Avoiding the Pitfalls of Fraud, Waste & Abuse Compliance

Download Report

Transcript Avoiding the Pitfalls of Fraud, Waste & Abuse Compliance

MPA Winter CE + Ski
January 12th, 2014
Jason Walker-Crawford, R.Ph. – PAAS National®, Inc.
Learning Objectives
 Discuss the Medicare Part D requirements for Fraud,
Waste & Abuse Compliance (FWAC).
 Discuss penalties for non-compliance with FWAC.
 Provide advice and tools for pharmacies to meet
compliance requirements.
History of FWAC
 Federal False Claims Act (FCA)
 Enacted post-Civil War
 Heavily amended in 1986
 Amended multiple times
 Criminal felony to submit a false claim for payment from
Federal funds


Medicare, Medicaid, TriCare, Federal Employee Program
(FEP), grants, etc.
Includes making or using a false statement
History of FWAC
 FCA cont.
 Criminal penalties
 Civil Money Penalties (CMPs)

Up to treble (triple) damages
 Qui Tam provisions


Incentives of up to 30% of settlement or judgment may be
awarded to whistleblowers
Protections in place to protect whistleblowers from retaliation
of any kind
Pharmacist as Whistleblower
 Bernard Lisitza – former independent pharmacy
owner and pharmacist
 Worked for Omnicare
 Also did temp work at CVS and Walgreens
 Filed multiple Qui Tam lawsuits against Omnicare, CVS,
Walgreens and Johnson & Johnson
 Lawsuits have recovered billions of dollars in Federal
funds
 Has been awarded more than $31 million
History of FWAC
 Federal Anti-Kickback Statute
 42 U.S.C. § 1320
 Effective 1972
 Prohibits providing or receiving a “kickback” for referral
of any product or service paid by Medicare or Medicaid


Any remuneration
Safe Harbors
 5 years in prison
 Fines up to $25,000
 CMPs up to $50,000
 Exclusion
History of FWAC
 Anti-Kickback Statute cont.
 OIG maintains list of Safe Harbor regulations


More than 20 published
Must follow regulations exactly to be “safe”
 OIG will provide advisory opinions in situations that do
not meet regulations


Based on facts provided
Only opinion
 Doesn’t mean practice is legal

OIG likely not to prosecute
History of FWAC
 Stark Statute
 42 U.S.C § 1395nn
 “Stark I” – OBRA 1989
 “Stark II” – OBRA 1993
 AKA Physician Self-Referral Law
 Prevent financial incentives for unnecessary medical
services
 Prohibits ordering or referring medical services with a
financial incentive (ownership)
 Provides for CMP and treble damages
Violation of Stark/Anti-Kickback
 NY medical practice – 2013
 Agreed to pay $1,140,260
 Paid remuneration to patients in the form of “points”
 Points redeemable under program for additional
medical services and products
History of FWAC
 Public Law 104-191, Health Insurance Portability and
Accountability Act (HIPAA) of 1996
 Established the Health Care Fraud and Abuse Control
(HCFAC) Program



Public and private health care
Under joint direction of the Department of Health and
Human Services (HHS), Office of the Inspector General (OIG)
and the Attorney General
Coordinates Federal, State and local law enforcement
History of FWAC
 Medicare Modernization Act (MMA) of 2003
 Created Medicare prescription drug program (Part D)
 Requires plan sponsors to have a compliance program


Covers general compliance and FWAC
Plan sponsors must assure that their employees, contractors
and first-tier, downstream and related entities (FDRs) meet
requirements
 Pharmacies are FDRs
History of FWAC
 Deficit Reduction Act (DRA) of 2005
 Enhanced the Federal False Claims Act (FCA)
 Provides financial incentives to States to pass their own
FCA
 Required FWAC requirements for any entity with $5
million or more in revenue per year from Medicaid
History of FWAC
 MT False Claims Act
 MT Code Ann. §§ 17-8-401 through 17-8-413
 Originally enacted 2005
 Amended 2009 and 2013
 Approved by OIG October 24th, 2013

OIG approval provides incentive to State
 Min penalty of $5,500 up to $11,000 per incident
 Two to three times damages (claim amount)
 Costs
History of FWAC
 American Recovery and Reinvestment Act (ARRA) of
2009 (Stimulus)
 Health Information Technology for Economic and
Clinical Health (HITECH) Act




Enhanced HIPAA
Introduced Breach Notification requirements
Increased CMPs
 Up to $1.5 million per violation per year
Omnibus Final Rule
 Effective March 26th, 2013
History of FWAC
 Health Care Fraud Enforcement and Action Teams
(HEAT)
 Began May 9, 2009
 http://www.stopmedicarefraud.gov
 CMS, FBI, DEA, OIG, State and local law enforcement
 Medicare Fraud Strike Force, nine cities
 Baton Rouge, LA; Brooklyn, NY; Chicago, IL; Dallas, TX;
Detroit, MI; Houston, TX; Los Angeles, CA; Miami-Dade, FL;
Tampa Bay, FL
 In 2011, HEAT coordinated fraud takedown of $530
million in fraudulent billing
History of FWAC
 Patient Protection and Affordable Care Act (ACA) of
2010 (Obamacare)
 Expanded the Recovery Audit Contractor (RAC)
program to include Medicaid and Medicare Part C and
D
 Additional $350 million to fight FWA

Expected to be budget neutral
 FWA Recovery ≥ Enforcement Cost
History of FWAC
 ACA Cont.
 Increased provider/supplier review

Site visits, background checks, licensure checks,
fingerprinting
 False applications may lead to exclusion from all Federal
programs
 Medicaid termination for unpaid overpayments
 Suspension of payments if fraud is expected!
What’s the big deal?
 Why are there some many different laws all about
FWA?
 It’s all about the money!
Health Care Expenditures
 In 2012, health care expenditures have been estimated
to be $2.82 trillion = 17.6% GDP
 In 2020, health care expenditures are projected to be
$4.6 trillion = 19.8% GDP
 Fraud is estimated to be 3-10% of total dollars spent
(National Health Care Anti-Fraud Association/FBI)
 Waste is estimated to be 20-30% of total dollars spent
(HHS-OIG Daniel Levinson, Inspector General – Keynote address 2012
Health Care Compliance Associations)
HHS Announces Record Breaking
Recoveries – February 11, 2013
 Joint efforts to combat Health Care Fraud resulted in a
record $4.2 billion in 2012
 ROI of $7.90 per dollar spent over last 3 years
 Enforcement efforts have recovered $14.9 billion in the
last four years, compared to $6.7 billion over the prior
four years.
OIG Semiannual Report to
Congress – Spring 2013
 First half of FY 2013 (October 2012 – March 2013)
 Recoveries of $3.8 billion
 1,661 new individuals or entities excluded from Federal
programs.
What is Fraud?
 Knowingly and willfully executing, or attempting to
execute, a scheme or artifice to defraud any health care
benefit program or to obtain (by means of false or
fraudulent pretenses, representations, or promises)
any of the money or property owned by, or under the
custody or control of, a health care benefit program.
 18 U.S.C. Section 1347
Examples of Possible Fraud
 Intentionally submitting false information in order to




get money or a benefit
Billing for items that were not purchased or picked up
Prescription forging, altering or shorting
Switching to a more expensive dosage form to increase
the amount of reimbursement
Submitting claims for entire amount on partial fills
were the balance is not picked up
Chain Drug Store
settles for $35 million
 In 2008 a major drug chain settled for $35 million for
switching Medicaid patients from tablets to capsules
of the same drug to increase the amount they were
reimbursed
 Another major drug store chain paid $21.1 million to
settle the same claim for submitting more expensive
Ranitidine capsules instead of tablets
 The qui tam plaintiff received $4.3 million for his share
of the federal and state settlement
What is Waste?
 Waste is the overutilization of services, or other
practices that, directly or indirectly, result in
unnecessary costs to the Medicare program. Waste is
generally not considered to be caused by criminally
negligent actions but rather the misuse of resources.
(CMS, Prescription Drug Benefit Manual Chapter 9 –
Compliance Program Guidelines, Section 20)
 Waste is a misuse of resources or to spend carelessly
Examples of Possible Waste
 Overbilled quantities – submitting for a quantity larger




than what is allowed by the plan or ordered by the
prescriber
Dispensing a 90 day supply that is discontinued after
30 days
Billing an incorrect day supply resulting in the patient
receiving a larger quantity than allowed
Dispensing a 60 gram tube of ointment when a 15 gram
tube would be sufficient
Auto-refills when the previous supplies not exhausted
What Waste Looks Like
$11,000 of
unused
medication
from mail
order
What is Abuse?
 Abuse includes actions that may, directly or indirectly
result in: unnecessary costs to the Medicare program,
improper payment, payment for services that fail to
meet professionally recognized standards of care, or
services that are medically unnecessary. Abuse
involves payment for items or services when there is no
legal entitlement to that payment and the provider.
 Abuse may involve obtaining an improper payment,
but does not require the same intent and knowledge as
fraud.
Examples of Possible Abuse
 Using an override code to force a claim to go through
early
 Filling a prescription after expiration
 Splitting prescriptions to obtain additional dispensing
fees
 Changing to an incorrect diagnosis code in order to
receive payment
Fraud vs. Abuse
 Did you do it intentionally?
 Can you prove that you didn’t?
 Repeated abuses are often considered to be intentional
frauds in the eyes of the auditors
 Once or twice = oops
 Twenty = Fraud
Basics of FWAC
 Prevent! Detect! Correct!
 Required to adopt and implement an effective
compliance program
 CMS requires 7 core elements
 33 sub-elements
 Much more than just training!
The 7 core elements are:
1.
2.
3.
4.
5.
6.
7.
Written Policies, Procedures and Standards of
Conduct;
Compliance Officer, Compliance Committee and High
Level Oversight;
Effective Training and Education;
Effective Lines of Communication;
Well Publicized Disciplinary Standards;
Effective System for Routine Monitoring and
Identification of Compliance Risks; and
Procedures and System for Prompt Response to
Compliance Issues
Element I:
Written Policies, Procedures and Standards of
Conduct
 Standards of Conduct
 AKA “Code of Conduct” (CoC)
 State the principles and values by which you operate
 Expectation that ALL employees will act in an ethical
manner
 Noncompliance and potential FWA is reported
 Reported issues are addressed and corrected
 Compliance is everyone’s responsibility!
Element I:
Written Policies, Procedures and Standards of
Conduct
 Policies and Procedures
 Detailed and Specific
 Describe operations of Compliance Program



Reporting structure
Training requirements
Investigation and remediation
Element I:
Written Policies, Procedures and Standards of
Conduct
 Distribution of P&P and Code of Conduct
 Compliance program not effective unless distributed to
employees



Within 90 days of hire
Updates
Annually
 Can distribute manually or electronic
 Need proof of distribution

Signed acknowledgement
Element II:
Compliance Officer, Compliance Committee and
High Level Oversight
 Compliance Officer
 Should be full-time employee
 Experience with compliance
 Recommend manager or direct report
 Duties:





Aware of daily activities
Develop and Implement compliance program
Coordinate internal reviews and investigations
Maintain reporting mechanisms
Exclusion list checking
Element II:
Compliance Officer, Compliance Committee and
High Level Oversight
 Compliance Committee and Governing Body
 Oversee and advise Compliance Officer and Program
 Plan sponsors = large committees, varied backgrounds
 FDRs = may be the Compliance Officer + Owner and/or
Managers
Element II:
Compliance Officer, Compliance Committee and
High Level Oversight
 Senior Management Involvement
 Senior management must be involved with Compliance
Program to be effective
 Ensure Compliance Officer has credibility, authority and
resources needed to operate the program
 Compliance Officer must report to senior management
any compliance issues
Element III:
Effective Training and Education
 General Compliance Training
 ALL Employees (includes temps and volunteers)
 Within 90 days of hire and annually
 Classroom, online or attestation that have read and
received CoC and P&P
 Must have proof of training (sign-in, attestation or
certificates)
Element III:
Effective Training and Education
 General Compliance Training cont.
 Contents of training:






Review of P&P and CoC
Identifying potential noncompliance (examples)
Reporting noncompliance
Review disciplinary policies
Disclosing conflicts of interest
Confidentiality (HIPAA/HITECH)
Element III:
Effective Training and Education
 Fraud, Waste and Abuse Training
 Only requirement deemed to have been met thru Part B
accreditation
 Only employees that are involved in the administration
or delivery of Medicare benefits
 Within 90 days of hire and annually
 May be required as corrective action to noncompliant
employees
 May be tailored to specific job functions
 Sponsors required to provide training to FDRs

May use CMS’ FWA training module
Element III:
Effective Training and Education
 Fraud, Waste and Abuse Training cont.
 Contents of Training:




Laws and regulations (False Claims Act, Anti-Kickback
statute, HIPAA/HITECH, etc.)
Reporting FWA
Protections for reporting FWA
Types of FWA (examples)
 Maintain training records for 10 years

Time, attendance, topic, certificates and/or test scores
Element IV:
Effective Lines of Communication
 Effective Lines of Communication Among the
Compliance Officer, Compliance Committee,
Employees, Governing Body and FDRs
 Ways to communicate information from the Compliance
Officer to others



Officer’s name, location, and contact information
Changes to P&P, CoC, laws and regulations
Methods of communication
 Written, email, website, or meetings
Element IV:
Effective Lines of Communication
 Communication and Reporting Mechanisms
 Must have P&P and CoC that requires reporting of
suspected or detected noncompliance or FWA
 Must maintain confidentiality
 Allow anonymous reporting
 Prohibit retaliation or retribution (no-tolerance policy)
 User friendly, easy to access
Element IV:
Effective Lines of Communication
 Enrollee Communications and Education
 Plan sponsor requirement only
 Must educate Medicare enrollees on identifying and
reporting potential FWA
Element V:
Well-Publicized Disciplinary Standards
 Disciplinary Standards
 Clear and specific disciplinary standards
 Contents:




Expectation to report noncompliant, unethical or illegal
behavior
Participate in required training
Timely, consistent and effective enforcement
Disciplinary action must be appropriate to seriousness of the
violation
 Retraining, suspension, termination
Element V:
Well-Publicized Disciplinary Standards
 Methods to Publicize Disciplinary Standards
 Must publicize disciplinary standards to all employees
 Methods:





Newsletters
Staff Meetings
General Compliance Training
Intranet
Posters
Element V:
Well-Publicized Disciplinary Standards
 Enforcing Disciplinary Standards
 Maintain records for 10 years





Date reported
Description of violation
Date of investigation
Summary of findings
Disciplinary action taken and date
 CMS encourages that de-identified disciplinary actions
be reported to employees

Demonstrate importance of Disciplinary Standards
Element VI:
Effective System for Routine Monitoring, Auditing and
Identification of Compliance Risks
 Routine Monitoring and Auditing
 Compliance Officer must conduct


Monitoring = regular review of operations to ensure
compliance
Auditing = formal review based on a set of standards (P&P,
laws and regulations)
 Address areas at risk
Element VI:
Effective System for Routine Monitoring, Auditing and
Identification of Compliance Risks
 Development of a System to Identify Compliance Risks
 Conduct an assessment of risk




Complexity of work
Past compliance issues (audit results)
Chapter 7 – Quality Assurance
Credentialing
Element VI:
Effective System for Routine Monitoring, Auditing and
Identification of Compliance Risks
 Development of the Monitoring and Auditing Work
Plan, Audit Schedule and Methodology
 What audits will be performed?
 When will audits be conducted?
 Who will conduct audits?
 How will audits be conducted?
Element VI:
Effective System for Routine Monitoring, Auditing and
Identification of Compliance Risks
 Audit of Operations and Compliance Program
 Review pharmacy operations to ensure compliance
 Review compliance program
 Modify P&P and program as appropriate
 Track and document compliance efforts
 Report compliance success and noncompliance to
employees
Element VI:
Effective System for Routine Monitoring, Auditing and
Identification of Compliance Risks
 OIG/GSA Exclusion
 OIG LEIE: Office of the Inspector General List of
Excluded Individuals and Entities

http://exclusions.oig.hhs.gov
 GSA EPLS: General Services Administration Excluded
Parties Lists System


Moved to SAM (System for Award Management) website
http://www.sam.gov
OIG Exclusion
 Search up to 5
individuals at a time
 Allows SSN/EIN
verification
 Provider records
also contain
NPI/UPIN if
available
GSA Exclusion
 Search only 1
individual at a time
 Need to contact the
excluding agency to
confirm
 Exclusions often not
related to health
care
Element VI:
Effective System for Routine Monitoring, Auditing and
Identification of Compliance Risks
 OIG/GSA Exclusion cont.
 “Federal funds may not be used to pay for services,
equipment or drugs prescribed or provided by a
provider, supplier, employee or FDR excluded by OIG or
GSA.”
 Must screen PRIOR to hire and at least Monthly


Any employee, temporary employee, volunteer, consultant,
governing body member or FDR
Ensure that not excluded or become excluded
Element VI:
Effective System for Routine Monitoring, Auditing and
Identification of Compliance Risks
 OIG/GSA Exclusion cont.
 Mandatory Exclusions: Previous fraud, patient neglect
or abuse, felony convictions relating to unlawful
manufacture, distribution, prescribing or dispensing of
controlled substances
 Permissive Exclusions: Misdemeanor convictions for
above, Pharmacy License suspension for reasons bearing
on professional competence, financial integrity –
providing unnecessary or substandard services,
engaging in unlawful kickback arrangements, defaulting
on a health education loan or scholarship obligations
Element VI:
Effective System for Routine Monitoring, Auditing and
Identification of Compliance Risks
 OIG/GSA Exclusion cont.
 Costs of Employing Excluded Individual



CMPs of up to $10,000 for each item or service
Recovery up to three times the amount claimed
Exclusion
 Self-Disclosure Protocol



Reduce recovery to 1.5 times amount paid
Can prevent exclusion
Limited to $10,000 minimum
Examples of Exclusion
 2012: Hy-Vee Pharmacies, Iowa
 Agreed to pay $831,871.61 for allegedly violating CMP
Law
 Employed an individual that they knew or should have
known was excluded
 2013: Atmore Community Hospital, Alabama
 Self-disclosed potential violation by employing an
excluded individual
 Agreed to pay $10,996.20
Element VII:
Procedures and System for Prompt Response to
Compliance Issues
 Conducting a Timely and Reasonable Inquiry of
Detected Offenses
 Investigation into any issue of noncompliance or FWA
 ASAP – no later than 2 weeks after identified
Element VII:
Procedures and System for Prompt Response to
Compliance Issues
 Corrective Actions
 Correct the cause of FWA or noncompliance
 Must include a timeframe to complete
 Detailed in writing
 Consequences of failing to implement

May include termination
 Monitor implementation
Element VII:
Procedures and System for Prompt Response to
Compliance Issues
 Procedures for Self-Reporting Potential FWA and
Significant Noncompliance
 Voluntary
 Recommended for an effective compliance program
 Can report to OIG
CMS-Issued Fraud Alerts
 Sent to plan sponsors
 Fraud schemes identified by CMS or law enforcement
 Plan sponsors must respond:
 Review contracts with providers

Consider termination
 Review claims

May recover claims involved
 FWA Investigation

Could withhold payment
Fraud Suspect??
 2012: Fraud Alert?
 Many “Sunshine” pharmacies in Florida

No common ownership
 Began to receive FWA investigation notices



Many received notices from multiple plan sponsors
Some plans were withholding payment of claims
 Still allowing processing
Plan sponsors unwilling to disclose any information
Fraud Suspect??
 2013: Florida pharmacist convicted of Fraud against
Medicare, Medicaid and TRICARE
 Operated 3 stores in Florida named “Sunshine”
NBI MEDIC
 National Benefit Integrity Medicare Drug Integrity
Contractor
 Health Integrity, LLC
 Only MEDIC that is responsible for Part D and C
program compliance
 Investigate and monitor plan sponsor compliance and
FWA

Could result in a FDR (pharmacy) audit
 Plan sponsors will also refer suspected FWA for
investigation
CMS Sanctions
 January 15th, 2013
 SilverScript (CVS/Caremark)
 Immediate suspension of marketing and enrolling new
members
 Failed to enroll beneficiaries into correct plans
 Failed to calculate cost-sharing correctly for LIS
 Resulted in millions of members leaving pharmacies
without needed medications
CMS Sanctions
 November 21st, 2013
 Health Alliance Plan (MI)
 CMP of $423,200
 Failed to provide transition supply due to formulary
 Billed patients incorrectly for premiums and late fees
 Failed to provide appropriate notices to patients
How do they know if I’m
compliant?
 2008-2009: Plans first started asking for attestation for
completion of FWA training
 2012: Major revisions to Chapter 9 & 21
 2013: Catamaran attestation requires pharmacy to
attest to ALL 7 elements of Chapter 9 & 21.
 Catamaran has begun onsite compliance audits


30 minute onsite audit
Check for compliance:
 7 elements, HIPAA, licensing requirements, DEA, liability
insurance, OBRA ‘90, storage (include fridge temps)
Penalties for being noncompliant
 2012: CVS/Caremark began fining pharmacies $100
that did not complete the online attestation or retain
proof of completion
 Plans to issue fines up to $500 for 2013 attestations
 TERMINATION!
Assessment Questions
 Which Federal law included Qui Tam provisions
allowing a whistleblower to initiate suit on behalf of
the government?
A. Health Insurance Portability and Accountability Act
B.
C.
D.
E.
(HIPAA)
Stark Statute
False Claims Act (FCA)
Patient Protection and Affordable Care Act (ACA)
All of the above
Assessment Questions
 Which Federal law prohibits a physician from referring
or ordering health care products or services in which
they have a financial relationship?
A. Health Insurance Portability and Accountability Act
B.
C.
D.
E.
(HIPAA)
False Claims Act (FCA)
Patient Protection and Affordable Care Act (ACA)
Stark Statute
All of the above
Assessment Questions
 My pharmacy has been deemed to have met all of the
requirements for FWAC through DMEPOS
accreditation.
A. True
B. False
Assessment Questions
 The following apply to checking exclusion lists:
A. Only the OIG list has to be checked since GSA isn’t
healthcare related
B. Exclusion lists must be checked within 90 days of hire
and at least annually
C. Exclusion lists must be checked prior to hire and at
least monthly
D. A and B
E. A and C
Assessment Questions
 Your Code of Conduct must include which of the
following?
A. Compliance is everyone’s responsibility
B. Principles and values in which you operate
C. That everyone will act ethically
D. Potential FWA and noncompliance is reported
E. All of the above
Questions?
MPA Winter CE + Ski
January 12th, 2014
Jason Walker-Crawford, R.Ph. – PAAS National®, Inc.