The Health Insurance Portability and Accountability Act of 1996, originally the Kennedy-Kassebaum bill, dramatically increases the risks that all health care providers face when they fail to pay attention to reimbursement and self-referral rules. To ensure adherence to HIPA, every provider and managed care organization should create an internal compliance program, including mechanisms for investigating and resolving reimbursement errors and other inappropriate activity. Laziness, sloppiness and ignorance can all be construed as fraudulent activity under the new rules!
Section 231 of HIPA expands the prior civil money penalties laws (CMPL) for fraud and abuse violations. Because these are not criminal violations, jail time is not included in the range of sanctions for breaking these rules. However, enormous fines and penalties and exclusion from participation in government health care programs are not uncommon. Moreover, because these are civil penalties, the government has an easier burden of proof: For the CMPL rules, the government merely needs to show by a preponderance of evidence that a violation has occurred. This is a far easier standard to meet than the "beyond a reasonable doubt" standard under criminal fraud law.
Let's examine these new CMPL rules.
First, HIPA extends the CMPL jurisdiction to virtually all federal health care programs. Thus, CMPL penalties now apply to programs such as CHAMPUS, veterans' benefits and public health service programs, not to mention Medicare and Medicaid.
Along similar lines, the CMPL penalty amounts have been greatly increased, from $2,000 to $10,000 per violation. This is an important change, because the penalties apply for each claims form line item or prohibited practice. Thus, if during a patient visit a physician takes a history, gives an injection and diagnoses a specific ache, that 5- or 10-minute visit results in three or more line items on the "superbill." If, for example, the services were found to be both medically unnecessary and fraudulent or abusive, the practice now would be looking at a minimum penalty of $30,000 from that brief visit.
In addition, the feds may apply a damage assessment to increase this penalty, based on aggravating or mitigating factors. Previously, the damage assessment was up to twice the amount of the claim. Now, HIPA permits this damage assessment to be as much as three times the amount of the claim. Conceivably, the government could impose a fine and penalty of $90,000 for that five- or 10-minute examination!
An effective internal compliance program will have a substantial impact in reducing the amount of any fine and penalty under these laws. If mistakes occur despite an effective internal compliance program — which certainly can happen — the presence of the program could potentially reduce the exposure of the physician in our example to as little as $9,000. That's why I say that every physician or group should consider creating a fraud and abuse compliance program immediately.
HIPA's changes to the CMPL rules also include the imposition of penalties when the government can show that "upcoding" or "unnecessary care" in claims submitted for reimbursement were the result of extreme laziness or sloppiness. If the doctor is not sufficiently diligent in learning these rules, understanding how and when to bill and supervising the accuracy and appropriateness of the billings, this lack of due diligence can constitute a false claim. A pattern or practice of upcoding and un- necessary care can also be a basis for civil money penalties and exclusion, even without the necessity of depending upon a false claim theory to justify the penalty. In other words, not only has HIPA endorsed the government's previous position that repeated upcoding errors or other billing errors can constitute a false claim, but a new civil money penalty law imposes fines for excessive upcoding or unnecessary care even if the government cannot show that there was a "false claim."
This "knowledge" requirement has been modified generally under these HIPA amendments to the CMPL. The CMPL originally was intended to assist enforcement agencies in situations where wrongful conduct could not be punished because the "knowing and willful" standard required under the criminal law could not be met. For some time, the knowledge standard under the CMPL was essentially one of negligence. Penalties were available for conduct that the provider "knew or should have known" was not permitted.
However, because CMPL rules now impose expensive and obviously penal (albeit not criminal) sanctions on providers, the government has been pressured to reduce the application of the CMPL to merely negligent conduct. Instead, the government has now agreed to change the CMPL requirement to "reckless disregard."
Whenever the law imposes a penalty for engaging in wrongful behavior that the provider "should have known" violated the rules, this means that the provider must have actual knowledge of the wrongdoing or be so indifferent to whether wrongdoing occurs that the provider "recklessly disregards" the violations. This requires more egregious behavior than mere negligent supervision.
However, note that a systemic indifference to billing errors, or the continued tolerance of internal procedures that fail to monitor the accuracy of claims or that encourage upcoding or other violations, may well be considered "reckless" by the government.
Even with the requirement that the government show that a doctor was "deliberately ignorant" or in "reckless disregard" of the truth, doctors and other providers cannot afford to be ignorant of the rules. Equally important, they cannot afford to ignore how bills are actually submitted and reviewed within their organizations.
Remember, when the ostrich sticks its head in the sand, a different part of its anatomy gets exposed!