David C. Marshall, Esquire April 30, 2015 Latsha Davis & McKenna, P.C.

The Top 10 Compliance Risk Areas for Nursing Facilities in

2015David C. Marshall, Esquire

April 30, 2015Latsha Davis & McKenna, P.C.

The federal government expects Medicare and Medicaid providers to be “self-policing”

A corporate compliance plan is an expectation, and, in the case of SNFs, a mandate

The OIG provides periodic and annual guidance on risk areas for various types of providers◦ Model Compliance Guidance◦ OIG Reports◦ OIG Annual Work Plan

It is incumbent upon an organization’s corporate compliance officer to review and understand the risk areas identified not only by the government, but also within the industry itself, so that the organization can evaluate its operations and prevent/detect compliance issues

Introduction

Identify the 10 most significant risk areas for SNF/NF operations in 2015

Review self-auditing/monitoring techniques to evaluate a SNF/NF provider’s compliance with those risk areas

Provide strategies for assessing and responding to compliance issues

Discuss basic reporting/self-disclosure requirements

Presentation Goals

Department of Health Department of Human Services Department of Aging Centers for Medicare and Medicaid Services Office of the Inspector General Department of Justice Office of the Attorney General MACs, MICs, RACs, ZPICs Whistleblowers Office of Civil Rights

Who Is Watching?

RISK AREA 1Documentation Issues

Documentation is the key to compliance; Virtually all “cases” turn on whether the requisite documentation is available◦ Timeliness ◦Accuracy◦No backdating◦Use proper forms◦ Incomplete or illegible records

IF IT WASN’T DOCUMENTED, IT WASN’T DONE!

Risk Area 1: Documentation Issues

RISK AREA 2

Physician Certifications and Recertifications

Medicare Part A pays for post-hospital skilled nursing care when a physician certifies that a beneficiary needs daily skilled nursing or rehab services that can only be provided on an inpatient basis in a SNF and that care is/was needed for a condition which the individual received inpatient care in a participating hospital

Physician certification must be obtained at admission or as soon thereafter as is reasonable and practicable

Recertifications are required within 14 days of admission and every 30 days thereafter

Recert must indicate:◦ Reasons for the continued SNF care;◦ Estimated time that the beneficiary will need to remain in the SNF; and◦ Plans for home care, if any

Risk Area 2: Physician Certs and Recerts

The regulations do not mandate a specific form◦ Best practice is to develop and use a set form that captures all of the

cert/recert elements◦ Through case law decisions, the ALJs have held that other

contemporaneous documentation which addresses the cert/recert elements can serve as substitute documentation for a formal cert/recert form

Condition of Participation vs. Condition of Payment issues Real life examples RACs are focused on this issue This is a “low hanging fruit” compliance issue that is easily

audited

Risk Area 2: Physician Certs and Recerts

RISK AREA 3Therapy Issues

Level of therapy services indicated affects the RUGs, which in turn determines the payment received ◦ The more acute a resident’s therapy needs and the more therapy

minutes provided in assessment periods to determine RUG rates, the higher the resident’s RUG rate and the higher the SNF’s reimbursement

Both the OIG and CMS are skeptical of the accuracy of assessments that result in higher levels of coding◦ OIG has found that SNFs have increasingly billed for the highest level

of therapy even though the beneficiary characteristics remained the same

◦ Many residents receiving only the minimum minutes to qualify◦ CMS is exploring potential alternatives to existing payment

methodology

Risk Area 3: Therapy Issues

Two recent False Claims Act cases ◦ Life Care Centers of America

Allegations of: Providing unneeded care or unnecessarily extending resident stays to continue to provide therapy

that residents allegedly did not need Billing for care that was not actually provided Billing for therapy care that was not “skilled” Providing care to residents who could not tolerate the care, could not benefit from it or both “Ramping up” care provided during assessment periods, which would then allow for higher RUG

rates and higher reimbursement following those assessment periods, regardless of the minutes actually provided after the assessment periods

Case is being litigated

◦ Extendicare Allegations of:

Clustering therapy sessions ordered for 3x/week around weekends, which inaccurately implied that residents were receiving treatment 5x/week, which is reimbursed at higher rate

“Ramping up? therapy minutes during assessment periods to meet higher RUG levels, without intending to sustain those therapy minutes after assessment periods

Extendicare agreed to pay $38 million and enter into a 5-year CIA


What to do? Must be able to document ◦ the medical need for therapy; ◦ the actual provision of therapy consistent with physician order,

including duration of time on therapy; ◦ the level of therapy provided, indexed to resident ADLs to

justify placement in appropriate RUG category


RISK AREA 4

MDS Assessment Issues

Timing of assessments (are they being done timely?) Capturing and documenting information so that residents

are correctly assigned to the proper RUG category Possibility for miscoding ADLs is high Other areas where miscoding may be a concern:◦ Active diagnosis codes◦ Respiratory therapy◦ Restorative nursing programs

MDS errors can lead to overpayments Ensure that staff is trained on MDS assessment process and

its documentation requirements

Risk Area 4: MDS Assessment Issues

RISK AREA 5

Contractual Compliance Issues

Anti-Kickback Primer◦Prohibits the knowing and willful, direct or indirect,

solicitation, offer, payment or receipt of any remuneration in order to induce or reward the referral or purchase of items or services to be paid for by federal health care programs

AKS impacts everything, from billing, to cost reporting, to contracting, to structuring Joint Venture relationships

How easy is it for the government to review your contractual arrangements?

Risk Area 5: Contractual Compliance Issues Part A. Anti-kickback Issues

Key Points◦Applies to anyone who offers, pays, or accepts kickbacks

Not just vendors Applies to both sides of a transaction/arrangement

◦Voluntary Safe Harbors If all elements of a Safe Harbor are met, the arrangement will not be

prosecuted Transactions not meeting all elements are not per se illegal, but

subject to a facts and circumstances analysis

◦ Intent element “Knowing and willful” – what does that mean?


Safe Harbors that come up most often in SNF/Vendor contracts:◦Personal Services and Management Contracts◦Discounts

Risk Area 5: Contractual Compliance Issues

Part A. Anti-kickback Issues

Personal Services and Management Contracts Safe Harbor◦ Signed writing ◦ Covers all of the services provided for the term and specifies the services to

be provided◦ Term of at least one year◦ Compensation paid is

set in advance consistent with FMV not determined in a manner that takes into account the volume or value of

referrals◦ Services to be performed don’t involve the counseling or promotion of a

business arrangement or other activity that violates any Federal or state law◦ Serves a commercially reasonable business purpose


Stark Primer◦Prohibits a physician from referring Medicare

patients for designated health services (DHS) to an entity with which the physician (or an immediate family member) has a financial relationship Also prohibits the DHS entity from submitting

claims to Medicare for those services resulting from a prohibited referral


Part B. Stark and Physician Contracting

DHS includes◦Lab services◦PT, OT and ST◦Radiology◦DME◦Inpatient and outpatient hospital services



Key Points◦Applies only to physicians (and their immediate

family members)◦Applies only when there is a financial relationship

between a physician (or immediate family member) and an entity furnishing designated health services

◦Must meet an exception ◦Strict liability – intent doesn’t matter!



Financial relationship exists when physician has a direct or indirect ownership or investment interest in, or a direct or indirect compensation arrangement with, an entity that furnishes DHS

Compensation arrangement includes any contract between the physician and a DHS entity that involves payment

SNF Medical Director relationship triggers Stark◦ Financial relationship◦ Medical Director makes referrals for DHS to the SNF and SNF vendors

providing those services◦ Absent satisfaction of an Exception, all “referrals” from the Medical

Director would be “tainted”



Personal Services Exception

◦ Signed writing that specifies the covered services◦ Covers all of the services to be provided by the physician◦ Aggregate services don’t exceed those that are reasonable and necessary for the

legitimate business purpose of the arrangement◦ Term of at least one year◦ Compensation

is set in advance doesn’t exceed FMV is not determined in a manner that takes into account the volume or value of referrals

(except in the case of a physician incentive plan)

◦ Services to be performed don’t involve the counseling or promotion of a business arrangement or other activity that violates any Federal or state law



RISK AREA 6

HIPAA Privacy and Security Issues

OCR audits are coming!◦OCR will soon begin auditing covered entities for

compliance with the HIPAA Privacy and Security Rules

◦Time frame and scope currently unknown HIPAA law now has a whistleblower component Conducting a Risk Assessment is imperative◦Assessment tool found on OCR website◦Rule requires “periodic” risk assessments

Risk Area 6: HIPAA Privacy and Security Issues

Use of mobile devices◦HHS “Wall of Shame” shows that since the breach reporting

requirement became law, 369 reported thefts or losses of laptops or other portable electronics

◦HHS/OCR takes particular interest in these types of cases◦ In 2014, Concentra paid HHS $1,725,220 to resolve

potential violations stemming from stolen laptop◦OCR says, “Encryption is your best defense”

Risk Area 6: HIPAA Privacy and Security Issues

RISK AREA 7

Employing and Contracting with Excluded Individuals

Effect of exclusion is that no Federal health care program may pay for items/services

Furnished by an excluded person or Directed/prescribed by an excluded person

Even if the excluded individual receives no payment (i.e., physician working as a volunteer)

OIG Bulletin (May 2013)◦ Prohibition on payment includes items/services beyond direct patient care – i.e.,

transportation, administrative, and management services◦ Applies when person furnishing items/services either knows or should know of

exclusion◦ Consequences of violating the exclusion

CMP of up to $10,000 for each claimed item/service + assessment Denial of reinstatement to Programs Civil actions or criminal prosecutions

Risk Area 7: Employing and Contracting with Excluded Individuals

Licensure lapses, suspensions, revocations, etc.◦ License revocation or suspension gives the OIG the discretion to exclude a provider◦ Failure to repay student loans can also equal exclusion◦ State licensure implications

To mitigate liability:◦ Check LEIE and state databases prior to employing or contracting and on a monthly

basis thereafter◦ If relying on a contractor to screen, request and maintain screening documentation

from the contractor◦ Include provisions in employment applications and contracts with third-parties that

require the employee or contractor to Confirm that they’re not excluded and that they have all required licenses Indemnify you for any misrepresentation of their exclusion/licensure status Notify you immediately if they become excluded or if their license is revoked, suspended,

etc.

Risk Area 7: Employing and Contracting with Excluded Individuals

RISK AREA 8

Quality of Care Issues

Provision of care to SNF residents is measured against the requirements of participation via the survey process.

A facility that submits claims for payment to the government for services that have repeatedly been deemed substandard (as evidenced by repeated deficiencies), has arguably submitted “false claims” under government theory.

Historically, government has pursued this theory only where repeated deficiencies have led to death or serious bodily injury to residents

Risk Area 8: Quality of Care Issues

Cases◦Pressure sores◦Ulcers◦Nutrition/weight loss◦Burning water◦Low Staffing

“Worthless” vs. “Worth less” services Importance of conducting mock surveys, following

through with QA Committee reviews/recommendations

Risk Area 8: Quality of Care Issues

RISK AREA 9PEPPER Reports

What is PEPPER?◦Program for Evaluating Payment Patterns Electronic Report◦Data report that summarizes a provider’s Medicare claims data

statistics in areas that may be at risk for improper Medicare payment due to billing, coding and/or admission necessity issues

Compares a provider’s claims data statistics with aggregate statistics for other providers in the state, MAC/FI jurisdiction and the nation.

Providers with high billing patterns (at or above the 80th percentile) are identified as “outliers” and are considered at risk for improper Medicare payments

Risk Area 9: PEPPER Reports

SNF Target Areas◦ Therapy RUGS with high ADL◦ Nontherapy RUGs with high ADL◦ Change of therapy assessment◦ Ultrahigh therapy RUGs◦ Therapy RUGs◦ 90+ day episodes of care

Risk of failure to follow-up on identified issues

RISK AREA 9: PEPPER Reports

RISK AREA 10Identification and Return of

Overpayments

An effective compliance plan means that you will conduct self-audits, including billing audits, and inevitably, a billing issue will be found.

The ACA requires providers to return monies to the government within 60 days of “identification”

When is an overpayment “identified”? MACs developing their own reporting forms for return of

identified overpayments Disclosures to MAC vs. OIG/DOH/CMS

Risk Area 10: Identification and Return of Overpayments

CONCLUSION

David C. Marshall, Esq.Latsha Davis & McKenna, P.C.

1700 Bent Creek BoulevardSuite 140

Mechanicsburg, PA 17050Phone: (717) 620-2424

Email: [email protected]

CONTACT

David C. Marshall, Esquire April 30, 2015 Latsha Davis & McKenna, P.C.

Documents

Transcript of David C. Marshall, Esquire April 30, 2015 Latsha Davis & McKenna, P.C.