Wrapping it up: Our Month of Compliance

Posted on July 30, 2011 by Danyell Jones

We hope that you have gained some valuable information about compliance this month, and we want to thank you for all of your fantastic responses and questions in regard to our posts. We cannot stress enough how important compliance is to a healthcare organization, and hope that our posts have assisted you in thinking about some compliance issues which will not only be relevant for 2011, but may have not been on your agenda. We have another fantastic series which we will be releasing in August, but until then we hope that you will continue to join us here for up to date news, relevant information, and the latest advancements in healthcare!

Until next time….

HIPAA and Privacy Violations

Posted on July 28, 2011 by Danyell Jones

As we are now exploring the issue of some of the most common healthcare compliance concerns facing organization in 2011 it is important that we examine HIPAA and the issue of privacy. HIPAA and HITECH Privacy Violations can result in both civil and criminal penalties, and it is important that HIPAA policies are followed in EVERY healthcare organization nationwide.

Maintain HIPAA Compliance

In two recent cases the cost of violating this privacy act was substantial. One organization was fined $2.25 million dollars for fail to properly dispose of protected information. Criminally more than 43 physicians have been sentenced to jail time for violations in the past five years. Here are some more interesting statistics courtesy of Liles Parker

as of mid 2010 there have been more than 93 breaches of HIPAA compliance
more than 500 individuals have been affected by these privacy breaches
The total number of individuals whose information was disclosed as a result of these breaches was estimated at over 2.5 million
of the 93 breaches, 87 involved breach of hard copy or electronic protected health information
the majority of the breaches involved theft, or loss of the records

HIPAA Compliance, one of the costliest compliance policies for healthcare organization is also one of the most important. Patient privacy will continue to be an issue of importance in the future, and only a faultless healthcare compliance program will suffice. Make sure that all members of your organization receive constant and up to date information HIPAA and any new or changing regulations, and of course seek outside assistance from a firm which is experienced with what it takes to be certified in healthcare compliance.

To learn more about HIPAA in all of its intricacies please visit the website: HIPAA Compliance

EMRs- Compliance Lessons Learned

Posted on July 27, 2011 by Danyell Jones

As we identified in an earlier post (Top 10 Compliance Threats for 2011), Electronic Medical Records, or EMRs are one of the top healthcare compliance threats to organizations in the upcoming year.

EMRs were introduced to the healthcare industry with a carrot or stick approach. Those organizations that converted from paper to electronic records early were offered financial incentives, while those who did not faced being penalized down the road. Now, nearly every organization is making the move away from paper records to electronic medical records, but for some this move has proved problematic from a healthcare compliance perspective.

EMRs- a potential compliance risk

Private contractors known as ZPICS, or Zone Program Integrity Contractors are now raising concerns about EMR programs citing inadequately designed software programs. The real problem seems to be EMR software that does an overly extensive auto fill, substituting program notes for physician observations, and causing ZPICS to claim that documentation is not adequate.

Before any organization converts to EMRs they should be aware of the risk of over automation to their compliance program, and carefully evaluate the platform that they select for their practice.

For more information on EMRs….the good, the bad, and the right choice for your organization download our Free Presentation

A Physicians Minefield- Section 6402 of Healthcare Reform

Posted on July 26, 2011 by Danyell Jones

Two new healthcare reform measures have recently been passed, including the Patient Protection and Affordable Care Act (PPACA) and the Health Care and Education Reconciliation Act of 2010. together these hefty volumes- more than 900 pages in all- constitute quite a weighty legislative tome, but buried inside all of this text are several very weighty anti-fraud and theft measure, proving once again that governments aim is hitting healthcare hard from a fraud and abuse perspective.

Section 6402(h)(1) is one of the most worrisome sections of this legislation because it affords the right of the Secretary to suspend all Medicare/Medicaid payments to any provider against whom a “credible allegation” has been made. Of course what is considered “credible” is not defined in any of the pages presented.In essence any organization, or individual who is a healthcare provider, upon facing any type of “credible allegation” will no longer be able to receive any type of Medicaid/Medicare reimbursement…..a reimbursement that accounts for more than 58% of an average practices revenue stream. Allegations need not be for fraud, if a provider fails to notify the state of a change of address, fails to “fully cooperate” during a site visit, or is accused of incorrect coding and/or billing all payments may be suspended effective immediately. This means that any physician or organization could face indefinite suspension pending an investigation….not a conviction….an investigation….and could be forced out of business due to the lost revenue.

Another potentially dicey section is 6402(f)(2) which was written as a preventative measure against kickbacks, and improper referrals. Unfortunately the new legislation can hold a person who “had no knowledge of this law, no intent to commit a violation of this law, and was not directly involved in the violation” responsible

We strongly recommend that all organizations have a compliance program in place, and that this healthcare compliance program continually reviews the latest laws and regulations pertaining to the industry.

Staff Inclusion, or a Hefty Fine

Posted on July 26, 2011 by Danyell Jones

How certain are you that none of your staff members have recently been excluded from Federal Healthcare Programs? This is a question that many healthcare executives and CEOs need to be asking themselves.

Recent healthcare reform has expanded permissive exclusion authorities, and many are predicted the heaviest exclusion rates in decades in the upcoming years. both Health and Human Services and the Office of Inspector General are actively reviewing providers to see if they have been excluded, and if one of these individuals is a member of your staff, you could pay hefty fines. According to a recent online article “HHS-OIG announced that it had assessed significant civil monetary penalties against a healthcare provider that employed seven individuals who the provider ‘knew or should have known’ had been excluded from participation in Federal health care programs. These individuals were alleged to have furnished items and services for which the provider was paid by Federal health care programs.”

Is a member of your staff on the list?

To make sure that your organization is fully aware of compliance in healthcare, and all that that entails, your compliance officer should screen all members to see if they have been excluded from Federal Programs on a frequent and regular basis. Screenings should be conducted against not only the HHS and OIG databases, but also the GSA databases. for more information please visit the link below:

OIG Exclusion Program

RAC Audits and Risks- Top 5 Tips

Posted on July 25, 2011 by Danyell Jones

RAC audits are now permanent and prevalent across every state and will begin to initiate reviews this year. It is a great time to make sure that your organization is compliant with all applicable regulations and billing/coding issues. A recent study found that at the average healthcare organization only 58% of services were properly coded, while 28% were over-coded and 15% were under-coded. If your organization is within this average it could spell trouble, and now is the time to look for a firm who is experienced with compliance in healthcare to assist you in readiness.

Here are our top 5 hints for making sure that your organization would be RAC Audit Ready

1. Internal Audit- conduct an internal audit of your organization to show that you are committed to the effort of submitting complete and accurate claims to payer, and identify any problems early before someone else does

2. Independent Audit- have an independent company conduct an audit of your organization to make sure that external findings support your own audit findings

3. EMR Coding/Documentation Review- Evaluate the impact that your EMR system is having on your coding and documentation

4. Know your Numbers- organizations are most often targeted for audit based on utilization rates, prescribing practices, and billing/coding practices. Make sure that you know the numbers of your organization in order to evaluate your risk early

5. Hire a Dedicated Compliance Officer- we can not stress enough how important it can be to have an individual who is certified in healthcare compliance on staff. A compliance officer can work with senior members of your organization to ensure that you are prepared for an unannounced audit or investigation.

Compliance in healthcare can be a potential minefield for individuals and organizations, but with a little bit of preparation and a strong focus on compliance, coding, billing, and documentation you can be sure that you are prepared.

The HEAT is on

Posted on July 22, 2011 by Danyell Jones

HEAT….which stands for the Healthcare Fraud Prevention and Enforcement Action Team is part of a nation wide government sponsored effort to increase health care fraud enforcement efforts, and both organizations and providers have been feeling the squeeze.

According to the Department of Justice (DOJ) “Since their inception in March 2007, Strike Force operations in seven districts have obtained indictments of more than 850 individuals who collectively have falsely billed the Medicare program for more than $2.1 billion dollars. In addition, HHS’s Centers for Medicare and Medicaid Services, working in conjunction with the HHS-OIG, are taking steps to increase accountability and decrease the presence of fraudulent providers.”

It is estimated that healthcare fraud costs the government and taxpayers $60-$100 Billion dollars per year, and with the present fiscal squeeze there is a huge push to recoup as much of this money as possible, but some industry insiders say that the aggressive actions of HEAT are not only targeting fraudulent providers, but those who are simply unknowing not in compliance with a portion of the myriad of healthcare regulations which are enacted every year. It will be essential moving forward that every healthcare organization have a strong compliance awareness and that compliance in healthcare is an issue which is continually monitored. Organizations can further benefit from having ongoing quality improvement programs that address healthcare compliance, and actively procure up to date financial risk analysis to gauge where their organization may be impacted.

For a small sample of the headline news regarding who HEAT has impacted, and what the repercussions have been follow the links below, I hope you find them as interesting as I did:

Brooklyn Neurologist found guilty of Health Care fraud

Houston Healthcare Company Guilty in 1.3 million dollar fraud case

53 individuals indited in Strike Force case

94 Doctors Criminally Charged for Billing Errors

Top 10 Healthcare Compliance Issues of 2011

Posted on July 20, 2011 by Danyell Jones

2011 has been rife with government change, and both President Obama and healthcare regulators have been more active than ever in regard to regulatory and healthcare compliance updates and changes. These new laws and acts, some of which are already in effect, and some of which are expected to go into effect soon will no doubt have a dramatic impact on the industry. Here is our list of the Top 10 Healthcare Compliance Issues of 2011, we hope you enjoy.

1. The RAC Audit- recovery audit contractors who are independent organizations paid a percentage of recovered fees for providing auditing services are hitting hard across the country. RAC auditors have the ability to look backward into the history of your organization over 7 years and will scour every nook and cranny of your organization for potential billing and coding errors. All Healthcare CEOs should be asking themselves how prepared their organization would be for an unannounced audit, or when the last time their organization conducted an internal review of compliance practices.

2. Electronic Medical Records (EMRs)- financial incentives for EMRs have been paltry, but penalties for not converting to electronic records will begin to kick in starting in early 2012. If you add to this the fact that those who have already converted to EMRs are getting penalized for poorly designed software which is not HIPAA Compliant, the case for examining your record keeping methodology becomes even more pivotal in 2011.

3. Speaking of HIPAA- HIPAA violations are another hot compliance issue that organizations should be aware of. In recent months one organization was fined $2.25 million dollars for failure to properly dispose of protected information, and some physicians have been sentenced to jail time for failing to comply with HIPAA practices. BHM urges all firms to develop an internal healthcare compliance department, or seek outside consultation to ensure that your organization is not at risk.

4. The HEAT is on- The governments Health Care Fraud Prevention and Enforcement Action Team, known as “HEAT” is zoning in on healthcare fraud enforcement efforts in an attempt to “reign in fraud, eliminate waste, and get back Americas hard earned money.” This aggressive team of law enforcement officers, members of the Department of Justice, and the Department of Health and Human Services are all collaborating to bring justice to any organization or member who is not “in compliance.” According to the Washington DC based law firm, Liles Parker, this has lead to:

Filed charges against more than 800 defendants
583 criminal convictions
$2.5 million dollars worth of fines and re-coupment payments

Because the Obama administration has recently requested $60.2 million dollars in funding for HEAT in 2011, many more organization may find themselves in the line of fire.

5. Section 6402 of Health Care Reform Legislation- Yes, we all understand that over payments made to healthcare organizations will be pursued for recovery by the government with all the aggressiveness of a rabid Saint Bernard, but when it comes to understanding the details of what can get you in compliance trouble many physicians may find that they are as susceptible as that kid trapped in the back of the pinto. Section 6402 of the Health Care Reform legislation in particular will be risky for physicians who will not only need to return any overpayment, but report over payments in writing and explain the reason for overpayment in a justifiable and timely manner. Just exactly what constitutes timely has not been identified.

6. Medicare Exclusion- How often are you screening your clinical and non-clinical staff members to ensure that they are not excluded from participating in Medicare and other Federal health care programs? Health and Human Services along with the Office of Inspector General have recently been reviewing care providers, and provider organizations. Should it be found that a staff member has been excluded from Medicare the organization will be assessed significant financial penalties. This will remain the case even if the organization screened an individual upon initially hiring them, and if the organization had no knowledge of the exclusion.

7. Independent Auditors (SIUs)- As if RAC Audits were not a great enough threat, organizations which have been found guilty of accepting over payments by RAC Auditors are now beginning to see copycat auditing firms sponsored by Third-Party Payers come in. Like the second wave of a Tsunami these auditors pick up where RAC left off seeking reimbursement for overpayment from organizations which have already been found to have received over payments. These new independent auditors are lead by Special Investigative Units (SIUs), and the prevalence of these audits will continue to rise throughout 2011 and 2012.

8. Suspended Payments- payment suspensions by Medicare are sure to increase in the coming months, and are just one more potential threat to an organizations healthcare compliance standing. Organizations which used to be given advanced notice and warnings if payment was going to be suspended will now see little to no notice of payment suspension actions. In addition, payments can now be suspended for the smallest of infractions……failing to properly notify Medicare of an address change being one of them.

9. Quality Reporting- The Physician Quality Reporting Initiative, or PQRI, is another change that was ushered in with the new Health Care Reform legislation. Beginning in March 2011 Physician Quality Reporting went from being voluntary to mandatory, and organizations who are not in compliance with this reporting will be assessed a financial penalty. Again, ambiguity plays a role in this compliance risk as PQRI data that is required has not been clearly defined at this point.

10. Compliance Programs- 2011 will certainly be the year for beginning, improving, and implementing compliance programs across a broad range of healthcare organizations. The threats that we highlighted at the top of our list are only some of the most prevalent and costly, but the total list of compliance risks to an organization could run to hundreds of items. To make sure that your organization is covered from a compliance perspective please make sure that you have an active compliance program, and if possible a dedicated compliance officer. If you are not sure where to start consider hiring an outside consulting firm to begin planning and implementing a quality healthcare compliance program for your organization today!

Not Sure where to begin? Call BHM at 1-888-831-1171 for your free Healthcare Compliance consultation

Continuing Healthcare Compliance

Posted on July 18, 2011 by Danyell Jones

I wanted to start by thanking everyone who has read out posts this week concentrated on compliance in healthcare. I loved reading your comments, and am very excited to announce that we will be continuing to look at compliance issues for the remainder of the month. We realize that a few posts are not nearly enough to scratch the surface on this all encompassing topic………..so we are going to delve a little bit deeper into the topic, and hope you appreciate the insightful posts which will be coming up, including:

Top 10 Compliance threats for 2011
The HEAT is on- Healthcare Fraud and Enforcement
RAC Audits and Risks
Electronic Medical Records- Compliance lessons learned
HIPAA and Privacy Violations
A Physicians Minefield- Section 6402 of the Healthcare Reform Act
Has your staff been excluded, and will you pay the price?

We hope that you will continue to join us for the remainder of our “Month of Compliance,” and as always, feel free to leave your comments or ask a question……………..we are always happy to help!

Where 1/3 of Every Healthcare Dollar is Going

Posted on July 15, 2011 by Danyell Jones

When you discuss compliance in healthcare, it is essential that you address cost. According to the Institute of Medicine, “HIPAA compliance cost 33 cents of every health care dollar that was spent between 1996 and 2002.”

HIPAA, or the U.S. Health Insurance Portability and Accountability Act, provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes.

The Security Rule specifies a series of administrative, physical, and technical safeguards for covered entities to use to assure the confidentiality, integrity, and availability of electronic protected health information, and all organizations are expected to be held accountable by healthcare compliance associations.

Gartner identified “security for privacy compliance as one of the top 10 issues within healthcare, and an area that is misunderstood and the cause of significant spending by healthcare.”

But healthcare compliance does not have to be such a burdensome financial weight to bear. Many healthcare organizations are now seeking expert consulting firms to assist them with reigning in HIPAA related spending, and a heavy emphasis has been placed on new and innovative IT Solutions that are lowering the cost of compliance. In fact, according to Net IQ “70% of healthcare organizations with annual budgets greater than US$100 million are using HIPAA compliance claims and remittance advice, and more than half of these organizations seek outside help.”

The bottom line to reigning in healthcare costs is often calling in experts in the respective area to bring alignment to healthcare compliance and financial goals of an organization. As healthcare, and already extensively regulated industry, becomes even more regulated, and as the number of healthcare services purchased through government continues to grow (currently 53% of services are purchased through the government and this rate is expected to grow by 15% per year for the next 5 years) it will become increasingly important for healthcare organizations to look to outside help to remain fiscally strong.