Health Care Compliance

Mercy Medical CenterPhysician LEADERSHIPTrainingCaroline Giddings, General Counsel & Corporate Compliance Officer
Health Care Compliance
Primary enforcement laws:False Claims ActPhysicianSelf-Referral Law (Stark)Anti-Kickback StatuteCivil Monetary Penalty LawExclusionAuthorityHIPAAEMTALA
False Claims Act
31U.S.C. §§3729 – 3733Government’s principal enforcement tool against health care fraudProhibits any person from submitting false or fraudulent claims for payment under Medicare or MedicaidKnowingly submitting false claimsActing in reckless disregard or deliberate ignorance of the false nature of the claimsExamples:Billing for services not performedBilling for medically unnecessary services“Upcoding”Stark law violationsKickbacks
False Claims Act
Potential PenaltiesTreble damages plus $5,500 – $11,000 per claimExclusion from federal health care programsNote: criminal penalties imposed under criminal FCA (18 U.S.C. § 287)Whistleblower Provisions (Qui Tam)Allows private individuals to file a lawsuit on behalf of the governmentAny person has the right to report fraud, waste, or abuse without fear of retaliationIowa False Claims Act (IC §§249A.7; 658.1–685.7)
The Physician Self-Referral Law (Stark)
42 U.S.C. § 1395nnProhibits a physician from making referrals for designated health services to an entity with which the physician or an immediate family member has a financial relationshipProhibits health care entities from submitting claims for payment based on such referralsExceptions apply
Stark Law
Designated Health ServicesClinical laboratory servicesPhysical therapy, occupational therapy, and outpatient speech-language pathology servicesRadiology services, including magnetic resonance imaging, computerized axial tomography scans, and ultrasound servicesRadiation therapy services and suppliesDurable medical equipment and suppliesParenteral and enteral nutrients, equipment, and suppliesProsthetics, orthotics, and prosthetic devices and suppliesHome health servicesOutpatient prescription drugsInpatient and outpatient hospital services
Stark Law
Exceptions include:Exceptionas Bona Fide EmployeesFair Market Value CompensationVolume or Value of Referrals Not ConsideredCommercially Reasonable ArrangementSpace or equipment rentalPersonal services arrangementsPhysician recruitmentGroup practice arrangements with hospitalsInvestment in publicly traded securitiesRural providers
Stark Law Penalties
Proof of intent to violate the law is NOT requiredPotential penalties are severeDenial of paymentsRefund of improper paymentsCivil moneypenalties up to $15,000 per DHSExclusion from Medicare and Medicaid programsLiability under the False Claims Act for knowingly submitting improper claims
Anti-Kickback Statute
42 U.S.C. § 1320a-7b(b)Prohibitsoffering, paying, soliciting or receivinganything of value toinduce or reward referrals orgenerate business that is payable under Federalhealth careprogramsIncludes drugs, supplies, health care services for Medicare and Medicaid patients
Anti-Kickback Statute
Criminal, intent-based statutePenalties:CriminalUp to 5 years in prison per violationFines of up to $25,000 per violationCivil:Civil money penalties of up to $50,000 per violationMonetary assessment of up to 3x the kickback amountExclusion from Medicare and MedicaidFalse Claims Act liability
Anti-Kickback Statute
Safe HarborsImmunity from liability for arrangements that fit within certain safe harbors set out in the regulationsExamples:Space and equipment rentalPersonal services and management contractsPractitioner recruitmentAmbulatory surgical centersMust meet fair market value standards
Exclusions and Civil Monetary Penalties
42 U.S.C. §§ 1320a-7; 1320a-7aOffice of Inspector General (OIG) has authority to seek civil monetary penalties and exclusion from participation in Federal health care programs for a wide variety of conduct, including:Submission of false claimsAnti-kickback violationsStark violationsCMPs range from $10,000–$50,000 per violationIf a health care provider is excluded from participation, neither the physician nor his or her employer may submit Medicare or Medicaid claims
Privacy and Security Rules
HIPAAPrivacy Rule (Impermissible uses and disclosures of PHI)Security Rule (Theft and loss of laptops and portable devices)HITECHBreach NotificationOffice for Civil Rights (OCR) is currently investigating and auditing all sizes of covered entitiesConducted by KPMGAuditing compliance with Privacy and Security RulesAudits could result in a compliance review, CMPs, and/or informal enforcement.Documentation is the key to avoiding adverse audit outcomes.CMP settlements are increasing
Privacy and Security Rules
NYPresbyterian & Columbia University Medical Center- $4.8MDisclosure ofePHIof 6800 patientsePHIaccessableon internet search enginesConcentraHealth Services- $2MStolen unencrypted laptopMercy’slaptopsare encryptedEmail is secure but texting is NOTAdult& Pediatric Dermatology, PC- $150,000 (thumb drive stolen from an employee’s car)Thumb drive stolen from employee’s car
EMTALA
EMTALA is a federal statute that requires hospitals to perform a medical screening exam (“MSE”) on patients who come to an emergency department (“ED”) seeking treatment.If screening reveals an emergency medical condition (“EMC”), the ED is required to stabilize the patient prior to transfer or certify that the transfer is appropriate.
EMTALA
EMTALA applies to all patients regardless of citizenship or ability topay.EMTALA does not apply toinpatients.Hospitalsmust treat every patient who presents with comparable signs and symptoms in the sameway.StandardEmergency Department policies and procedures should be maintained, followed and updated as needed.Aviolation of the hospital’s own policy can be used as evidence of an EMTALA violation, even if the action may otherwise seem reasonable.
EMTALA
Hospital must evaluate and stabilize every patient even if the service needed is not provided by the hospital.Hospitals are required to have the name of the physician on call for a service.TheOIG can fine a hospital a maximum of $50,000 per violation.In addition, any physician responsible for examination, treatment, or transfer of an individual in a participating hospital, including an on-call physician, who negligently violates a requirement of the statute, may be fined a maximum of $50,000 and excluded from the Medicare program by the OIG.
Conflicts of Interest
All MSC & MSC Affiliate employees,physicians in leadership,and Board members have a duty to act in the best interest of Mercycare Service Corporation.Thismeans avoiding situations where relationships with vendors, other business partners, and competitors’ employees influence or could appear to influence decisions you make involvingMercycareService Corporation.Aconflict of interest exists whenever someone in a position of trust hascompetingprofessional or personal interests which can make it difficult to fulfill his or her duties impartially. Even if there is no evidence of improper actions, a conflict of interest can create an appearance of impropriety that can undermine confidence in the ability of that person to act properly in his/her position.It is not unusual for conflicts of interest to exist in an organization. Mercy does not prohibit employment or board service due to conflicts ofinterest.Article 1, Section 4 Member’s Conflicts of Interest, Medical Staff Bylaws requires complete and full disclosure of all potential conflicts in order to safeguard both the individual and Mercy.Conflicts of interest must be disclosed as they arise, and must be documented annually.
Conflicts of Interest
Financial interests can be an issue when serving as a committee chair, or in leadership or decision-making situations.Financial interests include: hospital contracts, ownership interests, employment, partnership, grants, investment in hospital vendors, suppliers, manufacturers or donors, competitive or collaborative relationships and economic competitors.Aconflict of interest may mean that you have to recuse yourself from a discussion, decision or vote.Failure to disclose a conflict of interest upon reasonable request will automatically disqualify the Medical Staff member from the position creating the conflict of interest.
Current Legal/Regulatory Climate
Federal oversight significantly increased for individualprovidersAdult & Pediatric Dermatology, PCIncreasedgovernment funding for anti-fraud effortsRACS, ZPICS, OCR Audits, Medicaid Audits, etc.FY2014HHS OIG Annual Semi-annual Report to Congress:3.1Binsavings (1sthalf of the fiscal year only)1,720exclusions of individuals and entities465criminalactions266civil actions(false claims, unjust-enrichment, CMP settlements, self disclosure matters)Increased penalties for noncompliancePenalties for HIPAA violations have increased to $100/individual violations that was unknown and when reasonable diligence was taken to $50,000/violation with willful neglect, and with a cap of 1.5M/identical violation
Documentation
Accurate documentation is important for quality of patient care and protection of health care providersIf something isn’t documented, it didn’t happenBilling and coding complianceMalpractice riskAvoid inappropriate documentation practices:Amending recordsIf a record needs to be amended or corrected, retain a copy of the original recordNon-contemporaneous entriesTimely complete medical record entriesMercy Documentation Timeliness PoliciesCopy and paste
Coding and Billing
Accuracy is extremely importantStiff penalties for improper or fraudulent coding and billingFair and ethical treatment of payors and patientsExamples of improper billing practicesBilling for items or services not providedSubmitting claims items and services that are not reasonably necessaryBilling for non-covered servicesUnbundlingFalsely indicating that a particular health care professional attended a procedure or billing a visit performed by a NP or PA as a physician visitClustering (billing all patients using a few middle levels of service codes)Upcoding the level of service providedBill consistent with documentation provided in patient’s medical record
Questions?
MercyCare Service CorporationHotline319-369-4586Caroline Giddings, JDGeneral Counsel & Corporate Compliance Officercgiddings@mercycare.org319-861-7994Susan Kalbach, JD, CHCDirector of Organizational Integrityskalbach@mercycare.org319-369-4740