Mandatory Compliance Programs – Is Your Practice Ready?

The Office of Inspector General has encouraged health care providers to adopt compliance programs since the late 1990s.  Most larger organizations have implemented compliance programs as a way to detect and mitigate risk of non-compliance and to reduce penalties if a problem is detected.  However, many smaller providers, such as physician practices, have not adopted any type of formal compliance program.  The Patient Protection and Affordable Care Act (the “PPACA”) makes compliance programs mandatory for the first time  for all suppliers and healthcare providers enrolled in federal healthcare programs. Providers of all sizes will be required to certify that they have an effective compliance program in place as a condition of participation of federal healthcare programs.

The Office of Inspector General is charged with issuing regulations that define the core elements that providers must implement in order to certify compliance with the mandatory compliance program requirement.  The first set of regulations have been issued relative to nursing home who must certify their compliance programs as of 2013.  Regulations addressed at other provider types have not yet been issues but are expected soon. We can expect that the regulations will be similar to the guidance that has been provide by the OIG covering various industry sectors over the years.

Requirements for nursing home compliance plans have been released.  The nursing home regulations require the following:

• The adoptions of formal written compliance policies, standards and procedures that are effective at reducing the risk of compliance violations.
• The assignment of compliance responsibility to a Specific individual within the organization.  The individual should be a high ranking member of the management team and should report directly to the governing body.
• The compliance program must be adequately funded to assure its proper operations.
• Systems must be put in place to assure that authority is not delegated to individuals who may show a propensity to commit compliance violations.  For example, a program should be put in place to screen employees, staff members, vendors and others against OIG and GSA exclusions lists.
• The program elements and the ability to report compliance violations must be stressed and an atmosphere of compliance should be created.
• A strong system of anti-retaliation for individuals reporting compliance concerns must be maintained and communicated throughout the organization.
• Effective communication of the standards and procedures to all employees and required participation in training programs.
• Systems of monitoring and auditing should be put in place to help detect potential practices that could lead to compliance violations.
• Disciplinary processes must be maintained in order to enforce the compliance program.  Discipline should be coordinated with existing policies and procedures regarding employee discipline.
• The compliance program should “learn from itself.”  In other words, systems of corrective actions should be put in place that includes revisions of policies and procedures based on compliance concerns that are detected or reported.
• Continued review of the effectiveness of the compliance program should be undertaken.  Simply having a compliance program in place is not sufficient.  The organization must assure that the program is effective by continually reassessing and testing the program.

The exact date that compliance programs will become mandatory is not yet certain.  Nevertheless, enforcement activity is on a rise.  Prudent providers will take proactive efforts to reduce their compliance risks.  This includes that creation of an effective compliance program that is specifically tailored to the compliance risks associated with the specific provider.  Many smaller providers have never contemplated creating such a program in the past.  Mandatory requirements, increased enforcement activities and penalties, are all factors forcing providers to take proactive steps to reduce their exposure.  This creates a disproportionate burden on smaller providers such as small group practices.  At the same time, the OIG has in the past recognized that smaller organizations do not need to go to the same extremes as larger systems to meet their compliance obligations.  In other words, compliance programs are permitted to have a degree of scalability and allow for the size and resources of the organization.  It is critical for small providers to know where to place their compliance resources.  A “shotgun” approach will provide very little benefit.  Creating an overbroad plan that can never be operationalized does nothing more than create a roadmap leading authorities to the actions that your organization is not taking.

It is most prudent for providers of all sizes to have some level of compliance plan in place sooner rather than later.  A well focused plan scaled to your biggest risk areas is much better than a robust plan that you can never operationalize.  The point is to start with your compliance efforts and build upon them as time passes and new risk areas are identified.  Your plan should be structured to operationalize the identification of risk areas and address them as they arise in your practice.

The False Claims Act – Application of the Lincoln Law to the Health Care Industry

 When Congress originally passed the False Claims Act (31 USC §§ 3729-3733), no one had the health care system in mind.  The False Claims Act was also commonly referred to as the “Lincoln Law”.  The original law was focused on unscrupulous vendors who provided overpriced and often faulty supplies to the military during the Civil War.

The law was unique in several ways; not least of which was the creation of “qui tam” rights.  Qui tam provisions permit individuals to bring suit alleging false claims and to retain a portion of the award.  The amount of potential award available to a qui tam claimant depends on whether the government chooses to take over the case after it is brought.

The False Claims Act was strengthened in 1986 in response to some of the much publicized $1,000 toilet seats and other abuses with respect to companies supplying the United States military.  The 1986 amendments to the False Claims Act provided for treble damages plus civil penalties of between $5,000 and $11,000 per claim.  These legislative changes were intended to add real incentive for “qui tam” litigants to bring fraud claims.

The health care industry was never the real target of the False Claims Act.  In fact, when the original “Lincoln Law” was passed in the 1860’s, there was no federal health care program in existence.  From the inception of the False Claims Act through the 1986 amendments, the primary target had been the suppliers to the defense industry.  The defense industry generally makes claims on a monthly or other periodic basis for large amounts of supplies.  Although the 1986 amendments added substantial penalties for making false claims, the impact on the defense industry does not come close to matching the impact on health care providers.

In health care, a single hospital may make hundreds of claims to the federal government per day.  False claim allegations can cover a number of years, greatly increasing the number and value of claims that may be at issue.  When treble damages plus $5,000 to $11,000 per claim are applied on top of the actual amount of a “fraudulent” claim, the obligation amount can become staggering.

The extension of the False Claims Act liability to areas such as Stark Law and Anti-Kickback Statute liability indicate how extreme the sanctions can be.  By way of example, take one physician who is determined to have been compensated at significantly over fair market value.  Assume that the excessive compensation creates a violation of the Anti-Kickback Statute and the Stark Law.  The Affordable Care Act clarified that claims made in violation of these laws create a cause of action under the False Claims Act.  Potential damages would be three times the total value of claims attributable to services of the overpaid physician, plus between $5,000 and $11,000 per claim.  You can see that the potential damages would cause grave financial impact on the hospital.  This is the type of thing that keeps compliance officers awake at night.

Even though the False Claims Act was not originally designed to target the health care industry, there does not seem to be any momentum toward making legislative.  To the contrary, the government is quite content to leave these disproportionate penalties in place as part of its effort to reduce cost of health care (and to generate additional revenues) by assessing astronomical fines against health care providers and to hold these penalties over their heads to force health care providers to take extreme actions to prevent compliance problems.  The government is taking a “return on investment” approach to health care fraud enforcement.  The False Claims Act allows the government to put its thumb on the scale in the “return on investment” game.  The qui tam provisions provide the government with “quasi agents” who may be disgruntled employees or others who can scout out potential claims, bring them to the governments attention, and take a piece of the financial reward.

Providers have only one real way to reduce the disproportionate impact of the False Claims Act on their operations.  This is to create an effective compliance program that proactively detects problems so they can be addressed and corrected before they create excessive risk.  Compliance programs are an outgrowth of the federal sentencing guidelines that permit reduced corporate penalties for fraud if an “effective” compliance program will actually reduce the risk of a violation occurring or depending because it forces the organization to proactively look for compliance problems and correct them before they become insurmountable.  An effective compliance program will also include regular training to staff which also reduces the risk of compliance problems.

The Affordable Care Act made compliance programs mandatory for most health care providers.  Nursing homes are the first to be effected in 2013.  Other types of providers will subject to mandatory compliance programs as regulations are rolled out over the next few years.  Providers will be required to maintain an effective compliance program as a condition of participation in the Medicare program.  It is strongly recommended that all providers begin development of compliance programs now.  It will take time to tailor compliance programs to fit the specific risk areas associated with your business.  You will be required to certify not only that you have established a compliance program, but that the program is effective.

Attorney John Fisher Receives Certification in Health Care Compliance

Attorney John H. Fisher II, a health care attorney with Ruder Ware in Wausau, Wisconsin, has obtained certification in health care compliance.  Mr. Fisher will now carry the designation of CHC (Certified Healthcare Compliance).  The certification is provided by the Health Care Compliance Association (“HCCA”), a national organization based in Minneapolis.  Mr. Fisher is the fourth attorney resident in the State of Wisconsin to obtain this certification.

The HCCA defined the CHC designation as follows:

 The CHC© is a professional with knowledge of relevant regulations and expertise in compliance processes sufficient to assist the health care industry to understand and address legal obligations, and promote organizational integrity through the operation of effective compliance programs.

The HCCA also states that:

The purpose of certification is to promote health care compliance through the certification of qualified health care compliance professionals by:

1. Recognizing formally those individuals who meet the eligibility requirements of the CCB and pass the Certified in Healthcare Compliance© (CHC©) Examination.
2. Encouraging continued personal and professional growth in the practice of health care compliance.
3. Providing a national standard of requisite knowledge required for certification; thereby assisting employers, the public and members of the health professions in the assessment of a health care compliance professional.