Mark D. Abruzzo, J.D.

Mark D. Abruzzo, J.D.

Ever since the government intensified its efforts to crack down on medical fraud, and asked the health care community to assist, compliance and compliance planning are the buzzwords. The message finally appears to be getting through to physicians, and practices are instituting compliance plans at a fast pace. This is good news — recognition is half the battle! Unfortunately, in many cases, compliance efforts are misguided and actually put the practice in an awkward position.

You need a compliance plan if you are not in compliance, but the only way to know whether you are is to perform a self-audit. If, upon audit, you're clean, then great. Unfortunately, in the process, you're more likely to find problems. Then what?

The self-audit is an integral part of the overall compliance plan. To aid health care providers in implementing effective compliance plans, the Office of the Inspector General describes seven elements it believes are fundamental to provider compliance. The first of the seven is the audit.

Lack of understanding

Practices often do not understand the value of audits. What's more, the consultants and advisers assisting practices do not always know how best to conduct them. Unfortunately, the OIG guidelines are not necessarily the best resource on this issue.

Although the guidelines suggest when and how to conduct an audit, they are silent as to the inherent risks a practice faces in undertaking auditing activities. They speak to identification of problem areas, but they don't address the "then what?" part — perhaps intentionally. Clearly, identifying problem areas will help prevent future violations because the practice will know on what areas to focus its training and education.

Disclosure issues

However, as much focus as there is on compliance, so too the government has emphasized self-disclosure. The OIG requires physicians to disclose any detected violations.

The most recently released guidelines — those for solo and group practices — state that each practice needs to determine whether to review claims retrospectively or concurrently; that is, whether a practice should look at claims that have already been submitted for payment or claims that are ready to be submitted for payment.

Notwithstanding that the guidelines leave it to the discretion of the practice as to what types of claims it should audit, the guidelines do recommend that physician practices conduct their baseline audits on a retrospective basis.

However, the ramifications of doing a baseline audit on a retrospective basis could be substantial.

Once a physician has knowledge of erroneously paid claims, the law requires him to refund those payments. If an audit is conducted on a retrospective basis, on claims already submitted and for which payment has been received, the practice is obligated under the law to refund any payments that it knows were improperly made.

On the other hand, if the audit is conducted on a prospective basis (i.e., using presubmitted claims), then the claim that is ready for submission is corrected and submitted for reimbursement. No harm done.

Here's an example. Let's say a two-doctor general practice conducts an audit on claims already submitted, and discovers that of the 20 claims reviewed, the medical-record documentation for five of those claims does not support the level of service billed.

The practice now has knowledge of five upcoded claims, and it is obligated to return the excess payment received for those five claims. If, however, the practice conducts an audit on claims that have not yet been submitted and identifies the same five upcoded claims, the practice can correct the codes, submit the claims for payment, and now focus its education and training efforts on those areas that it identifies as problems.

Where there's smoke?

While reimbursing overpayment for five claims won't break the bank, it may send up a red flag to the payer that other errors exist. If a random sampling picks up on the fact that a practice was overbilling with respect to a certain procedure or visit, then the odds are that many errors or overpayments exist. Upon extrapolation — which is what Medicare, for example, can do in making an assessment — the liability can get quite big.

Thus, practices are well advised to conduct their first, or baseline, audit on presubmitted claims. Although this is contrary to the recommendations set forth by the OIG, it is the best way to minimize the consequences of an audit. The OIG guidelines do make very clear that one of the most important elements of a successful program is the practice's undertaking of an appropriate response when it does identify problems.

The manner in which the audit is conducted will dictate the type of response that will be required. So, perhaps, what the OIG is saying is that if a prospective audit detects that a claim was about to be submitted incorrectly, this puts the practice on notice that it might want to check similar claims that were already submitted. But the law itself doesn't provide an affirmative duty to do this. This is a very important distinction.

Also, consistent with OIG guidelines, the practice should conduct its first audit after it conducts its initial education and training. That way, the audit will highlight those areas where additional training and education are needed.

In addition, the practice should conduct periodic audits on at least a yearly basis to ensure that the compliance program is being followed. Another thing you need to know is that any audit should be based upon a random sampling of claims. This is important. One of the worst things you can do is perform a sampling of specific or difficult codes. This not only emphasizes any errors that are unearthed, it provides no certainty as to whether the practice is generally compliant.

Finally, due to the potential ramifications, anyone undertaking auditing activities as part of a compliance program should seek legal counsel from experienced health care specialists. Health care counsel working with physician practices and other providers to develop compliance programs may be in the best position to assist them in fulfilling their compliance obligations, while also minimizing the risk of the potential adverse actions.

One benefit that can be obtained by seeking legal counsel prior to conducting a compliance audit: The practice can take advantage of the attorney/client privilege. That is, if the practice's lawyer engages a consultant to perform an audit on behalf of the practice, then the report and all communications between the consultant, the lawyer, and the practice — with respect to the report — are privileged.

Earlier warning

If the practice were to engage the consultant directly, the consultant could be subpoenaed by the government, without the knowledge of the practice. The attorney/client privilege is not necessarily going to keep the report out of the hands of the government, but at least the practice will have knowledge of the government's inquiry at a much earlier point in the investigation.

Given the health care enforcement environment and the OIG's continuing focus on voluntary compliance, it behooves every health care provider to carefully consider implementing a compliance plan. But, as important as it is to implement a compliance plan, it is more important to implement correctly — and to understand the risks and ramifications of each step of the process.

Mark D. Abruzzo, J.D., specializes in health care law at the Berwyn, Pa.-based law firm of Wade, Goldstein, Landau & Abruzzo.

Managed Care’s Top Ten Articles of 2016

There’s a lot more going on in health care than mergers (Aetna-Humana, Anthem-Cigna) creating huge players. Hundreds of insurers operate in 50 different states. Self-insured employers, ACA public exchanges, Medicare Advantage, and Medicaid managed care plans crowd an increasingly complex market.

Major health care players are determined to make health information exchanges (HIEs) work. The push toward value-based payment alone almost guarantees that HIEs will be tweaked, poked, prodded, and overhauled until they deliver on their promise. The goal: straight talk from and among tech systems.

They bring a different mindset. They’re willing to work in teams and focus on the sort of evidence-based medicine that can guide health care’s transformation into a system based on value. One question: How well will this new generation of data-driven MDs deal with patients?

The surge of new MS treatments have been for the relapsing-remitting form of the disease. There’s hope for sufferers of a different form of MS. By homing in on CD20-positive B cells, ocrelizumab is able to knock them out and other aberrant B cells circulating in the bloodstream.

A flood of tests have insurers ramping up prior authorization and utilization review. Information overload is a problem. As doctors struggle to keep up, health plans need to get ahead of the development of the technology in order to successfully manage genetic testing appropriately.

Having the data is one thing. Knowing how to use it is another. Applying its computational power to the data, a company called RowdMap puts providers into high-, medium-, and low-value buckets compared with peers in their markets, using specific benchmarks to show why outliers differ from the norm.
Competition among manufacturers, industry consolidation, and capitalization on me-too drugs are cranking up generic and branded drug prices. This increase has compelled PBMs, health plan sponsors, and retail pharmacies to find novel ways to turn a profit, often at the expense of the consumer.
The development of recombinant DNA and other technologies has added a new dimension to care. These medications have revolutionized the treatment of rheumatoid arthritis and many of the other 80 or so autoimmune diseases. But they can be budget busters and have a tricky side effect profile.

Shelley Slade
Vogel, Slade & Goldstein

Hub programs have emerged as a profitable new line of business in the sales and distribution side of the pharmaceutical industry that has got more than its fair share of wheeling and dealing. But they spell trouble if they spark collusion, threaten patients, or waste federal dollars.

More companies are self-insuring—and it’s not just large employers that are striking out on their own. The percentage of employers who fully self-insure increased by 44% in 1999 to 63% in 2015. Self-insurance may give employers more control over benefit packages, and stop-loss protects them against uncapped liability.