Your SlideShare is downloading. ×
0
DENISE HALL
PERSHING, YOAKLEY,
& ASSOCIATES, P.C.
THE HIDDEN DANGERS OF TRYING
TO “DO THE RIGHT THING”
A Practical Look at...
Credit: HCCA, “Compliance Babies.” (available at http://youtu.be/znUAyLqyEgQ) 2
WHY WE ARE HERE
• “To Do the Right Thing” in an effective
manner.
• Today’s presentation will focus on the
following eleme...
4
INTERNAL AUDITING
INTERNAL AUDITING
• Routine Audits
 Audit prospectively, not retrospectively.
 Define methodology at the outset.
 Start...
AUDITING TECHNIQUES
AND METHODS
• Retrospective Audits – claims that have already
been billed/paid.
 Used to investigate ...
ROUTINE AUDITING
• Annual Risk Assessment and Audit Plan
 Resources to identify potential risk areas:
‒ Annual OIG Work P...
COMPLIANCE IS NOT JUST A BILLING ISSUE
8
RISK ASSESSMENT TOOL
9
ANNUAL AUDIT PLAN
• Utilize your Working Compliance Committee.
• Working Compliance Committee members
should seek assistan...
INVESTIGATIVE AUDITING
• Internal Identification
 Annual risk assessment
 Compliance Hotline
 Compliance reports
 Inte...
AUDIT DESIGN & ERROR RATE
• Audit Design
 Review Criteria
 Universe/Sample Size Determination
 Random vs. Risk-Based Sa...
AUDITING TOOLS
Audit Report: used to document audit results
and rationale.
13
POTENTIAL IMPACT OF
SIGNIFICANT ERROR RATES
• Self Disclosure
• Significant Overpayment Extrapolation
• Possible Payment S...
HIDDEN DANGERS
• Overexposure
 An improperly defined audit scope can “cast the net too wide.”
 Don’t overwhelm yourself ...
16
CONDUCTING AN
INVESTIGATION
CONDUCTING THE
INVESTIGATION
• Scope
 Define the issues involved.
 Establish the relevant time frame.
 If reimbursement...
CONDUCTING THE
INVESTIGATION
• Carefully consider the need to hit the “Panic
Button” to stop the problem immediately.
 Do...
CONDUCTING THE
INVESTIGATION
• Attorney-client privilege
 Consider for issues with potential high exposure:
‒ Potential d...
CONDUCTING THE
INVESTIGATION
• Identify the investigative team considering:
 The workloads of internal compliance staff a...
CONDUCTING THE
INVESTIGATION
• Interviewing
 Time is of the essence, but don’t rush.
 Confidentiality is key.
 Awarenes...
HIDDEN DANGERS
• Whistleblowers
 Employers cannot retaliate against whistleblowers.
 Consider exit interviews / severanc...
23
TAKING CORRECTIVE
ACTION
CORRECTIVE ACTION PLANS
CORRECTIVE ACTION
“Next to doing the right thing, the most
important thing is to let people know you
are doing the right t...
CORRECTIVE ACTION
PLANS
• Document, document, document – but consider whether
the information is protected;
• Description ...
CORRECTIVE ACTION
PLANS
• Organizational Culture
 Internal communications
 Potential relator considerations
• Having all...
27
TAKING CORRECTIVE
ACTION
MAKING REPAYMENTS
FALSE CLAIMS ACT
LIABILITY
• PPACA expanded False Claims Act (FCA) liability to
include “identified” overpayments not retu...
FALSE CLAIMS ACT
LIABILITY
• CMS’ Examples of “Identified” Overpayments
 A provider reviews billing or payment records an...
EXTRAPOLATION
• OIG Corporate Integrity Agreement standard:
 The sample should be designed to estimate the
overpayment wi...
REPAYMENT LETTERS
• Voluntary Repayment process outlined in Chapter 4
of the Medicare Financial Management Manual.
 Use f...
REPAYMENT LETTERS
32
Medicare Repayment letters must include the following:
REBILLING
• For most Medicare claims, the timely filing limit
is 12 months from the date of service.
• If an audit identif...
HIDDEN DANGERS
• 60-Day Rule
 The date of “identification” is often hard to determine.
 Must clearly identify any overpa...
MONITORING
35
MONITORING
• Where do you start?
• Who is responsible?
• How do you keep track of it all?
• Is there available technology?...
DEFINE YOUR
MONITORING PROCESS
• Obtain leadership buy-in
• Must eliminate silos/protective behavior
• Communicate expecte...
QUESTIONS LEADERSHIP
MAY ASK
• What regulations changed in FY2013/anticipated
to change in FY2014 and what new processes
a...
HIDDEN DANGERS
• Failing to Monitor
 The compliance department should add any identified
compliance concerns to the organ...
40
CASE STUDIES
SCENARIO 1
• Issue: Employee performing a daily task of up-
coding on very expensive DRGs on I/P with all
payers.
 The CC...
SCENARIO 2
• Issue: Wound care services investigation
 Compliance auditors express concerns to
Compliance Office regardin...
THANK YOU
We are happy to answer any questions.
Michelle Calloway
HDJN
(804) 967-9604
mcalloway@hdjn.com
Denise Hall
PYA
(...
Upcoming SlideShare
Loading in...5
×

The Hidden Dangers of Trying to ‘Do the Right Thing:’ A Practical Look at Auditing, Monitoring and Investigation Pitfalls

403

Published on

PYA Principal Denise Hall and Michelle Calloway of Hancock, Daniel, Johnson & Nagle, P.C., copresented at the 2013 American Health Lawyers Association/Health Care Compliance Association Fraud & Compliance Forum in Baltimore. They addressed “The Hidden Dangers of Trying to ‘Do the Right Thing:’ A Practical Look at Auditing, Monitoring and Investigation Pitfalls.” The presentation covered best practices for investigating reported compliance concerns, compliance auditing techniques, repayment practices, and corrective action implementation and monitoring procedures.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
403
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
24
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "The Hidden Dangers of Trying to ‘Do the Right Thing:’ A Practical Look at Auditing, Monitoring and Investigation Pitfalls"

  1. 1. DENISE HALL PERSHING, YOAKLEY, & ASSOCIATES, P.C. THE HIDDEN DANGERS OF TRYING TO “DO THE RIGHT THING” A Practical Look at Auditing, Monitoring, Investigation, and Corrective Action AHLA/HCCA FRAUD AND COMPLIANCE FORUM September 29–October 1, 2013 | Baltimore, MD MICHELLE CALLOWAY HANCOCK, DANIEL, JOHNSON & NAGLE, P.C.
  2. 2. Credit: HCCA, “Compliance Babies.” (available at http://youtu.be/znUAyLqyEgQ) 2
  3. 3. WHY WE ARE HERE • “To Do the Right Thing” in an effective manner. • Today’s presentation will focus on the following elements of an effective Compliance Program:  Internal auditing and monitoring ‒ Routine and investigative  Responding to detected offenses – ‒ Investigating reported or identified compliance concerns and undertaking corrective action ‒ We will also offer some:  Tools for “doing it right”  Hidden dangers to watch out for 3
  4. 4. 4 INTERNAL AUDITING
  5. 5. INTERNAL AUDITING • Routine Audits  Audit prospectively, not retrospectively.  Define methodology at the outset.  Start with a small investigative sample (5-15 units).  Depending on results, it may be necessary to expand the scope of the audit (e.g. 30, 50, 100, statistically valid sample).  Expanded audits should include Compliance Officer’s involvement. • Investigative Audits  Directed by Compliance Department.  Start with a small probe audit (e.g. 30 claims) unless you know the scope of the problem.  Determine the “trigger point.”  Assess whether attorney/client privilege should be invoked.  Methodology driven by the specific facts and issue. 5
  6. 6. AUDITING TECHNIQUES AND METHODS • Retrospective Audits – claims that have already been billed/paid.  Used to investigate past billing compliance issues.  Audit results may lead to a repayment obligation. • Concurrent Audits – claims that have not yet been billed.  Used to monitor ongoing compliance concerns or scheduled audits per the Audit Plan.  If planned correctly, improperly billed claims can be corrected by submitting an adjustment claim.  May reveal need for retrospective auditing (“deliberate ignorance”). 6
  7. 7. ROUTINE AUDITING • Annual Risk Assessment and Audit Plan  Resources to identify potential risk areas: ‒ Annual OIG Work Plan ‒ OIG Compliance Guidance Risk Areas ‒ RAC Approved Issues List ‒ PEPPER reports ‒ State and federal survey and certification reports ‒ Complaint and grievance reports ‒ CIAs with similar facilities  Prioritization is key.  Be realistic.  Consider all your potential risks – not just billing/coding. 7
  8. 8. COMPLIANCE IS NOT JUST A BILLING ISSUE 8
  9. 9. RISK ASSESSMENT TOOL 9
  10. 10. ANNUAL AUDIT PLAN • Utilize your Working Compliance Committee. • Working Compliance Committee members should seek assistance from relevant staff. • Determine the organizations’ specific strengths and weaknesses within the identified risk area. • Develop an improvement plan and audit methodology to review compliance in areas of potential weakness. • Audit compliance and track improvement monthly/quarterly. 10
  11. 11. INVESTIGATIVE AUDITING • Internal Identification  Annual risk assessment  Compliance Hotline  Compliance reports  Internal department audits  Questions from staff • External Identification  External auditors (MAC, RAC, ZPIC, OIG, state Medicaid, OCR)  Being proactive in responding to external audits heightens chances to minimize penalties and further scrutiny. 11
  12. 12. AUDIT DESIGN & ERROR RATE • Audit Design  Review Criteria  Universe/Sample Size Determination  Random vs. Risk-Based Sampling  Probe vs. Statistical sample • Definition of “error”  Financial vs. claim error rate  Net vs. Gross  Internal error rate thresholds 12
  13. 13. AUDITING TOOLS Audit Report: used to document audit results and rationale. 13
  14. 14. POTENTIAL IMPACT OF SIGNIFICANT ERROR RATES • Self Disclosure • Significant Overpayment Extrapolation • Possible Payment Suspension • Referral to Enforcement Agencies • Increased External Scrutiny • Public Perception 14
  15. 15. HIDDEN DANGERS • Overexposure  An improperly defined audit scope can “cast the net too wide.”  Don’t overwhelm yourself or create liability for the organization. • Invalid Sample Selection  Selecting the sample size requires expertise and familiarity with the types of services being audited, the patient population, and payer mix.   The sample selection should be performed with potential for extrapolation in mind. • Error Rate Thresholds  Should be defined ahead of time by the organization.  A conservative error rate threshold is a 5 percent error rate, as this is the rate typically used in OIG Corporate Integrity Agreements. • Not Just a Billing Issue  Proper billing and payment is only a piece of the compliance puzzle.  Don’t forget about ADA compliance, HIPAA compliance, EEOC compliance, FDA compliance, CLIA compliance, etc. • Conflicts of Interest  The audit should be conducted with independence.  Results must appear reliable to internal and external authorities. 15
  16. 16. 16 CONDUCTING AN INVESTIGATION
  17. 17. CONDUCTING THE INVESTIGATION • Scope  Define the issues involved.  Establish the relevant time frame.  If reimbursement: ‒ Identify payer sources involved. ‒ Determine “trigger” and universe of potentially affected claims.  Consider staff interviews, documentation review, claims audits.  Limit (if possible) to specific individuals involved or events triggering the investigation.  Keep the scope narrow to design the process around the key issues as you uncover the “real issue.” 17
  18. 18. CONDUCTING THE INVESTIGATION • Carefully consider the need to hit the “Panic Button” to stop the problem immediately.  Document/billing hold  Pre-payment reviews  Repayments/adjustment bills  Don’t over-react!  Don’t under-react! 18
  19. 19. CONDUCTING THE INVESTIGATION • Attorney-client privilege  Consider for issues with potential high exposure: ‒ Potential dollar amount at stake; ‒ Complexity or severity of the regulatory issue involved; ‒ Number of beneficiaries potentially affected; ‒ Likelihood of uncovering a serious problem requiring a voluntary disclosure to Medicare or other federal payers; ‒ The government’s likelihood of identifying the issue before repayment can be made. ‒ Length of potential non-compliance.  Consider outside legal counsel. ‒ Independence ‒ Develop a strong working relationship ‒ Mark all documentation including investigative notes and correspondence: “CONFIDENTIAL / ATTORNEY-CLIENT PRIVILEGED / ATTORNEY WORK PRODUCT” 19
  20. 20. CONDUCTING THE INVESTIGATION • Identify the investigative team considering:  The workloads of internal compliance staff and the availability of other internal resources;  The complexity or specialization of the issue;  The scope of the investigation (e.g. the universe of claims and mass of documentation to be reviewed);  The dollar amount potentially at stake; and  The sensitivity of the issue being investigated.  The ability of the staff to exercise independence.  When is it appropriate to escalate to executive team / Board. 20
  21. 21. CONDUCTING THE INVESTIGATION • Interviewing  Time is of the essence, but don’t rush.  Confidentiality is key.  Awareness and enforcement of non-retaliation policy is imperative.  Corporate attorney represents the organization, not the individual.  Consider environment / tone / possible demeanor of the witness (cooperative / defensive / veracity).  “Who’s the best man [or woman] for the job?” 21
  22. 22. HIDDEN DANGERS • Whistleblowers  Employers cannot retaliate against whistleblowers.  Consider exit interviews / severance agreements. • Attorney-client privilege  Must document appropriately.  Document the scope of the engagement in writing • Conflicts of Interest  Make sure you have the right people conducting the investigation. • Jumping to Conclusions  Keep an open-mind and don’t overreact. 22
  23. 23. 23 TAKING CORRECTIVE ACTION CORRECTIVE ACTION PLANS
  24. 24. CORRECTIVE ACTION “Next to doing the right thing, the most important thing is to let people know you are doing the right thing.” - John D. Rockefeller  24
  25. 25. CORRECTIVE ACTION PLANS • Document, document, document – but consider whether the information is protected; • Description of the compliance issue; • Description of the investigative audit findings; • Summary of the applicable regulation or policy at issue; • Identification of the cause of the non-compliant practice; • A list of steps taken by the provider to correct the issue:  Immediate cessation of the problem;  Retrospective corrective action (e.g. repayment)  Prospective corrective action (e.g. education of staff, revisions to processes, etc.); and • A plan for future compliance monitoring of the issue to ensure that the corrective actions have remedied the problem permanently (recidivism is a big issue). 25
  26. 26. CORRECTIVE ACTION PLANS • Organizational Culture  Internal communications  Potential relator considerations • Having all the right parties involved in this step • Must have support from all levels – staff to organizational leadership • Putting it in writing – nature, purpose and design • Having responsible parties dedicated to taking the corrective steps 26
  27. 27. 27 TAKING CORRECTIVE ACTION MAKING REPAYMENTS
  28. 28. FALSE CLAIMS ACT LIABILITY • PPACA expanded False Claims Act (FCA) liability to include “identified” overpayments not returned to federal health care programs within 60 days. • “Identified” = the provider “has actual knowledge of the existence of the overpayment or acts in reckless disregard or deliberate ignorance of the existence of the overpayment.” • Required to act “with all deliberate speed” to conduct a “reasonable inquiry” to determine whether an overpayment exists • CMS proposed to implement a 10-year look-back period for purposes of making repayments under the 60-day rule. 28
  29. 29. FALSE CLAIMS ACT LIABILITY • CMS’ Examples of “Identified” Overpayments  A provider reviews billing or payment records and learns that it incorrectly coded certain services, resulting in increased reimbursement.  A provider learns that a patient death occurred prior to the service date on a claim that has been submitted for payment.  A provider learns that services were provided by an unlicensed or excluded individual on its behalf.  A provider performs an internal audit and discovers that overpayments exist.  A provider is informed by a government agency of an audit that discovered a potential overpayment and the provider or supplier fails to make a reasonable inquiry.  A provider supplier experiences a significant increase in Medicare revenue with no apparent reason (such as a new partner added to a group practice or a new focus on a particular area of medicine) and fails to make a reasonable inquiry. 29
  30. 30. EXTRAPOLATION • OIG Corporate Integrity Agreement standard:  The sample should be designed to estimate the overpayment with a 90% confidence level and with a maximum relative precision of 25% of the point estimate. • Use OIG RAT-STATS software. • Consider use of expert statistician to perform extrapolation for higher likelihood of acceptance by payer. 30
  31. 31. REPAYMENT LETTERS • Voluntary Repayment process outlined in Chapter 4 of the Medicare Financial Management Manual.  Use form on MAC websites. • The repayment letter should include:  A summary of how the error was discovered;  A clear outline of the methodology used to quantify the overpayment (including whether statistical sampling was used);  What corrective actions were taken as a result of the discovery; and  Other information necessary to identify the affected claims (including, when possible, a copy of the audit spreadsheet). • Understand differences in government and private payer processes. 31
  32. 32. REPAYMENT LETTERS 32 Medicare Repayment letters must include the following:
  33. 33. REBILLING • For most Medicare claims, the timely filing limit is 12 months from the date of service. • If an audit identifies improperly billed claims within the timely filing period, the claims can typically be re-billed or adjusted with the MAC. • CMS has implemented a new process for rebilling improper Part A inpatient hospital claims under Part B.  Payment Policies Related to Patient Status, 78 Fed. Reg. 50495 (August 19, 2013). 33
  34. 34. HIDDEN DANGERS • 60-Day Rule  The date of “identification” is often hard to determine.  Must clearly identify any overpayments – the clock starts running at identification. • Documentation  Consider attorney-client privilege  Compliance documents are not automatically protected • Excessive Rebilling  Can raise red flags • Beneficiary Repayment and Collection  Responsibility to repay copayments to beneficiaries.  Providers must also collect from beneficiaries if they rebill claims and a copay or deductible is owed. 34
  35. 35. MONITORING 35
  36. 36. MONITORING • Where do you start? • Who is responsible? • How do you keep track of it all? • Is there available technology? • Are we tracking all corrective action plans? How often? • Are we tracking all governmental pre- and post- payment activity? • Did we miss any response to inquiry deadlines? • What percentage of repayment requests are appealed? (ex. RAC Appeals) • Are we reviewing denial activity and determining root cause? • Do we have corrective action plans developed for our unique root cause(s)? 36
  37. 37. DEFINE YOUR MONITORING PROCESS • Obtain leadership buy-in • Must eliminate silos/protective behavior • Communicate expected outcomes and financial risk • Define which regulatory requirements are relevant to the organization • Establish Risk Tolerance • Establish Risk Ownership 37
  38. 38. QUESTIONS LEADERSHIP MAY ASK • What regulations changed in FY2013/anticipated to change in FY2014 and what new processes are needed to address? • What is the impact of regulatory activities? • How effective is our monitoring process? • How do we know our internal efforts are working? • What should we expect for remainder of our fiscal year? Consider a dashboard to report and monitor. 38
  39. 39. HIDDEN DANGERS • Failing to Monitor  The compliance department should add any identified compliance concerns to the organization’s Audit Plan and create a schedule for follow up audits to ensure ongoing compliance.  Inevitably, staff and processes revert to their “old habits.” • Failing to Follow CAP  Failing to abide by a CAP can increase risk for FCA liability for future overpayments because the provider was already on notice of the issue.  Particularly critical when promised in a repayment letter. • Culture / Buy-in  Resources are slim for everyone 39
  40. 40. 40 CASE STUDIES
  41. 41. SCENARIO 1 • Issue: Employee performing a daily task of up- coding on very expensive DRGs on I/P with all payers.  The CCO received an Alertline report that the caller was instructed by their supervisor to bill a higher level of service then is recorded on the documentation and told if they did not do it they would be fired and the supervisor would find another sucker to do it. They up-coded for several months and then decide to report to the CCO. They placed their concern through the Compliance AlertLine and felt that way they could stay anonymous and not lose their job. • What is the next step?  Once reported to the Compliance Dept/CCO, the investigation begins; initially an internal review is conducted on what is known at this point, which was assumed to be only one employee doing this. With the volume discovered from the baseline audit, it was decided to expand the audit to include 2 other coders, which uncovered they were also up- coding. This opens up an unknown timeframe, number of personnel and finance impact to the organization. • What do you do now? 41
  42. 42. SCENARIO 2 • Issue: Wound care services investigation  Compliance auditors express concerns to Compliance Office regarding physician documentation and quality of care. • Considerations  Closed community with physician being heavy admitter.  How far do you take this investigation before involving counsel?  How do you adequately prove or disprove quality of care issues?  How do you protect your organization given the community culture? 42
  43. 43. THANK YOU We are happy to answer any questions. Michelle Calloway HDJN (804) 967-9604 mcalloway@hdjn.com Denise Hall PYA (404) 266-9876 Dhall@pyapc.com 43
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×