Effective health care corporate compliance. (Implementing HIPAA and Other Compliance Programs).* In March, 2000, Community Health Systems reached a $31 million settlement with the Department of Justice concerning overpayments based an up-coded billings to the Medicare, Medicaid, and CHAMPUS CHAMPUS Civilian Health & Medical Program for Uniformed Services A health care plan for military dependents and retirees operated by the DoD Types of service HMO, PPO, and fee-for-service, through a single health plan known as TriCare programs. * A federal judge in Tampa, Florida “Tampa” redirects here. For other uses, see Tampa (disambiguation). Tampa is a United States city in Hillsborough County, on the west coast of Florida. It serves as the county seat for Hillsborough County.GR6. , sentenced a Columbia/HCA Healthcare Corporation executive to two years in prison for Medicare fraud Medicare fraud Medifraud Medical practice Any unlawful act which results in the inappropriate billing of Medicare for services by a health care provider–eg, physicians, hospitals and affiliated providers. See Medicare. on December 3, 1999, for six counts of conspiracy and making false statements on Medicare and CHAMP US cost reports. * In September, 1999, Sten Island University Hospital in New York New York, state, United States New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of agreed to pay $45 million to settle a state Medicaid over-billing case and agreed to an independent review organization to monitor compliance over a five-year period. * On September 22, 1999, Florida's Attorney General filed a civil racketeering Traditionally, obtaining or extorting money illegally or carrying on illegal business activities, usually by Organized Crime . A pattern of illegal activity carried out as part of an enterprise that is owned or controlled by those who are engaged in the illegal activity. lawsuit against Rite Aid Rite Aid (NYSE: RAD) is a United States retailer and pharmacy chain, operating over 5,000 stores in 31 states and the District of Columbia. Rite Aid Corporation is one of the nation's leading drugstore chains. Corporation, alleging its pharmacists secretly overcharged some 29,000 uninsured customers for pain and other prescription medications. FEDERAL AND LOCAL investigation and prosecution of fraud and abuse violations has clearly accelerated over the past several years. While 20 years ago headlines trumpeted military purchases of outrageously priced hammers and toilet seats, the focus today, both in the media and government, is health care fraud and abuse. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. its own report, the Office of the Inspector General Office of the Inspector General (or OIG) is a common sub-agency within cabinet-level agencies of the United States federal government and serves as auditing and investigative arm of the agency's programs focused on identifying waste, fraud and abuse. estimates that Medicare overpaid o·ver·pay v. o·ver·paid , o·ver·pay·ing, o·ver·pays v.tr. 1. To pay (a party) too much. 2. To pay an amount in excess of (a sum due). v.intr. To pay too much. providers $23 billion in 1996, 14 percent of the budget. To support and expand federal fraud and abuse investigation, Congress included in the Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. According to the Centers for Medicare and Medicaid Services (CMS) website, Title I of HIPAA protects health insurance coverage for workers and their families when of 1996 (Kennedy-Kassebaum) more than $1 billion for the FBI, HHS HHS Department of Health and Human Services. , and Department of Justice. Further, ignorance, good faith, or even the lack of published regulations are not, thus far, mitigating factors. Academic practices are challenging HHS's investigations and penalties on the grounds that they are being held responsible for violating billing regulations that did not exist or were indecipherably vague at the time the services occurred. The stakes may become greater. Under the American Law Institute's 1994 Principles of Corporate Governance Corporate Governance The relationship between all the stakeholders in a company. This includes the shareholders, directors, and management of a company, as defined by the corporate charter, bylaws, formal policy, and rule of law. , failure of corporate officers and directors to institute and periodically assess compliance systems in their organizations "can form the basis for personal liability of the officers and directors." Mitigating the risks What can organizations and their officers and directors do (beyond having good O&D insurance) to prevent or, at least, mitigate the risks of fraud and abuse? Fortunately, the law makes allowances for and encourages organizations to have a comprehensive and "effective" corporate compliance program. The Federal Sentencing Guidelines The Federal Sentencing Guidelines are rules that set out a uniform sentencing policy for convicted defendants in the United States federal court system. The Guidelines are the product of the United States Sentencing Commission and are part of an overall federal sentencing reform state that "sanctions imposed on an organization and their agents, taken together, will provide just punishment, adequate deterrence deterrence Military strategy whereby one power uses the threat of reprisal to preclude an attack from an adversary. The term largely refers to the basic strategy of the nuclear powers and the major alliance systems. , and incentives for organizations to maintain internal mechanisms for preventing, detecting, and reporting criminal conduct." Among the incentives is the explicit reduction in the permissible range of penalties when the organization has an "effective" compliance program in place. The Guidelines define such a program as "[one] that has been reasonably designed, implemented, and enforced so that it generally will be effective in preventing and detecting criminal conduct." Seven necessary components of an "effective" program are outlined: 1. Standards and procedures. The organization must have compliance standards and procedures to be followed by its employees and agents that are "reasonably capable of reducing the prospect of criminal conduct" [Sec. 8A1.2, Application Note 3(k)(1)]. Beyond a simple proscription against breaking the law, the standards and procedures should set forth explicitly the position of the organization against any infringement of legal or regulatory requirements Regulatory requirements are part of the process of drug discovery and drug development. Regulatory requirements describe what is necessary for a new drug to be approved for marketing in any particular country. . These must be detailed and clear. Preferably, the standards and procedures are based on laws or regulations that may even be paraphrased in the standard. This is the most important component of an effective compliance program and typically is the largest and most extensive. The training and auditing of the program will be based on the standards and procedures. 2. Oversight responsibility. An individual must have the resources, responsibility, and authority to carry out the compliance program. This person must be highly placed within the organization and have "a substantial role in the making of policy within the organization. The term includes a director; an executive officer; an individual in charge of a major business or functional unit...; and an individual with substantial ownership interest" [Sec. 8A1.2, Application Note 3(b)]. The standards and procedures should specify the compliance officer's duties and responsibilities. 3. Employee training. The organization must have taken steps to communicate effectively its standards and procedures to all employees and other agents" [Sec. 8A1.2, Application Note 3(k)(4)]. This may take the form of required training programs or publications distributed throughout the organization. Requiring participation in the compliance training is recommended to emphasize the importance of the program to the organization's mission and goals. The training program should be founded in the standards and procedures and tailored to the employees' responsibilities. In addition to familiarizing fa·mil·iar·ize tr.v. fa·mil·iar·ized, fa·mil·iar·iz·ing, fa·mil·iar·iz·es 1. To make known, recognized, or familiar. 2. To make acquainted with. employees to the compliance program, it provides an opportunity to create a corporate culture emphasizing the expectation that all government rules and regulations will be followed, and in which ethics are publicly deemed important by senior managers. 4. Monitoring and auditing. An effective program needs to 'have taken reasonable steps to achieve compliance with its standard" [Sec. 8A1.2, Application Note 3(k)(5)]. Organizations should have a monitoring and auditing process to assure that their compliance standards and procedures are being followed. The purpose is not to find criminal wrongdoers, but to identify individuals and areas where the compliance program is not being followed or understood and fix them. The process may include spot checks of specified procedures, random review of bills and claims, as well as documentation of participation in compliance training. Also, organizations should periodically review and assess how the program is working. And, as always, subcontractors, agents, consultants, and vendors must be held accountable to the program's standards and procedures. 5. Reporting system. Among the reasonable steps an organization must take is "having in place and publicizing pub·li·cize tr.v. pub·li·cized, pub·li·ciz·ing, pub·li·ciz·es To give publicity to. Noun 1. publicizing - the business of drawing public attention to goods and services advertising a reporting system whereby employees and other agents [can] report criminal conduct by others within the organization without fear of retribution" [Sec. 8A1.2, Application Note 3(k)(5)]. Employees and agents must be required to report any activities or behavior that may be illegal or have the appearance of being illegal. Further, the standards should mandate reporting breeches of the compliance program itself. Many experts recommend that organizations have a confidential telephone "hotline." The program should specify what information will be collected and processed, and what will happen to the whistleblower whis·tle·blow·er or whis·tle-blow·er or whistle blower n. One who reveals wrongdoing within an organization to the public or to those in positions of authority: "The Pentagon's most famous whistleblower is . . . While people reporting wrongdoing wrong·do·er n. One who does wrong, especially morally or ethically. wrong  do cannot be
held harmless for any laws or regulations they may have violated, they
must be protected from retribution by others. Of course, employees and
agents must understand the reporting requirements and process, as well
as their protection in doing so and their liability in failing to do so.
6. Enforcement and discipline. "The standards must have been consistently enforced through appropriate disciplinary mechanisms, including ... discipline of individuals responsible for the failure to detect an offense" [Sec. 8A1.2, Application Note 3(k)(6)]. The core expectation for an effective compliance program is an explicit and appropriate hierarchy of disciplinary actions and penalties described in the organization's standards and procedures and disseminated to its employees and agents through education and training. Also, often overlooked is the requirement that the program enforce and discipline not only those who break laws, rules, and regulations, and those who willfully willfully adv. referring to doing something intentionally, purposefully and stubbornly. Examples: "He drove the car willfully into the crowd on the sidewalk." "She willfully left the dangerous substances on the property." (See: willful) break requirements of the compliance program, but those who should have detected violations of the law or the program. A wink A short control signal in telephony operations. It can be a single pulse, a brief interruption of a continuous tone, a change of bits or a change in polarity of the signal. For example, a momentary interruption (the wink) of a continuous, single-frequency tone is a signal that the and a nod toward violations is not acceptable and the program must state the penalties for failing to report a breech breech (brech) the buttocks. breech n. The lower rear portion of the human trunk; the buttocks. breech, britch the buttocks of an animal; the backs of the thighs. of the program when the individual could reasonably have been expected to have known of the violation. 7. Response and prevention. The program should have explicit response, prevention, and corrective action A corrective action is a change implemented to address a weakness identified in a management system. Normally corrective actions are instigated in response to a customer complaint, abnormal levels if internal nonconformity, nonconformities identified during an internal audit or plans that are triggered by the discovery of a violation of laws, regulations, or the program itself. This includes changes to the compliance program based on lessons learned. "After an offense has been detected, the organization must have taken all reasonable steps to respond appropriately to the offense and to prevent further similar offenses--including any necessary modifications to its program to prevent and detect violations of the law" [Sec. 8A1.2, Application Note 3(k)(7)]. Obviously, covering up the violation is unacceptable and will lead to added penalties. As the main purpose of the compliance program is to minimize and reduce any liabilities for the organization should a violation occur, it is important to have a clear response plan when wrongdoing is confirmed. To assist in fulfilling this piece of an effective compliance program and avoid any steps falling through the cracks, a checklist identifying the actions required by the program is advisable. These seven components of an effective corporate compliance program are the minimum specified in the Federal Sentencing Guidelines to minimize culpability culpability (See: culpable) . In fact, organizations may be held to more stringent requirements. "An HHS/OIG official indicated if a violation has been discovered, the federal government would expect the organization's compliance program to include the following features: 1. Authorization for the government to interview employees with or without counsel present. 2. Annual compliance reviews and audits conducted by independent third parties. 3. Corporate standards of conduct adopted by the Board of Directors, as well as an initial certification and annual re-certification that every employee has read and understands the code. 4. Transferability of the program to any subsequently acquired facility or organization. 5. The establishment of a toll-free number for reporting suspected violations. 6. Waiver of the attorney-client privilege In the law of evidence, a client's privilege to refuse to disclose, and to prevent any other person from disclosing, confidential communications between the client and his or her attorney. in the investigation of a complaint or violation." Conclusion Those charged with investigating and prosecuting have high expectations for health care organizations. While hospitals and home health agencies have received the most scrutiny from investigators--and the most publicity--all health care organizations directly or indirectly receiving payment from federal, state, or local governments are well advised to have an effective, working compliance program. (5) Avoiding or minimizing potential penalties is a compelling reason to adopt a comprehensive compliance program. But perhaps the best reason to make compliance a priority is the value such a program can add to the organization both in the operations it supports and the culture it creates. By educating employees about laws, rules, and regulations and their responsibility for obeying and following them, the organization has also taken substantial steps toward building a common base of knowledge about its core business, its goals, and its mission. With this knowledge, employees have a greater understanding of how their job fits into the whole and can better fulfill their roles. By extension, a well-planned, effective compliance program can create an ethical, effective, creative, and productive corporate culture. Indeed, when constructed with this in mind, the compliance program, beyond the risk reduction function, is a key part of an organization's culture, one that will ultimately determine its success or failure. With stepped up federal, state, and private investigation and oversight, corporate compliance has become an essential function in any business operation, especially in health care. Though the rules and regulations affecting health care are labyrinthine lab·y·rin·thine adj. Of, relating to, resembling, or constituting a labyrinth. labyrinthine pertaining to or emanating from a labyrinth. , ignorance of and failure to comply with them, despite good faith efforts, do not defend against compliance liability and substantial punitive damages Monetary compensation awarded to an injured party that goes beyond that which is necessary to compensate the individual for losses and that is intended to punish the wrongdoer. . The Federal Sentencing Guidelines of 1991, explicitly lay out the penalties and reduction in penalties brought into play by an effective compliance program. Beyond risk reduction, such a compliance program can contribute to the efficient operation of the health care organization and be a valuable support of its corporate culture. References (1.) Serb, Chris. Comply Route, Hospitals and Health Networks, September 5, 1997, pp. 50-54. (2.) United States United States, officially United States of America, republic (2005 est. pop. 295,734,000), 3,539,227 sq mi (9,166,598 sq km), North America. The United States is the world's third largest country in population and the fourth largest country in area. sentencing Commision, "Sentencing commission Guidelines for the United States Courts "United States courts" may refer to:
(3.) Queen, David and Frasher, Elizabeth. Designing a Health Care Corporate Compliance Program, Washington, D.C.: Atlantic Information Services See Information Systems. , Inc., 1995. (4.) Stratton, Kathleen, and Nahra, Margit. Managed Care Under Siege: How an Effective Compliance Program Can Protect Your Company, Managed Care Quarterly, Winter, 1996; 4(1): 80-85. Timothy B. Saum, MD, MPH, is Director and Medical Director of External Quality Review for TennCare in Nashville, Tennessee “Nashville” redirects here. For other uses, see Nashville (disambiguation). Nashville is the capital and the second most populous city of the U.S. state of Tennessee, after Memphis. . He can he reached by calling 615/256-3440, ext. 3128 or via email at limsaun@pol.net. Jean Byassee, JD, is an attorney with Dobbins and Venick in Nashville, Tennessee. She can he reached by calling 615/321-5659. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion