Corporate Compliance What Is it? What Does It Mean To Me?

Purpose Of This Session To provide attendees with an understanding of the regulatory environment in which the Agency operates To provide an overview of Corporate Compliance and the components of a Corporate Compliance Plan To provide attendees with an understanding of documentation requirements

Laws and Regulations Employment and discrimination Governance, licensing & certification Protection from abuse Health and safety Physical environment Service provision Billing and reimbursement

Laws and Regulations To comply with the laws and regulations, the Agency develops:  Policies,  Procedures  Practices

What is Corporate Compliance? A long term commitment by an organization to conduct business in a manner that promotes compliance, continually monitor for compliance, and create systems that allow it to be responsive to changes in the regulatory environment.

Regulatory History Health Insurance Portability and Accountability Act of 1996 (HIPAA)  Increased resources for detecting fraud  Expanded power and authority of enforcement agencies  Creation of Health Integrity and Protection Data bank Balanced Budget Act of 1997 (BBA)  Agencies work together/share information  Enhanced authority for exclusions  Beneficiary Incentives  hotline for reporting fraud

Regulatory History False Claims Act  Enacted during Civil War, revised in 1986  Prohibits the submission of a false claim or making a false statement in order to secure payment of a false or fraudulent claim from the Government  Fines of $5,500 - $11,000/claim

Medicaid New York State by far spend the most in Medicaid dollars. 50 Billion Dollars. An average of $ per person in Medicaid spending.

Qui Tam Actions  Under the False Claims Act, private persons file on behalf of the government. The qui tam relator (whistleblower) is entitled to 15%-25% of the amount if the government proceeds with the action, or 25%-30% of proceeds if the government does not proceed.

Deficit Reduction Act of 2006  Policies and Procedures are now a requirement for all applicable Medicaid Service providers  Emphasis is on fraud detection and prevention  Training and Education of Staff regarding False Claims Act  Requirement for Protection of Whistleblowers  Encourages State level “qui tam” actions under False Claims Act provisions  Enforcement of State Medicaid laws and regulations is expected/required

Who’s Who? Office of Inspector General (OIG) Health and Human Services (HHS) Center for Medicaid Services (CMS) Department of Justice (DOJ) Federal Bureau of Investigation (FBI) NYS Office of the Attorney General - Medicaid Fraud Control Unit (MFCU) NYS Office of Medicaid Inspector General (OMIG) OMH/OPWDD/DOH/OASAS/SED

Office of the NY State Medicaid Inspector General (OMIG)  Created in 2005, is the first OMIG in nation at the state level  “To coordinate the Medicaid fraud, waste and abuse control activities of…DOH, OMH, OMR/DD, OASAS, OCFS, SED”

The False Claims Act This statute prohibits, among other things:  knowingly presenting or causing to be presented a false or fraudulent claim for payment to the United States;  knowingly making or using, or causing to be made or used, a false record or statement to obtain payment on a false or fraudulent claim;  conspiring to defraud the United States by getting a false or fraudulent claim to be allowed or paid; and  knowingly making or using, or causing to be made or used, a false record or statement to conceal, avoid, or decrease an obligation to pay or transmit money or property to the government.

In Other Words...  presenting a claim that the person knows or should know is false;  presenting a claim for services not provided as claimed;  upcoding;  presenting claims for physician services not provided by a physician;  violation of anti-kickback legislation;  contracting with someone excluded from a federal health care program; and  inducements to referrals or recipients of service

Common Examples Billing for a service that was not provided Billed for days the person was in hospital Documentation is false or inaccurate Billed for more service than provided Service is provided by unqualified staff Billed for service that is not authorized or medically necessary Billed twice for the same service

The False Claims Act Penalties  This statute has teeth; it provides for treble (triple damages) damages and civil penalties of $5,500–$11,000 for each false or fraudulent claim presented for payment  Provider entities or individuals can face criminal or civil prosecution

Fraud misrepresentation, omission, or concealment calculated to deceive.” Abuse “...performing acts that are inconsistent with acceptable business practices.”

Innocent Errors No civil or criminal penalties. Provider must return the funds erroneously claimed. Prosecution would require criminal intent to defraud (criminal) or actual knowledge of the claim being false; reckless disregard or deliberate ignorance of the false claim (civil).

No One is Perfect!!! Honest Mistakes and Innocent Errors Happen You must be able to demonstrate how your internal controls are designed to assure compliance Policies and Procedures relative to returning funds once errors are found Demonstrate that $$$ has been returned in the past

Protections and Safeguards Agency policies, procedures and practices Educated, qualified and trained staff, Communication between management, billing and program staff Internal controls Auditing and monitoring activities

Common Mistakes Not documenting allowable services Not proving medical necessity Not supporting provision of planned services Allowing ineligible/inappropriate providers to provide billed services Implementing unauthorized or expired service/treatment plans Service/treatment plans lack specific interventions/ activities Billing without service documentation

Service Documentation Services must be documented “contemporaneously” with service delivery (at the same time or in close proximity) Documentation must include required elements Documentation must be permanent and legible (able to be read by a reviewer)

Documentation Do’s and Don’ts DO Use full date (mm/dd/yy) Use signature and title on all entries Include date with your signature Use ink not pencil in records No use of “white out,” black markers, or scribbling over….Draw a line, note error, sign and date! Assure documentation is accurate

Documentation Do’s and Don’ts DO Document service delivery promptly Document only for services you provided Only submit claims (billing) for services provided Obtain proper authorization for services

Documentation Do’s and Don’ts Don’t: Document in colored ink or pencil Document anything you have not actually done or observed Leave labeled fields blank Use initials without corresponding signature key Attempt to obliterate errors Alter previous documentation

Service Planning and Delivery Services must be medically necessary Services must be authorized  ISP, IEP, Treatment Plan, Habilitation Plan, Service Plan, Prescription, MD order  Services must be reviewed as required

Service Planning and Delivery Services must be delivered by trained and qualified staff and as specified in the service/treatment plan The effectiveness of the service/treatment plan must be reviewed on a frequent and regular basis The plan must be revised as necessary

Medical Necessity Medicaid only pays for medically necessary services Allowable services Based on diagnosis or disability Staff actions Goal driven Measurable Meaningful Medical necessity must be clearly documented in every plan, note and summary in your program records to someone outside your program.

Keep in Mind… Provider agrees to: (a) Prepare and maintain contemporaneous records demonstrating their right to receive payment…and keep, for 6 years from date care/service furnished, all records necessary to disclose the nature & extent of the service furnished and all information regarding claims for payment by, or on behalf of, the provider… NYCRR Title 18, Section 504.3

Keep in Mind… Provider agrees: (e) To submit claims for payment only for services actually furnished and which were medically necessary… (h) That the information provided in relation to any claim for payment shall be true, accurate and complete; and (i) To comply with the rules, regulations and official directives of the department. NYCRR Title 18, Section 504.3

Code of Conduct  Distributed to all employees with signed acknowledgment of receipt  Written in plain, understandable language  Reviewed and revised with changes in laws and regulations  Written policies and procedures that address key points in the Code of Conduct

Code of Conduct  Written code - applies to all employees and independent contractors  Clearly expresses commitment to compliance by board, management and all employees  Communicates commitment to comply with all federal and state laws, standards and regulations and the prevention of fraud and abuse  Clear expectations for board, management, employees, contractors and agents

Your Responsibilities Attend required training(s) Read Agency’s Corporate Compliance Plan Read and follow Code of Conduct Comply with laws, regulations, and Agency’s policies, procedures and practices Provide and document services according to Service/Treatment Plans Report any issues, concerns or possible violations Keep in mind this training needs to be conducted on an annual basis. Any Questions

Recent Events NYS Attorney General Press Releases AG Recovers $3.4 Million in Settlement from Buffalo-Area Mental Health Provider for Medicaid Over billing 7/14/00

Recent Events AG Recovers $670,000 In settlement with Ulster County Alcoholism Treatment Center. 3/14/01

State Told to Pay Medicaid 436 Million Dollars  6/23/05 NY improperly billed Medicaid for Speech Therapy for services billed by NYC Dept of Education.  Could not verify that services were provided by qualified staff.  42 of 100 claims (42%) lacked adequate documentation to determine if services were actually provided.

Recent Events AG recovers $2.3 Million in settlement with Long Island Substance Abuse Treatment Center 3/15/01

Recent Events  3/27/03 MSC arrested and charged with $ Medicaid fraud for billing for services documented but not provided.  3/19/04 Westchester Nurse Pads work Hours in Health Care Fraud, receives $12,000 in funds.

Any questions Thank You

Corporate Compliance Program Definition …is a set of formal organizational systems intended to prevent, detect and respond to misconduct committed by employees and other agents.

Benefits of a Compliance Plan  You find your ‘weaknesses’ before Medicaid does (Early detection)  Promotes ethical conduct  Communicates agency’s commitment to regulatory compliance  Educated staff (Whistleblower lawsuit protection)  Drives more efficient and effective operations  Improves financial health of agency  Defends the organization; may mitigate paybacks/fines

7 Elements of a Compliance Plan 1. Written Policies and Procedures 2. Compliance Program Oversight 3. Training and Education 4. Effective, Confidential Communications 5. Enforcement of Compliance Standards 6. Auditing and Monitoring 7. Responding to Offenses & Developing a Corrective Action Plan

Written Policies and Procedures Based on Laws, Regulations and Practices Provides direction and guidance to staff Must adhere to them Need to be updated as laws and regulations change Revise as necessary based results of internal or external reviews

Corporate Compliance Policies and Procedures  Code of Conduct  Conflict of Interest  Billing and Reimbursement  Education and Training  Expense Reimbursement  Exclusion or Sanction Screening  Auditing and Monitoring  Internal Reporting Mechanisms  Responding to Governmental Investigations  Document Retention and Destruction  Enforcement of Compliance Standards/Discipline

Compliance Oversight Compliance Officer and Compliance Committee Board and Management Staff Effective methods to report compliance-related issues

Compliance Officer Duties  Developing and implementing policies and procedures (P&P).  Overseeing and monitoring the implementation of the compliance plan on a regular basis.  Directing agency internal audits established to monitor effectiveness of compliance standards.  Providing guidance to management, medical/clinical personnel and individual departments regarding P&P and governmental laws, rules and regulations  Investigating compliance-related issues

Training and Education Is Mandatory and Regular Includes  Content of Agency’s compliance plan  Overview and importance of compliance  Department specific risk areas  Summary of fraud and abuse laws  How to report non-compliance  Confidentiality and non-retaliation for reporting

Effective, Confidential Communications “Open Door” Policy to raise issues with Management Methods to report actual or suspected non-compliance confidentially or anonymously Non-retaliation for reporting actual or suspected non-compliance

Enforcement of Compliance Standards Clear guidance for staff Supervision and monitoring Disciplinary action for non-compliance with laws, regulations, policies, procedures and practices Disciplinary action for failing to report actual or suspected non-compliance

Internal Auditing and Monitoring Objective: Close gap between service delivery and billing  Assure authorization for service (NOD. MD order, signed, effective service/treatment plans)  Process to assure documentation to support claims  Staff meet qualifications  Develop system that promotes adherence and reports shortcomings back to programs  Identify systemic and process problems  Internalize findings  Train  Re-evaluate

Follow-up and Corrective Actions Investigate reports of actual or suspected non-compliance Report findings Develop corrective action plans Review for effectiveness