger attorney-client privilege, which can provide some legal protection in case you are investigated. By contrast, evidence you uncover yourself generally isn’t protected by privilege.
- Sample – Establish a realistic picture of your compliance profile by pulling a random sample of claims for review. Here, you’ll want to ensure that supporting documentation is present, and that it supports medical necessity and the services billed. This is a job that can be delegated to staff, or you can bring in consultants with experience in coding and documentation.
- Document – There may be certain areas that you decide not to fully ad-dress for a variety of reasons (e.g., lack of staff or resources). Once you establish that there is no evidence of non-compliance in these areas, prepare a written statement documenting which areas you aren’t addressing and why.
EDUCATE AND TRAIN
Your legal audit should reveal where you need to focus your compliance efforts. Once you know your risk areas, you’ll want to provide ongoing training for your physicians, midlevel providers and support staff.
- Train – Using online presentations, offsite seminars and printed materials, tailor training to the specific needs of your team. For example, discuss examples of noncompliant behavior with your billing staff, such as how up- coding for E&M services or failure to refund overpayments violates the compliance plan. And make sure providers receive training on their responsibility to provide appropriate medical record documentation of the care provided. Consider utilizing interviews and questionnaires to assess how well your staff is progressing with the training.
- Communicate – The best compliance plan in the world won’t be effective (or defensible in the case of an investigation) if your practice’s compliance policies and procedures are not communicated clearly. Of course, document your plan in your employee handbook. But also consider using newsletters, email and monthly meetings to provide ongoing awareness of your policies or procedures. And be sure to include independent contractors whose services are billed under the practice’s provider number.
- Document – Likewise, if you’re investigated for noncompliance, you’ll need to be able to provide documentation of which employees/providers have actually attended the training sessions (something as simple as a dated sign-in sheet may suffice). And create a binder of the actual training materials that were used.
MONITOR AND AUDIT
The final key component of an effective plan is establishing mechanisms for ongoing monitoring and auditing of your compliance efforts.
- Check – Consider conducting background checks for providers and office staff who will be involved in compliance-sensitive activities. Investigators will want to know that you’ve at least checked to see if anyone has been convicted of health care crimes or excluded from federal health care programs. The OIG’s database of sanctioned providers is available online at http://www.exclusions.oig.hhs.gov/.
- Report – Set up a system for employees to report suspicious conduct and potential wrongdoing. Establish a confidential hotline or set up a post office box for reporting possible misconduct. The message to send is that the practice is serious about uncovering noncompliance and won’t penalize staff for reporting their suspicions.
- Enforce – Finally, give your compliance programs some teeth. Develop appropriate penalties for noncompliance — everything from formal reprimands to termination. Of course, tailor the disciplinary action to the situation. A provider who consistently fails to appropriately document patient encounters could be penalized with reductions in his or her annual bonus, for example.
BE PREPARED TO COME CLEAN
Note that there is always the possibility that your compliance efforts will uncover an honest mistake. In the case of overbilling, you’ll need to be prepared to correct it. Failure to return an overpayment can take what otherwise might be considered a one-time mistake into the realm of outright fraud and open you to prosecution. Here, you may want to seek legal counsel before reporting your findings.
Health Care Practice Strategies – Summer 2013 Issue