Get Your Compliance Program in Shape to Avoid, Defend Against Auditors
Whistleblower lawsuits and multimillion dollar Medicare fraud settlements involving otherwise reputable hospitals and health systems are becoming standard media fodder on the Department of Justice Web site.
As is almost always the case, the accused providers that are often paying millions of dollars to the federal government to settle whistleblower suits for self-referrals, or inflated outlier charges, or whatever the gist of the suit may be, are also claiming that the settlement is not an admission of guilt.
Most claim they are paying the fines to avoid costly and interminable litigation. "The lesson to be learned really in all of these similar cases is that the government is looking for fraud and will go after providers if they think there is a problem," says Anna Grizzle, an attorney with Nashville-based Bass, Berry & Sims, PLC.
She says there will be even more enforcement actions against healthcare providers in the coming months and years because the federal government believes it can pay for some of the health reform by cracking down on fraud.
"With the expansion of the False Claims Act and the enhanced penalties under the new health reform laws, the government has demonstrated that it is serious about tracking down healthcare fraud, and with increased funding under the health reform legislation will have the money to be able to do it," Grizzle says.
Health reform requires healthcare organizations to have compliance programs. Grizzle says these programs must proactively find problems before the government or contract auditors.
"It's much better for the organization to find it, fix it, and repay any money it shouldn't have received, rather than have the government find it. And in today's era of heightened scrutiny, healthcare organizations should assume that if there is a problem the government will find it," Grizzle says.
Strong compliance programs should include robust internal and external audits, with healthcare organizations conducting their own data mining to identify systemic problems that they can correct internally.
"A good compliance program should have a strong internal audit function, where you are looking over your own claims. It also should consider periodic external audits as well on risk areas," Grizzle says.
There are several sources for finding risk areas. HHS' Office of Inspector General issues fraud alerts about potential risk areas, and other sources include RAC audits, and detailed readings of whistleblower settlements.
A good compliance program starts with strong policies and procedures and a well-trained staff that understands appropriate billing and compliance with state and federal regulations.
"As you do your own internal audits, are you seeing a pattern of mistakes being made to indicate there is vulnerability in your systems? Through your employee hotline or other complaint reporting mechanisms, are you seeing the same complaints being made?" Grizzle says. "That could be a red flag for a potential issue you might want to explore to determine if any corrective action is necessary."
Even if a hospital is guilty of an honest mistake, Grizzle says they still have to be ready to defend against allegations that the mistake is potential healthcare fraud, and defending is expensive.
"With some of the proactive data mining and analysis, the government contractors are identifying outliers in a particular geographic area," she says. "Sometimes, there are good reasons why someone is an outlier. You can defend it. But if you are identified as a target because you seem to have a high utilization rate for a particular situation, then you have to be prepared to defend why you are an outlier."