Diagnostic Imaging – Medicare Requirements Radiology Test Coverage

We often get questions regarding the conditions of coverage for non-hospital (radiology group) coverage of diagnostic radiology services.  Most questions involve the level of supervision that is required under Medicare rules and the requirements that a treating physician order the applicable test.  Oftentimes, these questions are tied to issues relative to the Stark Law exception for diagnostic radiology services that are performed following a consultation request from another health care provider. 

There are three core requirements for a radiology test to be covered under Medicare. The test must be properly ordered by a treating physician (with limited exceptions), the test must be performed by an authorized supplier, and the test must be performed under the proper level of physician supervision.  This article will briefly cover all three of the prerequisites to coverage of diagnostic radiology tests. The requirements described in this article applies to outpatient tests. Tests ordered in the hospital context are subject to slightly different rules and is beyond the scope of this article.

 Who may order diagnostic radiology tests?

The Medicare reimbursement rules have strict standards for determining who is authorized to order a diagnostic radiology test. The rules are different depending upon whether the provider is located in a hospital or in a non-hospital setting such as an independent diagnostic testing facility or physician’s office.

Generally, in a non-hospital setting, a diagnostic radiology test must be ordered by the treating physician. The treating physician rule is located in the Medicare regulations and requires that the diagnostic test be ordered by the physician (or in certain circumstances a non-physician practitioner) who furnishes a consultation or treats a beneficiary for a specific medical problem and who uses the results of the diagnostic radiology test in the management of the patient’s medical problem.

Generally, the Radiologist performing the test is not permitted to order a diagnostic radiology test.  There are certain exceptions to the treating physician rule which were described in Medicare Transmittal 80. Transmittal 80 describes limited circumstances where a radiologist is permitted to order a diagnostic test and still receive payment for the technical component under Medicare rules.

A radiologist is authorized to order a diagnostic mammography test based upon the results of an initial screening examination.  Where the treating physician cannot be reached and this is documented in the patient’s chart , the testing facility may furnish additional Diagnostic tests if the interpreting radiologist at the testing facility documents that there are abnormal results with the test originally ordered by the treating physician and that an additional test is medically necessary. In order to rely on this exception, the fact that the treating physician was not available and that additional tests were medically necessary should be well documented in the chart.  This exception requires the results of the test to be communicated to the treating physician and used by the treating physician in treating the patient’s medical condition.

Where medically appropriate, the interpreting radiologists is also permitted to make determinations regarding the parameters of the diagnostic test contained in the initial order from the treating physician. In cases where there is a clear and obvious error in the initial order, the interpreting physician may make appropriate modifications. The intervening physician may also cancel orders based upon the patient’s medical condition at the time of the diagnostic tests.

Except for the limited circumstances described above and included in Transmittal 8, the radiologist must always rely upon the order that is made by the treating physician and may not independently order diagnostic radiology test.

Who Is Qualified To Perform the Radiology Test?

The second major requirement for the coverage radiology services in a non-hospital setting is that only a qualified provider of the services may be reimbursed. Qualified providers include physicians, group practices of physicians, approved portable x-ray suppliers, independent diagnostic test testing facilities, nurse practitioners or clinical nurse specialist as authorized under state law, FDA certified mammography facilities, clinical psychologists for certain types tests, qualified audiologists, pathology slide preparation facilities, clinical laboratories for certain tests, and radiation therapy centers.

 Level of Physician Supervision For Diagnostic Imaging Tests

The last of the major requirements for coverage of radiology services is the level of physician supervision that is required given the specific test being performed. Radiology services must be provided under at least a general level physician supervision. Additionally, certain tests must be provided under direct or personal supervision, which require higher levels of physician presence and involvement. Failure to provide the appropriate level of physician supervision and to document the supervision in the chart will result in loss of coverage under Medicare and Medicaid. Any claims submitted in spite of not meeting the supervision requirements will be considered to be not reasonable or necessary by CMS.

There are a few exception from the physician supervision requirements for certain limited types of tests. It must be kept in mind however that these exceptions are Medicare only exceptions and there may be other federal or state laws that apply to require physician supervision. Tests that are excepted from physician supervision requirements include diagnostic mammography procedures, diagnostic tests performed by a qualified audiologist and certain psychological tests.

You must determine whether general, direct or personal supervision is required in order to bill the applicable diagnostic radiology procedure. Failure to meet the appropriate supervision requirement will lead to loss of reimbursement. This can also be an area of potential civil money penalty exposure if billings are made in spite of there not having been appropriate supervision. Thus, the supervision requirement is a significant compliance issue for medical practices who must establish and maintain appropriate policies and procedures regarding supervision of various levels of radiology diagnostic test.

Each level of supervision has very specific requirements that must be met. For this reason it is important to know which level of supervision is required for the specific test being performed. General supervision requires that the procedure be furnished under the physicians overall direction in control. Physician presence is not necessarily required during the performance of procedures that require general supervision.  Under general supervision the physician is responsible for general supervision and training of support personnel who are actually performing the test services. The physician is also responsible for maintaining the necessary equipment and supplies for the safe operation of the diagnostic test.

Direct and  personal supervision each require higher levels of physician involvement and generally require some level of physician presence throughout the performance of the test.  Direct supervision in the office setting requires that the physician be present in the office suite and immediately available to furnish assistance. Physical presence in the office suite must be maintained throughout the entire performance of the procedure. The physician is not required to be physically present in the room where the procedure is performed unless there is a need for the physician’s presence due to some problem that arises during the course of performing the test.

The highest level of physician supervision is personal supervision. Personal supervision requires a physician to actually be present in the room during the performance of the procedure. Personal supervision generally involves diagnostic tests with invasive or otherwise dangerous aspects.  One significant example of a test that requires personal supervision are contrast studies.

It is important to know what level of supervision is required for the test that is being performed. The level of supervision that is required for each test is included in the Physician Relative Value Fee Schedule.  The CMS web site includes a spreadsheet that designates the level of supervision that is required for a variety of services including diagnostic imaging services.  The spreadsheet includes a column for “physician supervision.”  The column indicates a numerical value with “1″ indicating general supervision, “2″ indicating direct supervision and “3″ indicating personal supervision.

 Physician practices and compliance officers should be certain that their policies are in line with CMS requirements for coverage of diagnostic radiology test. Radiology groups must be certain that the tests that they are charged with performing meet each of the requirements stated above. Radiology groups need to be certain that the test is ordered by the treating physician unless inapplicable exception is present, and that the appropriate level of physician supervision is met for the type of test that is being performed.

 For more information regarding the requirements for radiology services and other legal issues that affect radiology practices and providers, please contact John Fisher at the Ruder Ware Health Care Industry Practice Group.

Ambulatory Surgery Center – Anti-kickback Issues and Safe Harbor Regulation Compliance

More and more procedures are being performed in Ambulatory Surgical Centers. The CMS has recently expanded the procedures that it considers to be safely performed in an ASC. Clearly, the trend is to move many procedures to an outpatient facility unless the health care needs of the patient clearly require an inpatient presence. One of the primary sources of capital for these new ASC ventures is the physicians who are involved in performing procedures in the ASC or sending business to the ASC.

From a purely business point of view, it makes sense to have investors who have a direct financial interest in seeing that the business succeeds. However, from the point of view of the party paying for the care, this same financial interest can lead to an increased and arguably unnecessary levels of procedures performed in the facility.  For this reason, the Medicare and Medicaid program, and many states, have enacted the Anti-kickback Statutes and other anti-referral laws that prohibit, or at least limit, the financial interests that a referring provider can have with an organization where there is any control over the referral flow to that entity.

 Anti-Kickback Statute Prohibition

The Federal Anti-Kickback Statute proscribes the offering, payment, solicitation or receipt of any remuneration in exchange for a patient referral or referral of other business for which payment may be made by any Federal health care program. Violations of the Anti-Kickback Statute is a federal felony and can result in substantial prison time and criminal monetary penalties. Violation of the Anti-Kickback Statute can also serve as a basis for imposition of Civil Monetary Penalties. Enforcement of the Federal Anti-kickback Statute has been on the rise since the mid-1980s. Today, the federal government has made health care fraud one of its top priorities. We are hearing about new prosecutions on an almost daily basis as the government ramps up its enforcement through the creation of the HEAT program.

ASC Ownership and the Federal Anti-Kickback Statute

When we look at a typical Ambulatory Surgical Center venture, the primary concern is when the physicians (or hospital) who make referrals to the entity and provide services in the entity receive remuneration from the entity. This normally will involve remuneration in the form of a return on an investment interest. We are not concerned with the reimbursement applicable to the physician’s personally performed service.  What raises the issue is the physician receiving a portion of the technical component related to the use of the Ambulatory Surgery Center where the physician is in the position to make or influence referrals.  The referring physician may purchase an ownership or investment interest in the company that is set up to operate the ASC. The ASC can be set up with capital contributions from a number of physicians or it may involve a hospital sponsored ASC that seeks capital investment from physicians.

 Regardless of the exact structure, the Anti-kickback Statute will come into play to govern the structure and ongoing operation of the ASC. The ASC venture must be structured from the start to comply with the Anti-Kickback Statute. It must also be monitored on an ongoing basis to assure that it does not fall out of compliance with the Anti-Kickback Statute.

 ASC Safe Harbors – The Four ASC Types Qualifying For Safe Harbor Protection

 The ASC Safe Harbor regulations identify four types of Ambulatory surgery center structures that can meet safe harbor protection.  These four types of ASCs include Surgeon-Owned ASCs, Single Specialty ASCs, Multi-Specialty ASCs and Hospital/Physician ASCs.  Each category has different requirements that must be met in addition to the threshold requirements identified above that are applicable to all ASCs to meet the safe harbor.

• Surgeon-Owned ASCs

 Owners in a surgeon owned ASC can only include general surgeons or surgeons in the same surgical specialty.  The surgeons must be in a position to make referrals to the ASC and to perform surgical procedures in the ASC on the patients that they refer.  Each surgeon owner must meet a source of income test for the previous fiscal year or 12 month period.  Each surgeon must derive at least one-third of their total medical practice income from performing surgical procedures that require an ASC or Hospital surgical setting.  This does not require all of these procedures to be performed in the ASC in which they are an investor.  However, when the surgeons annual revenues are calculated at least one-third of the physicians medical practice revenues from all sources must be derived from the surgeon’s performance of procedures that are listed as Medicare covered services in an ASC.  The surgical services can be performed in an ASC or in a hospital outpatient department and are not limited to the procedures actually performed in the surgeon owned ASC.

• Single-Specialty ASC

This safe harbor permits physicians within the same specialty, whether or not they are surgeons, to invest in an ASC to which they refer their patients and perform surgical procedures on their patients in the ASC.  Group practices composed of a single specialty may also own and refer to their own ASC.

 Multi-Specialty ASCs

This safe harbor permits physicians who are in a variety of specialties to form an ASC and make referrals to the ASC.  Physician investors in multi-specialty ASCs must meet the one-third practice revenue test described above in relation to surgeon owned ASCs.  However, unlike surgeon-owned ASCs, physicians in multi-specialty ASCs must actually perform one-third of their ASC procedures in the ASC in which they hold an investment interest.  This has become referred to as the “one-third/one-third” test.  The reasoning behind this requirement is that in these types of ASCs, the physicians are actually using the ASC as an extension of their medical office and this does not create significant incentives to generate referral revenues for other investors.  Group practices composed exclusively of physicians who meet the one-third/one-third test may also invest in multi-specialty ASCs.

• Hospital/Physician ASC

Under this safe harbor, at least one hospital must be an investor in the Ambulatory Surgery Center.  The remainder of the investors must be physicians (or group practices) who meet the requirements for a surgeon-owned ASC. There are a number of additional requirements that must be met by physician/hospital ASCs.

Hospital Physician Owned ASC Safe Harbor Provisions

In a previous post, I discuss the requirements for a Hospital/Physician Owned Ambulatory Surgery Center to meet the ASC safe harbor requirements. Under the Hospital/Physician ASC safe harbor, at least one hospital must be an investor in the Ambulatory Surgery Center.  The remainder of the investors must be physicians (or group practices) who meet the requirements for a surgeon-owned ASC. There are some additional requirements that must be met by physician/hospital ASCs.

The ASC may not use an operating room, recovery room, or other space of the hospital unless it is properly leased from the hospital to the ASC under a lease agreement that meets the requirements of the safe harbor for space rental.  Likewise, any equipment provider by the hospital or services provided by the hospital must be pursuant to an agreement that complies with the equipment rental and/or services safe harbor provisions.

The hospital cannot be in a position to make or influence referrals to the ASC.  This excludes physicians who are employees of the hospital from becoming investors in the Ambulatory Surgery Center.  The hospital is also prohibited from including costs associated with the ASC in its Medicare cost report.

Summary

             The Anti-kickback Statute must be considered in any ambulatory surgical venture where potential referral sources could potentially receive remuneration of any kind.  The Anti-kickback Statute and safe harbors will have a large influence on the structure of most ASC ventures.  At the same time, the Anti-kickback Statute is not the only legal issue that must be considered when structuring ASCs.  In some cases, the Stark Law may be a consideration.  Even though ASC services are not “designated health services” under Stark, the ACS might provide other types of services that are covered by Stark.  Reimbursement issues may also have an impact on structure.  Where a hospital is involved, tax exempt tax issues will also play a role.

             For more information regarding Ambulatory Surgery Center structure and other health care law issues, contact John Fisher in the Ruder Ware Health Care Industry Focus Group.

Hospital Governance – Great Resource for Hospital Boards and Governance Issues

The post is just a health care “Resource Alert.”  The AHA has a great resource available on health care governance issues.  The Center for Healthcare Governance is loaded with useful resources and links for Board members and others who have an interest in the operation of health care boards and governance issues.

From the site:

Backed by the knowledge and resources of the American Hospital Association, the Center for Healthcare Governance (Center) provides state-of-the-art education, research, publications, services, tools, and other governance resources to help you achieve and maintain consistency and excellence throughout your governance program. Our community is dynamic and diverse, representing board members, executives, and governance advisors who are nationally recognized as the foremost voices in the practice of hospital and health system governance. We all share a common goal: to advocate and support excellence, innovation and accountability in health care governance.

The Center for Healthcare Governance is well worth checking out if you are looking for information on governance structure in the healthcare area.

 ESRD PPS Form CMS-265-11

Effective January 1, 2011, §153(b) of the Medicare Improvements for Patients and Providers Act (MIPPA) requires the implementation of a bundled ESRD prospective payment system (ESRD PPS). The ESRD PPS provides a single payment to ESRD facilities that will cover all of the resources used in providing outpatient dialysis treatment, including supplies and equipment used to administer dialysis (in the ESRD facility or at a patient’s home), drugs, biologicals, laboratory tests, training, and support services.

Form CMS-265-11 must be completed by all independent end stage renal dialysis (ESRD) facilities that are not hospital-based for cost reporting periods ending on or after January 1, 2011.   Submit the form to your fiscal intermediary (FI)/Medicare administrative contractor (MAC) (hereafter referred to as contractor) no later than the last day of the fifth month following the close of your cost reporting year.

OIG Fraud and Abuse / HEAT Program Videos

The Office of Inspector General is posting a series of video presentation on the HEAT program.  Topics covered include general information on health care fraud laws, the Anti-kickback Statute, the False Claims Act and dealing with investigations.  The OIG will be posting a total of 11 videos and audio podcasts that are part of the award-winning Health Care Fraud Prevention and Enforcement Action Team (HEAT) Provider Compliance Training initiative. The first educational presentation was posted on the OIG website the week of December 5.  New posting will be made over the next few months.

As of the time of this post, the OIG page includes 4 new videos.  One is an introduction to the new video program.  Other current videos cover the False Claims Act, Anti-kickback Statute and Program Exclusions.

You can access the OIG video web site here:  OIG Fraud and Abuse Videos

Through the OIG video presentation page, you can also access a series of 16 videos covering a variety of compliance related topics including:

Use if Safe Surgery Checklist – Implementing Safe Surgery Checklist

As discussed in previous posts, ASCs and hospital outpatient departments must begin using a Safe Surgery Checklist by January 1, 2012.  Certification will need to be made that the checklist was used throughout 2012.  The regulations contain little detail on what it actually means to “use” a Safe Surgery Checklist.  I have seen a variety of opinions on this issue ranging from simply posting it in the operating room through documenting each checklist item in the medical chart.

A relatively recent article in Outpatient Surgery online magazine may provide some level of guidance for providers who are struggling for an answer on the level of “use” that is required.  Check out the article on Safe Surgery Checklist integration

Specific Steps Needed to Establish a Compliance Program for a Physician Practice

 The Compliance Guidance for Physician Practices and the Federal Sentencing Guidelines provide useful information concerning the process that is required to develop appropriate compliance programs.  A health care compliance attorney, preferably with demonstrated knowledge of the compliance process through appropriate certification in health care compliance, can also be a terrific asset to help you design a program.  I may be repeating myself, but it is extremely important that you do not simply adopt a “canned” program and expect it to reduce your risks or be effective in the event that the government comes calling.  It is extremely important that you follow a systematic process for assessing risk and tailor your compliance program to address precise risk areas that are identified through the process.  It is imperative that you document in detail the steps that you take to develop your program.  When developing your program, and later while operating your program, you should at all times assume that someday you will be called upon to defend the program and demonstrate that it indicates a meaningful organizational commitment to the specific compliance risks that you face in your unique practice environment.

 Initial Needs Assessment

 As mentioned above, a compliance program should be developed with consideration for the actual risks that are present in the specific practice.  This requires the practice to perform a formal analysis that is aimed at identifying specific risk areas.  The extent of the needs analysis will depend on the size and complexity of the practice.  Methods of performing the analysis will range from a full blown “gap” analysis with scoring of various risk areas down to a more simple employee questionnaire that asks for input concerning risk from the perspective of individual employees.  In smaller, less complicated practices, such as a simple primary care practice, the needs assessment will be relatively simple.  More complex specialty practices will touch on a much broad array of risk areas.  Each item identified through your needs assessment will need to be prioritized and appropriately addressed in the compliance program.

 Establish Line of Responsibility for Compliance Matters

 The Federal Sentencing Guidelines require the appointment of a single individual with responsibility for compliance in the organization.  The individual should be a “high ranking” individual with direct access to the Board of Directors or other governing authority.  Smaller physician practices will generally designate one of the physicians as compliance officers.   A member of administration may be named compliance officer in larger clinics. 

 Ideally, the compliance officer should not be in-house counsel because of potential conflicts between the differing roles of advocate and compliance officer.  An attorney has ethical obligations to zealously defend the organization.  This will sometimes mean that the best course of action from a legal standpoint may be to “deny and defend.”  This will never be an appropriate course of action from the standpoint of a compliance officer whose primary job is to prevent compliance problems.  The compliance officer will work to bring problems to the surface and disclose them when they are uncovered.  This will often conflict with the role of general counsel.

 Certainly general counsel plays an important role in compliance, but not as compliance officer.  Most general counsel are already busy providing legal services to the organization.  Placing compliance under general counsel makes compliance a secondary function of the general counsel and fails to demonstrate adequate commitment to organizational compliance.  The “dual role” compliance officer will appear to work until a problem arises.  Several cases involving “dual role” compliance officers have been investigated by the Federal government.  Once an investigation commences, the organization generally quickly abandons the dual role compliance structure and appoints a dedicated compliance officer.  In the most visible cases, the general counsel was actually forced to resign and the organization settled the case by entering a Corporate Integrity Agreement that required the division of general counsel and compliance function.

 A practice may wish to consider creating a compliance committee in addition to appointing a compliance officer.  Establishing a committee can be very helpful to the organization gaining physician buy-in and demonstrating that the organization is serious about compliance issues.  As a practical matter, the compliance committee involves more individuals in the compliance process and can make the task of the compliance officer much easier.  In larger organizations, establishing a compliance or ethics committee is strongly recommended.  Smaller organizations should consider fulfilling this task at the Board level through regularly scheduled discussions of compliance issues.

 Adopt Standards of Conduct

 An integral part of the compliance program is the standards of conduct.  The standards of conduct should include simply stated standards, in terms that can be understood by all levels of employees and others that deal with the practice that provide information concerning the commitment of the practice to compliance matters.  The Standards of Conduct are not the place to get into legalistic discussions of the various laws that could apply to operations or present compliance challenges.  The Code of Conduct should be a summary that everyone can understand and should reflect the general tone of the practice’s commitment to honesty, integrity and legal compliance.

 Oftentimes the Standards of Conduct will include a personal introduction or letter from the highest ranking individual in the clinic which briefly explains the purposes of the Standards of Conduct and the practice’s commitment to legal compliance.  This helps to set the tone within the practice that compliance and ethical behavior are a core value and principal of the practice.

 Creating Your Compliance Plan

The compliance plan itself will provide detail in the seven areas of an effective compliance program as set forth in the Federal Sentencing Guidelines.  The Compliance Plan will normally cover each of the seven areas.  Additionally, there may be a more detailed discussion of some of the laws that may apply to the specific practice.

 Setting Up Your Internal Reporting Mechanism

 One of the primary elements in a Compliance Program is the creation of a system that permits employees and others to provide information regarding potential compliance issues without fear of retaliation.  In larger organizations, multiple pathways permitting employees to make anonymous complaints should be maintained.  Oftentimes providers use 24 hour compliance “hotlines.”  Online reporting systems or “drop boxes” are also commonly used.  Whatever system is used, it is crucial that employee understand that they are encouraged to provide information and that there is a clear prohibition against others in the organization retaliating against them for providing information.  It should also be made clear to employees that wherever possible the identity of the person providing the information will be kept confidential.

 The establishment of the compliance reporting process and communication to employees that retaliation will not be tolerated is a central element to an effective compliance program.  Such a system will help the practice obtain valuable information, hopefully early on, before the issue becomes a big problem.  Additionally, the openness of the program will send a strong signal to the outside world, such as government regulators, that the organization takes compliance seriously. 

 If information is obtained through the hotline system it must be taken seriously.  Certainly not every piece of information will be reflective of a serious compliance problem, and an employee could potentially have other motives for making a compliant.  Regardless, it is crucial that the information be acted upon and that the action be documented.  If the compliance officer concludes that there were alternative motivations for the complaint, that fact should be substantiated and documented.  If an objective investigation indicates that there could be a compliance issue, the matter needs to be pursued through an appropriate outcome.  Depending on the circumstances and the result of a thorough investigation, the outcome could range anywhere from additional training through a self disclosure to the government.

 Internal Compliance Policies and Procedures – Enforcement

 One of the elements required by the Federal Sentencing Guidelines and described in all of the OIG industry specific Compliance Guidelines is that the Compliance Program include a mechanism to deal with compliance problems as they are discovered.  In some cases the appropriate action may be a change in policies and further education.  In more extreme cases of compliance violations should lead to employment discipline of various degrees depending on the nature and extent of the violation.  Other cases will require full disclosure to the Federal government and repayment of overpayments and possible penalties.

 It is important that your compliance program fit seamlessly with your employment policies.  Part of developing a compliance program is adopting suitable employment standards that let employees know what to expect from an employment standpoint if they are found to be engaged in compliance infractions.  These policies need to be communicated to employees as part of their training, both so they know the potential employment implications of compliance infractions, and so employees understand how seriously compliance issues will be taken by the organization.

 Governing Board Approval of Compliance Plan and Policies

 When it comes to compliance matters, the “buck stops” with the board of directors or other governing body of the organization.  The governing body should be involved in the creation and adoption of all policies and procedures.  The governing body and top management should take all actions necessary to make compliance a top priority within the organization.  The board should issue an initial resolution regarding compliance at the inception of the process of creating a plan.  The resolution should indicate the commitment of the governing body to compliance.  It should also allocated sufficient funding to the establishment and operation of the compliance program.  All of these actions indicate the organization’s commitment to compliance.

 During the development stage, the governing body should be kept in the loop.  Frequent reports should be provided to the governing body and input into the process should be provided by the governing body.  The governing body should approve the steps that are taken in writing.  If further direction comes from the governing body, it is recommended that the direction be placed in writing.  This will indicate the ongoing input from the governing body and further solidify the organization’s commitment to compliance.

 The governing body should also assist with other professionals in the organization “buying in” to the compliance efforts.  It is very helpful for the governing body to be proactive in compliance issues and set the tone for the “compliance spirit” within the entire organization.

 Internal Documentation and Systematic Approach 

 It is extremely important for the organization to take a systematic approach to both developing and operating a compliance program.  Each step of the formation process, from the initial planning stage through final implementation, should be documented with a great deal of detail.  The information should be presented to the governing body for review periodically through the implementation stage and the governing body should approve and adopt the information and provide additional suggestions and directives to the compliance officer.

 When establishing and operating your compliance program, keep in mind that it is very possible, if not highly likely, that someday you will be called upon to defend the actions that you took to establish and operate the program.  This is a very useful mindset to have while you are performing compliance functions.  We often advise organizations to act as if the organization is actually under a Corporate Integrity Agreement and to document each steps as if they are providing the information directly to the government.

 Educating and Training Your Staff

 Another key element of an effective compliance program is to have an ongoing education and training program for employees.  Training should occur at the inception of the program and upon commencement of employment by any new employees.  Additionally, the organization should adopt an ongoing training program to provide period refreshers of basic issues and the requirements of the program.  Additionally, topic-specific training should occur based on compliance risks or problems that are identified through the operation of the compliance program.

 Ongoing Monitoring, Auditing and Assessment

 It is important that the compliance program be seen as a continual process within the organization.  Adopting a compliance program and then leaving it sit on the shelf will be of little if any effect.  In fact, failing to adopt compliance as a process rather than a static “form” can present the organization with more risk than failing to adopt a compliance program at all because the compliance program that is not actively “worked” sets expectation and requirements that will not be met.

 The organization should adopt an effective ongoing process to monitor and audit the organization for compliance difficulties.  Risks areas that are identified by the monitoring process need to be reinforced with amendments to the compliance program, action by the governing body, potential internal discipline, additional training, and in extreme cases, self reporting to the federal government.

 In The End

 The process of developing an effective compliance program will not be without some pain, internal resistance, and resources.  The payoff will often not be as apparent as the effort that it takes to develop and operate an effective program.  The risks you are avoiding can be very difficult to see or quantify.  However, the failure to confront and mitigate those risks can be devastating to your organization.  Repayment obligations for false claims are generally three times the amount of the claims plus $15,000 per claim.  It is shocking how fast the penalties add up.  Extreme cases of fraud can also lead to criminal investigation and prosecution.  Recently enacted health care reform legislation makes it easier in a number of ways for the government to bring criminal prosecutions in the health care area.

 Now that compliance programs are becoming mandatory for most providers, including physician practices, it is necessary for providers to confront these issues.  Do not make the mistake of taking this task on in a half-hearted manner.  The result will not provide you with any of the benefits of an effective compliance program and can actually hurt you if a problem ever arises.  Even though the date for adopting mandatory compliance plans for physicians is not yet upon us, you should start now to assure that your program is effective and that you have time to develop the appropriate “buy-in” by professionals in your practice.  The proper process as identified above cannot be accomplished by taking “canned” compliance policies and adopting them.  You must go through the steps necessary to develop a meaningful program.

Basic Elements of An Effective Compliance Program

Developing a compliance program that will be effective to reduce internal and external risk is a “practice specific activity.”  There is no “one size fits all” compliance program and there is no good “off the shelf” form solution.  There are certainly vendors, consultants and lawyers out there who would like you to believe that you can take a form, make a few changes and fill in a few blanks, and create an effective compliance program for your organization.  This approach really misses the point of what is required in order to develop and effective program.  Certainly the written plan is an important and necessary part of the compliance effort.  However, even more important is the process that you go through to develop the compliance plan.

 Establishing a compliance program requires you to perform a risk assessment on your specific organization and document the outcomes of that assessment.  The risk assessment could take many forms.  Compliance professionals talk about a “gap analysis” which is an approach to help determine the vulnerabilities of your organization.  A lawyer or compliance professional that has specific training and background in performing legal risk analysis can help you design an appropriate risk analysis process.  The primary point here is that this process needs to be organization specific rather than based on a pre-canned form.  You need to score your areas of risk and provide emphasis to appropriate areas of risk that are identified through your risk assessment.

 All compliance programs will have language regarding compliance with fraud and abuse, anti-kickback statutes, HIPAA and other health care laws.  It means virtually nothing to simply adopt a pre-canned policy without backing the policy up with the process that the practice went through to identify the specific risks that it faces given the specific nature of its practices, size, and specific personalities involved in the operation.

 As mentioned above, the Office of Inspector General has issued general industry guidance on compliance program development and one such guidance relates to physician practices.  This guidance, plus the general requirements of the Federal Sentencing Guidelines, provide general elements that are necessary to make a compliance program effective.  There are generally seven (7) basic core elements that are required of an effective compliance program including:

•  Adoption of written guidelines and policies to promote the organization’s commitment to compliance;
•  Identification and appointment of a high ranking individual within the organization to serve as compliance officer;
•  Establishment of anonymous reporting systems, preferably through multiple pathways, to encourage individuals to make complaints regarding compliance items without fear of retaliation;
•  Effective education and training programs for all levels of employees and others with close relationships to the organization;
•  Ongoing auditing systems to assess the effectiveness of the compliance program and to provide input into areas that require additional emphasis;
•  Mechanisms to enforce the requirements of the compliance program and to discipline employees for violations of the organization’s commitment to compliance; and
•  An ongoing system of program modification based upon audit, feedback and experience that can further adapt the compliance policies to the specific issues faced by the organization.

 Establishing Commitment From the Top of the Organization

 An important and often overlooked aspect of developing a compliance program is the need to obtain commitment from the top of the organization.  Many times in a physician practice this will mean the physician owners of the practice.  It is important that the physician have a clear understanding of the need and benefit of establishing a focused compliance program.  There will inevitably be initial expenditures involved with establishing a compliance system.  In some cases it may even necessitate retaining additional staff.  There will almost certainly be fees to outside attorneys and consultants if the organization is not large enough to hire the needed expertise internally.  It is important that sufficient resources be allocated to compliance and that the physicians and administration understand that in the long term, these expenditures will pay off by reducing the risk of institutional compliance problems.  The difficulty is that if the compliance program works to reduce risks, there will never be a serious event that proves the benefit of the expenditures.  However, if an event occurs in the future and there is no compliance program in place, the regrets will be very deep because compliance issues are much more difficult to solve if there is no compliance plan in place.

 As a practical matter, the institutional “buy-in” is often the most difficult hurdle to overcome.  It is somewhat easier now that compliance plans are becoming mandatory.  Yet there is still risks associated with under-funding compliance activities or providing enough resources to do the “bare minimum” when it comes to compliance due to a reluctant attitude on the part of physician leaders who are now being forced to develop compliance programs that they have not fully embraced. 

 Certain groups may be in a position that they have not been dependent upon institutions who have implemented compliance programs.  Some practices completely reject policies and procedures of any kind that could bind the physicians in their practices.  These organizations present the greatest challenges and unfortunately the greatest potential risk of violations of federal and state laws occurring due to the low level of leadership embracing appropriate compliance activities.  Even as these groups are forced to adopt compliance programs, they present the greatest residual risk because of a low level of physician commitment.

 We suggest that physician practices begin the process of implementing formal compliance programs immediately to provide more time to gain physician commitment and appropriately assess the risks associated with the specific practice.  It takes a great deal of time to develop a system for establishing compliance programs, perform a “gap analysis” or other baseline analysis, perform employee interviews and take other steps to identify specific risk areas.  Developing a compliance program is much more than simply adopting a form compliance program.  Even though the precise effective date that compliance programs will become mandatory for physician practices has not yet been set, providers should consider this time a gift to permit them to develop appropriate policies rather than a reprieve.

About The Author

This article is part of a multiple part series by Health Care Attorney John Fisher, CHC on compliance programs for physician practices.

John Fisher, JD, CHC  is a seasoned health care attorney and is certified in Health Care Compliance by the Health Care Compliance Association.  Mr. Fisher is available to assist physician groups and other health care providers nationwide in the development and operation of Compliance Programs.

Mr. Fisher has significant experience in the various legal and regulatory matters that are faced by physicians including the Stark Law, Anti-Kickback Statute and Safe Harbors, Medicare and Medicaid reimbursement rules, HIPAA, False Claims Act, antitrust laws, employment laws, contract matters, business ventures and laws governing financial relationships between physicians, and others.

Mr. Fisher practices with the Ruder Ware law firm in Wausau, Wisconsin.  His practice on compliance and Federal Law issues is nationwide.

Expected Requirements For Physician Compliance Programs

We expect HHS to establish compliance program core elements that continue to track prior OIG guidance and the federal Sentencing Guidelines elements for an effective compliance program when developing required compliance program elements for other providers/suppliers. The OIG issued compliance guidance for Individual and Small Group Practices in October of 2000 (“Physician Practice Guidelines”).  The Physician Practice Guidelines include some degree of “scalability.” OIG has indicated in the past that what may constitute effective compliance measures for a large, complex organization may be unnecessary for a small physician practice or supplier. The Physician Practice Guidelines indicate that the “guidance for physicians does not suggest that physician practices implement all seven components of a full scale compliance program.”  The extent of required compliance activities will depend on the size of the provider and the scope and complexity of the practice.  There is no “one size fits all” solution.  In order to be effective, a compliance program will need to be based on the specific risks and factors associated with the practice.

 We recommend that physician groups begin the process of establishing compliance programs as soon as possible and that they not wait for final regulations.  Compliance programs are a good way for physician practices to reduce risk associated with fraud and abuse and other legal matters that present risk to their operations.  It makes sense for physicians to begin development now to provide ample time for creation of appropriately scaled policies and input from various personnel in the group. 

 It is clear that simply adopting written policies will not be adequate to meet the requirements of the mandatory compliance obligations.  Rather, physician practices will need to establish an ongoing system of monitoring their operations for compliance issues and modifying practices based on the specific factors present in the practice environment.  The development of compliance policies require consideration of the seven (7) core elements of effective compliance programs as contained in the Federal Sentencing Guidelines and in the various industry guidance that have been released by the Office of Inspector General, including the Physician Practice Guidelines.

 The Physician Practice Guidelines provide some guidance to direct the structure of compliance programs for physician practices.  However, every practice is different and must go through the process of identifying risk areas that are applicable given the precise makeup and personalities involved in the practice environment.  Simply adopting “canned” compliance policies will be largely ineffective.  The practice needs to document the entire process of creating policies, perform “gap analysis” or other suitable analysis of the precise risks that are faced by the practice, document commitment and involvement from the highest levels of the practice, and train staff and others on the obligations and nature of the compliance program.

 About The Author

This article is part of a multiple part series by Health Care Attorney John Fisher, CHC on compliance programs for physician practices.

John Fisher, JD, CHC  is a seasoned health care attorney and is certified in Health Care Compliance by the Health Care Compliance Association.  Mr. Fisher is available to assist physician groups and other health care providers nationwide in the development and operation of Compliance Programs.

Mr. Fisher has significant experience in the various legal and regulatory matters that are faced by physicians including the Stark Law, Anti-Kickback Statute and Safe Harbors, Medicare and Medicaid reimbursement rules, HIPAA, False Claims Act, antitrust laws, employment laws, contract matters, business ventures and laws governing financial relationships between physicians, and others.

Mr. Fisher practices with the Ruder Ware law firm in Wausau, Wisconsin.  His practice on compliance and Federal Law issues is nationwide.

Mandatory Compliance Programs for Physician Practices

 Steps Necessary to Implement an Effective Compliance Program

 John H. Fisher, J.D., C.H.C.

 It is no secret that the government is becoming increasingly aggressive in its enforcement efforts against health care providers.  At the same time, regulations are becoming more complicated.  The combination of these two forces means that many unknowing providers are being caught up in costly investigations of their practices.  The government is taking a “return on investment” approach to health care fraud and is seeing a good return on every dollar that they put into the efforts.  As a result, we cannot expect fraud enforcement to decrease any time soon.

 For this reason, it is important that providers, including medical practices, develop and operate systems to help them comply with governmental regulations and third party payer billing requirements.  The development of a formalized compliance program has become an indispensible part of the risk management process of medical practice.  Failure to maintain compliance can lead to an increase in reimbursement disputes, increased uncollectable fees, more demands for repayment, civil litigation and in extreme cases, potential criminal prosecution.  Matters to be addressed in compliance programs include not only billing practices but also anti-kickback compliance, state and federal self-referral prohibitions, state fee-splitting laws, licensure and accreditation requirements, labor relations matters, antitrust and price fixing prohibitions, HIPAA and medical records issues and a whole host of other state and federal laws.

 Formalized compliance programs first began appearing in the late 1990s as a way to minimize risk in primarily large institutions.  Compliance programs are a child of the Federal Sentencing Guidelines which factors in the adoption of 7 pillars of an effective compliance program when a health care organization is facing potential institutional criminal penalties for legal violations.  Formal compliance programs were more deeply woven into the fabric of many organizations as the Medicare Office of Inspector General began releasing compliance guidance directed toward specific segments of the health care industry in the late 1990s and continuing through the mid 2000s.  One of the industry segments that the OIG has specifically addressed in its published compliance guidance are physician practices. 

 Acffordable Care Act Mandates Formal Compliance Programs

 Even though compliance programs have not traditionally been mandatory, over the past ten years, formal compliance has become industry “best practices” for virtually all segments of the health care industry.  Compliance guidance for physician practices was issued by the Office of Inspector General in 2000.  Since that time, many physician practices, especially more complex specialty practices, have developed some sort of compliance plan.  Although compliance plans have not previously been mandatory, they have become “industry standard” as a way to minimize risks associated with health care regulations such as the Health Insurance Portability and Accountability Act of 1996, the Medicare and Medicaid Fraud and Abuse Laws, Anti-kickback Statute, Civil Monetary Laws, False Claims Act, the Clinical Laboratory Improvement Act and all other state and federal statutes, regulations and directives that apply to the operation of a complex physician’s practice.

 Section 6401 of the Patient Protection and Affordable Care Act of 2010, as amended by the Health Care Education Reconciliation Act of 2010 (the “Affordable Care Act”) requires HHS and the Office of Inspector General to promulgate regulations that require most healthcare providers and suppliers to establish compliance programs.  The compliance programs are intended to be “effective in preventing and detecting criminal, civil, and administrative violations” under the Medicare and Medicaid laws and other laws that govern operations.

Under the Affordable Care Act, physicians and group practices, along with other relatively small providers, will be required to establish compliance programs as a condition of enrollment in the Medicare program.  Early versions of the Affordable Care Act included an exception for physicians which was deleted from the version of the Act that was signed into law.  We know that the mandatory compliance program requirement will apply to physician practices absent further legislative action.

 The Affordable Care Act’s compliance program mandates are divided into two categories: (1) requirements for nursing facilities and (2) requirements for all other providers and suppliers. The nursing facility compliance program provisions in the Affordable Care Act are relatively detailed and contain a specific timetable for implementation.  The statutory requirements pertaining to other types of health care providers do not provide any time frame for implementation but rather leave this issue to the discretion of HHS. 

 HHS is required to issue regulations creating a timetable and basic core compliance program requirement.  These matters are to be addressed in regulations that are yet to be published.  Medicare & Medicaid Services (CMS) officials have made public statements that indicate that the agency expects to issue the mandatory compliance program requirements on a rolling basis. There is no additional information on the expected timetable for application of the mandatory compliance program requirement at this time, but most professionals in the industry expect regulations to be out by early in 2012.

About The Author

This article is part of a multiple part series by Health Care Attorney John Fisher, CHC on compliance programs for physician practices.

John Fisher, JD, CHC  is a seasoned health care attorney and is certified in Health Care Compliance by the Health Care Compliance Association.  Mr. Fisher is available to assist physician groups and other health care providers nationwide in the development and operation of Compliance Programs.

Mr. Fisher has significant experience in the various legal and regulatory matters that are faced by physicians including the Stark Law, Anti-Kickback Statute and Safe Harbors, Medicare and Medicaid reimbursement rules, HIPAA, False Claims Act, antitrust laws, employment laws, contract matters, business ventures and laws governing financial relationships between physicians, and others.

Mr. Fisher practices with the Ruder Ware law firm in Wausau, Wisconsin.  His practice on compliance and Federal Law issues is nationwide.