Embed Size (px)
Citation preview
Overview
Compliance & Revenue Management
Prepared and Presented by
Mae Regalado and Linda Hagen
Compliance Slide Deck Disclaimer
“This brief presentation will review operational alignment with billing procedures and is strictly informational in nature. While we refer to health law and regulations, we are not providing legal advice and nothing in this presentation or in what is said should be construed as legal advice. If you need help answering legal questions or have concerns about your organization’s compliance, you should contact your legal counsel. She/he may be able to provide you with guidance or may make a referral to a specialist.”
Presentation Outline1. Overview: Why are we talking about
Compliance?
2. Context: Federal and State Laws related to reimbursement
3. Compliance: What does it mean for providers to be compliant?
4. Tips and Business Practices
5. Question and Answer Period
Why are we talking about Compliance?
A few startling reasons to talk compliance:• The federal Department of Justice, Office of
Inspector General (OIG), state Medicaid fraud control units, and other enforcement agencies have brought multiple enforcement actions against various health-care practices, including small practices.
• The personal risks of noncompliance have changed too from money return to exclusion from government programs and loss of practice license.
• Administrators can be barred from working in the healthcare industry and clinicians, and managers, can be jailed for healthcare fraud and abuse.
Overview- Health Care Fraud Prevention & Enforcement Action Team (HEAT)
In May 2009, Attorney General Eric Holder and Health and Human Services (HHS) Secretary Kathleen Sebelius announced the creation of the Health Care Fraud Prevention and Enforcement Action Team (HEAT) and renewed their commitment to fighting health care fraud as a Cabinet-level priority at both departments.
Mission of HEAT• To marshal significant resources across government to prevent
fraud, waste and abuse (FWA) in the Medicare and Medicaid programs.
• To crack down on the fraud perpetrators who are abusing the system and costing us all billions of dollars.
• To reduce skyrocketing health care costs and improve quality of care by eliminating the system of perpetrators who are preying on Medicare and Medicaid beneficiaries.
• To highlight best practices by providers and public sector employees who are dedicated to ending FWA .
• To build upon existing partnerships that already exist between the two agencies, including our Medicare Fraud Strike Forces to reduce fraud and recover taxpayer dollars
Context – Federal LawHealth and Healthcare Financing Laws
• Patient Protection and Affordable Care Act (Health Care Reform)
• Mental Health Parity and Addiction Equity Act (MHPAEA)
• Deficit Reduction Act (DRA)
• Consolidated Omnibus Budget Reconciliation Act (COBRA)
• Emergency Medical Treatment and Active Labor Act (EMTALA)
• Children’s Health Insurance Program (CHIP)
Health Information • Health Insurance Portability and Accountability Act (HIPAA)• Code of Federal Regulations (CFR) Title 42, Public Health
Information Technology • Health Information Technology for Economic and Clinical Health (HITECH) Act• Electronic Data Interchange (EDI) Standard Transaction Code Sets (ANSI, X12, HL7) • HIPAA 5010 (X12 revisions)
Context• The laws in the previous slides (and all of the
accompanying amendments, rules and regulations) create the context for the manner in which health care is reimbursed
• Laws are concerned with access to coverage and services, access to information, “fraud, waste and abuse”, right to privacy and security, interoperable infrastructure, and standardized coding that simplifies the administration of health care and reimbursement
• These laws and the agencies responsible for their implementation determine use of such billing-related tools as the ICD-9 (ICD-10 in 2013), National Provider Identifier (NPI), EDI standards, and forms like the UB04 and CMS 1500
Context – Federal Oversight
• Health and Human Services (HHS)
• Centers for Medicare and Medicaid Services (CMS)
• Office of Inspector General (OIG)
• Substance Abuse and Mental Health Services Administration (SAMHSA)
• Office of the National Coordinator for Health Information Technology (ONC)
Context – State Law
• State health insurance laws vary from one state to another
• State Medicaid programs and rules vary from state to state as well
• State Department of Insurance or Insurance Commissioner provides regulatory oversight of health care coverage in each state and enforces state rules specific to his/her state
Context – Local health Plans
• Traditional indemnity health plans (fully insured) and the wide range of managed care plans have to comply with federal and state law
• Self-insured plans (large employers) and their third-party administrators have to comply with federal laws only
What do we mean by Compliance?1. Becoming and remaining basically fluent in the laws, rules,
regulations and policies that govern your business2. Avoiding practices that are wasteful or abusive or otherwise
disadvantage or deceive the payer (including the patient) 3. Avoiding outright fraud and clear violations of the law (seeking
reimbursement for services you didn’t provide, for instance)4. Using correct codes, providing accurate information and
following procedures in a timely manner 5. Using appropriate technology and means to submit billing in
order to produce greater efficiencies while protecting health and financial information
6. Abiding by contract terms and conditions7. Conforming to generally-recognized accounting principles and
demonstrating transparency
Compliance is Evident in…1. Your policies and procedures2. Your information systems and hardware3. Your physical environment4. Your data and reporting5. Your billing practices6. Your employee training7. Your applicable certification and licensure and
standards for professionalism8. Your workflow and business processes, controls,
checks and balances9. Your contracts and agreements10.Your internal audit of all the above
• Data and system interface and interchange (including batch file transfers)
• System security, ID, and password management (protocols concerning access, authentication, authority, intrusion, and vulnerability protection)
• Disaster recovery, back-up and business continuity
• Training
Areas where Compliance Matters
Areas where Compliance Matters• Eligibility verification• Clinical documentation including dates
and signatures• Information/data management and
exchange• Service capture, coding and billing
practices• Cash management and banking
practices
Effective Compliance Program
An “effective compliance program to prevent and detect violations of law should include at least seven elements as listed below:
1. Establish compliance rules and procedures to reduce the prospect of wrongdoing.
2. Assign high-level personnel to oversee the compliance effort.
3. Prevent delegation of substantial discretionary authority to individuals that might engage in
illegal activities.
4. Communicate the standards and procedures of the program to all employees.
Effective Compliance Program5. Use monitoring and auditing systems to detect
criminal conduct and establish and publicize a reporting system to report criminal conduct without fear of retribution; Some examples for specific items for monitoring include:
Billing for items or services not rendered as claims Submitting claims for supplies and services that are not
reasonable and necessary Double billing Billing for non-covered services Failure to properly use coding modifiers “Upcoding” (using a higher reimbursement code than the code
reflecting the service rendered) Improper billing for incident-to services
Effective Compliance Program
6. Consistently enforce the standards through disciplinary mechanisms, including discipline of individuals responsible for the failure to detect an offense.
7. Periodically improve the program to prevent future offences of the same kind.
Billing Systems and EDI• Common Terms
– ANSI – American National Standards Institute– X12 – the officially-governed set of standards used for EDI– HL7 – Health Level 7, Inc. – a not-for-profit standards
corporation; generally speaking, a “set” of record formats or standards designed around the exchange of clinical or health data
– NCPDP – National Council for Prescription Drug Programs; maintains the standards for pharmacy claims
– FTP – File Transfer Protocol; the variety of technologies and protocols used to transfer information over the internet
– XML – Extensible Markup Language; packaging multiple types of standard record sets to be transmitted simultaneously (“wrapping”)
Law, Rules and Regulations
Contracts
Policies and Procedures
Training
Business Process Workflow
System Configuration
Claim File
Compliance Line-of-Sight
Tips & Business Practices
Compliance: Internal Audit and Review
• Commonly review for:– Fee schedule and claim pricing– Unique contract requirements– Accuracy – Timeliness– Coding and other data (provider ID, patient ID, diagnosis,
service, place of service, date of service, etc.)– Cash collections– Duplicate claims– Over-billing – Fidelity with privacy and security procedures– Clinical documentation– Validating system transactions and any interfaces
Things you can do now:1. Review billing policies and procedures2. Review contracts and provider billing manuals3. Observe workflow in light of standards4. Assess staff knowledge5. Assess training materials6. Make improvements to workflow and business
processes7. Sample billing data and validate accuracy8. Work with billing system vendor to identify
enhancements including system functionality, configuration, interface, security, and back-up
Compliance: Internal Audit and Review
Billing Systems: IT Assessment• Review of information systems access controls (e.g., ID and
password), authentication protocols, and audit trail capabilities• Review password requests/change protocols, physical plant
access controls, employee confidentiality statements, back-up/archival procedures, back-up media destruction procedures, employee security awareness documents, and other information security policies
• Conduct a visual inspection of the computer systems, network/ telecommunications infrastructure, and workstations providing access to these systems
• Review inventory of all network components including routers, firewalls, gateways, and Remote Access Servers as well as routers, switches, and Internet connections
• Review any existing vulnerability as well as intrusion testing protocols
Billing Systems: IT Assessment• Conduct detailed discussions with IT to:
– Clarify systems processing, configuration or table maintenance functions related to claims that are performed by IT and assess controls, staffing skills, and coordination levels for those activities
– Assess any technical or hardware challenges that may impact claims productivity or the ability of staff to implement any of the potential recommendations (e.g., hardware capacity, equipment availability, upgrade/patch schedules)
– Determine EDI strategy and discuss issues related to claims-related data transmission and inquiry
– Clarify vendor upgrade statuses and gain insight into any pending IT plans for additional upgrades, utilities, or “surround systems” that may impact claims processing
• Contact system and/or EDI vendors, if necessary, to clarify issues and answer any questions arising from the system or operational review; discuss vendor product enhancement plans, tools or other options to address any key issues identified
Needs Assessment• Identify decision-making concerns• Identify need for escalation• Identify issues with manual data entry• Identify calculation concerns• Identify fee schedule concerns• Identify timeliness concerns• Identify claims documentation concerns in relation to
payments• Identify claims submission concerns (related to paper
and electronic “clean claims”) in relation to payments
Needs Assessment• Determine most common reasons for inaccurate
payments• Develop findings and recommendations to address
most prevalent inaccurate payment reasons• Develop recommendations for reports to produce
necessary accuracy, productivity, timeliness, and incentives data
• Recommend any necessary training• Recommend updates to policies and procedures
documentation with respect to new benchmarks and workflow modifications
• Recommend ongoing monitoring strategies
Compliance Related Links
Comprehensive Medicaid Integrity Plan (CMIP)https://www.cms.gov/DeficitReductionAct/02_CMIP.asp#TopOfPage
Report to Congresshttps://www.cms.gov/DeficitReductionAct/021_repcongress.asp#TopOfPage
How to Report Fraudhttps://www.cms.gov/FraudAbuseforConsumers/
Provider Audits
https://www.cms.gov/ProviderAudits/
Compliance Related Links
State Program Integrity Support & Assistance
https://www.cms.gov/FraudAbuseforProfs/
Deficit Reduction Act (DRA) of 2005
https://www.cms.gov/DeficitReductionAct/
State Contacts
https://www.cms.gov/apps/contacts/
Medicare Fraud - How to Report
http://www.medicare.gov/FraudAbuse/HowToReport.asp
http://www.thenationalcouncil.org/cs/public_policy/medicaid_deficit_reduction_act
Compliance Training SessionsOIG Announces Free Provider Compliance Training Sessions Around the Country
• The Office of the Inspector General (OIG) at the Department of Health and Human Services has announced it will conduct six free compliance training programs for health care providers in 2011.
• These training sessions will focus on helping attendees understand recent legislation to fight fraud and abuse.
• Sessions will also offer information about how to create effective compliance plans and handle compliance violations.
• The half-day programs will feature speakers from OIG, the Centers for Medicare and Medicaid Services, the U.S. attorneys’ offices, and state Medicaid fraud control units.
• Sessions will be held in Houston, TX (Feb. 16); Tampa, FL (March 2); Kansas City, MO (March 23); Baton Rouge,LA (April 12); Denver, CO (May 3); and Washington, D.C. (May 18). Additional details are available online at http://compliance.oig.hhs.gov/.
Thank You! Questions?
888-898-3280www.ahpnet.com
