Compliance plan guards against fraud and abuse
Compliance plan guards against fraud and abuse
By Rita A. Scichilone, MHSA, RRA, CCS
Professional Management Midwest
Omaha, NE
If your physician practice doesn’t have a written compliance plan in place for adhering to Medicare and Medicaid regulations, take note: All it takes to incur a multimillion-dollar fine is to be found guilty of a False Claims Act violation affecting a few hundred patients. Indeed, providers found guilty of a Medicare violation may be subject to criminal fines, civil damages and forfeitures, civil monetary penalties, or exclusion from the Medicare program.
There are standard elements recommended for all compliance plans. Of course, each plan will be customized to fit each practice. Because of the complexity of current regulations, it is recommended that physicians get legal counsel to determine critical elements of the plan and review the completed plan before implementation.
Key elements of a compliance plan should include:
- Policy statement.
The policy statement will include the practice’s code of conduct. This may include the AMA code or a similar professional creed.
An example could be: "We conduct our business in a manner that meets our high standards for quality patient care, as well as our legal obligations as a health care provider for patients enrolled in health care insurance plans."
- Purpose.
The purpose of the compliance plan should be clearly stated. The purpose is to comply with both the letter and the spirit of government contracting laws and regulations, and with practice policies.
- Definitions and oversight responsibility.
A named individual should be assigned accountability for the compliance plan. This may be a physician in a small practice, or a clinic administrator or medical director in a large one. The compliance officer must be a high-level employee with integrity. This person will forward suspected violations directly to the practice attorney. Larger organizations may have an oversight committee.
- Implementation schedule and scope of plan.
This section details when and how the plan will be introduced and who in the practice will be affected by it.
- Compliance procedures and steps for reporting violations.
This is where you will document areas of risk exposure and the policies you have in place to avoid these risks.
A statement concerning prohibition of alteration or destruction of documents should be included here, with instructions for how to appropriately alter clinical information recorded in error.
The organization’s chain of command should be described, along with a complete step-by-step procedure outlining what happens when a violation of Medicare/Medicaid law is discovered in the organization. Investigative procedures for potential violations should be led by the practice attorney in order to provide the legal protection of the attorney-client privilege. You also may hire outside consultants or accountants through the attorney, which would extend this privilege to them as well.
Describe exactly what an employee should do when the violation is suspected. A telephone hotline or a letter in a drop box may be used. All allegations should remain confidential.
- Consistent enforcement throughout the organization.
Every employee of the organization is subject to the same rules and the same penalties for non-compliance as defined in the plan.
- Training programs outlined.
A key feature concerning training includes documentation of distribution of the plan, and of education provided to practice employees concerning policies and procedures. This may be accomplished by having each employee sign off as receiving the training with the date that it was provided. This establishes proof that an attempt was made to educate staff about ethical business practices.
All employees involved with coding and billing of services to third-party payers must be included. It is important not to delegate discretionary authority to any individual whom you know or should know to have a propensity to engage in illegal activities. The training program should clearly communicate what the rules are and why the rules must be followed.
- Monitoring and evaluation systems.
After implementation of a program, an organization must monitor its performance through audits or other evaluation and compliance activities. Large organizations may have a position called "compliance auditor," who would conduct medical record review with bill comparisons to ensure correct coding and that billing practices are followed.
- Penalties for violation of compliance plan.
Clear consequences should be outlined for infractions of the rules. The organization can provide evidence that the infraction was not condoned by physicians or owners who have ultimate accountability.
Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.