Hospital at risk without compliance program
Hospital at risk without compliance program
By Gregory J. Naclerio, JD
Partner and Co-Chair of Health Care Practice
Ruskin, Moscou, Evans & Faltischek
Mineola, NY
(Editor’s note: Naclerio represents hospitals and health care professionals in administrative, regulatory, and licensing matters. He also provides criminal defense and counsels health care institutions on fraud and abuse.)
If your health care organization does not have a corporate compliance program, most of your assets are in jeopardy. A violation of federal law could exclude your facility from Medicare and Medicaid revenues, among the many other harsh penalties that can be levied by the federal government.
"Corporate compliance programs" originally were designed to ensure that corporations convicted of crimes could avoid the heavy fines associated with the Federal Sentencing Guidelines, fines that can be draconian when leveled against a hospital for violating the False Claims Act, the Anti-Kickback Statute, or similar laws applying to health care. Corporate compliance programs now help hospitals avoid investigation and conviction in the first place. That presents a tremendous opportunity for health care organizations to protect their assets, but most hospital leaders are not taking advantage of that opportunity.
The oversight is particularly worrisome when you consider the federal government’s recent initiatives against fraud in health care, including the 72-Hour Window Project, the PATH 1 and PATH 2 initiatives, Operation Restore Trust, and whistleblower lawsuits. All of those efforts pose threats to hospitals, and corporate compliance programs can greatly reduce the threat.
So what is a corporate compliance program? And how do you go about implementing one?
In essence, a corporate compliance program is the government’s way of giving hospitals the ability to police themselves. The idea was successful when applied to the defense industry, and the concept is being expanded to health care because the level of health care expenditures in the country is so high. The main goal of the plan is to collect on Medicare and Medicaid overbilling so those funds can be returned to the federal government.
The traditional method of collection has been to investigate hospitals for cause and then recover the overbilled amount, plus hefty penalties. In addition, the federal qui tam statute encourages "whistleblowers" people who believe a hospital improperly bills a government program and decide to report it. They can pose a threat from within the hospital in addition to any threat posed by outside auditors. Whistleblowers can commence false civil claims against the facility on behalf of the government and, if successful, share any proceeds recovered, including the significant penalties that can be imposed.
The implementation of a compliance program helps prevent these dire consequences in major ways. First, it causes the hospital to examine those areas that could be vulnerable to federal action. A number of areas in addition to billing, such as the Stark Law, private inurement, and OSHA and EMTALA violations, can subject the hospital to federal enforcement penalties. These areas are reviewed in the course of a compliance program, and deficiencies in the systems are corrected to prevent violations from occurring.
Second, the promulgation of a code of conduct and a system whereby violations or suspected violations of law can be reported to senior management gives management the opportunity to correct such matters before a federal audit or qui tam lawsuit.
Third, it is the government’s policy to encourage health care institutions to police themselves. That means the government is somewhat lenient in cases brought to its attention. Government officials have indicated that, short of false claims submitted intentionally or with "reckless disregard," a return of any overpayment directly through the fiscal intermediary will resolve the issue.
Fourth, a compliance program provides a way to mitigate the damages from an intentional false claim. If the hospital discovers such a false claim, it can take advantage of the Voluntary Disclosure Program to lessen the damages.
Fifth, the creation of the hospital’s own compliance program, assuming it is effective, will lessen the chance that the government will foist its version upon the hospital. The government’s compliance program, imposed as part of an overall settlement, is usually more burdensome than one created by the hospital.
Sixth, and perhaps most important for risk managers, the recently passed Health Insurance Portability and Accountability Act provides for the permissive exclusion of an "officer or managing employee" of an entity convicted of fraud, if the individual did not participate in the wrongdoing.
Don’t be afraid of what you’ll find
Some administrators may be reluctant to conduct a compliance program for fear of what the program may uncover, but that is just ignoring reality. Greater government scrutiny will occur in the future, and if hospitals do not take control of the situation on their own terms, they will have to suffer the full consequences a government audit will impose. The adage "an ounce of prevention is worth a pound of cure" rings true for corporate compliance programs.
Establishing and maintaining a corporate compliance program can be a big job, but delaying can only put the hospital’s assets at greater risk as the government becomes increasingly intent on finding fraud and ethics violations in the health care industry.
Once you have realized the importance of establishing a corporate compliance program, the next hurdle is determining how. The design will differ substantially for each facility, so you will need advice from your own counsel. But these elements are required for any program:
• Conduct a legal audit.
Examine the areas where the hospital is more likely to violate the law. Billing is an obvious candidate, but don’t overlook physician contracts, home health agencies, and compliance with federal safety regulations.
The audit’s goal is to ensure that your current practices comply with applicable laws. Conducting the audit with legal counsel helps protect the findings under the attorney-client privilege.
Create, enforce a code of ethics
• Establish a code of ethics.
The code should be reasonably capable of reducing the prospect of criminal conduct.
• Create a compliance system, using the results of the legal audit and including the code of ethics.
To create a compliance system, include all of these elements:
Appoint a high-level administrator to act as the "compliance officer." This person will take overall responsibility for the program and address possible ethics violations.
Train all employees, subcontractors, and vendors to comply with your code of ethics. Provide training at inception and repeat it yearly. Encourage everyone involved to report ethics violations to the compliance officer.
Investigate all reports of violations immediately. Act quickly to stop the violations.
Be sure not to delegate discretionary authority to anyone who may have a propensity to engage in illegal activity.
Enforce your code of ethics consistently by taking disciplinary action against all violators. The federal compliance program requires that you discipline supervisors who fail to detect an ethics violation by their subordinates.
Ensure that employees comply with the code by using monitoring and auditing systems designed to detect criminal conduct.
[For more information, contact Gregory J. Naclerio, Ruskin, Moscou, Evans & Faltischek, 170 Old Country Road, Mineola, NY 11501. Telephone: (516) 663-6600.]
Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.