Health Law Blog - Healthcare Legal Issues

Posts Tagged ‘Compliance’

Friday, May 25th, 2018

Complying with Michigan’s New Controlled Substance Laws – The Bona-Fide Prescriber-Patient Relationship Requirement

The state of Michigan has enacted a number of separate pieces of legislation to address the opioid epidemic.  Most of these laws are directed at controlling the prescribing relationship between a physician and a patient.

Generally, Michigan requires a controlled substance license to prescribe controlled substances in the state. A holder of a controlled substance license may administer or dispense a schedule 2 to 5 controlled substance without a separate controlled substance license covering those substances. Additional requirements will attach to the prescribing relationship commencing at various intervals.

This article covers the new requirement regarding the establishment of a bona-fide prescriber-patient relationship.  Starting on the sooner of March 31, 2019 or the date that regulations are issued, a licensed prescriber will be required to have a “bona-fide prescriber-patient relationship” in order to prescribe a schedule 2 to 5 controlled substance.  In order to be considered a “bona-fide prescriber” the prescriber must review relevant medical/clinical records, complete a full assessment of medical history and current medical condition, conduct a relevant medical evaluation either in person or through telehealth, and maintain records of the patient’s condition to medically accepted standards.

All of these factors should be supported by the patient’s medical record.  There are a lot of lose ends on the definitions applicable to each of these requirements.  It is possible that additional details will be forthcoming when regulations are finalized.  Because these requirements a condition precedent to being able to prescribe schedule 2 to 5 controlled substance, it is critical that physicians and other prescribers review their documentation standards to be certain that these requirements are reflected in the patient’s chart in each instance.  Provider entities will need to consider adopting policies and procedures setting the standards for documentation and integrating the other requirements of Michigan’s new laws.  Appropriate training should also be conducted to assure that prescribers and their support staff are aware of the detailed documentation requirements.  Additionally, appropriate monitoring and auditing should be conducted to assure that prescribers are meeting the requirements.

Auditing Physician Payments For Stark Law Compliance

Thursday, April 3rd, 2014

One area of compliance that is often overlooked involves auditing of physician payments.  Physician contracts are often audited to determine whether they comply with a Stark Law exception.  Compliance should also work in the other direction, from payments that are made back to the existence of a contract that memorializes an applicable Stark Law exception.

Periodic monitoring of payments that are made to physicians should be undertaken.  Payments should be tracked to contracts to assure that the payment is covered by an applicable exception.  If there is no corresponding written agreement or if the written agreement has expired, there could be a potential Stark Law violation.  Further examination concerning the nature and purpose of the payment should be made.  If a Stark Law violation is found, self disclosure should be considered.

Hospice and Home Health Areas of Review Risk

Wednesday, September 18th, 2013

Home Health and Hospice Review Areas

home health hospice fraud reviewsThere are several areas applicable to home health and hospice that are susceptible to review.  Hospice reviews have tended to focus on whether patients actual meet criteria to be eligible to receive hospice benefits.  The focus on hospice arises, at least in part, due to the expansion of this segment of health care industry and the relatively rapid increase in spending for hospice care.  The government’s audit and enforcement trends indicate a deep suspicion that hospice are admitting patients who are not terminal or do not otherwise meet eligibility criteria.  The government points to the relatively large number of hospice patients who are discharged from hospice care alive.

In order to qualify for hospice benefits, a Medicare patient must have an illness that is terminal.  A physician must certify that the patient is terminal and is unlikely to live longer than six months if the illness runs its expected course.  The patient must also waive their right to receive curative treatment for the terminal condition in order to qualify for benefits.  Physician certification must be provided at two 90-day intervals following hospice admission.  After the first 180 days of hospice care, the patient must be seen “face-to-face” by a nurse practitioner who determines continued eligibility for coverage.  This process of certification and admission qualification creates several obvious pouts of risk for providers.  The government seems to be keying in on a few of these points of risk as evidenced by recent enforcement actions.

Payments to physicians for administrative duties should be carefully scrutinized to assure that the compensation arrangement does not create a referral inducement.  Medical director agreements must be analyzed under the Anti-Kickback Statute and applicable Stark Law exceptions.  Compensation should be at fair market value, cannot take into account he volume or value of referrals, and must meet other regulatory requirements.

Nursing Home Compliance Programs – ACA Statutory Mandate

Tuesday, March 26th, 2013

Mandatory Compliance Program Requirements – Affordable Care Act Statutory Mandate

Provisions of Affordable Care Act Relating to Mandatory Compliance Programs For Nursing Facilities




Part A of title XI of the Social Security Act (42 U.S.C. 1301 et seq.), as amended by sections 6002 and 6004, is amended by inserting after section 1128H the following new section:


‘‘(a) DEFINITION OF FACILITY.—In this section, the term ‘facility’ means—

‘‘(1) a skilled nursing facility (as defined in section 1819(a)); or

‘‘(2) a nursing facility (as defined in section 1919(a)).


‘‘(1) REQUIREMENT.—On or after the date that is 36 months after the date of the enactment of this section, a facility shall, with respect to the entity that operates the facility (in this subparagraph referred to as the ‘operating organization’ or ‘organization’), have in operation a compliance and ethics program that is effective in preventing and detecting criminal, civil, and administrative violations under this Act and in promoting quality of care consistent with regulations developed under paragraph (2).


‘‘(A) IN GENERAL.—Not later than the date that is 2 years after such date of the enactment, the Secretary, working jointly with the Inspector General of the Department of Health and Human Services, shall promulgate regulations for an effective compliance and ethics program for operating organizations, which may include a model compliance program.

‘‘(B) DESIGN OF REGULATIONS.—Such regulations with respect to specific elements or formality of a program shall, in the case of an organization that operates 5 or more facilities, vary with the size of the organization, such that larger organizations should have a more formal program and include established written policies defining the standards and procedures to be followed by its employees. Such requirements may specifically apply to the corporate level management of multi unit nursing home chains.

‘‘(C) EVALUATION.—Not later than 3 years after the date of the promulgation of regulations under this paragraph, the Secretary shall complete an evaluation of the compliance and ethics programs required to be established under this subsection. Such evaluation shall determine if such programs led to changes in deficiency citations, changes in quality performance, or changes in other metrics of patient quality of care. The Secretary shall submit to Congress a report on such evaluation and shall include in such report such recommendations regarding changes in the requirements for such programs as the Secretary determines appropriate.



In this subsection, the term ‘compliance and ethics program’ means, with respect to a facility, a program of the operating organization that—‘‘(A) has been reasonably designed, implemented, and enforced so that it generally will be effective in preventing and detecting criminal, civil, and administrative violations under this Act and in promoting quality of care; and ‘‘(B) includes at least the required components specified

in paragraph (4).

‘‘(4) REQUIRED COMPONENTS OF PROGRAM.—The required components of a compliance and ethics program of an operating organization are the following:

‘‘(A) The organization must have established compliance standards and procedures to be followed by its employees and other agents that are reasonably capable of reducing the prospect of criminal, civil, and administrative violations under this Act.

‘‘(B) Specific individuals within high-level personnel of the organization must have been assigned overall responsibility to oversee compliance with such standards and procedures and have sufficient resources and authority to assure such compliance.

‘‘(C) The organization must have used due care not to delegate substantial discretionary authority to individuals whom the organization knew, or should have known through the exercise of due diligence, had a propensity to engage in criminal, civil, and administrative violations under this Act.

‘‘(D) The organization must have taken steps to communicate effectively its standards and procedures to all employees and other agents, such as by requiring participation in training programs or by disseminating publications that explain in a practical manner what is required.

‘‘(E) The organization must have taken reasonable steps to achieve compliance with its standards, such as by utilizing monitoring and auditing systems reasonably designed to detect criminal, civil, and administrative violations under this Act by its employees and other agents and by having in place and publicizing a reporting system whereby employees and other agents could report violations by others within the organization without fear of retribution.

‘‘(F) The standards must have been consistently enforced through appropriate disciplinary mechanisms, including, as appropriate, discipline of individuals responsible for the failure to detect an offense.

‘‘(G) After an offense has been detected, the organization must have taken all reasonable steps to respond appropriately to the offense and to prevent further similar offenses, including any necessary modification to its program to prevent and detect criminal, civil, and administrative violations under this Act.

‘‘(H) The organization must periodically undertake reassessment of its compliance program to identify changes necessary to reflect changes within the organization and its facilities.

Compliance Issues In Mergers and Acquisitions – Compliance Institute 2013

Wednesday, October 31st, 2012

Compliance Issues In Health Care Mergers and Acquisitions
John Fisher to Speak at HCCA National Compliance Institute

Medical Practice Compliance ProgramsThe Health Care Compliance Association (HCCA) has released the program and speakers for its annual Compliance Institute that is being held at Gaylord National National Harbor, MD (DC Metro Area) on April 23 and 24, 2013. John Fisher will be presenting at the national conference on the topic “Compliance Issues in Mergers and Acquisitions.” John is a member of the Ruder Ware Health Care Industry Focus Team. He is certified in Health Care Compliance and in Corporate Compliance and Ethics. John began his practice in representing health care providers in 1985. John has a depth of experience in health care transactions, provider integration and mergers and acquisitions involving health care providers. He has been involved in provider integration since the early 1990s.

HCCA is a national association of health care compliance professionals. HCCA provides the following description of John’s presentation:

Compliance Issues in Mergers and Acquisitions
John Fisher II, Health Care & Compliance Counsel, Ruder Ware, LLSC
– When will you be liable for the liabilities of an entity you are acquiring?
– What is the appropriate role of compliance in the transaction?
– Defining the scope of due diligence and addressing compliance issues

A complete description of the Compliance Institute program is included on the HCCA web site at the following link: HCCA Compliance Institute 2013

Protecting Your Practice From Fraud – Seminar Announcement

Monday, October 1st, 2012

Protecting your practice:  Deterring fraud in your organization

The best way to stop fraud at your practice? Keep it from starting in the first place. Fraud is more common than you might think, so taking preventive measures is key.

Addressing Employee Fraud Issues

Mark DeBroux, practice management consultant with Schenck, will discuss how employee fraud can impact a health care organization, identify common areas where fraud can occur, and suggest methods to prevent and detect fraud. Mark will provide you with practical information on:

  • How fraud schemes are commonly perpetrated
  • How to identify “red flags” of fraudulent behavior
  • How to put proper procedures in place to deter fraud, including segregating job duties
  • How employee fraud in the health care area can impact your organization
  • How to detect risk areas where fraud may occur
  • How to address fraud when it occurs

How To Develop A Compliance Program

Health care attorney John Fisher of Ruder Ware will discuss government fraud enforcement and how to develop a systematic program to deter health care fraud in your organization. John is certified in health care compliance and in corporate compliance and ethics and will provide valuable insights into:

  • What is involved in creating a compliance program
  • How smaller providers can meet their mandatory compliance obligations
  • What policies are normally included within a compliance program
  • Setting up a compliance structure that works for your organization
  • How to budget for your compliance efforts

Visit the following link for further information and to register.  Health Care Practice Management Seminar Series

Compliance Program Best Practices Tips

Friday, July 13th, 2012

Tips For Best Practices In Compliance Program Operation

Here are a few tips to help you attempt to meet the “best practices” standard:

1.         Act as if you are under a Corporate Integrity Agreement.  Always assume that the government is looking over your shoulder and that you will be called upon at some point to justify the effectiveness of your compliance program.

2.         Follow the government guidelines to the tee.  Familiarize yourself with the Federal Sentencing Guidelines and OIG Industry Guidance and integrate these requirements into your compliance plan.

3.         Keep up with government releases, speeches, regulations, comments, advisory opinions, and all other communication that help to define your obligations.

4.         Make your compliance plan a “living and breathing” documents that is continually up for revision based on specific things that you learn about your specific organizations.

5.         Make sure your compliance officer focuses on compliance and does not wear other hats that compete for time, attention or perspective.

6.         Make certain that sufficient resources are devoted to compliance.  Adopt the view that it is better to spend money on compliance that to pay for mistakes down the road.

If there is any area where you are not able to achieve “best practices” for financial or other reasons, be prepared to justify your shortcomings.  Key to all of this is to operate as if you will someday be required to defend the effectiveness of your compliance program.  In all likelihood you will someday be in exactly that position given the current state of the health care industry and mentality of the governmental agencies that are charged with enforcement.

These are just a few tips to get you thinking about your compliance approach.  Health care reform has made compliance programs mandatory for the first time.  There are also multiple indications that the government wants organizations to devote more to compliance as a way to save health care costs.  It is clearly time for organizations of all types and sizes to re-focus their efforts on compliance within their organizations.

Corporate Compliance and Ethics Week 2012

Monday, May 7th, 2012

Corporate Compliance and Ethics Week 2012

Use Corporate Compliance Week To Increase Aweness of Your Compliance Program

This week (May 6-12, 2012) has been designated as Corporate Compliance and Ethics Week by the Society of Corporate Compliance and Ethics and the Health Care Compliance Association.  Corporate Compliance Week is a great time for you to reinforce the message of compliance throughout your organization.  At a minimum you should use this opportunity to publicize your program, hot-line and reporting system and anti-retaliation policy. 

Some ideas to help you leverage Corporate Compliance Week to increase the visibility if your compliance program include:

– Send E-mail to all employees announcing that it is Corporate Compliance week.

– Release a special compliance week newsletter or alert.

– Publish a quiz about information that all employees should know about the compliance program.

– Release a message on compliance from the CEO and/or Compliance Officer.

– Have a breakfast, lunch or “meet and great” with a brief message about the compliance program.

– Post signs in break and other visible areas announcing Corporate Compliance Week and your compliance program.

– Hold a raffle and have employees complete a brief questionnaire on the basics of the compliance program in order to enter.

With a little creativity, you can make the most of Corporate Compliance and Ethics Week.  Your focus should be to enforce compliance as a positive element of your corporate culture.  Reinforce the message that the organization encourages reporting of compliance concerns through its reporting system and takes information that it receives seriously.  You should also reinforce the organizations intolerance for retaliation or retribution against parties that provide compliance information.

Take this opportunity to have fun with your compliance program and put a positive face on your efforts.  Take the information that you learn through the interactions that you have with employees to make improvements to your compliance program.

 Ruder Ware has an active Corporate Compliance and Ethics practice.  We counsel clients in a variety of industries, including healthcare, transportation, banking and manufacturing on various aspects of their compliance and ethics programs.  We assist clients in assessing the effectiveness of programs and suggesting steps to take in order to increase program effectiveness.  Ruder Ware is actively involved in the Society of Corporate Compliance and Ethics and the Health Care Compliance Association.  Two of our attorneys recently attended the Midwest meeting of the SCCE.  One of our attorneys is Certified in Healthcare Compliance through the Health Care Compliance Association.

Mandatory Compliance Plans For Physicians

Monday, December 19th, 2011

Mandatory Compliance Programs for Physician PracticesHealth care attorneys health law

 Steps Necessary to Implement an Effective Compliance Program

 John H. Fisher, J.D., C.H.C.

 It is no secret that the government is becoming increasingly aggressive in its enforcement efforts against health care providers.  At the same time, regulations are becoming more complicated.  The combination of these two forces means that many unknowing providers are being caught up in costly investigations of their practices.  The government is taking a “return on investment” approach to health care fraud and is seeing a good return on every dollar that they put into the efforts.  As a result, we cannot expect fraud enforcement to decrease any time soon.

 For this reason, it is important that providers, including medical practices, develop and operate systems to help them comply with governmental regulations and third party payer billing requirements.  The development of a formalized compliance program has become an indispensible part of the risk management process of medical practice.  Failure to maintain compliance can lead to an increase in reimbursement disputes, increased uncollectable fees, more demands for repayment, civil litigation and in extreme cases, potential criminal prosecution.  Matters to be addressed in compliance programs include not only billing practices but also anti-kickback compliance, state and federal self-referral prohibitions, state fee-splitting laws, licensure and accreditation requirements, labor relations matters, antitrust and price fixing prohibitions, HIPAA and medical records issues and a whole host of other state and federal laws.

 Formalized compliance programs first began appearing in the late 1990s as a way to minimize risk in primarily large institutions.  Compliance programs are a child of the Federal Sentencing Guidelines which factors in the adoption of 7 pillars of an effective compliance program when a health care organization is facing potential institutional criminal penalties for legal violations.  Formal compliance programs were more deeply woven into the fabric of many organizations as the Medicare Office of Inspector General began releasing compliance guidance directed toward specific segments of the health care industry in the late 1990s and continuing through the mid 2000s.  One of the industry segments that the OIG has specifically addressed in its published compliance guidance are physician practices. 

 Acffordable Care Act Mandates Formal Compliance Programs

 Even though compliance programs have not traditionally been mandatory, over the past ten years, formal compliance has become industry “best practices” for virtually all segments of the health care industry.  Compliance guidance for physician practices was issued by the Office of Inspector General in 2000.  Since that time, many physician practices, especially more complex specialty practices, have developed some sort of compliance plan.  Although compliance plans have not previously been mandatory, they have become “industry standard” as a way to minimize risks associated with health care regulations such as the Health Insurance Portability and Accountability Act of 1996, the Medicare and Medicaid Fraud and Abuse Laws, Anti-kickback Statute, Civil Monetary Laws, False Claims Act, the Clinical Laboratory Improvement Act and all other state and federal statutes, regulations and directives that apply to the operation of a complex physician’s practice.

 Section 6401 of the Patient Protection and Affordable Care Act of 2010, as amended by the Health Care Education Reconciliation Act of 2010 (the “Affordable Care Act”) requires HHS and the Office of Inspector General to promulgate regulations that require most healthcare providers and suppliers to establish compliance programs.  The compliance programs are intended to be “effective in preventing and detecting criminal, civil, and administrative violations” under the Medicare and Medicaid laws and other laws that govern operations.

Under the Affordable Care Act, physicians and group practices, along with other relatively small providers, will be required to establish compliance programs as a condition of enrollment in the Medicare program.  Early versions of the Affordable Care Act included an exception for physicians which was deleted from the version of the Act that was signed into law.  We know that the mandatory compliance program requirement will apply to physician practices absent further legislative action.

 The Affordable Care Act’s compliance program mandates are divided into two categories: (1) requirements for nursing facilities and (2) requirements for all other providers and suppliers. The nursing facility compliance program provisions in the Affordable Care Act are relatively detailed and contain a specific timetable for implementation.  The statutory requirements pertaining to other types of health care providers do not provide any time frame for implementation but rather leave this issue to the discretion of HHS. 

 HHS is required to issue regulations creating a timetable and basic core compliance program requirement.  These matters are to be addressed in regulations that are yet to be published.  Medicare & Medicaid Services (CMS) officials have made public statements that indicate that the agency expects to issue the mandatory compliance program requirements on a rolling basis. There is no additional information on the expected timetable for application of the mandatory compliance program requirement at this time, but most professionals in the industry expect regulations to be out by early in 2012.

About The Author

This article is part of a multiple part series by Health Care Attorney John Fisher, CHC on compliance programs for physician practices.

John Fisher, JD, CHC  is a seasoned health care attorney and is certified in Health Care Compliance by the Health Care Compliance Association.  Mr. Fisher is available to assist physician groups and other health care providers nationwide in the development and operation of Compliance Programs.

Mr. Fisher has significant experience in the various legal and regulatory matters that are faced by physicians including the Stark Law, Anti-Kickback Statute and Safe Harbors, Medicare and Medicaid reimbursement rules, HIPAA, False Claims Act, antitrust laws, employment laws, contract matters, business ventures and laws governing financial relationships between physicians, and others.

Mr. Fisher practices with the Ruder Ware law firm in Wausau, Wisconsin.  His practice on compliance and Federal Law issues is nationwide.

OIG Audits Reveal Areas of Billing Compliance Risks

Monday, December 19th, 2011

Recent OIG Billing Audits Are Reflective of Risk Areas for Hospital Billing

Medicare OIG Billing Audits InpatientThe Office of Inspector General Audit Division has released the results of a billing audit that it performed relative to Norwood Hospital, a 264-bed acute care facility located in Norwood, Massachusetts. The audit included certain identified claims for inpatient and outpatient services provided to beneficiaries from July 2008 through June 2010.  The OIG  audit covered $1,204,371 in Medicare payments for 198 claims (123 inpatient and 75 outpatient) that were judgmentally selected by the OIG as potentially at risk for billing errors.  A complete report of the Norwood audit can be found at: Norwood OIG Audit Report

The audit found that the Hospital complied with Medicare billing requirements for 99 of the 198 claims. However, 99 claims had errors, resulting in overpayments totaling $206,836. The OIG determined that the overpayments occurred primarily because the Hospital did not have adequate controls to prevent incorrect billing of Medicare claims and did not fully understand the Medicare billing requirements.

The audit of Norwood was part of the OIG’s routine process to identify certain billing areas that are at a high risk of error.  The OIG has announced that it plans to conduct more of this type of review on an ongoing basis.  As such, the nature and outcome of this review process can be instructive to hospitals who may find themselves on the receiving end of one of these audits.
The OIG has outlined the general areas where it will focus its audits and has identified these areas as “risk areas.”  Risk areas identified by the OIG includ claims billed for:

  • inpatient short stays,
  • inpatient same-day discharges and re-admissions,
  • inpatient claims billed with high severity level DRG codes,
  • inpatient claims paid in excess of charges,
  • outpatient claims billed with modifier -59,
  • outpatient claims billed during inpatient stays,
  • outpatient evaluation and management services billed with surgical services,
  • outpatient claims paid in excess of charges, and
  • outpatient dental services.

The report from the OIG identified more specific errors that the Hospital was found to have made and wich led to the overpayment determination.  These specific findings are quite instructive.  Facilities should consider including these areas as potential risk areas for targeted internal review.  In some cases, these areas a facility may wish to provide focused training and instruction to billing staff of other relevant employees in order to reduce the risk of inaccurate claims being made.

Some of the specific areas that were a problem in the Norwood audit included:

  • Incorrect billing of Medicare Part A for beneficiary stays that should have been billed as outpatient or outpatient with observation services.
  • One claim did not have a valid physician order to admit the beneficiary for inpatient care
  • Incorrect billing for inpatient claims with same-day discharges and re-admissions.
  • Billing with incorrect DRG codes for several cases with high severity level DRG codes.

John H. Fisher

Health Care Counsel
Ruder Ware, L.L.S.C.
500 First Street, Suite 8000
P.O. Box 8050
Wausau, WI 54402-8050

Tel 715.845.4336
Fax 715.845.2718

Ruder Ware is a member of Meritas Law Firms Worldwide

The Health Care Law Blog is made available by Ruder Ware for educational purposes and to provide a general understanding of some of the legal issues relating to the health care industry. This site does not provide specific legal advice and you should not use the information contained on this site to address your specific situation without consulting with legal counsel that is well versed in health care law and regulation. By using the Health Care Law Blog site you understand that there is no attorney client relationship between you and Ruder Ware or any individual attorney. Postings on this site do not represent the views of our clients. This site links to other information resources on the Internet; these sites are not endorsed or supported by Ruder Ware, and Ruder Ware does not vouch for the accuracy or reliability of any information provided therein. For further information regarding the articles on this blog, contact Ruder Ware through our primary website.