410 likes | 815 Views
Compliance Program. Compliance Training Objectives. Meeting regulatory requirements Defining an effective compliance program Communicating the obligation to be aware of and adhere to the compliance program
E N D
Compliance Training Objectives • Meeting regulatory requirements • Defining an effective compliance program • Communicating the obligation to be aware of and adhere to the compliance program • Providing information on how to report non-compliance, including fraud, waster and abuse (FWA) concerns • Sharing information on laws pertaining to program compliance
Requirements • Federal statutes, regulations, and CMS policy govern the Medicare Parts A, B, C and D Programs. • Guidelines require implementation of an effective compliance program which includes measures to prevent, detect and correct Medicare non-compliance. • CMS recently released new Compliance Program Guidelines • Part C: Chapter 21 Managed Care Manual • Part D: Chapter 9 Prescription Drug Manual
Where do I fit in? • As a person who provides health or administrative services to a Part C or Part D enrollee, you are either a: • Part C or D Employee • First Tier Entity • Downstream Entity • Related Entity
Where are my responsibilities as an employee? • You are a vital part of the effort to prevent, detect, and report Medicare non-compliance as well as possible fraud, waster and abuse. • 1st – You are required to comply with all applicable statutory, regulatory, and other Part C or Part D Requirements, including adopting and implementing an effective compliance program. • 2nd – You have a duty to the Medicare Program to report and violations of laws that you may be aware of. • 3rd – You have a duty to follow our organization’s Code of Conduct and policies and procedures that articulate a commitment to ethical behavior.
What is an Effective Compliance Program • Federal Sentencing Guidelines • An effective program to prevent and detect violations of law means a program that has been reasonably designed, implemented, and enforced so that it generally will be effective in preventing and detecting criminal conduct. • CMS Compliance Program Guidelines • Must, at minimum include the implementation of the core elements which include measures to prevent, detect and correct areas of non-compliance including FWA and devote adequate resources to protect the Medicare program.
Core Compliance Program Elements • Written Policies, Procedures and Standard of Conduct • Designation of a Compliance Officer, Compliance Committee and High Level Oversight • Effective Training and Education • Effective Lines of Communication • Well Publicized Disciplinary Standards • Effective Auditing and Monitoring • Prompt Response to Compliance Issues
Written Policies, Procedures & Standard of Conduct • Implementation of written policies & procedures and standards of conduct that demonstrates the organizations commitment to ethical business behavior and adherence to all federal and state laws and regulations including those from CMS • Every sponsor, first tier, downstream and related entity must have policies and procedures in place to address non-compliance. • Make sure you are familiar with your entity’s policies and procedures
HealthSunHealth PlansCompliance Program • HealthSun has established a Compliance Program which includes: • Compliance Program Manual • HealthSun’s Code of Ethics and Business Conduct • Policies and Procedures • If you are part of a first tier, downstream or related entity, you must adopt these, or develop and adopt your own standards of conduct and policies and procedures that comply with Medicare guidelines.
Compliance Officer & Compliance Committee Requirements: • Designation of a Compliance Officer & Compliance Committee who report directly to the Chief Executive • Compliance Officer must be an employee of the organization vested with day to day operations. • Compliance Officer & Committee must report regularly regarding the status and activities of the compliance program. • Must be a knowledgeable governing body that exercises oversight and effectiveness of the Compliance Program.
HealthSun’s Compliance Officer • Marianela de la Llama, Compliance Officer • Compliance Hotline (305) 256-8880
Effective Training and Education • All employees, including executive, temporary or contracted workers and volunteers, governing body and first tier, downstream and related entities require training. • Training Must: • Be conducted within 90 days of hire or date of contracted services, and annually thereafter • Be a condition of continued employment and used in employee evaluations • Include education on: Compliance Program components, Fraud, Waster and Abuse and Specialized Training for areas of risk
Effective Lines of Communication • Effective lines of communication must exist between Compliance Officer and employees, governing body and first tier, downstream and related entities • When reporting concerns to the Compliance Officer, processes must ensure: • Confidentiality • Anonymity • Non-retaliation for good faith reporting
Enforcement Through Well Publicized Disciplinary Guidelines • Guidelines Must: • Encourage good faith participation by all • Provide expectations for reporting • Ensure identification of noncompliance or unethical behavior • Provide for timely and consistent enforcement when noncompliance is determined
Auditing & Monitoring • Must implement effective system for routine monitoring of compliance risks, including • Performing a Risk Assessment • Developing Work Plans • Conducting Internal Audits • First Tier, Downstream and Related Entity Audits • External Oversight Audits
Responding to Detected Offenses • Must have a system of responding to compliance issues as they arise in a timely manner. • Compliance issues may be identified through: • Self-reporting • Audits • Corrective Action Plans must be implemented for non-compliance issues. • Reporting to law enforcement and government entities may be required.
How Do I Report Non-Compliant, Unlawful or Unethical Business Behavior?
Reporting Non-Compliance • Everyone is required to report suspected non-compliance and instances of fraud, waste, and abuse. The Code of Conduct and Ethics should clearly state this obligation. Retaliation against you should not occur for making a good faith effort in reporting.
Reporting Medicare Non-Compliance • Every MA-PD and PDP sponsor is required to have a mechanism in place in which potential concerns related to Medicare non-compliance and unethical business conduct as well as FWA may be reported by employees, first tier, downstream, and related entities (FDRs). • Sponsors must be able to accept anonymous reports and cannot retaliate against you for reporting When in doubt, call the Compliance Department
Your Duty as an FDR • Read, understand and comply with HealthSun Health Plans Code of Ethics and Business Conduct or your own standards of conduct that comply with Medicare guidelines. • Must report any non-compliant, illegal or unethical business behavior • Failure to report will result in disciplinary action up to and including termination (or termination of contract) • HealthSun Health Plans has a strict no retaliation policy for god faith reporting.
Healthcare Laws • The following slides provide very high level information about specific laws. For details about the specific laws, consult the applicable statute and regulations concerning the law.
Stark Statute (Physician Self-Referral Law) • Prohibits a physician from making a referral for certain designated health services to an entity in which the physician (or a member of his or her family) has an ownership/investment interest or with which he or she has a compensation arrangement (exceptions apply).
Exclusions • No Federal health care program payment may be made for any item or service furnished, ordered, or prescribed by an individual or entity excluded by the Office of Inspector General (OIG).
HIPAA • Health Insurance Portability and Accountability Act of 1996 • Created greater access to health care insurance, protection of privacy of health care data, and promoted standardization and efficiency in the health care industry. • Safeguards to prevent unauthorized access to protected health care information. • As a individual who has access to protected health care information, you are responsible for adhering to HIPAA.
HITECH Act Health Information Technology for Economic and Clinical Health Care Act (1993) • Expanded requirements associated with the electronic transmission of PHI and made significant changes related to business associate responsibilities, breach notification requirements and accounting of PHI. • Additionally, government enforcement was enhanced and penalties for noncompliance raised.
Civil False Claims Act Prohibits: • Presenting a false claim for payment for approval; • Making or using a false record or statement in support of a false claim; • Conspiring to violate the False Claims Act; • Falsely certifying the type/amount of property to be used by the Government; • Certifying receipt of property without knowing if it’s true; • Buying property from an unauthorized Government officer; • Knowingly concealing or knowingly and improperly avoiding or decreasing an obligation to pay the Government
Anti-Kickback Statute Prohibits: • Knowingly and willfully soliciting, receiving, offering or paying remuneration (including any kickback, bribe, or rebate) for referrals for services that are paid in whole or in part under a federal health care program (which includes the Medicare program).
Beneficiary Inducement Statute Prohibits: • Offering remuneration that a person knows (or should know) is likely to influence a beneficiary to select a particular provider, practitioner, or supplier including a retail, mail order or specialty pharmacy.
Medicare • Titile XVIII of the Social Security Act designated “Health Insurance for the Aged and Disabled”, more commonly known as Medicare. • All associates, governing body and first tier, downstream and related entities are responsible for following the laws related to Medicare, which also include those pertaining to Medicare Parts C & D found at 42 C.F.R. §§422 and 423 respectively, and any other guidance provided by The Centers for Medicare & Medicaid Services or U.S. Dept. of Health and Human Services.
Reportable Provider Concerns • Violation of state/federal regulations • Violation of contractual obligations • Inappropriate charges/billing of services • Inappropriate upcoding • False or fraudulent documentation • Quality of care issues • Potential violations of Stark Law or Anti-Kickback • Violation of HSHP compliance program policies
Reportable Vendor Concerns • Violation of state/federal regulations • Not meeting contractual obligations as defined in the signed agreement • Performance measures • Timeliness • Accuracy standards • Not meeting HITECH and HIPAA regulations as defined in the Business Associate Agreement • Engaging in third party activities without consent • Inappropriate billing of services performed
Congratulations!! You have completed HealthSun Health Plans Compliance Training Please sign the Statement of Attestation and provide to the Compliance Officer