Medicaid enforcement is a hot topic in Health and Human Services and the U.S. Department of Justice as they jointly issued Health Care Fraud and Abuse Control ("HCFAC") program annual report.
According to the HCFAC report, HHS-OIG investigations resulted in 849 criminal actions against individuals or entities that engaged in crimes related to Medicare and Medicaid. HHS-OIG also excluded 3,214 entities, 1,132 of which were due to convictions for crimes related to Medicare and Medicaid. This robust enforcement is despite the fact that the DOJ and HHS had $30.6 million sequestered from the HCFAC program in FY 2013. In FY 2013, the federal government won or negotiated approximately $4.33 billion in judgments and settlements, resulting in $576 million in federal medicaid money being transferred to the treasury.
Some states require that providers and suppliers complete and submit “Certification of Compliance with the Federal Deficit Reduction Act of 2005” forms that must be filed with the state to ensure compliance with the Deficit Reduction Act ("DRA").
In addition to assuring that necessary policies are in
place, providers and suppliers should also be prepared to deal with a labor
force that is more sophisticated about its opportunities for whistleblowing.
Provider Enrollment
For providers and suppliers, the enrollment process must be
viewed as a high-priority, and compilation of supporting documents and the
completion of lengthy enrollment forms, while more than somewhat tedious, must
be assigned to competent personnel under high-level supervision. These
enrollments are currently done separately by each state despite some earlier
commentary from CMS about hopes to consolidate Medicare and Medicaid enrollment
activities.
ACA Section 6401 required Medicaid state plans to enhance
the scrutiny required for prospective provider and supplier program
enrollments.
•States are required to revalidate enrollments at least
every five years.
•States must conduct site visits (pre- and post-enrollment)
for providers who are in the designated categories of high or moderate risk,
and must require providers to agree that CMS, the state and other entities may
conduct unannounced site visits at any time at any and all provider locations.
•States must deny or terminate the enrollment of any
provider that is terminated on or after Jan. 1, 2011, under Title XVIII of
Medicare, under the Medicaid program or Children's Health Insurance Program
("CHIP") of any other state. This means that a sanction by another
Medicaid program, such as an enrollment revocation or termination for cause,
can have a reciprocal effect across all other Medicaid enrollments.
Moratoria on New EnrollmentsCompanies seeking to expand to new locations or lines of business should check at an early stage for any federal or state moratoria that may preclude or delay such a strategy. Under provisions added by the ACA, a state may impose temporary moratoria to preclude the enrollment of new providers or impose numerical caps or other limits on such enrollments.
For example, in October 2013, California’s Medi-Cal program imposed a temporary moratorium on the enrollment of clinical laboratories or the change or expansion of provider-of-service categories for an already existing laboratory, subject to certain exemptions.
Some recent court cases have reflected allegations that a provider can violate the federal False Claims Act by submitting Medicaid claims that would violate the Stark Law if submitted under Medicare and then falsely certify Medicaid compliance with the knowledge that the certification was false.
Payment Suspensions Based Upon Credible Allegations of Fraud
For any entity under investigation, the possibility of an
immediate cash flow crisis resulting from a payment suspension must be
considered. Note that some Medicaid programs require a self-report to the
Medicaid agency if a provider discovers it is under investigation.Section 6402(h) of the ACA, amended by 42 U.S.C. Section 1396b(i)(2), provides payments to a provider or supplier that will be suspended pending investigation of credible allegations of fraud, and that there will be no FFP payments in such circumstances if payments are not suspended, unless the state determines there is good cause not to suspend the payments.
CMS has issued regulations applicable to Medicaid
suspensions at 42 C.F.R. 455.23. "Credible allegation of fraud" is not
defined in the statute, but is defined in 42 C.F.R. 455.2 to include
allegations from such sources as fraud hotline complaints, data-mining claims
and patterns identified through provider audits, civil false claims cases and
law enforcement investigations. Although payment suspensions are temporary, no
maximum period of Medicaid payment suspension is set by these federal
regulations, in contrast to similar provisions applicable to Medicare payment
suspensions.
In its recent FY 2013 MFCU Report, OIG-HHS noted that the
Medicaid payment suspension rules put in place by the ACA have not been fully
implemented by the states. State agencies have expressed difficulty with
determining what constitutes a credible allegation of fraud, with the ability
to make determinations in a timely manner and with what should be the standard
for a “good cause” exception.
HHS-OIG indicates that it has undertaken additional reviews
regarding these payment suspensions. Providers and suppliers should expect
states to become more aggressive in their imposition of suspensions based on
credible allegations of fraud in the near future once the noted challenges are
addressed.
State Specific Provisions
Because each state’s Medicaid program is operated by the
state — subject to certain parameters imposed by CMS — each state will have its
own set of fraud, waste and abuse provisions which its providers and suppliers
must comply with. These requirements are commonly found in statutes,
regulations and provider manuals issued by the state, and often require a
working understanding of state-specific peculiarities to navigate through their
maze-like structure.
In some states, there may be other sources that also set
forth requirements for participation. For example, in California, the Medi-Cal
Provider Agreement, a document signed by the provider as a condition for
participation, or continued participation, in Medi-Cal (i.e., California’s
Medicaid program), sets forth the provider’s agreement to 41 different
provisions.
These include acknowledgment that the provider is subject to
several different types of payment suspensions; the provider’s express
agreement to make available its records for inspection by the state agency,
attorney general and the Secretary of HHS; and the acceptance of various time
limits for submission of updates to its enrollment information.
The compliance challenge for providers and suppliers is to
identify where to find the state requirements and how to keep up with them when
they change.Those on a state list will not turn up on the federal list unless HHS-OIG has taken action to exclude them. Similarly, those who are terminated from Medicare participation by CMS will not show up on the HHS-OIG exclusion list.
Some states require that their lists be checked on a monthly
basis. CMS and HHS-OIG have both recommended monthly checks of the HHS-OIG
exclusion lists, but have not made that mandatory.
Medicaid RACsSection 6411 of the ACA extended Medicare’s highly successful Recovery Audit Contractor ("RAC") program to the Medi-Cal program.
CMS required state agencies to enter into contracts with
RACs to identify overpayments and underpayments. The RACs are paid on a
contingent fee basis, just as Medicare RACs — now called “recovery auditors” —
are paid.
In December 2011, CMS issued FAQs which further explained
its expectations for state implementation, including that states were not
required to include managed care claims in the RAC audits as of that time (only
fee-for-service), but might revisit that limitation in the future.
Effective with the ACA’s passage in 2010, Medicare and
Medicaid providers, suppliers and plans are required to report and refund known
overpayments no later then 60 days from the date the overpayment is identified
or the date a corresponding cost report is due, if any. Failure to refund
identified overpayments is grounds for imposition of federal civil monetary
penalties and False Claims Act liability.
The FCA includes provisions which allow whistleblowers to
share generously in the government’s recovery against a provider and, as
discussed above, providers must maintain policies designed to educate their
employees about the FCA to be compliant with the DRA.
Some states, such as New York, have provided comprehensive
guidance as to how providers and suppliers should interpret these provisions
and make necessary refunds.
Even in the absence of specific guidance from a state,
however, the refund statute is in effect and providers and suppliers should
establish policies for promptly identifying, disclosing and refunding any
excess Medicaid payments.
Mandatory Compliance Plans
Prior to the ACA, adoption of compliance programs were
largely voluntary even though the HHS-OIG strongly recommended the adoption of
its compliance plan guidelines for several provider types.
The ACA transformed compliance plans into a requirement for
“provider[s] of medical or other items or services or supplier within a
particular industry sector or category” as a condition of enrollment in
Medicare, Medicaid or CHIP.
HHS, in consultation with the OIG, was tasked with
establishing core elements for the compliance plans for different industry
sectors. These core elements include: (1) written policies and procedures, (2)
compliance officer, compliance committee and high-level oversight, (3)
effective training and education, (4) effective lines of communication, (5)
well-publicized disciplinary standards, (6) effective system for routine
monitoring and auditing and (7) prompt response to compliance issues.
While federal regulations have not yet been issued which
provide further instructions, providers and suppliers should be prepared for
these to be issued. State requirements should also be checked for compliance
requirements. For example, in New York, the OMIG has already provided a
“Compliance Program Review Assessment Form” and also has a form which permits a
New York Medicaid provider to certify that its compliance program
satisfactorily meets the requirements of pertinent state law.
ConclusionAs illustrated by the HHS-OIG and HCFAC reports, Medicaid enforcement is on the rise. The ACA introduced several new areas that create a need for providers to focus on Medicaid compliance efforts. Medicaid compliance will necessitate an understanding of both federal and state requirements.
No comments:
Post a Comment