Articles Tagged with Compliance

Published on:

by

The United States Department of Justice (“DOJ”) announced yesterday that a Detroit-area resident, Louisa Thompson, plead guilty on June 20, 2012, to one count of criminal conspiracy to commit health care fraud in the Eastern District of Michigan federal court.

The Health Care Fraud Prevention and Enforcement Action Team (HEAT) task force, a DOJ and U.S. Department of Health and Human Services (HHS) multi-agency joint venture, headed the investigation of Ms. Thompson. The HEAT task force, which is an initiative of the federal Medicare Fraud Strike Force, uses data analysis and community policing to detect health care fraud perpetrators who steal billions of dollars from the federal government.

The task force discovered that since 2006, Ms. Thompson had billed Medicare for psychotherapy services through two companies, TGW Medical Inc. and Caldwell Thompson Manor Inc., despite these services having never been performed, or performed by unlicensed staff. Ms. Thompson has yet to be sentenced in the case, and faces up to 10 years imprisonment and a $250,000 fine.

Based on recent Medicare Fraud Task Force activity, it appears the HEAT task force is targeting psychological and psychotherapy service providers aggressively, both for criminal prosecution as well as for civil actions to recover money that Medicare and Medicaid has paid. The government’s most-used tool in civil health care cases is the False Claims Act.

The False Claims Act (FCA) was drafted in1893 and was originally intended to prohibit and prevent fraudulent claims against the government during the Civil War. Its purpose was to force government contractors to deliver promised materials, hold them accountable if they did not, and deter fraudulent activity. Under the FCA a qui tam relator (whistleblower) could bring suit on behalf of the United States, and be rewarded with a percentage of the government’s recovery.

In the late-1980s the federal government began using the FCA to pursue fraud in the federal health care programs. In recent years the government has relied on the FCA to combat fraud and abuse in the healthcare arena for conduct that did not reach the standards for criminal prosecution. The penalties for violation of the FCA can be up to $11,000 per false claim as well as three times the damage to the government.
Continue reading

Published on:

by

On May 31, 2012, Department of Health and Human Services (HHS) Director of the Office of Civil Rights Leon Rodriguez issued a memo to consumers regarding those consumers’ right to access their protected health information and medical records. In this memo, Rodriguez stressed that it is important for consumers and providers to remember that the Health Insurance Portability and Accountability Act (HIPAA) not only provides protection for personal health information, but also provides consumers with the right to view and obtain copies of health records.

Many providers, when dealing with HIPAA compliance, tend to focus on safeguarding protected health information, but fail to recognize the importance of patient rights including the right to access. Under HIPAA, patients have the right to view their health records from most providers, pharmacies, and health plans. Patients also have the right to obtain copies of those records in the form they choose, be it electronic or on paper, if the provider is able to do so.

Providers can charge patients a reasonable amount for the copies of health records the patient receives, and any cost for mailing the records. This amount is statutorily regulated in most states. It is important to note that a provider cannot charge a fee for searching for and retrieving records, and providers cannot withhold access to records because a patient has not paid for services received.
Continue reading

Published on:

by

The Office of Civil Rights (OCR) announced yesterday that its Health Insurance Portability and Accountability Act (HIPAA) Enforcement Training tools would be available to the general public today, June 5, 2012.

Since 2009, as part of the Health Information Technology for Clinical and Economic Health (HITECH) Act, State Attorneys General (SAGs) were given the authority to bring civil suit for HIPAA violations on behalf of the aggrieved patients. To assist SAGs, the OCR developed a wide range of HIPAA Privacy and Security Rules compliance, enforcement, and training tools.

Included in the materials are computer-based modules, and videos and slides from in-person training sessions covering the following topics:

  • General Introduction to the HIPAA Privacy and Security Rules
  • Analysis of the impact of the HITECH Act on the HIPAA Privacy and Security Rules
  • Investigative techniques for identifying and prosecuting potential violations
  • A review of HIPAA and State Law
  • OCR’s role in enforcing the HIPAA Privacy and Security Rules
  • SAG roles and responsibilities under HIPAA and the HITECH Act
  • Resources for SAG in pursuing alleged HIPAA violations
  • HIPAA Enforcement Support and Results

These materials may be a helpful training tool for health care providers and privacy officers. The materials highlight to whom, what, where, when, and how HIPAA Rules will be enforced and provide basic summaries of the HIPAA Privacy and Security Rule requirements.
Continue reading

Published on:

by

On May 10, 2012 the United States Court of Appeals for the Ninth District decided that criminal charges under the Health Insurance Portability and Accountability Act (HIPAA) do not require that an individual have knowledge that their actions are illegal. The case, United States of America v. Zhou, is the first such case to establish that the knowledge requirements of a criminal HIPAA violation apply only to the fact that the information accessed was protected health information, and not that obtaining the information was in violation of HIPAA.

Under the statute, HIPAA provides that a criminal penalty applies to a person who knowingly and in violation of the statute, uses, obtains, or discloses protected health information. Zhou argued that the statute requires knowledge that the information obtained was protected health information, as well as knowledge that obtaining it was illegal. The court rejected the argument and determined that the language of HIPAA is plain. The court found that the word “and” unambiguously indicates that there are two elements of a violation, and that knowingly applies only to obtaining the protected health information, and not to the fact that obtaining the protected health information was illegal.

The statute at issue in the decision is 42 U.S.C §1320d-6a, which reads as follows:

(a) Offense A person who knowingly and in violation of this part–

(1) uses or causes to be used a unique health identifier;

(2) obtains individually identifiable health information relating to an individual; or

(3) discloses individually identifiable health information to another person,
shall be punished as provided in subsection (b) of this section. For purposes of the previous sentence, a person (including an employee or other individual) shall be considered to have obtained or disclosed individually identifiable health information in violation of this part if the information is maintained by a covered entity (as defined in the HIPAA privacy regulation described in section 1320d-9 (b)(3) of this title) and the individual obtained or disclosed such information without authorization.

Penalties for violations of the statute can include fines of up to $250,000, imprisonment for up to 10 years, or both.
Continue reading

Published on:

by

On May 3, 2012, the Centers for Medicare and Medicaid Services (CMS) announced, via the CMS blog, that CMS will not require data collection by applicable manufacturers and group purchasing organizations under the Physician Payments Sunshine Act (PPSA) before January 1, 2013. The announcement indicates that the final rule will be released later this year and that the additional time will allow CMS to address operational and implementation issues and provide time for organizations to prepare for data submission.

The PPSA was a section of the Affordable Care Act of 2010 intended to provide transparency in requiring reporting of payments or gifts to physicians, and physician ownership and investment interests. The proposed rule implementing the PPSA was released December 19, 2011, and the announced delay is partly a result of the comments received from stakeholders during the 60 day comment period. The final rule was originally scheduled to be released for implementation on January 1, 2012.

The proposed rule requires that applicable manufacturers that sell or distribute a covered drug, device, biological, or medical supply disclose certain payments or other transfers of value to covered recipients. A covered recipient is a physician, other than a physician who is an employee of the applicable manufacturer, or a teaching hospital. The rule also requires the disclosure of payments or transfers of value to the immediate families of covered recipients.
Continue reading

Published on:

by

On April 27, 2012 the Centers for Medicare and Medicaid Services (CMS) published a final rule that states new provider and supplier requirements. The final rule requires all providers and suppliers that qualify for a National Provider Identifier (NPI) to include their NPI on all enrollment applications for Medicare or Medicaid, and on all claims submitted for payment. The rule further states that any claim submitted without the appropriate NPIs will be denied. The final rule also requires that all prescriptions under Medicare Part D include an NPI for the prescribing physician. The rule is intended to help more efficiently and accurately detect fraud, and is estimated to save taxpayers an estimated $1.59 billion over ten years.

In a press release, CMS announced that the rule “ensures that only qualified, identifiable providers and suppliers can order or certify certain medical services, equipment, and supplies for people with Medicare.”

Additionally, the rule also requires that physicians and other professionals who are permitted to order and certify covered items and services for Medicare beneficiaries be enrolled in Medicare. In an effort to further track and monitor claims, Part B items and services ordered or referred by a physician or eligible professional can only be submitted if the physician or eligible professional has an approved enrollment record, or a valid opt out record in the Medicare Provider Enrollment, Chain, and Ownership System (PECOS).

Finally, the rule mandates document retention requirements for providers and suppliers that order and certify items and services for Medicare beneficiaries. Under the final rule providers and suppliers must maintain ordering and referring documentation, including the NPI, received from a physician or eligible non physician practitioner for seven years from the date of service. Further, failure to comply with the documentation retention requirements is reason for revocation.
Continue reading

Published on:

by

From July 2011 to February 2012 the Government Accountability Office (GAO) conducted a performance audit of the Centers for Medicare and Medicaid Services (CMS) efforts to strengthen the screening of providers and suppliers applying to take part in, and currently taking part in, the Medicare and Medicaid programs. On April 10, 2012 the GAO released its report to the Chairman of the Senate Finance Committee.

The purpose of the study was to determine weaknesses in the CMS enrollment procedures that leave the Medicare and Medicaid programs open to fraud and abuse. CMS currently has some procedures in place for screening applicants, and the GAO study reveals that there are planned procedures that will be proposed and implemented in 2012 to further improve the applicant screening process.

The Patient Protection and Affordable Care Act of 2010 (PPACA) provided CMS with increased authority to combat fraud and abuse in Medicare. Under this authority, CMS currently uses front end automated edits to check a provider’s National Provider Identifier to make sure it is active before processing a claim. PPACA also requires providers and suppliers be subject to licensure checks, and gives CMS the authority to require criminal background checks.

The GAO report addresses the extent to which CMS has implemented new provider and supplier enrollment screening procedures since the enactment of PPACA. On February 2, 2011 CMS published a final rule implementing a screening procedure based on a provider or supplier’s risk of fraud, waste, and abuse. These risk categories are limited, moderate, and high. Each risk category comes with varying degrees of application screening. High risk providers and suppliers could undergo unscheduled site visits and fingerprint based criminal background checks.

The report found that there are currently new screening procedures, the implementation of which remain in progress. CMS is in the process of drafting a proposed rule which will extend surety bond requirements for home health agencies, independent diagnostic testing facilities, and potentially outpatient rehabilitation facilities. Currently, surety bonds are only required for DMEPOS suppliers.

CMS is also planning to contract with Federal Bureau of Investigation-approved contractors to handle fingerprinting of providers and suppliers, and do criminal background checks of high risk applicants. CMS expects to have contracts in place for these screening procedures by the end of 2012.

PPACA has a requirement that Medicare providers establish compliance programs that contain core elements of compliance and ethics as established by CMS and the HHS OIG. A compliance program is a set of policies and procedures that a provider organization implements to help it act ethically and within the parameters of the law. CMS is working on developing a compliance program intended to help provider organizations prevent and detect violations of Medicare regulations, but there is no current target date for the implementation of this program.
Continue reading

Published on:

by

On April 2, 2012 DCS Healthcare posted new approved issues to its approved issues list for some Region A states. Among them were two issues for skilled nursing facilities:

· CT Scans, Head and Neck, Incorrect Billing: Potential incorrect billing of CT scans not supported by medical necessity (NGS LCD 28516 (A48015))

· CT Scans, Trunk and Extremities, Incorrect Billing: Potential incorrect billing of CT scans not supported by medical necessity (NGS LCD 28516 (A48015))

In late March 2012, CGI posted a new approved issue to its approved issues list for Region B states. The new issue involves a complex medical necessity review:

· Minor Musculoskeletal Procedures ; MS-DRGs 479, 484, 494, 497, 499, 502, 508, 509, 512, 517 (Medical Necessity): The purpose of this complex review is to identify claims that have been reviewed validating medical necessity in short stay, uncomplicated admissions. This review will identify if medical necessity was met per Medicare guidelines.

On March 23, 2012, Connolly added new approved issues to its approved issues list for Region C states:

· Hospice Related Services -Outpatient CMS Issue Number: C000162012: Services related to a Hospice terminal diagnosis provided during a Hospice period are included in the Hospice payment and are not paid separately.

· Excessive Drug Units Billed – Carrier (At this time, Medical Necessity will be excluded from this review) CMS Issue Number: C001562011: Drugs and Biologicals should be billed in multiples of the dosage specified in the HCPCS code long descriptor. The number of units billed should be assigned based on the dosage increment specified in that HCPCS long descriptor, and correspond to the actual amount of the drug administered to the patient, including any appropriate, discarded drug waste. If the drug dose used in the care of a patient is not a multiple of the HCPCS code dosage descriptor, the provider rounds to the next highest unit. Drug waste should be coded according to the requirements of the local contractor. Claims billed with excessive units will be reviewed to determine the correct number of billable/payable units.

On March 19, 2012, HealthDataInsights added several new issues to its approved issues list for Region D states:

· Acute Inpatient Hospitalization – Major Male Pelvic Procedures with CC/MC (DRG 707): Medicare pays for inpatient hospital services that are medically necessary for the setting billed. Medical documentation will be reviewed to determine that services were medically necessary.

· Acute Inpatient Admission – OR Procedure with Principal Diagnosis of Mental Illness (DRG 876): Medicare pays for inpatient hospital services that are medically necessary for the setting billed. Medical documentation will be reviewed to determine that services were medically necessary.
Continue reading

Published on:

by

The Centers for Medicare and Medicaid Services (CMS) issued a memo to Medicare Shared Savings Program (MSSP) applicants on March 16, 2012, in response to questions from Accountable Care Organization (ACO) applicants. The memo clarified and provided guidance on some of the requirements ACO applicants to the MSSP will have to attest to should they choose to sign a participation agreement for the MSSP.

The memo provides definitions for “ACO participant” and “ACO provider/supplier” according to federal regulations. An ACO participant is an individual or group of ACO providers/suppliers that is identified by a Medicare-enrolled Taxpayer Identification Number (TIN) that alone or together with one or more other ACO participants comprises the ACO. An ACO provider/supplier is a provider or supplier enrolled in Medicare that bills for items and services furnished to Medicare fee-for-service beneficiaries under a Medicare billing number assigned to the TIN of an ACO participant. An ACO participant is identified by its Medicare-enrolled TIN number. The memo highlights the point that an ACO participant is identified by its Medicare-enrolled TIN. The key point of this section of the memo is that an ACO participant is not eligible to participate in an ACO unless all ACO providers/suppliers associated with the ACO participant TIN have agreed to comply with the program regulations. More simply stated, an ACO participant is not eligible for an ACO unless all providers and suppliers billing under its TIN have agreed to participate.

Further, all agreements between or among an ACO, ACO participant, and ACO provider/supplier must be executed before the ACO submits its application. The application process requires that an applying ACO provide a list of the ACO participants and associated providers/suppliers. Agreements to participate in the program must be executed by all of these parties prior to submission of the application.

The memo also specifies minimum content for an agreement or contract between an ACO and ACO participant. Agreements must contain an explicit requirement that the ACO participant agrees to participate in and comply with the requirements of the MSSP. Agreements must also contain the rights and obligations of ACO participants and ACO providers/suppliers, as well as give authority to the ACO to terminate the rights of an ACO participant for non-compliance. Furthermore, ACOs cannot require that beneficiaries be referred to ACO participants or providers/suppliers except as expressly permitted by regulation.

The final topic the memo covers is the eligibility requirement pertaining to the ACO’s governing body. Federal regulations require that an ACO have an identifiable governing body with the authority to execute the functions of the ACO. In cases where the ACO is comprised of multiple, otherwise independent ACO participants, the ACO must have a legal entity and governing body that is distinct and separate from each of them. The governing body must have oversight of, and responsibility for, strategic direction. The governing body must also have management which is accountable for the ACO’s activities, and governing body members who have a fiduciary duty to the ACO.
Continue reading

Published on:

by

The Centers for Medicare and Medicaid Services (CMS) has published a final rule for standards regarding Durable Medical Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS) suppliers. The rule, published March 14, 2012 in the Federal Register, revises and specifies the definition of “direct solicitation” as it applies to DMEPOS suppliers. The rule also eliminates the requirement that DMEPOS suppliers comply with local zoning ordinances. In the official comments, CMS indicated that all zoning issues are better left to the states.

The rule limits the contact a DMEPOS supplier can make with a beneficiary. Previously, “direct solicitation” had been broadly defined as telephonic contact. The August 27, 2010 final rule broadened the definition of “direct solicitation” to include not only telephonic contact, but also in-person contact, email, and instant messaging. The new adopted rule, which will be effective April 13, 2012, eliminates the prohibition on “direct solicitation” and only restricts direct contact with the beneficiary by telephone. The new adopted rule further requires that a DMEPOS supplier must have written permission from the beneficiary to contact the beneficiary by telephone.

The new rule also allows DMEPOS suppliers to contract with a third party to provide licensed services, provided the third party is appropriately licensed under applicable state laws. The prior rule prohibited DMEPOS suppliers from contracting licensed services.
Continue reading

Contact Information
210 E 3rd St #204
Royal Oak, MI 48067
Phone: 248-544-0888
Fax: 248-544-3111

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please do not include any confidential or sensitive information in a contact form, text message, or voicemail. The contact form sends information by non-encrypted email, which is not secure. Submitting a contact form, sending a text message, making a phone call, or leaving a voicemail does not create an attorney-client relationship.

Copyright © 2016 – 2024, Wachler & Associates, P.C.
JUSTIA Law Firm Blog Design