Recommended Implementation of a Fraud and Abuse Compliance ProgramFall 1997
Recent legislative changes have granted significantly enhanced enforcement tools to the various Federal and state agencies which prosecute health care reimbursement fraud and abuse.
The new enforcement tools primarily involve enforcement coordination and information sharing among the various agencies and the extension of the civil monetary penalties and exclusion provisions. In addition, health care fraud involving a private payor is now a Federal crime. These tools, when coupled with the new priorities and increased resources of the enforcement agencies, have significantly altered the environment in which health care providers seek reimbursement from both government and private payors. The increasing prevalence of false claims actions brought by qui tam "whistleblowers" (usually former employees with inside knowledge of a provider's billing and marketing practices) has significantly altered the health care provider's workplace environment as well.
These issues and the significant monetary and personal risks involved are not limited to intentional fraudulent activities on the part of unscrupulous providers. Significant civil and criminal penalties are now available and being actively sought against providers who have simply billed inappropriately because they have not taken sufficient steps to assure medical necessity, appropriate coding and required documentation.
The concept of implementation and maintenance of an internal fraud and abuse Compliance Program has developed out of recent provider settlements with prosecutors. While a Compliance Program is not mandatory, the presence or absence of an effective Compliance Program will significantly affect a provider's ability to assure that an audit or investigation does not advance to prosecution, to avoid criminal charges or to settle a civil or criminal action.
A Compliance Program should contain the following elements:
- Detailed protocols consistent with laws and regulations and Federal Sentencing Guidelines:
* provider qualification/certification
* medical necessity
- Designation of a Compliance Officer
- Staff education
- Internal audits and return of inappropriate payments
- Procedures to require staff questions and reporting of questionable or inappropriate practices without possible retaliation
The Health Care Financing Administration has developed model Compliance Programs for hospitals and clinical laboratories, and may develop other model plans in the future. In addition, many trade associations and consulting groups are developing model plans and providing services in connection with Compliance Program development. It is very unlikely, however, that any model Compliance Program will be completely appropriate to the needs of any particular provider.
An effective Compliance Program will require resources including outside consultants and information systems as well as time and effort from management, clinical and administrative employees of the provider. There are also certain risks. A Compliance Program may result in the identification of issues that would not have been discovered by the government, contractual arrangements may need to be modified, employees may need to be disciplined or terminated for not fulfilling their responsibilities under the Compliance Program and an internal audit may provide a roadmap for prosecutors. A Compliance Program should be carefully structured in order to minimize these risks and to the extent possible, to preserve attorney-client privilege in the internal audit and reporting process.
Given the complexity of health care reimbursement and the current enforcement environment, we strongly recommend that our health care provider clients implement and maintain a Compliance Program appropriate to their particular needs. We are currently working with several clients in the development of Compliance Programs and would be happy to answer any questions and provide assistance in the development of Compliance Programs.