The government is escalating investigations through Recovery Audit Contractors (RACs), Medicare Administrative Contractors (MACs), Medicaid Integrity Contractors (MICs), Zone Program Integrity Contractors (Z-PICs), and now, the Health Care Fraud Prevention and Enforcement Action Team (HEAT). Home Health agencies are at a critical crossroads. It is essential that agencies take control, review processes, and proactively identify and address vulnerable areas.
The MACs are looking at current claims filed. The RACs have taken a retrospective look at claims, but it has been the Z-PICs who have been busy. They are the auditors using refined algorithms to identify risk patterns.
The RAC auditors have been authorized to recover “improper payments “of preapproved areas of risk. In the demonstration project, high areas of risk included incorrectly coded records, therapy appropriateness, and medically unnecessary services. The industry has concerns that therapy 13th, 19th visit and 30 day assessments will be a prime target. What about the Face–to-Face encounter? RACs are expected to be busy, busy, busy when probing compliance with that regulation.
The HSS and the U.S. Department of Justice have teamed up to create the new Health Care Fraud Prevention and Enforcement Action Team (HEAT) to investigate and work to eliminate fraud in healthcare. They are using predictive modeling algorithms and high level technology as key tools for their mission. Their initial focus has been directed toward Durable Medical Equipment, as well as services paid for by Medicare Part C (Medicare Advantage) and Part D (Prescription Drug Programs).
Now, more than ever a strong Corporate Compliance Program is essential in the industry.
Agencies should be auditing samples of past claims, reviewing present processes, educating personnel, and updating their present Corporate Compliance Plan. The OIG believes that effective compliance programs should include the following components, which are based on the seven steps of the Federal Sentencing Guidelines.
Components of a Compliance Plan:
- Compliance Policies and Procedures to include written standards of conduct
- Designation of a Compliance Officer and Compliance Committee
- Ongoing Education and Training
- Effective lines of communication; Process for Reporting Concerns, such as a hotline
- Enforcement of Standards
- Development of an Auditing and Monitoring System
- Corrective Action Process for Correcting Compliance Problems
The Corporate Compliance Plan should represent the corporate wide initiative designed to detect and prevent problems of noncompliance and include:
- An Introduction and Purpose complete with expectations.
- Key Personnel
- Response and Corrective Action
- Enforcement and Discipline
- Ø Standardized Conduct
- Standards for Business Conduct
- Code of Conduct
Code of Ethics
- Employee Open Communication
- Agreement with the National Hotline Service
- Tracking all calls including interventions
Effective programs have strong internal controls to promote adherence to applicable federal and state laws. They will also include internal auditing components of agency processes, services, and products with feedback mechanisms. There is a well defined agency code of conduct with a compliant culture and frequent employee training. An infrastructure includes a Corporate Compliance Officer who, in addition to other duties, will monitor industry areas audit focus. The agency can then explore their vulnerabilities.
The OIG Top Medicare PPS Compliance Issues include:
- Reporting additional visits not made in order to exceed LUPA and therapy thresholds
- Providing additional visits to avoid LUPA and therapy thresholds
- Upcoding and downcoding on the OASIS
- Duplicate bills and timeliness
- Returning credit balances promptly
- Routine waivers of copays
- Billing for services without physician orders
The RAC Demonstration Project issues include:
- Incorrectly coded 35%
- Lack of Medical Necessity 40%
- Insufficient documentation 10%
What are your audits reflecting? Is documentation adequate to support all diagnoses? Does the documentation support the skill necessary for each visit?
Besides the above areas that might include potential claims fraud and quality of care false claims (False Claims Act 31 U.S.C. 3730), home health Corporate Compliance Officers must also be aware of HIPAA compliance, Patient Freedom of Choice 1802, Conditions of Participation (COP) and licensure violations as well as monitoring referrals to prevent referral kickback violations (Stark II, Phase III, SSA 1877) and Civil Monetary Penalties, SSA 1128(a)(5).
Home health agency compliance officers should expect to remain on the frontline of risk assessment and enforcement of health care regulations. The RACs are only beginning their audits.
A positive by-product of an organization that effectively implements a Corporate Compliance Plan is the emergence of a renewed vision of the future. In this age of government audits, a forward thinking organization will create or update their program for all of the right reasons. However, corporations will soon realize that they can leverage their compliance programs as public relations tools, which not only affirm their role as solid community citizens, but, also as business associates who share commitment to integrity and ethics.
This week Select Data has provided a sample Corporate Compliance Power Point Presentation for your use. This can be used as a solid shell to have specifics of your organization added. It reinforces the basics. There is no such thing as no need for reinforcement in compliance, especially not in this climate.
To download a copy of this PowerPoint click here.