The Basics of Corporate Compliance Doing the Right Thing

Objectives: Understanding Corporate Compliance HIPAA’s Impact How this effects our jobs

Healthcare Abuse & Fraud Healthcare Abuse and Fraud is costing our government billions of dollars. Unethical doctors, hospitals, or other organizations have improperly billed for services,thus escalating healthcare costs for the rest of us.

Healthcare Fraud To combat escalating costs, three governmental agencies are enforcing healthcare regulations.

Three Governmental Agencies Federal Trade Commission Department of Justice Office of the Attorney General

Federal Trade Commission FTC ensures that doctors can no longer be treated to expensive dinners at lavish hotels or attend sporting events at the drug company’s expense. To avoid anti-kickback laws, FTC enforces that drug companies document their time and training. (Kickback is defined as the return of a sum of money or objects already received, typically as the results of pressure, coercion, or secret agreement…The American Heritage Dictionary- 4th ed)

Department of Justice (DOJ) DOJ investigates fraud in nonprofit agencies. Major reimbursement claim systems are being scrutinized and monitored by the DOJ. DOJ looks at due diligence, is it done to validate credentials or licenses? If there are too many non-credentialed employees, the facility doesn’t meet contract guidelines.

Office of the Attorney General Office of the Attorney General investigates outpatient psychiatric services Mental health services in nursing facilities Improper billing of psychiatric services: Individual psychotherapy Psychological Testing Group Therapy

Medicare Help

Program Integrity The office of Program Integrity was developed to: Play a key role in getting providers in compliance with Medicare, by identifying errors and problems. Ask providers for refunds, if it finds the government overpaid. Work with insurance carriers directly and indirectly to help providers comply with Medicare. The office of the Attorney General and the Office of Program Integrity investigates and makes referrals to the DOJ.

Fraud, Waste, Abuse “Analysis suggests that 10 to 12 percent of healthcare expenditures is waste, fraud, and abuse…” Fried of Shaw, Pittman, a healthcare law firm.

For Prosecution of Healthcare Fraud and Abuse Laws, Acts and Statutes For Prosecution of Healthcare Fraud and Abuse

False Claims Act Act was reserved for intentional fraudulent conduct, i.e., where the provider knowingly submitted a false claim.

Examples of Fraudulent Behavior Documenting a contact that did not occur!! Documenting longer contact instead of actual time (ie 1 hour instead of 45 minute contact) Documenting intentionally wrong person, place, time Including time for non-allowable activities into documentation Don’t

Stark Self-Referral Law Prohibits physicians from making self-referrals

Anti-Kickback Statute Prohibits providers from offering patients anything of value Waiving co-payment or deductibles for referrals Inflating charges to beneficiaries in order to cover the amount of the waiver

Christus Health Affiliates Story

HIPAA- Health Insurance Portability and Accountability Act 1996 A New Law Added HIPAA- Health Insurance Portability and Accountability Act 1996

HIPAA: Health Insurance Portability and Accountability Act HIPAA is a multi-faceted law meant to streamline the healthcare system in a high technology age. HIPAA is federal regulation that covers all healthcare providers and their associates.

HIPAA establishes: Consistent standards for uniform transmission of electronic health care claims. Standards for securing storage of data. Most importantly, increases Privacy and Security.

HIPAA’s “PHI” “PHI”- Protected Health Information All individually identifiable health information transmitted or maintained by a covered entity, regardless of form is now protected.

HIPAA: Health Insurance Portability and Accountability Act- Four Parts The Accountability portion of the act created Healthcare crimes: 1. Healthcare Fraud “Accepting benefits or payment for benefits under false or fraudulent pretenses, representations, or promises.” 2. Healthcare Theft or Embezzlement ”Knowingly and willfully taking any money or other assets of a healthcare program for the use of any person other than the rightful owner.”

HIPAA HealthCare Crimes 3. Healthcare False Statements “to make false representations in connection with the delivery of, or payment for, any healthcare benefit or make any material false, fictitious, or fraudulent statements.”

HIPAA Healthcare Crimes 4. Obstruction of Criminal Healthcare Offense Investigations “To obstruct in any way the criminal investigation of a healthcare offense whether by failing to produce subpoenaed records or by inducing others to not communicate with criminal investigators.”

How does this affect us? Hill Country MHMR is a governmental agency. As the local authority for mentally ill and mentally retarded people in 19 counties, we accept money from the state and federal government. How we do business is closely scrutinized.

To Ensure Compliance with all Federal and State Regulations We need to follow our Corporate Compliance Plan

Corporate Compliance Plan The Office of the Attorney General established the Compliance Program Guidance Guidelines to assist providers in preventing the submission of erroneous claims or engaging in unlawful conduct involving Federal healthcare programs.

Components of an Effective Compliance Program Conducting internal monitoring and auditing; Implementing compliance and practice standards; Designating a compliance officer or contact; Conducting appropriate training and education; Developing open lines of communication; Enforcing disciplinary standards through well publicized guidelines.

Statement of Policy and Open Communication HCMHMR Board and Management are committed to providing avenues which ethical issues may be raised, reviewed, and resolved openly and honestly. There is an Open Door Policy where employees are free to express their concerns and to exchange ideas without fear of reprisal.

Corporate Compliance Officer and Compliance Committee A Corporate Compliance Officer (CCO) has been named to ensure state and federal regulations are followed. The CCO is responsible for oversight and corrective action

Gifts and Favors “An occasional lunch or dinner or gift of limited value.” “Monetary gifts or favors in attempt to gain influence or advantage” “Any gift limited in value and consistent with common business courtesies.” Giving monetary gifts is never acceptable.

Compliance/Monitoring and Auditing We are committed to complying with all federal and state laws and regulations. Documentation will follow state and federal guidelines and will be done in a timely manner. All direct care staff will document according to the TAC guidelines, “after each contact.” We will conduct audits and other risk evaluations to monitor compliance as stated in our agency policy and procedure manual.

Compliance/Monitoring and Auditing All staff will be trained in their specialty area. HCMHMR will maintain processes to detect Medicaid/Medicare or other third party compliance offenses. We will initiative corrective action plans. Reporting to the appropriate regulatory authorities. Address consequences when employees or contract providers fail to comply.

Accounting and Reporting Each employee and contract provider will ensure the integrity of the Center by accurately and truthfully recording all corporate information, accounting and operational data through strict adherence to established accounting and business procedures.

Corporate Resources Each employee and contract provider is expected to use corporate resources economically and safeguard corporate assets at all times.

HIPAA Privacy Rule: Written Consent The Privacy Rule requires written consent by a patient before covered entities may use or disclose the patient’s protected health information. Please, Release my heart…

HIPAA Privacy Rule: Minimum Necessary Standard The Minimum Necessary Standard requires that covered entities make “reasonable” efforts to limit access to PHI based upon the minimum information necessary to perform a particular role.

HIPAA Privacy Rule: Right to Request Restrictions Patients have the right to request their healthcare providers communicate to them by “alternative means” or at “alternative locations.” Patients have a right to be “de-listed”. Their name doesn’t have to be on a “patient list.”

Hill Country Community MHMR Center Corporate Code & Media Hill Country Community MHMR Center

Electronic Media All electronic communications systems, including email, internet access, and voice mail are the property of HCMHMR and are to be used primarily for business purposes.

Electronic Media Con’t As all electronic communication systems and messages generated are the property of HCMHMR, they are subject to review at any time. Use HIPAA guidelines to protect the confidentiality, integrity and availability of electronic protected health information.

Controlled Substances Focus The illegal use/abuse or possession of alcohol or any controlled substance in the workplace is unacceptable and will not be tolerated. These acts are illegal and jeopardize the safety of employees, contract providers and consumers. It reduces productivity, reliability and trustworthiness.

Reporting Misconduct

Reporting Misconduct Bring to your supervisor any violation of this Corporate Code of Conduct. Supervisors will suggest an appropriate action.

Reporting Misconduct Reporting will remain confidential unless obliged by professional code of conduct, state or federal law. No employee or contractor will be punished or subjected to reprisal because of good faith reporting.

Whistleblower Protection Whistleblower protection is provided by federal acts and related statutes that shield employees from retaliation for reporting illegal acts of employers. An employer can’t rightfully retaliate in any way, such as discharging, demoting, suspending, or harassing the whistleblower. If an employer retaliates anyway, whistleblower protection might entitle employee to file a charge with a government agency, sue the employer, or both.

Hill Country’s Corporate Compliance Officer Joe Lovelace 866-247-8790 compliance@hillcountry.org

Consequences for not following Cooperate Compliance TERMINATION of employment Referral to Appropriate Authority: Local Police and/or State Police State and/or Federal Attorney General FBI Possible Jail Time and/or Fines

Conclusion Always Do the Right Thing and you’ll be in compliance with HCCMHMRC policies!