OIG WORKPLAN UPDATE

The Department of Health and Human Services Office of Inspector General (OIG) announced in June that it would update the work plan monthly, to enhance transparency.

In the September 15 update to the Work Plan, the new items posted are several examinations of Medicaid programs, including a review of five states to determine the extent to which Medicaid managed care plans include behavioral health providers and whether enough providers are available to meet the needs of the Medicaid population in those states.

The Department of Health and Human Services Office of Inspector General (OIG) announced in June that it would update the work plan monthly, to enhance transparency.

In the September 15 update to the Work Plan, the new items posted are several examinations of Medicaid programs, including a review of five states to determine the extent to which Medicaid managed care plans include behavioral health providers and whether enough providers are available to meet the needs of the Medicaid population in those states.

OIG also will review Medicaid health home programs for compliance with federal and state requirements. OIG noted in the update that as of May 2017, the Centers for Medicare & Medicaid Services (CMS) approved Medicaid state plan amendments for 21 states and the District of Columbia for health home programs.

In addition, OIG will look at Medicare Part D sponsors’ reporting of direct and indirect remuneration (DIR) to determine whether Part D sponsors complied with Medicare DIR reporting requirements.

NEW COMPLIANCE PROGRAM GUIDANCE

New compliance program guidance has been issued by the Fraud Section of the Department of Justice (DOJ), according to an article published in the AHLA Weekly. Although the “Evaluation of Corporate Compliance Programs” (Guidance) is not specific to the healthcare industry, it does provide a practical set of benchmarks against which the audit & compliance committee, in consultation with the general counsel and the chief compliance officer, can evaluate the effectiveness of the health system’s compliance program.

New compliance program guidance has been issued by the Fraud Section of the Department of Justice (DOJ), according to an article published in the AHLA Weekly. Although the “Evaluation of Corporate Compliance Programs” (Guidance) is not specific to the healthcare industry, it does provide a practical set of benchmarks against which the audit & compliance committee, in consultation with the general counsel and the chief compliance officer, can evaluate the effectiveness of the health system’s compliance program.

Compliance Guidance based Questions

The Guidance is presented in the form of a series of substantive compliance-focused questions that the Fraud Division frequently considers when evaluating a corporate compliance program, for example:

  • Analysis and Remediation of Underlying Misconduct
  • [Role and Involvement of] Senior and Middle Management
  • Autonomy and Resources
  • Policies and Procedures
  • Risk Assessment
  • Training and Communication
  • Confidential Reporting and Investigation
  • Incentives and Disciplinary Measures
  • Continuous Improvement, Periodic Testing and Review
  • Third Party Management
  • Mergers and Acquisitions

These questions are drawn from multiple sources (e.g., the Federal Sentencing Guidelines and the United States Attorneys Manual, the joint DOJ/SEC Foreign Corrupt Practices Act guide and compliance guidance from the Organization for Economic Cooperation and Development).

Questions particularly relevant to healthcare organizations include those that focus on the conduct of senior and middle management; the internal stature of the compliance function; the autonomy of the compliance function; program funding and resources; corporate response to expressed compliance concerns; the process for responding to investigative findings; consistency of disciplinary measures; and periodic updating of procedures and practices.

Important questions focus on the board’s exercise of its compliance oversight duties—including whether relevant expertise is available on the board and how compliance related information provided to the board.

Lack of Formalized Compliance Programs

As an aside, this guidance underscores the lack of need for formalized compliance programs in small practices consistent with the OIG guidance. Small practices do not have mid or senior level managers or a board in most cases. Small physician practices can, however, take note of some of the key points in their attempts at operating in a compliant fashion. Specifically, how you respond to expressed compliance concerns, investigative findings, and how often you review documentation, coding and billing policies.

One theme that appears to run through the questions is a focus on how the corporation deals with misconduct after it has been identified. This focus goes beyond the traditional emphasis on proper incentives and appropriate discipline to an awareness of the root cause of the misconduct and changes the company made to reduce the potential that similar problems will reappear.

The release of this Guidance is a significant development in terms of assuring the most effective possible corporate compliance plan. It is directly relevant to any organization attempting to demonstrate a commitment to compliance and implementation of an “effective” compliance program. Compliance officers should review and share relevant portions and resulting recommendations with management.

INDUCEMENT THRESHOLD UPDATED BY OIG

The Department of Health and Human Services Office of Inspector General (OIG) issued a policy statement December 7 increasing what constitutes a gift of “nominal value” to Medicare and Medicaid beneficiaries for purposes of avoiding civil monetary penalties.

Under Section 1128A(a)(5) of the Social Security Act, enacted as part of HIPAA:
A person who offers or transfers to a Medicare or Medicaid beneficiary any remuneration that the person knows or should know is likely to influence the beneficiary’s selection of a particular provider, practitioner, or supplier of Medicare or Medicaid payable items or services may be liable for civil monetary penalties (CMPs) of up to $10,000 for each wrongful act.

The Department of Health and Human Services Office of Inspector General (OIG) issued a policy statement December 7 increasing what constitutes a gift of “nominal value” to Medicare and Medicaid beneficiaries for purposes of avoiding civil monetary penalties.

Under Section 1128A(a)(5) of the Social Security Act, enacted as part of HIPAA:

A person who offers or transfers to a Medicare or Medicaid beneficiary any remuneration that the person knows or should know is likely to influence the beneficiary’s selection of a particular provider, practitioner, or supplier of Medicare or Medicaid payable items or services may be liable for civil monetary penalties (CMPs) of up to $10,000 for each wrongful act.

In 2000, OIG interpreted the terms “inexpensive” or “nominal value” to mean a retail value of no more than $10 per item, or $50 in the aggregate per patient, on an annual basis. As of December 7, “nominal value” has be re-defined as having a retail value of no more than $15 per item or $75 in the aggregate per patient, on an annual basis. Such remuneration cannot include cash or items similar to cash, such as gift cards.

UNDERCODING IS NOT AN APPROPRIATE AUDIT AVOIDANCE STRATEGY

It’s a compliance risk, and it deprives your physicians of proper payment.

“Overcoding,” or reporting procedures and services not supported by the actual work performed (as described in provider documentation), is improper coding, and it’s a compliance risk. “Undercoding” — or failing to report the full extent of provided procedures or services — is an equally unsound practice.

It’s a compliance risk, and it deprives your physicians of proper payment.

“Overcoding,” or reporting procedures and services not supported by the actual work performed (as described in provider documentation), is improper coding, and it’s a compliance risk. “Undercoding” — or failing to report the full extent of provided procedures or services — is an equally unsound practice.

“Defensive” Undercoding Is Indefensible

Some providers and staff have taken to undercoding as a defensive strategy, in hopes of warding off denials, audits, or accusations of fraud. The thinking is, “If I under-report the amount of work performed, I can’t be accused of trying to receive payments in bad faith.”

For example, many payers examine billing patterns for evaluation and management (E/M) codes to identify providers who bill a greater-than-average number of high-level E/M services. Providers who undercode do so because they either are unsure of the correct code or hope that, by doing so, they can “fly under the radar.” What providers may not understand is that undercoding can make a provider an outlier, just as easily as overcoding.

Undercoding creates substantial patient care, compliance, and financial liabilities. Novitas, a Medicare contractor in Delaware, Maryland, New Jersey, Pennsylvania, and Washington, D.C., noted on its website (“Over coding? Under coding? RIGHT coding”) an increased trend of undercoding, and enumerated its problems:

  • Undercoding leaves money on the table, driving down provider reimbursement:

… under coding impacts your practice revenue. You are not being appropriately paid for the level of service you provide to your patients. Correcting under coded claims can mean costly appeals.

  • Undercoding increases the number of improperly paid claims:

The goal of CMS and Novitas is to pay claims that meet Medicare’s requirements and pay them at the proper level of service. When there is an underpayment due to under coding, we did not pay the claim correctly and it is counted as an improper payment error…. Under coding errors can statistically impact calculated error rates in the tens of millions of dollars [emphasis in the original].

  • Undercoding impacts patients negatively, and skews the data that Medicare and other payers use to calculate payments, going forward:

Under coding misrepresents the true level [of] care that is provided to Medicare beneficiaries. These statistics are used to calculate future Medicare payments and track trends in healthcare delivery. 

  • Undercoding may increase your risk of an audit:

Patterns of under coding may be viewed as aberrant and open your practice up to audits and reviews. 

In short, Novitas says, “It’s important to code the level service that is supported by your documentation.”

Undercoding Is Improper Coding (or Worse)

Here’s something else: Undercoding — just like overcoding — can create false claims liability.

There are two types of undercoding that can create liability for the provider:

  • Failing to report services performed at the encounter; and
  • Under-reporting the level of service provided.

A Centers for Medicare & Medicaid Services (CMS) Medicare Learning Network article, entitled “Medicare Fraud and Abuse: Prevention, Detection, and Reporting,” defines fraud:

In general … as making false statements or representations of material facts to obtain some benefit or payment for which no entitlement would otherwise exist. These acts may be committed either for the person’s own benefit or for the benefit of some other party. In other words, fraud includes the obtaining of something of value through misrepresentation or concealment of material facts.

Undercoding Type 1: Failing to Report Performed Services

Deliberately undercoding by not reporting components of the performed service (i.e., services that do not fall under applicable bundling reimbursement rules) is “making a false statement” about the provided services, and is a “misrepresentation” of the facts. When the unreported code(s) affect the payer’s decision to pay the claim (or the decision whether to conduct additional review), the omission is a material misrepresentation that can lead to potential False Claims allegations.

Example: Assume a provider sees a patient and performs three services: A, B, and C. Assume also that the applicable bundling rule establishes that service C is a component of service B, and that service B is a component of service A. Assume no exclusionary modifiers are appropriate or justified. If all three services were reported, only Service A would be paid. Knowing this, the provider omits the billing for Service B. The provider, therefore, reports Service A and Service C. Not knowing that Service B was provided, the payer allows payment for both services.

In this example, the omission was the misrepresentation that induced the payer to approve the additional (but not entitled) reimbursement. If the payer had been apprised of all the facts, they would have paid less money. This is the type of misrepresentation that can create false claims liability. At a minimum, misrepresentation by omission certainly fits within the CMS definition of abuse, which is simply “misusing codes on a claim.”

Under the False Claims Act, a physician may be held liable for “submit[ing] claims to Medicare for medical services he or she knows were not provided.” Undercoding by omission is the inverse of this type of false claim. With omissions, it’s not that the provider is billing for work that he or she didn’t do; it’s that the provider is not billing for all of the work performed in an attempt to gain disallowed reimbursement. For example, getting paid for an E/M associated with a cosmetic procedure that isn’t covered. By not billing a cosmetic procedure, the payer will likely pay the E/M where they otherwise wouldn’t. False claims liability potentially arises as a result of such an omission where a complete and accurate representation of the service would have resulted in a different (and lower) payment amount, or would have negatively influenced the carrier’s determination to pay the claim, at all. In essence, the omission (by undercoding) is the material misrepresentation that creates potential false claims liability.

When a payer can also substantiate that the omission represented a “deliberate ignorance or reckless disregard of the truth related to the claim,” both the materiality and intent elements necessary to prove fraudulent conduct are satisfied.

There’s also the Criminal Health Care Fraud Statute, which makes it a crime “to obtain (by means of false or fraudulent pretenses, representations, or promises) any of the money or property owned by, or under the custody or control of, any health care benefit program.” Here again, undercoding by omitting information that might influence the payment determination may be perceived as “false or fraudulent representations” of the services provided.

Undercoding Type 2: Under-reporting Level of Service

The more obvious form of undercoding is reporting a lower level of service than was provided and represented. This commonly occurs with E/M services, as well as other procedures. In such cases, providers must consider the anti-kickback statute to the extent that undercoding diminishes the patient’s obligation for payment, and such a reduction is considered “remuneration” that is intended to influence the patient’s decision to receive the service.

Example: An established patient whose deductible is not met presents to the physician for an E/M service. Assume that the work and associated documentation demonstrate the physician performed a level 4 service. Concerned about the cost to the patient, the provider reports a level 2 service, instead. The value of the “discount” is remuneration to the patient. Since it can be shown that one purpose of the remuneration was to influence the patient’s selection of the provider or decision to receive the healthcare service, the anti-kickback statute would be implicated.

These examples show that undercoding isn’t a recommended defensive strategy; it’s a misrepresentation of services. Undercoding establishes inaccurate utilization patterns, which may, at a minimum, flag a physician as an outlier and make him or her a target for an audit.

Fight Undercoding with Internal Audits

Periodic, internal audits of your coding, billing, and documentation is the best way to detect and eliminate improper coding, whether it’s due to upcoding, downcoding, or other compliance risks. The goal of an audit is to ensure documentation is a correct reflection of the work done and the necessity for that work. An internal audit should evaluate compliance with payer reimbursement guidelines compared to your documentation content to ensure all procedures, services, supplies, and diagnoses are identified, appropriately billed, and supported at the level they are billed. Medical documentation should be clear (to the auditor) and legible.

Internal audit results must be shared with providers and the coding and billing staff. Be sure appropriate education is completed and compliance policies and procedures are updated to prevent future errors. Providers should consider using an external auditor, periodically, to validate the effectiveness of the internal audit program.

Providers should strive to report all work performed (while following bundling rules), the necessity for that work, and (when relevant) the correct level of service. Doing so is what Novitas calls “right coding.” Right coding should always result in the right payment, and when providers receive the right payment, there is no compliance risk. As Novitas rightly concludes, “When you practice right coding, coding the level of service supported by your documentation, we all win — you, your patients and the Medicare program.”

Resources

Novitas, “Over coding? Under coding? RIGHT coding!” (www.novitas-solutions.com/)

Medicare Learning Network, “Medicare Fraud & Abuse: Prevention, Detection, and Reporting.”