Due to their size and the complexity of their operations, hospitals face unique compliance burdens. In order to avoid requests for recoupments, fines, and other penalties, hospitals must develop and implement comprehensive compliance programs that are carefully tailored to their individual risks.
With hospitals receiving nearly half of all fee-for-service payments from Medicare (46 percent as of 2015), they are constant targets for federal health care fraud audits and investigations. The U.S. Department of Health and human Services’ Office of Inspector General (OIG) publishes the results of some of its “Hospital Compliance Reviews” online, and the OIG is just one of multiple federal agencies that target hospitals for civil and criminal health care fraud investigations.
For hospitals, one of the most-effective tools for avoiding billing errors and other potentially-costly mistakes is a comprehensive and well-executed compliance program. Contrary to popular belief, a Health Insurance Portability and Accountability Act (HIPAA) compliance program is not enough. While a HIPAA compliance program addresses one significant aspect of hospitals’ statutory obligations, focusing solely on HIPAA compliance ignores the multitude of other federal laws and regulations that apply to Medicare, Medicaid, Tricare, and other program-participating health care providers.
Did you know?
- Medicare, Medicaid, Tricare, and the Department of Labor (DOL) health care benefit program all have their own unique sets of billing and compliance standards.
- The Anti-Kickback Statute, the Controlled Substances Act, the False Claims Act, and various other laws all have civil and criminal provisions that apply to hospitals and hospital administrators.
- Even if your hospital is compliant, if you cannot prove it with extensive documentation, your hospital could be at risk in the event of an audit or investigation.
- Hospitals cannot delegate their compliance obligations by contracting with physicians, independent laboratories, durable medical equipment (DME) companies, billing administrators, marketing groups, and other third-party service providers.
- Fee-for-service audit contractors (including MACs, RACs, and ZPICs) working with the Centers for Medicare and Medicaid Services (CMS) are financially incentivized to accuse hospitals of collecting overpayments during audits.
These considerations, along with many others, make it critically important for hospitals of all sizes and in all regions of the country to adopt comprehensive and custom-tailored compliance policies and procedures.
Federal Health Care Compliance Counsel for Hospitals Nationwide
When developing a compliance program and implementing policies and procedures on an organization-wide basis, it is essential to work with federal health care compliance attorneys who have a high volume of relevant experience. At Oberheiden, P.C., our team of career defense attorneys and former federal health care fraud prosecutors brings centuries of combined experience to helping hospitals establish, maintain, and prove compliance. Our attorneys have handled thousands of health care fraud audits and investigations, grand jury proceedings, and civil and criminal trials across the country, and we utilize the knowledge and insights gained from this experience to develop comprehensive compliance programs focused on avoiding the issues that lead to federal scrutiny.
Key Federal Health Care Compliance Considerations for Hospitals
When it comes to federal health care compliance, developing a comprehensive compliance program is just the first step in the process. Once developed, the compliance program must be thoroughly implemented, and then the hospital’s compliance efforts must be consistently monitored so that any violations can be remedied appropriately.
1. Compliance Program Documentation
For hospitals, federal health care compliance programs must address all aspects of program billing compliance as well as the various other statutory and regulatory requirements that create potential liability exposure. These programs must be custom-tailored to each individual hospital’s particular requirements, and they must reflect a comprehensive understanding of the current legal framework governing program-participating health care providers.
While developing appropriate written policies, procedures, and protocols is a key (and substantial) first step, compliance documentation is an ongoing process. Not only must the hospital’s existing compliance documentation be reviewed and re-evaluated to ensure continued compliance when statutory or regulatory requirements change, but hospitals must generate and maintain documentary evidence of their routine and non-routine compliance efforts as well.
2. Employment and Independent Contractor Relationships
One area in particular where hospitals can face scrutiny from federal authorities is their classification of employees and independent contractors. While certain relationships can be legitimately established through independent contractor agreements, misclassification of individuals who qualify as employees under federal tax law can lead to issues with federal health care regulators. Certain types of independent contractor relationships are also particularly likely to garner questions from federal authorities (including any relationships where compensation is paid on a percentage basis), and these relationships must be carefully structured and documented to ensure that they are fully compliant with federal law.
3. Initial and Ongoing Training and Education
Once the initial compliance documentation has been drafted, hospital administrators, working with the hospital’s legal counsel, must execute a systematic plan for providing organization-wide training and education. Training and education efforts should be appropriately tailored to the needs of employees in all of the hospital’s various departments, and they should focus on explaining the hospital’s compliance obligations as well as what employees can (and should) do to avoid statutory and regulatory violations.
4. Marketing Considerations
While it may not seem like it, marketing is a high-risk area when it comes to federal health care compliance. In particular, arrangements with marketing groups are likely to trigger federal inquiries, with federal agents looking for evidence that the hospital is unlawfully using program-reimbursed funds to pay for Medicare, Medicaid, Tricare, or DOL patient leads. While hospitals can lawfully engage third-party marketing agencies to help them generate business, when doing so they must execute carefully-drafted agreements that have their compliance obligations and the risk of marketer non-compliance in mind.
5. Contracting Considerations
In order to address the risk of marketer non-compliance and to avoid other issues arising out of third-party compliance issues, hospitals should include adequate contractual protections in their third-party agreements. Indemnification and mandatory insurance clauses are common (although these clauses must be carefully tailored to the particular liability risks and exposure involved), as are other forms of contractual protections. Mitigating risk through contracting is a critical aspect of compliance with regard to agreements with independent physicians, testing labs, DME suppliers, and other entities.
6. Billing and Coding Compliance
When most people think of Medicare, Medicaid, Tricare, or DOL compliance, the administrative aspects of program billing are what come to mind. Billing and coding compliance are indeed critical, and hospitals must often undertake exhaustive measures to ensure that their billing administrators (either in-house or third-party) have the knowledge and commitment required to consistently avoid billing and coding mistakes.
In addition to adopting billing and coding compliance policies and implementing adequate compliance procedures, hospitals must ensure that they are adequately documenting the justification for their program billings as well. When auditors or federal agents come calling, having documentation to substantiate claims of medical necessity and track the delivery of DME can help avoid more-invasive inquiries with a higher potential for subsequent legal proceedings.
7. Violation Reporting
Hospitals should encourage employees to report suspected compliance issues. Reporting procedures should be covered during training, and employees should be provided with a clear chain of command so that they know how and where to report possible violations. Employees should have the option to report compliance concerns anonymously, and it should be made clear that reporting is an integral component of their job responsibilities.
8. Violation Response
Once a violation has been reported, appropriate investigative and remedial measures must be undertaken promptly. These efforts should generally be overseen by the hospital’s compliance officer, who should also be tasked with conducting (or managing) routine compliance audits and assessments. In some cases, hospitals may have an obligation to report violations to CMS, the OIG, or other agencies. If this is the case, an appropriate disclosure should be promptly prepared with the assistance of the hospital’s compliance counsel.
We have touched on recordkeeping, but it bears repeating: When it comes to defending against a federal health care fraud audit or investigation, thorough documentation can be essential to avoiding substantial financial liability and other penalties. Hospitals’ federal health care compliance programs should include comprehensive recordkeeping provisions, and the importance of adequate recordkeeping should be emphasized to personnel at all levels of the organization.
10. Defense of Audits and Investigations
Finally, in the event of an audit or investigation, the hospital’s compliance program should serve as both a resource for responding to auditors and investigators and as the key source of evidence against any potential allegations of noncompliance. The compliance program should include protocols for engaging defense counsel, assembling a response team, preserving records, and executing other key defense measures, and it should instill confidence that any allegations of billing fraud, Anti-Kickback Statute violations, or other compliance issues will be resolved in the hospital’s favor.
Speak with a Federal Health Care Compliance Lawyer at Oberheiden, P.C.
Our federal health care compliance lawyers are available to speak with hospital administrators and executives across the country regarding their facilities’ compliance obligations. If you have questions and would like to speak with a member of our compliance team in confidence, please call (214) 692-2171 or request a free initial consultation online today.