Corporate compliance: It’s not for Medicare only
Corporate compliance: It’s not for Medicare only
Reporting system may avert legal, regulatory problems
Fraud and abuse. Office of Inspector General (OIG). Operation Restore Trust. Stark II. Wedge audits. Private duty providers that are not Medicare-certified may take comfort in not being intimately familiar with these terms. However, that collective sigh of relief may be premature. The long arm of both federal and state governmental oversight may touch your operations in ways you’ve never thought about.
Private duty providers face a plethora of potential legal and regulatory issues. Depending on the state you operate in, you may be subject to all-payer fraud and anti-kickback laws, common law contract abuse precedents, and statutory consumer protection laws, to name a few.
Being on the wrong side of any one of these areas of exposure could cost your company its license to operate, individual employees their professional license, bring criminal convictions, fines, and malpractice litigation.
"About the only thing that can’t happen is disenrollment from Medicare and Medicaid programs," says Deborah Randall, partner in the health law practice of Arent, Fox, Kintner, Plotkin & Kahn. Randall practices out of the firm’s Washington, DC, office.
Still, with so much scrutiny on Medicare, private duty providers may feel relatively insulated. Randall cautions against such thinking. "With concern for vulnerable populations, health care [generally] is actively reviewed by both federal and state agencies. That includes tangential relationships," she explains.
Compliance plans set expectations
Corporate compliance plans are one means of managing your company’s exposure to regulatory, legal, and even ethical violations. They "establish owners’ expectations about standards of conduct throughout the organization that include appropriate behaviors, documentation, interactions with contractors, suppliers, and referral sources; everything that has a bearing on the reflection of the company," according to Randy Boston, RN, MA, president and chief executive officer of Healthcare Executive Resources, an Austin, TX-based consulting firm.
A corporate compliance program won’t guarantee your organization will never have a violation, but by focusing and streamlining your oversight, it may make the task of compliance easier. It may also increase staff awareness of issues, create a mechanism for reporting concerns and set an ethical tone that will ultimately help you identify potential problems before others do.
Corporate compliance may also give you a competitive edge, Boston says. "In managed care contracts and bidding, one of the things people look for is honesty and integrity. And this is one expression of that," he advises.
Still, some providers may hesitate to develop a formal corporate compliance program because they believe it’s expensive and onerous. But that’s not necessarily so. You can develop a comprehensive and easy-to-administer corporate compliance plan by taking the following actions:
• Make a commitment.
Developing a corporate compliance program requires a commitment of organizational resources, from expense to time spent re-evaluating policies and procedures. "The company owner has to sit and take a hard look at stuff. Making a decision to [develop a program] is a commitment. It’s more than writing it down; it’s living the life. You can’t just say, I have integrity.’ The document can’t sit on a shelf. It must be active," Boston advises.
• Identify exposure areas.
Identify exposure areas by reviewing all contracts and relationships. Keep in mind that your contracting partner’s status with governmental programs may draw you into the requirements of those programs.
For example, if you provide supplemental staffing under contract to a hospital, that agreement makes your company part of that organization and subject to the Medicare and Medicaid regulations under which it operates, Randall says.
Review your existing policies and procedures that involve documentation standards, billing procedures, ethical conduct, other internal control measures, and external relationships, Boston recommends. Include such things as management contracts, acquisition agreements, vendor and supplier relationships, inventory control mechanisms, and relationships with physicians and other referral sources.
Finding potential problems may require some detective work. A common problem is that "people do deals the chief executive officer (CEO) doesn’t know about that have legal or regulatory violations or implicate the company. It happens a lot," says Randall.
Employees may also violate laws or commit ethical breaches without knowing it, and their actions may not surface until you actually implement the plan. (See related article on OIG guidelines, p. 40.)
• Write the plan.
A corporate compliance plan usually includes:
— a proclamation of ethical behavior and standards of conduct;
— written policies and procedures that address exposure areas through accountabilities and control measures;
— identification of a corporate compliance officer and a compliance committee;
— a provision to educate staff;
— a mechanism for staff to report problems and concerns;
— disciplinary actions that result from wrongdoing.
The compliance plan policies and procedures usually already exist in various other policies. "They’re technically in agency policies, but this just puts them in one place," says Bonnie Whorton, MS, executive director of Home Care of Mid-Missouri in Moberly.
• Integrate corporate compliance and performance improvement.
Combining corporate compliance and performance improvement activities will make corporate compliance part of your ongoing review procedures and subject it to the critical thinking used in performance improvement, according to Boston. "It establishes a process to monitor things every day and if you find a mistake, to deal with it," he says.
For example, routinely checking that physician orders are signed before you bill should flag exceptions. This should not only prevent you from submitting incomplete claims, but also help identify process glitches, facilitating correction of both individual and systematic errors.
• Identify a corporate compliance officer.
Designate a senior-level person to address corporate compliance issues, oversee program implementation, and report on its activities to a compliance committee. Some larger, Medicare-certified agencies create a corporate compliance position. If your organization is not substantial or complicated enough for such an expense, add corporate compliance to the responsibilities of a top manager with direct access to the CEO.
"A lot of people use the human resources person, but others choose the [CEO] or quality assurance person. It should not be the CEO, because they’re already at the top of the heap, and the aura of the CEO may decrease the willingness of people to call in," Boston says.
At Home Care of Mid-Missouri, the assistant director serves as the compliance officer. She reports to Whorton.
• Designate a compliance committee.
The corporate compliance committee provides a forum to monitor overall compliance, advise the compliance officer, and develop strategies to improve compliance activities. Usually the CEO and governing body are the members. In organizations without a board of directors, it should include the CEO and senior managers.
The Home Care of Mid-Missouri compliance committee has six members. Four represent the board and senior management. Two represent employee groups; one is a field nurse, and one is an office staff worker, according to Whorton.
• Educate employees.
One of the main purposes of a corporate compliance plan is to raise awareness of potential problems throughout the organization. The effect of someone unintentionally violating a law or creating a conflict can be the same as a willful offense, so it is important that employees understand the breadth of compliance issues. Educate them about the purpose of corporate compliance, the types of potential problems, the monitoring that will occur, and the penalties that may result from violations.
"It’s good doing the training, especially with paraprofessionals so that they know, yes, there’s a mechanism to report problems and there’s a penalty for wrongdoing," says Whorton. "This is common sense stuff. Everyone’s doing it, but now they’ve signed [off on] it."
• Develop a reporting mechanism.
Employees should know what to do and whom to go to when they see a problem or have a concern that impacts on corporate compliance. Not establishing a reporting mechanism and not making clear that employees will not suffer recrimination for bringing issues forward can create a whole set of operating problems.
"If you have [a compliance] statement without an avenue, you will shortly end up with a contorted situation where the employee thinks, They didn’t mean what they said,’ or feels no one listened. They may go outside to Medicare, Medicaid, or the state, or even talk to clients. You will then lose business in a different way. As a client, I may hear an employee grumbling and then you’ll never know I didn’t call. It’s a silent loss," Randall explains.
Home Care of Mid-Missouri uses a compliance hot line, according to Whorton. Since implementing its program about a year ago, the agency has not received any complaints, but it is "important to encourage people to report things and know there’ll be no recrimination," she says.
The company’s compliance policy includes the following statement: "It is the duty of each employee to report any suspected violation to the compliance officer. If you are not comfortable approaching the compliance officer, you should contact a compliance committee member or the agency administrator. If any of us fail to take seriously the importance of this compliance program, the adverse consequence in terms of our business and company image can be extremely serious. Be assured that the company stands ready to assist you in any way, as each of you are the key to making the compliance program a success."
Corporate compliance requires resources at a time when many providers are struggling. It is also "not some magical mystical thing that will protect you," Boston notes. However, "it’s not that hard and it will make the agency stronger," Whorton adds.
Without a spurt in reported violations, life after compliance plan development may seem anticlimactic. However, don’t let inactivity lull you into a false sense of security.
"Don’t get complacent! Just because no one calls up the hotline, it doesn’t mean everything’s OK. You never know when someone is going to come in. Don’t let the government be the first person to tell you have a problem," Boston advises.
Sources
• Randy Boston, RN, MA, President and Chief Executive Officer, Healthcare Executive Resources, 1604 W. 34th St., Austin, TX 78703-1435. Telephone: (512) 458-5211.
• Deborah Randall, Partner, Arent, Fox, Kintner, Plotkin & Kahn, 1050 Connecticut Ave. N.W., Washington, DC 20036-5339. Telephone: (202) 857-6395.
• Bonnie Whorton, MS, Executive Director, Home Care of Mid-Missouri, 102 W. Reed, Moberly, MO 65270. Telephone: (660) 263-1517.
Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.