D A Stahl

Abstract:On February 11, 1998, the Department of Health and Human Services Office of Inspector General (OIG) released guidelines to assist hospitals and their agents and subproviders to comply with Medicare and Medicaid regulations. While adopting and implementing a compliance program is voluntary, the OIG believes that such a program prevents fraud, abuse, and waste while simultaneously furthering providers' fundamental mission--to provide quality care.

N Fowler

Abstract:The federal government has created numerous programs to combat fraud and abuse. The government now encourages healthcare facilities to have a corporate compliance program (CCP), a plan that reduces the chances that the facility will violate laws or regulations. A CCP is an organization-wide program comprised of a code of conduct and written policies, internal monitoring and auditing standards, employee training, feedback mechanisms and other features, all designed to prevent and detect violations of governmental laws, regulations and policies. It is a system or method ensuring that employees understand and will comply with laws that apply to what they do every day. Seven factors, based on federal sentencing guidelines, provide the framework for developing a CCP. First, a facility must establish rules that are reasonably capable of reducing criminal conduct. Second, high-level personnel must oversee the compliance effort. Third, a facility must use due care in delegating authority in the compliance initiative. Fourth, standards must be communicated effectively to employees, and fifth, a facility must take reasonable steps to achieve compliance. Sixth, standards must be enforced consistently across the organization and last, standards must be modified or changed for reported concerns, to ensure they are not repeated. PROMINA Health System, Inc. in Atlanta, Ga., designed a program to meet federal guidelines. It started with a self-assessment to define its areas or risk. Next, it created the internal structure and assigned organizational responsibility for running the CCP. PROMINA then developed standards of business and professional conduct, established vehicles of communication and trained employees on the standards. Finally, it continues to develop evidence of the program's effectiveness by monitoring and documenting its compliance activities.

J A Lovitky,J Ahern

Abstract:The federal government continues to expand its initiatives to uncover healthcare fraud, waste, and abuse. It is therefore more important than ever that healthcare organizations have an effective compliance program in place. The organization should have a compliance officer with adequate authority and staff to carry out the compliance program's functions. The program should include an ethics code, an internal hotline that employees can use to report compliance concerns, and education and training for all employees. In addition, the program should be audited periodically to ensure its viability. To be successful, a compliance program also needs the support of the healthcare organization's senior management.

Kathleen D Schaum

DOI: https://doi.org/10.1097/01.ASW.0000459891.21303.0f

Abstract:Wound care professionals should carefully inspect and audit their coding and billing practices in light of (1) the OIG's 2014 Semiannual Report to Congress and (2) the 2015 OIG Work Plan.You can read the details of both documents by following the Internet links provided earlier in this article. Conducting those self-audits and taking steps to correct issues are far better than the possible alternatives, for example: exclusion from participating in Medicare, Medicaid, and other federal healthcare program civil monetary penalties for submitting or causing to be submitted a claim for items or services that the person knows or should know is false or fraudulent criminals penalties for the following:) knowingly and willfully soliciting, receiving, offering, or paying remuneration (in cash or in kind) to induce, or) in return for (1) referring an individual to a person or an entity for the furnishing, or arranging for the furnishing, of any item or service payable under the federal healthcare programs or (2) purchasing, leasing, or ordering, or arranging for or recommending the purchasing, leasing, or ordering, of any good,facility, service, or item payable under the federal healthcare programs.If wound care professionals identify problem areas during an audit, they should always contact their compliance officer.Together, they should decide if they should self-disclose to the OIG. Since 1998, the OIG has made available comprehensive guidelines describing the protocol for providers to voluntarily submit to OIG self-disclosures of fraud, waste, or abuse. The provider self-disclosure protocol gives providers an opportunity to minimize the potential costs and disruption that a full scale OIG audit or investigation might entail if fraud were uncovered. The self-disclosure also allows the provider to negotiate a fair monetary settlement and potentially avoid being excluded from participation in federal healthcare programs.The self-disclosure protocol guides providers and suppliers through the process of structuring a disclosure to OIG about matters that constitute potential violations of federal laws. After making an initial disclosure, the provider or supplier is expected to thoroughly investigate the nature and cause of the matters uncovered and make a reliable assessment of their economic impact. The OIG evaluates the reported results of each internal investigation to determine the appropriate course of action. The self-disclosure guidelines are available on the OIG website at http://oig.hhs.gov/compliance/self-disclosure-info.

Diane L Adams,Helen Norman,Valentine J Burroughs

Abstract:Medical practice today, more than ever before, places greater demands on physicians to see more patients, provide more complex medical services and adhere to stricter regulatory rules, leaving little time for coding and billing. Yet, the need to adequately document medical records, appropriately apply billing codes and accurately charge insurers for medical services is essential to the medical practice's financial condition. Many physicians rely on office staff and billing companies to process their medical bills without ever reviewing the bills before they are submitted for payment. Some physicians may not be receiving the payment they deserve when they do not sufficiently oversee the medical practice's coding and billing patterns. This article emphasizes the importance of monitoring and auditing medical record documentation and coding application as a strategy for achieving compliance and reducing billing errors. When medical bills are submitted with missing and incorrect information, they may result in unpaid claims and loss of revenue to physicians. Addressing Medical Audits, Part I--A Strategy for Achieving Compliance--CMS, JCAHO, NCQA, published January 2002 in the Journal of the National Medical Association, stressed the importance of preparing the medical practice for audits. The article highlighted steps the medical practice can take to prepare for audits and presented examples of guidelines used by regulatory agencies to conduct both medical and financial audits. The Medicare Integrity Program was cited as an example of guidelines used by regulators to identify coding errors during an audit and deny payment to providers when improper billing occurs. For each denied claim, payments owed to the medical practice are are also denied. Health care is, no doubt, a costly endeavor for health care providers, consumers and insurers. The potential risk to physicians for improper billing may include loss of revenue, fraud investigations, financial sanction, disciplinary action and exclusion from participation in government programs. Part II of this article recommends an approach for assessing potential risk, preventing improper billing, and improving financial management of the medical practice.

Angela Cairns,Yvonne E Yarker

DOI: https://doi.org/10.1185/030079908x297367

Abstract:Background: Relationships between the pharmaceutical industry and healthcare professionals continue to drive discussion about the potential for conflicts of interest. Despite greater regulation and oversight, there are still calls for increased transparency and further restrictions on these relationships. Regulatory authorities, the pharmaceutical industry, professional societies, and other interested parties have responded by developing robust guidelines for interactions between the pharmaceutical industry and healthcare professionals. This, in turn, is driving change in the way that healthcare communications agencies work, increasing the need for them to visibly demonstrate processes that ensure their employees comply with relevant laws, regulations, and guidelines. Exposition: In our group of healthcare communications agencies we have established an internal compliance program and developed a policy that reflects the services we provide, and we recommend that other agencies adopt a similar program. Compliance training, implemented by a nominated compliance team, can be enforced by including compulsory tests for employees who interact with the pharmaceutical industry and healthcare professionals, with annual reassessment. The compliance team also has an important role to play in ensuring ongoing communication and staff education, including awareness of new legal and best practice developments. Management of the compliance program is essential, with clear mechanisms for auditing and evaluation, and the inclusion of compliance adherence in staff performance objectives. A visible framework for handling potential compliance issues should also be developed, with clear definitions of different levels of noncompliance and potential associated consequences. Compliance programs may also include other elements, such as terminology and documentation guidance, so that the program becomes an integral tool used by employees on a daily basis. Conclusion: With a robust internal compliance program, healthcare communication agencies can play a significant role in helping maintain appropriate pharmaceutical industry-healthcare professional relationships in an increasingly regulated and scrutinized environment.

G O Thomasson

DOI: https://doi.org/10.1016/s1070-3241(16)30076-1

Abstract:Background: Claims that result from at-risk medical practices, especially those involving medical records and systems failure-related problems, cost significantly more than the average claim to resolve, primarily due to additional defense costs required for expert witnesses. An analysis of these claims areas has pinpointed specific problems that can be addressed and corrected. Obtaining physician participation in risk management: A participatory risk management program requires all physicians applying for insurance to comply with established general and specialty-specific practice guidelines. Additionally, physicians and their staff receive premium-credit points by attending regularly scheduled continuing education programs on reducing liability risk. If a claim arises in which there is some question about whether the physician followed the guidelines, the circumstances are thoroughly reviewed with the physician after defense of the claim has been completed. Additionally, a medical records consultation program helps individual practices audit their records and identify and correct any at-risk problems. Rewarding participating physicians: Based on the success of the program, a new premium program has been instituted in which all physicians are placed in the lowest premium group, but they must participate regularly in risk management activities and avoid adverse actions to maintain the low premium rate.

Abstract:There will likely be many developments through the end of the year regarding the HIPAA Privacy Rule. Healthcare Leadership & Management Report will be talking to CEOs from around the country during September to learn what they are doing in their hospitals and health systems to prepare for the coming compliance deadline for both the standardized electronic transactions and the privacy standards. We will report on what we find in a fall issue. Readers are welcome to submit their own case studies or information on preparations for compliance to Lee Reeder, editor, by calling 909-338-0909 or by e-mail at editor@americangovernance.com.

Department of Veterans Affairs

2018-07-06

Abstract:The Department of Veterans Affairs (VA) is amending its medical regulations to clarify that VA will not bill third party payers for care and services provided by VA under certain statutory provisions, which we refer to as "special treatment authorities." These special treatment authorities direct VA to provide care and services to veterans based upon discrete exposures or experiences that occurred during active military, naval, or air service. VA is authorized, but not required by law, to recover or collect charges for care and services provided to veterans for non-service-connected disabilities. This rule establishes that VA will not exercise its authority to recover or collect reasonable charges from third party payers for care and services provided under the special treatment authorities.

2000-04-26

Abstract:This final rule revises the OIG's civil money penalty (CMP) authorities, in conjunction with new and revised provisions set forth in the Health Insurance Portability and Accountability Act of 1996. Among other provisions, this final rulemaking codifies new CMPs for excluded individuals retaining ownership or control interest in an entity; upcoding and claims for medically unnecessary services; offering inducements to beneficiaries; and false certification of eligibility for home health services. This rule also codifies a number of technical corrections to the regulations governing OIG's sanction authorities.

1999-11-19

Abstract:This final rule serves both to add new safe harbor provisions under the Federal and State health care programs' anti-kickback statute, as authorized under section 14 of Public Law 100-93, the Medicare and Medicaid Patient and Program Protection Act of 1987, and to clarify various aspects of the original safe harbor provisions now codified in 42 CFR part 1001 (originally proposed in RIN 0991-AA74). Specifically, this final rule modifies the original set of final safe harbor provisions codified in 42 CFR 1001.952 to give greater clarity to that rulemaking's original intent. In addition, this final rule sets forth an expanded set of safe harbor provisions designed to protect additional payment and business practices from criminal prosecution or civil sanctions under the anti-kickback provisions of the statute.

Michael J Sacopulos,Jeffrey Segal

Abstract:Liability for confidentiality of protected health information extends beyond the walls of a medical practice. Studies show a significant number of breaches occur via the actions or inactions of third-party entities/business associates. These business associates are trusted with patient information to assist a medical practice and can include collection agencies, third-party billing firms, transcription services, etc. Medical practices can be legally liable for the breaches of their business associates. This article provides an overview as to proper methods of retaining and monitoring business associates in an effort to minimize exposure from these firms.

Richard M. Steinberg

DOI: https://doi.org/10.1080/07366981.2012.741934

2012-11-01

EDPACS

Abstract:We've witnessed companies across industries suffer serious reputational and financial damage due to legal and regulatory compliance failures. Most had what they considered reasonable compliance processes, but somehow they didn't work. More and more corporate resources are spent on compliance, with greater attention in the C-suite and board room, but still concern lingers—and justifiably so. While keeping an eye on regulatory actions, legal and compliance executives have sought to move their compliance programs from disparate elements to integrated wholes. But now we see a major shift in what key regulators are looking for and indeed using in deciding whether to pursue enforcement actions. With that backdrop and encompassing what recent experience shows truly works in the “real world,” organizations now have greater clarity in developing highly effective and efficient compliance programs. In this article, which is excerpted from his recently published white paper sponsored by IBM Open Pages, Richard M. (Rick) Steinberg outlines these game-changers and provides a roadmap with 10 essential elements to getting programs where managements and boards need and want them to be in achieving their compliance objectives. 1

Norman H Godwin,Jennifer M Mueller

DOI: https://doi.org/10.1111/j.1945-1474.2005.tb01115.x

Abstract:A distinguishing characteristic of high performance organizations is a strong internal control structure-controls that ensure patient care, compliance with regulations, internal efficiencies, and financial reporting. It is controls on financial reporting that are receiving a great deal of attention under a new law, the Sarbanes-Oxley Act of 2002. Public companies are now required by law to document controls over financial reporting, in order to fully address exposures and the effectiveness of current controls. Though many healthcare organizations are not directly affected by the law, regulatory agencies could follow suit and require similar compliance. In fact, several states have introduced bills that require nonprofit organizations to adhere to portions of the act. This article provides a guide for organizations desiring to stay ahead of the curve.

A W Shuren,K Livsey

Abstract:The Privacy Rule: Limits the use and disclosure of PHI to purposes of treatment, payment, or routine health care operations. Requires covered entities to provide advance notice to the public of its policy governing disclosure of PHI. Requires entities covered by the Standard to secure general client consent to use and to disclose PHI for treatment, payment, or routine health care operations and to obtain specific client authorization to use or to disclose PHI for all other purposes unless the disclosure is specifically permitted without consent or authorization (e.g., a covered entity may disclose PHI to a health care oversight agency such as the Office of the Inspector General without first obtaining client authorization). In certain situations, a covered entity need only obtain client agreement to disclose PHI which may be oral or inferred from the circumstances surrounding the disclosure. For example, a covered entity could disclose PHI to a relative caring for the individual who is the subject of the health information. Expects covered entities to take measures to protect PHI from both inadvertent and deliberate misuse and disclosure. Requires, except in certain circumstances, the amount of PHI disclosed on any occasion to be limited to the minimum necessary to achieve the purpose of the disclosure. Gives individuals more control of their health information by permitting them to review and amend health information pertaining to themselves and to demand an accounting of persons to whom their health information has been disclosed. Establishes terms under which a covered entity may disclose PHI to a business associate. Permits states to maintain state laws that are more stringent than the Privacy Rule. The statute provides for significant civil and criminal penalties for failure to comply with the Standards. Violations are punishable by fines as much as $250,000 and 10 years imprisonment. The HHS, Office of Civil Rights is charged with enforcing the Standards. The HHS is expected to issue a single Enforcement Rule applicable to all three of the HIPAA Administrative Simplification Standards. Many worksite records will not be protected under the HIPAA Privacy Rule because employers are not covered entities and few occupational health professionals meet the criteria of being considered a covered entity. Nevertheless, occupational health professionals need to be knowledgeable about the application of HIPAA in the occupational health care setting. Furthermore, given that the Rule does not preempt state privacy laws that are more stringent than the Standards, occupational health professionals should monitor legislative activity related to privacy in the states in which they practice. To date, Oregon, Texas, and New Jersey have broadened HIPAA's definitions to create more covered entities and services.

Eric J Boggs,Cory M Herendeen,Jim Wiseman

Abstract:Unclaimed property audits are on the rise at hospitals and health systems. Healthcare organizations often have unclaimed property in the form of accounts payable, payroll, accounts receivable credit balances, unpaid credit balances, and more. Hospitals and health systems should consolidate unclaimed property analysis and reporting to reduce compliance risk and generate savings.

Bridget C Calhoun,Joan M Kiel,Allison A Morgan

DOI: https://doi.org/10.1097/JPA.0000000000000215

Abstract:Students enrolled in medical schools, nursing schools, and physician assistant (PA) programs are required to have instruction on patient privacy and protection of health-related information. The medical literature has several examples of breaches of patient privacy by clinicians, which likely represents only a fraction of the violations that occur. Patient privacy and the protection of health-related information constitute both an ethical issue and a legal issue and are associated with significant consequences. Medical, PA, and allied health students are required to comply with the same federal laws related to patient privacy and confidentiality as licensed professionals. Universities must work diligently to create a culture in which students are taught about the legal requirements of the federal Health Insurance Portability and Accountability Act (HIPAA) and are held accountable for compliance with such requirements. The Health Insurance Portability and Accountability Act must be considered part of standard classroom instruction and be embedded and upheld at all clinical training sites. We present a series of 7 HIPAA violations by PA students, along with a brief description of the HIPAA provisions associated with each case. These real-life examples provide a comprehensive overview of important HIPAA components and illustrate how easily violations can occur in clinical settings.

Cuiyun WU,Guoying CAO,Rong WU,Hejian ZOU

DOI: https://doi.org/10.12026/j.issn.1001-8565.2018.03.13

2018-01-01

Abstract:With the promulgation of a series of laws and regulations in our country, the requirement for stand-ardized management of clinical research process are gradually clear, and higher requirements on the following-up review management of ethics committee also are put forward. Through concluding and summarizing 128 noncompli-ance/violation or protocol deviation reports accepted by a hospital in recent two years, this paper analyzed four main problems including that the researchers at management level failed to report or report timely; the researchers reported in irregular filling;the same type of violation/deviation program happened repeatedly and the rectification to the review opinions of ethics committee was ineffective, and also put forward the corresponding suggestions, in order to strengthen and perfect the standard management of noncompliance/violation or protocol deviation report.

M M Mustokoff,M S Yecies

Abstract:An effective corporate compliance program is facilitated by three essential elements: a well-qualified compliance officer; a policy of immediate investigation of every report of potential fraud and abuse; and clearly defined roles for both corporate and outside counsel in conducting the investigations. A government agency is less likely to exercise the full extent of its powers when these elements are in place and three is evidence of a sincere compliance effort.

Mark Taylor

2004-05-24

Abstract:If you've ever wondered if compliance programs really work, you're not alone; the CMS is trying to come up with an answer. A pilot program will study up to a dozen programs to assess their effectiveness and gather best-practices data. The plan is already winning praise. "The burning question is which components of compliance programs are the most effective," says Roy Snell, left, of the Health Care Compliance Association.