Healthcare Compliance Programs – What are the Feds thinking these days?
It seems like we have heard about compliance program requirements until our ears are blue – or whatever happens to ears when they are overloaded. The need for an effective compliance program has been discussed so much these days that it has become part of the background noise, especially when we hear about ebola, the Affordable Care Act, HIPAA breaches and so many other topics. But rest assured, the Department of Justice (DOJ) attorneys who develop cases involving fraud and abuse in claims, abusive marketing practices and HIPAA breach events are not distracted by the news of the day. They continue to toil away, many times assisted by whistleblowers in health care organizations who start their own investigations of potential wrongdoing or non-compliance. So it is useful to review some of the recent trends and comments from the investigative branch.
Whistleblowers and Healthcare Compliance Programs – a growth industry!
Whistleblower complaints involving fraud and abuse in claims have continued to increase year after year, growing 15% in fiscal 2013 alone. The reason is simple – whistleblowers can collect up to 25% of the settlement if the government intervenes in a case the whistleblower has filed under the qui tam provisions of the False Claims Act. And of course most whistleblowers have attorneys who are assisting them in filing cases, so the attorneys stand to collect a percentage of the award to the whistlblower. With treble damages plus $11k per claim, there is certainly a lot at stake for any healthcare organization submitting any quantity of claims to government programs.
What to do? Listen to people who bring forward issues or questions about company practices, especially related to billing and claims. Most whistleblowers brought up their concerns internally before filing a qui tam lawsuit and inviting the federal government to become involved. Any organization with a compliance program could be considered to have an ineffective healthcare compliance program if it ignores input from an employee who later is a successful whistleblower.
Are Healthcare Compliance Programs required?
The short answer is no, not by regulation. But most healthcare compliance program guidance for various healthcare organization was issued about 15 years ago. So some federal officials are taking the position that since this guidance has been around so long, most healthcare organizations should have implemented an effective healthcare compliance program by now. And when conducting an investigation into a false claims or fraud and abuse issue, the lack of an effective healthcare compliance program can mean the healthcare organization is knowingly submitting false claims – just by not monitoring itself to ensure it does not submit defective claims! A tortured interpretation perhaps, but they are right about the length of time the guidance has been available, and it certainly undercuts any defense based on “We didn’t know the recommendations on compliance – or what was going on in our own shop”!
What about the tone of your Healthcare Compliance Program?
Does your healthcare compliance program set the right tone? Sounds like a subjective judgement, right? Well, tone can actually be measured – by looking at what the people at the top do and say. One company with world-wide operations only published its compliance program in English, and did not train any of its foreign workers. The DOJ decided that this shortcoming represented an inadequate tone from the senior management of the organization, and reflected on the effectiveness of the compliance program. Another company told local overseas compliance officers not to worry about the wrongdoing they were uncovering – the behavior was approved by the corporate office. Pretty tone-deaf!
Who does your Healthcare Compliance Program official report to?
The DOJ is concerned that an effective healthcare compliance program has to be independent and autonomous when an internal investigation is required. Does this mean the Compliance Officer must report to the CEO and the Board of Directors, instead of to the in-house counsel, if there is one? After all, most internal auditors have reported directly to the CEO to ensure their ability to function independently.
The Federal government is requiring this separation of duties in some circumstances, such as when a healthcare organization is required to enter into a corporate integrity agreement, and the proposed regulations governing ACOs require separation of the duties of in-house counsel and the compliance officer.
There is no regulatory proposal to require such a separation of duties or reporting relationships right now. In any case, the key is always to demonstrate that there were no untoward influences when the time comes to investigate an issue.
What’s the status of your Healthcare Compliance Program?
Well, if you don’t have one, you should seriously think about instituting one. The elements are well known:
- Implementing written policies, procedures, and standards of conduct;
- Designating a compliance officer or contact;
- Conducting effective training and education;
- Developing effective lines of communication;
- Conducting internal monitoring and auditing;
- Enforcing disciplinary standards through well‐publicized guidelines;
- Responding promptly to detected offenses and taking corrective action.
If you have a compliance program, make sure it would be considered effective by conducting internal monitoring, training staff and responding to potential offenses. These days, its only your whole organization that’s at stake!