Practice Management Alert

Compliance:

Know These Fraud Trends Related to COVID-19

See where the pandemic has jumpstarted enforcement.

The pandemic may have stalled business as usual at every level this time last year, but federal agencies and authorities are making up for lost time in investigating healthcare fraud and abuse. The Department of Health and Human Services (HHS) Office of Inspector General (OIG) has continued to ramp up focus on pandemic-related problems, but bread-and-butter healthcare fraud and abuse are still on their radar, too.

Remaining compliant is critical, said attorneys Michael E. Paulhus with King & Spalding in Atlanta and Marissel Descalzo with Tache Bronis in Miami, in the “Enforcement Trends, Compliance, and the False Claims Act” session at the Collaborative Compliance Conference, presented by AAPC and the American Health Law Association (AHLA) on Feb. 22.

Note How COVID Represents Only Fraction of OIG Focus

Currently, OIG has a dedicated COVID-19 Fraud Alert page with a plethora of online guidance, tips, and links to auxiliary information. Details are plentiful and the agency refreshes the page weekly with the latest scams. This offering gives both providers and patients insight on current fraud trends related to the pandemic — and how to respond to criminals.

Work Plan: In 2017, OIG flipped from an annual or semi-annual Work Plan release to monthly updates to ensure greater transparency of federal healthcare programs’ audits and evaluations, agency guidance suggests. Since the switchover, announcements had been steady — until COVID-19 hit. Right now, the OIG Work Plan lists a whopping 284 Active Items, with 54 specifically focused on COVID-19-related claims, policy, and funding issues.

COVID-19 FAQs: In April 2020, worries started to arise in the healthcare industry about the flexibilities, policies, and waivers — as well as the subsequent enforcement — associated with the COVID-19 public health emergency (PHE). OIG announced it would be addressing inquiries in a Frequently Asked Question (FAQ) set that it would update weekly. The outreach effort aimed to field compliance-centered questions on the intersection of the PHE and the False Claims Act (FCA), Anti-Kickback Statute (AKS), Stark Law, and the Civil Monetary Penalty Law (CMPL), the FAQs site says.

Interestingly, OIG gives a laundry list of limitations related to its COVID-19 FAQs, reminding providers and suppliers that the feedback is informal and relates specifically to the PHE and all that it encompasses. And the clincher: “Any favorable answer[s] will not result in prospective immunity or protection from OIG administrative sanctions or prospective immunity or protection under Federal criminal law,” the federal watchdog agency warns.

OIG’s COVID-19 fraud focal points offer a guidebook on what’s trending in enforcement, but also outline what providers need to be on the lookout for in their own organizations.

Double Down on COVID Compliance Efforts in These 4 Areas

Here are four areas to stay on top of compliance in the coming months:

1. CARES Act funding: OIG has audits underway on a variety of CARES Act funding programs, including audits of the related agencies and funding recipients. Both the HHS Provider Relief Fund (PRF) payments and the expansion of Medicare’s Accelerated and Advance Payment Program (AAP) are under the microscope with reports expected from OIG this year.

“I would anticipate FCA [and] whistleblower cases for patient harm [and] employee harm parallel to the Cares Act Funding” investigations, Paulhus said.

In fact, the Department of Justice (DOJ) already targeted the first prosecution of an organization that received CARES Act money to buy PPE and take care of COVID-19 patients, Descalzo added. In the case, “the owner of the hospice gave the money to family members” instead of using it for COVID-19 patients and staff resources as required, she mentioned.

“The DOJ is getting its feet wet with this low-hanging fruit,” Descalzo said.

Plus: OIG has also homed in on scammers attempting to steal providers’ personal and financial information to usurp HHS grants and PRF payments, online guidance suggests.

2. COVID-19 testing: Fraudsters have used this avenue to trick Medicare beneficiaries since COVID-19 test shortages arose last year — and it has continued to be a problem. Criminals pose as providers or legitimate testing sites to get Medicare information from patients. The feds are onto test fraud and have already prosecuted two cases of genetic testing posed as COVID-19 tests, Descalzo said.

3. COVID-19 vaccinations: The federal vaccination rollout has been less than stellar, and COVID-19 fraud abounds. From identity theft to registration and allocation issues to money requests to jumping the vaccine line, fraud surrounding the COVID-19 vaccines are prevalent, OIG guidance shows.

“Stay tuned. I think we will see enforcement issues for providers for inoculation fraud [and] for not complying to the rules and regulations for the order in which people get registered and vaccinated,” Paulhus predicted. “There is a potential for enforcement for shots not being allocated according to the guidelines mandated by the CDC. We think it will be an area of interest by Congress and by DOJ,” he said.

4. Telehealth: This continues to be a thorn for Medicare providers as policies evolve with the PHE stretching on. The changes have been plentiful and causing compliance issues, highlighting the OIG’s reason to add Part B providers’ and home health agencies’ telehealth claims to the Work Plan in January.

Plus, post-COVID concerns are already in the mix as providers transition to more in-office care. Enforcement issues to watch for include:

  • Use of the correct technical components;
  • Adherence of state requirements, laws, and licensure; and
  • End of HIPAA enforcement discretions on telehealth platforms.

Tip: Looking at the big picture, “we should be focusing our compliance on pandemic-related issues, but other components of OIG audits are still there” like the feds’ recent addition of short hospital stays to its audit list,” said Paulhus.

Recent enforcement targets include hospital inpatient claims surrounding the Two-Midnight Rule, home health and hospice fraud, electronic health record (EHR) and vendor issues, speaker programs, safety standards at skilled nursing facilities (SNFs), illegal opioid distribution, and Medicare Part D payments.

Main takeaway: “We thought with the pandemic hitting, enforcement would decline. That wasn’t the case,” Paulhus said.