Office of Inspector General (OIG), HHS.
Notice and comment period.
This Federal Register notice seeks the comments of interested parties on draft compliance guidance developed by the Office of Inspector General (OIG) for individual and small group physician practices. Through this notice, the OIG is setting forth its general views on the value and fundamental principles of individual and small group physician practices' compliance programs, and the specific elements that these practices should consider when developing and implementing an effective compliance program.
To ensure consideration, comments must be delivered to the address provided below by no later than 5 p.m. on July 27, 2000.
Please mail or deliver written comments to the following address: Office of Inspector General, Department of Health and Human Services, Attention: OIG-7P-CPG, Room 5246, Cohen Building, 330 Independence Avenue, S.W., Washington, D.C. 20201.
We do not accept comments by facsimile (FAX) transmission. In commenting, please refer to file code OIG-7P-CPG. Comments received timely will be available for public inspection as they are received, generally beginning approximately 2 weeks after publication of a document, in Room 5541 of the Office of Inspector General at 330 Independence Avenue, S.W., Washington, D.C. 20201 on Monday through Friday of each week from 8 a.m. to 4:30 p.m.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Kimberly Brandt, Office of Counsel to the Inspector General, (202) 619-2078.End Further Info End Preamble Start Supplemental Information
By issuing compliance program guidance, the OIG seeks to engage the private health care community in combating fraud and abuse. In the last few years, the OIG has developed and issued compliance program guidance directed at the following segments of the health care industry: Hospitals; home health agencies; clinical laboratories; third-party medical billing companies; suppliers of durable medical equipment, prosthetics, orthotics and supplies; hospices; Medicare+Choice organizations; and nursing facilities. The development of these types of compliance program guidance is based on the OIG's belief that health care providers and related entities can use internal controls more effectively to monitor adherence to applicable Federal health care statutes, regulations and program requirements.
Copies of these compliance program guidances can be found on the OIG website at http://www.hhs.gov/oig.
Developing Draft Compliance Program Guidance for Individual and Small Group Physician Practices
On September 8, 1999, the OIG published a solicitation notice seeking information and recommendations for developing formal guidance for individual and small group physician practices (64 FR 48846). In response to that solicitation notice, the OIG received 83 comments from various outside sources. In developing this notice for formal public comment, we have considered those comments, as well as previous OIG publications, such as other compliance program guidance and Special Fraud Alerts. In addition, we have also taken into account investigations and audits conducted by the OIG, and have consulted with the Health Care Financing Administration and the Department of Justice.
This draft compliance program guidance for individual and small group physician practices contains seven elements that the OIG has determined are fundamental to an effective compliance program:
- Implementing written policies;
- Designating a compliance officer/contact; Start Printed Page 36819
- Conducting comprehensive training and education;
- Developing accessible lines of communication;
- Conducting internal monitoring and auditing;
- Enforcing standards through well-publicized disciplinary guidelines; and
- Responding promptly to detected offenses and undertaking corrective action.
These elements are contained in previous guidance issued by the OIG. As with previously-issued guidance, this draft compliance program guidance represents the OIG's suggestions on how individual and small group physician practices can best voluntarily establish internal controls to prevent fraudulent or other improper activities. The contents of this guidance are not mandatory or binding, nor is this guidance an exclusive discussion of the advisable elements of a compliance program.
Public Input and Comment in Developing Final Guidance
To ensure that all parties have an opportunity to provide input, we are publishing this guidance in draft form, and welcome all comments from interested parties. The OIG will consider all comments that are received within the above-cited time frame, incorporate any specific recommendations, as appropriate, and prepare a final version of the guidance thereafter for publication in the Federal Register.
Draft Compliance Program Guidance for Individual and Small Group Physician Practices
This compliance program guidance is intended to assist individual and small group physician practices (“physician practices”)  in developing and implementing internal controls and procedures that promote adherence to statutes and regulations applicable to the Federal health care programs (“Federal health care program requirements”) and private insurance program requirements. Compliance programs strengthen the efforts of Government and the private sector to prevent and reduce improper conduct. These programs can also further the mission of all physician practices  to provide quality care to their patients.
Many physicians have expressed an interest in better protecting their practices from the potential for fraudulent or erroneous conduct through the implementation of compliance programs. While the Office of Inspector General (OIG) believes that the great majority of physicians are honest and share our goal of protecting the integrity of Medicare and other Federal health care programs, all health care providers have a duty to ensure that the claims submitted to Federal health care programs are true and accurate. The development of effective compliance programs in physician practices will go a long way toward achieving this goal.
Through this document, the OIG provides its views on the fundamental elements of physician practice compliance programs, as well as the principles that each physician practice should consider when developing and implementing an effective compliance program. While this document presents basic procedural and structural guidance for designing a compliance program, it is not in and of itself a compliance program. Rather, it is a set of guidelines that physician practices should consider when developing and implementing a compliance program. As stated in previous guidance, these guidelines are not mandatory. Nor do they represent an exclusive document of advisable elements of a compliance program. They are a resource to be considered in addition to other OIG outreach efforts, as well as other Federal agency efforts to promote compliance.
A. Benefits of a Compliance Program
The OIG believes that physician practices can gain numerous benefits by implementing an effective compliance program. These benefits may include:
- The development of effective internal procedures to ensure compliance with regulations, payment policies and coding rules;
- Improved medical record documentation;
- Improved education for practice employees;
- A reduction in the denial of claims;
- More streamlined practice operations through better communication and more comprehensive policies;
- The avoidance of potential liability arising from noncompliance; and
- Reduced exposure to penalties.
An effective compliance program is essential for physician practices of all sizes and does not have to be costly or resource-intensive. With the development of a formal program, a physician practice may find it easier to comply with its affirmative duty to ensure the accuracy of claims submitted for reimbursement.
B. Application of Compliance Program Guidance
The OIG recognizes that there is no “one size fits all” compliance program, especially for physician practices. The applicability of these recommendations will depend on the circumstances of the particular physician practice. Each practice should undertake reasonable steps to respond to each of the seven elements of this guidance, depending on the size and resources of that practice.
Compliance programs not only help to prevent fraudulent or erroneous claims, but they may also show that the physician practice is making a good faith effort to submit claims appropriately. Physician practices should view compliance programs as analogous to practicing preventive medicine.
An effective compliance program also sends an important message to a physician practice's employees that while the practice recognizes that mistakes will occur, employees have an affirmative, ethical duty to come Start Printed Page 36820forward and report fraudulent or erroneous conduct, so that it may be corrected.
C. The Difference Between Fraudulent and “Erroneous” Claims to Federal Health Programs
There appear to be significant misunderstandings among physicians regarding the critical differences between fraudulent (intentionally or recklessly false) health care claims on the one hand and innocent “erroneous” claims on the other. Some physicians feel that Federal law enforcement agencies have maligned medical professionals and are focused on innocent billing errors. These physicians are under the impression that innocent billing errors can subject them to civil penalties, or even jail. These feelings and impressions are mistaken.
To these concerns, OIG would like to make the following points. First, we do not disparage physicians, other medical professionals or medical enterprises. In our view, the great majority of them are working ethically to render high quality medical care to our Medicare beneficiaries and to submit proper claims to Medicare.
Second, under the law, physicians are not subject to civil or criminal penalties for innocent errors, or even negligence. The Government's primary enforcement tool, the civil False Claims Act, covers only offenses that are committed with actual knowledge of the falsity of the claim, reckless disregard, or deliberate ignorance of the falsity of the claim. The False Claims Act simply does not cover mistakes, errors, or negligence. The other major civil remedy available to the Federal Government, the Civil Monetary Penalties Law, has exactly the same standard of proof. The OIG is very mindful of the difference between innocent errors (“erroneous claims”) on one hand, and reckless or intentional conduct (“fraudulent claims”) on the other. For criminal penalties, the standard is even higher—criminal intent to defraud must be proved beyond a reasonable doubt. The Attorney General of the United States has stated, “[i]t is not the [Justice Department's] policy to punish honest billing mistakes * * * [or] mere negligence. * * * These are not cases where we are seeking to punish someone for honest billing mistakes.” 
Third, even ethical physicians (and their staffs) make billing mistakes and errors through inadvertence or negligence. When billing errors, honest mistakes, or negligence result in erroneous claims, the physician practice will be asked to return the funds erroneously claimed, but without penalties. In other words, erroneous claims result only in the return of funds claimed in error.
Fourth, innocent billing errors are a significant drain on the programs and all parties (physicians, providers, carriers, fiscal intermediaries, Government agencies, and beneficiaries) need to work cooperatively to reduce the overall error rate. But again, it should be emphasized that civil or criminal penalty action will not be initiated with respect to billing errors due to inadvertence or negligence, or for billings based on a negligent medical judgment.
Finally, it is reasonable for physicians (and other providers) to ask: what duty do they owe the Federal health care programs? The answer is that all health care providers have a duty to reasonably ensure that the claims submitted to Medicare and other Federal health care programs are true and accurate. The OIG continues to engage the provider community in an extensive, good faith effort to work cooperatively on voluntary compliance to minimize errors and to prevent potential penalties for improper billings before they occur. We encourage all physicians and other providers to join in this effort.
II. Compliance Program Elements
A. The Seven Basic Compliance Elements
The OIG believes that every effective compliance program should begin with a commitment by the physician practice to address all of the applicable elements listed below, which are based on the seven elements set forth in the Federal Sentencing Guidelines: 
- Establishing compliance standards through the development of a code of conduct and written policies and procedures;
- Assigning compliance monitoring efforts to a designated compliance officer or contact;
- Conducting comprehensive training and education on practice ethics and policies and procedures;
- Conducting internal monitoring and auditing focusing on high-risk billing and coding issues through performance of periodic audits;
- Developing accessible lines of communication, such as discussions at staff meetings regarding fraudulent or erroneous conduct issues and community bulletin boards, to keep practice employees updated regarding compliance activities;
- Enforcing disciplinary standards by making clear or ensuring employees are aware that compliance is treated seriously and that violations will be dealt with consistently and uniformly; and
- Responding appropriately to detected violations through the investigation of allegations and the disclosure of incidents to appropriate Government entities.
The OIG recognizes that full implementation of all elements may not be feasible for all physician practices. However, as a first step, a good faith meaningful commitment to compliance will substantially contribute to the program's successful implementation. Smaller practices should consider addressing each of the elements in a manner that best suits the practice. By contrast, larger practices should address the elements in a more systematic manner. For example, larger practices can use both this guidance and the Third-Party Medical Billing Compliance Program Guidance to create a compliance program unique to the practice.
The OIG recognizes that physician practices need to find the best way to achieve compliance for their given circumstances. Specifically, the OIG encourages physician practices to participate in other compliance programs, such as the compliance programs of the hospitals or other settings in which the physicians practice. A physician's participation in another provider's compliance program could be a way, at least partly, to satisfy recommended elements of the physician's or physician practice's own compliance program. The OIG encourages this type of collaborative effort, where the content is appropriate to the setting involved, because it provides a means to promote the desired objective without imposing an undue burden or requiring physicians to undertake duplicative action.
B. Written Policies and Procedures
Any effective compliance program should have compliance standards and procedures that will be followed by the practice and that describe the lines of responsibility for implementing the compliance program. Those standards and procedures should be reasonably capable of reducing the prospect of Start Printed Page 36821fraudulent activity while also helping to identify any incorrect billing practices.
1. Code of Conduct
Developing standards of conduct is the first step to an effective compliance program. A good way to begin creating a standard of conduct for a physician practice is by looking at the standards of conduct implemented by other physician practices and/or by requesting information from professional associations to get ideas as to the items to include in a standard of conduct. However, it is important that the physician practice not simply copy another practice's standards. The standards of conduct for the physician practice should be specific to that practice. This can be accomplished by tailoring the standards of conduct to address the particularized needs of the practice.
The practice's expectations with respect to billing and coding, patient care, documentation, and payer relationships should be made clear to practice employees in the form of a code of conduct. This can also be succinctly stated in a practice mission statement. For example, employees should be told that the practice bills only for services that are actually rendered, codes accurately, documents medical necessity and appropriateness, and adheres to all payer contracts.
The concept of commitment to compliance is different from the mere existence of written policies and procedures. This commitment should be clearly established during training and in the practice's policies. Everyone in the practice should understand the obligation to comply with the applicable standards. They should be informed and understand that the organization will take actions to uphold those standards. Upon development, the code of conduct and policies should be distributed and/or made continually available to all employees, contractors and agents, once implemented. These materials should be reviewed at least annually and revised as necessary.
2. Policies and Procedures
The code of conduct should be reinforced with basic policies reaffirming the key points in the code of conduct. The practice's policies should explain in clear and plain language the procedures by which compliance measures are to be incorporated into standard operating practices.
The OIG believes that written policies and procedures are essential to all physician practices, regardless of size and capability. If a lack of resources to develop such policies is genuinely an issue, the OIG recommends that a physician practice focus first on those risk areas most likely to arise in its particular practice. Additionally, if the physician practice relies on a physician practice management company (PPMC) or management services organization (MSO), the practice can incorporate the compliance policies of those entities, if appropriate, into its own policies.
Physician practices can meet the goal of developing policies and procedures by: (1) Developing a written compliance manual; and (2) updating clinical forms periodically to make sure they elicit the data required for the different levels of coding. All written policies and procedures should be tailored to the physician practice where they will be applied.
Areas in which a policy may be helpful to the practice include:
- Employee hiring and retention;
- Creation and maintenance of encounter forms, including the registration form, history and physical form and charge master (superbill and patient statement);
- Coding and billing competency and responsibilities;
- Correct coding initiatives;
- Patient outreach and communication;
- General marketing; and
- Patient quality of care.
Creating a resource manual from publicly available information may be a cost-effective approach for developing policies and procedures. For example, the practice can develop a “binder” that contains the practice's written policies and procedures, relevant HCFA directives and carrier bulletins, and summaries of informative OIG documents (e.g., Special Fraud Alerts, Advisory Opinions, inspection and audit reports). This binder should be regularly updated and should be accessible to all employees. It could also include a summary of the relevant reimbursement requirements of Federal and private payer plans (including those relating to reasonable and necessary services, coding and documentation). In the case of more technical materials, it may be advisable to provide summaries in the handbook and make the source documents available upon request. If individualized copies of this handbook are not made available to all employees, then a reference copy should be available in a readily accessible location.
If updates to the policies and procedures are necessary, those updates should be given to employees. New employees should receive both the code of conduct and policies when hired and be trained on their contents immediately thereafter. As part of the compliance effort, the distribution of the code and policies should be documented.
3. Specific Risk Areas
The OIG recognizes that many physician practices may not have in place policies and procedures to prevent fraudulent or erroneous conduct in their practices. In order to develop policies and procedures, the physician practice should determine what types of fraud and abuse related topics need to be addressed based on its specific needs. One of the most important things in making that determination is a listing of risk areas where the practice may be vulnerable.
To assist physician practices in performing this initial assessment, the OIG has developed a list of potential risk areas affecting physician providers. These risk areas include: (a) Coding and billing; (b) reasonable and necessary services; (c) documentation and (d) improper inducements, kickbacks and self-referrals. This list of risk areas is not exhaustive, or all encompassing. Rather, it should be viewed as a starting point for an internal review of potential vulnerabilities within the physician practice. The objective of such an assessment should be to ensure that key personnel in the physician practice is aware of these risk areas and that steps are taken to minimize, to the extent possible, the types of problems identified. While there are many ways to accomplish this objective, clear written policies and procedures that are communicated to all employees are important to ensure the effectiveness of a compliance program. Specifically, the following are discussions of risk areas for physicians: Start Printed Page 36822
a. Coding and Billing. The identification of risk areas associated with coding and billing should be a major part of any physician practice's compliance program.
The following risk areas associated with billing have been among the most frequent subjects of investigations and audits by the OIG:
- Billing for items or services not rendered or not provided as claimed;
- Submitting claims for equipment, medical supplies and services that are not reasonable and necessary;
- Double billing;
- Billing for non-covered services as if covered;
- Knowing misuse of provider identification numbers, which results in improper billing;
- Billing for unbundled services;
- Failure to properly use coding modifiers;
- Upcoding the level of service provided.
The written policies and procedures concerning proper coding should reflect the current reimbursement principles set forth in applicable statutes, regulations  and Federal, State or private payer health care program requirements and should be developed in tandem with coding and billing standards used in the physician practice. Furthermore, written policies and procedures should ensure that coding and billing are based on medical record documentation. Particular attention should be paid to issues of appropriate diagnosis codes and individual Medicare Part B claims (including documentation guidelines for evaluation and management services). The physician practice should also institute a policy that all rejected claims pertaining to diagnosis and procedure codes be reviewed by the coder. This should facilitate a reduction in similar errors.
b. Reasonable and Necessary Services. The compliance program should provide guidance that claims be submitted only for services that the physician practice finds to be reasonable and necessary in the particular case. The OIG recognizes that physicians should be able to order any tests, including screening tests, they believe are appropriate for the treatment of their patients. However, the physician practice should be aware that Medicare will only pay for services that meet the Medicare definition of reasonable and necessary.
Medicare (and many insurance plans) may deny payment for a service that the physician believes is clinically appropriate, but which is not reasonable and necessary. Thus, when a physician provides services to a patient, he or she should only bill those services believed to be reasonable and necessary for the diagnosis and treatment of a patient. Upon request, the physician practice should be able to provide documentation, such as a patient's medical records and physician's orders, to support the appropriateness of a service that the physician has provided.
c. Documentation. Timely, accurate and complete documentation is critical to nearly every aspect of a physician practice. Therefore, one of the most important physician practice compliance issues is the appropriate documentation of diagnosis and treatment. Physician documentation is necessary to determine the appropriate medical treatment for the patient and is the basis for coding and billing determinations. Most importantly, failure to document properly has the potential to compromise good patient care. Thorough and accurate documentation helps to ensure accurate recording and timely transmission of information.
i. Medical Record Documentation. In addition to facilitating high quality patient care, a properly documented medical record verifies and documents precisely what services were actually provided. The medical record may be used to validate: (a) The site of the service; (b) the appropriateness of the services provided; and (c) the accuracy of the billing. Accurate medical record documentation should comply, at a minimum, with the following principles: 
- The medical record should be complete and legible;
- The documentation of each patient encounter should include the reason for the encounter; any relevant history; physical examination findings; prior diagnostic test results; assessment, clinical impression, or diagnosis; plan Start Printed Page 36823of care; and date and legible identity of the observer;
- If not documented, the rationale for ordering diagnostic and other ancillary services should be easily inferred by an independent reviewer or third party. Past and present diagnoses should be accessible to the treating and/or consulting physician; and
- Appropriate health risk factors should be identified. The patient's progress, his or her response to, and any changes in, treatment, and any revision in diagnosis should be documented.
The CPT and ICD-9-CM codes reported on the health insurance claims form should be supported by documentation in the medical record and the medical chart should contain all required information. Additionally, HCFA and the local carriers should be able to determine who provided the services. These issues can be the root of investigations of inappropriate or erroneous conduct, and have been identified by HCFA and OIG as a leading cause of inappropriate payments.
ii. HCFA 1500 Form. Another documentation area that physician practices should monitor closely is the proper completion of the HCFA 1500 form. The following practices will help ensure that the form has been properly completed:
- Link the diagnosis code with the steps taken to perform an examination and the record of personal history obtained;
- Link a single most appropriate diagnosis with the corresponding procedure code;
- Use modifiers appropriately; and
- Provide Medicare with all information about a patient's other insurance coverage.
d. Kickbacks, Inducements and Self-Referrals. A physician practice should have policies and procedures to ensure compliance with the anti-kickback statute, and the physician self-referral law. Remuneration for referrals is illegal because it can distort medical decision-making, cause overutilization of services or supplies, increase costs to Federal health care programs, and result in unfair competition by shutting out competitors who are unwilling to pay it. Remuneration for referrals can also affect the quality of patient care by encouraging physicians to order services or supplies based on profit rather than the patients' best medical interests.
In particular, arrangements with hospitals, hospices, nursing facilities, home health agencies, durable medical equipment suppliers and vendors are areas of potential concern. In general the anti-kickback statute prohibits knowing and willfully giving or receiving anything of value to induce referrals of Federal health care program business. It is generally recommended that all business arrangements wherein physician practices refer business to an outside entity should be on a fair market value basis. Whenever a physician practice intends to enter into a business arrangement that involves its making referrals, the arrangement should be reviewed by counsel familiar with the anti-kickback statute and physician self-referral statute.
In addition to developing policies to address arrangements with other health care providers and suppliers, physician practices should implement measures to avoid offering inappropriate inducements to patients. Examples of such inducements include routinely waiving coinsurance or deductible amounts without a good faith determination that the patient is in financial need or failing to make reasonable efforts to collect the cost-sharing amount.
Possible risk areas that should be addressed in the policies and procedures include:
- Financial arrangements with outside entities to whom the practice may refer Federal health care program business;
- Joint ventures with entities supplying goods or services to the physician practice or its patients;
- Consulting contracts or medical directorship;
- Office and equipment leases with entities to which the physician refers; and
- Soliciting, accepting or offering any gift or gratuity of more than nominal value to or from those who may benefit from a physician practice's referral of Federal health care program business.
In order to keep current with this area of the law, a physician practice may obtain copies, available on the OIG website, of all relevant OIG Special Fraud Alerts and Advisory Opinions that address the application of the anti-kickback and physician self-referral laws to ensure that the policies reflect current positions and opinions.
4. Retention of Records. A physician practice's policies and procedures should also contain a section on the retention of compliance, business and medical records. These records primarily include documents relating to patient care and the practice's business activities. The physician practice's designated compliance officer should keep an updated binder or record of compliance-related activities. This involves, at a minimum, keeping track of compliance meetings, educational activities, and internal audit results. Particular attention should be paid to documenting violations uncovered by the compliance program and the resulting remedial action. Start Printed Page 36824
Physician practices that implement a compliance program should provide for the development and implementation of a records retention system. This system should establish policies and procedures regarding the creation, distribution, retention, and destruction of documents. In designing a record system, privacy concerns and Federal and State regulatory requirements should be taken into consideration. In addition to maintaining appropriate and thorough medical records on each patient, the OIG recommends that the system include the following types of documents:
- All records and documentation (e.g., billing and claims documentation) required for participation in Federal, State, and private payer health care programs; and
- All records necessary to demonstrate the integrity of the physician practice's compliance process and to confirm the effectiveness of the program.
While conducting its compliance activities, as well as its daily operations, a physician practice should document its efforts to comply with applicable Federal health care program requirements. For example, when a physician practice requests advice from a Government agency (including a Medicare fiscal intermediary or carrier) charged with administering a Federal health care program, the practice should document and retain a record of the request and any written or oral response. This step is extremely important if the practice intends to rely on that response to guide it in future decisions, actions, or claim reimbursement requests or appeals. A log of oral inquiries between the practice and third parties, such as carrier representatives, will help the practice document its attempts at compliance. In addition, in a subsequent investigation these records may become relevant to the issue of whether the practice's reliance was “reasonable” and whether it exercised due diligence in developing procedures and practices to implement the advice.
In short, all physician practices, regardless of size, should have procedures to create and retain appropriate documentation. The following record retention guidelines should be followed:
- The length of time that a physician's medical record documentation is to be retained should be specified in the physician practice's policies and procedures (Federal and State statutes should be consulted for specific time frames);
- Medical records should be secured against loss, destruction, unauthorized access, unauthorized reproduction, corruption, or damage; and
- Policies and procedures should stipulate the disposition of medical records in the event the practice is sold or closed.
C. Designation of a Compliance Officer/Contact
To administer the compliance program, the practice should designate an individual who is responsible for overseeing the compliance program. This person, often called a “compliance officer,” may have duties in addition to serving in this role. This person could be the office manager or the primary biller. The key, however, is that the person be sufficiently independent in his or her position so as to protect against any conflicts of interest that may arise from performing assigned duties and compliance duties. Additional attributes and qualifications that this person should possess include:
- Attention to detail;
- Experience in billing and coding; and
- Effective communication skills, both oral and written, with employees, physicians and carriers.
It is acceptable for a physician practice to designate more than one employee with compliance monitoring responsibility. In lieu of having a designated compliance officer, the physician practice could instead describe in its policies and procedures the compliance functions for which designated employees, known as “compliance contacts,” would be responsible. For example, one employee could be responsible for preparing written policies and procedures, while another could be responsible for conducting or arranging for periodic audits and ensuring that billing questions are answered. Therefore, the compliance-related responsibilities of the designated person or persons may be only a portion of his or her duties.
Another possibility is that one individual could serve as compliance officer for more than one entity. In situations where staffing limitations mandate that the practice cannot afford to designate a person(s) to oversee compliance activities, the practice could outsource all or part of the functions of a compliance officer to a third party, such as a consultant, PPMC, MSO, Independent Physician Association, billing company or professional association. However, if this role is outsourced, the compliance officer should have sufficient interaction with the physician practice to be able to effectively serve as the compliance officer. Outsourced compliance officers, who spend most of their time offsite, will naturally have certain limitations that a physician practice should consider before making such a critical decision.
The primary responsibilities assigned to a compliance officer/contact should include the following:
- Overseeing and monitoring the implementation of the compliance program;
- Establishing methods, such as periodic audits, to improve the practice's efficiency and quality of services, and to reduce the practice's vulnerability to fraud and abuse;
- Periodically revising the compliance program in light of changes in the needs of the practice or changes in the law and in the policies and procedures of Government and private payer health plans;
- Developing, coordinating and participating in a training program that focuses on the elements of the compliance program, and seeks to ensure that training materials are appropriate;
- Ensuring that the HHS-OIG's List of Excluded Individuals and Entities, and the General Services Administration's List of Parties Debarred from Federal Programs have been checked with respect to all employees, medical staff and independent contractors;
- Ensuring that employees and physicians know, and comply with, pertinent Federal and State statutes, regulations and standards; Start Printed Page 36825
- Investigating any report or allegation concerning possible unethical or improper business practices, and monitoring subsequent corrective action and/or compliance.
Each physician practice needs to assess its own practice situation and determine what best suits that practice in terms of compliance oversight.
D. Conducting Effective Training and Education
Education is an important part of any compliance program. Education programs should be tailored to the physician practice's needs and include both compliance and specific training. Training expectations should be commensurate with the size and speciality of the practice.
There are three basic steps for setting up educational objectives:
- Determining who needs training (both in coding and billing and in compliance);
- Determining the type of training that best suits the practice's needs (e.g., seminars, in-service training, self-study or other programs); and
- Determining when the education is needed and how much each person should receive.
Training can be accomplished through a variety of means, including in-person training sessions (i.e., either on site or at outside seminars), distribution of newsletters,  or even a readily accessible office bulletin board. Regardless of the training modality used, a physician practice should ensure that the necessary education is communicated effectively. Simply providing individuals with documents for their own reading and comprehension is seldom sufficient.
1. Compliance Training
Under the direction of the designated compliance officer/contact, both initial and recurrent training in compliance is advisable, both with respect to the compliance program itself and applicable statutes and regulations. The operation and importance of the compliance program, the consequences of violating the policies set forth in the program, and the role of each employee in the operation of the compliance program should also be addressed.
Compliance training should have two goals: (1) All employees should receive training on how to perform their jobs in compliance with the standards of the practice and any applicable regulations; and (2) each employee should understand that compliance is a condition of continued employment. Compliance training should center on explaining why the practice is developing and establishing a code of conduct and written policies and procedures. The training should emphasize that following the policies will not get a practice employee in trouble, but violating the policies will. New employees should be trained on the compliance program within 60 days of their start date and such training should be documented. Thereafter, employees should receive refresher training on an annual basis or as appropriate.
2. Coding and Billing Training
Coding and billing training on the Federal health care program requirements may be necessary for certain members of the physician practice staff depending on their respective responsibilities. Individuals who are directly involved with billing, coding or other aspects of the Federal health care programs should receive extensive education specific to that individual's responsibilities. Items to cover in coding and billing training can include:
- Coding requirements;
- Claim development and submission processes;
- Marketing practices that reflect current legal and program standards;
- The ramifications of submitting a claim for physician services when rendered by a non-physician;
- Signing a form for a physician without the physician's authorization;
- The ramifications of altering medical records;
- Proper documentation of services rendered;
- How to report misconduct;
- Proper billing standards and procedures and submission of accurate bills for services or items rendered to Federal health care program beneficiaries;
- The personal obligation of each person involved in the billing process to ensure claims are properly and accurately submitted;
- The legal sanctions for submitting deliberately false or reckless billings;
- Informing physicians that they cannot receive payment or any type of incentive to induce referrals and that claims should not be submitted for physician services when those services are rendered by a non-physician (unless they follow the applicable Federal health care program requirements, e.g., “incident to” rules).
3. Format of the Training Program
Training may be conducted either in-house or by an outside source. Training at outside seminars, instead of internal programs and in-service sessions, can be an effective way to achieve the practice's training goals. In fact, many community colleges offer certificate or associate degree programs in billing and coding, and professional associations provide various kinds of continuing education and certification programs. Many carriers also offer billing training.
As part of the training, practices should make sure all employees are familiar with at least the key risk areas in this guidance and areas of particular OIG interest as identified in the OIG's Work Plan published each year. The physician practice also needs to work with its third-party billing company, if one is used, to ensure that documentation is of a level that is adequate for the billing company to submit accurate claims on behalf of the physician practice. If it is not, these problem areas should also be covered in the training. In addition to the billing training, physician practices should be certain that updated ICD-9, HCPCS and CPT manuals (in addition to the carrier bulletins construing those sources) are available to all employees involved in the billing process. A source of continuous updates on current billing policies should also be readily available.
Physician practices are not required to have separate education and training programs for both the compliance and coding and billing training. All in-service training and continuing education can integrate compliance issues, as well as other core values adopted by the practice, such as quality improvement and improved patient service, into their curriculum. Start Printed Page 36826
4. Continuing Education on Compliance Issues
There is no set formula for determining how often training sessions should occur. The OIG recommends that there be at least an annual training program for all individuals involved in the coding and billing aspects of the practice. New billing and coding employees should be trained within 60 days of assuming their duties and should work under an experienced employee until their training has been completed.
E. Developing Effective Lines of Communication
An open line of communication is essential to proper implementation of an effective compliance program. Guidance previously issued by the OIG has encouraged the use of several forms of communication between the compliance officer/committee and provider personnel, many of which focus on formal processes and are more costly to implement (e.g., hotlines and e-mail). However, the OIG recognizes that the nature of some physician practices is not as conducive to implementing these types of measures. The nature of a small physician practice dictates that such communication and information exchanges need to be conducted through a less formalized process than that which has been envisioned by prior OIG guidance.
In the small physician practice setting, the communication element can be met by implementing a clear “open door” policy between the physicians and compliance personnel and practice employees. This policy can be implemented in conjunction with less formal communication techniques, such as conspicuous notices posted in common areas and/or the development and placement of a compliance bulletin board where everyone in the practice can go for up-to-date compliance information.
A compliance program's system for effective communication should include the following:
- The requirement that employees report conduct that a reasonable person would, in good faith, believe to be fraudulent or erroneous;
- Creation of a user-friendly process, such as an anonymous drop box, for effectively reporting fraudulent or erroneous conduct;
- Provisions in the policies and procedures that state that a failure to report fraudulent or erroneous conduct is a violation of the compliance program;
- Development of a simple and readily accessible procedure to process reports of fraudulent or erroneous conduct;
- Utilization of a process that maintains the confidentiality of the persons involved in the alleged fraudulent or erroneous conduct and the person making the allegation; and
- Provisions in the policies and procedures that there will be no retribution for reporting conduct that a reasonable person acting in good faith would have believed to be fraudulent or erroneous.
The OIG recognizes that protecting anonymity may be infeasible for small physician practices. However, the OIG believes all practice employees, when seeking answers to questions or reporting potential instances of fraudulent or erroneous conduct, should know to whom to turn for assistance in these matters and should be able to do so without fear of retribution. While the physician practice should always strive to maintain the confidentiality of an employee's identity, it should also make clear that there may be a point at which the individual's identity may become known or may have to be revealed in certain instances.
F. Auditing and Monitoring
An ongoing evaluation process is important to a successful compliance program. This ongoing evaluation should include not only whether the practice's standards and procedures are in fact current and accurate, but also whether or not the compliance program is effective, i.e., whether individuals are properly carrying out their responsibilities and claims are submitted appropriately.
1. Policies and Procedures
It is recommended that the individual(s) in charge of the compliance program also be charged with the responsibility of periodically reviewing the policies and procedures to see if they are current and complete. If the policies and procedures are found to be ineffective or outdated, they should be updated to reflect changes in CPT codes and Government regulations.
2. Claims Submission Audit
In addition to the policies and procedures themselves, bills and medical records should be reviewed for compliance with applicable coding, billing and documentation requirements. The people involved in these self-audits should include the person in charge of billing compliance and a medically trained person (e.g., registered nurse or preferably a physician (physicians can rotate in this position)). Each practice needs to decide for itself whether to review claims retrospectively or concurrently with the claims submission. In the Third-Party Medical Billing Compliance Program Guidance, the OIG recommended that a baseline, or “snapshot,” be used as part of the benchmarking analysis that would enable a practice to judge its progress in reducing or eliminating potential areas of vulnerability.
The practice's self-audits should be used to determine whether:
1. Bills are accurately coded and accurately reflect the services provided;
- Services or items provided are reasonable and necessary;
- Any incentives for unnecessary services exist; and
- Medical records contain sufficient documentation to support the charge.
A baseline audit should examine the claim development and submission process, from patient intake through claim submission and payment, and identify elements within this process that may contribute to non-compliance or that may need to be the focus for improving execution. This audit should establish a consistent methodology for selecting and examining records, and this methodology should serve as a basis for future audits. It should be conducted based on claims submitted during the initial three months after implementation of the education and training program so as to give the physician practice a benchmark against which to measure future compliance effectiveness.
Following the baseline audit, periodic audits could be conducted at least once each year to ensure that the compliance program is being followed. A randomly selected number of medical records could be reviewed to ensure that the coding was performed accurately. Although there is no set formula to how many medical records should be reviewed, a basic guide is two to five Start Printed Page 36827medical records per payer, or five to ten medical records per physician. Of course, the larger the sample size, the greater the confidence in the results. If problems are identified, focused review should be conducted on a more frequent basis. When audit results reveal areas needing additional information or education of employees and physicians, these areas should be incorporated into the training and educational system.
Periodic audits could include the following:
- A valid sample of the practice's top ten denials, or the practice's top ten services provided;
- Confirmation that the physician practice has been using specific codes, as some codes are too general for “reasonable and necessary” purposes;
- A check for data entry errors;
- Confirmation that all orders are written and signed by a physician;
- A check for reasonable and necessary services performed;
- Confirmation that all tests ordered by the physician(s) were actually performed and documented and that only those tests were billed; and
- A review of assignment codes and modifiers to the claims.
One of the most important elements of a successful billing compliance program is appropriate action when the physician practice identifies a problem in its internal audit. This action should be taken as soon as possible, but it is recommended that the action be taken within 60 days from the date the problem is identified. The specific action a physician practice takes should depend on the circumstances of the situation it has identified. In some cases, the action can be as simple as generating a repayment to Medicare or the appropriate payer. Alternatively, the repayment could be effectuated through offsets to other billings, such as undercodings. In others, the physician practice may want to seek legal advice and/or consult with a coding/billing expert to determine the next best course of action. There is no boilerplate solution to how to handle problems that are identified.
It is important that the physician practice monitor its billing program to ensure claims are correctly submitted. If a physician practice identifies, through its internal audits, what it believes is a potential problem, there should be sufficient confidence in the compliance procedures developed by the physician practice to reasonably believe that the problem is in fact a potential issue. Steps should be taken to remedy the situation immediately.
All physician practices should create a system to address how they will respond to and report potential problems. In addition, preserving information relating to identification of the problem is as important as preserving information that tracks the physician practice's reaction to, and solution for, the issue.
G. Enforcing Standards Through Well-Publicized Disciplinary Guidelines
An effective physician practice compliance program includes procedures for enforcing and disciplining individuals who violate the practice's compliance standards. Enforcement and disciplinary provisions are necessary to put teeth into a compliance program.
A physician practice's enforcement and disciplinary mechanisms should ensure that violations of the practice's compliance policies will result in consistent and appropriate sanctions, including the possibility of termination, against the offending individual. At the same time, the practice's enforcement and disciplinary procedures should be flexible enough to account for mitigating or aggravating circumstances. The program should also stipulate that individuals who fail to detect or report violations of the compliance program may also be subject to discipline. Disciplinary actions could include: warnings (oral); reprimands (written); probation; demotion; temporary suspension; discharge of employment; restitution of damages; and referral for criminal prosecution. Inclusion of disciplinary guidelines in in-house training and procedure manuals is sufficient to meet the “well publicized” standard of this element.
Any communication resulting in the finding of non-compliant conduct should be documented in the compliance files by including the date of incident, name of the reporting party, name of the person responsible for taking action, and the follow-up action taken. Physician practices should also conduct checks to make sure all current and potential practice employees are not listed on the OIG or GSA lists of individuals excluded from participation in Federal health care or Government procurement programs.
H. Responding to Detected Offenses and Developing Corrective Action Initiatives
Violations of a physician practice's compliance program, significant failures to comply with applicable Federal or State law, and other types of misconduct threaten a practice's status as a reliable, honest, and trustworthy provider of health care. Fraudulent or erroneous conduct that has been detected, but not corrected, can seriously endanger the reputation and legal status of the practice. Consequently, upon receipt of reports or reasonable indications of suspected noncompliance, it is important that the compliance officer or other practice employee investigate the allegations to determine whether a material violation of applicable law or the requirements of the compliance program has occurred, and, if so, take decisive steps to correct the problem. As appropriate, such steps may include a corrective action plan, the return of any overpayments, a report to the Government,  and/or a referral to law enforcement authorities.
There are several key warning signs of when a compliance program is not working well, e.g., high rates of rejected and/or suspended claims and the placement of a practice on pre-payment review by the carrier. These warning signs should be followed up on immediately and the compliance procedures of the practice changed to prevent the problem from recurring.
As previously stated, the physician practice should take appropriate corrective action, including prompt identification of any overpayment to the affected payer. A knowing and willful failure to disclose overpayments within a reasonable period of time could be interpreted as an attempt to conceal the overpayment from the Government, thereby establishing an independent basis for a criminal violation with respect to the physician practice, as well as any individual who may have been Start Printed Page 36828involved. For this reason, physician practice compliance programs should emphasize that overpayments should be promptly disclosed and returned to the entity that made the erroneous payment.
After an offense has been detected, a physician or group practice should take all reasonable steps to respond to the offense and to prevent similar offenses. The compliance program should provide for a full internal investigation of all reports of detected violations. The goodwill that physicians generate by developing an effective compliance program will quickly dissipate if the physician ignores reports of possible fraudulent activity.
The compliance program procedures should include provisions to ensure that a violation is not compounded once discovered. The individuals involved in the violation should either be retrained, or, if appropriate, terminated. The physician practice may also prevent the compounding of the violation by conducting a review of all confirmed violations, and, if appropriate, self-reporting the violations to the applicable authority. This should be done within 90 days of the discovery of a violation.
The physician practice should recognize that if a violation occurred and was not immediately detected, its compliance program may require modification. Physicians who detect violations should analyze the situation to determine whether a flaw in their compliance program failed to anticipate the detected problem, or whether the compliance program's procedures failed to prevent the violation. In any event, it is prudent, even absent the detection of any violations, for physician practices to periodically review and modify their compliance programs.
Just as immunizations are given to patients to prevent them from becoming ill, physician practices should view the implementation of an effective compliance program as comparable to a form of preventive medicine to protect against fraudulent or erroneous conduct. This compliance program guidance is intended to assist physician practices in developing and implementing internal controls and procedures that promote adherence to Federal health care program and private insurance program requirements. By implementing an effective compliance program, physician practices can help prevent and reduce fraudulent or erroneous conduct in their practices, as well as furthering their mission to provide quality care to their patients.Start Signature
Dated: June 6, 2000.
Michael F. Mangano,
Principal Deputy Inspector General.
Appendix A: Additional Risk Areas
I. Reasonable and Necessary Services
A. Local Medical Review Policy
An area of concern relating to determinations of reasonable and necessary services is the variation in local medical review policies (LMRPs) among carriers. Physicians are supposed to bill the Federal health care programs only for items and services that are reasonable and necessary. However, in order to determine whether an item or service is reasonable and necessary under Medicare guidelines, the physician must apply the appropriate LMRP.
Physician practices are to bill the Federal health programs only for items and services that are covered. In order to determine if an item or service is covered for Medicare, physician practices must be knowledgeable of the LMRPs applicable to their practices jurisdiction. When the LMRP indicates that an item or service may not be covered by Medicare, the physician practice is responsible to convey this information to the patient so that the patient can make an informed decision concerning the health care services he/she may want to receive. Physician practices convey this information through Advanced Beneficiary Notices (ABNs).
B. Advanced Beneficiary Notices
Physicians are required to provide ABNs before they provide services that they know or believe Medicare does not consider reasonable and necessary. A properly executed ABN acknowledges that coverage is uncertain or yet to be determined, and stipulates that the patient promises to pay the bill if Medicare does not. Patients who are not notified before they receive such services are not responsible for payment. The ABN must be sufficient to put the patient on notice of the reasons why the physician believes that the payment may be denied. The objective is to give the patient sufficient information to allow an informed choice as to whether to pay for the service.
Accordingly, each ABN should:
1. Be in writing;
2. Identify the specific service that may be denied (procedure name and CPT/HCPC code is recommended);
3. State the specific reason why the physician believes that service may be denied; and
4. Be signed by the patient acknowledging that the required information was provided and that the patient assumes responsibility to pay for the service.
The Medicare Carrier's Manual  provides that an ABN will not be acceptable if: (1) The patient is asked to sign a blank ABN form; and (2) the ABN is used routinely without regard to a particularized need. The routine use of ABNs is generally prohibited because the ABN must state the specific reason the physician anticipates that the specific service will not be covered.
A common risk area associated with ABNs is in regard to diagnostic tests or services. There are four steps that a physician practice can take to help ensure it is in compliance with the regulations concerning ABNs for diagnostic tests or services:
1. Determine which tests are not covered under national coverage rules;
2. Determine which tests are not covered under local coverage rules such as LMRPs (contact the practice's carrier to see if a listing has been assembled); and
3. Determine which tests are only covered for certain diagnoses.
The OIG is aware that the use of ABNs is an area where physician practices experience numerous difficulties. Practices can help to reduce problems in this area by educating their physicians on the correct use of ABNs, obtaining guidance from the carrier regarding their interpretation of whether an ABN is necessary where the service is not covered, developing a standard form for all diagnostic tests (most carriers have a developed model), and developing a process for handling patients who refuse to sign ABNs.
C. Physician Liability for Certifications in the Provision of Medical Equipment and Supplies and Home Health Services
In January 1999, the OIG issued a Special Fraud Alert on this topic, which is available on the OIG website at www.hhs.gov/oig/frdalrt/index.htm. The following is a summary of the Special Fraud Alert.
The OIG issued the Special Fraud Alert to reiterate to physicians the legal and programmatic significance of physician certifications made in connection with the ordering of certain items and services for Medicare patients. In light of information obtained through OIG provider audits, the OIG deemed it necessary to remind physicians that they may be subject to criminal, civil, and administrative penalties for signing a certification when they know that the information is false or for signing a certification with reckless disregard as to the truth of the information. (See Appendix B and Appendix C for more detailed information on the applicable statutes).
Medicare has conditioned payment for many items and services on a certification signed by a physician attesting that the physician has reviewed the patient's condition and has determined that an item or service is reasonable and necessary. Because Medicare primarily relies on the professional judgment of the treating physician to determine the reasonable and necessary nature of a given service or supply, it is Start Printed Page 36829important that physicians provide complete and accurate information on any certifications they sign. Physician certification is obtained through a variety of forms, including prescriptions, orders, and Certificates of Medical Necessity (CMNs). Two areas where physician certification as to whether an item or service is reasonable and necessary is essential and which can result in fraudulent or erroneous conduct are: (1) home health services; and (2) durable medical equipment.
By signing a CMN, the physician represents that:
1. He or she is the patient's treating physician and that the information regarding the physician's address and unique physician identification number (UPN) is correct;
2. The entire CMN, including the sections filled out by the supplier, was completed prior to the physician's signature; and
3. The information in section B relating to whether the item or service is reasonable and necessary is true, accurate, and complete to the best of the physician's knowledge.
Activities such as signing blank CMNs, signing CMNs without seeing the patient to verify the item or service is reasonable and necessary, and signing a CMN for a service that the physician knows is not reasonable and necessary are activities that can lead to criminal, civil and administrative penalties.
Ultimately, physicians should be sure to carefully review any form of certification (order, prescription or CMN) before signing it to verify that the information contained in the certification is both complete and accurate.
D. Billing for Non-Covered Services as If Covered
In some instances, we are aware that physician practices submit claims for services in order to receive a denial from the carrier, thereby enabling the patient to submit the denied claim for payment to a secondary payer.
A common question relating to this risk is: If the medical services provided are not covered under Medicare, but the secondary or supplemental insurer requires a Medicare rejection in order to cover the services, then would the original submission of the claim to Medicare be considered fraudulent? Under the applicable regulations, the OIG would not consider such submissions to be fraudulent. For example, the denial may be necessary to establish patient liability protections as stated in section 1879 of the Social Security Act (the Act) (codified at 42 U.S.C. 1395pp). As stated, Medicare denials may also be required so that the patient can seek payment from a secondary insurer. In instances where a claim is being submitted to Medicare for this purpose, the physician should indicate on the claim submission that the claim is being submitted for the purpose of receiving a denial, in order to bill a secondary insurance carrier. This step should assist carriers and prevent inadvertent payments to which the physician is not entitled. In some instances, however, the carrier pays the claim even though the service is non-covered, and even though the physician did not intend for payment to be made. When this occurs, the physician has a responsibility to refund the amount paid and indicate that the service is not covered.
II. Physician Relationships With Hospitals
A. The Physician Role in the Patient Anti-Dumping Statute
The Patient Anti-Dumping Statute, 42 U.S.C. 1395dd, is an area that has been receiving increasing scrutiny. The statute is intended to ensure that all patients who come to the emergency department of a hospital receive care, regardless of their insurance or ability to pay. Both hospitals and physicians need to work together to ensure compliance with the provisions of this law.
The statute imposes three fundamental requirements upon hospitals that participate in the Medicare program with regard to patients requesting emergency care. First, the hospital must conduct an appropriate medical screening examination to determine if an emergency medical condition exists. Second, if the hospital determines that an emergency medical condition exists, it must either provide the treatment necessary to stabilize the emergency medical condition or comply with the statute's requirements to effect a proper transfer of a patient whose condition has not been stabilized. A hospital is considered to have met this second requirement if an individual refuses the hospital's offer of additional examination or treatment, or refuses to consent to a transfer, after having been informed of the risks and benefits.
If an individual's emergency medical condition has not been stabilized, the statute's third requirement is activated. A hospital may not transfer an individual with an unstable emergency medical condition unless: (1) The individual or his or her representative makes a written request for transfer to another medical facility after being informed of the risk of transfer and the transferring hospital's obligation under the statute to provide additional examination or treatment; (2) a physician has signed a certification summarizing the medical risks and benefits of a transfer and certifying that, based upon the information available at the time of transfer, the medical benefits reasonably expected from the transfer outweigh the increased risks; or (3) if a physician is not physically present when the transfer decision is made, a qualified medical person signs the certification after the physician, in consultation with the qualified medical person, has made the determination that the benefits of transfer outweigh the increased risks. The physician must later countersign the certification.
Physician and/or hospital misconduct may result in violations of the statute. One area of particular concern is physician on-call responsibilities. Physician practices whose members serve as on-call emergency room physicians with hospitals should make sure they are familiar with the hospital's policies regarding on-call physicians. This can be done by reviewing the medical staff bylaws or policies and procedures of the hospital that must define the responsibility of on-call physicians to respond to, examine, and treat patients with emergency medical conditions. Physicians should also be aware that, in most cases, on-call physicians must come to the hospital to examine the patient when a request is made for their services. If, however, their offices are located in a hospital-owned facility on contiguous land or on the hospital campus, the patient may be seen in the physician's office.
B. Teaching Physicians
Special regulations apply to teaching physicians' billings. Regulations provide that services provided by teaching physicians in teaching settings are payable under the physician fee schedule only if the services are personally furnished by a physician who is not a resident or the services are furnished by a resident in the presence of a teaching physician.
The teaching physician must be present during the key portion of any service or procedure for which payment is sought. Physicians should ensure the following with respect to services provided in the teaching physician setting:
1. Only services actually provided are billed;
2. Every physician who provides or supervises the provision of services to a patient is responsible for the correct documentation of the services that were rendered;
3. Every physician is responsible for assuring that in cases where the physician provides evaluation and management (E and M) services, a patient's medical record includes appropriate documentation of the applicable key components of the E and M services provided or supervised by the physician (e.g., patient history, physician examination, and medical decision making), as well as documentation to adequately reflect the procedure or portion of the services provided by the physician; and
4. Every physician must document his or her presence during the key portion of any service or procedure for which payment is sought.
C. Gainsharing Arrangements and Civil Monetary Penalties for Hospital Payments to Physicians To Reduce or Limit Services to Beneficiaries
In July 1999, the OIG issued a Special Fraud Alert on this topic, which is available on the OIG website at www.hhs.gov/oig/frdalrt/index.htm. The following is a summary of the Special Fraud Alert. Start Printed Page 36830
The term “gainsharing” typically refers to an arrangement in which a hospital gives a physician a percentage share of any reduction in the hospital's costs for patient care attributable in part to the physician's efforts. The civil monetary penalty (CMP) that applies to gainsharing arrangements is set forth in 42 U.S.C. 1320a-7a(b)(1). This section prohibits any hospital or critical access hospital from knowingly making a payment directly or indirectly to a physician as an inducement to reduce or limit services to Medicare or Medicaid beneficiaries under a physician's care.
It is the OIG's position that the CMP law clearly prohibits any gainsharing arrangements that involve payments by or on behalf of a hospital to physicians with clinical care responsibilities, directly or indirectly, to induce a reduction or limitation of services to Medicare or Medicaid patients. However, hospitals and physicians are not prohibited from working together to reduce unnecessary hospital costs through other arrangements. For example, hospitals and physicians may enter into personal services contracts where hospitals pay physicians based on a fixed fee at fair market value for services rendered to reduce costs rather than a fee based on a share of cost savings.
III. Physician Billing Practices
A. Third-Party Billing Services
Physicians should remember that they remain responsible to the Medicare program for bills sent in the physician's name or containing the physician's signature, even if the physician had no actual knowledge of a billing impropriety. The attestation on the HCFA 1500 form, i.e., the physician's signature line, states that the physician's services were billed properly. In other words, it is no defense for the physician if the physician's billing service improperly bills Medicare.
One of the most common risk areas involving billing services deals with physician practices contracting with billing services on a percentage basis. Although percentage based billing arrangements are not illegal per se, the Office of Inspector General has a longstanding concern that such arrangements may increase the risk of intentional upcoding and similar abusive billing practices.
A physician may contract with a billing service on a percentage basis. However, the billing service cannot directly receive Medicare payments made to the physician. Under 42 U.S.C. 1395u(b)(6), Medicare payments can only be made to either the beneficiary or a party (such as a physician) that furnished the services and accepted assignment of the beneficiary's claim. A billing service that contracts on a percentage basis does not qualify as a party that furnished services to a beneficiary, thus a billing service cannot directly receive Medicare payments. According to the Medicare Carriers Manual § 3060(A), a payment is considered to be made directly to the billing service if the service can convert the payment to its own use and control without the payment first passing through the control of the physician. For example, the billing service cannot bill the claims under its own name or tax identification number. The billing service must bill claims under the physician's name and tax identification number. Nor can a billing service have the Medicare payments sent directly to its office or its bank account. The Medicare payments should instead be sent to the physician's office or bank account.
Physician practices should review the third-party medical billing guidance for additional information on third-party billing companies and the compliance risk areas associated with billing companies.
B. Billing Practices by Non-Participating Physicians
Even though nonparticipating physicians do not accept payment directly from the Medicare program, there are a number of laws that apply to the billing of Medicare beneficiaries by non-participating physicians.
42 U.S.C. 1395w-4(g) prohibits a nonparticipating physician from knowingly and willfully billing or collecting on a repeated basis an actual charge for a service that is in excess of the Medicare limiting charge. For example, a nonparticipating physician may not bill a Medicare beneficiary $50 for an office visit when the Medicare limiting charge for the visit is $25. Additionally, there are numerous provisions that prohibit nonparticipating physicians from knowingly and willfully charging patients in excess of the statutory charge limitations for certain specified procedures, such as cataract surgery, mammography screening, and coronary artery bypass surgery. Physicians who fail to comply with these sections may be fined up to $10,000 per violation or be excluded from participation in Federal health care programs for up to five years.
Refund of Excess Charges
42 U.S.C. 1395w-4(g) mandates that if a nonparticipating physician collects an actual charge for a service that is in excess of the limiting charge, the physician must refund the amount collected above the limiting charge to the individual within 30 days notice of the violation. For example, if a physician collected $50 from a Medicare beneficiary for an office visit, but the limiting charge for the visit was $25, the physician must refund $25 to the beneficiary, which is the difference between the amount collected ($50) and the limiting charge ($25). Physicians who fail to comply may be fined up to $10,000 per violation or be excluded from participation in Federal health care programs for up to 5 years.
42 U.S.C. 1395u(l)(A)(iii) mandates that a nonparticipating physician must refund payments received from a Medicare beneficiary if it is later determined by a Peer Review Organization or a Medicare carrier that the services were not reasonable and necessary. Physicians who fail to refund the payments may be fined up to $10,000 per violation or be excluded from participation in Federal health care programs for up to 5 years.
C. Professional Courtesy
The term “professional courtesy” is used to describe a number of analytically different practices. The traditional definition is the practice by a physician of waiving all, or a part, of the fee for services provided to the physician's office staff, other physicians, and/or their families. In recent times, “professional courtesy” has come to also mean the waiver of coinsurance obligations or other out-of-pocket expenses for physicians or their families (i.e., “insurance only” billing), and similar payment arrangements by hospitals or other institutions for services provided to their medical staffs or employees. While only the first of these practices is truly “professional courtesy,” in the interests of clarity and completeness, we will address all three.
In general, whether a professional courtesy arrangement runs afoul of the fraud and abuse laws is determined by two factors: (i) how the recipients of the professional courtesy are selected; and (ii) how the professional courtesy is extended. If recipients are selected in a manner that directly or indirectly takes into account their ability to affect past or future referrals, the anti-kickback statute—which prohibits giving anything of value to generate Federal health care program business—may be implicated. If the professional courtesy is extended through a waiver of copayment obligations (i.e., “insurance only” billing), other statutes may be implicated, including the prohibition of inducements to beneficiaries, section 1128A(a)(5) of the Act (codified at 42 U.S.C. 1320a-7a(a)(5)). Claims submitted as a result of either practice may also implicate the civil False Claims Act.
The following are general observations about professional courtesy arrangements that physician practices should consider:
- A physician's regular and consistent practice of extending professional courtesy by waiving the entire fee for services rendered to a group of persons (including employees, physicians, and/or their family members) may not implicate any of the OIG's fraud and abuse authorities so long as membership in the group receiving the courtesy is determined in a manner that does not take into account directly or indirectly any group member's ability to refer to, or otherwise generate Federal health care program business for, the physician.
- A non-referring physician's regular and consistent practice of extending professional courtesy by waiving otherwise applicable copayments for services rendered to physicians, referring and non-referring alike, their employees and family members, would not implicate the anti-kickback statute so long as membership in the group is determined in a manner that does not take into account directly or indirectly any group member's ability to refer to, or otherwise generate Federal health care program business for, the physician.
- Any waiver of copayment practice, including that described in the preceding bullet, does implicate section 1128A(a)(5) of Start Printed Page 36831the Act if the patient for whom the copayment is waived is a Federal health care program beneficiary who is not financially needy.
The legality of particular professional courtesy arrangements will turn on the specific facts presented, and, with respect to the anti-kickback statute, on the specific intent of the parties. Physicians who are concerned that their particular practices may run afoul of the Federal fraud and abuse laws may request an OIG advisory opinion pursuant to regulations at 42 CFR Part 1008 (See Appendix D for further detail), except for matters pertaining to the physician self-referral law, which are addressed by HCFA.
IV. Other Risk Areas
A. Rental of Space in Physician Offices by Persons or Entities to Which Physicians Refer
In February 2000, the OIG issued a Special Fraud Alert on this topic, which is available on the OIG website at www.hhs.gov/oig/frdalrt/index.htm. The following is a summary of the Special Fraud Alert.
Among various relationships between physicians and labs, hospitals, home health agencies, etc., the OIG has identified potentially illegal practices involving the rental of space in a physician's office by suppliers that provide items or services to patients who are referred or sent to the supplier by the physician-landlord. An example of a suspect arrangement is the rental of physician office space by a durable medical equipment (DME) supplier in a position to benefit from referrals of the physician's patients. The OIG is concerned that in such arrangements the rental payments may be disguised kickbacks to the physician-landlord to induce referrals.
Space Rental Safe Harbor to the Anti-Kickback Statute
To avoid potentially violating the anti-kickback Statute, the OIG recommends that rental agreements should comply with all of the following criteria for the space rental safe harbor:
- The agreement is set out in writing and signed by the parties.
- The agreement covers all of the space rented by the parties for the term of the agreement and specifies the space covered by the agreement.
- If the agreement is intended to provide the lessee with access to the space for periodic intervals of time rather than on a full-time basis for the term of the rental agreement, the rental agreement specifies exactly the schedule of such intervals, the precise length of each interval, and the exact rent for each interval.
- The term of the rental agreement is for not less than one year.
- The aggregate rental charge is set in advance, is consistent with fair market value, and is not determined in a manner that takes into account the volume or value of any referrals or business otherwise generated between the parties for which payment may be made in whole or in part under Medicare or a State health care program.
- The aggregate space rented does not exceed that which is reasonably necessary to accomplish the commercially reasonable business purpose of the rental.
B. Unlawful Advertising
42 U.S.C. 1320b-10 makes it unlawful for any person to advertise using the names, abbreviations, symbols, or emblems of the Social Security Administration, Health Care Financing Administration, Department of Health and Human Services, Medicare, Medicaid or any combination or variation of such words, abbreviations, symbols or emblems in a manner that such person knows or should know would convey the false impression that the advertised item is endorsed by the named entities. For instance, a physician may not place an ad in the newspaper that reads “Dr. X is a cardiologist approved by both the Medicare and Medicaid programs.” A violation of this section may result in a penalty of up to $5,000 ($25,000 in the case of a broadcast or telecast) for each violation.
Appendix B: Criminal Statutes
This Appendix contains a description of criminal statutes related to fraud and abuse in the context of health care. The Appendix is not intended to be a compilation of all Federal statutes related to health care fraud and abuse. It is merely a summary of some of the more frequently cited Federal statutes.
I. Health Care Fraud (18 U.S.C. 1347)
Description of Unlawful Conduct
It is a crime to knowingly and willfully execute (or attempt to execute) a scheme to defraud any health care benefit program, or to obtain money or property from a health care benefit program through false representations. Note that this law applies not only to Federal health care programs, but to most other types of health care benefit programs as well.
Penalty for Unlawful Conduct
The penalty may include the imposition of fines, imprisonment of up to 10 years, or both. If the violation results in serious bodily injury, the prison term may be increased to a maximum of 20 years. If the violation results in death, the prison term may be expanded to include any number of years, or life imprisonment.
1. Dr. X, a chiropractor, intentionally billed Medicare for physical therapy and chiropractic treatments that he knew were never rendered.
2. Dr. X, a psychiatrist, billed Medicare, Medicaid, CHAMPUS, and private insurers for psychiatric services that were provided by his nurses rather than himself.
II. Theft or Embezzlement in Connection With Health Care (18 U.S.C. 669)
Description of Unlawful Conduct
It is a crime to knowingly and willfully embezzle, steal or intentionally misapply any of the assets of a health care benefit program. Note that this law applies not only to Federal health care programs, but to most other types of health care benefit programs as well.
Penalty for Unlawful Conduct
The penalty may include the imposition of a fine, imprisonment of up to 10 years, or both. If the value of the asset is $100 or less, the penalty is a fine, imprisonment of up to a year, or both.
An office manager for Dr. X knowingly embezzles money from the bank account for Dr. X's practice. The bank account includes reimbursement received from the Medicare program; thus, intentional embezzlement of funds from this account is a violation of the law.
III. False Statements Relating to Health Care Matters (18 U.S.C. 1035)
Description of Unlawful Conduct
It is a crime to knowingly and willfully falsify or conceal a material fact, or make any materially false statement or use any materially false writing or document in connection with the delivery of or payment for health care benefits, items or services. Note that this law applies not only to Federal health care programs, but to most other types of health care benefit programs as well.
Penalty for Unlawful Conduct
The penalty may include the imposition of a fine, imprisonment of up to 5 years, or both.
Dr. X certified on a claim form that he performed laser surgery on a Medicare beneficiary when he knew that the surgery was not actually performed on the patient.
IV. Obstruction of Criminal Investigations of Health Care Offenses (18 U.S.C. 1518)
Description of Unlawful Conduct
It is a crime to willfully prevent, obstruct, mislead, delay or attempt to prevent, obstruct, mislead, or delay the communication of records relating to a Federal health care offense to a criminal investigator. Note that this law applies not only to Federal health care programs, but to most other types of health care benefit programs as well.
Penalty for Unlawful Conduct
The penalty may include the imposition of a fine, imprisonment of up to 5 years, or both.
1. Dr. X instructs his employees to tell OIG investigators that Dr. X personally performs all treatments when, in fact, medical technicians do the majority of the treatment and Dr. X is rarely present in the office.
2. Dr. X was under investigation by the FBI for reported fraudulent billings. Dr. X altered patient records in an attempt to cover up the improprieties.
V. Mail and Wire Fraud (18 U.S.C. 1341, 1343)
Description of Unlawful Conduct
It is a crime to use the mail, private courier, or wire service to conduct a scheme to defraud another of money or property. The term “wire services” includes the use of a telephone, fax machine or computer. Each use of a mail or wire service to further fraudulent activities is considered a separate Start Printed Page 36832crime. For instance, each fraudulent claim that is submitted electronically to a carrier would be considered a separate violation of the law.
Penalty for Unlawful Conduct
The penalty may include the imposition of a fine, imprisonment of up to 5 years, or both.
1. Dr. X electronically submits claims to the Medicare fiscal intermediary via his computer for office visits that he did not actually provide to Medicare beneficiaries.
2. Dr. X, a neurologist, knowingly submitted claims for tests that were not reasonable and necessary and intentionally upcoded office visits and Electromyograms to Medicare.
VI. Criminal Penalties for Acts Involving Federal Health Care Programs (42 U.S.C. 1320a-7b)
Description of Unlawful Conduct
False Statements and Representations
It is a crime to knowingly and willfully:
- Make, or cause to be made, false statements or representations in applying or benefits or payments under all Federal health care programs;
- Make, or cause to be made, any false statement or representation for use in determining rights to such benefit or payment;
- Conceal any event affecting an individual's initial or continued right to receive a benefit or payment with the intent to fraudulently receive the benefit or payment either in an amount or quantity greater than that which is due or authorized;
- Convert a benefit or payment to a use other than for the use and benefit of the person for whom it was intended;
- Present, or cause to be presented, a claim for a physician's service when the service was not furnished by a licensed physician;
- For a fee, counsel an individual to dispose of assets in order to become eligible for medical assistance under a State health program, if disposing of the assets results in the imposition of an ineligibility period for the individual.
It is a crime to knowingly and willfully solicit, receive, offer, or pay remuneration of any kind (e.g., money, goods, services):
- For the referral of an individual to another for the purpose of supplying items or services that are covered by a Federal health care program; or
- For purchasing, leasing, ordering, or arranging for any good, facility, service, or item that is covered by a Federal health care program.
There are a number of limited exceptions to the law, also known as “safe harbors,” which provide immunity from criminal prosecution and which are described in greater detail in the statute and related regulations (found at 42 CFR 1001.952 and at www.hhs.gov/oig/ak/index.htm#OIG Safe Harbor Regulations). Current safe harbors include:
- Investment interests;
- Space rental;
- Equipment rental;
- Personal services and management contracts;
- Sale of practice;
- Referral services;
- Employment relationships;
- Waiver of Part A co-insurance and deductible amounts;
- Group purchasing organizations;
- Increased coverage or reduced cost sharing under a risk-basis or prepaid plan; and
- Charge reduction agreements with health plans.
Penalty for Unlawful Conduct
The penalty may include the imposition of a fine of up to $25,000, imprisonment of up to 5 years, or both. In addition, the provider can be excluded from participation in Federal health care programs. The regulations defining the aggravating and mitigating circumstances that must be reviewed by the OIG in making an exclusion determination are set forth in 42 CFR Part 1001.
1. Dr. X accepted payments to sign Certificates of Medical Necessity for durable medical equipment for patients she never examined.
2. Home Health Agency disguises referral fees as salaries by paying referring physician Dr. X for services Dr. X never rendered to Medicare beneficiaries or by paying Dr. X a sum in excess of fair market value for the services he rendered to Medicare beneficiaries.
Appendix C: Civil and Administrative Statutes
This Appendix contains a description of civil and administrative statutes related to fraud and abuse in the context of health care. The Appendix is not intended to be a compilation of all Federal statutes related to health care fraud and abuse. It is merely a summary of some of the more frequently cited Federal statutes.
I. The False Claims Act (31 U.S.C. 3729-3733)
Description of Unlawful Conduct
This is the law most often used to bring a case against a health care provider for the submission of false claims to a Federal health care program. The False Claims Act prohibits knowingly presenting (or causing to be presented) to the Federal Government a false or fraudulent claim for payment or approval. Additionally, it prohibits knowingly making or using (or causing to be made or used) a false record or statement to get a false or fraudulent claim paid or approved by the Federal Government or it agents, like a carrier, other claims processor, or state Medicaid program.
False Claim—A false claim is a claim for payment for services or supplies that were not provided specifically as presented or for which the provider is otherwise not entitled to payment. Examples of false claims for services or supplies that were not provided specifically as presented include, but are not limited to:
- A claim for a service or supply that was never provided.
- A claim indicating the service was provided for some diagnosis code other than the true diagnosis code in order to obtain reimbursement for the service (which would not be covered if the true diagnosis code were submitted).
- A claim indicating a higher level of service than was actually provided.
- A claim for a service that the provider knows is not reasonable and necessary.
- A claim for services provided by an unlicensed individual.
Knowingly—To “knowingly” present a false or fraudulent claim means that the provider: (1) has actual knowledge that the information on the claim is false; (2) acts in deliberate ignorance of the truth or falsity of the information on the claim; or (3) acts in reckless disregard of the truth or falsity of the information on the claim. It is important to note the provider does not have to deliberately intend to defraud the Federal Government in order to be found liable under this Act. The provider need only “knowingly” present a false or fraudulent claim in the manner described above.
Deliberate Ignorance—To act in “deliberate ignorance” means that the provider has deliberately chosen to ignore the truth or falsity of the information on a claim submitted for payment, even though the provider knows, or has notice, that information may be false. An example of a provider who submits a false claim with deliberate ignorance would be a physician who ignores provider update bulletins and thus does not inform his/her staff of changes in the Medicare billing guidelines or update his/her billing system in accordance with changes to Medicare billing practices. When claims for non-reimbursable services are submitted as a result, the False Claims Act has been violated.
Reckless Disregard—To act in “reckless disregard” means that the provider pays no regard to whether the information on a claim submitted for payment is true or false. An example of a provider who submits a false claim with reckless disregard would be a physician who assigns the billing function to an untrained office person without inquiring whether the employee has the requisite knowledge and training to accurately file such claims.
Penalty for Unlawful Conduct
The penalty for violating the False Claims Act is a minimum of $5,000 up to a maximum of $10,000 for each false claim submitted. In addition to the penalty, a provider could be found liable for up to three times the amount unlawfully claimed.
- A physician and his oncology clinic knowingly submitted improper claims to Medicare and Medicaid for services rendered at the clinic by nonphysicians without a physician's supervision or attendance. Start Printed Page 36833
- Dr. X intentionally upcoded office visits and angioplasty consultations that were submitted for payment to Medicare.
- Dr. X, a podiatrist, knowingly submitted claims to the Medicare and Medicaid programs for non-routine surgical procedures when he actually performed routine, non-covered services such as the cutting and trimming of toenails and the removal of corns and calluses.
II. Civil Monetary Penalties Law (42 U.S.C. 1320a-7a)
Description of Unlawful Conduct
The Civil Monetary Penalties Law (CMPL) is a comprehensive statute that covers an array of fraudulent and abusive activities and is very similar to the False Claims Act. For instance, the CMPL prohibits a health care provider from presenting, or causing to be presented, claims for services that the provider “knows or should know” were:
- Not provided as indicated by the coding on the claim;
- Not reasonable or necessary;
- Furnished by a person who is not licensed as a physician (or who was not properly supervised by a licensed physician);
- Furnished by a licensed physician who obtained his or her license through misrepresentation of a material fact (such as cheating on a licensing exam);
- Furnished by a physician who was not certified in the medical specialty that he or she claimed to be certified in; or
- Furnished by a physician who was excluded from participation in the Federal health care program to which the claim was submitted.
Additionally, the CMPL contains various other prohibitions, including:
- Offering remuneration to a Medicare or Medicaid beneficiary that the person knows or should know is likely to influence the beneficiary to obtain items or services billed to Medicare or Medicaid from a particular provider; and
- Employing or contracting with an individual or entity that the person knows or should know is excluded from participation in a Federal health care program.
The term “should know” means that a provider: (1) Acted in deliberate ignorance of the truth or falsity of the information; or (2) acted in reckless disregard of the truth or falsity of the information. The Federal Government does not have to show that a provider specifically intended to defraud a Federal health care program in order to prove a provider violated the statute.
Penalty for Unlawful Conduct
Violation of the CMPL may result in a penalty of up to $10,000 per item or service and up to three times the amount unlawfully claimed. In addition, the provider may be excluded from participation in Federal health care programs. The regulations defining the aggravating and mitigating circumstances that must be reviewed by the OIG in making an exclusion determination are set forth in 42 CFR Part 1003.
1. Dr. X paid Medicare and Medicaid beneficiaries $20 each time they visited him to receive services and have tests performed that were not preventive care services and tests.
2. Dr. X hired Physician Assistant P to provide services to Medicare and Medicaid beneficiaries without conducting a background check on P. Had Dr. X performed a background check by reviewing the HHS-OIG List of Excluded Individuals/Entities, Dr. X. would have discovered that he should not hire P because P is excluded for a period of 5 years from participation in Federal health care programs.
3. Dr. X and his oximetry company billed Medicare for pulse oximetry that they knew they did not perform and services that had been intentionally upcoded.
III. Limitations on Certain Physician Referrals (“Stark Laws”) (42 U.S.C. 1395nn)
Description of Unlawful Conduct
Physicians (and immediate family members) who have an ownership, investment or compensation relationship with an entity providing “designated health services” are prohibited from referring patients for these services where payment may be made by a Federal health care program unless a statutory or regulatory exception applies. An entity providing a designated health service is prohibited from billing for the provision of a service that was provided based on a prohibited referral. Designated health services include: clinical laboratory services; physical therapy services; occupational therapy services; radiology services, including magnetic resonance imaging, axial tomography scans, and ultrasound services; radiation therapy services and supplies; durable medical equipment and supplies; parenteral and enteral nutrients, equipment and supplies; prosthetics, orthotics, prosthetic devices and supplies; home health services; outpatient prescription drugs; and inpatient and outpatient hospital services.
New regulations clarifying the exceptions to the Stark Laws are expected to be issued by HCFA during the summer of 2000. Current exceptions articulated within the Stark Laws include the following, provided all conditions of each exception as set forth in the statute and regulations are satisfied.
Exceptions for Ownership or Compensation Arrangements
1. Physician's services;
2. In-office ancillary services; and
3. Prepaid plans.
Exceptions for Ownership or Investment in Publicly Traded Securities and Mutual Funds
1. Ownership of investment securities which may be purchased on terms generally available to the public;
2. Ownership of shares in a regulated investment company as defined by Federal law, if such company had, at the end of the company's most recent fiscal year, or on average, during the previous 3 fiscal years, total assets exceeding $75,000,000;
3. Hospital in Puerto Rico;
4. Rural provider; and
5. Hospital ownership (whole hospital exception).
Exceptions Relating to Other Compensation Arrangements
1. Rental of office space and rental of equipment;
2. Bona fide employment relationship;
3. Personal service arrangement;
4. Remuneration unrelated to the provision of designated health services;
5. Physician recruitment;
6. Isolated transactions;
7. Certain group practice arrangements with a hospital (pre-1989); and
8. Payments by a physician for items and services
Penalty for Unlawful Conduct
Violations of the statute subject the billing entity to denial of payment for the designated health services, refund of amounts collected from improperly submitted claims, and a civil monetary penalty of up to $15,000 for each improper claim submitted. Physicians who violate the statute may also be subject to additional fines per prohibited referral. In addition, providers that enter into an arrangement that they know or should know circumvents the referral restriction law may be subject to a CMP of up to $100,000 per arrangement.
1. Dr. A worked in a medical clinic located in a major city. She also owned a free standing laboratory located in a major city. Dr. A referred all orders for laboratory tests on her patients to the laboratory she owned.
2. Dr. X agreed to serve as the Medical Director of Home Health Agency, HHA for which he was paid a sum substantially above the fair market value for his services. In return, Dr. X routinely referred his Medicare and Medicaid patients to HHA for home health services.
3. Dr. Y received a monthly stipend of $500 from a local hospital to assist him in meeting practice expenses. Dr. Y performed no specific service for the stipend and had no obligation to repay the hospital. Dr. Y referred patients to the hospital for in-patient surgery.
IV. Exclusion of Certain Individuals and Entities From Participation in Medicare and Other Federal Health Care Programs (42 U.S.C. §1320a-7)
Individuals or entities convicted of the following conduct must be excluded from participation in Medicare and Medicaid for a minimum of five years:
- A criminal offense related to the delivery of an item or service under Medicare or Medicaid;
- A conviction under Federal or State law of a criminal offense relating to the neglect or abuse of a patient;
- A conviction under Federal or State law of a felony relating to fraud, theft, embezzlement, breach of fiduciary responsibility or other financial misconduct against a health care program financed by any Federal, State, or local government agency; or
- A conviction under Federal or State law of a felony relating to unlawful manufacture, distribution, prescription, or dispensing of a controlled substance. Start Printed Page 36834
If there is one prior conviction, the exclusion will be for 10 years. If there are two prior convictions, the exclusion will be permanent.
Individuals or entities may be excluded from participation in Federal health care programs for a minimum of 3 years if they meet any of the following criteria:
- A criminal offense related to the delivery of an item or service under Medicare or Medicaid;
- A misdemeanor related to fraud, theft, embezzlement, breach of fiduciary responsibility or other financial misconduct against a health care program financed by any Federal, State, or local government agency;
- Interference with, or obstruction of, any investigation into certain criminal offenses;
- A misdemeanor related to the unlawful manufacture, distribution, prescription or dispensing of a controlled substance;
- Exclusion or suspension under a Federal or State health care program;
- Submission of claims for excessive charges, unnecessary services or services that were of a quality which fails to meet professionally recognized standards of health care;
- Violating the CMP law or the statute entitled “Criminal Penalties for Acts Involving Federal Health Care Programs”;
- Ownership or control of an entity by a sanctioned individual or immediate family member (spouse, natural or adoptive parent, child, sibling, stepparent, stepchild, stepbrother or stepsister, in-laws, grandparent and grandchild);
- Failure to disclose information required by law;
- Failure to supply claims payment information; and
- Defaulting on health education loan or scholarship obligations.
The above list is not all inclusive. Additional grounds for permissive exclusion are detailed in the statute.
1. Nurse R was excluded based on a conviction involving obtaining dangerous drugs by forgery. She also altered prescriptions that were given for her own health problems before she presented them to the pharmacist to be filled.
2. Practice T was excluded due to its affiliation with its excluded owner. The practice owner, excluded from participation in the Federal health care programs for soliciting and receiving illegal kickbacks, was still participating in the day-to-day operations of the practice after his exclusion was effective.
Appendix D: OIG-HHS Contact Information
I. OIG Hotline Number
One method for providers to report potential fraud, waste, and abuse problems is to contact the OIG Hotline number. All HHS and contractor employees have a responsibility to assist in combating fraud, waste and abuse in all departmental programs. As such, providers are encouraged to report matters involving fraud, waste and mismanagement in any departmental program to the OIG. The OIG maintains a hotline that offers a confidential means for reporting these matters.
Contacting the OIG Hotline
By Phone: 1-800-HHS-TIPS (1-800-447-8477)
By E-Mail: HTips@os.dhhs.gov
By Mail: Office of Inspector General
Department of Health and Human Services
330 Independence Ave., S.W.,
Washington, D.C. 20201
When contacting the Hotline, please provide the following information to the best of your ability:
- Type of Complaint:
Medicare Part A
Medicare Part B
Indian Health Service
Other (please specify)
- HHS Department or program being affected by your allegation of fraud, waste, abuse/mismanagement:
Health Care Financing Administration (HCFA)
Indian Health Service
Other (please specify)
Please provide the following information. (However, if you would like your referral to be submitted anonymously, please indicate such in your correspondence or phone call.)
Your Street Address
Your Zip Code
Your email Address
- Subject/Person/Business/Department that allegation is against.
Name of Subject
Title of Subject
Subject's Street Address
Subject's Zip Code
- Please provide a brief summary of your allegation and the relevant facts.
II. Provider Self-Disclosure Protocol
The recommended method for a provider to contact the OIG regarding potential fraud or abuse issues that may exist in the provider's own organization is through the use of the Provider Self-Disclosure Protocol. This program encourages providers to voluntarily disclose irregularities in their dealings with Federal health care programs. While voluntary disclosure under the protocol does not guarantee a provider protection from civil, criminal or administrative actions, the fact that a provider voluntarily disclosed possible wrongdoing is a mitigating factor in OIG's recommendations to prosecuting agencies. Self-reporting offers providers the opportunity to minimize the potential cost and disruption of a full-scale audit and investigation, to negotiate a fair monetary settlement, and to avoid an OIG permissive exclusion preventing the provider from doing business with Federal health care programs. In addition, if the provider is obligated to enter into an Integrity Agreement (IA) as part of the resolution of a voluntary disclosure, there are three benefits the provider might receive as a result of self-reporting:
- If the provider has an effective compliance program and agrees to maintain its compliance program as part of the False Claims Act settlement, the OIG may not even require an IA;
- In cases where the provider's own audits detected the disclosed problem, the OIG may consider alternatives to the IA's auditing provisions. The provider may be able to perform some or all of its billing audits through internal auditing methods rather than be required to retain an independent review organization to perform the billing review; and
- Self-disclosing can help to demonstrate a provider's trustworthiness to the OIG and may result in the OIG determining that they can sufficiently safeguard the Federal health care programs through an IA without the exclusion remedy for a material breach, which is typically included in an IA.
Specific instructions on how to submit a voluntary disclosure under the Provider Self-Disclosure Protocol can be found on the OIG's internet site at www.hhs.gov/oig or in the Federal Register at 63 FR 58399.
The Provider Self-Disclosure Protocol can also be a useful tool for conducting baseline audits. The protocol details the OIG's views on the appropriate elements of an effective investigative and audit plan for providers. Physician practices can use the self-disclosure protocol as a model for conducting audits and self-assessments.
In relying on the protocol for audit design and sample selection, a physician practice should pay close attention to the sections on self-assessment and sample selection. These two sections provide valuable guidance regarding how these two functions should be performed.
The self-assessment section of the protocol contains information that can be applied to audit design. Self-assessment is an internal financial assessment to determine the monetary impact of the matter. The approach of a review can include reviewing either all claims affected or a statistically valid sample of the claims.
Sample selection must include several elements. These elements are drawn from the Government sampling program known as RAT-STATS. All of these elements are set forth in more detail in the Provider Self-Disclosure Protocol, but the elements include: (1) Sampling unit, (2) sampling frame, (3) probe sample, (4) sample size, (5) random numbers, (6) sample design and (7) missing sample items. All of these sampling elements should be clearly documented by the physician practice and compiled in the format set forth in the Provider Self-Disclosure Protocol. Use of the format set forth in the Provider Self-Disclosure Protocol will help physician practices to ensure that the elements of their internal audits are in conformance with OIG standards.Start Printed Page 36835
III. Advisory Opinion Requests
Health care professionals or others may request an advisory opinion from OIG on the following issues:
- What constitutes prohibited “remuneration” or payment under the anti-kickback statute;
- Whether the arrangement or proposed arrangement fits into a safe harbor to the anti-kickback statute;
- What constitutes an inducement to reduce or limit services to Medicare/Medicaid beneficiaries; and
- Whether any activity or proposed activity constitutes grounds for the imposition of fraud and abuse sanctions.
The OIG issues Advisory Opinions on specific existing or proposed arrangements in which the requesting party is engaged or in good faith intends to engage; the OIG does not issue Advisory Opinions on hypothetical arrangements. Advisory Opinions will not be issued on questions of fair market value or whether an individual is a bona fide employee. Advisory Opinions will be binding only on the requesting party and the OIG. Failure to seek an Advisory Opinion is not admissible as evidence of intent to violate the law.
Appendix E: Carrier Contract Information
A complete list of contact information (address, phone number, email address) for Medicare Part A Fiscal Intermediaries, Medicare Part B Carriers, Regional Home Health Intermediaries, and Durable Medical Equipment Regional Carriers can be found on the HCFA website at www.hcfa.gov/medicare/incardir.htm.
Contact information (address, phone number, email address) for each state Medicaid carrier can be found on the HCFA website at www.hcfa.gov/medicaid/mcontact.htm. In addition to a list of Medicaid carriers, the website includes contact information for each State survey agency and the HCFA Regional Offices.
Contact information for each state Medicaid Fraud Control Unit can be found on the OIG website at www.hhs.gov/oig/oi/mfcu/index.htm.
Appendix F: Internet Resources
Office of Inspector General—U.S. Department of Health and Human Services (www.hhs.gov/oig)
This website includes a variety of information relating to Federal health care programs, including the following:
Compliance Program Guidance
Corporate Integrity Agreements
Links to web pages for the:
Office of Audit Services (OAS)
Office of Evaluation and Inspections (OEI)
Office of Investigations (OI)
OIG List of Excluded Individuals/Entities
OIG Semi-Annual Report
Health Care Financing Administration (www.hcfa.gov)
This website includes information on a wide array of topics, including the following:
National Correct Coding Initiative
Program Transmittals & Memorandum
Provider Billing/HCFA Forms
Statistics and Data
HCFA Regional Offices
Letters to State Medicaid Directors
Medicaid Hotline Numbers
Policy & Program Information
State Medicaid Contacts
State Medicaid Manual
State Survey Agencies
Statistics and Data
HCFA Medicare Training (www.medicaretraining.com)
This site provides computer-based training on the following topics:
HCFA 1500 Form
Fraud & Abuse
ICD-9-CM Diagnosis Coding
Medicare Secondary Payer (MSP)
Front Office Management
Introduction to the World of Medicare
Home Health Agency
HCFA 1450 (UB92)
Government Printing Office (www.access.gpo.gov)
This site provides access to Federal laws and regulations pertaining to Federal health care programs.
The U.S. House of Representatives Internet Library (uscode.house.gov/usc.htm)
This site provides access to the United States Code, which contains laws pertaining to Federal health care programs.End Supplemental Information
1. For the purpose of this guidance, the term “physician” is defined as: (1) A doctor of medicine or osteopathy; (2) a doctor of dental surgery or of dental medicine; (3) a podiatrist; (4) an optometrist; or (5) a chiropractor, all of whom must be appropriately licensed by the State. 42 U.S.C. 1395x(r).Back to Citation
2. Much of this guidance can also apply to other independent practitioners, such as psychologists, physical therapists, speech language pathologists, and occupational therapists.Back to Citation
3. Currently, the Office of Inspector General has issued compliance program guidance for the following eight industry sectors: hospitals, clinical laboratories, home health agencies, durable medical equipment suppliers, third-party medical billing companies, hospices, Medicare+Choice organizations offering coordinated care plans, and nursing facilities. All of the guidance is available on the OIG website at http://www.hhs.gov/oig in the Electronic Reading Room, or by calling the OIG Public Affairs office at (202) 619-1343.Back to Citation
4. The OIG periodically issues Advisory Opinions responding to specific inquiries concerning the application of the OIG's authorities, in particular, the anti-kickback statute, and Special Fraud Alerts setting forth activities that raise legal and enforcement issues. These documents, as well as reports from the OIG's Office of Audit Services (OAS) and Office of Evaluation and Inspections (OEI) can be obtained on the Internet at: http://www.hhs.gov/oig. We also recommend that physician practices regularly review the Health Care Financing Administration (HCFA) website on the Internet at http://www.hcfa.gov, for up-to-date regulations, manuals, and program memoranda related to the Medicare and Medicaid programs.Back to Citation
5. The OIG, for example, will consider the existence of an effective compliance program that pre-dated any governmental investigation when addressing the appropriateness of administrative sanctions. However, the burden is on the physician practice to demonstrate the operational effectiveness of the compliance program. See 62 FR 67392. In addition, criminal sanctions may be mitigated by an effective compliance program that was in place at the time of the criminal offense. See United States Sentencing Commission Guidelines, Guidelines Manual, 8 A1.2, Application Note 3(d).Back to Citation
8. Reno Willing to Work With Hospitals to Ensure Proper Use of False Claims Act, 6 Health Care Pol'y Rep. 261 (1998).Back to Citation
9. See United States Sentencing Commission Guidelines, Guidelines Manual, 8 A1.2, Application Note 3(k). The Federal Sentencing Guidelines are detailed policies and practices for the Federal criminal justice system that prescribe the appropriate sanctions for offenders convicted of Federal crimes.Back to Citation
11. Practices with laboratories or arrangements with third-party billing companies should check the risk areas included in the guidance for those industries. The guidance is available on the OIG website at http://www.hhs.gov/oig.Back to Citation
12. There are many published summaries of reimbursement requirements of varying specificity and quality. Various specialty and trade associations may also have developed such summaries.Back to Citation
13. The OIG recommends that, in addition to the list set forth below, physicians review the OIG's Work Plan to identify vulnerabilities and risk areas on which the OIG will focus in the future. In addition, it is recommended that physician practices review the OIG's semiannual reports, which identify program vulnerabilities and risk areas that the OIG has targeted during the preceding six months. All of these documents are available on the OIG's webpage at http://www.hhs.gov/oig.Back to Citation
14. A listing of additional risk areas that a physician practice may want to include in its policies can be found at Appendix A of this document.Back to Citation
15. For example, Dr. X, an ophthalmologist, bills for laser surgery he did not perform. As proof, he did not even have laser equipment or access to such equipment at the place of service designated on the claim form to perform the surgery.Back to Citation
16. Billing for services which are not reasonable and necessary, supplies and equipment involves seeking reimbursement for a service that is not warranted by a patient's documented medical condition. See 42 U.S.C. 1395i(a)(1)(A) (“no payment may be made under part A or part B [of Medicare] for any expenses incurred for items or services which * * * are not reasonable and necessary for the diagnosis or treatment of illness or injury or to improve the functioning of the malformed body member”). See also Appendix A for further discussion on this topic.Back to Citation
17. Double billing occurs when the physician bills for the same item or service more than once or when another party bills the Federal health care program for an item or service also billed by the physician. Although duplicate billing can occur due to simple error, the knowing submission of duplicate claims—which is sometimes evidenced by systematic or repeated double billing—can create liability under criminal, civil, and/or administrative law.Back to Citation
18. Of particular concern, physician practices should be aware of the provisions of reassignment of benefits. These provisions govern who may receive payment due to a provider or supplier of services or a beneficiary. See 42 CFR 424.70-424.80. See also Medicare Carrier Manual § 3060.10.Back to Citation
19. Unbundling is the practice of a physician billing for multiple components of a service that must be included in a single fee. For example, if dressings and instruments are included in a fee for a minor procedure, the provider may not also bill separately for the dressings and instruments.Back to Citation
20. A modifier, as defined by the CPT-4 manual, provides the means by which the physician practice can indicate a service or procedure that has been performed has been altered by some specific circumstance, but not changed in its definition or code. Assuming the modifier is used correctly and appropriately, this specificity provides the justification for payment for those services. For correct use of modifiers, the physician practice should reference the appropriate sections of the Medicare Carrier Manual. See Medicare Carrier Manual § 4630. For general information on the correct use of modifiers, the physician practice should also consult the National Correct Coding Initiative (NCCI) system. See Appendix F for information on how to access the NCCI system. The NCCI coding edits are updated on a quarterly basis and are used to process claims and determine payments to physicians.Back to Citation
21. Upcoding is billing for a more expensive service than the one actually performed. For example, Dr. X defrauds Medicare by intentionally billing at a higher evaluation and management (E & M) code than what he actually renders to the patient. Upcoding has been a major focus of the OIG's law enforcement efforts. In fact, the Health Insurance Portability and Accountability Act of 1996 added another civil monetary penalty to the OIG's sanction authorities for upcoding violations. See 42 U.S.C. 1320a-7a(a)(1)(A).Back to Citation
22. The official coding guidelines are promulgated by HCFA, the National Center for Health Statistics, the American Medical Association and the American Health Information Management Association. See International Classification of Diseases, 9th Revision, Clinical Modification (ICD-9 CM) (and its successors); 1998 Health Care Financing Administration Common Procedure Coding System (HCPCS) (and its successors); and Physicians' Current Procedural Terminology (CPT). In addition, there are specialized coding systems for specific segments of the health care industry. Among these are ADA (for dental procedures), DSM IV (psychiatric health benefits) and DMERCs (for durable medical equipment, prosthetics, orthotics and supplies).Back to Citation
23. The failure of a physician practice to: (i) document items and services rendered; and (ii) properly submit them for reimbursement is a major area of potential fraudulent or erroneous conduct involving Federal health care programs. The OIG has undertaken numerous audits, investigations, inspections and national enforcement initiatives aimed at reducing potential and actual fraud, abuse and waste in these areas.Back to Citation
25. For additional information on proper documentation, physician practices should also reference the Documentation Guidelines for Evaluation and Management (E and M) Services, published by HCFA. These guidelines are available on the Internet at http://www.hcfa.gov/medicare/mcarpti.htm.Back to Citation
26. The anti-kickback statute provides criminal penalties for individuals and entities that knowingly offer, pay, solicit, or receive bribes or kickbacks or other remuneration in order to induce business reimbursable by Federal health care programs. See 42 U.S.C. 1320a-7b(b). Civil penalties, exclusion from participation in the Federal health care programs, and civil False Claims Act liability may also result from a violation of the prohibition. See 42 U.S.C. 1320a-7a(a)(5), 42 U.S.C. 1320a-7(b)(7), and 31 U.S.C. 3729-3733.Back to Citation
27. The physician self-referral law, 42 U.S.C. 1395nn, (also known as the “Stark law”), prohibits a physician from making a referral to an entity with which the physician or any member of the physician's immediate family has a financial relationship if the referral is for the furnishing of designated health services, unless the financial relationship fits into an exception set forth in the statute or implementing regulations.Back to Citation
28. See Appendix B for additional information on the anti-kickback statute.Back to Citation
29. The OIG's definition of “fair market value” is not the typical commercial definition of this term. The OIG's definition of this term excludes any value attributable to referrals of Federal program business on the ability to influence the flow of such business. Adhering to the rule of keeping business arrangements at fair market value is not a guarantee of legality, but is a highly useful general rule.Back to Citation
31. In the OIG Special Fraud Alert “Routine Waiver of Part B Co-payments/ Deductibles” (May 1991), the OIG describes several reasons why routine waivers of these cost-sharing amounts pose concerns. The Alert sets forth the circumstances under which it may be appropriate to waive these amounts. See also 42 U.S.C. 1320a-7a(a)(5).Back to Citation
32. All physician contracts and agreements with parties in a position to influence Federal health care program business or to whom the doctor is in such a position to influence should be reviewed to avoid violation of the anti-kickback, self-referral, and other relevant Federal and State laws. The OIG has published safe harbors that define practices not subject to the anti-kickback statute, because such arrangements would be unlikely to result in fraud or abuse. Failure to comply with a safe harbor provision does not make an arrangement per se illegal. Rather, the safe harbors set forth specific conditions that, if fully met, would assure the entities involved of not being prosecuted or sanctioned for the arrangement qualifying for the safe harbor. One such safe harbor applies to personal services contracts. See 42 CFR 1001.952(d).Back to Citation
33. See OIG Special Fraud Alert “Joint Venture Arrangements” (August 1989) available on the OIG website at http://www.hhs.gov/oig. See also OIG Advisory Opinion 97-5.Back to Citation
34. Physician practices should establish clear policies governing gift-giving because such exchanges may be viewed as inducements to influence business decisions. Practice policies should emphasize that accepting gifts of any kind may influence the employee's independent judgment. To the extent such gifts are accepted, they should be reported to the designated person charged with recording such information for the practice.Back to Citation
35. Practices should also check the HCFA website for the most recent regulations regarding these issues.Back to Citation
36. Among the materials useful in documenting the compliance program are employee certifications relating to training and other compliance initiatives, copies of compliance training materials, and any corresponding reports of investigation, outcomes, and employee disciplinary actions. In addition, the physician practice should keep all relevant correspondence with carriers, private payer insurers, and HCFA.Back to Citation
37. The HHS-OIG “List of Excluded Individuals/Entities” provides information to health care providers, patients, and others regarding individuals and entities that are excluded from participation in Federal health care programs. This report, in both an on-line searchable and downloadable database, can be located on the Internet at http://www.hhs.gov/oig. The OIG sanction information is readily available to users in two formats on over 15,000 individuals and entities currently excluded from program participation through action taken by the OIG. The on-line searchable database allows users to obtain information regarding excluded individuals and entities sorted by: (1) The legal bases for exclusions; (2) the types of individuals and entities excluded by the OIG; and (3) the States where excluded individuals reside or entities do business. In addition, the General Services Administration maintains a monthly listing of debarred contractors, “List of Parties Debarred from Federal Programs,” at http://www.arnet.gov/epls.Back to Citation
38. HCFA also offers free online training for general fraud and abuse issues at http://www.medicaretraining.com. See Appendix F for additional information.Back to Citation
39. Another way for physician practices to receive effective training is for the physicians and/or the employees of the practice to attend training programs offered by larger entities, such as a hospital, a local medical society or a carrier. This sort of collaborative effort is an excellent way for the practice to meet the desired training objective without having to expend the resources to develop and implement in-house training.Back to Citation
40. The OIG's work plan is currently available on the Internet at http://www.hhs.gov/oig. The OIG Work Plan details the various projects the OIG intends to address in the fiscal year. The Work Plan contains the projects of the Office of Audit Services, Office of Evaluation and Inspections, Office of Investigations and the Office of Counsel to the Inspector General.Back to Citation
41. Some publications, such as OIG's Special Fraud Alerts, audit and inspection reports, and Advisory Opinions are readily available from the OIG and can provide a basis for educational courses and programs for physician practice employees. These can be obtained through the Internet. See Appendix F.Back to Citation
42. Currently, the OIG is monitoring a significant number of corporate integrity agreements that require many of these training elements. The OIG usually requires a minimum of one hour annually for basic training in compliance areas. Additional training is required for specialty fields such as claims development and billing.Back to Citation
43. In addition to whatever other method of communication is being utilized, practices should post in a prominent area the HHS-OIG Hotline telephone number (1-800-HHS-TIPS). See Appendix D for additional information.Back to Citation
45. See Appendix D.II. referencing the Provider Self-Disclosure Protocol for information on how to conduct a baseline audit.Back to Citation
46. See Footnote 37 for information on how to access these lists.Back to Citation
47. Instances of noncompliance must be determined on a case-by-case basis. The existence or amount of a monetary loss to a health care program is not solely determinative of whether the conduct should be investigated and reported to governmental authorities. In fact, there may be instances where there is no readily identifiable monetary loss, but corrective actions are still necessary to protect the integrity of the applicable program and its beneficiaries, e.g., where services required by a plan of care are not provided.Back to Citation
48. The physician practice may seek advice from its legal counsel to determine the extent of the practice's liability and to plan the appropriate course of action.Back to Citation
49. The OIG has established a Provider Self-Disclosure Protocol that encourages providers to voluntarily report suspected fraud. The concept of voluntary self-disclosure is premised on a recognition that the Government alone cannot protect the integrity of the Medicare and other Federal health care programs. Health care providers must be willing to police themselves, correct underlying problems, and work with the Government to resolve these matters. The Provider Self-Disclosure Protocol can be located on the OIG's website at: www.hhs.gov/oig. See Appendix D for further information on the Provider Self-Disclosure Protocol.Back to Citation
51. Previous OIG Compliance Program Guidance have set forth criteria for assessing the effectiveness of a compliance program. See Footnote 3 for a listing of previous Compliance Program Guidance and information on how to access them.Back to Citation
1. HCFA has recently developed a website which, when completed by the end of the year 2000, will contain the LMRPs for each of the contractors across the country. The website can be accessed at http://www.lmrp.net.Back to Citation
2. The relevant manual provisions are located at MCM, Part III, §§ 7300, 7320. This section of the manual also includes the carrier's recommended form of an ABN.Back to Citation
7. Hospitals and physicians, including on-call physicians, who violate the statute may face stiff penalties. Those penalties include civil fines of up to $50,000 (or not more than $25,000 in the case of a hospital with less than 100 beds) per violation and exclusion of a physician from participation in the Federal health care programs.Back to Citation
9. Id.Back to Citation
10. This section is not intended to be and is not a complete reference for teaching physicians. It is strongly recommended that those physicians who practice in a teaching setting consult their respective hospitals for more guidance.Back to Citation
11. This concern is noted in Advisory Opinion No. 98-4 and also the Office of Inspector General Compliance Program Guidance for Third-Party Medical Billing Companies. Both are available on the OIG website at http://www.hhs.gov/oig.Back to Citation
[FR Doc. 00-14703 Filed 6-9-00; 8:45 am]
BILLING CODE 4152-01-P