Health Law Blog - Healthcare Legal Issues

Archive for June, 2017

Using the Self Disclosure Protocols to Minimize Risk

Tuesday, June 27th, 2017

When to Use the OIG’s Self Disclosure Protocols

Self Disclosure Mitigate RiskThe HHS Office of Inspector General offers providers an opportunity to self-disclose certain violations in exchange for avoiding some of the more draconian penalties that may otherwise apply under applicable regulations.  Even though the OIG’s Provider Self-Disclosure Protocols (“SDP”) can be very compelling, the decision whether to utilize the OIG’s self-disclosure protocols is often very difficult.

To begin, the SDP is not available in all situations.  The SDP is limited to situations that potentially violate Federal criminal, civil, and administrative laws for which Civil Monetary Penalties are authorized.  The SDP requires the disclosing party to Continue

Dermatology Fraud Risk Areas – Impossibly Long Days

Tuesday, June 27th, 2017

Failure to Supervise and Impossibly Long Days

Payment of $302,000 and Forced Corporate Integrity Agreement – July 2016

fraud and abuse dermatologistsThe government alleged the dermatologist in this case repeatedly billed for services under the “incident to” billing rules during periods when the dermatologist was not present in the office.  Some of the services were allegedly performed when the doctor was traveling out of the country.  The government also alleged the doctor billed for impossibly long days including one day where 26 hours were billed.

This case illustrates the need to comply with the “incident to” billing rules.  Those rules permit a physician extender’s services be billed under the physician in certain circumstances.  In order to qualify to bill incident to, the physician must be physically present within the office suite at the time the extender performs the service.  The physician cannot order the procedure and then leave the office while the procedure is being performed.  There are new Medicare rules clarifying some aspects of the “incident to” billing rules.  There was a previous ambiguity that some providers interpreted as permitting the physician that ordered the service to bill for the services, even though another physician actually supervised the performance of the service.  The rules revision clarified only the supervising physician can bill the services as “incident to” his or her service.  The ordering physician can only bill the service if he or she also supervises the extender.

Excessive Use of Multiple Removal Codes – Dermatology Fraud and Abuse

Tuesday, June 27th, 2017

Criminal Conviction of Dermatologist Excessive Use of Multiple Removal Codes – 2015

dermatology false claimsA Chicago area dermatologist was convicted of committing Medicare fraud by submitting false claims for more than 800 patients that led to payment of reimbursement of approximately $2.6 million.  The doctor was accused of falsely diagnosing patients and submitting bills without proper documentation of the necessary condition.  Most of the claims appear to have involved diagnosis of actinic keratosis, or sun-induced skin lesions that have potential to become cancerous.   The doctor was found guilty of criminal charges arising from this matter in 2015.

The dermatologist was alleged to have falsely documented hundreds of cases of medically unnecessary cosmetic treatments he reported as involving the removal of lesions (CPT 17004).  According to court records, the physician billed under the CPT code applicable to the removal of 15 or more lesions on a more or less routine basis.  These treatments were allegedly performed on hundreds of repeat patients over a number of years.  Many of the patients received this treatment on 10 or more visits.  Medicare reimbursed this treatment by paying up to $352.40 per treatment.  When these numbers are summarized, it becomes difficult to deny that abuse was going on in this case.  Evidence presented suggested the dermatologist falsely claimed to have removed more than 150 pre-cancerous lesions from approximately 350 Medicare patients, more than 450 patients covered by Blue Cross and Blue Shield, and additional patients covered by Aetna and Humana health insurance.

This case appears to have been a relatively clear case of actual fraud rather than failure to properly document the nature of the service.  Even though the case represents an extreme situation, it still holds some lessons for providers who are not attempting to commit fraud.  A few lessons that can be extracted from this case include:

  • Care should be taken when using multiple removal codes such as 17004.  These types of codes should not be used systematically.  Over time, the removal numbers add up to indicate potential fraud.
  • The record should be accurately and completely documented to support use of multiple removal codes.
  • Care should be taken not to bill codes relating to time increments or work units that, in the aggregate, result in an unrealistic amount of time in a given day.  Granted, some providers are more efficient than others, but at some point multiple procedure time units become excessive and can be statistically sampled to determine whether the individual doctor is within a standard range of services.

Dermatology Practice Fraud and Abuse Risks Identified in Florida Case

Tuesday, June 27th, 2017

Dermatologist Fraud and Abuse Risks – Identified from Florida Case Targeting Demotologist

Dermatology Risk Areas Fraud and AbuseAn allegation from a competing dermatologist resulted in a Federal government investigation of a Florida dermatologist.  The dermatologist was accused of charging the Medicare program for unnecessary biopsies and radiation treatments that were not rendered, not properly supervised, or given by unqualified physician assistants.  It was alleged the doctor was not even in the country when some of the procedures at issue were performed.  The unnecessary charges were alleged to have totaled around $49 million over a 6-year period.

The dermatologist did not admit wrongdoing in the settlement.  Rather, he alleged the overbilling resulted from his unique practice that relied on radiation, instead of disfiguring surgery, to help patients.  The doctor claimed he had cured “over 45,000 non-melanoma skin cancers with radiation therapy” over a 30-year period.  The problem with that argument appears to be the fact that the dermatologist was not trained or qualified in providing radiation oncology treatments.

There are a number of interesting things about this case.  The case was brought by a competing physician as a whistleblower.  The physician who brought the case expressed concern about having to treat patients that the accused doctor had misdiagnosed with squamous cell carcinoma.

The case also alleged significant billing for services allegedly provided when the doctor was not even in the office.  The accused doctor alleged he was available by phone while the procedures at issue were being performed.  This raises interesting issues under the rules regarding “incident to” billing.  Those rules permit a physician to bill for physician extender services.  In order to qualify to bill a service as “incident to” a physician’s service, the billing physician must meet supervisions requirements.  The physician must be physically present within the office suite during the performance of the procedure in order to qualify to bill a service as “incident to” the physician’s services.

It appears there were a number of things going on in this case.

  • There appears to have been a pattern of diagnosing a higher level of severity than was supported by the patient’s condition.
  • There was a routine use of radiation therapy, even in cases that were not medically appropriate.  This placed patients at potential risk.
  • There appears to have been questions whether the accused doctor was authorized to perform radiation therapy.
  • There were issues regarding improper use of the “incident to” billing rules when the doctor was not present to actively supervise the service.
  • There was also some evidence the doctor had offered incentives for staff to misdiagnose and over utilize the radiation treatment.
  • There was an alleged kickback arrangement with another physician who operated a clinical laboratory.

Challenging Physician Payment Sunshine Act Disclosures

Tuesday, June 27th, 2017

The Affordable Care Act added the Physician Payment Sunshine Act (Sunshine Act) as section 1128G to the Social Security Act. The Sunshine Act requires applicable manufacturers of drugs, devices, biologicals, or medical supplies and certain group purchasing organizations to report annually to the Centers for Medicare & Medicaid Services (CMS) certain payments or items of value that are provided to physicians and teaching hospitals.  The Sunshine Act also requires CMS to publish payments reported on a public Web site.

In 2013, CMS issued final regulations interpreting and clarifying the requirements of the Sunshine Act.  The final regulations clarify the reporting process, identify exceptions and exclusions from the reporting requirements, and provide further details regarding what constitutes a reportable relationship.  The final rule delineates the specific data elements reporting organizations are required to include and the required reporting format.  Reporting organizations failing to make required reports are subject to potential civil monetary penalties.  Continued

Credible Information Indicating Overpayment – Duty to Investigate

Tuesday, June 27th, 2017

Addressing Potential Over-payment Situations – Exercising Reasonable Care

known overpayment credible informationThe new final regulations under the 60-day repayment rule, require providers to affirmatively exercise reasonable diligence to identify potential overpayment situations. The obligations to further investigate is triggered when a provider receives “credible information” that indicates a potential overpayment.  Affirmative steps must be taken in a timely and good faith manner to investigate the situation further. Failing to use reasonable diligence can result in significant penalties under the False Claims Act (FCA). In some cases criminal liability can attach as well; particularly when evidence strongly indicates a problem might exist and a deliberate decision is made not to investigate or repay an amount due.

By now most health care providers are at least generally aware of the 60-day repayment rule. That rule originated as part of the Affordable Care Act in 2010. The rule provides that the failure to repay a known overpayment within 60 days after discovery results in potential penalties under the FCA. This means a simple overpayment is multiplied by a factor of three. Additionally, penalties can be assessed in amounts ranging from a minimum of $11,000 and a maximum of approximately $22,000 per claim. Financial exposure under the FCA can be very substantial; particularly when there is a systematic billing error that impacts a large number of claims over a significant period of time. The lookback period for imputed False Claims is 6 years, which amplifies the potential exposure when the “tip of the iceberg” is discovered in a current year audit.

The initial statutory provision left some ambiguity regarding application of the 60-day repayment rule. One significant ambiguity relates to when the 60-day time period begins to run. The statute states the 60-day period commences upon “identification” of the overpayment but included no clarification of when a provider is deemed to have identified the existence of an overpayment. It was not clear whether identification occurred when there was an allegation that an overpayment exists, when an amount of overpayment was calculated, when the existence of the overpayment was verified, or at some other time. It was also unclear whether actual knowledge of an overpayment was required or whether knowledge could be imputed in certain circumstances.

CMS provided clarification on the issue of identification in the final regulations, but the clarification places significant burdens on providers. Under the final rules, the provider is deemed to have identified an overpayment not when actual knowledge is obtained, but rather when the provider “should have” identified the overpayment through the exercise of “reasonable diligence.” The new standard requires providers to conduct a timely and good faith investigation when it receives credible information an overpayment might exist. Failing to take reasonable steps to investigate will result in imputed knowledge and deemed “identification” of the overpayment. In other words, the 60-day clock starts to run when the investigation should have commenced.

It is useful at this point to mention what constitutes an overpayment that invokes the statutory requirement. An overpayment exists when the provider receives any funds to which they are not entitled. There is no requirement of an amount threshold, substantiality, or materiality. Any overpayment invokes the statute and becomes a potential false claim if not repaid within the 60-day period. There are situations where the amount of overpayment is so small that the provider might determine it not worth the resources to identify, quantify and repay. When making this determination, it should be kept in mind the FCA will apply if a whistleblower case is brought or a government investigation is commenced and finds the overpayment. FCA liability can result in large penalties; particularly where there are multiple claims involved. It should also be kept in mind that criminal statutes impose felony penalties for the willful failure to return known overpayments.

Overpayments that are self-discovered and repaid before they become false claims are relatively easy to manage. Once the FCA potentially attaches, these situations become increasingly complicated to manage. The OIG Self Disclosure process should be considered where potential for significant penalties is present. The Self Disclosure Protocols permit resolution at a minimum of 1.5 times the amount of the overpayment. Full disclosure of the facts and investigation is required as part of the self-disclosure process. Only civil penalties are subject to settlement under the protocol. The wrong facts disclosed as part of the SDP process can lead to criminal charges against the entity or individuals. Criminal charges cannot be settled using the SDP.

Where amounts are smaller, a provider may decide to repay without going through the protocol process. A determination of which option is right in the specific situation should be made with the involvement of legal counsel that has experience with these issues.

Proper operation of a compliance program is the best defense to mitigating exposure under the 60-day rule. Prompt investigation should be conducted whenever there is a credible allegation of an overpayment. Compliance risk identification and proactive auditing can also help mitigate risk by identifying problems early and by demonstrating the compliance process is being effectively operated. This will help avoid allegations that overpayments should have been discovered sooner through the exercise of a reasonable compliance program. Most importantly, ignoring alleged overpayments is never an answer that mitigates risk. All credible allegations must be investigated and appropriate repayment should be made using one of the available methods. The requirements of the final rule should be baked into compliance program policies and procedures and staff should be educated on the need to investigate and return overpayments within required timeframes.

Personal Care Agency Fraud – Business Structure Can Impact Compliance Risk

Tuesday, June 27th, 2017

Personal Care Agency Structure Can Increase Risk and Government Scrutiny

Personal Care Agency FraudThe OIG recently released a review of Medicaid Fraud Control Unit activities which identified personal care agencies as accounting for nearly one-third of fraud prosecutions.  Previous blogs identified a number of compliance risks that often ensnare agencies.  Risk can also be impacted by the structure and nature of the business that is conducted by the agency.  The business might be perfectly legal, but can still create additional risk.

An good example involves personal care agencies that focus on recruiting patients with extended families who already reside with the patient.  A personal care business plan that focuses on training extended family might be technically legal, but can certainly present risk that a reviewer will more closely scrutinize record-keeping, PCW training, and other requirements.  Closer scrutiny may result in overpayment requests and/or investigation.

The normal business plan for a personal care agency involves the hiring and training of personal care worker who are assigned to clients who retain the agency’s services.  Normally, a PCW and a client do not know each other and certainly are not sharing a residence with the client.  Some agencies might focus their business on recruitment of patients who live with extended family.  Simply by providing training to the existing family member, the agency is able to generate reimbursement.  The extended family member is able to earn a wage for the service that it performed.

Immediate family will normally not qualify to generate reimbursement as a personal care work.  More distant family might be able to generate reimbursement.  There may be nothing specific in the laws of the applicable state that prohibits this type of arrangement.  At the same time, there is nothing prohibiting a regulator from more closely scrutinizing regulatory requirements when presented with agencies that may be technically legal but could be viewed as being abusive at their core.

The main point here is that business structure and other factors might present additional levels of risk to an agency.  Business structure should be considered as a factor when conducting risk analysis.  Businesses that are operated in technical compliance could present higher degrees of risk than more traditional business structures.

Safe Harbor Permits Some Free Transportation to Patients

Sunday, June 11th, 2017

Free Patient Transportation Safe Harbor

A new safe harbor was recently issued by the HHS Office of Inspector General that permits eligible health care providers to offer free or discounted transportation to established patients.  The safe harbor addresses concerns that offering free goods and/or services to patients might be considered payment of illegal “remuneration” in exchange for referrals. Use of free offers in connection with overt marketing remains a suspect practice, but the new safe harbor opens a limited window to permit providers to offer much needed transportation services to existing patients.

Provided that a number of specific requirements are met, the transportation safe harbor permits certain health care providers to offer regular route “shuttle service” and/or transportation to established patients.  The transportation service can only be provided within a 25 mile radius (50 miles in rural areas) for the purpose of obtaining medically necessary services.

Most health care service providers, such as hospitals, physician offices, skilled nursing facilities, ambulatory surgery centers, and others are eligible to provide transportation services.  However, organizations that primarily supplies health care items, such as providers of durable medical equipment and pharmacies, cannot take advantage of the safe harbor.  In its commentary, the OIG noted that many types of entities that do not directly render health care services to patients, such as Medicare Advantage organizations, managed care organizations, accountable care organizations, clinically integrated networks and charitable organizations, may qualify for safe harbor protection as long as they do not shift the cost to federal health care programs or payers.

Providers that operate transportation programs should adopt policies and procedures that define the operation of their program and which include requirements that minimize potential risk of providing free transportation service.  Reliance on the safe harbor required that the free or discounted local transportation services be included in policy that is applied uniformly and consistently.  The program cannot be offered in a manner related to the past or anticipated volume or value of federal health care program business.  Free transportation must be offered to all patients regardless of the level or profitability of their service.

Complete compliance with the new safe harbor is the best way to assure compliance.  Policies should include reference to the various safe harbor requirements, for example, free or discounted services are subject to the following limitations:

  • The services may only be provided to established patients.  An “established patient” is a person who has selected and initiated contact to schedule an appointment with a provider or supplier to schedule an appointment, or who previously has attended an appointment with the provider or supplier.
  • The services cannot include air, luxury, or ambulance-level transportation;
  • The services cannot be publicly marketed or advertised by the eligible entity or the driver during the course of the transportation, and the drivers or others arranging for the transportation cannot be paid on a per-beneficiary-transported basis;
  • The services may only be provided within 25 miles of the health care provider or supplier to or from which the patient would be transported, or within 50 miles if the patient resides in a rural area;
  • The services can only be for the purpose of obtaining medically necessary items and services; and
  • Associated costs cannot be shifted to Medicare, a state health care program, other payers, or individuals.

The safe harbor also protects the offering of a shuttle service by eligible entities.  The term “shuttle” is defined as a vehicle that runs on a set route and on a set schedule.  The final rule allows eligible entities to provide shuttle services by complying with most of the criteria that are applicable for services to existing patients.  If the service is operated on a defined and regular route, the service is not limited to existing patients.  Most of the other provisions of the safe harbor for existing patients will apply to the shuttle service.

Organizations that provide shuttle or patient transportation services should review their programs in view of the new safe harbor regulations.  The new regulations mandate written policies and procedures which must be uniformly enforced and followed.  This requires records to be maintained that documents compliance with safe harbor requirements.  Transportation programs that do not strictly meet all of the requirements of the safe harbor do not necessarily violate the anti-kickback statute.  However, safe harbor compliance is the best way to mitigate potential risk.

John H. Fisher

Health Care Counsel
Ruder Ware, L.L.S.C.
500 First Street, Suite 8000
P.O. Box 8050
Wausau, WI 54402-8050

Tel 715.845.4336
Fax 715.845.2718

Ruder Ware is a member of Meritas Law Firms Worldwide

Search
Disclaimer
The Health Care Law Blog is made available by Ruder Ware for educational purposes and to provide a general understanding of some of the legal issues relating to the health care industry. This site does not provide specific legal advice and you should not use the information contained on this site to address your specific situation without consulting with legal counsel that is well versed in health care law and regulation. By using the Health Care Law Blog site you understand that there is no attorney client relationship between you and Ruder Ware or any individual attorney. Postings on this site do not represent the views of our clients. This site links to other information resources on the Internet; these sites are not endorsed or supported by Ruder Ware, and Ruder Ware does not vouch for the accuracy or reliability of any information provided therein. For further information regarding the articles on this blog, contact Ruder Ware through our primary website.