Health Law Blog - Healthcare Legal Issues

Posts Tagged ‘Compliance Program Structure’

OIG Work Plan New Hospital Issues Added For 2013

Thursday, October 4th, 2012


OIG 2013 Work Plan – Hospital Issues Aded To OIG Work Plan

Hospitals—Inpatient Billing for Medicare Beneficiaries (New)

Hospitals—Diagnosis Related Group Window (New)

Hospitals—Non-Hospital-Owned Physician Practices Using Provider-Based Status (New)

Hospitals—Compliance With Medicare’s Transfer Policy (New)

Hospitals—Payments for Discharges to Swing Beds in Other Hospitals (New)

Hospitals—Payments for Canceled Surgical Procedures (New)

Hospitals—Payments for Mechanical Ventilation (New)

Hospitals—Quality Improvement Organizations’ Work With Hospitals (New)

Hospitals—Acquisitions of Ambulatory Surgical Centers: Impact on Medicare Spending (New)

Critical Access Hospitals—Payments for Swing-Bed Services (New)

Long -Term-Care Hospitals—Payments for Interrupted Stays (New)


Issues That Continue To Be On OIG Radar

Hospitals—Same-Day  Readmissions

Hospitals—Acute-Care Inpatient Transfers to Inpatient Hospice Care

Hospitals—Admissions With Conditions Coded Present on Admission

Hospitals—Inpatient and Outpatient Payments to Acute Care Hospitals

Hospitals—Inpatient Outlier Payments: Trends and Hospital Characteristics

Hospitals—Reconciliations of Outlier Payments

Hospitals—Duplicate Graduate Medical Education Payments

Hospitals—Occupational-Mix Data Used To Calculate Inpatient Hospital Wage Indexes

Hospitals—Inpatient and Outpatient Hospital Claims for the Replacement of Medical Devices

Hospitals—Outpatient Dental Claims

Hospitals—Outpatient Observation Services During Outpatient Visits

Critical Access Hospitals— Variations in Size, Services, and Distance From Other Hospitals

Inpatient Rehabilitation Facilities—Transmission of Patient Assessment Instruments

Inpatient Rehabilitation Facilities—Appropriateness of Admissions and Level of Therapy

Compliance Program Best Practices

Wednesday, July 11th, 2012

Compliance Program Best Practicescompliance programs - best practices in compliance

 Given the increased importance of compliance, it is helpful for providers to get a feel for what constitutes “best practice” when operating a compliance program.  “Best Practices” is a term that is thrown around all of the time in the business world.  It is used in many contexts and takes on a variety of meanings depending on who is using it and for what purpose.  Wikipedia defines “best practices” as follows:

 Best practices are generally-accepted, informally-standardized techniques, methods or processes that have proven themselves over time to accomplish given tasks. Often based upon common sense, these practices are commonly used where no specific formal methodology is in place or the existing methodology does not sufficiently address the issue. The idea is that with proper processes, checks and testing, a desired outcome can be delivered more effectively with fewer problems and unforeseen complications. In addition, a “best” practice can evolve to become better as improvements are discovered.  Best practice is considered by some as a business buzzword, used to describe the process of developing and following a standard way of doing things that multiple organizations can use.

 As I was thinking about the concept of “best practices” in health care compliance, the Wikipedia definition seems to fall al little bit short of what I would have in mind when discussing “best practices” in health care compliance programs.

 The Miriam-Webster Dictionary defines “best” as the superlative form of “good.”  “best” means “excelling all others” and “offering or producing the greatest advantage, utility, or satisfaction.”  I believe that the definition from Wikipedia is an accurate depiction of what the term “best practices” has become in the business world.  The term has been thrown around loosely to the  point that it no longer carries the meaning of the plain words that make up the two word “buzzword.”

 In the health care compliance context, I believe that it is not advisable to direct your efforts toward the standard “buzzword” meaning of “best practices.”  Instead, you should focus toward attempting to achieve the meaning of “best practices” that is tied to the superlative form of the word “good.”  You should not focus on the “we are doing what everyone else is doing” or the “what we are doing will pass by in most cases” version of best practices when looking at your compliance plan.  The consequences of that approach could easily come back to bite you in the superlative.

 In reality, you may never be able to meet the truly “best” standard.  However, the point of the compliance program requirement is that you are trying to make your compliance program and your organization “the best” when it comes to compliance.

Mandatory Compliance Programs – CMS Regulatory Requirements

Monday, July 9th, 2012

Supreme Court Says “Game On” for Mandatory Compliance Programs

Compliance programs were made mandatory for all providers as a condition of participation in the Medicare program under the patient protection and affordable care act of 2010. With the recent Supreme Court decision upholding the affordable care act,  any uncertainty as to whether the mandatory compliance programs will become a reality has been lifted.

The affordable care act also required the CMS to promulgate regulations that establish the core elements for providers and suppliers to meet with respect to the mandatory compliance programs. CMS is authorized to determine the timing and core elements of the required compliance programs. The first industry segment that are required to adopt compliance programs are nursing facilities which must comply with mandatory compliance program requirements by March 23, 2013. However, CMS missed it statutory deadline (March 23, 2012) for promulgating detailed regulations to guide nursing facilities in the creation of compliance programs. It is expected that these regulations as well as the requirements for other providers will be forthcoming soon now that the Supreme Court has upheld the Affordable Care Act.

The Office of Inspector General has in the past issue compliance program guidance for various industry segments.  We can expect at least some of these requirements to be part of the regulatory clarification coming from CMS under its authority to enforce mandatory compliance programs. We can also expect additional requirements to be added based upon a parallel recent promulgation from CMS that is applicable to Medicare advantage managed-care plans and prescription drug part D plan entities. Although not directly applicable to organizations other than Medicare Advantage Programs and Part D prescription drug programs, the regulatory proposals are instructive of the current thinking of CMS with respect to required elements of compliance programs.

Some key elements of the recent regulatory proposal which were not included in previous OIG compliance program guidance include:

  •  A strong recommendation that there be standardized process for the governing body to review the compliance program documents at least annually. Current guidance is much more permissive and only suggests periodic reviews. The new regulations would require a complete effectiveness review and a detailed “gap analysis” to the Board of Directors on an at least an annual basis.
  • More details concerning distribution of standards of conduct and policies and procedures to new employees. The new proposed regulations required distribution of these materials within 90 days of initial hire and at least annually thereafter.  Distribution of policies and procedures will be an “obligation” rather than simply a “suggestion” once the new proposed regulations are finalized.
  •  The proposed regulations contain the clearest statement to date from CMS that “dual role” compliance officers, where the compliance officer is also the CFO, CEO or General Counsel, present a built-in conflict of interest and are not permitted. This has been a controversial topic in the past as many organizations still maintain their general counsel as their compliance officer. If the recent proposed regulations are any indication, many “dual role” compliance officers will be the way of the past. It appears that it will still be permissible for divisional  managers, such as quality assurance managers, to act in a dual role. However, operational management will not be permitted to act in his rules. This clearly includes CFOs, COOs and General Counsel who are specifically mentioned in the proposed regulations

There are many additional details that are contained in the most recent proposed regulations. There’s every indication that these proposed regulations are a foreshadowing of the eventual requirements that CMS will release under the mandatory compliance program authority that will be applicable to other providers such as nursing homes, physician groups, hospice, DME providers and other health care providers.

In view of these pending requirements and in light of the apparent expansion of compliance program requirements that is being hinted at by CMS,  providers should conduct an effectiveness review of their compliance programs now and begin the ongoing process of conducting such reviews on an at least an annual basis.  Reviews should be conducted with the requirements of the new proposed regulations in mind.

Small organizations, such as physician practices and smaller healthcare organizations should begin immediately to implement scalable compliance program structures that are focused on the specific risk areas that affect their organizations and begin to create an infrastructure for an effective compliance program.

 Organizations who still have their General Counsel, CFO, or COO acting as their compliance officer should begin to set the stage to undo that structure.  A separate office of Chief Compliance Officer should be created and separately budgeted.  The CCO should have autonomy from other operational offices and should have direct access to the Board of Directors, a Compliance Committee and the CEO.  This issue can be politically difficult within an organization and should be addressed soon rather than later.  Ultimately, this is an issue that must be firmly addressed by the Board of Directors under its responsibility to oversee the compliance program.

Effective Compliance Programs Are Important Says DOJ to HCCA

Monday, July 9th, 2012

compliance programs now mandatory

Assistant Attorney General, DOJ, Speaks Out On Compliance Programs

In the May issue of Compliance Today, the magazine of the Healthcare Compliance Association, there was an article containing an interview with Assistant Attorney General, Criminal Division, US Department of Justice, Lanny A. Breuer.  In response to questioning concerning what value there is to an organization’s compliance program, Mr. Breuer stated as follows:

Strong compliance programs help prevent illegal activity from occurring within the organization, and they ensure that any misconduct that does occur is uncovered quickly and handled responsibly. In recent years, the Justice Department has increased enforcement in several areas of white collar crime, so having an effective compliance program has never been more important than it is today.

This is yet another expression by the individuals who are charged with enforcing health care fraud laws that effective compliance programs are crucial.  Now that the Supreme Court has upheld that Affordable Care Act, mandatory compliance programs have a clear path to move forward.  I believe we wil start seeing regulations released implementing mandatory compliance program requirements over upcoming months.


Corporate Compliance and Ethics Week 2012

Monday, May 7th, 2012

Corporate Compliance and Ethics Week 2012

Use Corporate Compliance Week To Increase Aweness of Your Compliance Program

This week (May 6-12, 2012) has been designated as Corporate Compliance and Ethics Week by the Society of Corporate Compliance and Ethics and the Health Care Compliance Association.  Corporate Compliance Week is a great time for you to reinforce the message of compliance throughout your organization.  At a minimum you should use this opportunity to publicize your program, hot-line and reporting system and anti-retaliation policy. 

Some ideas to help you leverage Corporate Compliance Week to increase the visibility if your compliance program include:

– Send E-mail to all employees announcing that it is Corporate Compliance week.

– Release a special compliance week newsletter or alert.

– Publish a quiz about information that all employees should know about the compliance program.

– Release a message on compliance from the CEO and/or Compliance Officer.

– Have a breakfast, lunch or “meet and great” with a brief message about the compliance program.

– Post signs in break and other visible areas announcing Corporate Compliance Week and your compliance program.

– Hold a raffle and have employees complete a brief questionnaire on the basics of the compliance program in order to enter.

With a little creativity, you can make the most of Corporate Compliance and Ethics Week.  Your focus should be to enforce compliance as a positive element of your corporate culture.  Reinforce the message that the organization encourages reporting of compliance concerns through its reporting system and takes information that it receives seriously.  You should also reinforce the organizations intolerance for retaliation or retribution against parties that provide compliance information.

Take this opportunity to have fun with your compliance program and put a positive face on your efforts.  Take the information that you learn through the interactions that you have with employees to make improvements to your compliance program.

 Ruder Ware has an active Corporate Compliance and Ethics practice.  We counsel clients in a variety of industries, including healthcare, transportation, banking and manufacturing on various aspects of their compliance and ethics programs.  We assist clients in assessing the effectiveness of programs and suggesting steps to take in order to increase program effectiveness.  Ruder Ware is actively involved in the Society of Corporate Compliance and Ethics and the Health Care Compliance Association.  Two of our attorneys recently attended the Midwest meeting of the SCCE.  One of our attorneys is Certified in Healthcare Compliance through the Health Care Compliance Association.

Compliance Officer and Legal Counsel Dual Role

Sunday, February 20th, 2011

Health Care Compliance Officer and Legal Counsel Relationships

Should Compliance and Counsel Functions Be Separated?

There is a current debate within the health care industry about the relative roles of the Chief Compliance Officer (CCO) and Legal Counsel.  More specifically, questions are raised regarding whether the Legal Counsel should serve the dual role of legal counsel and compliance officer and whether the primary compliance officer can report through legal counsel.  There are arguments on both sides.  This is an extremely important issue to many organizations.  As such, I will be devoting several articles to the various aspects of this issue over the next several weeks.

In all but the very smallest organizations that clearly cannot absorb the cost of two separate functions, it presents increased compliance risk to the organization for the legal counsel to also be the prime individual responsible for compliance within the organization.

Dividing the compliance and legal counsel functions is clearly the “best practice” when it comes to organizational compliance. This conclusion is supported by comments from the Office of Inspector General (OIG), a consistent reading the the Federal Sentencing Guidelines (FSG), the position taken by the government in Corporate Integrity Agreement fraud and abuse settlements, and by the general ethical standards that apply to the general counsel.

The case for dividing the functions of legal counsel and compliance officer and creating a separate Compliance Office with direct line of authority to the Board or a Committee of the Board is quite compelling.  In fact, many organizations who had previously run the compliance role through the office of general counsel are now reviewing that practice and are making changes to their organizational structure and compliance plans.

A study done by the American Health Lawyers Associations and the Office of Inspector General in 2004 found that at that time, only 20% of the health care organizations that were polled had their compliance function under the authority of the Legal Counsel’s office.  It is safe to say that in view of more recent pronouncements by the OIG and by comments made in the Compliance Guidance for Hospitals that was released in 2005, the percentage of “dual role” organizations is now less than that figure.

The first source to be examined when defining the role of the compliance officer within an organization is the Federal Sentencing Guidelines.  The FSG do not specifically mention a compliance officer per se, but require that the compliance and ethics program be assigned to “high-level” personel.  When organizations first began creating compliance programs in response to the Federal Sentencing Guidelines, oftentimes the responsibility was assigned to the legal counsel.  This seemed to be a natural outgrowth of the function of the office of legal counsel.  In that regard, it made organizational sense because the office of legal counsel had resources and personnel in place to implement the compliance program without creating an entire new organizational division.

Over time, the assignment of compliance functions to the legal counsel began to raise questions.  Concerns were raised as to whether the legal counsel was in fact a “high level” personnel.  Additionally, questions were raised as to the degree that giving the legal counsel the dual role of compliance officer and legal counsel sufficiently conveyed the appearance of the importance that the organization placed on compliance.  As a result, some lawyers and compliance experts began to question whether creating a “dual role” compliance officer put the organization at risk of not receiving the benefits afforded under the Federal Sentencing Guidelines if the organization was ever in a position to need these benefits.

The Office of Inspector General has made its position clear that legal counsel should not exercise a dual role.  An examination of many of the recent Corporate Integrity Agreements that have been entered between providers and the OIG clearly demonstrate the OIG’s position on this matter.  Most CIAs outline the role and position of the compliance officer in the organization.  The standard language being used by the OIG is as follows:

“The Compliance Officer shall be a member of senior management of [Provider], shall make periodic (at least quarterly) reports regarding compliance matters directly to the Board of Directors of [Provider], and shall be authorized to report on such matters to the Board of Directors at any time.  The Compliance Officer shall not be or be subordinate to the General Counsel or Chief Financial Officer. [Emphasis Added]

Although the Sentencing Guidelines do not affirmatively address dual role situations, Commentary to the Sentencing Guidelines state that “applicable industry practice or the standards called for by any applicable governmental regulations” are factors to be considered.  Failure to follow these standards “weighs against a finding of an effective compliance and ethics program.”

At the same time, both the Sentencing Guidelines and the OIG Compliance Guidance recognize that the size of the organizations a factor in judging the level of compliance.  This recognizes that in cases where the organization is small and fewer resources are available, the organization can meet its obligations without necessarily creating a structure that separates the roles between the legal counsel and the compliance office.  However, there is no precise definition as to whether an organization is a “small organization” that can fulfill its compliance functions in less formal ways or a “large organization” which will be expected to devote suitable resources to create a completely separate compliance function.

This uncertainty leave an organization’s board of directors without precise guidance concerning an appropriate structure given the size and nature of its organization.  At the same time, best practices, given available resources, is to separate the compliance and legal counsel functions.  The potential consequences of failing to use an appropriate structure for the size of the organization is increased penalties in the event of an event of organizational criminal misconduct; so the consequences can be quite serious.

John H. Fisher

Health Care Counsel
Ruder Ware, L.L.S.C.
500 First Street, Suite 8000
P.O. Box 8050
Wausau, WI 54402-8050

Tel 715.845.4336
Fax 715.845.2718

Ruder Ware is a member of Meritas Law Firms Worldwide

The Health Care Law Blog is made available by Ruder Ware for educational purposes and to provide a general understanding of some of the legal issues relating to the health care industry. This site does not provide specific legal advice and you should not use the information contained on this site to address your specific situation without consulting with legal counsel that is well versed in health care law and regulation. By using the Health Care Law Blog site you understand that there is no attorney client relationship between you and Ruder Ware or any individual attorney. Postings on this site do not represent the views of our clients. This site links to other information resources on the Internet; these sites are not endorsed or supported by Ruder Ware, and Ruder Ware does not vouch for the accuracy or reliability of any information provided therein. For further information regarding the articles on this blog, contact Ruder Ware through our primary website.