The answers to these 5 questions can ensure that you stay on the straight and narrow. Most Part B practices have been studying compliance issues for so many years that they feel like experts. But it can be easy to let your guard down and see some of your hard-earned compliance plans become outdated. Check out the following five Q&As to determine whether you're still up to speed on compliance rules and regulations. Know What's Required of Compliance Officer Question 1: Can you provide a general job description for a compliance officer in a medical office? Also, can we ask the office manager or primary biller to take on that role, included with his or her other responsibilities? Answer:
The OIG also indicates that it may be appropriate for a practice to outsource compliance officer responsibilities. The outside individual or group must develop and maintain a good working relationship with the practice and stay up-to-date with office activities and changes. The OIG recommends that the practice designate an internal employee to serve as a liaison with the outsource compliance officer.
Compliance Plan Alone Won't Protect You
Question 2: Our practice bought a compliance plan from a consultant about eight years ago and we have not had a problem since then. Other than updating the names on it when a new physician joins our practice, this plan should cover us if we ever get audited, right?
Answer:
When you say you "bought" the compliance plan, it is assumed that you purchased a pre-written plan and simply filled in your practice's information on the front page, which probably is not enough to protect you if an audit ever occurred. Compliance is a multistep process that does not stop after you file away your compliance plan."A pre-written compliance plan may be a good place to start, but it provides a false sense of security for several reasons," says David E. Jose, Esq., partner with Krieg DeVault in Indianapolis. "First and foremost, a compliance plan needs to be directed at the various regulatory, payment, operational, and legal issues that are most implicated for the practice."
The model compliance plan proposed by CMS states that each practice or organization should look carefully at areas of exposure to make sure that it has adequate systems in place to monitor and correct sources for potential claims and penalties, Jose says. "Another reason to not simply buy something 'off the shelf' is that it is less likely to be integrated into the operations of the practice," Jose says. "If it's not been integrated (by means of a thoughtful adoption process that leads to accountable assignments), then it's less likely to be effective. It will also make the training process more difficult, and this is an essential component for any effective compliance program."
An additional consideration to keep in mind is that any authority (whether regulatory or accreditation or other) will be skeptical regarding the credibility of this type of compliance program within the practice, Jose adds.
Know the Audit Timelines
Question 3: Would an OIG auditor evaluating Medicare documentation check records from dates of service when the patient was not on Medicare, or just the period of time while he was insured under the program?
Answer:
If the OIG were auditing your practice as part of a random or standard audit, he would simply review the dates of service that a patient was on Medicare. Remember, the OIG's primary goal is finding problems that have caused a financial loss to the government.However, if the auditor identifies a problem that warrants further investigation, in some cases he may want to know how you have billed private insurers to determine whether you have committed such problems across the board, or exclusively with Medicare claims. At times, the OIG may feel that it can strengthen its case against a practice if the practice's fraudulent activity extends into their private insurance claims as well. Therefore, the OIG will usually only audit your private insurance claims if wrongdoing was already discovered among your Medicare claims, or if the agency received complaints from your private insurance payer, who found problems and suspects that Medicare violations are present.
Identify Conflicts of Interest
Question 4: My practice is involved in a variety of business ventures. I am working with the compliance officer to develop policies and procedures for disclosing possible conflicts of interest by individuals within this practice. Where should I begin?
Answer:
Because so many physicians have a variety of business interests, this issue comes up often, and your practice should know where to turn when it comes to disclosure of these issues.First, make sure there is a conflict-of-interest policy in effect and include it in your compliance manual, e.g., "It is this company's policy that employees shall avoid both real and perceived conflicts of interest. Any questions concerning conflicts of interest must be immediately addressed with the appropriate supervisors or the designated compliance officer."
Second, set up a conflict-of-interest procedure that includes a financial disclosure statement, which lists all the employee's business-related financial information (e.g., stock ownership in pharmaceutical companies, partnerships, commercial real estate, etc.).
Develop a conflict-of-interest disclosure statement that is signed by each employee. The statement must say that the employees have read and understood the company's conflict- of-interest policy and will abide by it. The procedure should also include the requirements for an annual review and re-signing.
The importance of a conflict-of-interest policy cannot be understated. Senior management must promote strong personal integrity and set such an example, because a standpoint must be developed that it is every employee's responsibility and obligation to protect the organization they work for.
Show Employees Where to Turn to Report Compliance Issues
Question 5: Our compliance plan does not identify who we should contact if we see compliance violations, but I assume we'd report that to our compliance officer. However, in my case, it's the compliance officer who appears to be causing the violations. In this case, who do I contact?
Answer:
Every compliance plan should include information on handling complaints from different sources within and outside the practice, Jose says. "In larger organizations, there will be some protective mechanisms to make sure that the employee can report a concern anonymously, and there are laws that protect against retaliation for the reporting of compliance concerns."In addition, Jose says, "A compliance plan should have an option for reporting a concern to another party if the reporting individual is concerned that the compliance officer is implicated in the matter, or if the reporting individual fears some form of retaliation. This scenario suggests that there could be an ethical violation at issue, and a compliance plan should be prepared to address issues of professional ethics as well as any code of conduct or code of ethics adopted by the practice."