Follow these steps to safeguard yourself from practice-killing penalties in the event of an audit.
Is your podiatry practice’s compliance program strong enough to weather an audit or investigation?
When it comes to compliance, it’s important to remember that the feds don’t believe in accidents: they look for neglect. And if you feel comfortable telling yourself that your compliance program is solid because you haven’t been audited, just remember this little word: yet.
How do Investigations Start?
The line between mistakes and fraud can be blurry if your podiatry practice’s compliance program isn’t robust, explains CJ Wolf, MD, CHC, CPC, CCEP, CIA, COC, Senior Compliance Executive for Healthicity in Salt Lake City and a speaker at MGMA’s most recent annual meeting.
“In some instances it’s just out-and-out fraud. But typically during the business of the day, doctors aren’t saying ‘I want to commit fraud today,’” Wolf tells Podiatry Coding & Billing Alert.
“One of the main issues is asking ‘how can I get this paid’ and not ‘does Medicare allow for this’ when coding,” Wolf says. “Having the knowledge of how to bypass these rules doesn’t justify them.”
“Most doctors who get in trouble, over time, feel under financial and time pressures and don’t invest the resources to learn all of the nuances of compliance,” Wolf says of providers’ tendencies to find workarounds. “They think, ‘Oh, Medicare’s policy is that you can’t do this, well, I don’t like that.’”
But it can be a slippery slope, one that leads to the dubiously regarded whistleblower.
Providers may gradually discover billing and coding practices that yield greater revenue, and these become the norm for their offices. This works, until a new staff member or auditor comes in and correctly labels it as fraud, then “Boom! A whistleblower.”
And while the False Claims Act (FCA) allows individuals who file cases on behalf of the government to receive up to 30 percent of the recovered claims, Wolf estimates that 80 percent of whistleblowers who file lawsuits under the False Claims Act report internally first. “There’s a very real opportunity for prevention by having a robust compliance program.”
A CMS Final Rule on Overpayments Increases the Need for Self-Scrutiny
The Affordable Care Act (ACA) requires that you have a compliance plan in order to participate in Medicare, Medicaid, and other federal programs, but it’s also a best practice. “You don’t have to go over the top, but you need to have something in place, and you probably already have one of some sort,” Wolf says. But do you have provisions in place that address “key risk areas?”
As of March 14, 2016, this is especially critical: CMS’s 2016 final rule on overpayments requires that overpayments be reported within 60 days of identification, and that failure to do so can result in penalties under FCA:
“This final rule states that a person has identified an overpayment when the person has or should have, The key element here is “should have, through the exercise of reasonable diligence.” Basically, this “reverse false claims act” says not only that a provider can be held responsible for overpayments, but your failure or inability to identify it within 60 days is immaterial to your responsibility. You can’t use the “ostrich defense.” The final rule says that if you’re receiving funds from the government then you should have something in place to catch the government’s mistakes.
How a Compliance Program Can Protect You if Mistakes are Detected
When OIG determines that fraud claims warrant an investigation, one of the first things investigators look for is that you have an effective compliance program. “U.S. federal sentencing guidelines for applying fines and criminal sanctions allow for the mitigation of damages and even keep the organization from taking the heat instead of the individual,” Wolf says.
And on top of fines and penalties, practices that get in trouble can be placed under a Corporate Integrity Agreement with OIG for five years, which must be certified annually through practice-funded audits — or removed from Medicare entirely.
One way to avoid that is demonstrating an effective compliance program.
“Let’s assume it’s an honest mistake and the funds need to be returned. They’re returned, you disclose to CMS how it occurred and what you did to correct it,” Wolf says. “An effective compliance program, when probed by CMS, can keep you from getting a CIA on your practice and the resulting mandatory audits and financial burdens.”
Another benefit is that if the investigators feel your mistake smells of fraud, a solid compliance program assures them that the incident is limited to one area because your broad compliance program will catch further instances. In other words, they won’t be inclined to exclude you from Medicare altogether.
To read the CMS 2016 final rule on overpayments, visit: https://www.federalregister.gov/documents/2016/02/12/2016-02789/medicare-program-reporting-and-returning-of-overpayments.