The headlines keep coming – chief executives being indicted for fraud and millions being paid by hospitals for improper billing practices and by physician groups for making illegal referrals or billing for unnecessary services. On the local level, state Medicaid enforcement units are ratcheting up their activity and seeking millions in repayment due to what are generally innocent errors in documentation and/or billing. The best defense to these claims? A strong offense in the form of a strong compliance program, and the new year is a perfect time to take a close look at your program.
A compliance program and sincere remedial efforts can be the difference between a “false claim” and a “billing error” by reasonably ensuring a corporation follows all applicable laws, rules, and regulations, as well as internal codes of conduct, policies, and procedures. Compliance is a component of internal controls and should be subject to independent audits. Internal audits are key to an effective compliance program.
The Department of Justice (DOJ) and the Department of Health and Human Service’s Office of Inspector General (OIG) are evaluating compliance programs when potentially criminal or fraudulent conduct has been identified. Both DOJ and OIG issued guidance in early 2017 that health care organizations should use in their compliance programs. You can find DOJ’s guidance here and OIG’s guidance here.
DOJ considers the existence and effectiveness of a corporation’s pre-existing compliance program and the corporation’s remedial efforts to implement an effective program or improve an existing one. OIG’s guide includes more than 400 compliance metrics addressing seven elements of an effective compliance program with suggested ways to measure the metrics.
Both DOJ and OIG make clear the importance of having internal monitoring and auditing processes and conducting investigations when concerns arise. The DOJ looks back to whether an audit could have uncovered the misconduct. The OIG assesses whether audit processes are in place to identify compliance deficiencies.
OIG’s guidance focuses on auditing and monitoring compliance program elements, such as periodically reviewing training and policies and procedures to ensure that they are up-to-date, understandable to staff and accurately reflect the business process as it is actually performed. The guidance does not constitute de facto compliance program requirements or OIG recommendations, but establishing a program that contains the requirements will likely help during an investigation.
Seemingly harmless operational issues (e.g. failing to use modifiers, miscoding a service, entering the wrong duration, failing to have a provider sign when required) can have huge consequences. These errors may be avoided by incorporating audits of all aspects of documentation and billing practices into your compliance program. Resolving to review and strengthen your compliance program is a perfect way to start the New Year.