Health Law Blog - Healthcare Legal Issues

Archive for the ‘Fraud and Abuse’ Category

Using the Self Disclosure Protocols to Minimize Risk

Tuesday, June 27th, 2017

When to Use the OIG’s Self Disclosure Protocols

Self Disclosure Mitigate RiskThe HHS Office of Inspector General offers providers an opportunity to self-disclose certain violations in exchange for avoiding some of the more draconian penalties that may otherwise apply under applicable regulations.  Even though the OIG’s Provider Self-Disclosure Protocols (“SDP”) can be very compelling, the decision whether to utilize the OIG’s self-disclosure protocols is often very difficult.

To begin, the SDP is not available in all situations.  The SDP is limited to situations that potentially violate Federal criminal, civil, and administrative laws for which Civil Monetary Penalties are authorized.  The SDP requires the disclosing party to Continue

Dermatology Fraud Risk Areas – Impossibly Long Days

Tuesday, June 27th, 2017

Failure to Supervise and Impossibly Long Days

Payment of $302,000 and Forced Corporate Integrity Agreement – July 2016

fraud and abuse dermatologistsThe government alleged the dermatologist in this case repeatedly billed for services under the “incident to” billing rules during periods when the dermatologist was not present in the office.  Some of the services were allegedly performed when the doctor was traveling out of the country.  The government also alleged the doctor billed for impossibly long days including one day where 26 hours were billed.

This case illustrates the need to comply with the “incident to” billing rules.  Those rules permit a physician extender’s services be billed under the physician in certain circumstances.  In order to qualify to bill incident to, the physician must be physically present within the office suite at the time the extender performs the service.  The physician cannot order the procedure and then leave the office while the procedure is being performed.  There are new Medicare rules clarifying some aspects of the “incident to” billing rules.  There was a previous ambiguity that some providers interpreted as permitting the physician that ordered the service to bill for the services, even though another physician actually supervised the performance of the service.  The rules revision clarified only the supervising physician can bill the services as “incident to” his or her service.  The ordering physician can only bill the service if he or she also supervises the extender.

Dermatology Practice Fraud and Abuse Risks Identified in Florida Case

Tuesday, June 27th, 2017

Dermatologist Fraud and Abuse Risks – Identified from Florida Case Targeting Demotologist

Dermatology Risk Areas Fraud and AbuseAn allegation from a competing dermatologist resulted in a Federal government investigation of a Florida dermatologist.  The dermatologist was accused of charging the Medicare program for unnecessary biopsies and radiation treatments that were not rendered, not properly supervised, or given by unqualified physician assistants.  It was alleged the doctor was not even in the country when some of the procedures at issue were performed.  The unnecessary charges were alleged to have totaled around $49 million over a 6-year period.

The dermatologist did not admit wrongdoing in the settlement.  Rather, he alleged the overbilling resulted from his unique practice that relied on radiation, instead of disfiguring surgery, to help patients.  The doctor claimed he had cured “over 45,000 non-melanoma skin cancers with radiation therapy” over a 30-year period.  The problem with that argument appears to be the fact that the dermatologist was not trained or qualified in providing radiation oncology treatments.

There are a number of interesting things about this case.  The case was brought by a competing physician as a whistleblower.  The physician who brought the case expressed concern about having to treat patients that the accused doctor had misdiagnosed with squamous cell carcinoma.

The case also alleged significant billing for services allegedly provided when the doctor was not even in the office.  The accused doctor alleged he was available by phone while the procedures at issue were being performed.  This raises interesting issues under the rules regarding “incident to” billing.  Those rules permit a physician to bill for physician extender services.  In order to qualify to bill a service as “incident to” a physician’s service, the billing physician must meet supervisions requirements.  The physician must be physically present within the office suite during the performance of the procedure in order to qualify to bill a service as “incident to” the physician’s services.

It appears there were a number of things going on in this case.

  • There appears to have been a pattern of diagnosing a higher level of severity than was supported by the patient’s condition.
  • There was a routine use of radiation therapy, even in cases that were not medically appropriate.  This placed patients at potential risk.
  • There appears to have been questions whether the accused doctor was authorized to perform radiation therapy.
  • There were issues regarding improper use of the “incident to” billing rules when the doctor was not present to actively supervise the service.
  • There was also some evidence the doctor had offered incentives for staff to misdiagnose and over utilize the radiation treatment.
  • There was an alleged kickback arrangement with another physician who operated a clinical laboratory.

Challenging Physician Payment Sunshine Act Disclosures

Tuesday, June 27th, 2017

The Affordable Care Act added the Physician Payment Sunshine Act (Sunshine Act) as section 1128G to the Social Security Act. The Sunshine Act requires applicable manufacturers of drugs, devices, biologicals, or medical supplies and certain group purchasing organizations to report annually to the Centers for Medicare & Medicaid Services (CMS) certain payments or items of value that are provided to physicians and teaching hospitals.  The Sunshine Act also requires CMS to publish payments reported on a public Web site.

In 2013, CMS issued final regulations interpreting and clarifying the requirements of the Sunshine Act.  The final regulations clarify the reporting process, identify exceptions and exclusions from the reporting requirements, and provide further details regarding what constitutes a reportable relationship.  The final rule delineates the specific data elements reporting organizations are required to include and the required reporting format.  Reporting organizations failing to make required reports are subject to potential civil monetary penalties.  Continued

Credible Information Indicating Overpayment – Duty to Investigate

Tuesday, June 27th, 2017

Addressing Potential Over-payment Situations – Exercising Reasonable Care

known overpayment credible informationThe new final regulations under the 60-day repayment rule, require providers to affirmatively exercise reasonable diligence to identify potential overpayment situations. The obligations to further investigate is triggered when a provider receives “credible information” that indicates a potential overpayment.  Affirmative steps must be taken in a timely and good faith manner to investigate the situation further. Failing to use reasonable diligence can result in significant penalties under the False Claims Act (FCA). In some cases criminal liability can attach as well; particularly when evidence strongly indicates a problem might exist and a deliberate decision is made not to investigate or repay an amount due.

By now most health care providers are at least generally aware of the 60-day repayment rule. That rule originated as part of the Affordable Care Act in 2010. The rule provides that the failure to repay a known overpayment within 60 days after discovery results in potential penalties under the FCA. This means a simple overpayment is multiplied by a factor of three. Additionally, penalties can be assessed in amounts ranging from a minimum of $11,000 and a maximum of approximately $22,000 per claim. Financial exposure under the FCA can be very substantial; particularly when there is a systematic billing error that impacts a large number of claims over a significant period of time. The lookback period for imputed False Claims is 6 years, which amplifies the potential exposure when the “tip of the iceberg” is discovered in a current year audit.

The initial statutory provision left some ambiguity regarding application of the 60-day repayment rule. One significant ambiguity relates to when the 60-day time period begins to run. The statute states the 60-day period commences upon “identification” of the overpayment but included no clarification of when a provider is deemed to have identified the existence of an overpayment. It was not clear whether identification occurred when there was an allegation that an overpayment exists, when an amount of overpayment was calculated, when the existence of the overpayment was verified, or at some other time. It was also unclear whether actual knowledge of an overpayment was required or whether knowledge could be imputed in certain circumstances.

CMS provided clarification on the issue of identification in the final regulations, but the clarification places significant burdens on providers. Under the final rules, the provider is deemed to have identified an overpayment not when actual knowledge is obtained, but rather when the provider “should have” identified the overpayment through the exercise of “reasonable diligence.” The new standard requires providers to conduct a timely and good faith investigation when it receives credible information an overpayment might exist. Failing to take reasonable steps to investigate will result in imputed knowledge and deemed “identification” of the overpayment. In other words, the 60-day clock starts to run when the investigation should have commenced.

It is useful at this point to mention what constitutes an overpayment that invokes the statutory requirement. An overpayment exists when the provider receives any funds to which they are not entitled. There is no requirement of an amount threshold, substantiality, or materiality. Any overpayment invokes the statute and becomes a potential false claim if not repaid within the 60-day period. There are situations where the amount of overpayment is so small that the provider might determine it not worth the resources to identify, quantify and repay. When making this determination, it should be kept in mind the FCA will apply if a whistleblower case is brought or a government investigation is commenced and finds the overpayment. FCA liability can result in large penalties; particularly where there are multiple claims involved. It should also be kept in mind that criminal statutes impose felony penalties for the willful failure to return known overpayments.

Overpayments that are self-discovered and repaid before they become false claims are relatively easy to manage. Once the FCA potentially attaches, these situations become increasingly complicated to manage. The OIG Self Disclosure process should be considered where potential for significant penalties is present. The Self Disclosure Protocols permit resolution at a minimum of 1.5 times the amount of the overpayment. Full disclosure of the facts and investigation is required as part of the self-disclosure process. Only civil penalties are subject to settlement under the protocol. The wrong facts disclosed as part of the SDP process can lead to criminal charges against the entity or individuals. Criminal charges cannot be settled using the SDP.

Where amounts are smaller, a provider may decide to repay without going through the protocol process. A determination of which option is right in the specific situation should be made with the involvement of legal counsel that has experience with these issues.

Proper operation of a compliance program is the best defense to mitigating exposure under the 60-day rule. Prompt investigation should be conducted whenever there is a credible allegation of an overpayment. Compliance risk identification and proactive auditing can also help mitigate risk by identifying problems early and by demonstrating the compliance process is being effectively operated. This will help avoid allegations that overpayments should have been discovered sooner through the exercise of a reasonable compliance program. Most importantly, ignoring alleged overpayments is never an answer that mitigates risk. All credible allegations must be investigated and appropriate repayment should be made using one of the available methods. The requirements of the final rule should be baked into compliance program policies and procedures and staff should be educated on the need to investigate and return overpayments within required timeframes.

Personal Care Agency Fraud – Business Structure Can Impact Compliance Risk

Tuesday, June 27th, 2017

Personal Care Agency Structure Can Increase Risk and Government Scrutiny

Personal Care Agency FraudThe OIG recently released a review of Medicaid Fraud Control Unit activities which identified personal care agencies as accounting for nearly one-third of fraud prosecutions.  Previous blogs identified a number of compliance risks that often ensnare agencies.  Risk can also be impacted by the structure and nature of the business that is conducted by the agency.  The business might be perfectly legal, but can still create additional risk.

An good example involves personal care agencies that focus on recruiting patients with extended families who already reside with the patient.  A personal care business plan that focuses on training extended family might be technically legal, but can certainly present risk that a reviewer will more closely scrutinize record-keeping, PCW training, and other requirements.  Closer scrutiny may result in overpayment requests and/or investigation.

The normal business plan for a personal care agency involves the hiring and training of personal care worker who are assigned to clients who retain the agency’s services.  Normally, a PCW and a client do not know each other and certainly are not sharing a residence with the client.  Some agencies might focus their business on recruitment of patients who live with extended family.  Simply by providing training to the existing family member, the agency is able to generate reimbursement.  The extended family member is able to earn a wage for the service that it performed.

Immediate family will normally not qualify to generate reimbursement as a personal care work.  More distant family might be able to generate reimbursement.  There may be nothing specific in the laws of the applicable state that prohibits this type of arrangement.  At the same time, there is nothing prohibiting a regulator from more closely scrutinizing regulatory requirements when presented with agencies that may be technically legal but could be viewed as being abusive at their core.

The main point here is that business structure and other factors might present additional levels of risk to an agency.  Business structure should be considered as a factor when conducting risk analysis.  Businesses that are operated in technical compliance could present higher degrees of risk than more traditional business structures.

Using Self-Disclosure Protocols – CMS and OIG Self Disclosure Process

Tuesday, April 11th, 2017

Self-Disclosure Has Become a Normal Part of the Compliance Process

As the OIG and CMS make self-disclosure easier for providers, we have noticed an increase in the rate of cases that are being filed.  Assisting providers in making decisions whether to self-disclose, conducting internal investigations, and guiding the self-disclosure process when appropriate has become a large part of our compliance practice.  Here are just a few of the articles and other resources that we have released regarding self-disclosure issues:

Exercising Reasonable Care to Identify and Address Potential Overpayments

Criminal Exposure for Failing to Repay Known Overpayment

When to Use the OIG’s Self Disclosure Protocols

Excluded Party Cases Dominate OIG Published Self Disclosure Settlements

Self-Disclosure Process – Voluntary Self Disclosure Decisions are not Always Easy

When Does An Overpayment Become Fraud? How Simple Inattention Can Expose You to Penalties for Fraudulent Activities

Provider Self-Disclosure Decisions – Voluntary Disclosure Process

Provider Self Disclosure Process

For more information on the self-disclosure process and legal updates impacting the process, watch this space.

Compliance Program Best Practices Review of Effectiveness

Monday, April 3rd, 2017

Now Is The Time To Re-Examine Compliance “Best Practices” In Your Organization

Historically, compliance programs have not been per se mandatory.  However, most larger health care organizations have established formal compliance programs to foster an atmosphere of compliance and to take advantage of possible benefits under the Federal Sentencing Guidelines.  The Patient Protection and Affordable Care Act of 2010 has made compliance programs mandatory for many providers.  The exact scope of what type of provider will be required to establish formal compliance programs has not yet been set in stone by the Office of Inspector General.  However, it can probably be expected that most providers will be required to formalize their compliance efforts.

Institutional health care compliance has been growing for well over a decade now.  Compliance is becoming of major importance to health care providers of all nature and size.  The OIG has promoted compliance programs by releasing compliance guidance covering a number of industries, including billing companies, physician practices, hospitals, home health agencies, long term care facilities, ambulatory surgery centers and others.  Smaller providers who have previously not had the establishment of formal compliance programs on their radar will now be required to adopt formal plans.

It is not enough to simply adopt a compliance plan, place it on a shelf, and let it collect dust.  A compliance program requires active monitoring.  There are seven basic elements that are necessary for a compliance program to meet regulatory requirements and the requirements under the Federal Sentencing Guidelines.  The seven primary elements of an effective compliance program include:

  • The establishment of written compliance policies and procedures;
  • The designation of a high ranking individual within the organization to serve as compliance officer;
  • The establishment of an effective training and education program for all levels of personnel;
  • The establishment of effective lines of communication, such as a compliance hotline, to enable individuals within the organization to report compliance breaches;
  • Performing ongoing internal auditing and monitoring
  • The creation of a system that enforces breaches of the compliance program including appropriate discipline and corrective measures
  • The establishment of effective measures to respond to compliance problems that are detected.

An effective compliance program establishes an atmosphere of compliance that permeates the entire organization.  A compliance program should be tailored to the specific circumstances of the provider.  The program should also feed and grow on itself.  As problems are detected appropriate changes should be made to the program and related policies and procedures.

Mandatory compliance programs also highlight the importance of compliance on larger institutions who may have already adopted formal programs.  These institutions should take the signal that compliance is of growing importance.   Providers who have already adopted compliance plans should take the opportunity to dust them off and re-examine the role of compliance within their organization.  Now is the time to increase the focus on compliance and assure that compliance is an active system rather than a written plan that is sitting on the shelf.

Criminal Exposure for Failing to Repay Known Overpayment

Monday, April 3rd, 2017

Known Overpayments can Implicate Criminal Statutes

failing to repay overpaymentWe hear a lot about potential liability under the False Claims Act for the failure to repay overpayments within 60 days after discovery. Focus on the 60 day rule has taken some of the focus away from the potential for criminal charges for retaining known overpayments. Section 1128B(a)(3) of the Social Security Act (42 U.S.C. § 1320a-7b(a)(3)) makes it a crime to conceal or fail to disclose any occurrence that affects the initial or conued right to any benefit payment. A violations of the statutes requires a showing that the charged individual have knowledge of the event affecting the right to the applicable benefit. A violation of the statute is a felony and is punishable by a maximum of five years in prison and a fine of $250,000 for individuals or $500,000 for corporations.

The Office of Inspector General has applied this statute, even in cases where the overpayment occurs innocently but a party fails to repayment an overpayment after receiving knowledge. This type of situation is clearly subject to the False Claims Act where repayment is not made within 60 days. Criminal responsibility is also a potential; particularly when a decision is made not to repay after learning about the existence of an overpayment. Criminal exposure is present for the entity as well as the individuals who are responsible for failing to make repayment of a known overpayment. There is an element of ambiguity regarding application of the criminal component, but this has not stopped prosecutors from asserting the statute in the past.

The Federal Criminal False Claims Statute (18 U.S.C. § 287) can also apply to impose potential criminal liability.  That statute applies potential criminal liability on any person who “makes or presents” any claim to an agency of the U.S. Government “knowing such claim to be false, fictitious, or fraudulent.”   This statute can lead to potential 5 years imprisonment plus potential criminal penalties.   Conspiracies to violate the Federal Criminal Claims Statute impose double penealties on participants.  Failing to disclose and repay known overpayments could form the basis of a violation of this statutes as well.

Other criminal statutes could potentially apply to the failure to repay known overpayments.  Mention of these above statutes is not intended to be an exhaustive list of potential exposure.

Differential Valuations and the Anti-kickback Statute

Monday, April 3rd, 2017

Ambulatory Surgery Case Demonstrates Differential Value Theory of Renumeration

ASC Fraud and Abuse RemunerationA relatively recent case involving buy-in terms in an ambulatory surgery center demonstrates how different valuations for referral sources and non-referral sources can be evidence of remuneration under the Medicare Anti-Kickback Statute (42 U.S.C. § 1320a-7b(a)-(b)).  The case also demonstrates how the initial investment terms that favor referral sources can foreclose reliance on safe harbor regulations.

The case involved an ambulatory surgery center management company what purchased an interest in an ambulatory surgery center.  The company then offered shares of the company for investment to physicians who were in a position to refer surgical cases to the surgery center.  The physician investment was structured to meet the terms of the safe harbor regulations for ambulatory surgery center investments (“ASC Safe Harbors”).  The ASC Safe Harbors provide protection from remuneration that is received by a referring physician as a return on investment as long as the physician meets certain minimum practice revenue and surgical volume requirements. Physician investors must generally receive at least 1/3 of their practice income from the provision of surgical procedures and perform at least 1/3 of their surgical procedures in the center in which they hold an investment interest.

The problem with the way that the investment interest was structured was the different valuation that applied to the purchase that was made by the management company and the investment offer made to the referring physicians.  The management company purchased its investment at a much higher price than was offered to the physicians.  The differential valuation violated a threshold requirement of the safe harbor regulations that prohibits the initial investment interest to be based, in whole or in part, on the volume or value of referrals that the investor might make to the entity.  It was very difficult for the parties to justify the different value applied to physician investment.  The only apparent difference appeared to be that the physician investors were the referral sources for the surgery center.

This case specifically involved an ambulatory surgery center investment but the concept of differential valuation could apply in other situations involving the Anti-Kickback Statute.  Different values paid to or received from referral sources and non-referral sources can suggest that at least one of the reasons for the differential is the volume or value of potential referrals.  This points out a general area of risk assessment for all health care providers.  Areas where different pricing is applied to referral sources and non-referral sources could signify a potential violation of the Anti-Kickback Statute.

John H. Fisher

Health Care Counsel
Ruder Ware, L.L.S.C.
500 First Street, Suite 8000
P.O. Box 8050
Wausau, WI 54402-8050

Tel 715.845.4336
Fax 715.845.2718

Ruder Ware is a member of Meritas Law Firms Worldwide

Search
Disclaimer
The Health Care Law Blog is made available by Ruder Ware for educational purposes and to provide a general understanding of some of the legal issues relating to the health care industry. This site does not provide specific legal advice and you should not use the information contained on this site to address your specific situation without consulting with legal counsel that is well versed in health care law and regulation. By using the Health Care Law Blog site you understand that there is no attorney client relationship between you and Ruder Ware or any individual attorney. Postings on this site do not represent the views of our clients. This site links to other information resources on the Internet; these sites are not endorsed or supported by Ruder Ware, and Ruder Ware does not vouch for the accuracy or reliability of any information provided therein. For further information regarding the articles on this blog, contact Ruder Ware through our primary website.