Is it Time for a Physician Practice Risk Assessment?
Sep 9, 2019
Almost weekly, we’re hearing about another physician practice settlement with the Centers for Medicare and Medicaid Services (CMS). Whether it is a result of a whistleblower or a regulatory audit, these penalties are becoming more frequent.
On a positive note, most providers have a formal compliance program. The question is: is the program working as intended and identifying compliance issues upfront? Providers can be proactive to identify and correct potential issues in their practice by conducting a risk assessment of their compliance program.
Innovative changes in the healthcare industry have increased the scope and complexity of a healthcare organization’s compliance related risks. It is becoming more imperative that an organization perform a robust comprehensive enterprise-wide risk assessment that goes beyond traditional boundaries and reaches more clinical, operational and strategic areas.
Federal laws governing Medicare fraud and abuse include the:
- False Claims Acts (FCA)
- Anti-Kickback Statute (AKS)
- Physician Self-Referral Law (Stark Law)
In fiscal year 2018, there were a total of $2.8 billion in settlements and judgements across various types of healthcare providers, with $2.1 billion arising from lawsuits under the FCA. During this same time period, the government paid out $301 million to the individuals who exposed the false claims. Whistleblowers have played a vital role in unmasking fraudulent schemes that may otherwise evade detection according to the Assistant Attorney General’s Office.
Recent Violations and Settlements
As mentioned, there appears to be an increase in the number of penalties and fines assessed to physician practices. Some recent violations and settlements include:
- A cardiologist paid $5.8 million to resolve a whistleblower allegation of improperly billing federal health care programs for medically unnecessary cardiac stent procedures. This marked the Department of Justice’s third False Claims settlement with the cardiologist and his group. The cardiologist is now excluded from participation in federal health programs for three years.
- A pathology laboratory paid $63.5 million to settle false claim whistleblower lawsuits that it violated the FCA by engaging in improper financial relationships with referring physicians. The settlement resolves allegations that the company violated the Anti-Kickback Statute (AKS)and the Stark Law by providing subsidies to referring physicians for electronic health records (“EHR”) systems and free or discounted technology consulting services.
- Two pain management practices paid $3.3 million to resolve a false claim suit filed by a whistleblower. Service provided by physician assistants and nurse practitioners were allegedly billed as if provided by a physician.
- A urology practice settled for $2.1 million to resolve a whistleblower allegation of improper bundling fraud due to improper use of modifier 25.
- A sports medicine practice paid $790 thousand to settle a whistleblower lawsuit alleging the company knowingly submitted false claims to Medicare and TRICARE. Claims were allegedly billed as one-on-one sessions and were actually conducted in a group setting.
- A Medicare Advantage provider and physician have agreed to pay a total of $5.04 million to resolve allegations that they reported invalid diagnoses to Medicare Advantage plans thereby causing those plans to receive inflated payments from Medicare.
- A Vascular Access Center paid $3.825 million to resolve false claims act allegations for End Stage Renal patients and engaging in an alleged kickback scheme related to referrals for such procedures.
Affordable Care Act Mandated Formal Compliance Programs
Compliance programs had not traditionally been mandatory. Compliance guidance for physician practices was issued by the Office of Inspector General (OIG) in 2000. Since then, many physician practices had developed some type of compliance plan. However, in 2010, the Affordable Care Act required physician practices to establish a formal compliance program.
There are generally seven (7) core elements that are required of an effective compliance program to include:
- Develop and distribute written standards of conduct, as well as written policies and procedures that promote the physician practice’s commitment to compliance.
- Identify and appoint a high-ranking individual within the organization to serve as compliance officer.
- Conduct formal education and training for all levels of employees.
- Establish anonymous reporting systems, preferably through multiple pathways, to encourage individuals to make complaints regarding compliance without fear of retaliation.
- Conduct ongoing internal monitoring and auditing.
- Respond appropriately to detected offenses and develop corrective action.
- Enforce disciplinary standards through well-publicized guidelines.
Monitoring your compliance plan and having applicable protections are critical to meet the challenges of complying with the ever-changing healthcare regulations to avoid significant fines and penalties. Assess the effectiveness of your practice’s compliance programs with our Physician Practice Compliance Risk Checkup.