Liles Parker PLLC
(202) 298-8750 (800) 475-1906
Washington, DC | Houston, TX
San Antonio, TX | Baton Rouge, LA

We Defend Healthcare Providers Nationwide in Audits & Investigations

Exclusion Screening-OIG Screening: The New “Seventh Element” of Compliance.

 Exclusion Screening-OIG Screening(May 17, 2017): Exclusion screening-OIG screening duties are now more important than ever before!  The recently issued Resource Guide for Measuring Compliance Program Effectiveness,” a product of Office of Inspector General staff and compliance professionals roundtable discussions, reconfigures the traditional “Seven Elements of an Effective Compliance Program” by making the “Screening and Evaluation of Employees, Physicians, Vendors and other Agents” an element unto itself – or the new Seventh Element of Compliance! The Resource Guide, prepared under the auspices of the Health Care Compliance Association (HCCA), serves to once again underscore the critical role of exclusion screening-OIG screening, and background checks in compliance.

Paul Weidenfeld, Counsel at Liles Parker, has recently assessed this important change and provided an overview of the impact this change for the folks at Exclusion Screening.  For a detailed discussion of the statutory requirements of screening, the potential damages that may be assessed in the event of a violation AND your obligations as a provider participating in Medicare or Medicaid, we recommend you see the article on Exclusion Screening’s website.  This article may be accessed by clicking here.

Paul Weidenfeld is a Partner at Liles Parker, Attorneys & Counselors at Law.  Our attorneys are experienced and knowledgeable of your obligations under the law to conduct periodic “Exclusion Screening-OIG Screening” duties.  For a free consultation, please call: 1 (800) 475-1906.-

OIG And DOJ Issue Important New Compliance Guidance

Compliance Guidance

(April 14, 2017) Recently, the Office of Inspector General of the United States Department of Health and Human Services (OIG) and the Criminal Division of the Fraud Section at the United States Department of Justice (DOJ) have issued guidance on measuring the effectiveness of corporate compliance programs.  In February, DOJ placed on its website a document entitled “Evaluation of Corporate Compliance Programs.”  That document lists 119 sample questions that DOJ’s Fraud Section has in the past found relevant in its evaluation of the effectiveness of corporate compliance programs for the purpose of deciding whether to prosecute cases, and in recommending sentences for criminal violations.  These questions are separated into eleven (11) topic areas: analysis and remediation of underlying conduct, senior and middle management, autonomy and resources, policies and procedures, risk assessment, training and communication, confidential reporting and investigation, incentives and disciplinary measures, continuous improvement, periodic testing and review, third-party management, and mergers and acquisitions.  While not specifically addressing health care organizations, per se, the guidance is highly relevant to organizations and practices since they are questions that Federal prosecutors will be asking when evaluating compliance programs in any criminal investigation.  The guidance can be reviewed in its entirety at https://www.justice.gov/criminal-fraud/page/file/937501/download.

Even more recently, on March 27 of this year, OIG published a parallel and more inclusive document focused specifically on the health care industry, “Measuring Compliance Program Utilization – A Resource Guide.” The Guide, which is 52 pages in length, sets out a checklist of questions broken down into seven standards based on the standard seven elements of an effective compliance programs, and further broken down into various subcategories under each element.  The guidance is the product of a round table on January 2017 that brought together a group of compliance professionals and staff from OIG “to discuss ways to measure the effectiveness of compliance programs.”  While the guidance is clear that it is not a “one size fits all,” it provides a number of ideas of “what to measure” and “how to measure” these programs, and should be mandatory reading for all compliance officers in organizations, whether a small physician’s office or a large hospital system or health care organization.  The guidance can be accessed at https://oig.hhs.gov/compliance/101/files/HCCA-OIG-Resource-Guide.pdf.

Liles Parker attorneys, and frankly any knowledgeable attorney who specializes in health care, have for many years advised clients that is essential to establish a compliance program that is implemented effectively.  Among other things, an effective compliance program establishes the culture of compliance for an organization in following the law, that should demonstrate an ethos from the top down through every employee and professional.  It also provides management with the opportunity to detect and correct problems and potential issues before they either emerge or become widespread. Many, if not most, whistleblower lawsuits are the result of employees feeling that their concerns, when reported internally, were not investigated.

Moreover, Congress has mandated compliance plans for skilled nursing facilities and the revised requirements of participation require them for both nursing and skilled nursing facilities so that the effectiveness of these programs will become part of the survey process.  And, if an investigation arises, the conversation with enforcement agencies is dramatically different when an organization can demonstrate that it has an effective program as opposed to no program, or one that sits on a shelf.

One of the criteria that OIG has had for determining whether a compliance program is effective is whether the organization measures the effectiveness of its program, itself.  At a minimum, every organization should do this once per year.

Finally, in September 2015, DOJ issued a memorandum entitled “The Individual Accountability for Corporate Wrongdoing.”  Among other things, the memorandum, referred to as the Yates Memo,” instructs prosecutors and investigators to hold highly placed individuals within an organization accountable for the organization’s misconduct.  Prior to the issuance of the Yates memo, those of us involved as defense counsel in investigations were frequently able to obtain releases for individual members of an organization in settlements of civil and administrative investigations.  Since the issuance of the Memo, releases of individuals now occur on only the rarest of occasions.

Conclusion

For all of these reasons, it is imperative that every health care provider establish an effective compliance program and that it periodically measure the effectiveness of that program.  These guidances provide important and helpful information in how to accomplish that result.

Compliance GuidanceLiles Parker attorneys have extensive experience in developing compliance programs, providing compliance guidance, and working with clients in investigations.  Clients having questions related to these issues should contact Michael Cook at (202) 298-8750, mcook@lilesparker.com

 

OIG Proposes New Anti-Kickback Law Safe Harbors

(November 10, 2014): The U.S. Department of Health and Human Services Office of Inspector General (“OIG”) recently published a Proposed Rule that would amend the safe harbor regulations under the Federal Anti-Kickback statute[1] (“AKS”) as well as add new safe harbors. The Proposed Rule would also establish new exceptions to the Civil Monetary Penalty (“CMP”) statute related to the beneficiary inducement CMP.[2] OIG will accept comments on the Proposed Rule by mail or electronically until December 2, 2014 at 5 p.m. (Eastern).

I.  The Anti-Kickback Statute and Safe Harbor Regulations:

The AKS provides criminal penalties for individuals or entities that knowingly and willfully offer, pay, solicit, or receive remuneration in order to induce or reward the referral of business reimbursable under Federal health care programs. The types of remuneration covered specifically include, but are not limited to, kickbacks, bribes, and rebates, whether made directly or indirectly, overtly or covertly, in cash or in kind. Additionally, prohibited conduct includes not only the payment of remuneration intended to induce or reward referrals of patients, but also the payment of remuneration intended to induce or reward the purchasing, leasing, or ordering of, or arranging for or recommending the purchasing, leasing, or ordering of, any good, facility, service, or item reimbursable by any Federal health care program.

Due to the broad reach of the statute, interested parties expressed concern that some relatively innocuous commercial arrangements would be covered by the statute. This could, in turn, potentially subject entities to unwarranted criminal prosecution. As a result, Congress drafted certain “Safe Harbor” provisions. These regulations describe various payment and business practices that, although they potentially implicate the Federal AKS, are not treated as offenses under the statute.

II.  Changes to the Anti-Kickback Statute:

The Proposed Rule would modify certain existing safe harbors under the AKS as well as add new safe harbors that provide new protections or codify certain existing statutory protections. These changes include:

      • A technical correction to existing safe harbor for referral services;
      • Protection for certain cost-sharing waivers, including pharmacy waivers of cost-sharing for financially needy Medicare Part D beneficiaries and waivers for state- or municipality-owned emergency ambulance services;
      • Protection for certain remuneration between Medicare Advantage organizations and federally qualified health centers;
      • Protection for discounts by manufacturers on drugs furnished to beneficiaries under the Medicare Coverage Gap Discount Program; and
      • Protection for free or discounted local transportation services that meet specified criteria.

III.  Changes to the Beneficiary Inducement CMP:

The Beneficiary Inducement CMP statute generally prohibits any person or entity from offering remuneration to a Medicare or Medicaid beneficiary if that remuneration is likely to influence the beneficiary’s selection of a provider. The Proposed Rule would also amend and narrow the definition of “remuneration” to include certain exceptions for the following:

  • Copayment reductions for certain hospital outpatient department services
  • Certain remuneration that poses a low risk of harm and promotes access to care;
  • Coupons, rebates, or other retailer reward programs that meet specified requirements;
  • Certain remuneration to financially needy individuals; an
  • Copayment waivers for the first fill of generic drugs.

OIG also proposes to codify the gainsharing CMP[3]. The gainsharing CMP prohibits a hospital from knowingly paying, either directly or indirectly, a physician to induce the physician to reduce or limit the services provided to Medicare or Medicaid beneficiaries under the physician’s direct care. The Proposed Rule would narrow the prohibition in light of today’s health care landscape, which focuses on “accountability for providing high quality care at lower costs.”

IV.  Conclusion:

Health care providers should be interested in the Proposed Rule and make comments as necessary. The Proposed Rule makes pertinent changes to the AKS Safe Harbors and CMP laws that should give providers greater leeway to enter into beneficiary arrangements without fear that they will be subject to criminal penalties under the statutes. In a sense, the Proposed Rule follows OIG’s ongoing efforts to adopt regulations that promote lower costs and greater health care services while protecting patients and federal health care programs from fraud and abuse.

As a provider, if you have any questions about the current regulations found within the Anti-Kickback Statute or the proposed changes, please do not hesitate to give us a call today. We would be more than happy to assist you so that you remain compliant with all federal and statute regulations regarding potentially fraudulent activity.

Saltaformaggio, RobertRobert Saltaformaggio, Esq., serves as an Associate at Liles Parker, Attorneys & Counselors at Law.  Liles Parker attorneys represent health care providers and suppliers around the country in connection with Medicare audits by RACs, ZPICs and other CMS-engaged specialty contractors.  The firm also represents health care providers in HIPAA Omnibus Rule risk assessments, privacy breach matters, State Medical Board inquiries and regulatory compliance reviews.  For a free consultation, call Robert at:  1 (800) 475-1906

[1] 42 U.S.C. § 1320a-7b(b).

[2] 42 U.S.C. § 1320a-7a.

[3] 1128A(b)(1) of the Social Security Act.

HIPAA Risks of Breach: Windows XP Will No Longer be Supported by Microsoft

February 5, 2014 by  
Filed under Compliance

Overworked tired doctor at computer(February 5, 2014):  Has your practice addressed the latest HIPAA risks of breach that have been identified?  As discussed below, health care providers must take immediate remedial action if they are currently running Windows XP on one or more of their office computers. 

Why is this action necessary?  Because after April 8, 2014, Microsoft will no longer promulgate security updates or patches for this operating system. As a result, any computer running this outdated software system will effectively be non-compliant with HIPAA and HITECH regulations.

I.   Windows XP Support Ends April 2014:

Historically, Windows XP has been one of Microsoft’s most popular operating systems. It was first released in August 2001 and is still widely used on personal computers in both homes and business environments.  In fact, many health providers continue to use Windows XP on their workstations as part of a multi-faceted system that integrates electronic hardware, software, medical devices and the internet.

Unfortunately, as computers and the internet have become an integral part of the health care industry, Windows XP based computer systems and work stations have become a likely target for malicious activity. To combat these problems and protect users from cyber threats, Microsoft has customarily provided technical support for its software products for a period of years after the product’s release. Generally, this support comes in the form of a “service pack” and includes a collection of updates, fixes, or enhancements to a software program or operating system that is delivered in the form of a single installable package.

In the case of Windows XP, the software product has been out more than a decade and multiple newer versions of Windows have been released during period.  As a result, Microsoft has announced that after April 8, 2014, Windows XP will no longer be supported.   From a practical standpoint, this means that health care providers and other customers who still operate computers utilizing Windows XP will no longer receive new security updates, non-security hotfixes, free or paid support or online technical content updates. Any new vulnerabilities identified in the Windows XP operating system after April 8th will remain unaddressed by Microsoft.  Therefore, it will likely be easier for computer hackers to successfully infiltrate and exploit any Windows XP-based operating system via unpatched or non-secure vulnerabilities.

II. After April 2014, Providers Relying on Windows XP Systems will Have Another HIPAA Risk:

The Health Insurance Portability and Accountability Act (HIPAA) was enacted by Congress on August 21, 1996.  HIPAA regulates the availability and exchange of “Protected Health Information” (PHI) and helps prevent the unlawful release of patient medical information. The statute also helps to reduces instances of health care fraud, abuse, and sets standards for industry-wide billing procedures.  Under HIPAA, health care providers are obligated to take a wide range of steps designed to secure and protect PHI.

Both a “Privacy Rule” and a “Security Rule” are covered under HIPAA. These rules apply to “Covered Entities,” which include health plans, health care clearinghouses such as billing services, and health care providers that transmit health data in a way that is regulated by HIPAA. The Privacy Rule and the Security Rule have been designed to protect patient privacy and set standard procedures for the security of electronic PHI (e-PHI). Together, these two rules establish national standards for ensuring that a patient’s health information is kept confidential and secure.

Subsequent to the passage of HIPAA, Congress enacted the Health Information Technology for Economic and Clinical Health (HITECH) Act in 2009.  HITECH was created to encourage the adoption of electronic health records (EHR) and other support technology. Notably, the law also:

  • Expanded the obligations of physicians and other health care providers under HIPAA to protect patient’s PHI.
  • Extended the Privacy and Security Rules to business associates of the covered entities who have access to the PHI.
  • Increased the penalties for violations of those obligations under the rules. 

For health care providers who still utilize Windows XP-based computer systems, the decision by Microsoft to terminate its technical support of the software is very problematic.  Since Windows XP is no longer supported by Microsoft, any computer operating this system will be more susceptible to HIPAA risks of breach and / or other security risks.

III.  What Actions Should Health Care Providers Utilizing Windows XP Systems Take?

Many large health care provider organizations are already aware of this security concern and have implemented new operating systems.  However, many small to mid-sized health care providers have only recently learned of Microsoft’s support termination decision.  To the extent possible, these health care providers should examine their computer systems and determine whether their current Windows XP operating system can be upgraded to a more recent operating system, such as Windows 7 or Windows 8.  st now be realizing this monumental change. For these providers, they should immediately begin to transition their operating systems to more modern systems, such as Windows 7 or Windows 8.  Unfortunately, many older computer systems may not support an operating system upgrade. As a result, a health care provider may have to completely replace one or more of his office computer systems.  While replacement will be expensive, it will still be far cheaper than the monetary penalties that a provider may face if a HIPAA breach occurs due to the provider’s continued use of a computer running Windows XP.

Health care providers should immediately determine whether their practice’s Compliance Officer has conducted a review of the organization’s computers (and associated operating systems) to ensure that after April 8th the equipment will still be HIPAA / HITECH compliant.  If Windows XP based systems are still in use, a transition strategy should be identified and implemented.

IV.  Conclusion — Reducing the HIPAA Risks of Breach in Your Practice:

Importantly, the Windows XP operating system issue is merely one of many privacy concerns  that must be addressed by a practice’s Compliance Officer.  The failure of a health care provider recognize and address the Windows XP security risk can lead to a  breach of PHI and a possible privacy compliance audit by the Office for Civil Rights (OCR).  Depending on the facts, an OCR audit can lead to the imposition of civil monetary penalties (CMPs).

All health care providers should affirmatively review the mandatory requirements under the HIPAA and HITECH laws.  Frankly, there is no valid excuse for a covered entity not to have already conducted a proper risk assessment of its practice. Appropriate safeguards to protect individual patient PHI must be instituted to ensure that a breach does not occur.  Don’t let the theft of PHI through an obsolete operating system be the first time you assess the safety and security of your PHI. Taking measures to implement an effective compliance plan NOW is just your first step. In doing so, you can better ensure that your continuing obligation to fully comply with applicable statutory and regulatory requirements are being met.  Need help setting up your Compliance Plan or in conducting a HIPAA Omnibus Rule risk assessment?  Give us a call.

Robert W. Liles is a health care attorney experienced in handling prepayment reviews and audits.Robert W. Liles, Esq., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law.  Liles Parker attorneys represent health care providers and suppliers around the country in connection with Medicare audits by ZPICs and other CMS program integrity contractors.  The firm also represents health care providers in HIPAA Omnibus Rule risk assessments, privacy breach matters, State Medical Board inquiries and regulatory compliance reviews.  For a free consultation, call Robert at:  1 (800) 475-1906.

Disability Discrimination Cases are Being Pursued by the Office of Civil Rights.

Disability Discrimination Cases are Being Pursued by OCR.

(July 19, 2013):  Health care providers choosing to participate in Medicare, Medicaid and other Federal health benefits programs are obligated to comply with a wide range of statutory and regulatory requirements.  The primary issues most cited in connection with these obligations include those involving questions of medical necessity and / or coverage, coding and billing requirements and documentation mandates.  Health care providers are also required to comply with applicable employment laws, OSHA safety requirements, and with the medical records privacy rules of HIPAA and HITECH.  Collectively, these laws and regulations represent a significant challenge for many small and mid-sized health care providers and organizations.  Nevertheless, it is essential that all health care providers also keep in mind that Federal law also prevents participating providers from engaging in disability discrimination.

 I.  Regulatory Requirements Governing Participating Providers:

Pursuant to Section 504 of the Rehabilitation Act of 1973, as amended (Act), and its implementing regulations, 45 C.F.R. Parts 81 and 84.1, health care providers participating in programs receiving Federal funding cannot refuse to treat a patient on the basis of the patient’s disability. At first blush, you may find it hard to imagine how (or why) a health care provider would ever even consider refusing to care or treat a disabled patient because of the patient’s disability.  The case outlined below provide a stark example of how disability discrimination can result in serious administrative sanctions being pursued against a health care provider.

II.         Overview of a Recent Case:

The following summarizes the allegeg acts which gave rise to an enforcement action by the Department of Health and Human Services (HHS), Office of Civil Rights (OCR):

  • A California physician who practices neurological surgery (surgeon) examined a patient covered by “MediCal,” California’s Medicaid program.  Medi-Cal is jointly financed by Federal and State funds.

  • The patient suffered from hip and back pain and was referred to this surgeon for evaluation and treatment by his primary care physician.

  • After examining the patient, the surgeon recommended that the patient undergo surgery. The patient then agreed to seek pre-authorization for the procedure by Medi-Cal.

  • The surgeon subsequently learned that the patient was reported to be HIV positive.

  • The patient was recalled by the surgeon and was asked if, in fact, he was HIV positive.  When the patient responded affirmatively, the neurological surgeon then reportedly advised the patient that he would be unable to perform the surgery and recommended that the patient seek to have the procedure performed at the county hospital.

  • The neurological surgeon then discharged the patient from his practice “and, in correspondence advising the referring physician that he had done so, specifically mentioned that the young man was HIV-positive.”

(For a more detailed discussion of the facts in this case, you may wish to review the decision of the HHS Departmental Appeals Board).

A discrimination complaint was subsequently filed against the surgeon by the patient with OCR.  Consistent with applicable regulations, OCR is documented as having tried “to the fullest extent practicable,” to obtain the surgeon’s cooperation.  See 45 C.F.R. § 80.6(a).

Once it concluded that an information resolution of this discrimination complaint would not be forthcoming, OCR recommended that the HHS take action to suspend or terminate the recipient’s federal financial assistance. See 45 C.F.R. § 80.8(c).

On or about August 2, 2012, that is precisely what occurred.  An Administrative Law Judge (ALJ) for the HHS’ Departmental Appeals Board determined that the surgeon’s:

“lack of cooperation establishes that he will not voluntarily comply with the Act and regulations and that OCR will not be able to assure his compliance by informal means. Termination of his federal financial participation is therefore an appropriate remedy for his refusal to comply voluntarily. 45 C.F.R. § 80.8(c).” 

In reaching this conclusion, the ALJ then ordered:

“I therefore order that the responsible HHS officials suspend, terminate, refuse to grant or continue [Surgeon’s] Federal financial assistance, until he satisfies those officials that he will comply with the Act and regulations. As a review of the record shows, it appears that OCR made multiple settlement overtures to resolve the complaint with the surgeon but that its efforts were ultimately unsuccessful.”

III.  Disability Discrimination Lessons Learned:

As a review of the Opinion issued by the Departmental Appeals Board will show, OCR diligently attempted to resolve this issue with the surgeon informally, prior to taking this case forward.  Now that the surgeon has been effectively suspended from receiving Federal funds, he is effectively barred from treating Medi-Cal patients.  While additionals sanctions involving Medicare and other Federal health benefits programs could later take place, no discussion of these programs is covered in the ALJ’s opinion.  Nevertheless, what are some of the potential actions that could conceivably take place in the future?

(1)    From a public relations standpoint, this action could be disastrous for a health care provider’s practice.  

(2)   Depending on how the action is worded and how it is perceived by State licensure officials, this action could result in an investigation and possible sanctions by a State Medical Board.

(3)   Most, if not all, private payors require that health care providers give them written notice of any adverse actions taken by another payor within 30 – 60 days.  This action could therefore result in the proposed de-credentialing of the surgeon from one or more private plans.   

(4)   Many hospitals require that a health care provider be a participating provider in the Medicare and / or Medicaid programs in order for them to receive admitting privileges in their institution.  An adverse action such as this against a provider’s Medicaid status could result in action being taken by hospitals where the provider is privileged. 

Notably, the decision in this case is not the same as an exclusion action.  In fact, the way it is worded almost implies that if the surgeon takes remedial action, his Medi-Cal eligibility will be reinstated.

As a final point, this case clearly illustrates OCR’s emergence as an enforcement agency to be reckoned with.  While prior administrative enforcement sanctions have focused on Civil Monetary Penalties (CMPs), this action effectively suspends a health care provider’s ability to participate in Medicaid, short of seeking a permissive exclusion action against the provider.

From a regulatory standpoint, this case can serve as a real-life example of the importance of developing and implementing a comprehensive, effective Compliance Program.

Robert W. Liles is a health care attorney experienced in handling prepayment reviews and audits.Robert W. Liles, J.D., M.B.A., M.S., serves as Managing Partner at Liles Parker PLLC, a boutique health law firm with offices in Washington, DC, Texas and Louisiana.  Liles Parker attorneys represent health care providers around the country in compliance, regulatory and peer review related actions.  Should you need assistance, feel free to give us a call.  Call Robert for complimentary initial consultation at:  1 (800) 475-1906.

 

 

 

ICD-10 Will be Here Soon. Is Your Practice Ready?

Is your practice prepared to make the transition to ICD-10?(June 14, 2013):  Despite experiencing a couple of false starts, it now appears that ICD-10 is here to stay, and there are expected to be further.  Why are providers being required to transition over from ICD 9?  Unfortunately, ICD-9 is considered to be outdated and some its categories are literally beyond their useful capacity.  Regardless of your feelings regarding transition, many experts believe that the move the ICD-10 will be one of the biggest changes in healthcare to occur in the last 30 years. Frankly, most practice managers and treating providers across the United States simply don’t know where to start with the ICD-10 implementation process. The clock is ticking. According to the CMS timeline, health care providers should already be conducting internal claims testing.  Have you taken this first step?  From our discussions with providers, it appears that the average practice today does not even know the first step to getting started with ICD-10 implementation.

I.     We Can Learn from the Mistakes of Early Adopters of ICD-10:

Notably, the United States and Italy are the only industrialized countries in the World not using ICD-10. Many countries have been using ICD- 10 for almost a decade.  Their experiences will prove invaluable as our providers move to ICD-10. Their advice?

  • Don’t wait to the last minute to begin your preparations. Prepare early.

  • Now is the time to examine your documentation practices.  Will they be sufficient to permit the detailed coding required by ICD-10?

  • The failure to fully prepare will directly hit your bottom line.  In 2014, ICD-10 will be one of the cornerstones for getting paid.

II.  How Long Does it Take to Transition Over to ICD-10?

An ICD-10 transition expert we work with, Lisa Asbell, R.N., estimates that it can take a practice up to 500 hours to transition properly. . Lisa is the President of TrainRX.  Her transition training website is located at: www.trainrx.net Notably, Lisa has estimated that If you were to start today and break that down over the next 16 months, chances are you will be okay with the clock runs out on October 1, 2014. If you don’t get serious about transition now, there is a chance that your practice won’t survive the transition.

III.  How Do You Get Started?

What are the first steps to get started:

  • The first thing you need to do is convert your most frequently used diagnosis codes from ICD-9 to ICD-10.

  • Next, perform chart reviews to see if all of the newly required documentation elements for ICD-10 are in the chart. Is there enough information for you to submit the correct ICD-10 code? If there is, great that is a good start. If you don’t have enough information, then you know that your providers will need more education.  While is only the first of many, many steps in transitioning over to ICD-10, it’s a solid start!

IV.   Can You Handle the ICD-10 Transition Without Help?

Depending on when you initiate your transition and level of coding expertise in your practice, you may or may not need outside assistance. On estimate has placed the overall cost of transition at $60,000-$80,000 for a five provider practice. That number includes training, lost productivity and the expenses associated with hiring part-time staff during the period of transition. It does not include any software upgrades or hiring a transition Project Manager. The sooner you begin the process, the lower your overall transition costs will be.

Robert W. Liles is a health care attorney experienced in handling prepayment reviews and audits.Robert W. Liles serves as Managing Partner at Liles Parker.  Liles Parker is a boutique health law firm with offices in Washington, DC, Baton Rouge, LA, Houston, TX and McAllen Texas.  Robert has extensive experience representing health care providers in the areas of regulatory compliance.  Should you need assistance or have questions regarding a health law regulatory issue, call Robert for complimentary consultation.  He can be reached at: 1 (800) 475-1906.   

Does One of Your Employees Suffer from a Chronic Illness or Medical Condition? Consider the ADA When Assessing Their Request for Additional Medical Leave

March 19, 2013 by  
Filed under Compliance

American with Disabilities Act -- ADA

(March 19, 2013):  It’s a fact of life – essentially all us will likely fall ill or develop a chronic medical condition at some point during our employment.  Employees working in physician offices, home health agencies and for Durable Medical Equipment (DME) suppliers are no exception.  When this occurs, owners and managers cannot forget their obligations under the American Disabilities Act (ADA) and its amendments under the Americans with Disabilities Act Amendments Act of 2008 (ADAAA).

I.  A Recent Decision by the EEOC Shows How Important ADA / ADAAA Compliance Can Be:

A recent decision in a Maryland case against a large physician practice illustrates the importance of considering each request for medical leave in a reasonable fashion.  In this case, an employee who suffered from Crohn’s Disease worked as an assistant for the practice, answering phones, scheduling appointments and conducting other administrative duties.  While undergoing treatment for her Crohn’s, she required two weeks of medical leave.  During this period, she went to the emergency room twice and was hospitalized at least once.  When she contacted the company to ask for an additional day (of unpaid leave), she was fired.  The fired employee filed a complaint with EEOC and the case ultimately resulted in a disability discrimination lawsuit being filed against the employer for alleged violations of the ADA Ultimately, the case was settled and the fired individual recovered $92,500.

II.  What Lessons Can You Learn from This ADA Case Settlement?

When assessing this case, the EEOC argued that the employer’s failure to provide a “reasonable accommodation” to the employee was a violation of the ADA.  As the EEOC specifically commented, the employer’s:

“. . . lateness and attendance policy violated the Americans with Disabilities Act, as amended (ADA), because it did not provide for exceptions or modifications to the attendance policy as a reasonable accommodation for individuals with disabilities.”

When it was unable to settle the case prior to filing suit, the EEOC brought an action against the employer for violations of the ADA and the ADAA.  When the case was subsequently settled, the District Director of EEOC’s Philadelphia District Office stated:

“It is not only a good business practice to provide reasonable and inexpensive accommodations that allow employees with disabilities to remain employed, it is required by federal law.”

In addition to the $92,500 settlement, the agreement reached requires that the employer modify its policies to permit the “reasonable accommodation for employees with disabilities.”  Additionally, the medical practice was also required to train all of its supervisory, managerial and human resources personnel on the ADA and post a notice regarding the resolution of the lawsuit at its facilities.  Ultimately, health care providers can avoid these problems entirely if they approach these situations in a reasonable fashion and recognize their obligations under the ADA.

III.   Conclusion.

Compliance with the ADA and other applicable statutes designed to prohibit and prevent employment discrimination of all of types should be an integral part of your Compliance Plan.  These obligations cannot be delegated or dispensed with contractually.  Therefore, we strongly recommend that you examine your personnel practice to help ensure that you are fully complying with the letter and the spirit of the law in this regard.

Robert W. Liles is a health care attorney experienced in handling prepayment reviews and audits.Robert W. Liles is the Managing Member at Liles Parker.  He has extensive experience working on health care employment issues, in both a unionized and a non-unionized environment.  Should you have questions in this regard, please feel free to call Robert for a free consultation.  He can be reached at: 1 (800) 475-1906.

 

Healthcare Providers Aren’t Covered Under the Red Flag Rules

Red Flag Rules(December 12, 2010):  Under the “Fair and Accurate Credit Transaction Act of 2003,” the Federal Trade Commission (FTC) was required to establish regulations mandating that “creditors” and “financial institutions” develop and implement Identity Theft Prevention Programs.  These programs were aimed at identifying, detecting and responding and, ultimately, preventing identify theft from occurring in connection with “covered accounts” maintained or handled by creditors and financial institutions.  The patterns, practices and / or specific activities which could indicate that identify theft was occurring was referred to by the FTC as “Red Flags.”  The program was therefore commonly known as the “Red Flags Rule.”  Since enacted, the legislation has been widely criticized by health care providers and their professional associations, lawyers, accountants and other professionals who argued that the definition of “creditor” was overly broad and was never intended to cover their work / organizations.  After facing both lawsuits and growing Congressional concerns, the FTC delayed enforcement of the rule so that Congress could consider limiting the scope of the rule.

Both the House and the Senate have recently passed the “Red Flag Program Clarification Act of 2010.”  President Obama is expected to sign the legislation before the end of the year.  As Senator Christopher Dodd commented after the bill was passed, this legislation:

“makes clear that lawyers, doctors, dentists, orthodontists, pharmacists, veterinarians, accountants, nurse practitioners, social workers, other types of healthcare providers and other service providers will no longer be classified as ‘creditors’ for the purposes of the Red Flags Rule just because they do not receive payment in full from their clients at the time they provide their services, when they don’t offer or maintain accounts that pose a reasonably forseeable risk of identity theft.”

While most health care providers will be thrilled to hear of these changes (few businesses, regardless of type, want to be covered by the Red Flags Rule), it is essential to recognize that identity theft is, in fact, a growing problem.  Therefore, the most prudent course would be for Compliance Officers to incorporate procedures into their Compliance Plan which will help prevent identity theft from taking place.  Moreover, should it occur, your practice should have procedures in place to help minimize any adverse impact from such an occurrence.

Liles Parker attorneys provide health law advice to health care providers around the country.  Our attorneys have extensive experience working with providers to establish effective Compliance Plans for a wide range of organizations.  Identify theft is yet another risk area to be considered when reviewing and / or revising your Compliance Plan.  Please feel to call us for a free consultation.  We can be reached at 1 (800) 475-1906.         

 

Under Health Care Reform Legislation, Stark Law Whole Hospital and Rural Provider Exceptions are Changing

Stark Law Whole Hospital Exception(October 22, 2010):  It’s not exactly breaking news to anyone in the hospital industry that the U.S. Congress and the regulators at the Center for Medicare and Medicaid Services seem bent on preventing or eliminating physician referrals to hospitals in which they invest. With the passage of health reform legislation in March of this year, Congress approved yet another round of sweeping measures designed to eliminate or prevent the growth of physician investment in hospitals to which they refer by drastically changing both the rural provider and whole hospital ownership exceptions to the Stark Law. Here are a few key points to be aware of if you invest or work in a physician-owned hospital and you rely on the Stark Law rural provider or whole hospital exceptions to protect physician-investor referrals to the facility:

1. No new physician-owned hospitals after December 31, 2010 – The new law imposes a total moratorium on Medicare certification of new physician-owned hospitals that would rely on either of these exceptions to protect investor referrals unless they have a provider agreement in place as of December 31, 2010.

2. Cap on Total Physician Ownership Percentage – Health reform legislation capped total physician investment in existing Medicare-certified facilities at whatever total percentage physician ownership a facility had on March 23, 2010, the date the law was passed. Physician owners can still buy and sell their interests, but total physician ownership may not exceed the capped amount. If your physician investors have increased their total ownership percentage since March 23, 2010, they will have 18 months from that date to take action to comply with the new law.

3.  No Bed Increases Without An Exception from CMS – The legislation also froze the number of beds a physician owned, Medicare-certified hospital may have unless it is granted an exception by CMS to increase its capacity. The new law defines the basic criteria for an exception, but CMS has until December 31, 2012 to promulgate regulations implementing the exception process. You may not put new beds into service and continue to have physician investors refer to your facility until your hospital has been granted an exception.

4. New Disclosure and Reporting Requirements – There were a host of new disclosure and reporting requirements added by the legislation, including mandatory disclosures to patients referred or treated by an investor, public disclosures on hospital websites and in public advertising about physician ownership, and an annual report to the Secretary of the Dept. of Health & Human Services that identifies all physician and non-physician owners or investors in a hospital, as well as the nature and extent of their ownership and investment interests. Also, the law includes a mandate for the Secretary of HHS to post on its website all investment information reported pursuant to these new requirements.

5. New Patient Safety Requirements – Finally, there are new patient safety requirements that mandate a disclosure to, and written acknowledgement from, all patients regarding whether a physician is available on-site, 24-hours a day, as well as a requirement that the hospital provide assessment and initial treatment for all patients and the capacity to refer and transfer patients to hospitals with the capability to treat the needs of each patient that can’t be appropriately treated on-site.

CMS recently proposed regulations implementing most of the above described legislative changes.

Healthcare LawyerJennifer Papapanagiotou, J.D., is a Partner at Liles Parker, Attorneys & Counselors at Law.  She is an experienced health care attorney with more than a decade of experience assisting providers with structuring or re-structuring their businesses and contractual relationships to comply with Federal and State health care fraud and abuse laws, including the Stark Law. Should you have questions regarding the Stark Law, the Anti-Kickback Statute, or the myriad other health care fraud and abuse laws and regulations, please give us a call at 1 (800) 475-1906.

CMS Publishes Stark Self-Disclosure Protocol

CMS Has Published Its Stark Self-Disclosure Protocol(September 30, 2010): The Health Care Reform Act has dramatically changed the future of health care for millions of Americans.  While many of its provisions are directed at access and affordability issues, a significant portion of the Act addresses various loopholes in existing statutory and regulatory provisions aimed at fighting health care fraud.  One of these statutes is the “Physician Self-Referral Statute,” Section 1877 of the Social Security Act, also known as “Stark.”  Section 6409 of the Health Care Reform Act required that the Secretary, Health and Human Services (HHS) work with HHS’ Inspector General of HHS to establish a Medicare self-referral disclosure protocol.  Last week, CMS published its Stark Self-Referral Protocol to be used by providers when disclosing Stark violations.  Notably, this protocol is specifically limited to Stark issues.

As the Stark Self-Disclosure protocol discusses:

“Participation in the SRDP [self-referral disclosure protocol] is limited to actual or potential violations of the physician self-referral statute. The OIG’s Self-Disclosure Protocol is available for disclosing conduct that raises potential liabilities under other federal criminal, civil, or administrative laws. See. 63 Fed. Reg. 58399 (Oct. 30, 1998); OIG’s Open Letter to Health Care Providers, March 24, 2009. For example, conduct that raises liability risks under the physician self-referral statute may also raise liability risks under the OIG’s civil monetary penalty authorities regarding the federal anti-kickback statute and should be disclosed through the OIG’s Self-Disclosure Protocol. Disclosing parties should not disclose the same conduct under both the SRDP and OIG’s Self-Disclosure Protocol.”

When evaluating the self-disclosures made, CMS has stated that it will consider the following factors in its assessment of whether or not to reduce any amounts that may be owed due to violations of the Stark statute.  These include:

(1) The nature and extent of the improper or illegal practice;

(2) The timeliness of the self-disclosure;

(3) The cooperation in providing additional information related to the disclosure;

(4) The litigation risk associated with the matter disclosed; and

(5) The financial position of the disclosing party.

 Importantly, there are no guarantees.  CMS has no obligation to reduce any amounts that may be owed.   The Stark statute can be quite complicated and providers facing Stark issues should discuss these points with qualified legal counsel when deciding whether or not to use the self-disclosure protocol.

Liles Parker attorneys are experienced in assessing business arrangements which may implicate the Stark statute.  Should you have questions regarding Stark or this self-disclosure protocol, please give us a call at:  1 (800) 475-1906.  

Next Page »