MD - Health Care Compliance Association
MD - Health Care Compliance Association
MD - Health Care Compliance Association
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Volume Eight<br />
Number One<br />
January 2006<br />
Published Monthly<br />
Meet<br />
Greg Jones<br />
Law Enforcement Liaison,<br />
Prescription Drug Benefit,<br />
CMS’s Program Integrity Group
At the end of January,<br />
the <strong>Health</strong> <strong>Care</strong><br />
<strong>Compliance</strong> <strong>Association</strong><br />
will move to its new<br />
headquarters located at:<br />
6500 Barrie Road,<br />
Suite 250<br />
Minneapolis, MN 55435<br />
While our address<br />
will change, our telephone<br />
and fax numbers will<br />
remain the same:<br />
Toll-free phone:<br />
888/580-8373<br />
Local phone:<br />
952/988-0141<br />
Fax:<br />
952/988-0146<br />
And you can always<br />
reach us via e-mail at<br />
info@hcca-info.org<br />
or on our Web site at<br />
www.hcca-info.org
ASK<br />
ON<br />
THE<br />
LEADERSHIP<br />
ONCALENDAR<br />
JOHN ASKS THE HCCA<br />
LEADERSHIP YOUR QUESTIONS<br />
JOHN FALCETANO<br />
Editor’s note: Beginning with this issue<br />
of <strong>Compliance</strong> Today, HCCA will<br />
feature this column—John Asks the<br />
HCCA Leadership Your Questions.<br />
John Falcetano, Chief Audit/<strong>Compliance</strong> Officer for University<br />
<strong>Health</strong> Systems of Eastern Carolina and a long-time member of<br />
HCCA, knows that members frequently have good questions that they<br />
would like to ask leadership, but for some reason or another, they are<br />
never afforded the opportunity. This column has been created to<br />
afford them that opportunity. Members may submit their questions to<br />
John and and he will publish the HCCA leadership response in a subsequent<br />
issue of <strong>Compliance</strong> Today. If you would like to ask a question<br />
of leadership, please submit your question via e-mail to<br />
Jfalcetano@cox.net<br />
Question: What is the best way for a member to study for the CHC<br />
examination Is there some type of training offered to prepare a<br />
candidate and if so, what types of topics are covered in the training<br />
sessions<br />
Leadership’s Response from Debbie Troklus: The best prep for<br />
the CHC certification exam is to attend one of the HCCA’s Academies<br />
(basic and advanced), although the Academies are not required to sit for<br />
the exam. The Academies, which are offered five times a year, cover all<br />
topics that are on the exam.<br />
The exam is based on the seven elements of an effective compliance<br />
program, as outlined by the Federal Sentencing Commission. The<br />
HCCB Candidate Handbook actually reviews in great detail the content<br />
outline for each of the elements. It is a good idea to review the<br />
content and determine in what areas an individual feels weak, and then<br />
study those particular areas.<br />
I would advise reading the <strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> Professional’s<br />
Manual and <strong>Compliance</strong> 101. The HCCA also has a practice test on<br />
its Web site as well as a practice test in the HCCB Candidate<br />
Handbook.<br />
HCCA • 888-580-8373 • www.hcca-info.org<br />
2006 CONFERENCES (BY STATE):<br />
Anchorage, AK<br />
■ Alaska Area Meeting<br />
July 13-14<br />
Scottsdale, AZ<br />
■ <strong>Compliance</strong> Academy<br />
June 5-9<br />
Los Angeles, CA<br />
■ <strong>Compliance</strong> Academy<br />
February 6-10<br />
San Francisco, CA<br />
■ Advanced Academy<br />
June 19-23<br />
San Diego, CA<br />
■ West Coast Area Meeting<br />
July 28<br />
Denver, CO<br />
■ Mountain Area Meeting<br />
August 25<br />
Orlando, FL<br />
■ South Atlantic Area Meeting<br />
January 27<br />
Atlanta, GA<br />
■ Southeast Area Meeting<br />
February 10<br />
Honolulu, HI<br />
■ Hawaii Area Meeting<br />
October 19-20<br />
Chicago, IL<br />
■ North Central Area Meeting<br />
October 6<br />
Baltimore, <strong>MD</strong><br />
■ Northeast Area Meeting<br />
March 3<br />
Boston, MA<br />
■ New England Area Meeting<br />
September 8<br />
Detroit, MI<br />
■ Upper North Central Area Meeting<br />
June 16<br />
Minneapolis, MN<br />
■ Upper Midwest Area Meeting<br />
September 15<br />
Kansas City, MO<br />
■ Midwest Area Meeting<br />
August 4<br />
Las Vegas, NV<br />
■ 10th Anniversary <strong>Compliance</strong><br />
Institute, Caesars Palace<br />
April 23-26<br />
■ 3rd Annual Research Conference<br />
September 17-19<br />
Pittsburgh, PA<br />
■ Mid Atlantic Area Meeting<br />
September 29<br />
Nashville, TN<br />
■ South Central Area Meeting<br />
November 10<br />
Dallas, TX<br />
■ Southwest Area Meeting<br />
February 17<br />
Seattle, WA<br />
■ Pacific Northwest Area Meeting<br />
June 2<br />
NATIONAL CORPORATE<br />
COMPLIANCE AND ETHICS WEEK<br />
■ May 21-27<br />
INSIDE<br />
2 HCCA New<br />
Headquarters<br />
3 Ask Leadership<br />
4 OIG 2006 Work Plan<br />
5 HCCA Audio<br />
Conferences<br />
9 Improving revenue<br />
15 Meet Greg Jones<br />
17 OIG issues draft<br />
compliance<br />
guidance<br />
20 Letter from the CEO<br />
23 HCCA seeks your<br />
contributions<br />
24 Nonprofit, tax-exempt<br />
organizations<br />
29 NDC numbers, drug<br />
claims, and FCA<br />
31 A new value<br />
proposition<br />
32 Introducing Alan<br />
Pierce<br />
34 HIPAA EDI 835<br />
37 CHC Certification<br />
38 OIG roadmap for<br />
effective compliance<br />
45 New HCCA Members<br />
3<br />
January 2006
defendants. Further, during this same period, a<br />
total of 459 defendants were convicted for<br />
health care fraud related crimes. In 2004, the<br />
DOJ also pursued 868 new civil health care<br />
fraud investigations and filed complaints or<br />
intervened in 269 civil health care cases.<br />
By Sidney Summers Welch and Sara Kay Wheeler<br />
Editor’s note: Ms. Sidney Summers<br />
Welch and Ms. Sara Kay Wheeler are<br />
partners in the Atlanta office of Powell<br />
Goldstein LLP where they focus their<br />
practices exclusively in the area of health<br />
law. Ms. Welch may be reached by telephone<br />
at 404/572-6754 or by e-mail at<br />
swelch@pogolaw.com. Ms. Wheeler may<br />
be reached a by telephone at 404/572-<br />
6905 or by e-mail at swheeler@pogolaw.com.<br />
The authors would like to<br />
thank Kinshasa K. Williams for her<br />
assistance in preparing this article. Ms.<br />
Williams is an associate in the office of<br />
Powell Goldstein LLP, where she practices<br />
in the firm’s <strong>Health</strong> <strong>Care</strong> Group.<br />
On November 16, 2005, the United<br />
States Department of <strong>Health</strong> and<br />
Human Services (HHS), Office of<br />
Inspector General (OIG), published its Fiscal<br />
Year 2006 Work Plan. 1 The primary purpose<br />
of the Work Plan is to articulate to the<br />
provider and supplier community the areas of<br />
highest risk in the programs and activities<br />
administered by HHS and to provide a road<br />
map of areas in which providers can expect<br />
the OIG to pursue enforcement activities.<br />
With the staggering financial recoveries<br />
achieved by the U.S. Department of Justice<br />
(DOJ) and HHS in recent years, health care<br />
organizations transacting business with the<br />
federal health care programs should review<br />
this publication to identify any vulnerabilities<br />
that may pertain to their operations. In combination<br />
with the OIG’s series of <strong>Compliance</strong><br />
Program Guidance (CPGs) for various industry<br />
sectors, such as hospitals, physicians, and<br />
pharmaceutical companies, 2 compliance officers<br />
should view the Work Plan as an annual<br />
guide for updating and for effectively focusing<br />
to update and their organization’s internal<br />
compliance efforts, particularly auditing projects<br />
designed to measure risk. Since the Work<br />
Plan covers a wide variety of issues and<br />
provider categories, the purpose of this article<br />
is to highlight those issues that may be most<br />
relevant to hospitals and physicians.<br />
The enforcement environment<br />
is intense<br />
To put the usefulness of the Work Plan in context,<br />
it is first helpful to consider the ongoing<br />
efforts and successes of HHS and the DOJ to<br />
combat health care fraud and abuse. In 2004<br />
alone, HHS and the DOJ won or negotiated<br />
more than $1.5 billion in enforcement<br />
actions. 3 Also in 2004, the U.S. Attorneys’<br />
Offices opened 1,002 new criminal health care<br />
fraud investigations involving 1,685 potential<br />
defendants; federal prosecutors handled more<br />
than 1,625 criminal health care fraud investigations<br />
involving 2,361 defendants; and filed<br />
criminal charges in 395 cases involving 646<br />
With the increase in enforcement and criminal<br />
actions for health care fraud and abuse, it<br />
has become increasingly important for organizations<br />
to pay close attention to issues<br />
proactively raised by either HHS or DOJ,<br />
such as those listed in the OIG’s Work Plan.<br />
It is also important for providers to recognize<br />
that many of the target areas articulated in<br />
the Work Plan are often initially identified in<br />
OIG and DOJ enforcement actions. For<br />
example, by the end of fiscal year 2004, several<br />
False Claims Act settlements were<br />
reached in cases involving the submission of<br />
dialysis claims. Correspondingly, the 2006<br />
Work Plan identifies a “new area” of interest<br />
as payment for “observation services” versus<br />
“inpatient admissions” for dialysis services. 4<br />
Work Plan—a critical compliance tool<br />
As a general matter, a well-designed effective<br />
compliance program will identify and reduce<br />
risk, improve internal controls, and measure its<br />
own effectiveness. First, an organization must<br />
identify those risks deriving from its relationship<br />
with federal and state health care programs.<br />
This process will involve a proactive<br />
and prospective examination of the risk for<br />
abuse that exists within the organization.<br />
Second, as an organization identifies and<br />
assesses its risk it must take action to fortify<br />
internal controls and processes to minimize<br />
those risks. Third, the organization must evaluate<br />
on an ongoing basis whether it has been<br />
successful in addressing those risks. The Work<br />
Plan serves as an excellent resource on which<br />
compliance officers may review their organizations’<br />
compliance objectives to align or realign<br />
Continued on page 6<br />
January 2006<br />
4<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
Join us for the following<br />
HCCA Audio<br />
Conferences<br />
Get the latest “how-to” information—tools and advice you<br />
can use daily without even leaving your office! Register on<br />
the HCCA Web site—www.hcca-info.org. You will receive an<br />
e-mail a few days before the conference with any conference<br />
handouts, and dial-in information and instructions.<br />
➤<br />
➤ Medicare Coverage Review<br />
Speakers: Lisa Murtha and Ryan Meade<br />
January 12 and 19<br />
➤<br />
➤ Medicare Part D<br />
Speakers: James G. Sheehan and David Bloch<br />
January 23<br />
HCCA Audio Conferences are a fast<br />
and easy way to aquire HCCB CEUs!<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
5
OIG 2006 Work Plan ...continued from page 4<br />
their compliance goals with those issues important<br />
to HHS for the upcoming fiscal year.<br />
<strong>Compliance</strong> officers should use the Work Plan<br />
to identify and focus their compliance efforts<br />
on those areas of potential concern or risk that<br />
are most relevant to their specific organization.<br />
Such risk areas will naturally differ across<br />
provider categories and operations such that<br />
the compliance strategies that will need to be<br />
pursued will also differ. However, because the<br />
OIG’s efforts to address program vulnerabilities<br />
is an evolving, on-going, year-round<br />
process, compliance officers efforts should not<br />
be limited to the areas addressed by the Work<br />
Plan in their effort to assess risk.<br />
OIG 2006 Work Plan<br />
The fiscal year 2006 Work Plan is divided<br />
into four sections. The first three sections<br />
consist of ongoing and proposed work relating<br />
to each of the major program operating<br />
divisions of HHS, including CMS, the public<br />
health agencies, and the Administration<br />
for Children, Families, and Aging. The<br />
fourth section contains projects that cut<br />
across HHS programs, including state and<br />
local government use of federal funds, and<br />
the functional areas of HHS.<br />
Risk areas for hospitals—The 2006 Work<br />
Plan contains many areas that have been of<br />
interest to the OIG in previous years. Of the<br />
twenty-five focus areas listed for Medicare<br />
and Medicaid Hospitals in the 2006 Work<br />
Plan, only seven of these areas are new issues<br />
that were not previously identified in other<br />
Work Plans.<br />
New focus areas<br />
The OIG has added the following new focus<br />
areas to the 2006 Work Plan:<br />
■ Adjustments for Graduate Medical<br />
Education Payments—The OIG will<br />
determine if audit adjustments for direct<br />
and indirect graduate medical education<br />
that fiscal intermediaries make while settling<br />
Medicare cost reports were properly reflected<br />
in revised Medicare reimbursement.<br />
■ Payments for Observation Services<br />
versus Inpatient Admissions for<br />
Dialysis Services—As noted previously,<br />
the OIG will evaluate whether payments<br />
made for inpatient admissions in connection<br />
with dialysis services were consistent<br />
with the level of care needed as documented<br />
in physicians’ orders.<br />
■ Inpatient Hospital Payments for New<br />
Technologies—The OIG will examine<br />
the costs associated with new devices and<br />
technologies to determine if reimbursement<br />
to hospitals is appropriate.<br />
■ Inpatient Psychiatric Hospitals—The<br />
OIG is interested in whether payments to<br />
psychiatric hospitals under the prospective<br />
payment system have been made in accordance<br />
with the Medicare laws and regulations.<br />
Specifically, the OIG will examine<br />
outlier payments and payments made for<br />
interrupted stays.<br />
■ Outpatient Department Payments—<br />
The OIG will also review the appropriateness<br />
of payments made to hospital outpatient<br />
departments, especially those made<br />
for multiple procedures, repeat procedures,<br />
and global surgeries.<br />
■ Unbundling of Hospital Outpatient<br />
Services—The 2006 Work Plan indicates<br />
that the OIG intends to determine the<br />
extent to which hospitals and other<br />
providers are submitting claims for services<br />
that should be bundled into outpatient<br />
services. Medicare prohibits the unbundling<br />
of hospital services to include outpatient as<br />
well as inpatient services since the practice<br />
could lead to unnecessary Medicare<br />
expenditures.<br />
■ “Inpatient Only” Services Performed in<br />
an Outpatient Setting—The OIG will<br />
further determine if Medicare payments<br />
for certain services provided in an outpatient<br />
setting are appropriately being<br />
denied when Medicare covers the service<br />
as “inpatient only.” The OIG is also concerned<br />
about the extent to which<br />
Medicare beneficiaries are held liable for<br />
denied inpatient claims for these services.<br />
Recurring focus areas in the<br />
2006 Work Plan<br />
The following are recurring focus areas contained<br />
in the 2006 Work Plan that may be of<br />
importance to hospitals in the upcoming year:<br />
■ Inpatient Prospective Payment System<br />
Wage Indices—Continuing its pursuit of<br />
a concern first identified in 2005 Work<br />
Plan, the OIG in 2006 will examine<br />
whether hospital and Medicare controls<br />
are adequate to ensure the accuracy of the<br />
hospital wage data used for calculating<br />
wage indices for the inpatient prospective<br />
payment system. The thrust of this project<br />
is to determine the effect on the<br />
Medicare program in terms of potentially<br />
incorrect DRG reimbursement.<br />
■ Rebates Paid to Hospitals—This year, the<br />
OIG will continue efforts to determine<br />
whether hospitals are properly identifying<br />
purchase credits as a separate line item in<br />
their Medicare cost reports. Rebates paid<br />
to hospitals were also a concern cited in<br />
the Fiscal Year 2006 Work Plan.<br />
■ Outpatient Outlier and Other Charge-<br />
Related Issues—Consistent with the<br />
agency’s long time concern listed in 2003,<br />
2004, and 2005 Work Plans, the OIG will<br />
again in 2006 continue its efforts to determine<br />
whether outlier payments to hospital<br />
outpatient departments were made in<br />
accordance with applicable Medicare rules<br />
and whether current Medicare reimbursement<br />
mechanisms appropriately reimburse<br />
providers as intended.<br />
■ Hospital Reporting of Restraint Related<br />
Deaths—Also an issue in 2005, the OIG<br />
January 2006<br />
6<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
in 2006 will assess hospital compliance<br />
with the Medicare conditions of participation,<br />
which require hospitals to report all<br />
patient deaths that may have been caused<br />
by restraints or seclusions.<br />
■ Medicaid Diagnosis-Related Group<br />
Payment Window—A long-time issue<br />
since 2003, Medicaid diagnosis-related<br />
group payment window was an issue previously<br />
reviewed by the OIG in the<br />
Medicare program. The OIG found that<br />
hospitals had improperly submitted separate<br />
Medicare billings for inpatient-stayrelated<br />
laboratory and other services performed<br />
within three days of admission.<br />
The OIG will determine whether prospective<br />
payment system hospitals submitted<br />
Medicaid claims for inpatient-stay-related<br />
laboratory and other services within three<br />
days of the hospital admission and the<br />
potential cost savings that would result<br />
from State prohibition of this practice.<br />
While this effort may have a more immediate<br />
effect on state Medicaid agencies, the<br />
notification is important for hospitals participating<br />
in state Medicaid programs.<br />
■ Hospital Eligibility for Disproportionate<br />
Share Hospital (DSH) Payments—As in<br />
fiscal year 2005, the OIG will continue to<br />
determine whether States are appropriately<br />
determining hospitals’ eligibility for<br />
Medicaid DSH payments.<br />
Risk areas for physicians and<br />
physician practices<br />
The 2006 Work Plan’s focus areas for physicians<br />
and other health professionals reflect<br />
some recurring themes from last year’s Work<br />
Plan. With the exception of two new focus<br />
areas—”Payment to Providers for Initial<br />
Preventive Physical Examinations” and<br />
“Potential Duplicate Physical Therapy<br />
Claims”—all of the focus areas identified in<br />
this section of the 2006 Work Plan were<br />
identified in the 2005 Work Plan.<br />
The Medicare Modernization Act added coverage<br />
under Part B for an initial preventive physical<br />
examination, including a screening EKG for<br />
new Medicare beneficiaries effective January 1,<br />
2005. Medicare is interested in evaluating the<br />
impact of these exams on payments and physician<br />
billing practices since physicians have the<br />
opportunity to claim higher payment under<br />
code G0244 for services that already may have<br />
been performed in a past evaluation and management<br />
visit. Furthermore, these exams must<br />
include certain documented components,<br />
including height and weight measurements,<br />
blood pressure, medical and social history<br />
review, an assessment for the potential for<br />
depression, and an evaluation of functioning<br />
ability. For potential duplicate physical therapy<br />
claims, Medicare is interested in determining<br />
whether audits are adequately identifying potential<br />
duplicate physical therapy claims submitted<br />
to Part A and Part B contractors, in follow-up<br />
to a fraud alert issued in May 2004 by CMS.<br />
The issue of “Long Distance” Physician Claims,<br />
specifically regarding the provision of services<br />
for an ongoing illness at a practice well outside<br />
of the beneficiary’s location, appears to be a persistent<br />
area of concern, dating back to 2003.<br />
The recurring physician-specific focus areas<br />
identified by the 2006 Work Plan include<br />
the following:<br />
■ Propriety of contractual relationships<br />
between billing companies and physicians<br />
and their impact on physicians’ billings<br />
■ Improper Medicare payments for physicians<br />
employed by the VA while those<br />
physicians also billed for services rendered<br />
at other hospitals during the time the same<br />
physicians were on duty at a VA hospital<br />
■ <strong>Compliance</strong> of care plan oversight in the<br />
hospice setting with Medicare regulations<br />
■ Inappropriate orders or performance of<br />
services by physicians excluded from federal<br />
health care programs<br />
■ <strong>Compliance</strong> of in-office pathology services<br />
with Medicare Part B requirements and<br />
relationships between physicians providing<br />
in-office pathology services and outside<br />
pathology companies<br />
■ Appropriateness of professional and technical<br />
component billing for cardiography<br />
and echocardiography services, including<br />
using the 26 modifier where the physician<br />
performs the professional interpretation<br />
separately from the technical component<br />
■ Medical necessity, adequate documentation,<br />
and physician certification statements for<br />
physical and occupation therapy services<br />
that improve or restore functions, prevent<br />
further disability and relieve symptoms<br />
■ Evaluating medical necessity and billing<br />
compliance for Part B mental health services<br />
provided in physicians’ offices<br />
■ Assessing medical necessity and billing<br />
compliance for wound care services billed<br />
by physicians<br />
A number of focus areas identified outside of<br />
the “Medicare Physicians and Other <strong>Health</strong><br />
Professionals” section of the 2006 Work Plan<br />
are applicable to physicians and their practices.<br />
Physicians should be aware of these<br />
“hot spots,” and, to the extent they are applicable<br />
or common to their practice, these<br />
issues should be addressed by and incorporated<br />
into their compliance efforts for 2006.<br />
These areas include focus on the following:<br />
■ Medical necessity and simultaneous<br />
implantation of coronary artery stents<br />
■ Medical necessity, adequate support, and<br />
actual provision of rehabilitation and<br />
infusion therapy services in the skilled<br />
nursing facility setting<br />
■ Medical necessity and excessive billing of<br />
imaging and laboratory services in nursing<br />
homes<br />
■ Oversight of hospice providers<br />
■ Documented medical necessity of therapeutic<br />
footwear<br />
Continued on page 8<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
7<br />
January 2006
OIG 2006 Work Plan ...continued from page 7<br />
■ Documented medical necessity and actual<br />
receipt of durable medical equipment<br />
■ Medicare drug reimbursement generally,<br />
including focus on acquisition and reimbursement<br />
under the average sales price,<br />
oral antiemetic medications, and duplicate<br />
payments for Part B drugs<br />
■ Prior approval for services provided, physician<br />
supervision, and licensure of personnel<br />
performing tests in Independent<br />
Diagnostic Testing Facilities (IDTFs)<br />
■ Documented medical necessity for appropriate<br />
services provided in Comprehensive<br />
Outpatient Rehabilitation Facilities<br />
(CORFs)<br />
■ Part B payments for inpatient radiology<br />
services<br />
■ Pricing of laboratory services provided to<br />
Medicare patients vs. patients covered by<br />
other payors<br />
■ Controls for identifying inappropriate<br />
payments for or utilization of covered preventive<br />
care services<br />
■ Physicians’ roles in over prescribing<br />
OxyContin and other prescription drugs<br />
Finally, in addition to these focus areas, in<br />
light of the recent advisory opinions, fraud<br />
alerts, corporate integrity agreements, and<br />
ongoing investigations, physicians should take<br />
the opportunity in 2006 to catalogue their<br />
current relationships with other providers and<br />
suppliers in the health care industry and consult<br />
qualified counsel to determine whether<br />
those relationships are compliant with federal<br />
and state laws, particularly the federal Anti-<br />
Kickback Statute and Stark II. ■<br />
1. The OIG Fiscal Year 2006 Work Plan is available at<br />
http://www.oig.hhs.gov/publications/docs/workplan/2006/<br />
WorkPlanFY2006.pdf<br />
2. The OIG first issued a CPG for hospitals in 1998 (“1998<br />
CPG”). See OIG <strong>Compliance</strong> Program Guidance for<br />
Hospitals, 63 Fed. Reg. 8987 (February 23, 1998). The 1998<br />
CPG was primarily intended to encourage hospitals to design<br />
and implement corporate compliance plans and programs. As a<br />
supplement to this early guidance, the OIG issued the<br />
“Supplemental <strong>Compliance</strong> Program Guidance for Hospitals”<br />
on January 31, 2005 (“Supplemental CPG”). See OIG<br />
Supplemental <strong>Compliance</strong> program Guidance for Hospitals, 70<br />
Fed. Reg. 4858 (January 31, 2005). The Supplemental CPG is<br />
focused on measuring and improving the effectiveness of existing<br />
compliance efforts, identifies specific fraud and abuse risk<br />
areas that hospitals should actively monitor, and describes the<br />
OIG’s expectations regarding compliance program design and<br />
guidelines for monitoring existing compliance programs.<br />
3. See HHS and DOJ, <strong>Health</strong> <strong>Care</strong> Fraud and Abuse Control<br />
Program (HCFAC) Annual Report For FY 2004 available at<br />
http://www.oig.hhs.gov/publications/docs/hcfac/hcfacreport2004.htm.<br />
During 2004, the federal government won or<br />
negotiated approximately $605 million in judgments and settlements,<br />
and it attained additional administrative impositions in<br />
health care fraud cases and proceedings. The Medicare Trust<br />
Fund received transfers of more than $1.51 billion during this<br />
period as a result of these efforts, as well as those of preceding<br />
years, and an additional $99 million in federal Medicaid money<br />
was similarly transferred to the Centers for Medicare and<br />
Medicaid Services (CMS) as a result of these efforts. The<br />
HCFAC account has returned over $7.3 billion to the Medicare<br />
Trust Fund since the inception of the program in 1997.<br />
4. Specifically, in the 2006 Work Plan, the OIG noted that during<br />
a recent audit it found that hospitals admitted patients for<br />
dialysis treatment, which lasted from 24 to 48 hours in which<br />
medical reviewers indicated that the stays were for the purpose<br />
of observation rather than treatment. The CMS Intermediary<br />
Manual requires the physician’s order to clearly state that the<br />
level of care the patient requires; e.g., “admission to inpatient<br />
status” or “admission to observation status.” Accordingly, the<br />
OIG intends in 2006 to examine whether payments made for<br />
“inpatient admissions” related to dialysis services were appropriate<br />
given the physicians’ orders in the case.<br />
Helpful Hints<br />
Eight steps to take in using the OIG<br />
Work Plan in your compliance program<br />
■ Review the table of contents. It lists<br />
the specific topics of concern of the<br />
OIG by the type of organization<br />
■ Highlight those areas that are potential<br />
applicable concerns and high priorities<br />
for your organization<br />
■ Review, in detail, the OIG’s concerns<br />
with the specific risk area<br />
■ Analyze your organization’s<br />
compliance program based on<br />
those stated concerns<br />
■ Determine whether your organization’s<br />
compliance program is meeting its<br />
established objectives and addressing<br />
these particular risk areas for your<br />
organization<br />
■ Discuss this analysis with key individuals<br />
of the organization’s compliance<br />
team to focus your compliance program<br />
on the specific areas of interest<br />
of the OIG for the coming year<br />
■ Educate the organization’s staff about<br />
these identified risk areas<br />
■ Ensure that an effective monitoring<br />
system is established and put in place<br />
To order <strong>Compliance</strong> Today (CT) complete this coupon<br />
Full Name:<br />
Title:<br />
Organization:<br />
Address:<br />
City/State/Zip:<br />
Telephone:<br />
Fax:<br />
E-mail:<br />
HCCA individual membership costs $295; corporate membership<br />
(includes 4 individual memberships, and more) costs $2,500.<br />
CT subscription is complimentary with membership.<br />
HCCA non-member subscription rate is $357/year.<br />
❑ Payment enclosed<br />
❑ Pay by charge: ❑ AmEx ❑ MasterCard ❑ Visa<br />
Card #:<br />
Exp. Date:<br />
Signature:<br />
❑ Please bill my organization: PO#<br />
Please make checks payable to HCCA and return subscription coupon to:<br />
HCCA, 5780 Lincoln Drive, Suite 120, Minneapolis, MN 55436.<br />
January 2006<br />
8<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
By Susan C. L. Theuns<br />
Editor’s note: Susan C. L. Theuns, It is at this point where many providers have<br />
PA-C, CPC, CHC, is Operations difficulty understanding how they personally<br />
Administrator & <strong>Compliance</strong> Director expect that medical necessity has been met<br />
with MedStar Physician Partners. She and yet Medicare does not agree with them.<br />
may be reached by telephone at<br />
That’s because the determination of “medical<br />
443/725-8713.<br />
necessity” is not provider driven. Medical<br />
necessity is established by Congress, the U.S.<br />
There are a variety of ways that a Department of <strong>Health</strong> and Human Services<br />
compliance program can improve (DHHS) and the Centers for Medicare and<br />
the bottom line. One way is to Medicaid Services (CMS). Keeping this point<br />
avoid expenses, such as being proactive with in perspective will help you follow the general<br />
schematic of the process when dealing<br />
coding audits to save you from fines and<br />
penalties. Identifying high-level coders can with ABNs in the office practice setting.<br />
also save you unwanted payer audits and possible<br />
refunding. But one way to actually Additionally, an ABN must be completed<br />
improve revenue is through the proper use of before the service has been provided. That<br />
Advance Beneficiary Notices (ABNs). means that the office must be organized and<br />
know their providers’ protocols and paradigms<br />
when seeing scheduled patients.<br />
Proper completion and use of ABNs can<br />
■ reduce write-offs<br />
■ improve cash flow<br />
The ABN form<br />
■ recoup potential or real lost revenue ABN forms have actually been around for<br />
more than 20 years. The federal government<br />
What is an ABN<br />
has since developed the official ABN form,<br />
An ABN is actually a waiver of liability that which is available at www.cms.hhs.gov<br />
shifts the financial responsibility directly to the /medicare/bni/. CMS makes them available<br />
patient. Most providers are contracted with in both English and Spanish as well as a general<br />
use form and laboratory services form.<br />
Medicare and are required to “accept assignment.”<br />
The ABN allows a provider to bill the For simplicity, this article will be focusing on<br />
patient if the service provided is not covered by the general use form. The version on this<br />
Medicare (in other words, coverage is denied). Web site, June 2002, is the only version that<br />
In situations where Medicare does not cover a providers should be using currently. Note that<br />
service for lack of “medical necessity” or due to there are requirements when reproducing this<br />
frequency guidelines, the ABN form notifies form—chiefly that the content remains the<br />
the patient in advance of receiving the service same and that the font is a minimum of 12<br />
that non-coverage is likely. Note that ABNs are point so that it is more readily readable. The<br />
not needed for covered services or “sick visits.” form number is CMS-R-131-G.<br />
Performing an ABN audit<br />
Initially, the easiest way to audit your ABN<br />
use is to run a billing report for the use of<br />
the –GA modifier. The –GA modifier signifies<br />
that a signed ABN has been obtained<br />
and tells the payor (Medicare), that you have<br />
an ABN and will be balance-billing the<br />
patient if Medicare denies payment for the<br />
service. Once you have the report (I would<br />
suggest limiting the time to a six-month period),<br />
you can randomly select five or 10 uses<br />
of the –GA modifier per provider. In theory,<br />
the medical office should be able to produce<br />
a copy of the ABN for the corresponding use<br />
of the ABN.<br />
If the office is able to produce the corresponding<br />
ABN, that’s a positive step. If they cannot—that<br />
is indicative of a key problem that<br />
needs to be addressed immediately. Of the<br />
ABNs that they are able to produce, look at<br />
the fields that are required to be completed,<br />
see if they chose option 1 or option 2, and<br />
whether or not the form has been signed and<br />
dated. Having the ABN is only the first step;<br />
many problems arise from there. In order for<br />
it to be a legal document, all the necessary<br />
fields need to be completed, an option must<br />
be checked off, and it must be both dated<br />
and signed.<br />
What if they refuse to sign<br />
Many patients, when faced with signing a<br />
form that will make them financially responsible,<br />
will simply refuse. If they are refusing<br />
the service, then document their refusal.<br />
However, most of the time, they want the<br />
service but just don’t want to sign the form.<br />
Patients think if they don’t sign the form but<br />
get the service, it will be free. If they have<br />
said that they want the service but refuse to<br />
sign, simply fill out the ABN as you normally<br />
would, check off option 1 (“yes, I want the<br />
service”) and have a staff member who wit-<br />
Continued on page 10<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
9<br />
January 2006
Improving revenue through compliance ...continued from page 9<br />
nessed the refusal to sign, sign the form. The<br />
witness can write “pt. refused to sign” on the<br />
form and then sign and date it themselves.<br />
This makes the form as legally binding as if<br />
the patient had signed the form.<br />
Initial audit results<br />
Our initial audit, which was run on both<br />
medical sites and billing clients, yielded poor<br />
results. All site/billing clients failed the audit.<br />
Some of the problems encountered included:<br />
■ Not using federal form CMS-R-131 G<br />
■ Unable to produce the ABN<br />
■ Essential field elements not completed<br />
■ No options checked off<br />
■ Estimated cost not filled in<br />
■ Form not signed or not dated<br />
As a corrective action plan, an aggressive<br />
mandatory training program schedule was<br />
made and all sites, along with numerous<br />
clients, were trained on the proper use of<br />
ABNs. A reference guide was developed as a<br />
tool to help in the decision-making of when<br />
to use an ABN and the corresponding modifiers.<br />
Reminder stickers for the –GA and<br />
–GY modifiers were given to data entry personnel<br />
to place on their monitors.<br />
Use of Modifiers –GA & –GY<br />
One of the problems revealed by the audit<br />
was that data entry staff did not know how<br />
or when to append the appropriate modifiers.<br />
Since most of the sites and many of the<br />
clients perform this function at the medical<br />
office, it was imperative to educate these staff<br />
members on the modifiers.<br />
The –GA modifier signifies that an ABN has<br />
been signed. Any service provided where<br />
medical necessity may be in question should<br />
have an ABN signed and be billed with the<br />
–GA (see Figure 1: ABN Reference<br />
Guide on page 13). An example would be<br />
an EKG performed as part of a preventive<br />
care visit for a patient with hypertension.<br />
The fact that the patient has hypertension as<br />
a secondary diagnosis (with the primary diagnosis<br />
as V70.0 routine PE) may be enough<br />
for Medicare to reimburse for the EKG.<br />
However, since it is being done as part of a<br />
routine PE, it may not be covered. Another<br />
example would be a patient receiving a pneumonia<br />
vaccine. This particular vaccine is a<br />
once-in-a-lifetime benefit under Medicare.<br />
So, if the patient is 80 and had a pneumonia<br />
vaccine when he or she was 65, or had one<br />
previously from another provider and doesn’t<br />
remember, the claim will be denied.<br />
Therefore, this vaccine should also have an<br />
ABN obtained and be billed with the –GA<br />
modifier. In this case, it is more than the<br />
service that would be given away should it<br />
turn out that the patient already received the<br />
once-in-a-lifetime—the initial outlay of cash<br />
by the practice for purchasing the vaccine<br />
would also be lost. For vaccines and injectables,<br />
the administration for the vaccine<br />
should also be billed with the –GA modifier.<br />
Any exams, tests, or services that have frequency<br />
requirements should also have an<br />
ABN obtained to safeguard your ability to<br />
balance bill if the claim is denied. An example<br />
of such a situation would be a screening<br />
pelvic/breast exam (G0101) and pap smear<br />
(Q0091). This is a covered benefit only every<br />
two years. If you are performing this annually<br />
or the patient had it done elsewhere and<br />
you don’t know about it, then you will lose<br />
the revenue without a signed ABN and claim<br />
billed with the –GA.<br />
An ABN does not have to be completed for<br />
services that are statutorily non-covered (see<br />
Figure 1 on page 13). In the situations<br />
where statutorily non-covered services are<br />
performed, the data entry person needs to<br />
append the –GY modifier, signifying that it<br />
is excluded as a Medicare benefit. Using the<br />
–GY will fulfill the “demand bill” requirement<br />
and allow a medical office to collect<br />
payment for the service(s) at the time of service<br />
(just as you would collect a co-payment<br />
on the same day as a visit). Claims billed<br />
with the –GY will be denied by Medicare<br />
and allow balance-billing the patient if payment<br />
was not collected up-front. An example<br />
would be for a routine or annual physical.<br />
This service is statutorily non-covered by<br />
Medicare, so you would bill the 99387 (new<br />
patient) or 99397 (established) with the –GY<br />
modifier and collect payment up-front. The<br />
caveats here are (1) if the patient has additional<br />
commercial insurance, the preventive<br />
care visit may be covered, so wait for a denial<br />
before balance-billing, and (2) although the<br />
PE itself is non-covered, you will still need to<br />
obtain an ABN for any screening tests that<br />
are performed as part of the physical i.e.,<br />
EKG, PPD, vaccines etc.<br />
Re-audit in six months<br />
After the staffs received their initial training,<br />
a second audit was run at 6 months.<br />
Expectations were high that there would be<br />
vast improvements and that everyone would<br />
pass. Unfortunately, this did not happen.<br />
However, there were improvements in that<br />
the –GA modifier was being used more often<br />
and offices were able to produce a corresponding<br />
ABN in most cases.<br />
Phase 2 of the ABN training was now in<br />
effect. All errors from the second ABN audit<br />
were compiled and analyzed. They were broken<br />
down into two areas: form completion<br />
and modifier use. With the details of the<br />
audit errors, an ABN Refresher Program was<br />
developed.<br />
The errors included:<br />
■ Some sites still could not produce an<br />
ABN when the –GA modifier was used<br />
■ ABNs were used for covered services and<br />
sick visits<br />
January 2006<br />
10<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
■ ABNs were used for preventive care exams (this is statutorily<br />
non-covered)<br />
■ Forms were not completed fully (missing critical elements such<br />
as services, reason, option, estimated cost, signature/date)<br />
■ Some client offices decided not to use ABNs<br />
The last error on the list is an interesting one. It really is not a matter<br />
of choice as to whether or not an office uses an ABN. The Office<br />
of the Inspector General (OIG) may consider failure to use ABNs or<br />
to balance-bill to be inducements for patients. Inducements resulting<br />
in a Stark II violation as a perceived kick-back may result in civil<br />
monetary penalties. True, CMS is more interested in recouping its<br />
own lost revenue rather than the lost revenue of a provider, but that<br />
does not make it any less of an infraction.<br />
Revise the corrective action plan<br />
Using the errors from the re-audit, a revised corrective action plan<br />
and training program was developed. Beginning with the form<br />
errors, each line of the form was incorporated into the training program<br />
with examples of “do’s and don’ts.” For example: the<br />
BECAUSE section was often completed incorrectly with ICD-9<br />
codes or written diagnoses instead of the reason why the provider<br />
thought the service may not be covered. This and other form completion<br />
problems with the SERVICES and BECAUSE sections led<br />
to the development of a modified ABN that already has services<br />
and reasons available for check-off. The use of a modified form<br />
with check-off boxes enables a provider to:<br />
■ prompt the proper use of the ABN<br />
■ increase readability by limiting handwritten items<br />
■ improve efficiency by making it faster and easier to complete<br />
these sections<br />
■ improve accuracy<br />
The modifications can be customized to the services offered by the<br />
office or specialty without compromising the integrity of the form<br />
(see Figure 2 for a sample modified form on page 14).<br />
The training program addressed each section and provided examples<br />
of when to use and not use the ABN. The refresher program<br />
was also offered to all staff members from registration personnel,<br />
clinical staff (including providers), and check-out/data-entry clerks.<br />
It was clear from the second audit results that there needed to be a<br />
full awareness and coordination among all of these people in order<br />
to make the use of ABNs successful.<br />
Continued on page 12<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
January 2006<br />
11
Improving revenue through compliance ...continued from page 11<br />
In addition, the ABN Reference Guide was<br />
revised with added services examples given<br />
and estimated costs listed. Some of these<br />
were prompted by reviewing the services<br />
billed for Medicare patients such as the PPD<br />
(purified protein derivative skin test for<br />
tuberculosis screening). Many Medicare<br />
patents at a particular office were being seen<br />
for pre-admission physicals for assisted living<br />
admissions. Since the PPD is being performed<br />
as a screening test and not due to<br />
exposure, it is not expected to be covered.<br />
This and any EKGs or other admission tests<br />
made mandatory by the assisted living facility<br />
are not always deemed as “medically necessary”<br />
by Medicare. Without an ABN being<br />
obtained, the bills for these services would all<br />
have to be written off.<br />
Another common error was that neither<br />
option had been checked off by the patient<br />
(option 1 “yes, I want the service”, or option<br />
2 “no, I don’t want the service”). The staff<br />
was instructed to remind patients or to check<br />
off option 1 in the patient’s presence if they<br />
neglected to do so when they were signing<br />
and dating the form. The document is not<br />
valid without an option checked or without a<br />
date and signature.<br />
Bundled services<br />
ABNs should not be used for “bundled services.”<br />
Bundled services are certain services<br />
that Medicare considers to be included in the<br />
visit or procedure provided. Examples of<br />
bundled services are:<br />
■ Dip urinalysis (81002 etc.)<br />
■ Pulse oximetry (94760)<br />
■ Peak flow<br />
■ Conscious sedation (99141)<br />
■ Some prolonged services codes (99358-<br />
99359)<br />
Connecting the dots<br />
The ABN should be attached to the chart or<br />
encounter form (superbill) of any Medicare<br />
patient being seen. This should be done at<br />
registration. Even a sick patient often ends up<br />
with potentially non-covered services being<br />
performed “while they are there.” A sick visit<br />
is often the opportunity used by either<br />
patient or provider to receive additional services,<br />
like screening tests or immunizations.<br />
The medical assistant or nurse should have<br />
the form ready for when the patient is in the<br />
exam room and before any questionable services<br />
are performed. It is imperative that the<br />
services and reason (BECAUSE section) be<br />
completed prior to the patient receiving the<br />
services since it is up to the patient as to<br />
whether or not they want any potentially<br />
non-covered services. This is a CMS requirement<br />
as well. Providers can add to or<br />
append the items on the form as they see fit<br />
in the course of their encounter with the<br />
patient. Use of a reference guide can aid in<br />
choosing which services may apply and can<br />
also aid in supplying the estimated cost on<br />
the form.<br />
Now that you have a completed and signed<br />
ABN, what do you do The clinical staff<br />
needs to make sure that the form makes it<br />
along with the encounter form/superbill to<br />
the check out person or data entry clerk.<br />
Here they can determine what is statutorily<br />
non-covered (-GY modifier needs to be<br />
added) or what needs to be billed with the -<br />
GA modifier (items listed in the SERVICES<br />
section of the ABN). The CPT or HCPCS<br />
code(s) and ICD-9 code(s) should be linked<br />
appropriately, modifiers appended as indicated,<br />
and monies collected for any statutorily<br />
non-covered services at this point.<br />
When under a CAP agreement with<br />
Medicare<br />
The new Competitive Acquisition Program<br />
(CAP) was scheduled to open for enrollment<br />
in the fall of 2005. However, a combination<br />
of vendor non-interest and national disasters<br />
has now pushed back the process until tentatively<br />
summer 2006. If and when this goes<br />
into effect, providers who have signed up for<br />
the program may be responsible for getting<br />
ABNs signed for a third party i.e., a pharmaceutical<br />
distributor. Therefore, it is important<br />
to learn how to successfully execute a proper<br />
ABN so that providers will be prepared to<br />
take on this function for a third party in the<br />
future. Unless the structure of the proposed<br />
CAP agreement changes significantly, be<br />
ready to gear up.<br />
Conclusions<br />
A properly executed ABN will:<br />
■ Allow you to balance-bill the patient<br />
■ Help recoup otherwise lost revenue<br />
■ Reduce write-offs<br />
■ Improve cash collection, cash flow, and<br />
revenue<br />
Although the use of ABNs may seem to be a<br />
burdensome task, the end result will be a<br />
boost to your bottom line. Education, training,<br />
and coordination of staff can make for<br />
an organized effort that will reap positive<br />
benefits. ■<br />
Contact Us!<br />
http://www.hcca-info.org<br />
info@hcca-info.org<br />
Fax: (952) 988-0146<br />
HCCA<br />
5780 Lincoln Drive, Suite 120<br />
Minneapolis, MN 55436<br />
Phone: 888-580-8373<br />
To learn how to place an advertisment in<br />
<strong>Compliance</strong> Today, contact Margaret<br />
Dragon:<br />
e-mail: margaret.dragon@hcca-info.org<br />
phone: 781-593-4924<br />
January 2006<br />
12<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
Figure 1: ABN Reference Guide<br />
Services that may require an ABN (use the –GA modifier)<br />
■ Medically unnecessary services (clue may be dx is a V-code, but<br />
not all V-codes)<br />
■ Most screening tests/services (even covered screenings have<br />
frequency requirements)<br />
■ Baseline EKG (93000 $28 or 93005, $19)<br />
■ EKG as part of a routine physical (93000 $28 or 93005, $19)<br />
■ Digital Rectal Exam (DRE) for prostate screening (G0102, usually<br />
done as part of a routine PE) more often than Q12mo., $23<br />
■ Pap smear (Q0091, $42) more often than Q2yrs.<br />
■ Visit for well woman exam (E/M code eg G0101, $39) more often<br />
than Q2yrs.<br />
■ Removal of skin tags or other benign lesions for cosmetic reasons<br />
11200 $73, 11201, $18<br />
■ Screening flexible sigmoidoscopy (G0104, $131 and G0106, $147)<br />
more often than Q5yr.<br />
■ PPD for TB screening 86580, $18<br />
■ B12 injections (frequency & medical necessity are issues)<br />
J3420, $5<br />
■ Contraception injectables i.e. DepoProvera J1055<br />
■ Most vaccines w/o medical necessity (e.g. prophylactic tetanus<br />
or Td)<br />
■ Vaccines beyond the frequency guidelines (e.g. peumonia vaccine<br />
is a once in a lifetime benefit). NOTE: most vaccines are not covered<br />
and should be billed with the –GY modifier (no ABN needed).<br />
■ Welcome to Medicare Visit (G0034, $101)—within 6 months of<br />
eligibility<br />
■ EKG with the Welcome to Medicare Visit (G0366, $28)—within 6<br />
months of eligibility<br />
Services that do NOT require an ABN or a modifier:<br />
■ Sick visits<br />
Services that do NOT require an ABN but need a –GY modifier:<br />
■ Preventive <strong>Care</strong> Visits i.e. routine or annual physical/PE (99387 or<br />
99397)<br />
■ Most screening tests/services if “statutorily non-covered”<br />
■ Vaccines for travel or non-covered vaccines (e.g. Hepatitis A)<br />
■ Administration of travel/non-covered vaccines (90471 or 90472)<br />
Cosmetic surgery<br />
■ Pre-Op exam for cosmetic surgery plus any tests performed as<br />
pre-op<br />
■ Services provided to immediate relatives (any & all services if<br />
patient is related to M.D., D.O. or mid-level)<br />
NOTE: This list is for reference only and is not all-inclusive.<br />
Fees used are for example only and are based on Medicare<br />
rates in the mid-Atlantic, 2005.<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
13<br />
January 2006
Improving revenue through compliance ...continued from page 13<br />
Figure 2: Advance Beneficiary Notice (ABN) Form<br />
January 2006<br />
14<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
feature<br />
article<br />
Editor’s note: This interview with Greg<br />
Jones was conducted by Roy Snell,<br />
HCCA CEO in early December 2005.<br />
For general Medicare information,<br />
including the Prescription Drug Benefit,<br />
please contact 1-800-MEDICARE or<br />
visit our website at www.medicare.gov.<br />
To report any suspected Fraud, Waste,<br />
and Abuse in the Medicare Part D<br />
Prescription Drug program, please<br />
contact 1-877-7SAFERX or e-mail<br />
MEDICinfo@healthintegrity.org<br />
Office of Counsel to the Inspector General<br />
where I was responsible for negotiating and<br />
monitoring Corporate Integrity Agreements<br />
(CIA) for a wide range of health care<br />
provider types, including hospitals and pharmaceutical<br />
manufacturers. In that role I regularly<br />
conducted site visits to providers operating<br />
under CIAs. Conducting site visits was<br />
my favorite part of that job because it gave<br />
me the opportunity to see first hand how<br />
various providers were implementing and<br />
maintaining their compliance programs.<br />
Meet Greg Jones<br />
Law Enforcement Liaison–<br />
Prescription Drug Benefit–Program Integrity Group,<br />
Centers for Medicare & Medicaid Services<br />
RS: Greg, what is your title, and would<br />
you briefly describe your responsibilities with<br />
the Centers for Medicare and Medicaid<br />
Services<br />
GJ: I am the Law Enforcement Liaison for<br />
the Division of Medicare Modernization Act<br />
Integrity within the Program Integrity Group.<br />
My primary responsibility is to coordinate<br />
with law enforcement on program integrity<br />
matters related to the Part D prescription<br />
drug benefit. In addition, I am the Team<br />
Lead on developing CMS’s Fraud, Waste,<br />
and Abuse Guidance for the Part D Plans.<br />
RS: What is your background and<br />
previous work experience<br />
GJ: Formerly, I was with the Department<br />
of <strong>Health</strong> and Human Services (HHS),<br />
At the OIG I also had the pleasure of working<br />
closely with HCCA to coordinate<br />
Government-Industry outreach and education<br />
efforts which included two separate<br />
industry roundtables.<br />
Prior to transferring to the Office of Counsel<br />
to the Inspector General, I was with the<br />
OIG’s Atlanta Office of Evaluation and<br />
Inspections where I led national studies<br />
uncovering over $8M in fraud, waste, and<br />
abuse in the Medicare program.<br />
RS: So tell us about your first year at CMS.<br />
GJ: This is a very exciting time at CMS;<br />
the implementation of the Medicare<br />
Modernization Act, including the drug benefit,<br />
is the most significant change to the<br />
Medicare program since its inception in<br />
1965. It truly is an honor and an amazing<br />
professional growth experience to be a part<br />
of this historic event.<br />
I started in March 2005 and have been going<br />
full speed since day one. My first project was<br />
reviewing the compliance plan and business<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
integrity sections of the Part D Plan applications.<br />
Collectively, our division reviewed over<br />
400 Part D Plan applications. I spent this<br />
summer training the OIG’s investigators, FBI<br />
agents, and Assistant United States Attorney’s<br />
about the drug benefit to help prepare them<br />
to investigate and prosecute potential fraud,<br />
waste, and abuse in the drug benefit. Most of<br />
my time this Fall has been spent drafting the<br />
Fraud, Waste, and Abuse Guidance for the<br />
Part D Plans. These are just the highlights—<br />
in between I’ve also been learning about the<br />
intricacies of the drug benefit, keeping track<br />
and following up on various Part D complaints,<br />
and assisting with the planning of<br />
Continued on page 16<br />
15<br />
January 2006
Meet Greg Jones ...continued from page 15<br />
several conferences. Despite the fast pace,<br />
which is stressful at times, it has been a very<br />
positive and fulfilling experience.<br />
RS: Having previously worked in the<br />
HHS Office of Inspector General, how was<br />
the transition to CMS<br />
GJ: Coming to CMS has given me the<br />
opportunity to learn about the policy and<br />
operational side of Medicare and see what it<br />
takes to run the day-to-day operations of<br />
what is essentially the largest insurance program<br />
in the world. In that regard it is definitely<br />
a different perspective.<br />
At the same time, however, it has been great to<br />
work collaboratively with my former colleagues<br />
to prepare for the implementation of the drug<br />
benefit. My experience at the OIG has been<br />
invaluable in having an “eye” for identifying<br />
potential vulnerabilities in the drug benefit and<br />
it also helps me understand the needs of the<br />
OIG and our other law enforcement partners<br />
such as the Department of Justice.<br />
RS: Tell us the status of the Fraud, Waste,<br />
and Abuse summary that was published in<br />
June 2005.<br />
GJ: As most of your members know, we<br />
released for public comment an eight page<br />
Fraud, Waste, and Abuse Summary document<br />
in June 2005. Since then we have spent time<br />
reviewing the public comments and working<br />
with policy experts within the agency, as well<br />
as the law enforcement community, to develop<br />
a much more comprehensive document.<br />
We expect to release for public comment the<br />
more detailed document in January 2006,<br />
and hope to finalize it by early Spring 2006.<br />
RS: You have a lot on your plate these days<br />
with Medicare Part D implementation. I know<br />
this is a big question and we probably don’t<br />
have enough room for a complete answer, but<br />
if you had to put together a list, what are the<br />
main issues health care compliance officers<br />
need to know about Medicare Part D (fraud<br />
and abuse, training, policies and procedures)<br />
GJ: Well, three things come to mind:<br />
■ The role of the plans themselves in overseeing<br />
their downstream subcontractors<br />
involved in the delivery of the drug<br />
benefit<br />
■ The role and responsibilities of the<br />
<strong>Compliance</strong> Officer at each plan<br />
■ The need to develop an audit workplan to<br />
monitor for efficient and accurate delivery<br />
of the Part D benefit<br />
I encourage all your members to pay special<br />
attention to these sections in the Fraud,<br />
Waste, and Abuse Guidance document and<br />
provide feedback to us during the public<br />
commenting period.<br />
RS: Would you share with us some of the<br />
Medicare Part D challenges<br />
GJ: One area we are paying particular<br />
attention to at this time is marketing. All<br />
Part D Plans are required to ensure that marketing<br />
activities—whether they initiate from<br />
paid marketing employees or independent<br />
agents—comply with the Marketing<br />
Guidelines. To date, CMS has received complaints<br />
alleging that agents have:<br />
■ Offered beneficiaries a cash payment as an<br />
inducement to enroll in Part D<br />
■ Conducted unsolicited door-to-door sales<br />
■ Stated that the agent works for or is contracted<br />
with the Social Security<br />
Administration or CMS<br />
■ Misrepresented the product being<br />
marketed as an approved Part D Plan<br />
when it actually is a Medigap policy or<br />
non-Medicare drug plan<br />
■ Misrepresented the Prescription Drug<br />
Plan being marketed<br />
■ Requested beneficiary information or<br />
check numbers, which may be a prelude<br />
to identity theft<br />
■ Asking beneficiaries to pay “up front”<br />
premiums<br />
Organizations found to violate CMS’s<br />
Marketing Guidelines will be placed under a<br />
corrective action plan (CAP). If the organization<br />
fails to correct the deficiency under the<br />
CAP, then intermediate sanctions such as a<br />
freezing of marketing and enrollment may be<br />
imposed. If after the imposition of intermediate<br />
sanctions the problem has not been<br />
corrected, a Civil Money Penalty may be<br />
imposed or the organization’s contract may<br />
be terminated. Cases appearing to be potentially<br />
fraudulent will be referred to the OIG.<br />
Protecting beneficiaries from aggressive marketing<br />
tactics is something we take very serious<br />
and plan to monitor closely.<br />
RS: Tell us about the Medicare Drug<br />
Integrity Contractors (MEDICs).<br />
GJ: The MEDICs are companies CMS is<br />
contracting with to assist us in combating<br />
fraud, waste, and abuse in the Medicare Part<br />
D prescription drug benefit.<br />
RS: What are some of the activities a<br />
MEDIC may perform<br />
GJ: The MEDICs will:<br />
■ Analyze data to identify problems that<br />
indicate fraud or abuse may be occurring<br />
■ Conduct complaint investigations<br />
■ Develop and refer cases to the appropriate<br />
law enforcement agency as needed; and<br />
■ Support ongoing law enforcement<br />
investigations.<br />
Our Enrollment and Eligibility MEDIC,<br />
“<strong>Health</strong> Integrity, LLC” is operational and<br />
their primary focus is to investigate Part D<br />
complaints, which at this time are mostly<br />
issues related to enrollment, eligibility<br />
determination, and marketing.<br />
RS: Will the Medicare Part D Manual<br />
include information about fraud<br />
January 2006<br />
16<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
GJ: Yes. The Fraud, Waste, and Abuse<br />
Guidance document is scheduled to be a<br />
chapter in the Part D Plan Manual.<br />
RS: What has the CMS Program Integrity<br />
Group been doing to prepare for the implementation<br />
of the drug benefit<br />
GJ: I see our strategy as a three-prong<br />
approach that includes:<br />
1. Contracting with the MEDICs<br />
2. Reviewing and providing comments on<br />
CMS’s Part D regulation, policies, and<br />
subregulatory guidance and developing<br />
our own Fraud, Waste and Abuse<br />
Guidance document.<br />
3. Coordinating with our partners in the law<br />
enforcement community such as the OIG,<br />
DOJ, FBI, States, and many other government<br />
agencies, as well as private organizations<br />
such as HCCA, to collaborate on<br />
approaches to address and combat fraud,<br />
waste, and abuse in the Part D prescription<br />
drug benefit.<br />
4. Lastly, we have spent a lot of time speaking<br />
with experts, which includes some<br />
recent hires at CMS with direct industry<br />
experience, to educate ourselves about the<br />
pharmaceutical drug industry. This has<br />
been invaluable and I believe puts us in a<br />
much better position to ensure the integrity<br />
of the Part D prescription drug benefit<br />
and the Medicare Trust Fund.<br />
For general Medicare information,<br />
including the Prescription Drug Benefit,<br />
please contact 1-800-MEDICARE or<br />
visit our website at www.medicare.gov.<br />
To report any suspected Fraud, Waste,<br />
and Abuse in the Medicare Part D<br />
Prescription Drug program, please<br />
contact 1-877-7SAFERX or e-mail<br />
EDICinfo@healthintegrity.org ■<br />
By Michelle Wilcox DeBarge and Amanda Littell<br />
Editor’s note: Michelle Wilcox DeBarge,<br />
JD, is a Partner and Amanda Littell, JD,<br />
MPH, an Associate in the law firm of<br />
Wiggin and Dana. Michelle Wilcox<br />
DeBarge may be reached by telephone at<br />
860/297-3702 or by e-mail at mdebarge<br />
@wiggin.com, and Amanda Littell may<br />
be reached by telephone at 203/498-<br />
4529 or by e-mail at alittell@wiggin.com.<br />
On November 28, 2005, the Office<br />
of the Inspector General (OIG)<br />
for the U.S. Department of<br />
<strong>Health</strong> and Human Services issued draft<br />
compliance guidance (Guidance) for recipients<br />
of extramural research awards from the<br />
National Institutes of <strong>Health</strong> (NIH) and<br />
other agencies of the U.S. Public <strong>Health</strong><br />
Service (PHS) See 70 Fed. Reg. 71,312.<br />
The Guidance highlights the following three<br />
risk areas for recipients of PHS awards:<br />
1. Time and effort reporting<br />
2. Properly allocating charges to award projects<br />
3. Reporting of financial support from other<br />
sources<br />
The Guidance also adds an eighth element to<br />
the OIG’s standard seven elements for an<br />
effective compliance program: defining roles<br />
and responsibilities and assigning oversight<br />
responsibility.<br />
Scope of guidance<br />
With the goal of preventing the submission of<br />
erroneous claims and combating fraud and<br />
abuse in federal health care programs, the<br />
OIG in the last several years has developed a<br />
series of compliance program guidance aimed<br />
at various segments of the health care industry.<br />
This guidance encourages development of<br />
an internal compliance infrastructure and<br />
organizational control to help monitor and<br />
ensure compliance with applicable laws. The<br />
guidance also lists specific risk areas applicable<br />
and of potential concern to the respective<br />
industry segments. An organization’s establishment<br />
of a compliance program in line with<br />
the compliance program guidance is voluntary,<br />
but highly recommended by the OIG.<br />
Although there has been a notable increase in<br />
governmental enforcement actions and<br />
whistleblower cases related to grant compliance<br />
and administration, the publication of<br />
the Guidance is the first official word from<br />
the OIG on the issue of research compliance<br />
program elements. The OIG had published a<br />
notice on September 5, 2003 soliciting information<br />
and recommendations for developing<br />
compliance program guidance for recipients<br />
of NIH research grants. Based on comments<br />
to that notice, the OIG published the<br />
Guidance for the purpose of offering a<br />
“checklist” of items that the OIG believes are<br />
critical for developing compliance programs<br />
or refining an existing compliance program.<br />
The OIG also expresses its view in the<br />
Guidance that all research institutions would<br />
benefit from compliance programs to foster a<br />
“culture of compliance” that begins at the<br />
Continued on page 18<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
17<br />
January 2006
OIG issues draft guidance ...continued from page 17<br />
administration or management level and<br />
permeates the organization.<br />
The OIG expands the scope of its Guidance<br />
beyond that stated in the 2003 notice to other<br />
biomedical and behavioral research awards<br />
from the public health agencies of the U.S.<br />
Department of <strong>Health</strong> and Human Services,<br />
including the Agency for <strong>Health</strong> Research and<br />
Quality, the Agency for Toxic Substances and<br />
Disease Registry, the <strong>Health</strong> Resources and<br />
Services Administration, the Indian <strong>Health</strong><br />
Service, the Centers for Disease Control and<br />
Prevention, the Substance Abuse and Mental<br />
<strong>Health</strong> Services Administration, and the Food<br />
and Drug Administration. The Guidance is<br />
relevant for colleges, universities, and other<br />
recipients of public funds that conduct biomedical<br />
and behavioral research. The<br />
Guidance is intended to apply broadly to all<br />
PHS awards, which includes cooperative<br />
agreements and certain contracts that are not<br />
governed by federal procurement laws and<br />
regulations, as defined at 45 C.F.R. § 74.2.<br />
The Guidance focuses on grant compliance<br />
and administration issues governed by the<br />
statutes and regulations that affect the “allowability”<br />
of costs. However, the OIG recognizes<br />
that the research community uses the term<br />
“compliance” broadly to include areas such as<br />
human and animal subject research, conflicts<br />
of interest, research misconduct and intellectual<br />
property issues; the OIG states that an institution<br />
may find it beneficial to adopt the<br />
principles and standards in the Guidance in<br />
connection with these other regulatory areas.<br />
Risk areas<br />
The OIG highlights the following three primary<br />
risk areas, while also cautioning that<br />
they are not intended to be exhaustive of<br />
potential risk areas.<br />
Time and Effort Reporting—The OIG<br />
identifies time and effort reporting as a “critical”<br />
compliance issue and emphasizes that time and<br />
effort expended on a project must be accurately<br />
reported. This is especially important given that<br />
compensation for a researcher’s personal services—including<br />
direct salary and fringe benefits—<br />
is usually a significant cost of a research project.<br />
Moreover, many researchers have multiple<br />
responsibilities. For example, researchers may<br />
also be involved in teaching and clinical work,<br />
and these separate responsibilities may be challenging<br />
to distinguish and measure. The failure<br />
to accurately report the percentage of time<br />
devoted to projects could lead to overcharges to<br />
funding sources and, in certain circumstances,<br />
to civil or criminal fraud investigations.<br />
The OIG focuses specifically in the Guidance<br />
on false reports of the amount of time devoted<br />
to a project. The OIG states, for example, that<br />
it is unacceptable for a researcher to report in<br />
award applications to three different awarding<br />
agencies that the researcher will spend 50% of<br />
his or her time on each of the awards. The<br />
OIG also states that it is unacceptable for<br />
researchers to report an aggregate “commitment<br />
of effort” in excess of 100% of the researcher’s<br />
time, citing, as an example, that it would be<br />
improper to report to one awarding agency that<br />
70% of the researcher’s time will be spent on an<br />
award when 50% of the researcher’s time will<br />
be spent on clinical responsibilities.<br />
Properly allocating charges to award<br />
projects—The Guidance states that research<br />
institutions must properly allocate charges to<br />
award projects. To ensure this, institutions<br />
must have an accounting system that properly<br />
separates the amount of funding from each<br />
funding source. Institutions must not permit<br />
a principal investigator to “bank” or “trade”<br />
award funds among grants. As an example of<br />
improper allocation of charges, the OIG cites<br />
the allocation of cost on various federal<br />
research awards from overspent accounts to<br />
under-spent accounts, with the purpose of<br />
maximizing federal reimbursement and<br />
avoiding the refunding of unused grant proceeds<br />
from those under-spent accounts.<br />
Reporting financial support from other<br />
sources—The OIG emphasizes that reporting<br />
financial support from other sources is critical<br />
to PHS’s decisions with respect to whether and<br />
to what extent to fund a particular project.<br />
The reporting of other financial support is<br />
required by the application for funding (PHS-<br />
398), which includes a certification by both<br />
the principal investigator and the research<br />
institution that all statements in the application<br />
are true, complete and accurate to the best<br />
of their knowledge. The OIG states that a failure<br />
to accurately report all sources of financial<br />
support may lead to double-charging of both<br />
award funds and Medicare (and other payors)<br />
for the same service.<br />
<strong>Compliance</strong> program elements<br />
Standard Seven Elements of an Effective<br />
<strong>Compliance</strong> Program—The OIG recognizes<br />
that some institutions have separate<br />
compliance programs for their various areas of<br />
regulated activity, but encourages institutions<br />
to integrate their compliance efforts by eliminating<br />
overlapping systems or by developing a<br />
single compliance program covering all compliance<br />
areas. Regardless of the structure of an<br />
institution’s compliance program, the<br />
Guidance recommends establishing the same<br />
seven elements of compliance programs to<br />
address PHS research awards compliance that<br />
the OIG has recommended in the past for<br />
other segments of the health care industry.<br />
The OIG’s discussion of these seven elements<br />
is very similar to the OIG’s other compliance<br />
program guidance; accordingly, for purposes<br />
of this article, we primarily highlight below<br />
the OIG comments in the Guidance that are<br />
specific to research compliance.<br />
Continued on page 36<br />
January 2006<br />
18<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
■ There will be <strong>Compliance</strong> experts from<br />
government, vendors, outside counsel,<br />
consultants, and academics.<br />
Just the facts:<br />
Roy Snell<br />
Here are the facts about HCCA’s 2006 <strong>Compliance</strong> Institute.<br />
■ It will mark our 10th Anniversary.<br />
■ It is our first time in Las Vegas with the <strong>Compliance</strong> Institute.<br />
■ We will print 1,080,000 pieces of paper.<br />
■ There will also be <strong>Compliance</strong> experts<br />
from audit, education, transcription,<br />
coding, billing, auditing, and ethics.<br />
■ Approximately 60 % of the speakers will not have spoken the year<br />
before.<br />
Keep reading—there’s more:<br />
■ Special tracks for HIPAA, Quality of <strong>Care</strong>, Research/IRB,<br />
Physician Transactions, SOX, Rural Hospital, Auditing and<br />
Monitoring, Hot Topics, General <strong>Compliance</strong> and Tax<br />
Exemption/Charity <strong>Care</strong>.<br />
■ We will occupy 2,845 room nights.<br />
■ 20 staff will manage the conference.<br />
■ Industry Immersion for Academic Medical Centers, Long-Term<br />
<strong>Care</strong>, Large <strong>Health</strong> <strong>Care</strong> Systems, Payor/Managed <strong>Care</strong>, Medical<br />
Device, and Physician Group Practice.<br />
■ There will be 200 speakers.<br />
■ There will be 95 sessions.<br />
■ The U.S. Department of <strong>Health</strong> and Human Services Inspector<br />
General is speaking at the <strong>Compliance</strong> Institute.<br />
■ There will be presenters from the Centers for Medicare and<br />
Medicaid Services (CMS), U.S. Department of Justice (DOJ),<br />
Department of <strong>Health</strong> and Human Services (DHHS), Office of<br />
Inspector General (OIG), Joint Commission on Accreditation of<br />
<strong>Health</strong>care Organizations (JCAHO), and the U. S. Sentencing<br />
Commission (USSC).<br />
■ Pre-conference: <strong>Compliance</strong> 101, HIPAA 101, Medicare Part D,<br />
Auditing/Monitoring, and more.<br />
■ Post-conference: Laboratory, Auditing/Monitoring, Quality of<br />
<strong>Care</strong>.<br />
■ Auditing/Monitoring and Privacy Officer Round Tables.<br />
■ And endless networking opportunities!<br />
We have come a long way. It is simply amazing. Help us celebrate our<br />
10th year! Hope to see you there.<br />
■ It is the largest health care compliance conference in the world.<br />
■ Five (5) compliance achievement awards will be given out<br />
Sunday night.<br />
■ Five (5) laptops will be given away.<br />
■ There will be 60 vendors.<br />
January 2006<br />
20<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
:: OVER 200 SPEAKERS<br />
NEW THIS YEAR ::<br />
SPECIALIZED<br />
SESSION TRACKS<br />
■ SOX<br />
■ Hot Topics<br />
■ Physician<br />
Transaction<br />
■ HIPAA<br />
HCCA’S 10 TH<br />
ANNIVERSARY<br />
COMPLIANCE INSTITUTE ::<br />
Don’t gamble on the success of your compliance program!<br />
April 23–26, 2006<br />
Caesars Palace, Las Vegas, NV<br />
■ Rural Hospital<br />
■ Auditing &<br />
Monitoring<br />
■ Quality of <strong>Care</strong><br />
■ Research/IRB<br />
■ General<br />
<strong>Compliance</strong><br />
■ Tax Exemption/<br />
Charity <strong>Care</strong><br />
Sessions at the HCCA 2006 <strong>Compliance</strong> Institute will offer<br />
the latest compliance information on the hottest topics and<br />
current events in compliance. The program will feature<br />
multiple HIPAA and compliance sessions and specialized<br />
session tracks. Industry immersion sessions for a variety<br />
of health care segments are also being planned.<br />
BROAD SPECTRUM OF SPEAKERS<br />
Representing Policymakers, Enforcement Officials, Practicing<br />
Lawyers, Active <strong>Compliance</strong> and Privacy Officers<br />
Save $425!<br />
Early Bird rate extended<br />
to January 20!<br />
visit our Web site at<br />
www.hcca-info.org<br />
to register<br />
CONTINUING EDUCATION CREDITS: AAPC ACCME ACHE ACMPE AHIMA ANCC HCCB MCLE NAB NASBA
Here’s your chance to share your expertise<br />
and get a chance to win.....<br />
HCCA is seeking your contributions!<br />
Dear <strong>Compliance</strong> Professionals,<br />
HCCA is seeking contributions for a new manual on auditing and monitoring.<br />
Here’s a great opportunity to contribute to the association—and<br />
get a chance to win a laptop, a portable DVD player, or receive<br />
free registration for the HCCA <strong>Compliance</strong> Institute.<br />
We are asking health care professionals to share their tools and<br />
success stories that have aided their auditing and monitoring<br />
programs. We are interested in all aspects of auditing and<br />
monitoring. (If you would like, identifying information can<br />
be removed, so your organization can remain anonymous.)<br />
Everyone who submits materials will be entered into a<br />
drawing to win a laptop, a portable DVD<br />
player, or free registration to the Institute<br />
on April 23–26 in Las Vegas. You will be<br />
entered into the drawing for each audit tool<br />
you submit (i.e., two audit tool submissions<br />
equals two entries). Authors of accepted<br />
materials will be listed as contributors in the<br />
manual, if they wish.<br />
We look forward to receiving contributions<br />
from you. For more information or to make<br />
a contribution, contact Alan Pierce at<br />
888-580-8373, ext. 245, or alan.pierce@hcca-info.org.<br />
Thank you,<br />
Alan Pierce<br />
Editor/Product Manager<br />
Meet<br />
Alan Pierce<br />
See page 32<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
January 2006<br />
23
Concerns about abuses in the nonprofit sector<br />
arising out of charitable organizations<br />
allegedly formed to benefit victims of<br />
tragedies such as 9/11 and tsunami relief<br />
have led to efforts to apply a version of SOX<br />
to nonprofits. Evidence of this scrutiny has<br />
arisen on both the administrative and legislative<br />
fronts. At the state level, California,<br />
Massachusetts, and New York are key states<br />
which have publicly pushed for heightened<br />
scrutiny, with Governor Arnold<br />
Schwarzenegger firing the first salvo by signing<br />
California S.B. 1262, entitled the<br />
California Nonprofit Integrity Act of 2004,<br />
effective January 1, 2005 (California Act).<br />
The California Act added corporate accountability<br />
provisions to existing California<br />
reporting requirements for charities. While<br />
the filing, registration, and reporting provisions<br />
of the new California statute do not<br />
apply to hospitals, 2 other provisions may still<br />
apply. For example, the California Act<br />
requires nonprofit corporations to have audit<br />
committees with detailed requirements on<br />
their composition. 3 More rigid requirements<br />
on fundraising, and a required annual compensation<br />
review, are also part of the<br />
California Act. 4<br />
Editor’s note: Albert Y. Lin is an associate<br />
in the law firm of Brown McCarroll,<br />
LLP, in Austin, Texas. Mr. Lin may be<br />
reached by e-mail at alin@mailbmc.com<br />
or by telephone at 512/703-5726.<br />
By now most compliance officers<br />
are well aware of the 2002<br />
Sarbanes-Oxley legislation (SOX),<br />
which imposed far greater accountability,<br />
financial reporting, independence, and governance<br />
principles on corporations than ever<br />
before. With the possible exception of document<br />
retention requirements and whistleblower<br />
protections, SOX technically applies<br />
only to publicly held companies. Nonprofit<br />
companies—in particular, nonprofit taxexempt<br />
health care entities—should be aware<br />
of proposed federal legislation that may soon<br />
increase accountability of their top-level<br />
management and executive boards and<br />
impose SOX-like burdens upon their compliance<br />
professionals.<br />
While transgressions of nonprofit organizations<br />
have not yet reached the level of notoriety<br />
as Enron and WorldCom, the potential<br />
for such abuse exists since nonprofits have<br />
such a major financial impact in the world<br />
economy (with one estimate of total worldwide<br />
nonprofit expenditures at $1.6 trillion<br />
in 2002). Moreover, the nonprofit health<br />
care sector makes up a significant portion of<br />
By Albert Y. Lin<br />
that figure. According to a 2003 report by<br />
the National Center for Charitable Statistics,<br />
13.2 percent of all “501(c)(3)” organizations<br />
in the United States are in the health care<br />
industry. Of the nation’s nearly 5,000 hospitals,<br />
approximately 85% are nonprofits. 1<br />
In Massachusetts, state Attorney General<br />
Tom Reilly introduced the “Act to Promote<br />
the Financial Integrity of Public Charities” in<br />
May 2005. 5 The Massachusetts proposal contains<br />
SOX-like provisions such as annual certification<br />
of financial statements submitted<br />
to the state attorney general, a required audit<br />
committee if audited financials are required<br />
under state law, a requirement for reasonable<br />
compensation and prohibited excessive compensation<br />
to insiders, whistleblowing provisions,<br />
and increased penalties of $5,000 for<br />
violations of the new law. Similarly, in New<br />
York, Attorney General Eliot Spitzer has<br />
actively called for statutory SOX extensions<br />
to nonprofits, such as state laws mandating<br />
required financial statement and internal<br />
control certifications by nonprofit CEOs.<br />
Current proposed New York legislation<br />
appears to take a less severe approach,<br />
although the state Web site on charities has<br />
increased transparency by permitting searches<br />
for nonprofits that have failed to comply<br />
with basic state filing requirements.<br />
Other states have proposed or passed laws<br />
with similar SOX concepts. 6 Maine passed<br />
“An Act to Strengthen the Charitable<br />
Solicitations Act” in 2004, which imposed<br />
notice and approval requirements when nonprofits<br />
engage in “conversion” transactions<br />
(transfers of assets from a public charity to<br />
non-public charities) imposed specific limitations<br />
on the number of board members who<br />
can be “financially interested,” and requires<br />
audited financial statements for every nonprofit.<br />
That same year, New Hampshire<br />
passed a new law that requires nonprofits<br />
with revenues of $500,000 or more to file<br />
the most recent audited financial report with<br />
the state attorney general. 7 <strong>Compliance</strong> officers<br />
should carefully review their state’s<br />
January 2006<br />
24<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
espective nonprofit law compliance responsibilities,<br />
as state approaches vary greatly.<br />
Developing federal activity impacting<br />
nonprofits<br />
Enforcement activity and legislation at the federal<br />
level is moving along at a fairly rapid pace<br />
as well. In 2004, the IRS announced it would<br />
be targeting more than 2,000 tax-exempt<br />
organizations for examination, with special<br />
attention directed towards executive compensation<br />
within such tax-exempt entities. 8<br />
That same year, U.S. Senators Charles Grassley<br />
(R-IA) and Max Baucus (D-MT) of the Senate<br />
Finance Committee requested the Independent<br />
Sector, a coalition of 500 charities, to consider<br />
and recommend actions to improve governance,<br />
ethical conduct, and accountability in<br />
the nonprofit sector. This study, entitled<br />
“Strengthening Transparency, Governance, and<br />
Accountability of Charitable Organizations,”<br />
was issued in June 2005 (the Sector Report). 9<br />
Senator Grassley is expected to introduce legislation<br />
that will incorporate proposals suggested<br />
by the Sector Report (introduction plans in<br />
September 2005 were delayed, no doubt due<br />
to the Hurricane Katrina crisis that required<br />
emergency legislation).<br />
Proposed principles of the Sector<br />
Report<br />
The following key principles within the Sector<br />
Report may eventually be components of the<br />
new laws. Governing members of tax-exempt<br />
health care organizations should be aware of<br />
these new requirements, which may increase<br />
their accounting and oversight responsibilities.<br />
Note that the following discussion highlights<br />
only proposals recommended by the Sector<br />
Report; adherence to these proposals before<br />
they become law may be viewed, as with<br />
SOX in general, as a “best practices” strategy<br />
that, if followed, could pay off in the long<br />
run even if the practices do become required<br />
by federal law.<br />
Increased monitoring effectiveness and<br />
signature requirements. Tax-exempt organizations<br />
with more than $25,000 in annual<br />
gross receipts must file IRS Form 990<br />
(Annual Information Return), which discloses<br />
all pertinent financial information, typically<br />
in more detail than for-profit federal tax<br />
returns. 10 The Sector Report reveals that too<br />
many Form 990s are inaccurate or incomplete,<br />
and sometimes reveal little useful information.<br />
The inability to interpret such<br />
reports leads to ineffectiveness in enforcement.<br />
The disclosures required on the face of<br />
Form 990 are arguably too vague and open<br />
to interpretation. For example, the current<br />
Form 990 requires that revenue be broken<br />
into “program service revenue,” “management<br />
and general,” and “fundraising” components.<br />
Possible revisions would make it<br />
clearer what is expected to be within classifications.<br />
For example, the key program<br />
achievements of the tax-exempt entity could<br />
be disclosed on the first page (rather than<br />
buried in a supporting schedule behind the<br />
second page). Form 1023 (Application for<br />
Recognition of Tax-Exempt Status) for<br />
501(c)(3) organizations was recently updated<br />
to reflect many principles later set forth in<br />
the Sector Report; as such Form 990 revisions<br />
are likely. Form 1023, for example, asks<br />
if the entity has a conflict of interest policy,<br />
but nonetheless mentions that such a policy<br />
is not required. This type of hesitant questioning<br />
may be changed; it should be clearer,<br />
for example, that conflicts of interest policies<br />
are generally required for tax-exempt health<br />
care organizations due to various administrative<br />
rulings, if not by explicit statute.<br />
The Sector Report also recommends mandatory<br />
electronic filing of Form 990s. And currently,<br />
while any authorized officer may sign<br />
the Form 990; proposed legislation is likely<br />
to require the chief executive officer or chief<br />
financial officer to sign it, in a nod to SOX’s<br />
requirement that for-profit top officers certify<br />
the financial statements<br />
Current IRS rules only provide for late filing<br />
penalties; the proposed legislation would<br />
lend far more urgency to Form 990 filings if<br />
the IRS heeds the Sector Report’s recommendation<br />
of automatic suspension of an organization’s<br />
tax-exempt status after two consecutive<br />
failures to file Form 990.<br />
Form 990 is a critical monitoring device for<br />
ensuring compliance with tax-exempt laws<br />
and regulations, and the Sector Report urges<br />
that tax-exempt organizations pay close<br />
attention to its preparation and filing. It is<br />
suggested that health care entities avoid a<br />
“less is better” approach in Form 990, and<br />
instead move toward detailed and coherent<br />
disclosure in Form 990. Filed Form 990s for<br />
virtually all charitable organizations are now<br />
easily available online, thus the ease of public<br />
scrutiny should be considered as an additional<br />
motivation for accurate and timely filings.<br />
Increased audit activity for tax-exempt<br />
organizations. The Sector Report also suggests<br />
mandatory internal review of the taxexempt<br />
purposes of charitable organizations,<br />
with additional IRS audits serving as the<br />
motivating force. Currently, there is no effective<br />
way to determine whether or not an<br />
organization has substantially changed its mission<br />
or governance structure, apart from a<br />
general plea in the determination letter and a<br />
check-the-box question in Form 990 asking if<br />
governing documents have changed. The<br />
Sector Report therefore recommends that<br />
Congress allocate additional resources for<br />
audits and reviews of the annual Form 990s. It<br />
is hoped that increasing the effectiveness of<br />
Continued on page 28<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
January 2006<br />
25
The trend toward increased corporate... ...continued from page 25<br />
Form 990s would encourage organizations to<br />
conduct self-review of corporate governance<br />
activities in connection with more detailed<br />
Form 990s. For example, organizations should<br />
thoroughly review organizational documents<br />
(articles of incorporation, bylaws, compensation<br />
practices, policies, etc.) once every five<br />
years, and preferably more frequently.<br />
Formal audits of financial statements<br />
and operations. This proposal will likely be<br />
met with strong resistance due to the costs of<br />
a formal financial audit. Currently, organizations<br />
receiving federal funding of $500,000<br />
or more must perform annual audits, but<br />
apart from this requirement, no audit<br />
requirement exists beyond any state requirements.<br />
The Sector Report urges that charitable<br />
organizations with $1 million or more in<br />
total annual revenues attach an audited<br />
financial statement to the Form 990s.<br />
Organizations with at least $250,000 and<br />
under $1 million in annual revenues would<br />
have their financial statements reviewed (but<br />
not audited) by a certified public accountant.<br />
If the nonprofit health care organization currently<br />
generates all financial statements internally,<br />
serious thought might be given to<br />
retaining independent auditors in the same<br />
manner as SOX requires for public companies.<br />
In the current environment, the benefits<br />
and relative security offered by a competent,<br />
independent audit may very well outweigh<br />
the costs of the audit.<br />
Adoption of a formal conflict of interest<br />
policy. This aspirational suggestion is likely<br />
to be proposed and the nonprofit health care<br />
organization should not wait for it to become<br />
law. As mentioned earlier, current IRS policies<br />
strongly suggest, but do not quite<br />
require, tax-exempt organizations to adopt a<br />
standard conflict of interest policy. These<br />
policies provide for such procedures as<br />
recusal of “interested” board members (such<br />
as when the board determines compensation<br />
or approval of contracts which indirectly<br />
benefit the board member). The Sector<br />
Report suggests making conflict of interest<br />
policies mandatory for all tax-exempt organizations.<br />
The cost of a conflict of interest policy<br />
is relatively minimal; the IRS has a standard<br />
conflict of interest policy that is easily<br />
adopted by the board and applicable among<br />
most health care organizations. 11<br />
The presence of a conflict of interest policy is<br />
critical since the Sector Report highlights<br />
executive compensation within charitable<br />
organizations as an issue, motivated by media<br />
reports of high salaries and loans to executives.<br />
Within the health care industry, the adoption<br />
and documented observance of a conflict of<br />
interest policy, as well as documented reference<br />
to salary studies of comparable organizations,<br />
can help shift the burden of proof if the<br />
level of compensation is questioned.<br />
Increasing the use of audit committees.<br />
It is suggested that far too few nonprofits<br />
establish formal audit committees with<br />
required financial expertise. Often, those<br />
who serve on charitable boards are motivated<br />
by the mission of the organization and as<br />
such, financial expertise is often lacking.<br />
Particularly within the health care field, at<br />
least one board member well-versed in<br />
finance (preferably with the certified public<br />
accountant or similar designation) should<br />
serve on the committee.<br />
If necessary, a non-voting, advisory committee<br />
may be established. Unfortunately, no federal<br />
law addresses the role of audit committees<br />
within charitable organizations; to date,<br />
only California has required audit committees<br />
(for charitable corporations with revenues in<br />
excess of $2 million). The Sector Report proposes<br />
educating nonprofits on the importance<br />
of the audit function, but does not recommend<br />
an outright requirement at the federal<br />
level, acknowledging the costs involved. The<br />
organization should consider its board composition<br />
and ascertain whether a minimum<br />
level of financial expertise is present on the<br />
board, and if not, it should consider adding<br />
board members or advisors accordingly.<br />
Congress should pass legislation to define<br />
and regulate donor-advised funds. Donoradvised<br />
funds are sizeable funds maintained<br />
by a single public charity, and donors are<br />
able to direct where the donor-advised fund<br />
distributes their contributions. <strong>Health</strong> care<br />
organizations may frequently receive sizeable<br />
contributions from donor-advised funds.<br />
Unfortunately, there is little statutory guidance<br />
on how these funds operate and solicit<br />
contributions.<br />
The proposals urge a statutory definition of<br />
“donor-advised funds,” as well as more specific<br />
rules on how quickly funds must be distributed<br />
out to the eventual charitable recipient.<br />
The new rules may also specifically prohibit<br />
the donor from receiving any substantial<br />
benefit as a result of a particular grant<br />
recommendation.<br />
Incorporation of federal tax standards.<br />
Currently there is not enough overlap and too<br />
much inconsistency between tax-exempt rules<br />
as imposed by the IRS and state nonprofit<br />
rules. Texas, for example, has its own standards<br />
for determining exemption from state franchise,<br />
property, and sales tax that are not necessarily<br />
consistent with federal income tax<br />
exemptions. Texas also has its own hospital<br />
community benefits report, and such reports<br />
could arguably be coordinated with IRS<br />
authorities. The Sector Report calls for<br />
increased sharing of information between state<br />
and federal officials (typically, the state attor-<br />
Continued on page 33<br />
January 2006<br />
28<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
suffix that identifies package size (e.g., the<br />
number of pills in a bottle) and drug strength.<br />
Given the vast number of prescriptions that will<br />
be filled and processing fees that will be paid, it<br />
is vital that claims submissions and payments be<br />
electronic. In order to submit those claims electronically,<br />
retail pharmacies are required to use<br />
the full eleven-digit NDC number.<br />
By Edwin D. Rauzi<br />
Editor’s note: Edwin D. Rauzi is a partner ■ Under the Medicare Modernization Act, a<br />
in Davis Wright Tremaine LLP’s Seattle drug that is not on the formulary of the particular<br />
plan is “not a covered Part D drug”<br />
office. He focuses his practice on <strong>Health</strong><br />
<strong>Care</strong> matters, designing and implementing<br />
corporate compliance plans; advising sentation that is made in reckless disre-<br />
■ Under the False Claims Act, a false repre-<br />
corporate compliance officers. He may be gard of the truth and in support of a<br />
reached by telephone at 206/622-3150 claim for payment that includes federal<br />
dollars may be subject to a penalty of<br />
The Medicare Prescription Drug<br />
$10,000 per claim<br />
Benefit begins on January 1, 2006. ■ Under the <strong>Health</strong> Insurance Portability<br />
Just about everyone in the health care and Accountability Act of 1996, only<br />
delivery system will soon be asked to sign a contract<br />
(and probably several) based on the new sets” may be submitted electronically<br />
transactions that include approved “code<br />
benefit. The contracts are likely to be tendered<br />
with inadequate time for review and no meaningful<br />
opportunity to negotiate. Succumbing to amoxicillin, a generic and common antibiot-<br />
To illustrate, consider a prescription for<br />
the expedient approach, however, may put your ic. A drug is a generic because it does not<br />
organization in peril of violating the False matter who manufactures it or how many<br />
Claims Act—not once, but on a recurring basis. pills come in the bottle. From the clinical and<br />
pharmacy perspective, therefore, it does not<br />
There is a design flaw in the electronic claims matter whether the drug is manufactured by<br />
submission process that makes compliance Glaxo SmithKline (GSK) or Teva. Under the<br />
for many organizations virtually impossible. Medicare Modernization Act, however, a drug<br />
That design flaw is the use of eleven-digit that is not on the formulary of the particular<br />
National Drug Code (NDC) numbers to drug plan is not a covered Part D drug.<br />
describe generic drugs that are dispensed.<br />
That level of precision is nearly impossible to If you consult the Red Book, the pharmacy<br />
attain, and is at odds with the very nature of industry resource list of all NDC assigned numbers,<br />
you will see literally hundreds of NDC<br />
generic drugs and accepted clinical practices.<br />
numbers associated with that drug. Hundreds of<br />
Three propositions that originate in three numbers exist because, in addition to a different<br />
federal laws are central to understanding five-number NDC prefix for each manufacturer<br />
what may go wrong:<br />
or repackager of the drug, there is a six-digit<br />
For hospitals, the rule is not yet clear, but the<br />
trend is clearly toward using NDC numbers<br />
for one simple reason: there is no comprehensive<br />
alternative. When the code set was first<br />
introduced, hospitals were able to prevail upon<br />
regulators to allow them to continue to use the<br />
old HCPCS “J” codes. Those “J” codes, however,<br />
are limited to the small subset of drugs<br />
that were covered by Part B of Medicare. With<br />
the expansion of the Medicare benefit to cover<br />
virtually all prescription drugs, there simply is<br />
no “J” code that can be used. Providers will<br />
have to use the full eleven-digit code for all<br />
prescriptions filled, a time-consuming process<br />
fraught with potential for error.<br />
Hence, as proposed, the claims submission<br />
process anticipates perfection to the eleventhdigit<br />
on claims submissions. There are two<br />
exacerbating factors that render that expectation<br />
unrealistic: automated dispensing and<br />
the proliferation of plans (and formularies)<br />
the MMA promotes.<br />
Many pharmacies use Pyxis or similar<br />
machines to dispense drugs. Those machines<br />
use bins to hold large amounts of pills. Once<br />
pills from more than one manufacturer are<br />
mixed in the bins, it is impossible for the<br />
machine to tell when pills with one NDC<br />
number end, and another begins. Even more<br />
problematic is the idea that a prescription of<br />
30 generic pills would be identified as 14<br />
from one manufacturer and 16 from another.<br />
Continued on page 30<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
January 2006<br />
29
Administrative “complification” ...continued from page 29<br />
Publisher:<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong>, 888-580-8373<br />
Executive Editor:<br />
Roy Snell, CEO, HCCA, roy.snell@hcca-info.org<br />
Contributing Editor:<br />
Odell Guyton, President, HCCA, 888-580-8373<br />
Layout:<br />
Sarah Anondson, HCCA, 888-580-8373, sarah.anondson@hcca-info.org<br />
Story Editor:<br />
Margaret R. Dragon, HCCA, 781-593-4924, margaret.dragon@hcca-info.org<br />
Advertising:<br />
Margaret R. Dragon, HCCA, 888-580-8373, info@hcca-info.org<br />
HCCA Officers:<br />
Odell Guyton<br />
HCCA President<br />
Senior Corporate Attorney,<br />
Director of <strong>Compliance</strong>,<br />
U.S. Legal–Finance & Operations<br />
Microsoft Corporation<br />
Daniel Roach, Esq.<br />
HCCA 1st Vice President<br />
VP & Corporate <strong>Compliance</strong> Officer<br />
Catholic <strong>Health</strong>care West<br />
Steven Ortquist, CHC<br />
HCCA 2nd Vice President<br />
Senior Vice President, Ethics and<br />
<strong>Compliance</strong>/Chief <strong>Compliance</strong> Officer<br />
Tenet <strong>Health</strong>care Corporation<br />
Rory Jaffe, <strong>MD</strong>, MBA, CHC<br />
HCCA Treasurer<br />
Executive Director–Medical Services<br />
University of California<br />
Julene Brown, RN, BSN, CHC, CPC<br />
HCCA Secretary<br />
Merit<strong>Care</strong> <strong>Health</strong> System<br />
Al W. Josephs, CHC<br />
HCCA Immediate Past President<br />
Senior Director Policies and Training<br />
Tenet <strong>Health</strong>care Corporation<br />
Cynthia Boyd, <strong>MD</strong>, FACP, MBA<br />
Chief <strong>Compliance</strong> Officer<br />
Rush University Medical Center<br />
CEO/Executive Director:<br />
Roy Snell, CHC<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong><br />
Board of Directors:<br />
Anne Doyle<br />
Director, Corporate Learning and<br />
Organizational Development<br />
Tufts <strong>Health</strong> Plan<br />
F. Lisa Murtha, Esq., CHC<br />
Managing Director<br />
Huron Consulting Group<br />
Frank Sheeder<br />
Partner<br />
Brown McCarroll, LLP<br />
John Steiner, Jr., JD<br />
Chief <strong>Compliance</strong> Officer<br />
The Cleveland Clinic <strong>Health</strong> System<br />
Debbie Troklus, CHC<br />
Assistant Vice President for <strong>Health</strong><br />
Affairs/<strong>Compliance</strong><br />
University of Louisville, School of<br />
Medicine<br />
Sheryl Vacca, CHC<br />
Director, National <strong>Health</strong> <strong>Care</strong> Regulatory<br />
Practice, Deloitte & Touche<br />
Cheryl Wagonhurst<br />
Outgoing, Chief <strong>Compliance</strong> Officer<br />
Tenet <strong>Health</strong>care Corporation<br />
Greg Warner, CHC<br />
Director for <strong>Compliance</strong><br />
Mayo Foundation<br />
Counsel:<br />
Keith Halleland, Esq.<br />
Halleland Lewis Nilan Sipkins & Johnson<br />
<strong>Compliance</strong> Today (CT) (ISSN 1523-8466) is published by the <strong>Health</strong> <strong>Care</strong><br />
<strong>Compliance</strong> <strong>Association</strong> (HCCA), 5780 Lincoln Drive, Suite 120, Minneapolis, MN 55436.<br />
Subscription rate is $357 a year for non-members. Periodicals postage-paid at Minneapolis,<br />
MN 55436. Postmaster: Send address changes to <strong>Compliance</strong> Today, 5780 Lincoln<br />
Drive, Suite 120, Minneapolis, MN 55436. Copyright 2004 the <strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong><br />
<strong>Association</strong>. All rights reserved. Printed in the USA. Except where specifically encouraged, no<br />
part of this publication may be reproduced, in any form or by any means without prior written<br />
consent of the HCCA. For subscription information and advertising rates, call Margaret<br />
Dragon at 781-593-4924. Send press releases to M. Dragon, PO Box 197, Nahant, MA<br />
01908. Opinions expressed are not those of this publication or the HCCA. Mention of products<br />
and services does not constitute endorsement. Neither the HCCA nor CT is engaged in<br />
rendering legal or other professional services. If such assistance is needed, readers should consult<br />
professional counsel or other professional advisors for specific legal or ethical questions.<br />
For example, If the plan’s formulary specifies GSK amoxicillin, and<br />
the pharmacy dispenses the same drug manufactured by Teva, one<br />
of two things may happen: first, the pharmacy may submit a claim<br />
that includes the NDC number for GSK amoxicillin (which could<br />
later be characterized by a whistleblower or regulator as a false<br />
claim); or second, the pharmacy may submit a claim that includes<br />
the NDC number for Teva amoxicillin (which will not be paid).<br />
The MMA is also designed to encourage competition. Each of the<br />
competing plans is required to define its own formulary. A pharmacy<br />
that deals with several drug plans, in theory, will be required to<br />
dispense only the brand of generics each plan includes on its formulary;<br />
pills from other manufacturers are not covered Part D drugs.<br />
As another example, consider the plight of the long-term care pharmacy<br />
serving several nursing and assisted living facilities. Even if all<br />
residents of one facility choose the same plan (and formulary), it is<br />
unlikely all the other facilities the pharmacy serves will do the<br />
same. The generic drug on the formulary for one pharmacy may<br />
not be on the formulary for the other plan. If the automated dispensing<br />
machine is full of Teva amoxicillin, that is what all of the<br />
residents of all of the facilities are going to receive (which is both<br />
clinically appropriate and consistent with federal policy to promote<br />
the use of generics). Technically, however, some of the prescriptions<br />
dispensed that day will not be covered by Medicare.<br />
None of this is necessary in order for members of prescription<br />
drug plans to get access to generic drugs. Unfortunately, the “fix”<br />
is either the development of a new code set to describe generic<br />
drugs or federal legislation. Completion of either process is not<br />
likely by the end of this year.<br />
Under the current design of the Prescription Drug Benefit,<br />
providers who dispense drugs are thus faced with a difficult<br />
choice. Those who obligate themselves to submit electronic claims<br />
with eleven-digit numbers take on an impossible task. Those who<br />
insist on manual claims—which identify the generic but not the<br />
manufacturer and bottle size—may be rebuffed or, at a minimum,<br />
encounter delays in payment.<br />
Providers need to publicize this issue with prescription drug plans<br />
and regulators alike, or whistleblowers may turn out to be one of<br />
the prime beneficiaries of the new prescription drug benefit. ■<br />
January 2006<br />
30<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
By José A. Tabuena<br />
JOSÉ A. TABUENA<br />
Editor’s note: José A. Tabuena is with the<br />
Forensic & Dispute Services practice of<br />
Deloitte Financial Advisory Services and<br />
assists organizations in the development<br />
and assessment of corporate compliance<br />
and anti-fraud programs. He is currently<br />
an Assistant Editor with <strong>Compliance</strong> &<br />
Ethics for The Society of Corporate<br />
<strong>Compliance</strong> and Ethics (SCCE). This article<br />
was originally published in <strong>Compliance</strong><br />
& Ethics (Vol. 1, No. 2), page 10,<br />
November 2004. HCCA members interested<br />
in learning more about <strong>Compliance</strong> &<br />
Ethics can visit the SCCE Web site at:<br />
www.corporatecompliance.org or e-mail<br />
José at jtabuena@deloitte.com<br />
How did “internal control”<br />
become such a catch phrase in<br />
the current business climate For<br />
the experienced auditor, the terminology and<br />
underlying concepts, though frequently used,<br />
are deceptively simple and often ill-defined<br />
or applied in an assumptive manner.<br />
Just what are internal controls and what can<br />
happen to a company’s performance (and<br />
stock) if the controls aren’t very good Often<br />
it is not well understood that a compliance<br />
and/or antifraud program itself serves as a<br />
broad form of internal control. Certainly the<br />
features of such programs can comprise the<br />
fundamentals of a company’s internal control<br />
system.<br />
In certain highly regulated industries (including<br />
health care, defense contractors, financial<br />
institutions), an ethics-based compliance or<br />
integrity program headed by a compliance<br />
officer with senior management responsibility,<br />
have produced an established track record<br />
for the processes called for in the corporate<br />
governance reforms. Yet the recent legislation<br />
and resulting standards, though touting useful<br />
principles, still fail to recognize or emphasize<br />
a compliance program as an essential element<br />
for enhancing corporate governance. 1<br />
The changing legal and regulatory environment<br />
is encouraging companies to do what<br />
compliance officers and internal auditors have<br />
been striving to accomplish for some time—<br />
namely to consider compliance and fraud prevention<br />
programs as a significant part of an<br />
organization’s internal controls. To a growing<br />
extent, regulators and investors are demanding<br />
proactive compliance and fraud control programs<br />
characterized by an emphasis on the<br />
timely detection of fraud or other misconduct.<br />
The changing mindset places greater emphasis<br />
on internal controls, and particularly in the<br />
United States, the Committee of Sponsoring<br />
Organizations of the Treadway Commission<br />
(COSO) internal control framework.<br />
This fundamental shift presents an opportunity<br />
for ethics and compliance officers to<br />
become more actively involved in corporate<br />
governance matters and to demonstrate tangible<br />
value to an organization. For the compliance<br />
function, which may have been chafing<br />
under ambiguous accountabilities and perhaps<br />
perceptions that compliance programs<br />
only contribute burdensome processes, the<br />
environment is encouraging greater expectations<br />
to support efforts to combat corporate<br />
fraud and misconduct. Although there are<br />
some studies indicating that compliance and<br />
antifraud programs can pay for themselves 2 it<br />
has been a challenge for a compliance program<br />
to show value beyond the prevention of<br />
uncertain regulatory fines and penalties.<br />
Sarbanes-Oxley (SOX) and corresponding regulatory<br />
changes have raised the stakes for senior<br />
management and the board of directors.<br />
What follows is a discussion on how a compliance<br />
function can contribute to meeting the<br />
new requirements to assess the effectiveness of<br />
internal controls over financial reporting,<br />
while simultaneously laying the groundwork<br />
for documenting and demonstrating the effectiveness<br />
of the compliance program. This is<br />
unquestionably an opportune time to embrace<br />
the new financial governance standards as a<br />
bridge to overall compliance excellence.<br />
Continued on page 40<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
January 2006<br />
31
Editor’s note: This interview with Alan<br />
Pierce, HCCA’s Editor/Product<br />
Manager, took place in late November<br />
2005 and was conducted by Margaret<br />
Dragon. Alan may be contacted at<br />
888/580-8373 and by e-mail at<br />
alan.pierce@hcca-info.org.<br />
<strong>MD</strong>: Alan, would you tell our readers<br />
about your writing and editing background<br />
AP: Most of my writing and editing experience<br />
has come from newspapers. I started my<br />
career as a reporter at a small daily newspaper<br />
in Creston, Iowa, where I covered school board,<br />
city council, and county board meetings. I also<br />
covered law enforcement and the fire department,<br />
so I’ve seen more than my share of car<br />
accidents, house fires, and trials. Later, I<br />
became an assistant editor at the Ottumwa<br />
Courier. I supervised two reporters who worked<br />
out of our news bureaus, and I edited articles<br />
written by correspondents who possessed various<br />
degrees of ability. However, I continued to<br />
write, because the newspaper had a small staff.<br />
The journalism background has helped me<br />
tremendously in my later positions. Working in<br />
newspapers forced me to master a lot of information<br />
quickly and then turn around and produce<br />
accurate and clear articles. That skill<br />
helped my in my previous job as a children’s<br />
book author and editor. In 18 months, I wrote<br />
19 history books that were roughly 5,000<br />
words each. My newspaper background has<br />
helped me as an editor at HCCA where I must<br />
grasp the complexity of health care compliance.<br />
did you decide to move into the compliance<br />
field<br />
AP: I joined HCCA on September 6,<br />
2005.The challenge of this position and the<br />
subject matter intrigued me. Essentially, I am<br />
responsible for developing products for a<br />
field that is relatively new. I wasn’t an expert<br />
on a lot of issues I wrote about as a reporter,<br />
but I try to learn. I’m learning now. I’m<br />
always learning.<br />
<strong>MD</strong>: Tell us how do you go about developing<br />
product ideas and would it be helpful<br />
for members to email their ideas to you<br />
AP: I’ve been attending conferences and<br />
asking compliance professionals questions<br />
about what types of products would benefit<br />
them. I try to stay up on the trends in the<br />
industry. But really, I need assistance from<br />
members. It’s similar to being a reporter. I can<br />
attend meetings and ask people questions, but<br />
the compliance professionals are out in the<br />
field and they encounter compliance issues<br />
every day. I encourage them to send me ideas<br />
about products. To me, generating and sharing<br />
ideas are largely what HCCA is about.<br />
<strong>MD</strong>: How do you research a product and<br />
determine its viability<br />
AP: Some ideas come from conferences<br />
I’ve attended. I try to discern important<br />
issues and develop products that address key<br />
concerns. I also look to the HCCA survey as<br />
a guide to see what the priorities are for compliance<br />
professionals.<br />
ALAN PIERCE<br />
AP: I expect to contact members more in<br />
the future as HCCA plans new products.<br />
Right now, I’m focusing on finishing products<br />
that were started when I joined HCCA.<br />
<strong>MD</strong>: What products are you currently<br />
developing for HCCA<br />
AP: We are developing several products.<br />
First, Debbie Troklus is updating HCCA’s<br />
<strong>Compliance</strong> 101 book. The book is popular<br />
with members and is a necessary resource for<br />
people working in health care compliance. I<br />
think they will be pleased with the new version.<br />
Second, HCCA is developing an<br />
Auditing and Monitoring Manual. This manual<br />
will be comprised of tools and policies<br />
submitted by members and it will be a superb<br />
resource for professionals who are starting an<br />
auditing and monitoring program or are<br />
wanting to improve their program. Third, we<br />
plan to offer pay-per-view white papers on<br />
the Web site and at conferences. I envision<br />
these publications to run 20 to 50 pages.<br />
<strong>MD</strong>: When is the target date for these<br />
products to be available for purchase<br />
AP: My goal is to have these products<br />
available in time for the <strong>Compliance</strong><br />
Institute in April.<br />
January 2006<br />
32<br />
<strong>MD</strong>: When did you join the HCCA staff,<br />
what intrigued you about the work, and why<br />
<strong>MD</strong>: Will you contact members to conduct<br />
research or to get their help<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
<strong>MD</strong>: What help could HCCA members<br />
provide to you in developing these products
AP: As far as the Auditing and<br />
Monitoring Manual, I encourage members to<br />
send me auditing and monitoring tools and<br />
policies. Several members have been very<br />
generous and cooperative, and I appreciate<br />
their efforts. Some people have asked me to<br />
be more specific about what types of tools<br />
HCCA is looking for. I hesitate to be more<br />
specific because when I have given examples<br />
of material I am looking for, members<br />
assume I am not interested in other areas of<br />
auditing and monitoring. That is not the<br />
case. I am seeking tools that have helped<br />
members with their programs and that<br />
would benefit others. Also, I can always<br />
use ideas and writers for white papers and<br />
books.<br />
<strong>MD</strong>: What is the time commitment for<br />
those volunteering to help<br />
AP: The time commitment depends on<br />
the project. For the Auditing and Monitoring<br />
Manual members have taken tools and policies<br />
that are already developed and e-mailed<br />
those to me. Writing a white paper would<br />
take more time, but HCCA has an editor to<br />
assist with the process.<br />
<strong>MD</strong>: If a member would like to be<br />
involved, but can’t make a substantial time<br />
commitment, what contributions to this<br />
product development could they provide<br />
AP: Members can always contribute<br />
ideas. I encourage members to call me or<br />
e-mail me with ideas. If there is an issue that<br />
is crying out for discussion in a book or<br />
paper I want to hear about it.<br />
<strong>MD</strong>: Will you conduct any focus groups<br />
during the <strong>Compliance</strong> Institute to learn from<br />
what products our members will most benefit<br />
AP: That’s a good question. I might<br />
distribute questionnaires at the <strong>Compliance</strong><br />
Institute to learn more about the kinds of<br />
products members want.<br />
<strong>MD</strong>: What is the best way for members<br />
to contact you<br />
AP: They can e-mail me at<br />
alan.pierce@hcca-info.org or call me at<br />
888-580-8373 ext. 245. ■<br />
The trend toward increased corporate...<br />
...continued from page 28<br />
ney general has oversight responsibilities for<br />
nonprofits). Organizations should be prepared<br />
for quicker investigative actions from state and<br />
federal authorities in response to reported<br />
abuses within tax-exempt organizations.<br />
It is clear that with the growing impact of<br />
charities and nonprofits following the recent<br />
Katrina devastation, legislators will face<br />
much more public pressure to (i) pass legislation<br />
that increases nonprofit accountability,<br />
and (ii) ensure that the benefits of taxexempt<br />
organizations are directed toward the<br />
bona fide charitable purposes and goodwill<br />
of the general community. Those in the<br />
nonprofit, tax-exempt health care compliance<br />
area should keep abreast of such developments<br />
and prepare for heightened compliance<br />
requirements. At the very least, compliance<br />
professionals should conduct self-audits<br />
to see if their organization reflects problems<br />
highlighted by the Sector Report, and<br />
address any shortcomings accordingly. ■<br />
1. Julie Appleby, “Non-profit Hospitals’ Top Salaries May Be<br />
Due for a Check-Up,” USA Today, Money Section (Sept.<br />
9, 2004), available at www.usatoday.com/money/industries/<br />
health/2004-09-29-nonprofit-salaries_x.htm#POE=<br />
click-refer<br />
2. Cal. Gov’t Code § 12583.<br />
3. Section 12586 in part reads as follows:<br />
If it is a corporation, have an audit committee appointed<br />
by the board of directors. The audit committee may<br />
include persons who are not members of the board of<br />
directors, but the member or members of the audit committee<br />
shall not include any members of the staff, including<br />
the president or chief executive officer and the treasurer<br />
or chief financial officer. If the corporation has a<br />
finance committee, it must be separate from the audit<br />
committee. Members of the finance committee may serve<br />
on the audit committee; however, the chairperson of the<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
audit committee may not be a member of the finance<br />
committee and members of the finance committee shall<br />
constitute less than one-half of the membership of the<br />
audit committee. Members of the audit committee shall<br />
not receive any compensation from the corporation in<br />
excess of the compensation, if any, received by members of<br />
the board of directors for service on the board and shall<br />
not have a material financial interest in any entity doing<br />
business with the corporation.<br />
4. Cal. Gov’t Code § 12586(g).<br />
5. A copy of the Massachusetts proposal is available at<br />
www.ago.state.ma.us/sp.cfmpageid=2059<br />
6. Maine LD 1691 (Mar. 10, 2004). A white paper discussion<br />
of the Maine laws is available at www.nonprofitmaine.org/<br />
documents/LD1770Sum.pdf. The National Council of<br />
Nonprofit <strong>Association</strong>s monitors activity within nonprofit<br />
law development, and helpful 2004 and 2005 surveys of<br />
state legislation—whether passed or not—can be downloaded<br />
at<br />
www.ncna.org/index.cfmfuseaction=Page.viewPage&page<br />
Id=555<br />
7. New Hampshire H.B. 1408 (Jun. 11, 2004), available at<br />
www.gencourt.state.nh.us/legislation/2004/HB1408.html<br />
8. IRS News Release 2004-106 (Aug. 10, 2004).<br />
9. Supra, n.2.<br />
10. Note that churches and governmental entities are generally<br />
exempt from Form 990 filings; this will include hospitals<br />
that are essentially “owned” by local hospital districts.<br />
11. Available at http://www.irs.gov/pub/irs-utl/topice00.pdf<br />
HCCA’s 8th Annual<br />
<strong>Compliance</strong> Survey<br />
HCCA conducted its annual member<br />
survey online from December 5, 2005,<br />
to January 5, 2006.<br />
This survey provides important benchmarking<br />
data for the entire industry.<br />
This research tracks the growth of<br />
corporate compliance programs and<br />
positions, and looks at issues facing<br />
compliance officers and their staffs.<br />
This important research also gives us<br />
information on compliance education<br />
and training as well as compliance<br />
staff salary levels.<br />
The 8th Annual Survey will be released<br />
at the HCCA’s 10th Anniversary<br />
<strong>Compliance</strong> Institute in Las Vegas and<br />
will be mailed to all HCCA members.<br />
January 2006<br />
33
By Celeste Daye and Sou Chon Young<br />
Editor’s note: Celeste Daye is Director Up to now, whoever had the most “muscle”<br />
of Patient Accounting with Dana Farber had the ability to make others conform to<br />
Cancer Institute, and Sou Chon Young their “language,” by customizing their system,<br />
building interfaces or creating new<br />
is a <strong>Health</strong> <strong>Care</strong> Industries Consultant<br />
with PricewaterhouseCoopers.<br />
work. Rather then utilizing technology to<br />
Mr. Young may be reached by e-mail improve processes, workflows were created to<br />
at sou.chon.young@us.pwc.com<br />
accommodate technology.<br />
It was January 2003 when the<br />
HIPAA has given the industry the opportunities<br />
not only to review our workflows but<br />
<strong>Health</strong> Insurance Portability and<br />
Accountability Act (HIPAA) 835 also to shave off non-value added (NVA)<br />
Transaction Code Set (TCS) project at steps, which will reduce costs and improve<br />
Dana Farber Cancer Institute (DFCI) efficiency. DFCI saw this opportunity and<br />
started; it was to be a short three- to sixmonth<br />
engagement working to configure a didn’t anticipate was the complexity involved<br />
wanted to capitalize on HIPAA. What we<br />
few new modules in the legacy patient with becoming compliant and adopting the<br />
accounting system and bring the highest HIPAA 835 TCS, as well as the additional<br />
revenue payors live with the 835 HIPAA1 opportunities that the 835 would provide.<br />
Transaction Code Set. Two years later we<br />
are finally live with all of these major Experience<br />
payors and there is still plenty of work DFCI’s legacy patient accounting system had<br />
related to the 835 TCS.<br />
come out with a few new modules and functionality<br />
such as the EDI Toolkit, Line Item<br />
October 2002 was the mandated live date Payment Posting, and Rejection Subsystem,<br />
(October 2003 if you filed for an extension) which needed to be configured, tested, and<br />
set by the Department of <strong>Health</strong> and moved into live. At the same time, some payors<br />
had their own implementation guides in<br />
Human Services, but most of the industry is<br />
still not using the 835 TCS.<br />
addition to the ANSI X12N 835<br />
Implementation Guide (IG), which needed<br />
Intent<br />
to be taken into consideration when configuring<br />
the legacy patient accounting system.<br />
One of the goals of HIPAA was to simplify<br />
the health care business. What seemed like Most of this work seemed straightforward<br />
common sense, to simplify communication but given all the different components, it was<br />
within the health care industry, has finally only a matter of time before we ran into<br />
been put down into a plan: standardization. some significant roadblocks.<br />
Negative experiences<br />
Patient Accounting System Vendor<br />
We quickly realized we had a challenge ahead<br />
of us when the vendor documentation was<br />
incomplete or incorrect, functionality was<br />
not working properly and others were changing<br />
as we tested, and some major components<br />
of the 835 files were not incorporated<br />
into the system. The vendor had unknowingly<br />
made us a beta site; and after several conference<br />
calls with the vendor’s senior management,<br />
a support team was dedicated to DFCI<br />
to address some of the problems we were<br />
encountering. Despite all of this, the vendor<br />
was one of the early adopters of the HIPAA<br />
TCS and had sophisticated systems in place.<br />
Payors<br />
Like most providers, we scheduled Medicare<br />
first on the list for these reasons:<br />
■ Medicare is the biggest payor with the<br />
highest revenue in DFCI’s book of business<br />
■ Medicare already had the most experience<br />
using the standard code sets, which are<br />
part of the ANSI X12N<br />
■ There were threats and fines for those<br />
who did not adopt the TCS (specifically<br />
the 837), so we decided to test in parallel<br />
the two TCS<br />
Again, we quickly realized we had a challenge<br />
ahead of us. For one, there was little or no<br />
response from their EDI support team; we<br />
were on our own. After much analysis and<br />
testing we were able to handle some of the<br />
nuances Medicare had, such as cost outliers,<br />
PLB interpretation, and using certain reason<br />
codes inconsistently (i.e., to report both a contractual<br />
allowance in some instances and then<br />
denials in others). Now, a system can be configured<br />
for binary decisions (yes/no) but usually<br />
cannot “think” without additional logic<br />
and parameters created and set into place; so<br />
we began a discussion about a “pre-processor”<br />
January 2006<br />
34<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
that would provide the intelligence and handle<br />
some of these non-standard situations.<br />
Each payor we activated had its own nuances<br />
and idiosyncrasies. Issues ranged from limitations<br />
in the payors’ legacy system that led to<br />
difficulty translating proprietary codes into<br />
the HIPAA compliant codes or taking codes<br />
from primary payors and passing them<br />
through, to having different interpretations<br />
of the IG, all of which we had to overcome.<br />
The ship had set sail and there was no turning<br />
back; we had to make things work.<br />
We are still challenged by the multiple interpretations<br />
of the same claim adjustment reason<br />
code (CARC), the inconsistency in which<br />
an individual payor may report the frequency<br />
in which it changes its files. And our inability<br />
to recognize when changes are being made<br />
makes the work extremely challenging.<br />
Positive experiences by stakeholder<br />
To help develop collaboration between<br />
payors and providers<br />
Many of us know that with anything new,<br />
several unforeseen issues arise—what some<br />
might call opportunities. For example, the<br />
issues encountered when testing with payors<br />
created an opportunity to work collaboratively<br />
with some local payors. Subcommittees<br />
were established, which provided a forum for<br />
addressing issues with those working hands<br />
on. Not only were new relationships formed<br />
and old ones strengthened, but also trust<br />
increased and (silos) and walls began to<br />
come down.<br />
Historically, payors and providers were seen<br />
as being on opposing sides, but much less so<br />
now, at least not from the EDI perspective.<br />
For example, when DFCI encountered an<br />
issue with the local Blue Cross Blue Shield<br />
(BCBS) 835 file, we worked with a representative<br />
and the company’s EDI team, which<br />
held weekly meetings for local providers to<br />
understand issues providers were having.<br />
They not only listened but they also worked<br />
with us to come up with a solution. Several<br />
months later they were able to come through<br />
and shortly afterwards we flipped the switch<br />
and converted from the old proprietary format<br />
to the 835 with them.<br />
Harvard Pilgrim <strong>Health</strong> Plan also held weekly<br />
calls for users/testers to discuss issues, to ask<br />
questions, and to share experiences with one<br />
another. These types of calls also helped form<br />
relationships among the provider community.<br />
As the industry moved toward the new EDI<br />
world, it forced processes to be reviewed in<br />
order to integrate EDI, which provided the<br />
opportunity to improve processes and<br />
remove NVA steps.<br />
Denial management<br />
Another opportunity that presented itself in<br />
implementing the 835 was the ability to create<br />
a denial management program. Since payors<br />
are now required to use the same denial<br />
codes (CARC), denial reports could be generated<br />
for all payors that DFCI posts with the<br />
835 file. PricewaterhouseCoopers has such a<br />
product, TurboDM, utilizing the 835 TCS to<br />
standardize denial reports and work-lists.<br />
Prior to HIPAA, DFCI had denial reports<br />
but crosswalks had to be built for each<br />
payor’s proprietary denial codes. These lists<br />
of codes were not only cumbersome to maintain<br />
but they required additional manual<br />
intervention to integrate each payor into one<br />
standard report.<br />
Performance improvement<br />
When analyzing 835 files prior to go live,<br />
several other issues were uncovered. It ranged<br />
from contracting, to claim creation and edits,<br />
to coding, and ran the whole gamut as far as<br />
the revenue cycle was concerned. The 835 is<br />
full of information and if tapped into can<br />
reveal so many areas for performance<br />
improvement, specifically surrounding the<br />
revenue cycle. Some examples are:<br />
■ Coding—HCPC code and modifiers<br />
■ Payment—DRG and APC payments<br />
(depending on if payor is sending back<br />
information)<br />
■ Contracting:<br />
– Allowed and contractual amounts<br />
– Bundling<br />
– High-level payment analysis<br />
■ Billing<br />
In addition, we had hoped customized<br />
processors built to handle payor specific<br />
file/tape formats, prior to HIPAA TCS, can<br />
now be sunset, which will reduce maintenance<br />
for the IT staff. The return on investment<br />
(ROI) is large, both from a tangible<br />
and intangible prospective. Short-term ROI<br />
involves reducing full-time employee’s<br />
(FTE’s) dedicated to manual cash and denial<br />
posting; automation of denial workflows is<br />
now a possibility. Now add to that compliance<br />
benefits such as reduced cost for archiving<br />
(paper versus electronic) and ease of<br />
locating an electronic remittance versus a<br />
paper remittance advice. The list goes on—<br />
the benefits are endless as we move into the<br />
EDI world.<br />
Future<br />
The journey has just begun. As the industry<br />
works toward tightening the implementation<br />
guides (such as version 4050 and 5010) and<br />
further collaboration, we will fully realize the<br />
simplification intended when first mandated.<br />
In addition, an entity or board will need to<br />
surface to govern and lead the rest of the<br />
industry (such as HHS, WEDI, etc.) and<br />
impose penalties on those who do not work<br />
Continued on page 37<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
January 2006<br />
35
OIG issues draft guidance ...continued from page 18<br />
■ Written Policies and Procedures. The<br />
OIG recommends that every institution<br />
develop and distribute written policies and<br />
procedures addressing compliance with<br />
federal award requirements. The policies<br />
and procedures should be provided to all<br />
faculty members and other employees that<br />
are affected by them, to students that may<br />
be conducting research with federal awards,<br />
and to any agents or contractors who furnish<br />
services in connection with federal<br />
research awards. As in past compliance program<br />
guidance, the OIG recommends that<br />
the institution develop a code of conduct<br />
and that there be involvement of senior<br />
management of the institution, such as the<br />
board of regents and president.<br />
■ Designation of a <strong>Compliance</strong> Officer<br />
and a <strong>Compliance</strong> Committee. The<br />
compliance officer should report directly to<br />
the institution’s president and should have<br />
direct access to the board of regents or<br />
other governing body, senior administration<br />
officials, and legal counsel. For larger<br />
institutions, the compliance officer could<br />
also report to the provost or official with<br />
similar high-level responsibility for the<br />
oversight of research administration.<br />
■ Conducting Effective Training. The<br />
OIG states that it is important to train<br />
appropriate administrators, both at the institution<br />
and department levels, faculty<br />
(including principal investigators), other<br />
staff, and contractors on award administration<br />
and other award program requirements.<br />
It may be helpful to involve faculty, such as<br />
principal investigators, in developing training<br />
programs to promote buy-in with the<br />
compliance program. Administrative personnel<br />
who manage award funding should<br />
receive specialized training on federal cost<br />
principles and grant administration regulations<br />
and policies. Employees who are<br />
involved with clinical research should receive<br />
training in the protection of human subjects,<br />
the IRB process, and the responsible<br />
conduct of research. The OIG suggests that<br />
institutions consider relaying in the training<br />
actual examples of compliance problems at<br />
the institution or other institutions, typically<br />
without any identifying information.<br />
■ Developing Effective Lines of<br />
Communication. University officials,<br />
department chairpersons, or other supervisors<br />
should serve as the first line of communication<br />
for compliance issues. The<br />
OIG’s other standard recommended communication<br />
methods should also be considered,<br />
such as hotlines, e-mails, newsletters,<br />
and suggestion boxes, at least one of<br />
which should allow employees to report<br />
matters on an anonymous basis.<br />
■ Auditing and Monitoring. The OIG<br />
notes that all institutions that spend<br />
$500,000 or more in federal awards are<br />
required to have a “non-federal entity” single<br />
audit. This is usually in addition to an<br />
institution’s annual financial statement<br />
audit. As in other compliance program<br />
guidance, the OIG also recommends conducting<br />
internal audits and risk assessments<br />
to identify other risk areas. The OIG<br />
emphasizes that external auditors should be<br />
considered when there is a particular problem<br />
or risk area that needs attention.<br />
■ Disciplinary Guidelines. The OIG recommends<br />
similar disciplinary policies and<br />
sanctions as it has recommended in past<br />
guidance.<br />
■ Responding and Developing Corrective<br />
Action Plans. The OIG recommends similar<br />
policies for investigating and responding<br />
to alleged violations of the compliance program<br />
or applicable federal or state laws as it<br />
has recommended in past guidance.<br />
The new eighth element. The OIG has<br />
added an eighth element that it considers<br />
“especially important” for an effective compliance<br />
program at a research institution. The<br />
eighth element requires the institution to<br />
define roles and responsibilities and assign<br />
oversight responsibility for research activities.<br />
Institutions should delineate responsibilities for<br />
all individuals involved in federally supported<br />
research, including research administration and<br />
department personnel, and principal investigators<br />
and others engaged in research. The OIG<br />
notes that, since PHS regulations define the<br />
institution as the “responsible legal entity” that<br />
certifies statutory and regulatory compliance,<br />
clearly defined roles and responsibilities will<br />
assist institutions in fulfilling their certifications<br />
of compliance and assist in protecting<br />
institutions against allegations of wrongful<br />
conduct. The Guidance recommends including<br />
roles and responsibilities in the institution’s<br />
written policies and procedures and in its formal<br />
training and education program.<br />
Conclusion<br />
The Guidance currently is in draft form.<br />
Comments on the Guidance are due to OIG<br />
by January 30, 2006. After considering all comments,<br />
the OIG will prepare a final version for<br />
publication in the Federal Register. Until then,<br />
recipients of awards from PHS should review<br />
the draft Guidance in light of their current<br />
policies, procedures, and practices and begin to<br />
consider the ways in which the information in<br />
the Guidance may help improve the recipient’s<br />
research compliance efforts. The Guidance is<br />
helpful both regarding grant management and<br />
other regulatory areas affecting the research<br />
enterprise, such as human subject protections,<br />
research misconduct, and conflicts of interest.<br />
For additional general information on research<br />
compliance issues, the Guidance includes a<br />
bibliography that identifies literature on<br />
research compliance issues, including guidance<br />
on establishing a compliance program. ■<br />
The information in this article does not constitute legal advice,<br />
which can only be obtained through personal consultation with an<br />
attorney. The information published here is believed to be accurate<br />
at the time of publication, but is subject to change and does<br />
not purport to be a complete statement of all relevant issues .<br />
January 2006<br />
36<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
Case study of Dana Farber Cancer Institute<br />
...continued from page 35<br />
toward the common goal. Without any penalty or<br />
enforcement, the industry will move at a much<br />
slower pace.<br />
The landscape is constantly changing and two other paradigm<br />
shifts such as consumerism and pay-for-performance<br />
are looming on the horizon. In our opinion, leveraging<br />
the HIPAA TCS and complying with the security<br />
and privacy rules will be essential in adoption of these<br />
new paradigms.<br />
But before we get ahead of ourselves, we all need to do<br />
a better job about voicing issues from the trenches and<br />
expressing them to organizations such as WEDI, CMS,<br />
HHS, etc. to further reduce the chaos it has created<br />
and work better toward true simplification. We hope<br />
that this article has shed some light on and has motivated<br />
you to look further into adopting the HIPAA TCS<br />
or to plow forward despite the challenges.<br />
Summary<br />
As with any situation, one can view it as a problem or<br />
an opportunity. DFCI and PwC viewed HIPAA as an<br />
opportunity. Together we have moved into the HIPAA<br />
world and we look forward to additional opportunities<br />
to come. Along the way, we’ve built some great relationships<br />
with some payors and have learned some great<br />
lessons. Some of these didn’t even deal with HIPAA,<br />
payors, or patient accounting. Project management,<br />
working internally with IT and vendors were all part<br />
of the mix.<br />
All in all, we have all benefited and moved one step<br />
further in reducing cost and simplifying administration<br />
within health care. ■<br />
1. HIPAA—<strong>Health</strong> Insurance Portability and Accountability Act of 1996.<br />
The <strong>Health</strong>care <strong>Compliance</strong><br />
Certification Board (HCCB) compliance<br />
certification examination is<br />
available in all 50 States. Join your<br />
peers and become Certified in<br />
<strong>Health</strong>care <strong>Compliance</strong> (CHC).<br />
CHC certification benefits:<br />
■ Enhances the credibility of the<br />
compliance practitioner<br />
■ Enhances the credibility of the<br />
compliance programs staffed<br />
by these certified professionals<br />
■ Assures that each certified<br />
compliance practitioner has<br />
the broad knowledge base necessary<br />
to perform the compliance<br />
function<br />
■ Establishes professional standards<br />
and status for compliance<br />
professionals<br />
■ Facilitates compliance work for<br />
compliance practitioners in<br />
dealing with other professionals<br />
in the industry, such as physicians<br />
and attorneys<br />
■ Demonstrates the hard work<br />
and dedication necessary to<br />
perform the compliance task<br />
CHC<br />
CERTIFIED IN<br />
HEALTHCARE<br />
COMPLIANCE<br />
The <strong>Compliance</strong><br />
Professional’s Certification<br />
Congratulations on achieving<br />
CHC status! The <strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong><br />
Certification Board announces that the following<br />
individuals have recently<br />
successfully completed the Certified in<br />
<strong>Health</strong>care <strong>Compliance</strong> (CHC) examination,<br />
earning CHC designation:<br />
Samuel L. Alfano<br />
April Ileen Andrews-Singh<br />
Anthony P. Angelo<br />
David James Behinfar<br />
James Canino<br />
Patricia Ann. Combs<br />
Mary Lucille Crumbaker<br />
Caron R. Cullen<br />
Charlotte Renee Dokes<br />
James Alexander<br />
Donaldson<br />
Anne Therese Dosch<br />
Kim E. Edwards<br />
James Joseph Ferriter<br />
Levoy Golden Haight<br />
Carrie A. Hardie<br />
Lorenzo Alan Henderson<br />
Kristan Ann Holt<br />
Kristy M. Johnson<br />
Steve C. Kilgore<br />
Indus M. Kreutz<br />
Jack Lay<br />
Linda J. Lemay<br />
Edward G. Longazel<br />
Rebecca Lynn Massey<br />
Peggy Ann Mccurry<br />
Lori A. Moon<br />
Madonna C. Moranville<br />
John Robert Outlaw<br />
Lise D. Rauzi<br />
Dana Kathleen Reid<br />
Kate Riley<br />
Deborah Gayle Rodgers<br />
CHC Certification, developed<br />
and managed by HCCB, became<br />
available June 26, 2000. Since<br />
that time, hundreds of your colleagues<br />
have become Certified in<br />
<strong>Health</strong>care <strong>Compliance</strong>. Linda<br />
Wolverton, CHC, says that she<br />
sought CHC Certification<br />
because “many knowledgeable<br />
people work in compliance, and I<br />
wanted my peers to recognize me<br />
as ‘one of their own’.” With<br />
certification she is “recognized as having<br />
taken the profession seriously, having met the national professional standard.”<br />
Brenadette A. Schwab<br />
Susan B. Scutt<br />
Neil Edward Shields<br />
Angela Eakes Solomon<br />
Linda L. Stratton<br />
Kristine Marie Tomzik<br />
Pat Wagner<br />
Robert L. Wamsley<br />
Robin Lee Wilcox<br />
Karen K. Wilson<br />
Cathy A. Wolfe<br />
Ami Zumkhawala-Cook<br />
Veronica Angulo<br />
Timothy Barker<br />
Janet Berkel<br />
Marvin Capehart<br />
Sara Ann Desmond<br />
Kathleen A. Dimaggio<br />
Kathleen Gallegos<br />
Patricia Hansen<br />
Lee Harrison<br />
Andrea M. Kuhlen<br />
Samuel Kofi Kyeremeh<br />
Latour Rey Lafferty<br />
Mary P. Luthy<br />
Donald Ray Martin<br />
Melanie Benitez Roberts<br />
Connie Sweeney<br />
Nina Viloria<br />
Susan Lee Waterman<br />
Christopher Parella<br />
Betty Bibbins<br />
For more information on how you can become CHC Certified, please call<br />
888-580-8373, e-mail hccb@hcca-info.org, or visit the HCCA Web site at<br />
www.hcca-info.org and click on the HCCB Certification button on the left.<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
37<br />
January 2006
By Lawrence A. Fogel and Joseph M. Watt<br />
Editor’s note: Lawrence A. Fogel, guidance documents for hospitals, including<br />
principal, and Joseph M. Watt, partner, the February 23, 1998, Federal Register and<br />
are both members of BKD <strong>Health</strong> <strong>Care</strong> the January 31, 2005, Federal Register.<br />
Group, a division of BKD, LLP, in<br />
Kansas City, Missouri, which serves thousands<br />
of health care providers nationwide. the OIG acknowledged that effective compli-<br />
In the OIG’s original compliance guidance,<br />
Mr. Fogel and Mr. Watt consult with ance programs provide the following benefits:<br />
clients on a broad spectrum of corporate ■ Enable hospitals to ensure that false or<br />
integrity solutions. Contact the authors at inaccurate claims are not being submitted<br />
lfogel@bkd.com or jwatt@bkd.com<br />
to government and private payors<br />
■ Assist hospitals in identifying weaknesses<br />
United States hospitals cannot and internal systems and management<br />
blame the federal government for ■ Demonstrate to employees and the community<br />
that the hospital is strongly committed<br />
a lack of guidance on developing<br />
and maintaining effective compliance programs.<br />
To the contrary, the Office of ■ Provide a more accurate view of employee<br />
to honest and responsible corporate conduct<br />
Inspector General (OIG) has provided written<br />
guidance as a roadmap for hospitals to abuse<br />
and contract behavior related to fraud and<br />
operate effective compliance programs. ■ Identify and prevent criminal and<br />
unethical conduct<br />
Some hospitals seem unconcerned about effective<br />
compliance programs. Many hospitals program to meet the hospitals specific<br />
■ Enable hospitals to conform the compliance<br />
assume just having a compliance program needs<br />
offers sufficient protection. In reality, ineffective<br />
compliance programs offer little or no ■ Create a centralized process for distribut-<br />
■ Improve the quality of patient care<br />
protection to hospitals that commit compliance<br />
violations, detected or not, well after seri-<br />
rules and regulations pertaining to fraud<br />
ing information on relevant health care<br />
ous damage occurs. Effective compliance programs<br />
may enable hospitals to avoid compli-<br />
■ Encourage employees to report potential<br />
and abuse<br />
ance violations or detect them early enough to problems<br />
mitigate serious damages. Furthermore, government<br />
agencies may be more lenient with gation of alleged misconduct<br />
■ Provide for prompt and thorough investi-<br />
hospitals that operate effective compliance ■ Provide for immediate and appropriate<br />
programs even if cited for a violation.<br />
corrective action<br />
■ Reduce the loss to the government<br />
Guidance is available and accessible. The from compliance violations through early<br />
OIG has published two primary compliance detection and reporting<br />
LAWRENCE A. FOGEL<br />
According to the OIG, the following seven<br />
elements should be included in compliance<br />
programs:<br />
1. Develop and distribute written standards of<br />
conduct and written polices and procedures<br />
2. Designate a chief compliance officer and<br />
compliance committee<br />
3. Develop and implement effective education<br />
and training programs<br />
4. Maintain a hotline or other processes to<br />
receive complaints<br />
5. Respond systematically to allegations and<br />
improper or unlawful activities and<br />
enforce appropriate disciplinary actions<br />
6. Use audits or other monitoring techniques<br />
to monitor compliance<br />
7. Investigate and resolve identified systematic<br />
problems<br />
To evaluate compliance program effectiveness,<br />
the OIG recommends hospitals perform periodic<br />
reviews, at least annually, to determine if<br />
the seven compliance elements have been satisfied.<br />
Documentation supporting compliance<br />
activities should demonstrate the compliance<br />
program operated effectively. Reviewers should<br />
be independent of physicians and line management.<br />
The compliance review team should:<br />
■ Conduct on-site reviews<br />
■ Interview personnel involved in<br />
management, operations coding, claims<br />
development submission, etc.<br />
January 2006<br />
38<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
JOSEPH M. WATT<br />
■ Solicit staff and employees’ impressions<br />
using questionnaires<br />
■ Review medical and financial records and<br />
other source documents<br />
■ Review written materials and documentation<br />
prepared by the hospital<br />
■ Analyze trends<br />
Despite the 1998 guidance, many hospitals<br />
have yet to perform periodic compliance effectiveness<br />
reviews. Consequently, the OIG published<br />
supplemental compliance guidance for<br />
hospitals in the January 31, 2005, Federal<br />
Register. In it, the OIG states there must be a<br />
commitment to active involvement of organizational<br />
leadership for every compliance program.<br />
The OIG expects a hospital’s leadership<br />
to promote a culture of values and rewards for<br />
prevention, detection, and resolution of compliance<br />
problems. Hospitals are expected to<br />
develop a culture that values compliance from<br />
the top down and fosters compliance from the<br />
bottom up. The OIG believes such an organizational<br />
culture is the foundation of an effective<br />
compliance program. The OIG recommends<br />
compliance program effectiveness be<br />
evaluated based on outcome indicators such as<br />
monitoring and evaluating billing and coding<br />
error rates and identifying overpayments.<br />
In addition to evaluating outcome indicators,<br />
the OIG recommends hospitals evaluate the<br />
seven elements through probing questions,<br />
including, but not limited to, the following:<br />
1. <strong>Compliance</strong> officer and committee<br />
■ Does the compliance department have a<br />
clear, well-crafted mission<br />
■ Is the compliance department properly<br />
organized<br />
■ Does the compliance department have<br />
sufficient resources<br />
■ Is there an active compliance committee,<br />
comprised of trained representatives<br />
from each of the relevant functioning<br />
departments<br />
■ Does the compliance officer have direct<br />
access to the governing body, CEO and<br />
legal counsel<br />
■ Does the compliance officer have a good<br />
working relationship with other key<br />
operational areas<br />
■ Does the compliance officer make regular<br />
reports to the board of directors and senior<br />
management<br />
2. Development of compliance polices<br />
and procedures<br />
■ Are policies and procedures clearly written<br />
■ Does the hospital monitor compliance<br />
with internal policies and procedures<br />
■ Have the standards of conduct been distributed<br />
to all members of the board of<br />
directors, officers, managers, employees,<br />
contractors, medical and clinical staff<br />
■ Has the hospital developed and implemented<br />
a risk assessment tool<br />
■ Does the risk assessment tool include an<br />
evaluation of federal health care program<br />
requirements<br />
3. Open lines of communication<br />
■ Has the hospital promoted a culture<br />
encouraging open communication without<br />
fear of retribution<br />
■ Has the hospital established an anonymous<br />
hotline or similar reporting mechanism<br />
■ Is the hotline or other reporting mechanism<br />
well publicized<br />
■ Are all instances of potential fraud and<br />
abuse investigated<br />
■ Are results of the investigation shared<br />
with the governing body and relevant<br />
departments<br />
4. Appropriate training and education<br />
■ Does the hospital provide qualified<br />
trainers<br />
■ Does the hospital conduct annual<br />
compliance training<br />
■ Is the training both general in nature and<br />
specific to pertinent staff responsibilities<br />
■ Does the hospital evaluate the contents of<br />
its education program annually<br />
■ Has the hospital kept current with<br />
changes in federal health care program<br />
requirements<br />
■ Does the hospital seek feedback after each<br />
training session to identify strengths and<br />
weaknesses of the compliance program<br />
■ Does the hospital administer post-training<br />
tests<br />
■ Has the hospital’s governing body been<br />
provided with appropriate training<br />
■ Has the hospital properly documented<br />
who has completed the training<br />
5. Internal monitoring and auditing<br />
■ Is the audit work plan reevaluated annually<br />
■ Does the work plan address the appropriate<br />
levels of concern<br />
■ Does the work plan include an assessment<br />
of billing systems<br />
■ Is the role of the auditors clearly<br />
established and are coding and auditing<br />
personnel independent and qualified<br />
■ Has the hospital evaluated the error rates<br />
identified in the annual audits<br />
■ Does the audit include a review of all<br />
billing documentation, including clinical<br />
documentation<br />
Continued on page 40<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
January 2006<br />
39
The OIG’s roadmap for effective compliance programs ...continued from page 39<br />
6. Response to detected deficiencies<br />
■ Has the hospital created a response team<br />
to evaluate detected deficiencies<br />
■ Are all deficiencies thoroughly and<br />
promptly investigated<br />
■ Are corrective actions taken to resolve<br />
compliance violations<br />
■ Are subsequent periodic reviews performed<br />
to verify that corrective actions<br />
have eliminated compliance problems<br />
■ Are overpayments promptly identified and<br />
returned to the fiscal intermediary or<br />
other payors<br />
■ Are compliance violations promptly reported<br />
to the appropriate law enforcement<br />
agency, if required<br />
7. Enforcement of disciplinary standards<br />
■ Are disciplinary standards publicized to all<br />
hospital personnel<br />
■ Are disciplinary standards consistently<br />
enforced throughout the organization<br />
■ Are enforcement actions of disciplinary<br />
standards properly documented<br />
■ Are employees, contractors, medical and<br />
clinical staff checked routinely against the<br />
government sanctions list<br />
In summary, there are at least three ways a<br />
hospital can evaluate the effectiveness of its<br />
compliance programs. The first is for the hospital<br />
to conduct an internal review using its<br />
own personnel. Note: The OIG cautions that<br />
the reviewers should be independent of linemanagement.<br />
In other words, the reviews<br />
should be conducted as independently and<br />
objectively as possible.<br />
The second way is to utilize external consultants.<br />
This generally provides an independent<br />
and objective evaluation of the compliance<br />
program’s ability to meet the seven elements<br />
required for effective compliance programs.<br />
The third way is through a government<br />
investigation. Government investigators have<br />
the right to request copies of the compliance<br />
plan and standards of conduct and to review<br />
the hospital’s compliance activities to determine<br />
if the compliance program is effective.<br />
Without a doubt, hospitals should perform<br />
their own compliance effectiveness reviews at<br />
least annually to evaluate if their compliance<br />
programs are operating properly. The OIG has<br />
provided a good roadmap of its expectations<br />
for an effective compliance program. Now,<br />
hospitals are in the driver’s seat to develop and<br />
maintain effective compliance programs. ■<br />
A new value proposition ...continued from page 31<br />
Legal and regulatory context<br />
The emerging control frameworks converge<br />
for the purposes of SOX section 404 and the<br />
development of compliance programs.<br />
Another common denominator is the focus<br />
on antifraud programs and controls. Each of<br />
the standards establishes criteria for evaluating<br />
such controls from a distinct vantage point.<br />
The COSO framework 3 establishes criteria for<br />
internal control over financial reporting which<br />
forms the basis of management and auditor<br />
obligations under SOX 404. The standards<br />
under the amended U.S. Sentencing<br />
Guidelines for Organizations are designed to<br />
address what prosecutors and courts look for<br />
in determining whether an organization has<br />
exercised due diligence in establishing a program<br />
to prevent and deter violations of law.<br />
The listing requirements of the stock<br />
exchanges define certain control standards in<br />
greater detail. Still, the various criteria share<br />
similar characteristics that can be organized<br />
under the overall COSO framework.<br />
Sarbanes-Oxley and ensuing<br />
regulations and standards<br />
Reaffirming the obvious, Sarbanes-Oxley is<br />
focusing attention on standards that will have<br />
far-reaching governance and control expectations<br />
on organizational compliance systems. It<br />
is now abundantly clear that many of the principles<br />
found in Sarbanes-Oxley overlap and<br />
complement existing compliance guidances,<br />
and those principles are being further adopted<br />
and enhanced by other regulatory authorities.<br />
To further restate what is well known, the<br />
credibility of public company financial reporting<br />
was undermined following a string of corporate<br />
accounting scandals. These events led<br />
to a number of proposals to improve the<br />
financial reporting process and restore investor<br />
confidence. In 2002, Congress passed the<br />
Sarbanes-Oxley Act 4 to improve the integrity<br />
of financial reporting and to restore public<br />
confidence. Subsequently, the Securities and<br />
Exchange Commission (SEC), various stock<br />
exchanges, and the National <strong>Association</strong> of<br />
Securities Dealers adopted rules and regulations<br />
mandating processes tailored to meet the<br />
requirements of the new law.<br />
Failures in internal control, particularly over<br />
financial reporting, were among the specific<br />
concerns addressed by Congress in SOX. 5<br />
Congress required that management affirmatively<br />
report on a company’s internal control<br />
over financial reporting, and that auditors<br />
attest to the accuracy of management’s report.<br />
The Act thus created the Public Company<br />
Accounting Oversight Board (PCAOB) to<br />
oversee the audits of public companies.<br />
Organizations use internal controls as safeguards<br />
and checks on a variety of processes<br />
January 2006<br />
40<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
including the three objectives set forth under<br />
COSO: financial reporting, operating efficiency<br />
and effectiveness, and compliance<br />
with applicable laws and regulations. Most<br />
companies and their auditors will use the<br />
COSO framework, which has been deemed<br />
suitable by the PCAOB for purposes of management’s<br />
assessment. 6 The COSO integrated<br />
framework includes five components of<br />
internal control (Control Environment, Risk<br />
Assessment, Control Activities, Information<br />
and Communication, and Monitoring) that<br />
are also acknowledged by the PCAOB.<br />
SOX refers explicitly to controls related to the<br />
prevention, identification and detection of<br />
fraud. And the PCAOB repeatedly notes that<br />
strong internal controls provide better opportunities<br />
to detect and deter fraud. 7 Although<br />
antifraud programs and controls must include<br />
all five components of COSO, special<br />
emphasis is placed on the control environment,<br />
8 such as tone at the top, because of its<br />
pervasive effect on the achievement of many<br />
overall objectives of control criteria.<br />
Amendments to the Organizational<br />
Sentencing Guidelines<br />
Prior to SOX, the U.S. Sentencing<br />
Commission adopted the Federal Sentencing<br />
Guidelines (FSG) which introduced the<br />
seven criteria for management of ethics and<br />
compliance risk, 9 and that have served as the<br />
primary framework for compliance program<br />
effectiveness. The FSG and COSO frameworks<br />
share many characteristics. Much of<br />
the FSG criteria are contained in the components<br />
of COSO, especially under the control<br />
environment. However, a main distinction is<br />
that as a practical matter, the FSG only<br />
requires evaluation of its elements when a<br />
company is seeking to mitigate penalties for<br />
corporate misconduct. Additionally, if a<br />
Department of Justice attorney finds that a<br />
truly effective compliance program has been<br />
implemented, this “may result in a decision<br />
to charge only the corporation’s employees<br />
and agents” and not the organization itself. 10<br />
This year the U.S. Sentencing Commission<br />
voted to amend the existing guidelines. 11<br />
These amendments narrow even further the<br />
differences between the Guidelines and the<br />
COSO framework. Many of the same forces<br />
that led to the Sarbanes-Oxley requirements<br />
had led to the initiation of the FSG and the<br />
new amendments.<br />
The amendments approved by the<br />
Commission make the standards for compliance<br />
and ethics programs more rigorous and<br />
put greater responsibility on boards of directors<br />
and executives for the oversight and<br />
management of such programs. Board directors<br />
and senior management must now take<br />
active roles in the content and operation of<br />
ethics and compliance programs. Similarly,<br />
SOX devotes considerable attention on how<br />
to ensure adequate board and management<br />
oversight.<br />
Significantly, the FSG states that the organization<br />
must issue standards of conduct and<br />
internal control systems that reduce criminal<br />
activity and detect and prevent violations<br />
of law. Just like SOX, the organizational sentencing<br />
guidelines recognize the value of<br />
internal controls and view them as an essential<br />
feature of an effective compliance program.<br />
Under the FSG, internal controls are<br />
tied to risk assessment and monitoring activities—also<br />
to COSO components.<br />
The value proposition<br />
As noted, many of the attributes of the<br />
COSO components and their points of focus<br />
implicate a compliance program under the<br />
organizational sentencing guidelines. The<br />
amendments to the FSG are therefore a<br />
means for a compliance officer to get more<br />
involved in Sarbanes-Oxley compliance. The<br />
function is pivotal because many of the compliance<br />
processes undertaken by the compliance<br />
program can be applied to the SOX<br />
internal control requirements.<br />
Yet in most cases, SOX is managed out of a<br />
unit under the purview of the controller’s<br />
office or internal audit. And most of those<br />
outside a compliance or legal department are<br />
unaware of the compliance standards under<br />
the FSG. As a result, many in charge of managing<br />
SOX 404 implementation or assessment<br />
are not familiar with the elements of<br />
effective compliance processes.<br />
What should be apparent is that involvement<br />
in the SOX internal control process can set<br />
the stage for demonstrating compliance effectiveness<br />
to mitigate penalties if the occurrence<br />
of fraud or corporate misconduct<br />
should occur. Given the overlap between the<br />
FSG and SOX, it makes sense to leverage<br />
and integrate compliance program activities<br />
with those of SOX internal control implementation<br />
and assessment. What are likely to<br />
emerge are the best practice standards that<br />
for organizations can also serve as a demonstration<br />
of compliance program effectiveness<br />
to the government.<br />
The following are areas of opportunities for<br />
an organization contemplating a formal compliance<br />
program, or for an existing compliance<br />
officer to consider:<br />
Integration of control processes. There is<br />
often a tendency to compartmentalize compliance<br />
responsibilities (e.g., SOX, FSG, industryspecific<br />
legal mandates, etc.). But consider the<br />
benefits to managing these processes with similar<br />
controls and technology. Otherwise organizations<br />
can face inefficient and ultimately fragmented<br />
compliance processes. A compliance<br />
Continued on page 42<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
January 2006<br />
41
A new value proposition ...continued from page 41<br />
officer responsible for coordinating all compliance<br />
efforts can result in an integrated and more<br />
effective compliance program.<br />
Although SOX 404 focuses on the COSO<br />
objective of the reliability of financial reporting,<br />
there are areas where there will be overlap with<br />
internal controls over operations and compliance<br />
with applicable regulations. 12 Some compliance<br />
controls may be relevant to financial<br />
reporting, thus there is the prospect of including<br />
the COSO compliance objective with SOX<br />
financial reporting control efforts to further<br />
drive business performance. A compliance officer<br />
can also play a role in a company’s disclosure<br />
controls and procedures under SOX section<br />
302, particularly non-financial information that<br />
is required by the SEC to be divulged.<br />
Moreover, for complex industries, an ineffective<br />
regulatory compliance function in which violations<br />
of laws and regulations could have a material<br />
effect on the reliability of financial reporting<br />
is said to be regarded as at least a significant<br />
deficiency and a strong indicator of a material<br />
weakness under the new auditing standard. 13<br />
Reliance on compliance work and activities<br />
by external auditors. Another opportunity<br />
arises from the flexibility that public<br />
auditors are afforded under the new auditing<br />
standard established by the PCAOB, to use<br />
the work of others when evaluating internal<br />
control effectiveness. The PCAOB notes that<br />
this is “strong encouragement for companies<br />
to develop high-quality internal audit, compliance,<br />
and other such functions” 14 (emphasis<br />
added). Accordingly the work of the compliance<br />
program can serve a dual purpose in<br />
supporting an efficient audit of internal control,<br />
while providing documentation of the<br />
effectiveness of the compliance program itself.<br />
Areas of overlap under COSO. A significant<br />
area of overlap between SOX 404 and<br />
the FSG involves control environment objectives<br />
under COSO. Several control environment<br />
factors entail activities that have become<br />
the province of the compliance program. For<br />
example, the integrity and ethical values<br />
attribute involves the code of conduct which<br />
is a compliance program responsibility where<br />
the function exists. The hotline is often managed<br />
by the compliance department and can<br />
be viewed as a control environment and/or<br />
information and communication factor.<br />
Training on the code of conduct and fraud<br />
areas is considered an attribute under information<br />
and communication. Many of the human<br />
resource policies and practices attributes under<br />
the control environment entail features of a<br />
compliance program under the FSG (e.g.,<br />
employee background checks, appropriate<br />
incentives, and disciplinary practices).<br />
A new provision of the organizational sentencing<br />
guidelines is the importance of performing<br />
on-going risk assessments on the<br />
likelihood of compliance violations, and to<br />
use those results to modify features of the<br />
compliance program, and to prioritize compliance<br />
resources and activities. Again, this is<br />
similar to the expectations for fraud control<br />
under COSO and the PCAOB.<br />
If you can’t beat them, join them. In the<br />
health care and pharmaceutical industries and<br />
other highly regulated business sectors, compliance<br />
programs and senior compliance officers<br />
have become customary and an expectation<br />
of government regulators and enforcement<br />
agencies. Congress and government<br />
agencies have even made clear their perspective<br />
that a compliance function should be<br />
freestanding from the general counsel and the<br />
finance functions. 15 Not surprisingly, compliance<br />
programs did not become the norm<br />
until they were foisted on several organizations<br />
through agreements with the government<br />
known as corporate integrity agreements<br />
(CIA). The enforcement of the False<br />
Claims Act in health care resulted in CIAs<br />
that have mandated compliance programs,<br />
which essentially track the elements of an<br />
effective compliance program under the FSG.<br />
Interestingly, the SEC has started to require<br />
certain compliance measures, such as the<br />
appointment of a compliance officer, in a settlement<br />
through a consent judgment. 16<br />
Already in response to the mutual fund scandals,<br />
we’ve seen the SEC issue a new rule<br />
requiring registered investment companies<br />
and advisors to designate a chief compliance<br />
officer, and to have ethics codes and policies<br />
and procedures designed to prevent violations<br />
of securities laws.<br />
So an additional benefit of being able to<br />
demonstrate the existence of an effective<br />
compliance program is that the SEC or other<br />
enforcement agency will be less likely to<br />
impose one on the program and/or will<br />
reduce the scope and extent of the CIA<br />
terms. Of course, this is in addition to the<br />
mitigation of penalties under the FSG for<br />
having an effective compliance program. The<br />
burdens of a mandated program are heavy<br />
indeed (annual reporting obligations, retention<br />
of an independent review organization,<br />
penalties for CIA failures, etc.).<br />
Finally—Effectiveness<br />
It has been implied in this discussion, that the<br />
existence of a compliance program with the<br />
features described in the FSG will constitute<br />
an effective one. In truth, it remains to be<br />
better defined what the government will<br />
accept as proof of an effective program.<br />
Unfortunately, data from the U.S. Sentencing<br />
Commission is somewhat limited in demonstrating<br />
any trends that the FSG may have on<br />
reducing penalties and influencing corporate<br />
behavior, and it is empirically difficult to test<br />
its impact. 17 Given the growing awareness of<br />
ethics and compliance programs, one might<br />
January 2006<br />
42<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org
expect a measurable impact of compliance<br />
program effectiveness on an organization’s<br />
financial reputation—however the direct<br />
impact is unclear. 18<br />
Nonetheless it is clear there is growing awareness<br />
of the value of a compliance program.<br />
With the amended organizational guidelines<br />
coming into effect, it is expected that more<br />
specific methods for assessing and measuring<br />
effectiveness will result. Today’s leading<br />
companies are expected not only to produce<br />
superior goods and services but to adhere to<br />
basic ethical principles and exercise principled<br />
judgment in carrying out their affairs—<br />
including accepting responsibility for misdeeds.<br />
19 New standards for corporate performance<br />
are emerging that encompass both<br />
financial and moral dimensions.<br />
If features of a compliance program that are<br />
reviewed under SOX 404 and PCAOB<br />
Auditing Standard Number 2 can pass<br />
muster with management’s own assessment,<br />
and the review of the public auditor, then a<br />
case can be made that those aspects of the<br />
compliance program are indeed effective.<br />
The more a compliance officer is integrated<br />
into SOX 404 efforts, and a compliance program<br />
is considered part of a company’s overall<br />
internal control framework, the more likely<br />
that concrete underlying structure and<br />
process measures can be gathered to validate<br />
the effectiveness and value of the program.<br />
At a minimum, the internal control work<br />
done for SOX 404 can be part of the regular<br />
review of the compliance program to assess<br />
how it is functioning.<br />
Internal controls are defined broadly and<br />
encompass more than financial reporting—it<br />
extend to every significant goal a company<br />
has established. The importance and relevance<br />
of a compliance program and officer<br />
should not be underestimated as the relationship<br />
between internal controls and management’s<br />
responsibilities becomes increasingly<br />
clear. ■<br />
1. Gary W. Thompson, “Multifaceted Approach to Corporate<br />
Governance Reform: The Role of Corporate <strong>Compliance</strong><br />
Programs and Officers” in Prevention of Corporate<br />
Liability, Vol. 11, No. 8, 09/15/2003, pp. 97-99, 100<br />
(Washington, D.C., BNA, Inc.).<br />
2. See e.g., Insurance Fraud: The Quiet Catastrophe<br />
(Insurance Research and Publications, Conning and<br />
Company, 1996), an insurance industry study which<br />
defined return on investment (ROI) as the ratio of money<br />
saved to money spent fighting fraud, and found an average<br />
ROI of $6.88 (Referenced by the Coalition Against<br />
Insurance Fraud at<br />
www.insurancefraud.org/rc_research_set.html); Seizing the<br />
Opportunity, Part One: Benchmarking <strong>Compliance</strong><br />
Programmes (Corporate Executive Board, General Counsel<br />
Roundtable, 2003), which found that each additional dollar<br />
spent on compliance, returns $5.21 on average. Also, the<br />
National <strong>Health</strong>care Anti-Fraud <strong>Association</strong> purportedly<br />
maintains information of the ROI of the special investigations<br />
units of its member organizations. (See reference to<br />
Annual Anti-Fraud Management Survey Report at<br />
www.nhcaa.org/about_nhcaa/).<br />
3. COSO issued Internal Control—Integrated Framework in<br />
1992, and recently issued Enterprise Risk Management—<br />
Integrated Framework. More information on COSO and its<br />
frameworks can be found at http://www.coso.org/.<br />
4. Sarbanes-Oxley Act, 15 U.S.C. §7202 (2002). In particular,<br />
see the internal control requirements under §404 of SOX.<br />
5. PCAOB Release No. 2004-001 (March 9, 2004), p. 2.<br />
6. PCAOB Auditing Standard No. 2, para. 14.<br />
7. PCAOB Release No. 2004-001 (March 9, 2004) pp. 4, 24;<br />
Auditing Standard No. 2, paras. 24, 25, 40, 53, 115.<br />
8. PCAOB Auditing Standard No. 2, paras. 25, 52, 53.<br />
9. U.S. Sentencing Commission Guidelines, Guidelines<br />
Manual, 8A1.2, comment note 3(k)(7).<br />
10. Federal Prosecutions of Business Organizations (the<br />
Thompson Memo), United States Attorneys’ Manual,<br />
Department of Justice, Title 9 (Criminal Resource Manual),<br />
No. 162, VII-B. See<br />
http://www.usdoj.gov/usao/eousa/foia_reading_room/usam/t<br />
itle9/crm00162.htm.<br />
11. The amendments go into effect on November 1, 2004,<br />
unless Congress disapproves. An executive summary and the<br />
full report of the amendments can be found at the U.S.<br />
Sentencing Commission Web site located at www.ussc.gov.<br />
The case Blakely v. Washington has raised issues about the<br />
constitutionality of the federal sentencing guidelines. The<br />
U.S. Supreme Court has heard two cases on the use of the<br />
sentencing guidelines.<br />
12. See PCAOB Auditing Standard No. 2, para. 15.<br />
13. PCAOB Auditing Standard No. 2, para. 140.<br />
14. PCAOB Release No. 2004-001 (March 9, 2004), p. 19.<br />
15. Guidance provided by the United States Department of<br />
<strong>Health</strong> and Human Services’ Office of the Inspector<br />
General (OIG) indicates that it is “not advisable for the<br />
compliance function to be subordinate to . . . the general<br />
counsel or controller or similar financial officer” which can<br />
be found in the voluntary compliance program guidances<br />
issued by the OIG (see http://oig.hhs.gov/fraud/complianceguidance.html).<br />
U.S. Senator Grassley has stated there<br />
is an inherent conflict with the compliance officer and general<br />
counsel being the same person (see Grassley investigates<br />
Tenet <strong>Health</strong> care’s Use of Federal Tax Dollars, September<br />
25, 2003, letter to Tenet <strong>Health</strong>care Corporation).<br />
16. See Gary W. Thompson, “Is the SEC Learning to Spell CIA:<br />
The Prospect of Mandated Corporate <strong>Compliance</strong> in SEC<br />
Enforcement Actions” in Corporate Accountability Report,<br />
Vol. 1, No. 34, 09/19/2003, pp. 920-921 (Washington,<br />
D.C., BNA, Inc.).<br />
17. See discussion on the sentencing data and the impact of the<br />
FSG in the Report of the Ad Hoc Advisory Group on the<br />
Organizational Sentencing Guidelines (October 7, 2003).<br />
The report can be found at the U.S. Sentencing<br />
Commission website located at www.ussc.gov.<br />
18. The link between corporate profits and corporate citizenship<br />
has been studied for decades without resolution. Some surveys<br />
have found that customer loyalty, employee retention<br />
and reputation are positively impacted by corporate responsibility.<br />
See Joshua Daniel Margolis and James Patrick<br />
Walsh, People and Profits The Search for a Link Between a<br />
Company’s Social and Financial Performance (Mahwah, NJ:<br />
Lawrence Erlbaum Associates Publishers, 2001) which summarizes<br />
studies utilizing various accounting, market, and<br />
outcome indicators.<br />
19. See generally Lynn Sharp Paine, Value Shift: Why<br />
Companies Must Merge Social and Financial Imperatives to<br />
Achieve Superior Performance (New York, NY: McGraw-<br />
Hill, 2003), for discussion on how companies are being<br />
measured against performance standards that are qualitatively<br />
different from those in the past.<br />
Register Now!<br />
HCCA<br />
COMPLIANCE<br />
ACADEMIES<br />
■ March 20-23, 2006<br />
Hilton Dallas<br />
Lincoln Centre<br />
Dallas, TX<br />
■ June 5-8, 2006<br />
Hilton Scottsdale<br />
Resort & Villas<br />
Scottsdale, AZ<br />
For more information<br />
or to register, visit<br />
HCCA’s Web site at<br />
www.hcca-info.org or call<br />
HCCA at 888-580-8373.<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
January 2006<br />
43
The <strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong><br />
welcomes the following new members and<br />
organizations. Please update any contact<br />
information using the Member Center on<br />
the Web site, or e-mail Karrie Hakenson<br />
(karrie.hakenson@hcca-info.org) with<br />
changes or corrections.<br />
Puerto Rico<br />
■ Juan R. Arbona, PhD, JD, Abbott<br />
Laboratories PR, Inc<br />
Texas<br />
■ Diana Adams, RRA, Inc<br />
■ Joy Biddy, Medical Clinic of Houston, L.L.P.<br />
■ Nancy B. Bowman, US<strong>MD</strong> Hospital at<br />
Arlington<br />
■ Elaine Carroll, City of Austin<br />
■ Joy Choate, DFB Pharmaceuticals Inc<br />
■ Mark D. Chouteau, Brown McCarroll LLP<br />
■ Sharlene Daniels, MAHS, City of Austin<br />
Hospital District<br />
■ Hal Davis, Memorial <strong>Health</strong> System<br />
■ Jackie Davis-Willett, TERM Billing Inc<br />
■ Shannon De La Paz, Memorial Hermann<br />
<strong>Health</strong>care System<br />
■ CarolAnn Dixon, Hopkins County<br />
Memorial Hosp<br />
■ Kristen Dozier, Intermedix, Inc<br />
■ Elizabeth Esparza, Austin Cancer Centers<br />
■ Sylvia Fletcher, RN, MSN, Doctors Hosp<br />
Dallas<br />
■ Cindy Foley, Texas Back Institute Research<br />
Foundation<br />
■ Adele Giles, MBA, Nix <strong>Health</strong> <strong>Care</strong> System<br />
■ Krista Lee Guerra, Brown McCarroll, LLP<br />
■ Sharon Haynie, CHRISTUS <strong>Health</strong><br />
■ Brad Hicks, FIRSTCARE<br />
■ Dianna D. Johnson, Austin Radiological<br />
<strong>Association</strong><br />
■ Ken A. Johnson, Quest Diagnostics<br />
■ Jack Keller, <strong>Health</strong>Texas Medical Group<br />
■ Jeff Keyser, Encysive Pharmaceuticals<br />
■ Rebecca Komkov, Seton <strong>Health</strong>care<br />
Network<br />
■ Michael Eric Kreck, Texas Tech Univ. HSC<br />
■ Philip LeBlanc, CPA, Valley Baptist Hlth Sys<br />
■ Jason Mattern, Intermedix, Inc<br />
■ Jeremy Mattern, Intermedix, Inc<br />
■ Jennifer Mazzone, VA North Texas <strong>Health</strong><br />
<strong>Care</strong> System<br />
■ Melissa McCall, CPC, Texas Tech Univ Hlth<br />
Sciences Ctr, Odessa<br />
■ Sheila McDaniel<br />
■ William McDonald, CHRISTUS <strong>Health</strong><br />
■ Dorrie McMillan, N TX Affiliated Med Grp<br />
■ Mary Ann Missman, CHRISTUS <strong>Health</strong><br />
■ Wanda J. Murphy, MSN, Bellaire Med Ctr<br />
■ Donna Ohnmeiss, TBI Research Fnd<br />
■ Ann Marie Paradowski, Tomball Regional<br />
■ Nicholas Parish, CPC, Per-Se Technologies<br />
■ Carol Phelps, Texas <strong>Health</strong> Resources<br />
■ Scott Reichel, BA, Intermedix, Inc<br />
■ Jane Rogers, RHIA, UT Southwestern<br />
Mancrief Cancer Ctr<br />
■ Leonard Rosenfeld, Tenet, Santa Barbara<br />
■ Julie G. Rowell, Wilson Memorial Hosp Dist<br />
■ Sandra Saunders, Thomason Hospital<br />
■ Stuart Schroeder, BBS, MPA, Medical Arts<br />
Clinic<br />
■ Michael Sherwood, Triad Hospitals Inc<br />
■ Laura Silva, TX Tech Univ <strong>Health</strong> Sci Ctr<br />
■ Mathew Spencer, TX Tech Univ <strong>Health</strong> Sci<br />
Ctr<br />
■ H Allen Strickland, BBA, JD, McKenna<br />
Hlth Sys<br />
■ Cindy Strzelecki, MBA, RN, Methodist<br />
Hlthcare Sys of San Antonio LLP<br />
■ Deborah Terry, CHRISTUS <strong>Health</strong><br />
■ Diane Thomas, UTHSCSA<br />
■ Molly Tomlin, Texas Home <strong>Health</strong><br />
■ Roberta Vanderburg, Hopkins County<br />
Memorial Hosp<br />
■ Javier Vergne-Morell,<br />
■ Eric J. Weatherford, JD, Brown McCarroll,<br />
LLP<br />
■ Jeff B. Wieters, BS, RHIA, Department<br />
Veterans Affairs<br />
Utah<br />
■ Victoria Holzman, Uintah Basin Medical<br />
Center<br />
■ Robyn Johns, Med USA Inc<br />
■ Marie Smith, LDS Hospital<br />
Vermont<br />
■ Mary Lou Beaulieu, Northwestern Med Ctr<br />
■ Robert Soucy, Retreat <strong>Health</strong>care<br />
■ David J. Spielman, J.D., C.H.C., Paul,<br />
Frank & Collins PC<br />
Virginia<br />
■ George Butler, Bon Secours Virginia<br />
<strong>Health</strong>Source<br />
■ James L. Haines, American <strong>Health</strong>care, LLC<br />
■ William Keating, Navigant Consulting, Inc<br />
■ William T. Keevan, Navigant Consulting,<br />
Inc<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
■ Katheine W. Keith, MHA, Inova <strong>Health</strong> Sys<br />
■ Mary Laboy, Riverside <strong>Health</strong> System<br />
■ Mary O’Bryant, Fauquier Hospital<br />
■ David C. Pribble, Obici <strong>Health</strong> System<br />
■ Robin Scott, Dept of Veteran Affairs<br />
■ Debra Thompson, ValueOptions, Inc<br />
■ Jean O. Worthman, VCO Medical Cntr<br />
Washington<br />
■ Bradley J. Berg, Foster Pepper & Shefelman<br />
PLLC<br />
■ Harold W. Brockman, MBA, Kittitas Valley<br />
Community Hosp<br />
■ Rob Brown, Univ of WA Medical Cntr<br />
■ David L. Corn, Harrison Memorial Hosp<br />
■ April Durland, First Choice <strong>Health</strong><br />
■ Brent R. Eller, Davis Wright Tremaine, LLP<br />
■ Lisa George, Providence Everett Medical Ctr<br />
■ Deborah Hassler, MS, Central Wash. Hosp<br />
■ Debra Ann Jinkens, VA Medical Center<br />
■ Christopher J. Knapp, Anderson Hunter<br />
■ Debbie L. Miller, RHIT, Seattle Cancer <strong>Care</strong><br />
Alliance<br />
■ Lori Nomura, Foster Pepper & Shefelman<br />
■ Kim Oland, Virginia Mason Medical Ctr<br />
■ Kate Riley, PhD, Univ of Washington<br />
■ Bekki Sanchez, Harborview Medical Ctr<br />
■ Debbie Sather, Group <strong>Health</strong> Cooperative<br />
■ Beth Ann Saul, Seattle Cancer <strong>Care</strong> Alliance<br />
■ Gayle Seyl, Virginia Mason Medical Ctr<br />
■ Bradley Sharman, Jr., Virginia Mason<br />
Med Cntr<br />
■ Bill Smith, CliniTech Information Resources<br />
■ Chuck P. Stillwaggon, Orthopedics<br />
Northwest, PLLC<br />
■ Susan Treiber, Ossur Generation II<br />
■ Brandi Varnell, RN, Community Hlth Ctr<br />
of Snohomish County<br />
■ Robert Wamsley, AA, Empire <strong>Health</strong> Svcs<br />
■ Becky Williams, Davis Wright Tremaine LLP<br />
West Virginia<br />
■ Carole A. Bachtel, VA Medical Center<br />
■ Heather Caldwell, MBA, St Mary’s Med Ctr<br />
■ Sara P. Marks, Ultimate Hlth Svcs Inc<br />
■ Donna Perkins, VA Medical Center<br />
■ Tara Steed Marsh, Univ <strong>Health</strong> Associates<br />
Wisconsin<br />
■ Judith Clay, VA Medical Center<br />
■ Gail Coleman, Elder <strong>Care</strong> of Wisconsin, Inc<br />
■ Nancy E. Faber, WI IL Senior Housing, Inc<br />
■ Kathy Johnson, Dean <strong>Health</strong> Plan<br />
■ Sheryl Krueger Dix, BSN, RN, CPHQ,<br />
Froedtert & Community <strong>Health</strong><br />
January 2006<br />
45
New HCCA Members ...continued from page 45<br />
January 2006<br />
46<br />
■ Andrea McElroy, Beverly Enterprise<br />
■ Kenneth Schelfhout, VA Medical Ctr<br />
■ Steve Schreiner, MBA, MC Strategies<br />
■ J Paul Spencer, CPC, CPC-H, Integrated<br />
Billing Systems<br />
Wyoming<br />
■ Debra Cummings, Torrington Community<br />
Hosp - Banner <strong>Health</strong><br />
■ Joseph Devin, Banner <strong>Health</strong> Washakie<br />
Medical Ctr<br />
■ Andy Fitzgerald, Campbell County<br />
Memorial Hospital<br />
■ Ed Johlman, Platte County Memorial<br />
Hospital<br />
The following individuals joined HCCA<br />
between May and October 2005:<br />
Alabama<br />
■ Tedra Bonar, MSHA, MBA, <strong>Health</strong>South<br />
Corp<br />
■ Connie Davis, Decatur General Hospital<br />
■ Crystal Hicks, RN, MSN, CPC, UAHSF<br />
Alaska<br />
■ David Garrison, SEARHC<br />
■ Teri L. Johnson, RT(R)(M)(CT),CNMT,<br />
Alaska Open Imaging Center<br />
■ Karen Pedersen, Southcentral Fondation<br />
■ Aleita Sirevog, Ketchikan Indian<br />
Community<br />
■ Jeanette Pauline Stubbend, Southcentral<br />
Foundation<br />
Arizona<br />
■ Lee Coffman, MAOM, Planned Parenthood<br />
of Central & North AZ<br />
■ Amber L A Iglesias, CPC, CPC-H, Univ<br />
Physicians <strong>Health</strong>care<br />
■ Roland Knox, Mt Graham Regional Med<br />
Ctr<br />
■ Nancy Milner, Yavapai Regional Medical<br />
Center<br />
■ Cheryl J. Murphy, Sierra Vista Regional<br />
Hlth Ctr<br />
■ Kristen Rosati, Coppersmith, Gordon,<br />
Schermer, Owens & Nelson, PLC<br />
■ Cynthia Sehr, Doctors Community<br />
<strong>Health</strong>care Corp<br />
Arkansas<br />
■ Sandra Nugent, HSC Medical Center<br />
California<br />
■ Sunday Aigboboh<br />
■ Veronica Angulo, MPH, Kaiser Permanente<br />
■ Donovan L. Ayers, Blue Shield of CA<br />
■ Ken Ayers, Kaiser Permanente<br />
■ Lee Beck, Team <strong>Health</strong><br />
■ John Stanley Bokosky, St. Joseph Hospital<br />
■ Anita Booker, MPA, San Mateo Medical Ctr<br />
■ Robin Bowe, Kern Medical Ctr<br />
■ Stephen Campbell, Cymetrix<br />
■ Richard J. Carter, PhD, R Carter &<br />
Associates<br />
■ Nicholas R. Caster, BS, Palo Alto Medical<br />
Foundation<br />
■ William E. Chaltraw, Baker Manock &<br />
Jensen<br />
■ Jay D. Christensen, Christensen & Auer<br />
■ Julianne Chun, City of Hope Nat’l Med Ctr<br />
■ David Coronado, Navigant Consulting<br />
■ Debra Dansky Pierce, Mact <strong>Health</strong> Board<br />
Inc<br />
■ Holly Delaney, CPMC<br />
■ Dennis Demetre, AMG-SIU<br />
■ Londa Freeman, Kaiser Permanente<br />
■ Laurie P. Frye, MPH, Sequoia Community<br />
<strong>Health</strong> Centers<br />
■ Ana Marino Ghosh, Dept of Public Hlth,<br />
City & Co of SF<br />
■ Michael Gillis, UC Davis Medical Ctr<br />
■ Geoffrey A. Goodman, Murphy Austin<br />
Adams Schoenfeld, LLP<br />
■ Rohit Gupta, Deloitte & Touche<br />
■ Laurie Hanvey, Alvarado Hospital Medical<br />
Center/SDRI<br />
■ Lee Harrison, Pioneers Memorial Hospital<br />
■ Sima Hartounian, Kasier Permanente<br />
■ Karah Herdman, JD, Allergan Inc<br />
■ Maureen Hewitt, Episcopal Homes<br />
Foundation<br />
■ Hilde Hithe, Kaiser Permanente<br />
■ Leah D. Hunter, RN, BS, Livingston<br />
Memorial Visiting Nurse Assoc<br />
■ Claudia Kanne, Glendale Adventist Med Ctr<br />
■ Arlette Kendall, North Bay <strong>Health</strong>care<br />
■ Kate L. Kingsley, KLKingsley LLC<br />
■ Harris F. Koenig, Centinela Freeman<br />
<strong>Health</strong>Systems<br />
■ Andrea Kuhlen, Imperial County Behavioral<br />
<strong>Health</strong><br />
■ Kofi Kyeremeh, Golden Technology, Inc<br />
■ David M. Levine, UC Davis <strong>Health</strong> System<br />
■ Rafael Eric Maristela, RHIT, CCS, Aptium<br />
Oncology - Cedars Sinai Outpatient Cancer<br />
Ctr<br />
■ Jan Martin, County of Orange<br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
■ Susan M. Muscarella, RN, Kaiser<br />
Permanente<br />
■ Matthew Navigato, Sinaiko <strong>Health</strong>care<br />
Consulting Inc<br />
■ Diane Ott, Kaiser Permanente<br />
■ Laura Padilla, MHA, Kaiser Foundation<br />
Operations<br />
■ Kathy Perkins-Smerdel, BS, Pomona Valley<br />
Hosp Med Ctr<br />
■ Diane Petitti, Amylin Pharmaceuticals Inc<br />
■ Karl Porter, CHC, Napa County Probation<br />
Department<br />
■ Gary Ray, Abramson Church & Stave LLP<br />
■ May Rebischung, Kaiser Permanente<br />
■ Jackie Rittenhouse, Kaiser, National<br />
<strong>Compliance</strong><br />
■ Michele L. Robinson, Kaiser Permanente<br />
■ John L. Rosenthal, LA <strong>Care</strong> <strong>Health</strong> Plan<br />
■ Celia Ryan, RN, MSHA, Kaiser Permanente<br />
■ Bophasy Saukam, San Joaquin Co<br />
Behavioral <strong>Health</strong> Svcs<br />
■ Marilyn Schmidt, Kaiser Permanente<br />
■ Debra M. Schultz, Casa Colina Inc<br />
■ Roxanne Shaw, Kaiser Permanente<br />
■ Allan Siefkin, <strong>MD</strong>, Univ of CA Davis Hlth<br />
System<br />
■ Tracy L. Skinner, Kaiser Permanente<br />
■ Randy Snowden, <strong>Health</strong> & Human Svcs<br />
Agency<br />
■ Maria Stauceanu, <strong>Care</strong> More Medical<br />
Management Co.<br />
■ Amy Tronolone, Dameron Hosp<br />
■ Kelly L. Turner<br />
■ Marisa J. Uribe, California <strong>Health</strong> Plan<br />
■ Alicia Vasquez<br />
■ Rebecca Velie, Evercare ASO Contracts<br />
■ Dee Warrington, Lifemasters<br />
■ Susan L. Waterman, CPC, <strong>Care</strong>More<br />
Medical Enterprises<br />
■ Rachel Weber, Kaiser Permanente<br />
■ Rita Williams, Kaiser Permanente<br />
■ Karen Nicolai Winnett, Preston Gates &<br />
Ellis LLP<br />
■ Phyllis Marie Winston<br />
■ Kelly Wittmeyer, Sutter <strong>Health</strong><br />
■ Kenneth Yood, JD, MPH, Paul Hastings<br />
Janofsky & Walker ■
®<br />
SMART2.o :<br />
bringing HIM people<br />
and HIM technology<br />
together.*<br />
On one side, it’s a technology solution. On the other, a service<br />
solution. SMART2.o is more than a software tool, it’s a technology<br />
solution designed to help you continuously assess coding<br />
accuracy and data quality as an important part of your hospital’s<br />
compliance program.<br />
SMART2.o<br />
For more than 15 years, we’ve worked with HIM professionals<br />
providing affordable tools and services that help them with coding<br />
accuracy, regulatory compliance, data management and reports<br />
to monitor PPS requirements.<br />
So, whether you look at your hospital’s compliance program from<br />
a technology perspective or a service perspective, SMART2.o is<br />
a very smart, very budget-friendly way to work.<br />
To start an in-depth conversation about your particular needs,<br />
contact Doug Barry at 866-792-4920 or visit pwc.com/healthcare<br />
*connectedthinking<br />
© 2005 PricewaterhouseCoopers LLP. All rights reserved. "PricewaterhouseCoopers" refers to PricewaterhouseCoopers LLP (a Delaware limited liability partnership) or, as<br />
the context requires, other member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity. *connectedthinking<br />
and SMART2.o are trademarks of PricewaterhouseCoopers LLP (US).
C ORPORATE C OMPLIANCE & ETHICS:<br />
G UIDANCE FOR E NGAGING Y OUR B OARD<br />
“This video provides an<br />
overview of the Board’s<br />
role in compliance.”<br />
Odell Guyton<br />
Senior Corporate Attorney,<br />
Director of <strong>Compliance</strong>,<br />
Microsoft Corporation<br />
www.corporatecompliance.org<br />
“It’s pretty clear that<br />
the best compliance<br />
program in the world<br />
is meaningless, even if<br />
it’s funded with a good<br />
well-meaning compliance<br />
officer, if the leadership<br />
of the company is not<br />
behind it and isn’t<br />
supportive.”<br />
Bringing the vision of<br />
leadership together<br />
with a compliant and<br />
ethical culture<br />
Honorable<br />
Michael E. Horowitz<br />
Commissioner, United<br />
States Sentencing<br />
Commission<br />
ORDER TODAY!<br />
Name:<br />
Title:<br />
Company:<br />
Address:<br />
City:<br />
Total Payment $ ______________<br />
Invoice Me<br />
Purchase Order # _____________<br />
Check/Money Order<br />
VISA MasterCard American Express<br />
Number<br />
Exp. Date<br />
Non-Members $395<br />
SCCE/HCCA Members $345<br />
State:<br />
Phone:<br />
Fax:<br />
E-mail:<br />
Mail to:<br />
SCCE<br />
5780 Lincoln Drive, Suite 120<br />
Minneapolis, MN 55436<br />
Phone: (888) 277-4977<br />
Zip:<br />
Name of Card Holder<br />
Signature of Card Holder<br />
Code: CT1104<br />
Please make check payable to:<br />
Society of Corporate <strong>Compliance</strong> and Ethics (SCCE)<br />
FAX: (952) 988-0146<br />
Online: www.corporatecompliance.org<br />
E-mail: info@corporatecompliance.org