//>*/-->

Exclusion Screening-OIG Screening: The New “Seventh Element” of Compliance.

 Exclusion Screening-OIG Screening(May 17, 2017): Exclusion screening-OIG screening duties are now more important than ever before!  The recently issued Resource Guide for Measuring Compliance Program Effectiveness,” a product of Office of Inspector General staff and compliance professionals roundtable discussions, reconfigures the traditional “Seven Elements of an Effective Compliance Program” by making the “Screening and Evaluation of Employees, Physicians, Vendors and other Agents” an element unto itself – or the new Seventh Element of Compliance! The Resource Guide, prepared under the auspices of the Health Care Compliance Association (HCCA), serves to once again underscore the critical role of exclusion screening-OIG screening, and background checks in compliance.

Paul Weidenfeld, Counsel at Liles Parker, has recently assessed this important change and provided an overview of the impact this change for the folks at Exclusion Screening.  For a detailed discussion of the statutory requirements of screening, the potential damages that may be assessed in the event of a violation AND your obligations as a provider participating in Medicare or Medicaid, we recommend you see the article on Exclusion Screening’s website.  This article may be accessed by clicking here.

Paul Weidenfeld is a Partner at Liles Parker, Attorneys & Counselors at Law.  Our attorneys are experienced and knowledgeable of your obligations under the law to conduct periodic “Exclusion Screening-OIG Screening” duties.  For a free consultation, please call: 1 (800) 475-1906.-

OIG Proposes New Anti-Kickback Law Safe Harbors

(November 10, 2014): The U.S. Department of Health and Human Services Office of Inspector General (“OIG”) recently published a Proposed Rule that would amend the safe harbor regulations under the Federal Anti-Kickback statute[1] (“AKS”) as well as add new safe harbors. The Proposed Rule would also establish new exceptions to the Civil Monetary Penalty (“CMP”) statute related to the beneficiary inducement CMP.[2] OIG will accept comments on the Proposed Rule by mail or electronically until December 2, 2014 at 5 p.m. (Eastern).

I.  The Anti-Kickback Statute and Safe Harbor Regulations:

The AKS provides criminal penalties for individuals or entities that knowingly and willfully offer, pay, solicit, or receive remuneration in order to induce or reward the referral of business reimbursable under Federal health care programs. The types of remuneration covered specifically include, but are not limited to, kickbacks, bribes, and rebates, whether made directly or indirectly, overtly or covertly, in cash or in kind. Additionally, prohibited conduct includes not only the payment of remuneration intended to induce or reward referrals of patients, but also the payment of remuneration intended to induce or reward the purchasing, leasing, or ordering of, or arranging for or recommending the purchasing, leasing, or ordering of, any good, facility, service, or item reimbursable by any Federal health care program.

Due to the broad reach of the statute, interested parties expressed concern that some relatively innocuous commercial arrangements would be covered by the statute. This could, in turn, potentially subject entities to unwarranted criminal prosecution. As a result, Congress drafted certain “Safe Harbor” provisions. These regulations describe various payment and business practices that, although they potentially implicate the Federal AKS, are not treated as offenses under the statute.

II.  Changes to the Anti-Kickback Statute:

The Proposed Rule would modify certain existing safe harbors under the AKS as well as add new safe harbors that provide new protections or codify certain existing statutory protections. These changes include:

      • A technical correction to existing safe harbor for referral services;
      • Protection for certain cost-sharing waivers, including pharmacy waivers of cost-sharing for financially needy Medicare Part D beneficiaries and waivers for state- or municipality-owned emergency ambulance services;
      • Protection for certain remuneration between Medicare Advantage organizations and federally qualified health centers;
      • Protection for discounts by manufacturers on drugs furnished to beneficiaries under the Medicare Coverage Gap Discount Program; and
      • Protection for free or discounted local transportation services that meet specified criteria.

III.  Changes to the Beneficiary Inducement CMP:

The Beneficiary Inducement CMP statute generally prohibits any person or entity from offering remuneration to a Medicare or Medicaid beneficiary if that remuneration is likely to influence the beneficiary’s selection of a provider. The Proposed Rule would also amend and narrow the definition of “remuneration” to include certain exceptions for the following:

  • Copayment reductions for certain hospital outpatient department services
  • Certain remuneration that poses a low risk of harm and promotes access to care;
  • Coupons, rebates, or other retailer reward programs that meet specified requirements;
  • Certain remuneration to financially needy individuals; an
  • Copayment waivers for the first fill of generic drugs.

OIG also proposes to codify the gainsharing CMP[3]. The gainsharing CMP prohibits a hospital from knowingly paying, either directly or indirectly, a physician to induce the physician to reduce or limit the services provided to Medicare or Medicaid beneficiaries under the physician’s direct care. The Proposed Rule would narrow the prohibition in light of today’s health care landscape, which focuses on “accountability for providing high quality care at lower costs.”

IV.  Conclusion:

Health care providers should be interested in the Proposed Rule and make comments as necessary. The Proposed Rule makes pertinent changes to the AKS Safe Harbors and CMP laws that should give providers greater leeway to enter into beneficiary arrangements without fear that they will be subject to criminal penalties under the statutes. In a sense, the Proposed Rule follows OIG’s ongoing efforts to adopt regulations that promote lower costs and greater health care services while protecting patients and federal health care programs from fraud and abuse.

As a provider, if you have any questions about the current regulations found within the Anti-Kickback Statute or the proposed changes, please do not hesitate to give us a call today. We would be more than happy to assist you so that you remain compliant with all federal and statute regulations regarding potentially fraudulent activity.

Saltaformaggio, RobertRobert Saltaformaggio, Esq., serves as an Associate at Liles Parker, Attorneys & Counselors at Law.  Liles Parker attorneys represent health care providers and suppliers around the country in connection with Medicare audits by RACs, ZPICs and other CMS-engaged specialty contractors.  The firm also represents health care providers in HIPAA Omnibus Rule risk assessments, privacy breach matters, State Medical Board inquiries and regulatory compliance reviews.  For a free consultation, call Robert at:  1 (800) 475-1906

[1] 42 U.S.C. § 1320a-7b(b).

[2] 42 U.S.C. § 1320a-7a.

[3] 1128A(b)(1) of the Social Security Act.

CMS Proposes Changes to Medicare Home Health Benefit Face-to-Face Encounter Requirement

Multiple Patient Record(July 18, 2014):The Centers for Medicare & Medicaid Services (CMS) has proposed several changes to the Medicare Home Health Prospective Payment System (HH PPS). Medicare pays Home Health Agencies (HHAs) through the PPS and pays higher rates for services furnished to beneficiaries with greater needs. One of the proposed changes to the HH PPS involves the face-to-face encounter requirements.

I. Requirement of a Face-to-Face Encounter

The Affordable Care Act (ACA) requires that a certifying physician or allowed non-physician provider (NPP) must have a face-to-face encounter with a patient before certifying the beneficiary’s eligibility for the home health benefit. The face-to-face encounter has to happen 90 days before care begins or up to 30 days after care began. The certification needs to be accompanied by documentation of the encounter, and this documentation has had to include a narrative explaining why the clinical findings of the encounter support that the patient is homebound and in need of skilled services. CMS is proposing three changes to the face-to-face encounter requirements:

  1. Eliminating the narrative requirement. The certifying physician would still be required to certify that a face-to-face patient encounter occurred. The physician will also still need to document the date of the encounter as part of the certification of eligibility, but a narrative justifying the patient’s need for home services will no longer be necessary.
  2. Only considering medical records from the patient’s certifying physician or discharging facility. In determining initial eligibility for the Medicare home health benefit, documentation will be limited to records from the beneficiary’s certifying physician or discharging facility.
  3. Considering the physician claim for certification/re-certification a non-covered service. If the HHA claim was non-covered because the patient was ineligible for the home health benefit, the physician claim for certification/re-certification of eligibility for home health services (not the face-to-face encounter visit) will be considered a non-covered service.

II. Documenting Requirements from Medical Records

The second proposal addresses questions which have been raised regarding which documents can be used to document a patient’s eligibility for the Medicare home health benefit. The new rule would only consider medical records from the patient’s certifying physician or discharging facility. Previously, face-to-face encounter documentation could include notes from multiple encounters that took place with multiple physicians and NPPs during an acute stay. It is uncertain how the new proposal will change this as the proposal does not specify what will constitute sufficient documentation. CMS does not require a specific form or format for the communication or documentation of the face-to-face encounter, regardless if a NPP, certifying physician, or the physician who cared for the patient in the acute or post-acute setting had the face-to-face encounter. What CMS does need to see is that the clinical findings that support the eligibility of the patient for home health are reflective of the patient’s condition upon discharge. Previously, a certifying physician could use documentation from the informing physician or NPP as his or her documentation of the face-to-face encounter, as long as he signed and dated the documentation, representing that he received that information from the physician who performed the face-to-face encounter, and that he is using that discharge summary or documentation as his documentation of the face-to-face encounter. It is unclear whether this process will be sufficient under the proposed rule. III. Conclusion In 2013, home health services cost Medicare approximately $18 billion. The goal of the proposed rule is to reduce payments for home health services. In addition to lowering costs and simplifying the face-to-face encounter regulatory requirements, other proposed changes include updating the HH PPS case-mix weights, revising the home health quality reporting program requirements, simplifying the therapy reassessment timeframes, revising the Speech-Language Pathology (SLP) personnel qualifications, and limiting the reviewability of the civil monetary penalty provisions.  CMS will accept comments on the proposed rule until Sept. 2, 2014, and if adopted the rule will take effect next year.

Robert Liles represents health care providers in RAC and ZPIC appeals.Robert W. Liles, Esq., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law.  Liles Parker attorneys represent dentists, orthodontists, and other health care providers around the country in connection with both regulatory and transactional legal projects. For a free consultation, call Robert at (800) 475-1906.

HIPAA Risks of Breach: Windows XP Will No Longer be Supported by Microsoft

February 5, 2014 by  
Filed under Compliance

Overworked tired doctor at computer(February 5, 2014):  Has your practice addressed the latest HIPAA risks of breach that have been identified?  As discussed below, health care providers must take immediate remedial action if they are currently running Windows XP on one or more of their office computers. 

Why is this action necessary?  Because after April 8, 2014, Microsoft will no longer promulgate security updates or patches for this operating system. As a result, any computer running this outdated software system will effectively be non-compliant with HIPAA and HITECH regulations.

I.   Windows XP Support Ends April 2014:

Historically, Windows XP has been one of Microsoft’s most popular operating systems. It was first released in August 2001 and is still widely used on personal computers in both homes and business environments.  In fact, many health providers continue to use Windows XP on their workstations as part of a multi-faceted system that integrates electronic hardware, software, medical devices and the internet.

Unfortunately, as computers and the internet have become an integral part of the health care industry, Windows XP based computer systems and work stations have become a likely target for malicious activity. To combat these problems and protect users from cyber threats, Microsoft has customarily provided technical support for its software products for a period of years after the product’s release. Generally, this support comes in the form of a “service pack” and includes a collection of updates, fixes, or enhancements to a software program or operating system that is delivered in the form of a single installable package.

In the case of Windows XP, the software product has been out more than a decade and multiple newer versions of Windows have been released during period.  As a result, Microsoft has announced that after April 8, 2014, Windows XP will no longer be supported.   From a practical standpoint, this means that health care providers and other customers who still operate computers utilizing Windows XP will no longer receive new security updates, non-security hotfixes, free or paid support or online technical content updates. Any new vulnerabilities identified in the Windows XP operating system after April 8th will remain unaddressed by Microsoft.  Therefore, it will likely be easier for computer hackers to successfully infiltrate and exploit any Windows XP-based operating system via unpatched or non-secure vulnerabilities.

II. After April 2014, Providers Relying on Windows XP Systems will Have Another HIPAA Risk:

The Health Insurance Portability and Accountability Act (HIPAA) was enacted by Congress on August 21, 1996.  HIPAA regulates the availability and exchange of “Protected Health Information” (PHI) and helps prevent the unlawful release of patient medical information. The statute also helps to reduces instances of health care fraud, abuse, and sets standards for industry-wide billing procedures.  Under HIPAA, health care providers are obligated to take a wide range of steps designed to secure and protect PHI.

Both a “Privacy Rule” and a “Security Rule” are covered under HIPAA. These rules apply to “Covered Entities,” which include health plans, health care clearinghouses such as billing services, and health care providers that transmit health data in a way that is regulated by HIPAA. The Privacy Rule and the Security Rule have been designed to protect patient privacy and set standard procedures for the security of electronic PHI (e-PHI). Together, these two rules establish national standards for ensuring that a patient’s health information is kept confidential and secure.

Subsequent to the passage of HIPAA, Congress enacted the Health Information Technology for Economic and Clinical Health (HITECH) Act in 2009.  HITECH was created to encourage the adoption of electronic health records (EHR) and other support technology. Notably, the law also:

  • Expanded the obligations of physicians and other health care providers under HIPAA to protect patient’s PHI.
  • Extended the Privacy and Security Rules to business associates of the covered entities who have access to the PHI.
  • Increased the penalties for violations of those obligations under the rules. 

For health care providers who still utilize Windows XP-based computer systems, the decision by Microsoft to terminate its technical support of the software is very problematic.  Since Windows XP is no longer supported by Microsoft, any computer operating this system will be more susceptible to HIPAA risks of breach and / or other security risks.

III.  What Actions Should Health Care Providers Utilizing Windows XP Systems Take?

Many large health care provider organizations are already aware of this security concern and have implemented new operating systems.  However, many small to mid-sized health care providers have only recently learned of Microsoft’s support termination decision.  To the extent possible, these health care providers should examine their computer systems and determine whether their current Windows XP operating system can be upgraded to a more recent operating system, such as Windows 7 or Windows 8.  st now be realizing this monumental change. For these providers, they should immediately begin to transition their operating systems to more modern systems, such as Windows 7 or Windows 8.  Unfortunately, many older computer systems may not support an operating system upgrade. As a result, a health care provider may have to completely replace one or more of his office computer systems.  While replacement will be expensive, it will still be far cheaper than the monetary penalties that a provider may face if a HIPAA breach occurs due to the provider’s continued use of a computer running Windows XP.

Health care providers should immediately determine whether their practice’s Compliance Officer has conducted a review of the organization’s computers (and associated operating systems) to ensure that after April 8th the equipment will still be HIPAA / HITECH compliant.  If Windows XP based systems are still in use, a transition strategy should be identified and implemented.

IV.  Conclusion — Reducing the HIPAA Risks of Breach in Your Practice:

Importantly, the Windows XP operating system issue is merely one of many privacy concerns  that must be addressed by a practice’s Compliance Officer.  The failure of a health care provider recognize and address the Windows XP security risk can lead to a  breach of PHI and a possible privacy compliance audit by the Office for Civil Rights (OCR).  Depending on the facts, an OCR audit can lead to the imposition of civil monetary penalties (CMPs).

All health care providers should affirmatively review the mandatory requirements under the HIPAA and HITECH laws.  Frankly, there is no valid excuse for a covered entity not to have already conducted a proper risk assessment of its practice. Appropriate safeguards to protect individual patient PHI must be instituted to ensure that a breach does not occur.  Don’t let the theft of PHI through an obsolete operating system be the first time you assess the safety and security of your PHI. Taking measures to implement an effective compliance plan NOW is just your first step. In doing so, you can better ensure that your continuing obligation to fully comply with applicable statutory and regulatory requirements are being met.  Need help setting up your Compliance Plan or in conducting a HIPAA Omnibus Rule risk assessment?  Give us a call.

Robert W. Liles is a health care attorney experienced in handling prepayment reviews and audits.Robert W. Liles, Esq., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law.  Liles Parker attorneys represent health care providers and suppliers around the country in connection with Medicare audits by ZPICs and other CMS program integrity contractors.  The firm also represents health care providers in HIPAA Omnibus Rule risk assessments, privacy breach matters, State Medical Board inquiries and regulatory compliance reviews.  For a free consultation, call Robert at:  1 (800) 475-1906.

Disability Discrimination Cases are Being Pursued by the Office of Civil Rights.

Disability Discrimination Cases are Being Pursued by OCR.

(July 19, 2013):  Health care providers choosing to participate in Medicare, Medicaid and other Federal health benefits programs are obligated to comply with a wide range of statutory and regulatory requirements.  The primary issues most cited in connection with these obligations include those involving questions of medical necessity and / or coverage, coding and billing requirements and documentation mandates.  Health care providers are also required to comply with applicable employment laws, OSHA safety requirements, and with the medical records privacy rules of HIPAA and HITECH.  Collectively, these laws and regulations represent a significant challenge for many small and mid-sized health care providers and organizations.  Nevertheless, it is essential that all health care providers also keep in mind that Federal law also prevents participating providers from engaging in disability discrimination.

 I.  Regulatory Requirements Governing Participating Providers:

Pursuant to Section 504 of the Rehabilitation Act of 1973, as amended (Act), and its implementing regulations, 45 C.F.R. Parts 81 and 84.1, health care providers participating in programs receiving Federal funding cannot refuse to treat a patient on the basis of the patient’s disability. At first blush, you may find it hard to imagine how (or why) a health care provider would ever even consider refusing to care or treat a disabled patient because of the patient’s disability.  The case outlined below provide a stark example of how disability discrimination can result in serious administrative sanctions being pursued against a health care provider.

II.         Overview of a Recent Case:

The following summarizes the allegeg acts which gave rise to an enforcement action by the Department of Health and Human Services (HHS), Office of Civil Rights (OCR):

  • A California physician who practices neurological surgery (surgeon) examined a patient covered by “MediCal,” California’s Medicaid program.  Medi-Cal is jointly financed by Federal and State funds.

  • The patient suffered from hip and back pain and was referred to this surgeon for evaluation and treatment by his primary care physician.

  • After examining the patient, the surgeon recommended that the patient undergo surgery. The patient then agreed to seek pre-authorization for the procedure by Medi-Cal.

  • The surgeon subsequently learned that the patient was reported to be HIV positive.

  • The patient was recalled by the surgeon and was asked if, in fact, he was HIV positive.  When the patient responded affirmatively, the neurological surgeon then reportedly advised the patient that he would be unable to perform the surgery and recommended that the patient seek to have the procedure performed at the county hospital.

  • The neurological surgeon then discharged the patient from his practice “and, in correspondence advising the referring physician that he had done so, specifically mentioned that the young man was HIV-positive.”

(For a more detailed discussion of the facts in this case, you may wish to review the decision of the HHS Departmental Appeals Board).

A discrimination complaint was subsequently filed against the surgeon by the patient with OCR.  Consistent with applicable regulations, OCR is documented as having tried “to the fullest extent practicable,” to obtain the surgeon’s cooperation.  See 45 C.F.R. § 80.6(a).

Once it concluded that an information resolution of this discrimination complaint would not be forthcoming, OCR recommended that the HHS take action to suspend or terminate the recipient’s federal financial assistance. See 45 C.F.R. § 80.8(c).

On or about August 2, 2012, that is precisely what occurred.  An Administrative Law Judge (ALJ) for the HHS’ Departmental Appeals Board determined that the surgeon’s:

“lack of cooperation establishes that he will not voluntarily comply with the Act and regulations and that OCR will not be able to assure his compliance by informal means. Termination of his federal financial participation is therefore an appropriate remedy for his refusal to comply voluntarily. 45 C.F.R. § 80.8(c).” 

In reaching this conclusion, the ALJ then ordered:

“I therefore order that the responsible HHS officials suspend, terminate, refuse to grant or continue [Surgeon’s] Federal financial assistance, until he satisfies those officials that he will comply with the Act and regulations. As a review of the record shows, it appears that OCR made multiple settlement overtures to resolve the complaint with the surgeon but that its efforts were ultimately unsuccessful.”

III.  Disability Discrimination Lessons Learned:

As a review of the Opinion issued by the Departmental Appeals Board will show, OCR diligently attempted to resolve this issue with the surgeon informally, prior to taking this case forward.  Now that the surgeon has been effectively suspended from receiving Federal funds, he is effectively barred from treating Medi-Cal patients.  While additionals sanctions involving Medicare and other Federal health benefits programs could later take place, no discussion of these programs is covered in the ALJ’s opinion.  Nevertheless, what are some of the potential actions that could conceivably take place in the future?

(1)    From a public relations standpoint, this action could be disastrous for a health care provider’s practice.  

(2)   Depending on how the action is worded and how it is perceived by State licensure officials, this action could result in an investigation and possible sanctions by a State Medical Board.

(3)   Most, if not all, private payors require that health care providers give them written notice of any adverse actions taken by another payor within 30 – 60 days.  This action could therefore result in the proposed de-credentialing of the surgeon from one or more private plans.   

(4)   Many hospitals require that a health care provider be a participating provider in the Medicare and / or Medicaid programs in order for them to receive admitting privileges in their institution.  An adverse action such as this against a provider’s Medicaid status could result in action being taken by hospitals where the provider is privileged. 

Notably, the decision in this case is not the same as an exclusion action.  In fact, the way it is worded almost implies that if the surgeon takes remedial action, his Medi-Cal eligibility will be reinstated.

As a final point, this case clearly illustrates OCR’s emergence as an enforcement agency to be reckoned with.  While prior administrative enforcement sanctions have focused on Civil Monetary Penalties (CMPs), this action effectively suspends a health care provider’s ability to participate in Medicaid, short of seeking a permissive exclusion action against the provider.

From a regulatory standpoint, this case can serve as a real-life example of the importance of developing and implementing a comprehensive, effective Compliance Program.

Robert W. Liles is a health care attorney experienced in handling prepayment reviews and audits.Robert W. Liles, J.D., M.B.A., M.S., serves as Managing Partner at Liles Parker PLLC, a boutique health law firm with offices in Washington, DC, Texas and Louisiana.  Liles Parker attorneys represent health care providers around the country in compliance, regulatory and peer review related actions.  Should you need assistance, feel free to give us a call.  Call Robert for complimentary initial consultation at:  1 (800) 475-1906.

 

 

 

ICD-10 Will be Here Soon. Is Your Practice Ready?

Is your practice prepared to make the transition to ICD-10?(June 14, 2013):  Despite experiencing a couple of false starts, it now appears that ICD-10 is here to stay, and there are expected to be further.  Why are providers being required to transition over from ICD 9?  Unfortunately, ICD-9 is considered to be outdated and some its categories are literally beyond their useful capacity.  Regardless of your feelings regarding transition, many experts believe that the move the ICD-10 will be one of the biggest changes in healthcare to occur in the last 30 years. Frankly, most practice managers and treating providers across the United States simply don’t know where to start with the ICD-10 implementation process. The clock is ticking. According to the CMS timeline, health care providers should already be conducting internal claims testing.  Have you taken this first step?  From our discussions with providers, it appears that the average practice today does not even know the first step to getting started with ICD-10 implementation.

I.     We Can Learn from the Mistakes of Early Adopters of ICD-10:

Notably, the United States and Italy are the only industrialized countries in the World not using ICD-10. Many countries have been using ICD- 10 for almost a decade.  Their experiences will prove invaluable as our providers move to ICD-10. Their advice?

  • Don’t wait to the last minute to begin your preparations. Prepare early.

  • Now is the time to examine your documentation practices.  Will they be sufficient to permit the detailed coding required by ICD-10?

  • The failure to fully prepare will directly hit your bottom line.  In 2014, ICD-10 will be one of the cornerstones for getting paid.

II.  How Long Does it Take to Transition Over to ICD-10?

An ICD-10 transition expert we work with, Lisa Asbell, R.N., estimates that it can take a practice up to 500 hours to transition properly. . Lisa is the President of TrainRX.  Her transition training website is located at: www.trainrx.net Notably, Lisa has estimated that If you were to start today and break that down over the next 16 months, chances are you will be okay with the clock runs out on October 1, 2014. If you don’t get serious about transition now, there is a chance that your practice won’t survive the transition.

III.  How Do You Get Started?

What are the first steps to get started:

  • The first thing you need to do is convert your most frequently used diagnosis codes from ICD-9 to ICD-10.

  • Next, perform chart reviews to see if all of the newly required documentation elements for ICD-10 are in the chart. Is there enough information for you to submit the correct ICD-10 code? If there is, great that is a good start. If you don’t have enough information, then you know that your providers will need more education.  While is only the first of many, many steps in transitioning over to ICD-10, it’s a solid start!

IV.   Can You Handle the ICD-10 Transition Without Help?

Depending on when you initiate your transition and level of coding expertise in your practice, you may or may not need outside assistance. On estimate has placed the overall cost of transition at $60,000-$80,000 for a five provider practice. That number includes training, lost productivity and the expenses associated with hiring part-time staff during the period of transition. It does not include any software upgrades or hiring a transition Project Manager. The sooner you begin the process, the lower your overall transition costs will be.

Robert W. Liles is a health care attorney experienced in handling prepayment reviews and audits.Robert W. Liles serves as Managing Partner at Liles Parker.  Liles Parker is a boutique health law firm with offices in Washington, DC, Baton Rouge, LA, Houston, TX and McAllen Texas.  Robert has extensive experience representing health care providers in the areas of regulatory compliance.  Should you need assistance or have questions regarding a health law regulatory issue, call Robert for complimentary consultation.  He can be reached at: 1 (800) 475-1906.   

Does One of Your Employees Suffer from a Chronic Illness or Medical Condition? Consider the ADA When Assessing Their Request for Additional Medical Leave

March 19, 2013 by  
Filed under Compliance

American with Disabilities Act -- ADA

(March 19, 2013):  It’s a fact of life – essentially all us will likely fall ill or develop a chronic medical condition at some point during our employment.  Employees working in physician offices, home health agencies and for Durable Medical Equipment (DME) suppliers are no exception.  When this occurs, owners and managers cannot forget their obligations under the American Disabilities Act (ADA) and its amendments under the Americans with Disabilities Act Amendments Act of 2008 (ADAAA).

I.  A Recent Decision by the EEOC Shows How Important ADA / ADAAA Compliance Can Be:

A recent decision in a Maryland case against a large physician practice illustrates the importance of considering each request for medical leave in a reasonable fashion.  In this case, an employee who suffered from Crohn’s Disease worked as an assistant for the practice, answering phones, scheduling appointments and conducting other administrative duties.  While undergoing treatment for her Crohn’s, she required two weeks of medical leave.  During this period, she went to the emergency room twice and was hospitalized at least once.  When she contacted the company to ask for an additional day (of unpaid leave), she was fired.  The fired employee filed a complaint with EEOC and the case ultimately resulted in a disability discrimination lawsuit being filed against the employer for alleged violations of the ADA Ultimately, the case was settled and the fired individual recovered $92,500.

II.  What Lessons Can You Learn from This ADA Case Settlement?

When assessing this case, the EEOC argued that the employer’s failure to provide a “reasonable accommodation” to the employee was a violation of the ADA.  As the EEOC specifically commented, the employer’s:

“. . . lateness and attendance policy violated the Americans with Disabilities Act, as amended (ADA), because it did not provide for exceptions or modifications to the attendance policy as a reasonable accommodation for individuals with disabilities.”

When it was unable to settle the case prior to filing suit, the EEOC brought an action against the employer for violations of the ADA and the ADAA.  When the case was subsequently settled, the District Director of EEOC’s Philadelphia District Office stated:

“It is not only a good business practice to provide reasonable and inexpensive accommodations that allow employees with disabilities to remain employed, it is required by federal law.”

In addition to the $92,500 settlement, the agreement reached requires that the employer modify its policies to permit the “reasonable accommodation for employees with disabilities.”  Additionally, the medical practice was also required to train all of its supervisory, managerial and human resources personnel on the ADA and post a notice regarding the resolution of the lawsuit at its facilities.  Ultimately, health care providers can avoid these problems entirely if they approach these situations in a reasonable fashion and recognize their obligations under the ADA.

III.   Conclusion.

Compliance with the ADA and other applicable statutes designed to prohibit and prevent employment discrimination of all of types should be an integral part of your Compliance Plan.  These obligations cannot be delegated or dispensed with contractually.  Therefore, we strongly recommend that you examine your personnel practice to help ensure that you are fully complying with the letter and the spirit of the law in this regard.

Robert W. Liles is a health care attorney experienced in handling prepayment reviews and audits.Robert W. Liles is the Managing Member at Liles Parker.  He has extensive experience working on health care employment issues, in both a unionized and a non-unionized environment.  Should you have questions in this regard, please feel free to call Robert for a free consultation.  He can be reached at: 1 (800) 475-1906.

 

Social Media and Healthcare: A Little More Complicated

(June 20, 2012): A few weeks ago, you may have heard our Firm present a webinar on “Healthcare Providers and Social Media: Risks to be Considered.”  Our article here summarizes some of the more important points of that presentation. As an update, we are detailing some new issues to be taken into account by providers when incorporating social media risk issues into your Compliance Plan. As we will discuss, different governmental regulatory bodies have recently released conflicting guidance that could make your social media compliance policy very difficult to implement and enforce.

I.  Social Media and Healthcare Recent Developments:

While each of you are well aware of the many privacy provisions set out under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), along with its obligations to secure and protect certain types of patient health information, this ongoing obligation has recently become significantly more complicated by the rise in social media use by patients, employees, competitors and referral sources. In fact, the intersection of social media and healthcare has perplexed many providers in terms of “best practices” for HIPAA compliance.

To make matters worse, other non-HHS governmental regulatory bodies are issuing guidance which (at first glance) appears to stand at odds with a number of HIPAA’s accepted practices, leaving many healthcare providers caught in the middle. For instance, the National Labor Relations Board (NLRB), under the authority of the National Labor Relations Act (NLRA) of 1935, recently issued guidance regarding what social media policies implemented and enforced by employers are lawful. Prior to this guidance, the simple answer for healthcare providers regarding social media was simply to limit access during work and inform employees that any confidential information regarding the company, its business, its patients, or the care it provided, could not be posted online.  In this way, the healthcare provider hoped to protect both its patients and the company itself from any wrongful or inadvertent breaches of protected information. Now, however, a healthcare provider’s Compliance Plan and policies and procedures must be adjusted to account for concerns raised by the NLRB.  As recent case holdings have held, employers are prohibited from restricting an employee’s comments regarding terms and conditions of employment.  Unfortunately, there have been cases where such disclosures were alleged to have ultimately resulted in the breach of a patient’s privacy. Keep in mind, there are 18 elements of Protected Health Information (PHI) and the 18th element is a catch-all category which basically covers any information that might disclose any individual’s identity.  As a result of the NLRB’s ruling, healthcare providers will need to take care when drafting their social media policy to better ensure that it hits that “sweet spot” in between limiting usage of social media for HIPAA and allowing usage of social media for NLRA purposes.

This is a delicate balance, and providers would be well cautioned to review their current policies for adherence to labor and employment issues, in addition to the regular compliance risks normally facing healthcare entities. The last thing you want is to be stuck with disgruntled employees who file a complaint with the NLRB.

II.  What Types of Policies Should I Avoid?

The relevant law regarding this issue is contained in Sections 7 and 8(a)(1) of the NLRA, which state:

Sec. 7 – Rights of Employees Employees shall have the right to self-organization, to form, join, or assist labor organizations, to bargain collectively through representatives of their own choosing, and to engage in other concerted activities for the purpose of collective bargaining or other mutual aid or protection, and shall also have the right to refrain from any or all such activities except to the extent that such right may be affected by an agreement requiring membership in a labor organization as a condition of employment as authorized in section 8(a)(3).

Sec. 8. – Unfair Labor Practices – (a) It shall be an unfair labor practice for an employer –

(1) to interfere with, restrain, or coerce employees in the exercise of the rights guaranteed in section 7 . . .

There are some takeaways from the NLRB guidance, however. Specifically, it is important to have a policy which does not infringe upon or “chill” the employee’s right to discuss their terms and conditions of employment both inside your company and with third-parties (i.e. their family, friends, or the NLRB). To do this, social media policies must not be overbroad or unduly restrictive, and should have limiting language and specific examples which put any social media restrictions in context. For instance, you might caution employees about the effects of HIPAA on social media usage, and the risks to an employee both personally and professionally for unauthorized disclosure of protected health information. As well, you might describe prior examples of social media usage that resulted in a HIPAA violation, so that employees would not reasonably think that the policy is intended to restrict their ability to discuss their terms and conditions of employment.Initially, the idea that an overly-restrictive social media policy would have anything to do with employees organizing  or collectively bargaining might be far-fetched or tangential. But think about the impact of social media tools in other types of protests around the world. For instance, in the “Arab Spring,” students and young people used social media tools to coordinate protests, recruit volunteers, and make their ideas known far and wide. While on the other side of the globe, this is exactly the same type of activity that protesters and picketers might utilize in the United States. And like it or not, that is the type of activity the NLRA and NLRB is designed to protect.

Admittedly, this has muddied the waters even further. Restrictions on what you can and can’t do as a healthcare provider are becoming more complex every day, and that is why it is important to have an effective compliance plan in your practice. It’s also important to seek advice regarding these issues from a qualified healthcare attorney who understands both these confusing questions and your business.  When in doubt, get assistance from your qualified healthcare counsel.

Robert Liles

Robert W. Liles is the managing member of Liles Parker PLLC, in our Washington, D.C. office. Robert  provides representation of healthcare providers in Medicare and Medicaid audits and appeals, trains healthcare professionals on compliance issues, and drafts and implements Compliance Plans for healthcare providers. For a complimentary consultation regarding your case, call Robert today at: 1 (800) 475-1906.

Medicaid Therapy Services in Texas Must Comply With HHSC Rules.

Medicaid Therapy Services Audit(May 2, 2012): Recognizing that many Medicaid therapy services in the state are not in compliance with fraud, waste, and abuse laws, Tom Suehs, the Executive Commissioner for the Texas Health and Human Services Commission (HHSC), issued a reminder last week. Specifically, the Commissioner identified several violations of Texas law in recent months, most notably in South Texas, which prompted such a response.

The Commissioner primarily identified the fact that Medicaid therapy services providers in South Texas were providing services to children without the presence or consent of the child’s parent or legal guardian. This practice violates a Texas law, which prohibits services provided to a child under the age of 15 unless a parent, legal guardian or other properly authorized adult accompanies the child.  The intent of the law is to make sure that an adult can verify that the services were, in fact, provided, and to ensure the safety of the child from medically unnecessary, or even dangerous, procedures.

In addition, transportation of children to and from medical procedures paid through Medicare or Medicaid by providers or those with which they have a business relationship may raise serious concerns, and may possibly implicate the Federal Anti-Kickback Statute, among other laws. Notably, this is a criminal statute. Because of the severity of punishments for non-compliance, it is imperative that Medicaid therapy services providers in Texas, especially South Texas, ensure that their practices fully comply with all applicable rule, regulations, and other guidance.

Implementing an effective compliance plan means more than simply downloading a model plan off of the Internet – instead, an effective compliance plan is one that is individualized to your practice, recognized by your employees, and followed on a daily basis. This may include the use of a gap analysis to assess your documentation practices and evaluate your business relationships for any signs of impropriety. Remember, the government is looking for these things, and they will most likely find them. You need to make sure that your practice can undergo and withstand an audit or other scrutiny.

Robert LilesLiles Parker is a full-service health law firm focusing on regulatory compliance and representing providers in health law and business matters. Our attorneys are highly skilled in designing and implementing effective Compliance Plans for all types of health care providers, including providers of Medicaid therapy services. Moreover, our attorneys are experienced in handling an array of complex health law matters, including the appeal of alleged overpayments to Medicaid. For more information on how we can assist your practice in developing an effective dental compliance plan, call Robert W. Liles, Esq. Robert is a Managing Partner at the Firm and can be reached at 1 (800) 475-1906. Call him today for a free consultation.

100 Involved in Health Care Fraud Arrests

Update (May 3): In total, 107 individuals were charged yesterday in connection with a health care fraud scheme comprising $452 million in false billing. 91 of the accused have been arrested and are in custody.

(May 2, 2012): News outlets are reportingHealth Care Fraud Arrests that approximately 100 people have been arrested and charged with one or more health care fraud schemes involving false billings to Medicare, Medicaid, and other federal health care programs. These health care fraud schemes allegedly resulted in approximately $450 million in fraudulent billings, one of, if not the largest, such busts in the history of federal health care programs. The report goes on to state that arrests were made in seven major metropolitan areas as a  result of an investigation over several months into these issues. CBS is reporting that over 50 of the individuals arrested were in Miami, Florida. Other arrests were made in Los Angeles, Houston, Detroit, Chicago, Tampa Bay, and Baton Rouge. In Baton Rouge, authorities are saying that these arrests were not just the result of several months of investigation, but a capped a six year long process to uncover fraudulent activities. Many of those arrested were allegedly involved in schemes related to the provision of mental health services or home health services.

I. Law Abiding Providers Should Take Note:

Health care providers in the cities where these health care fraud busts occurred should be wary. While HHS-OIG and DOJ have allegedly rooted out criminals from the Medicare program, these events cast a bad light on all providers in these regions. It has been our observation that after a large health care fraud bust such as this, the Zone Program Integrity Contractor (ZPIC) or Recovery Audit Contractor (RAC) for each region enhances their auditing efforts of similar providers. The ZPICs in these regions include SafeGuard Services (Los Angeles, Miami and Tampa), AdvanceMed Corporation (Baton Rouge) and Health Integrity (Houston). All of the ZPICs are capable, aggressive, and will critically audit a provider’s claims for both technical deficiencies and lack of medical necessity issues.

II.  It is Essential That You Develop and Implement an Effective Compliance Program:

Despite the federal government taking health care fraud wrongdoers off of the streets, ZPICs and RACs will likely step up enforcement efforts for other providers. It is therefore imperative that you establish and follow an effective compliance plan in your practice or facility as soon as possible. You should conduct a gap analysis to review your documentation practices, business operations, and relationships with referral sources, suppliers, and other providers. These issues are too important at this point to ignore. Moreover, if you have received a letter from a ZPIC or RAC, it is not something to fool around with or ignore. These entities will often review a sample of claims, deny many or all of those claims, and then extrapolate those findings onto a one or two year universe. This results in alleged overpayments to providers, sometimes in the millions of dollars. If you have received one of these letters, call us today to learn more about the process and your rights and responsibilities.

Liles Parker is a full-service law firm with offices in Washington, DC, Baton Rouge, Houston, and San Antonio. We provide nationwide representation of health care providers in a variety of administrative and other matters, including administrative appeals of ZPIC, RAC, MAC, MIC and Medicaid RAC overpayment determinations. In addition, we provide compliance plan drafting and implementation, compliance training for office staff, and mock audits. For more information, call us today at 1 (800) 475-1906 for a free consultation.

Next Page »