Select Page

THE OFFICE OF INSPECTOR GENERAL COMPLIANCE PROGRAM GUIDANCE FOR INDIVIDUAL AND SMALL GROUP PHYSICIAN PRACTICES

September 2000

THE OFFICE OF INSPECTOR GENERAL COMPLIANCE PROGRAM GUIDANCE FOR INDIVIDUAL AND SMALL GROUP PHYSICIAN PRACTICES

TABLE OF CONTENTS

I.     INTRODUCTION

A. SCOPE OF THE VOLUNTARY COMPLIANCE PROGRAM GUIDANCE

B. BENEFITS OF A VOLUNTARY COMPLIANCE PROGRAM

C. APPLICATION OF VOLUNTARY COMPLIANCE PROGRAM GUIDANCE

D. THE DIFFERENCE BETWEEN ERRONEOUS AND FRAUDULENT
CLAIMS TO FEDERAL HEALTH PROGRAMS

II.     DEVELOPING A VOLUNTARY COMPLIANCE PROGRAM

A.  THE SEVEN BASIC COMPONENTS OF A VOLUNTARY COMPLIANCE
PROGRAM

B.  STEPS FOR IMPLEMENTING A VOLUNTARY COMPLIANCE PROGRAM

STEP ONE: AUDITING AND MONITORING
1.  Standards and Procedures
2.  Claims Submission Audit

STEP TWO: ESTABLISH PRACTICE STANDARDS AND PROCEDURES
1.  Specific Risk Areas
a.  Coding and Billing
b.  Reasonable and Necessary Services
c.  Documentation
i.  Medical Record Documentation
ii. HCFA 1500 Form
d.  Improper Inducements, Kickbacks and Self-Referrals
2.  Retention of Records

STEP THREE:  DESIGNATION OF A COMPLIANCE OFFICER/CONTACT(S)

STEP FOUR:  CONDUCTING APPROPRIATE TRAINING AND EDUCATION
1.  Compliance Training
2.  Coding and Billing Training
3.  Format of the Training Program
4.  Continuing Education on Compliance Issues

STEP FIVE:  RESPONDING TO DETECTED OFFENSES AND DEVELOPING                     CORRECTIVE ACTION INITIATIVES

STEP SIX:  DEVELOPING OPEN LINES OF COMMUNICATION

STEP SEVEN:  ENFORCING DISCIPLINARY STANDARDS THROUGH WELL-                    PUBLICIZED GUIDELINES

C.  ASSESSING A VOLUNTARY COMPLIANCE PROGRAM
III.     CONCLUSION

APPENDIX A:  ADDITIONAL RISK AREAS

I.  Reasonable and Necessary Services
A.  Local Medical Review Policy
B.  Advance Beneficiary Notices
C.  Physician Liability for Certifications in the Provision of Medical             Equipment and Supplies and Home Health Services
D.  Billing for Non-covered Services as if Covered

II.  Physician Relationships with Hospitals
1.  The Physician Role in EMTALA
2.  Teaching Physicians
3.  Gainsharing Arrangements and Civil Monetary Penalties for
Hospital Payments to Physicians to Reduce or Limit Services to             Beneficiaries
4.  Physician Incentive Arrangements

III.  Physician Billing Practices
1.  Third-Party Billing Services
2.  Billing Practices by Non-Participating Physicians
3.  Professional Courtesy

IV.     Other Risk Areas
1.  Rental of Space in Physician Offices by Persons or Entities to which         Physicians Refer
2.  Unlawful Advertising

APPENDIX B:  CRIMINAL STATUTES

I.  Health Care Fraud (18 U.S.C. 1347)

II.  Theft or Embezzlement in Connection with Health Care (18 U.S.C. 669)

III.  False Statements Relating to Health Care Matters (18 U.S.C. 1035)

IV.  Obstruction of Criminal Investigations of Health Care Offenses (18 U.S.C.     1518)

VI.  Mail and Wire Fraud (18 U.S.C. 1341 and 1343)

VI.  Criminal Penalties for Acts Involving Federal Health Care Programs
(42 U.S.C. 1320a-7b)

APPENDIX C:  CIVIL AND ADMINISTRATIVE STATUTES

I.  The False Claims Act (31 U.S.C. 3729-3733)

II.  Civil Monetary Penalties Law (42 U.S.C. 1320a-7a)

III.  Limitations on Certain Physician Referrals (?Stark Laws?)
(42 U.S.C. 1395nn)

IV.  Exclusion of Certain Individuals and Entities From Participation in
Medicare and Other Federal Health Care Programs (42 U.S.C. 1320a-7)

APPENDIX D:  OIG-HHS CONTACT INFORMATION

I.  OIG Hotline Number

II.  Provider Self-Disclosure Protocol

APPENDIX E:  CARRIER CONTACT INFORMATION

APPENDIX F:  INTERNET RESOURCES

Office of Inspector Generals Compliance Program Guidance for Individual and Small Group Physician Practices

I.      INTRODUCTION

This compliance program guidance is intended to assist individual and small group physician practices (“physician practices”)  in developing a  voluntary compliance program that promotes adherence to statutes and regulations applicable to the Federal health care programs (“Federal health care program requirements”).  The goal of voluntary compliance programs is to provide a
tool to strengthen the efforts of health care providers to prevent and reduce improper conduct.  These programs can also benefit physician practices  by helping to streamline business operations.

Many physicians have expressed an interest in better protecting their practices from the potential for erroneous or fraudulent conduct through the implementation of voluntary compliance programs.  The Office of Inspector General (OIG) believes that the great majority of physicians are honest and share our goal of protecting the integrity of Medicare and other Federal health
care programs.  To that end, all health care providers have a duty to ensure that the claims submitted to Federal health care programs are true and accurate.  The development of voluntary compliance programs and the active application of compliance principles in physician practices will go a long way toward achieving this goal.

Through this document, the OIG provides its views on the fundamental components of physician practice compliance programs, as well as the principles that a physician practice might consider when developing and implementing a voluntary compliance program.  While this document presents basic procedural and structural guidance for designing a voluntary compliance program, it is not in and of itself a compliance program.  Indeed, as recognized by the OIG and
the health care industry, there is no “one size fits all” compliance program, especially for physician practices.  Rather, it is a set of guidelines that physician practices can consider if they choose to develop and implement a compliance program.

As with the OIGs previous guidance, these guidelines are not mandatory.  Nor do they represent an all-inclusive document containing all components of a compliance program.  Other OIG outreach efforts, as well as other Federal agency efforts to promote compliance,  can also be used in developing a compliance program.  However, as explained later, if a physician practice adopts a voluntary and active compliance program, it may well lead to benefits for the physician practice.
1. Scope of the Voluntary Compliance Program Guidance

This guidance focuses on voluntary compliance measures related to claims submitted to the Federal health care programs.  Issues related to private payor claims may also be covered by a compliance plan if the physician practice so desires.

The guidance is also limited in scope by focusing on the development of voluntary compliance programs for individual and small group physician practices.  The difference between a small practice and a large practice cannot be determined by stating a particular number of physicians.  Instead, our intent in narrowing the guidance to the small practices subset was to provide
guidance to those physician practices whose financial or staffing resources would not allow them to implement a full scale, institutionally structured compliance program as set forth in the Third Party Medical Billing Guidance or other previously released OIG guidance.  A compliance program can be an important tool for physician practices of all sizes and does not have to be
costly, resource-intensive or time-intensive.

2. Benefits of a Voluntary Compliance Program

The OIG acknowledges that patient care is, and should be, the first priority of a physician practice.  However, a practice’s focus on patient care can be enhanced by the adoption of a voluntary compliance program.  For example, the increased accuracy of documentation that may result from a compliance program will actually assist in enhancing patient care.  The OIG believes that physician practices can realize numerous other benefits by implementing a compliance program.  A well-designed compliance program can:

– speed and optimize proper payment of claims;
– minimize billing mistakes;
– reduce the chances that an audit will be conducted by HCFA or the OIG;     and
– avoid conflicts with the self-referral and anti-kickback statutes.

The incorporation of compliance measures into a physician practice should not be at the expense of patient care, but instead should augment the ability of the physician practice to provide quality patient care.

Voluntary compliance programs also provide benefits by not only helping to prevent erroneous or fraudulent claims, but also by showing that the physician practice is making additional good faith efforts to submit claims appropriately.  Physicians should view compliance programs as analogous to practicing preventive medicine for their practice.  Practices that embrace the active application of compliance principles in their practice culture and put efforts towards compliance on a continued basis can help to prevent problems from occurring in the future.

A compliance program also sends an important message to a physician practice’s employees that while the practice recognizes that mistakes will occur, employees have an affirmative, ethical duty to come forward and report erroneous or fraudulent conduct, so that it may be corrected.

3. Application of Voluntary Compliance Program Guidance

The applicability of these recommendations will depend on the circumstances and resources of the particular physician practice.  Each physician practice can undertake reasonable steps to implement compliance measures, depending on the size and resources of that practice.  Physician practices can rely, at least in part, upon standard protocols and current practice procedures to develop an appropriate compliance program for that practice.  In fact, many physician practices already have established the framework of a compliance program without referring to it as such.

D.     The Difference Between “Erroneous” and “Fraudulent” Claims To Federal
Health Programs

There appear to be significant misunderstandings within the physician community regarding the critical differences between what the government views as innocent “erroneous” claims on the one hand and “fraudulent” (intentionally or recklessly false) health care claims on the other.  Some physicians feel that Federal law enforcement agencies have maligned medical professionals, in part, by a perceived focus on innocent billing errors.  These physicians are under the impression that innocent billing errors can subject them to civil penalties, or even jail.  These impressions are mistaken.

To address these concerns, the OIG would like to emphasize the following points.  First, the OIG does not disparage physicians, other medical professionals or medical enterprises.  In our view, the great majority of physicians are working ethically to render high quality medical care and to submit proper claims.

Second, under the law, physicians are not subject to criminal, civil or administrative penalties for innocent errors, or even negligence.  The Government’s primary enforcement tool, the civil False Claims Act, covers only offenses that are committed with actual knowledge of the falsity of the
claim, reckless disregard, or deliberate ignorance of the falsity of the claim.   The False Claims Act does not encompass mistakes, errors, or negligence.  The Civil Monetary Penalties Law, an administrative remedy, similar in scope and effect to the False Claims Act, has exactly the same standard of proof.   The OIG is very mindful of the difference between innocent errors (“erroneous claims”) on one hand, and reckless or intentional conduct (“fraudulent claims”) on the other.  For criminal penalties, the standard is even higher — criminal intent to defraud must be proved beyond a reasonable doubt.

Third, even ethical physicians (and their staffs) make billing mistakes and errors through inadvertence or negligence.  When physicians discover that their billing errors, honest mistakes, or negligence result in erroneous claims, the physician practice should return the funds erroneously claimed, but without penalties.  In other words, absent a violation of a civil, criminal or administrative law, erroneous claims result only in the return of funds claimed in error.

Fourth, innocent billing errors are a significant drain on the Federal health care programs.  All parties (physicians, providers, carriers, fiscal intermediaries, Government agencies, and beneficiaries) need to work cooperatively to reduce the overall error rate.

Finally, it is reasonable for physicians (and other providers) to ask:  what duty do they owe the Federal health care programs?  The answer is that all health care providers have a duty to reasonably ensure that the claims submitted to Medicare and other Federal health care programs are true and accurate.  The OIG continues to engage the provider community in an extensive, good faith effort to work cooperatively on voluntary compliance to minimize errors and to prevent potential penalties for improper billings before they occur.  We encourage all physicians and other providers to join in this effort.

II.      DEVELOPING A VOLUNTARY COMPLIANCE PROGRAM

A.      The Seven Basic Components of a Voluntary Compliance Program

The OIG believes that a basic framework for any voluntary compliance program begins with a review of the seven basic components of an effective compliance program.  A review of these components provides physician practices with an overview of the scope of a fully developed and implemented compliance program.  The following list of components, as set forth in previous OIG compliance program guidances, can form the basis of a voluntary compliance program for a
physician practice:

– conducting internal monitoring and auditing through the performance of
periodic audits;
– implementing compliance and practice standards through the development
of written standards and procedures;
– designating a compliance officer or contact(s) to monitor compliance
efforts and enforce practice standards;
– conducting appropriate training and education on practice standards and
procedures;
– responding appropriately to detected violations through the                 investigation of allegations and the disclosure of incidents to             appropriate Government entities;
– developing open lines of communication, such as (1) discussions at staff meetings regarding how to avoid erroneous or fraudulent conduct and (2) community bulletin boards, to keep practice employees updated regarding compliance activities; and
– enforcing disciplinary standards through well-publicized guidelines.

These seven components provide a solid basis upon which a physician practice can create a compliance program.  The OIG acknowledges that full implementation of all components may not be feasible for all physician practices.  Some physician practices may never fully implement all of the components.  However, as a first step, physician practices can begin by adopting only those components which, based on a practice’s specific history with billing problems and other compliance issues, are most likely to provide an identifiable benefit.

The extent of implementation will depend on the size and resources of the practice.  Smaller physician practices may incorporate each of the components in a manner that best suits the practice.  By contrast, larger physician practices often have the means to incorporate the components in a more systematic manner.  For example, larger physician practices can use both this guidance and the Third-Party Medical Billing Compliance Program Guidance, which provides a more detailed compliance program structure, to create a compliance program unique to the practice.

The OIG recognizes that physician practices need to find the best way to achieve compliance for their given circumstances.  Specifically, the OIG encourages physician practices to participate in other provider’s compliance programs, such as the compliance programs of the hospitals or other settings in which the physicians practice.  Physician Practice Management companies also may serve as a source of compliance program guidance.  A physician practice’s participation in such compliance programs could be a way, at least partly, to augment the practice’s own compliance efforts.

The opportunities for collaborative compliance efforts could include participating in training and education programs or using another entity’s policies and procedures as a template from which the physician practice creates its own version.  The OIG encourages this type of collaborative effort, where the content is appropriate to the setting involved (i.e., the training is relevant to physician practices as well as the sponsoring provider), because it provides a means to promote the desired objective without imposing excessive burdens on the practice or requiring physicians to undertake duplicative action.  However, to prevent possible anti-kickback or self-referral issues, the OIG recommends that physicians consider limiting their participation in a sponsoring Provider’s compliance program to the areas of training and education or policies and procedures.

The key to avoiding possible conflicts is to ensure that the entity providing compliance services to a physician practice (its referral source) is not perceived as nor is it operating the practice compliance program at no charge.  For example, if the sponsoring entity conducted claims review for the physician practice as part of a compliance program or provided compliance oversight without charging the practice fair market value for those services, the anti-kickback and Stark self-referral laws would be implicated.  The payment of fair market value by referral sources for compliance services will generally address these concerns.

2. Steps for Implementing a Voluntary Compliance Program

As previously discussed, implementing a voluntary compliance program can be a multi-tiered process.  Initial development of the compliance program can be focused on practice risk areas that have been problematic for the practice such as coding and billing.  Within this area, the practice should examine its claims denial history or claims that have resulted in repeated overpayments, and identify and correct the most frequent sources of those denials or overpayments.  A review of claim denials will help the practice scrutinize a significant risk area and improve its cash flow by submitting correct claims that will be paid the first time they are submitted.  As this example illustrates, a compliance program for a physician practice often makes sound business sense.

The following is a suggested order of the steps a practice could take to begin the development of a compliance program.  The steps outlined below articulate all seven components of a compliance program and there are numerous suggestions for implementation within each component.  Physician practices should keep in mind, as stated earlier, that it is up to the practice to determine the manner in which and the extent to which the practice chooses to implement these voluntary measures.

STEP ONE:  AUDITING AND MONITORING

An ongoing evaluation process is important to a successful compliance program.  This ongoing evaluation includes not only whether the physician practice’s standards and procedures are in fact current and accurate, but also whether the compliance program is working, i.e., whether individuals are properly carrying out their responsibilities and claims are submitted appropriately.  Therefore, an audit is an excellent way for a physician practice to ascertain what, if any, problem areas exist and focus on the risk areas that are associated with those problems.

There are two types of reviews that can be performed as part of this evaluation:  (1) a standards and procedures review; and (2) a claims submission audit.

1. Standards and procedures

It is recommended that an individual(s) in the physician practice be charged with the responsibility of periodically reviewing the practice’s standards and procedures to determine if they are current and complete.  If the standards and procedures are found to be ineffective or outdated, they should be updated to reflect changes in Government regulations or compendiums generally relied upon by physicians and insurers (i.e., changes in Current Procedural Terminology (CPT) and ICD-9-CM codes).

2. Claims Submission Audit

In addition to the standards and procedures themselves, it is advisable that bills and medical records be reviewed for compliance with applicable coding, billing and documentation requirements.  The individuals from the physician practice involved in these self-audits would ideally include the person in charge of billing (if the practice has such a person) and a medically trained person (e.g., registered nurse or preferably a physician (physicians can rotate in this position)).  Each physician’s practice needs to decide for itself whether to review claims retrospectively or concurrently with the claims submission.  In the Third-Party Medical Billing Compliance Program Guidance, the OIG recommended that a baseline, or “snapshot,” be used to enable a practice to judge over time its progress in reducing or eliminating potential areas of vulnerability.  This practice, known as “benchmarking,” allows a practice to chart its compliance efforts by showing a reduction or increase in the number of claims paid and denied.

The practice’s self-audits can be used to determine whether:

– bills are accurately coded and accurately reflect the services provided         (as documented in the medical records);
– documentation is being completed correctly;
– services or items provided are reasonable and necessary; and
– any incentives for unnecessary services exist.

A baseline audit examines the claim development and submission process, from patient intake through claim submission and payment, and identifies elements within this process that may contribute to non-compliance or that may need to be the focus for improving execution.   This audit will establish a consistent methodology for selecting and examining records, and this methodology will then serve as a basis for future audits.

There are many ways to conduct a baseline audit.  The OIG recommends that claims/services that were submitted and paid during the initial three months after implementation of the education and training program be examined, so as to give the physician practice a benchmark against which to measure future compliance effectiveness.

Following the baseline audit, a general recommendation is that periodic audits be conducted at least once each year to ensure that the compliance program is being followed.  Optimally, a randomly selected number of medical records could be reviewed to ensure that the coding was performed accurately.  Although there is no set formula to how many medical records should be reviewed, a basic guide is five or more medical records per Federal payor (i.e., Medicare, Medicaid), or five to ten medical records per physician.  The OIG realizes that physician
practices receive reimbursement from a number of different payors, and we would encourage a physician practice’s auditing/monitoring process to consist of a review of claims from all Federal payors from which the practice receives reimbursement.  Of course, the larger the sample size, the larger the comfort level the physician practice will have about the results.  However, the OIG
is aware that this may be burdensome for some physician practices, so, at a minimum, we would encourage the physician practice to conduct a review of claims that have been reimbursed by Federal health care programs.

If problems are identified, the physician practice will need to determine whether a focused review should be conducted on a more frequent basis.  When audit results reveal areas needing additional information or education of employees and physicians, the physician practice will need to analyze whether these areas should be incorporated into the training and educational system.

There are many ways to identify the claims/services from which to draw the random sample of claims to be audited.  One methodology is to choose a random sample of claims/services from either all of the claims/services a physician has received reimbursement for or all claims/services from a particular payor.  Another method is to identify risk areas or potential billing vulnerabilities.  The codes associated with these risk areas may become the universe of claims/services from which to select the sample.  The OIG recommends that the physician practice evaluate claims/services selected to determine if the codes billed and reimbursed were accurately ordered, performed, and reasonable and necessary for the treatment of the patient.

One of the most important components of a successful compliance audit protocol is an appropriate response when the physician practice identifies a problem.  This action should be taken as soon as possible after the date the problem is identified.  The specific action a physician practice takes should depend on the circumstances of the situation.  In some cases, the response can be as straight forward as generating a repayment with appropriate explanation to Medicare or the appropriate payor from which the overpayment was received.  In others, the physician practice may want to consult with a coding/billing expert to determine the next best course of action.  There is no boilerplate solution to how to handle problems that are identified.

It is a good business practice to create a system to address how physician practices will respond to and report potential problems.  In addition, preserving information relating to identification of the problem is as important as preserving information that tracks the physician practice’s reaction to, and solution for, the issue.

STEP TWO:  ESTABLISH PRACTICE STANDARDS AND PROCEDURES

After the internal audit identifies the practice’s risk areas, the next step is to develop a method for dealing with those risk areas through the practice’s standards and procedures.  Written standards and procedures are a central component of any compliance program.  Those standards and procedures help to reduce the prospect of erroneous claims and fraudulent activity by identifying
risk areas for the practice and establishing tighter internal controls to counter those risks, while also helping to identify any aberrant billing practices.  Many physician practices already have something similar to this called “practice standards” that include practice policy statements regarding patient care, personnel matters and practice standards and procedures on complying with Federal and State law.

The OIG believes that written standards and procedures can be helpful to all physician practices, regardless of size and capability.  If a lack of resources to develop such standards and procedures is genuinely an issue, the OIG recommends that a physician practice focus first on those risk areas most likely to arise in its particular practice.   Additionally, if the physician practice works with a physician practice management company (PPMC), independent practice association (IPA), physician-hospital organization, management services organization (MSO) or third-party billing company, the practice can incorporate the compliance standards and procedures of those entities, if appropriate, into its own standards and procedures.  Many physician practices have found that the adoption of a third party’s compliance standards and procedures, as appropriate, has many benefits and the result is a consistent set of standards and procedures for a community of physicians as well as having just one entity that can then monitor and refine the process as needed.  This sharing of compliance responsibilities assists physician practices in rural areas that do not have the staff to perform these functions, but do belong to a group that does have the resources.  Physician practices using another entity’s compliance materials will need to tailor those materials to the physician practice where they will be applied.

Physician practices that do not have standards or procedures in place can develop them by:  (1) developing a written standards and procedures manual; and (2) updating clinical forms periodically to make sure they facilitate and encourage clear and complete documentation of patient care.  A practice’s standards could also identify the clinical protocol(s), pathway(s), and other treatment guidelines followed by the practice.

Creating a resource manual from publicly available information may be a cost-effective approach for developing additional standards and procedures.  For example, the practice can develop a “binder” that contains the practice’s written standards and procedures, relevant HCFA directives and carrier bulletins, and summaries of informative OIG documents (e.g., Special Fraud Alerts, Advisory Opinions, inspection and audit reports).   If the practice chooses to adopt this idea, the binder should be updated as appropriate and located in a readily accessible location.

If updates to the standards and procedures are necessary, those updates should be communicated to employees to keep them informed regarding the practice’s operations.  New employees can be made aware of the standards and procedures when hired and can be trained on their contents as part of their orientation to the practice.  The OIG recommends that the communication of updates and training of new employees occur as soon as possible after either the issuance of a new update or the hiring of a new employee.

1. Specific Risk Areas

The OIG recognizes that many physician practices may not have in place standards and procedures to prevent erroneous or fraudulent conduct in their practices.  In order to develop standards and procedures, the physician practice may consider what types of fraud and abuse related topics need to be addressed based on its specific needs.  One of the most important things in making that determination is a listing of risk areas where the practice may be vulnerable.

To assist physician practices in performing this initial assessment, the OIG has developed a list of four potential risk areas affecting physician practices.  These risk areas include:  (a) coding and billing; (b) reasonable and necessary services; (c) documentation; and (d) improper inducements, kickbacks and self-referrals.  This list of risk areas is not exhaustive, or all- encompassing.  Rather, it should be viewed as a starting point for an internal review of potential vulnerabilities within the physician practice.   The objective of such an assessment is to ensure that key personnel in the physician practice are aware of these major risk areas and that steps are taken to minimize, to the extent possible, the types of problems identified.  While there are many ways to accomplish this objective, clear written standards and procedures that are communicated to all employees are important to ensure the effectiveness of a compliance program.  Specifically, the following are discussions of risk areas for physician practices:

i.  Coding and Billing

A major part of any physician practice’s compliance program is the identification of risk areas associated with coding and billing.  The following risk areas associated with billing have been among the most frequent subjects of investigations and audits by the OIG:

– billing for items or services not rendered or not provided as claimed;
– submitting claims for equipment, medical supplies and services that are
not reasonable and necessary;
– double billing resulting in duplicate payment;
– billing for non-covered services as if covered;
– knowing misuse of provider identification numbers, which results in
improper billing;
– unbundling (billing for each component of the service instead of billing or using an all-inclusive code);
– failure to properly use coding modifiers;
– clustering; and
– upcoding the level of service provided.

The physician practice written standards and procedures concerning proper coding reflect the current reimbursement principles set forth in applicable statutes, regulations  and Federal, State or private payor health care program requirements and should be developed in tandem with coding and billing standards used in the physician practice.  Furthermore, written standards and procedures should ensure that coding and billing are based on medical record documentation.  Particular attention should be paid to issues of appropriate diagnosis codes and individual Medicare Part B claims (including documentation guidelines for evaluation and management services).  A physician practice can also institute a policy that the coder and/or physician review all rejected claims pertaining to diagnosis and procedure codes.  This step can facilitate a reduction in similar errors.

ii.  Reasonable and Necessary Services

A practice’s compliance program may provide guidance that claims are to be submitted only for services that the physician practice finds to be reasonable and necessary in the particular case.  The OIG recognizes that physicians should be able to order any tests, including screening tests, they believe are appropriate for the treatment of their patients.  However, a physician practice
should be aware that Medicare will only pay for services that meet the Medicare definition of reasonable and necessary.

Medicare (and many insurance plans) may deny payment for a service that is not reasonable and necessary according to the Medicare reimbursement rules.  Thus, when a physician provides services to a Medicare beneficiary, he or she should only bill those services that meet the Medicare standard of being reasonable and necessary for the diagnosis and treatment of a patient.  A physician practice can bill in order to receive a denial for services, but only if the denial is needed for reimbursement from the secondary payor.  Upon request, the physician practice should be able to provide documentation, such as a patient’s medical records and physician’s orders, to support the appropriateness of a service that the physician has provided.

iii.  Documentation

Timely, accurate and complete documentation is important to clinical patient care.  This same documentation serves as a second function when a bill is submitted for payment, namely, as verification that the bill is accurate as submitted.  Therefore, one of the most important physician practice compliance issues is the appropriate documentation of diagnosis and treatment.
Physician documentation is necessary to determine the appropriate medical treatment for the patient and is the basis for coding and billing determinations.  Thorough and accurate documentation also helps to ensure accurate recording and timely transmission of information.

a.  Medical Record Documentation

In addition to facilitating high quality patient care, a properly documented medical record verifies and documents precisely what services were actually provided.  The medical record may be used to validate:  (a) the site of the service; (b) the appropriateness of the services provided; (c) the accuracy of the billing; and (d) the identity of the care giver (service provider).  Examples of internal documentation guidelines a practice might use to ensure accurate medical record documentation include the following:

– The medical record is complete and legible;
– The documentation of each patient encounter includes the reason for the
encounter; any relevant history; physical examination findings;             prior diagnostic test results; assessment, clinical impression, or         diagnosis; plan of care; and date and legible identity of the             observer;
– If not documented, the rationale for ordering diagnostic and other ancillary services can be easily inferred by an independent reviewer or third party who has appropriate medical training;
– CPT and ICD-9-CM codes used for claims submission are supported by
documentation and the medical record; and
– Appropriate health risk factors are identified.  The patient’s progress, his or her response to, and any changes in, treatment, and any revision in diagnosis is documented.

The CPT and ICD-9-CM codes reported on the health insurance claims form should be supported by documentation in the medical record and the medical chart should contain all necessary information.  Additionally, HCFA and the local carriers should be able to determine the person who provided the services.  These issues can be the root of investigations of inappropriate or erroneous conduct, and have been identified by HCFA and the OIG as a leading cause of improper payments.

One method for improving quality in documentation is for a physician practice to compare the Practice’s claim denial rate to the rates of other practices in the same specialty to the extent that the practice can obtain that information from the carrier.  Physician coding and diagnosis distribution can be compared for each physician within the same specialty to identify variances.

b.  HCFA 1500 Form

Another documentation area for physician practices to monitor closely is the proper completion of the HCFA 1500 form.  The following practices will help ensure that the form has been properly completed:

– link the diagnosis code with the reason for the visit or service;
– use modifiers appropriately;
– provide Medicare with all information about a beneficiary’s other
insurance coverage under the Medicare Secondary Payor (MSP) policy,         if the practice is aware of a beneficiary’s additional coverage.

iv.  Improper Inducements, Kickbacks and Self-Referrals

A physician practice would be well advised to have standards and procedures that encourage compliance with the anti-kickback statute  and the physician self-referral law.   Remuneration for referrals is illegal because it can distort medical decision-making, cause overutilization of services or supplies, increase costs to Federal health care programs, and result in unfair competition by shutting out competitors who are unwilling to pay for referrals.  Remuneration for referrals can also affect the quality of patient care by encouraging physicians to order services or supplies based on profit rather than the patients’ best medical interests.

In particular, arrangements with hospitals, hospices, nursing facilities, home health agencies, durable medical equipment suppliers, pharmaceutical manufacturers and vendors are areas of potential concern.  In general the anti-kickback statute prohibits knowingly and willfully giving or receiving anything of value to induce referrals of Federal health care program business.  It is
generally recommended that all business arrangements wherein physician practices refer business to, or order services or items from, an outside entity should be on a fair market value basis.  Whenever a physician practice intends to enter into a business arrangement that involves making referrals, the arrangement should be reviewed by legal counsel familiar with the anti-kickback statute and physician self-referral statute.

In addition to developing standards and procedures to address arrangements with other health care providers and suppliers, physician practices should also consider implementing measures to avoid offering inappropriate inducements to patients.   Examples of such inducements include routinely waiving coinsurance or deductible amounts without a good faith determination that the patient is in financial need or failing to make reasonable efforts to collect the cost-sharing amount.

Possible risk factors relating to this risk area that could be addressed in the practice’s standards and procedures include:

– financial arrangements with outside entities to whom the practice may
refer Federal health care program business;
– joint ventures with entities supplying goods or services to the             physician practice or its patients;
– consulting contracts or medical directorships;
– office and equipment leases with entities to which the physician refers; and
– soliciting, accepting or offering any gift or gratuity of more than                                                                                                                                            nominal value to or from those who may benefit from a physician             practice’s referral of Federal health care program business.

In order to keep current with this area of the law, a physician practice may obtain copies, available on the OIG web site or in hard copy from the OIG, of all relevant OIG Special Fraud Alerts and Advisory Opinions that address the application of the anti-kickback and physician self-referral laws to ensure that the standards and procedures reflect current positions and opinions.

2. Retention of Records

In light of the documentation requirements faced by physician practices, it would be to the Practice’s benefit if its standards and procedures contained a section on the retention of compliance, business and medical records.  These records primarily include documents relating to patient care and the practice’s business activities.  A physician practice’s designated compliance contact could keep an updated binder or record of these documents, including information relating to compliance activities.  The primary compliance documents that a practice would want to retain are those that relate to educational activities, internal investigations and internal audit results.  We suggest that particular attention should be paid to documenting investigations of potential violations uncovered by the compliance program and the resulting remedial action.  Although there is no requirement that the practice retain its compliance records, having all the relevant documentation relating to the practice’s compliance efforts or handling of a particular problem can benefit the practice should it ever be questioned regarding those activities.

Physician practices that implement a compliance program might also want to provide for the development and implementation of a records retention system.  This system would establish standards and procedures regarding the creation, distribution, retention, and destruction of documents.  If the practice decides to design a record system, privacy concerns and Federal or State regulatory requirements should be taken into consideration.

While conducting its compliance activities, as well as its daily operations, a physician practice would be well advised, to the extent it is possible, to document its efforts to comply with applicable Federal health care program requirements.  For example, if a physician practice requests advice from a Government agency (including a Medicare carrier) charged with administering a Federal health care program, it is to the benefit of the practice to document and retain a record of the request and any written or oral response (or nonresponse).  This step is extremely important if the practice intends to rely on that response to guide it in future decisions, actions, or claim reimbursement requests or appeals.

In short, it is in the best interest of all physician practices, regardless of size, to have procedures to create and retain appropriate documentation.  The following record retention guidelines are suggested:

– The length of time that a practice’s records are to be retained can be
specified in the physician practice’s standards and procedures             (Federal and State statutes should be consulted for specific time         frames, if applicable);
–  Medical records (if in the possession of the physician practice) need to be secured against loss, destruction, unauthorized access, unauthorized reproduction, corruption, or damage; and
– Standards and procedures can stipulate the disposition of medical             records in the event the practice is sold or closed.

STEP THREE:  DESIGNATION OF A COMPLIANCE OFFICER/CONTACT(S)

After the audits have been completed and the risk areas identified, ideally one member of the physician practice staff needs to accept the responsibility of developing a corrective action plan, if necessary, and oversee the practice’s adherence to that plan.  This person can either be in charge of all compliance activities for the practice or play a limited role merely to resolve the current issue.  In a formalized institutional compliance program there is a compliance officer who is responsible for overseeing the implementation and day-to-day operations of the compliance program.  However, the resource constraints of physician practices make it so that it is often impossible to designate one person to be in charge of compliance functions.

It is acceptable for a physician practice to designate more than one employee with compliance monitoring responsibility.  In lieu of having a designated compliance officer, the physician practice could instead describe in its standards and procedures the compliance functions for which designated employees, known as “compliance contacts,” would be responsible.  For example, one employee could be responsible for preparing written standards and procedures, while another could be responsible for conducting or arranging for periodic audits and ensuring that billing questions are answered.  Therefore, the compliance-related responsibilities of the designated person or persons may be only a portion of his or her duties.

Another possibility is that one individual could serve as compliance officer for more than one entity.  In situations where staffing limitations mandate that the practice cannot afford to designate a person(s) to oversee compliance activities, the practice could outsource all or part of the functions of a compliance officer to a third party, such as a consultant, PPMC, MSO, IPA or
third-party billing company.  However, if this role is outsourced, it is beneficial for the compliance officer to have sufficient interaction with the physician practice to be able to effectively understand the inner workings of the practice.  For example, consultants that are not in close geographic proximity to a practice may not be effective compliance officers for the
practice.

One suggestion for how to maintain continual interaction is for the practice to designate someone to serve as a liaison with the outsourced compliance officer.  This would help ensure a strong tie between the compliance officer and the practice’s daily operations.  Outsourced compliance officers, who spend most of their time offsite, have certain limitations that a physician practice should consider before making such a critical decision.  These limitations can include lack of understanding as to the inner workings of the practice, accessibility and possible conflicts of interest when one compliance officer is serving several practices.

If the physician practice decides to designate a particular person(s) to oversee all compliance activities, not just those in conjunction with the audit-related issue, the following is a list of suggested duties that the practice may want to assign to that person(s):

– overseeing and monitoring the implementation of the compliance
program;
– establishing methods, such as periodic audits, to improve the practice’s efficiency and quality of services, and to reduce the practice’s vulnerability to fraud and abuse;
– periodically revising the compliance program in light of changes in the
needs of the practice or changes in the law and in the standards and procedures of Government and private payor health plans;
– developing, coordinating and participating in a training program that
focuses on the components of the compliance program, and seeks to
ensure that training materials are appropriate;
– ensuring that the HHS-OIG’s List of Excluded Individuals and Entities,
and the General Services Administration’s (GSA’s) List of Parties
Debarred from Federal Programs have been checked with respect to all employees, medical staff and independent contractors; and
– investigating any report or allegation concerning possible unethical or
improper business practices, and monitoring subsequent corrective         action and/or compliance.

Each physician practice needs to assess its own practice situation and determine what best suits that practice in terms of compliance oversight.

STEP FOUR:  CONDUCTING APPROPRIATE TRAINING AND EDUCATION

Education is an important part of any compliance program and is the logical next step after problems have been identified and the practice has designated a person to oversee educational training.  Ideally, education programs will be tailored to the physician practice’s needs, specialty and size and will include both compliance and specific training.

There are three basic steps for setting up educational objectives:

– determining who needs training (both in coding and billing and in
compliance);
– determining the type of training that best suits the practice’s needs (e.g., seminars, in-service training, self-study or other programs);     and
– determining when and how often education is needed and how much each
person should receive.

Training may be accomplished through a variety of means, including in-person training sessions (i.e., either on site or at outside seminars), distribution of newsletters,  or even a readily accessible office bulletin board.  Regardless of the training modality used, a physician practice should ensure that the necessary education is communicated effectively and that the practice’s employees come away from the training with a better understanding of the issues covered.

1. Compliance Training

Under the direction of the designated compliance officer/contact, both initial and recurrent training in compliance is advisable, both with respect to the compliance program itself and applicable statutes and regulations.  Suggestions for items to include in compliance training are:

–    the operation and importance of the compliance program;
–    the consequences of violating the standards and procedures set forth in the program; and
–    the role of each employee in the operation of the compliance program.

There are two goals a practice should strive for when conducting compliance training:  (1) all employees will receive training on how to perform their jobs in compliance with the standards of the practice and any applicable regulations; and (2) each employee will understand that compliance is a condition of continued employment.  Compliance training focuses on explaining why the practice is developing and establishing a compliance program.  The training should emphasize that following the standards and procedures will not get a practice employee in trouble, but violating the standards and procedures may subject the employee to disciplinary measures.  It is advisable that new employees be trained on the compliance program as soon as possible after their start date and employees should receive refresher training on an annual basis
or as appropriate.

2.  Coding and Billing Training

Coding and billing training on the Federal health care program requirements may be necessary for certain members of the physician practice staff depending on their respective responsibilities.
The OIG understands that most physician practices do not employ a professional coder and that the physician is often primarily responsible for all coding and billing.  However, it is in the practice’s best interest to ensure that individuals who are directly involved with billing, coding or other aspects of the Federal health care programs receive extensive education specific to that
Individual’s responsibilities.  Some examples of items that could be covered in coding and billing training include:

– coding requirements;
– claim development and submission processes;
– signing a form for a physician without the physician’s authorization;
– proper documentation of services rendered;
– proper billing standards and procedures and submission of accurate bills for services or items rendered to Federal health care program beneficiaries;  and
– the legal sanctions for submitting deliberately false or reckless                                                                           billings.

3.  Format of the Training Program

Training may be conducted either in-house or by an outside source.   Training at outside seminars, instead of internal programs and in-service sessions, may be an effective way to achieve the practice’s training goals.  In fact, many community colleges offer certificate or associate degree programs in billing and coding, and professional associations provide various kinds of continuing education and certification programs.  Many carriers also offer billing training.

The physician practice may work with its third-party billing company, if one is used, to ensure that documentation is of a level that is adequate for the billing company to submit accurate claims on behalf of the physician practice.  If it is not, these problem areas should also be covered in the training.  In addition to the billing training, it is advisable for physician practices
to maintain updated ICD-9, HCPCS and CPT manuals (in addition to the carrier bulletins construing those sources) and make them available to all employees involve in the billing process.  Physician practices can also provide a source of continuous updates on current billing standards and procedures by making
publications or Government documents that describe current billing policies available to its employees.

Physician practices do not have to provide separate education and training programs for the compliance and coding and billing training.  All in-service training and continuing education can integrate compliance issues, as well as other core values adopted by the practice, such as quality improvement and improved patient service, into their curriculum.

4.  Continuing Education on Compliance Issues

There is no set formula for determining how often training sessions should occur.  The OIG recommends that there be at least an annual training program for all individuals involved in the coding and billing aspects of the practice.   Ideally, new billing and coding employees will be trained as soon as possible after assuming their duties and will work under an experienced employee until their training has been completed.

STEP FIVE:  RESPONDING TO DETECTED OFFENSES AND DEVELOPING CORRECTIVE ACTION INITIATIVES

When a practice determines it has detected a possible violation, the next step is to develop a corrective action plan and determine how to respond to the problem.  Violations of a physician practice’s compliance program, significant failures to comply with applicable Federal or State law, and other types of misconduct threaten a practice’s status as a reliable, honest, and trustworthy provider of health care.  Consequently, upon receipt of reports or reasonable indications of suspected noncompliance, it is important that the compliance contact or other practice employee look into the allegations to determine whether a significant violation of applicable law or the requirements of the compliance program has indeed occurred, and, if so, take decisive steps to correct the problem.  As appropriate, such steps may involve a corrective action plan,  the return of any overpayments, a report to the Government,  and/or a referral to law enforcement authorities.

One suggestion is that the practice, in developing its compliance program, develop its own set of monitors and warning indicators.  These might include:  significant changes in the number and/or types of claim rejections and/or reductions; correspondence from the carriers and insurers challenging the medical necessity or validity of claims; illogical patterns or unusual changes in the pattern of CPT-4, HCPCS or ICD-9 code utilization; and high volumes of unusual charge or payment adjustment transactions.  If any of these warning indicators become apparent, then it is recommended that the practice follow up on the issues.  Subsequently, as appropriate, the compliance procedures of the practice may need to be changed to prevent the problem from recurring.

For potential criminal violations, a physician practice would be well advised in its compliance program procedures to include steps for prompt referral or disclosure to an appropriate Government authority or law enforcement agency.  In regard to overpayment issues, it is advised that the physician practice take appropriate corrective action, including prompt identification and repayment of any overpayment to the affected payor.

It is also recommended that the compliance program provide for a full internal assessment of all reports of detected violations.  If the physician practice ignores reports of possible fraudulent activity, it is undermining the very purpose it hoped to achieve by implementing a compliance program.

It is advised that the compliance program standards and procedures include provisions to ensure that a violation is not compounded once discovered.  In instances involving individual misconduct, the standards and procedures might also advise as to whether the individuals involved in the violation either be retrained, disciplined, or, if appropriate, terminated.  The physician practice may also prevent the compounding of the violation by conducting a review of
all confirmed violations, and, if appropriate, self-reporting the violations to the applicable authority.
The physician practice may consider the fact that if a violation occurred and was not detected, its compliance program may require modification.  Physician practices that detect violations could analyze the situation to determine whether a flaw in their compliance program failed to anticipate the detected problem, or whether the compliance program’s procedures failed to prevent the
violation.  In any event, it is prudent, even absent the detection of any violations, for physician practices to periodically review and modify their compliance programs.

STEP SIX:  DEVELOPING OPEN LINES OF COMMUNICATION

In order to prevent problems from occurring and to have a frank discussion of why the problem happened in the first place, physician practices need to have open lines of communication.  Especially in a smaller practice, an open line of communication is an integral part of implementing a compliance program.  Guidance previously issued by the OIG has encouraged the use of several forms of communication between the compliance officer/committee and provider personnel, many of which focus on formal processes and are more costly to implement (e.g., hotlines and e-mail).  However, the OIG recognizes that the nature of some physician practices is not as conducive to implementing these types of measures.  The nature of a small physician practice dictates that such communication and information exchanges need to be conducted through a less formalized process than that which has been envisioned by prior OIG guidance.

In the small physician practice setting, the communication element may be met by implementing a clear “open door” policy between the physicians and compliance personnel and practice employees.  This policy can be implemented in conjunction with less formal communication techniques, such as conspicuous notices posted in common areas and/or the development and placement of a compliance bulletin board where everyone in the practice can receive up-to-date compliance information.

A compliance program’s system for meaningful and open communication can include the following:

– the requirement that employees report conduct that a reasonable person
would, in good faith, believe to be erroneous or fraudulent;
– the creation of a user-friendly process (such as an anonymous drop box for larger practices) for effectively reporting erroneous or fraudulent conduct;
– provisions in the standards and procedures that state that a failure to report erroneous or fraudulent conduct is a violation of the compliance program;
– the development of a simple and readily accessible procedure to process
reports of erroneous or fraudulent conduct;
– if a billing company is used, communication to and from the billing
company’s compliance officer/contact and other responsible staff to
coordinate billing and compliance activities of the practice and the billing company, respectively.  Communication can include, as appropriate, lists of reported or identified concerns, initiation and the results of internal assessments, training needs, regulatory changes, and other operational and compliance matters;
– the utilization of a process that maintains the anonymity of the persons involved in the reported possible erroneous or fraudulent conduct and the person reporting the concern; and
– provisions in the standards and procedures that there will be no retribution for reporting conduct that a reasonable person acting in good faith would have believed to be erroneous or fraudulent.

The OIG recognizes that protecting anonymity may not be feasible for small physician practices.  However, the OIG believes all practice employees, when seeking answers to questions or reporting potential instances of erroneous or fraudulent conduct, should know to whom to turn for assistance in these matters and should be able to do so without fear of retribution.  While the physician practice may strive to maintain the anonymity of an employee’s identity, it also needs to make clear that there may be a point at which the individual’s identity may become known or may have to be revealed in certain instances.

STEP SEVEN:  ENFORCING DISCIPLINARY STANDARDS THROUGH WELL-PUBLICIZED
GUIDELINES

Finally, the last step that a physician practice may wish to take is to incorporate measures into its practice to ensure that practice employees understand the consequences if they behave in a non-compliant manner.  An effective physician practice compliance program includes procedures for
enforcing and disciplining individuals who violate the practice’s compliance or other practice standards.  Enforcement and disciplinary provisions are necessary to add credibility and integrity to a compliance program.

The OIG recommends that a physician practice’s enforcement and disciplinary mechanisms ensure that violations of the practice’s compliance policies will result in consistent and appropriate sanctions, including the possibility of termination, against the offending individual.  At the same time, it is advisable that the practice’s enforcement and disciplinary procedures be flexible enough to account for mitigating or aggravating circumstances.  The procedures might also stipulate that individuals who fail to detect or report violations of the compliance program may also be subject to discipline.  Disciplinary actions could include:  warnings (oral); reprimands (written); probation; demotion; temporary suspension; termination; restitution of damages; and referral for criminal prosecution.  Inclusion of disciplinary guidelines in in-house training and procedure manuals is sufficient to meet the “well publicized” standard of this element.

It is suggested that any communication resulting in the finding of non-compliant conduct be documented in the compliance files by including the date of incident, name of the reporting party, name of the person responsible for taking action, and the follow-up action taken.  Another suggestion is for physician practices to conduct checks to make sure all current and potential practice employees are not listed on the OIG or GSA lists of individuals excluded from participation in Federal health care or Government procurement programs.

Assessing A Voluntary Compliance Program

A practice’s commitment to compliance can best be assessed by the active application of compliance principles in the day-to-day operations of the practice.  Compliance programs are not just written standards and procedures that sit on a shelf in the main office of a practice, but are an everyday part of the practice operations.  It is by integrating the compliance program into the practice culture that the practice can best achieve maximum benefit from its compliance program.

III.      CONCLUSION

Just as immunizations are given to patients to prevent them from becoming ill, physician practices may view the implementation of a voluntary compliance program as comparable to a form of preventive medicine for the practice.  This voluntary compliance program guidance is intended to assist physician practices in developing and implementing internal controls and procedures that promote adherence to Federal health care program requirements.

As stated earlier, physician compliance programs do not need to be time or resource intensive and can be developed in a manner that best reflects the nature of each individual practice.  Many of the recommendations set forth in this document are ones that many physician practices already have in place and are simply good business practices that can be adhered to with a reasonable
amount of effort.  By implementing an effective compliance program, appropriate for its size and resources, and making compliance principles an active part of the practice culture, a physician practice can help prevent and reduce erroneous or fraudulent conduct in its practice.  These efforts can also streamline and improve the business operations within the practice and therefore help to inoculate it against future problems.

APPENDIX A:  ADDITIONAL RISK AREAS

Appendix A describes additional risk areas that a physician practice may wish to address during the development of its compliance program.  If any of the following risk areas are applicable to the practice, the practice may want to consider addressing the risk areas by incorporating them into the practice’s written standards and procedures manual and addressing them in its training
program.

I.  Reasonable and Necessary Services

A.  Local Medical Review Policy (LMRP)

An area of concern for physicians relating to determinations of reasonable and necessary services is the variation in local medical review policies (LMRPs) among carriers.  Physicians are supposed to bill the Federal health care programs only for items and services that are reasonable and necessary.  However, in order to determine whether an item or service is reasonable and necessary under Medicare guidelines, the physician must apply the appropriate
LMRP.

With the exception of claims that are properly coded and submitted to Medicare solely for the purpose of obtaining a written denial, physician practices are to bill the Federal health programs only for items and services that are covered.  In order to determine if an item or service is covered for Medicare, a physician practice must be knowledgeable of the LMRPs applicable to its practice’s jurisdiction.  The practice may contact its carrier to request a copy of the pertinent LMRPs, and once the practice receives the copies, they can be incorporated into the practice’s written standards and procedures manual.  When the LMRP indicates that an item or service may not be covered by Medicare, the physician practice is responsible to convey this information to the patient so that the patient can make an informed decision concerning the health care services he/she may want to receive.  Physician practices convey this information through Advance Beneficiary Notices (ABNs).

B.  Advance Beneficiary Notices

Physicians are required to provide ABNs before they provide services that they know or believe Medicare does not consider reasonable and necessary.  (The one exception to this requirement is for services that are performed pursuant to EMTALA requirements as described in section II.A).  A properly executed ABN acknowledges that coverage is uncertain or yet to be determined, and stipulates that the patient promises to pay the bill if Medicare does not.  Patients who are not notified before they receive such services are not responsible for payment.  The ABN must be sufficient to put the patient on notice of the reasons why the physician believes that the payment may be denied.  The objective is to give the patient sufficient information to allow an informed choice as to whether to pay for the service.

Accordingly, each ABN should:

1. be in writing;
2. identify the specific service that may be denied (procedure name and CPT/HCPC code is recommended);
3. state the specific reason why the physician believes that service may be denied;  and
4. be signed by the patient acknowledging that the required information was provided and that the patient assumes responsibility to pay for the service.

The Medicare Carrier’s Manual provides that an ABN will not be acceptable if:  (1) the patient is asked to sign a blank ABN form; or (2) the ABN is used routinely without regard to a particularized need.  The routine use of ABNs is generally prohibited because the ABN must state the specific reason the physician anticipates that the specific service will not be covered.

A common risk area associated with ABNs is in regard to diagnostic tests or services.  There are three steps that a physician practice can take to help ensure it is in compliance with the regulations concerning ABNs for diagnostic tests or services:

1. determine which tests are not covered under national coverage rules;
2. determine which tests are not covered under local coverage rules such as LMRPs (contact the practice’s carrier to see if a listing has been assembled); and
3. determine which tests are only covered for certain diagnoses.

The OIG is aware that the use of ABNs is an area where physician practices experience numerous difficulties.  Practices can help to reduce problems in this area by educating their physicians and office staff on the correct use of ABNs, obtaining guidance from the carrier regarding their interpretation of whether an ABN is necessary where the service is not covered, developing a standard form for all diagnostic tests (most carriers have a developed model), and developing a process for handling patients who refuse to sign ABNs.

C.  Physician Liability for Certifications in the Provision of Medical Equipment and Supplies and Home Health Services

In January 1999, the OIG issued a Special Fraud Alert on this topic, which is available on the OIG web site at www.hhs.gov/oig/frdalrt/index.htm.  The following is a summary of the Special Fraud Alert.

The OIG issued the Special Fraud Alert to reiterate to physicians the legal and programmatic significance of physician certifications made in connection with the ordering of certain items and services for Medicare patients.  In light of information obtained through OIG provider audits, the OIG deemed it necessary to remind physicians that they may be subject to criminal, civil and administrative penalties for signing a certification when they know that the information is false or for signing a certification with reckless disregard as to the truth of the information.  (See Appendix B and Appendix C for more detailed information on the applicable statutes).

Medicare has conditioned payment for many items and services on a certification signed by a physician attesting that the physician has reviewed the patient’s condition and has determined that an item or service is reasonable and necessary.  Because Medicare primarily relies on the professional judgment of the treating physician to determine the reasonable and necessary nature
of a given service or supply, it is important that physicians provide complete and accurate information on any certifications they sign.  Physician Certification is obtained through a variety of forms, including prescriptions, orders, and Certificates of Medical Necessity (CMNs).  Two areas where physician certification as to whether an item or service is reasonable and necessary is essential and which are vulnerable to abuse are:  (1) home health services; and (2) durable medical equipment.

By signing a CMN, the physician represents that:

1. he or she is the patient’s treating physician and that the information regarding the physician’s address and unique physician identification number (UPIN) is correct;
2. the entire CMN, including the sections filled out by the supplier, was completed prior to the physician’s signature; and
3. the information in section B relating to whether the item or service is reasonable and necessary is true, accurate, and complete to the best of the physician’s knowledge.

Activities such as signing blank CMNs, signing a CMN without seeing the patient to verify the item or service is reasonable and necessary, and signing a CMN for a service that the physician knows is not reasonable and necessary are activities that can lead to criminal, civil and administrative penalties.

Ultimately, it is advised that physicians carefully review any form of certification (order, prescription or CMN) before signing it to verify that the information contained in the certification is both complete and accurate.

D.    Billing for Non-covered Services as if Covered

In some instances, we are aware that physician practices submit claims for services in order to receive a denial from the carrier, thereby enabling the patient to submit the denied claim for payment to a secondary payer.

A common question relating to this risk area is:  If the medical services provided are not covered under Medicare, but the secondary or supplemental insurer requires a Medicare rejection in order to cover the services, then would the original submission of the claim to Medicare be considered fraudulent?

Under the applicable regulations, the OIG would not consider such submissions to be fraudulent.  For example, the denial may be necessary to establish patient liability protections as stated in section 1879 of the Social Security Act (the Act) (codified at 42 U.S.C. 1395pp).  As stated, Medicare denials may also be required so that the patient can seek payment from a secondary insurer.  In instances where a claim is being submitted to Medicare for this purpose, the physician should indicate on the claim submission that the claim is being submitted for the purpose of receiving a denial, in order to bill a secondary insurance carrier.  This step should assist carriers and prevent inadvertent payments to which the physician is not entitled.

In some instances, however, the carrier pays the claim even though the service is non-covered, and even though the physician did not intend for payment to be made.  When this occurs, the physician has a responsibility to refund the amount paid and indicate that the service is not covered.

II.    Physician Relationships with Hospitals

1.  The Physician Role in EMTALA

The Emergency Medical Treatment and Active Labor Act (EMTALA), 42 U.S.C. 1395dd, is an area that has been receiving increasing scrutiny.  The statute is intended to ensure that all patients who come to the emergency department of a hospital receive care, regardless of their insurance or ability to pay.  Both hospitals and physicians need to work together to ensure compliance with the provisions of this law.

The statute imposes three fundamental requirements upon hospitals that participate in the Medicare program with regard to patients requesting emergency care.  First, the hospital must conduct an appropriate medical screening examination to determine if an emergency medical condition exists.3  Second, if the hospital determines that an emergency medical condition exists, it must either provide the treatment necessary to stabilize the emergency medical condition or comply with the statute’s requirements to effect a proper transfer of a patient whose condition has not been stabilized.

A hospital is considered to have met this second requirement if an individual refuses the hospital’s offer of additional examination or treatment, or refuses to consent to a transfer, after having been informed of the risks and benefits.

If an individual’s emergency medical condition has not been stabilized, the statute’s third requirement is activated.  A hospital may not transfer an individual with an unstable emergency medical condition unless:

(1) the individual or his or her representative makes a written request for transfer to another medical facility after being informed of the risk of transfer and the transferring hospital’s obligation under the statute to provide additional examination or treatment;
(2) a physician has signed a certification summarizing the medical risks and benefits of a transfer and certifying that, based up on the information available at the time of transfer, the medical benefits reasonably expected from the transfer outweigh the increased risks; or
(3) if a physician is not physically present when the transfer decision is made, a qualified medical person signs the certification after the physician, in consultation with the qualified medical person, has made the determination that the benefits of transfer outweigh the increased risks.  The physician must later countersign the certification.

Physician and/or hospital misconduct may result in violations of the statute.  One area of particular concern is physician on-call responsibilities.  Physician practices whose members serve as on-call emergency room physicians with hospitals are advised to familiarize themselves with the hospital’s policies regarding on-call physicians.  This can be done by reviewing the medical staff bylaws or policies and procedures of the hospital that must define the responsibility of on-call physicians to respond to, examine, and treat patients with emergency medical conditions.  Physicians should also be aware of the requirement that, when medically indicated, on-call physicians must generally come to the hospital to examine the patient.  The exception to this requirement is that a patient may be sent to see the on-call physician at a hospital-owned contiguous or on-campus facility to conduct or complete the medical screening examination as long as:

1.  all persons with the same medical condition are moved to this     location;
2.  there is a bona fide medical reason to move the patient; and
3.  qualified medical personnel accompany the patient.
4.  teaching physicians

Special regulations apply to teaching physicians’ billings.  Regulations provide that services provided by teaching physicians in teaching settings are generally payable under the physician fee schedule only if the services are personally furnished by a physician who is not a resident or the services are furnished by a resident in the presence of a teaching physician.

Unless a service falls under a specified exception, such as the Primary Care Exception, the teaching physician must be present during the key portion of any service or procedure for which payment is sought.  Physicians should ensure the following with respect to services provided in the teaching physician setting:

– only services actually provided are billed;
– every physician who provides or supervises the provision of services to a patient is responsible for the correct documentation of the services that were rendered;
– every physician is responsible for assuring that in cases where the
physician provides evaluation and management (E&M) services, a
patient’s medical record includes appropriate documentation of the
applicable key components of the E&M services provided or supervised by the physician (e.g., patient history, physician examination, and medical decision making), as well as documentation to adequately reflect the procedure or portion of the services provided by the physician; and
– unless specifically excepted by regulation, every physician must document his or her presence during the key portion of any service or procedure for which payment is sought.

2. Gainsharing Arrangements and Civil Monetary Penalties for Hospital Payments to Physicians to Reduce or Limit Services to Beneficiaries

In July 1999, the OIG issued a Special Fraud Alert on this topic, which is available on the OIG web site at www.hhs.gov/oig/frdalrt/index.htm.  The following is a summary of the Special Fraud Alert.

The term “gainsharing” typically refers to an arrangement in which a hospital gives a physician a percentage share of any reduction in the hospital’s costs for patient care attributable in part to the physician’s efforts.  The civil monetary penalty (CMP) that applies to gainsharing arrangements is set forth in 42 U.S.C. 1320a-7a(b)(1).  This section prohibits any hospital or critical access hospital from knowingly making a payment directly or indirectly to a physician as an inducement to reduce or limit services to Medicare or Medicaid beneficiaries under a physician’s care.

It is the OIG’s position that the Civil Monetary Penalties Law clearly prohibits any gainsharing arrangements that involve payments by, or on behalf of, a hospital to physicians with clinical care responsibilities to induce a reduction or limitation of services to Medicare or Medicaid beneficiaries.  However, hospitals and physicians are not prohibited from working together to
reduce unnecessary hospital costs through other arrangements.  For example, hospitals and physicians may enter into personal services contracts where hospitals pay physicians based on a fixed fee at fair market value for services rendered to reduce costs rather than a fee based on a share of cost savings.

3. Physician Incentive Arrangements

The OIG has identified potentially illegal practices involving the offering of incentives by entities in an effort to recruit and retain physicians.  The OIG is concerned that the intent behind offering incentives to physicians may not be to recruit physicians, but instead the offer is intended as a kickback to obtain and increase patient referrals from physicians.  These recruitment incentive arrangements are implicated by the Anti-Kickback Statute because they can
constitute remuneration offered to induce, or in return for, the referral of business paid for by Medicare or Medicaid.

Some examples of questionable incentive arrangements are:

– provision of free or significantly discounted billing, nursing, or other staff services.
– payment of the cost of a physician’s travel and expenses for conferences.
– payment for a physician’s services that require few, if any, substantive duties by the physician.
– guarantees that if the physician’s income fails to reach a predetermined level, the entity will supplement the remainder up to a certain amount.

III.    Physician Billing Practices

A. Third-Party Billing Services

Physicians should remember that they remain responsible to the Medicare program for bills sent in the physician’s name or containing the physician’s signature, even if the physician had no actual knowledge of a billing impropriety.  The attestation on the HCFA 1500 form, i.e., the physician’s signature line, states that the physician’s services were billed properly.  In other words, it is no defense for the physician if the physician’s billing service improperly bills
Medicare.

One of the most common risk areas involving billing services deals with physician practices contracting with billing services on a percentage basis.  Although percentage based billing arrangements are not illegal per se, the Office of Inspector General has a longstanding concern that such arrangements may increase the risk of intentional upcoding and similar abusive billing
practices.

A physician may contract with a billing service on a percentage basis.  However, the billing service can not directly receive the payment of Medicare funds into a bank account that it solely controls.  Under 42 U.S.C. 1395u(b)(6), Medicare payments can only be made to either the beneficiary or a party (such as a physician) that furnished the services and accepted assignment of the beneficiary’s claim.  A billing service that contracts on a percentage basis does not qualify as a party that furnished services to a beneficiary, thus a billing service cannot directly receive payment of Medicare funds.  According to the Medicare Carriers Manual 3060(A), a payment is considered to be made directly to the billing service if the service can convert the payment to its own use and control without the payment first passing through the control of the physician.  For example, the billing service should not bill the claims under its own name or tax identification number.  The billing service should bill claims under the physician’s name and tax identification number.  Nor should a billing service receive the payment of Medicare funds directly into a bank account over which the billing service maintains sole control.  The Medicare payments should instead be deposited into a bank account over which the provider has signature control.

Physician practices should review the third-party medical billing guidance for additional information on third-party billing companies and the compliance risk areas associated with billing companies.

B.  Billing Practices by Non-Participating Physicians

Even though nonparticipating physicians do not accept payment directly from the Medicare program, there are a number of laws that apply to the billing of Medicare beneficiaries by non-participating physicians.

Limiting Charges

42 U.S.C. 1395w-4(g) prohibits a nonparticipating physician from knowingly and willfully billing or collecting on a repeated basis an actual charge for a service that is in excess of the Medicare limiting charge.  For example, a nonparticipating physician may not bill a Medicare beneficiary $50 for an office visit when the Medicare limiting charge for the visit is $25.  Additionally, there are numerous provisions that prohibit nonparticipating physicians from knowingly and willfully charging patients in excess of the statutory charge limitations for certain specified procedures, such as cataract surgery, mammography screening and coronary artery bypass surgery.  Failure to comply with these sections can result in a fine of up to $10,000 per violation or exclusion from participation in Federal health care programs for up to five years.

Refund of Excess Charges

42 U.S.C. 1395w-4(g) mandates that if a nonparticipating physician collects an actual charge for a service that is in excess of the limiting charge, the physician must refund the amount collected above the limiting charge to the individual within 30 days notice of the violation.  For example, if a physician collected $50 from a Medicare beneficiary for an office visit, but the limiting
charge for the visit was $25, the physician must refund $25 to the beneficiary, which is the difference between the amount collected ($50) and the limiting charge ($25).  Failure to comply with this requirement may result in a fine of up to $10,000 per violation or exclusion from participation in Federal health care programs for up to five years.

42 U.S.C. 1395u(l)(A)(iii) mandates that a nonparticipating physician must refund payments received from a Medicare beneficiary if it is later determined by a Peer Review Organization or a Medicare carrier that the services were not reasonable and necessary.  Failure to comply with this requirement may result in a fine of up to $10,000 per violation or exclusion from participation in
Federal health care programs for up to five years.

C.  Professional Courtesy

The term “professional courtesy” is used to describe a number of analytically different practices.  The traditional definition is the practice by a physician of waiving all or a part of the fee for services provided to the physician’s office staff, other physicians, and/or their families.  In recent times, “professional courtesy” has also come to mean the waiver of coinsurance obligations or other out-of-pocket expenses for physicians or their families (i.e., “insurance only” billing), and similar payment arrangements by hospitals or other institutions for services provided to their medical staffs or employees.  While only the first of these practices is truly “professional courtesy,” in the interests of clarity and completeness, we will address all three.

In general, whether a professional courtesy arrangement runs afoul of the fraud and abuse laws is determined by two factors:  (i) how the recipients of the professional courtesy are selected; and (ii) how the professional courtesy is extended.  If recipients are selected in a manner that directly or indirectly takes into account their ability to affect past or future referrals, the anti-kickback statute — which prohibits giving anything of value to generate Federal health care program business — may be implicated.  If the professional courtesy is extended through a waiver of copayment obligations (i.e., “insurance only” billing), other statutes may be implicated, including the prohibition of inducements to beneficiaries, section 1128A(a)(5) of the Act (codified at 42 U.S.C. 1320a-7a(a)(5)).  Claims submitted as a result of either practice may also implicate the civil False Claims Act.

The following are general observations about professional courtesy arrangements for physician practices to consider:

– A physician’s regular and consistent practice of extending professional courtesy by waiving the entire fee for services rendered to a group of persons (including employees, physicians, and/or their family members) may not implicate any of the OIG’s fraud and abuse authorities so long as membership in the group receiving the courtesy is determined in a manner that does not take into account directly or indirectly any group member’s ability to refer to, or otherwise generate Federal health care program business for, the physician.
– A physician’s regular and consistent practice of extending professional courtesy by waiving otherwise applicable copayments for services rendered to a group of persons (including employees, physicians, and/or their family members), would not implicate the anti-kickback statute so long as membership in the group is determined in a manner that does not take into account directly or indirectly any group member’s ability to refer to, or otherwise generate Federal health care program business for, the physician.
– Any waiver of copayment practice, including that described in the preceding bullet, does implicate section 1128A(a)(5) of the Act if the patient for whom the copayment is waived is a Federal health care program beneficiary who is not financially needy.

The legality of particular professional courtesy arrangements will turn on the specific facts presented, and, with respect to the anti-kickback statute, on the specific intent of the parties.  A physician practice may wish to consult with an attorney if it is uncertain about its professional courtesy arrangements.

IV.    Other Risk Areas

1. Rental of Space in Physician Offices by Persons or Entities to which Physicians Refer

In February 2000, the OIG issued a Special Fraud Alert on this topic, which is available on the OIG web site at www.hhs.gov/oig/frdalrt/index.htm.  The following is a summary of the Special Fraud Alert.

Among various relationships between physicians and labs, hospitals, home health agencies, etc., the OIG has identified potentially illegal practices involving the rental of space in a physician’s office by suppliers that provide items or services to patients who are referred or sent to the supplier by the physician-landlord.  An example of a suspect arrangement is the rental of physician office space by a durable medical equipment (DME) supplier in a position to benefit from referrals of the physician’s patients.  The OIG is concerned that in such arrangements the rental payments may be disguised kickbacks to the physician-landlord to induce referrals.

Space Rental Safe Harbor to the Anti-Kickback Statute

To avoid potentially violating the anti-kickback statute, the OIG recommends that rental agreements comply with all of the following criteria for the space rental safe harbor:

– The agreement is set out in writing and signed by the parties.
– The agreement covers all of the space rented by the parties for the term of the agreement and specifies the space covered by the agreement.
– If the agreement is intended to provide the lessee with access to the space for periodic intervals of time rather than on a full-time basis for the term of the rental agreement, the rental agreement specifies exactly the schedule of such intervals, the precise length of each interval, and the exact rent for each interval.
– The term of the rental agreement is for not less than one year.
– The aggregate rental charge is set in advance, is consistent with fair market value, and is not determined in a manner that takes into account the volume or value of any referrals or business otherwise generated between the parties for which payment may be made in whole or in part under Medicare or a State health care program.
– The aggregate space rented does not exceed that which is reasonably necessary to accomplish the commercially reasonable business purpose of the rental.

2. Unlawful Advertising

42 U.S.C. 1320b-10 makes it unlawful for any person to advertise using the names, abbreviations, symbols, or emblems of the Social Security Administration, Health Care Financing Administration, Department of Health and Human Services, Medicare, Medicaid or any combination or variation of such words, abbreviations, symbols or emblems in a manner that such person knows or should know would convey the false impression that the advertised item is endorsed by the named entities.  For instance, a physician may not place an ad in the newspaper
that reads “Dr. X is a cardiologist approved by both the Medicare and Medicaid programs.”  A violation of this section may result in a penalty of up to $5,000 ($25,000 in the case of a broadcast or telecast) for each violation.

APPENDIX B:  CRIMINAL STATUTES

This Appendix contains a description of criminal statutes related to fraud and abuse in the context of health care.  The Appendix is not intended to be a compilation of all Federal statutes related to health care fraud and abuse.  It is merely a summary of some of the more frequently cited Federal statutes.

I.  Health Care Fraud (18 U.S.C. 1347)

Description of Unlawful Conduct

It is a crime to knowingly and willfully execute (or attempt to execute) a scheme to defraud any health care benefit program, or to obtain money or property from a health care benefit program through false representations.  Note that this law applies not only to Federal health care programs, but to most other types of health care benefit programs as well.

Penalty for Unlawful Conduct

The penalty may include the imposition of fines, imprisonment of up to 10 years, or both.  If the violation results in serious bodily injury, the prison term may be increased to a maximum of 20 years.  If the violation results in death, the prison term may be expanded to include any number of years, or life imprisonment.

Examples

1. Dr. X, a chiropractor, intentionally billed Medicare for physical therapy and chiropractic treatments that he never actually rendered for the purpose of fraudulently obtaining Medicare payments.
2. Dr. X, a psychiatrist, billed Medicare, Medicaid, TRICARE, and private insurers for psychiatric services that were provided by his nurses rather than himself.

II.  Theft or Embezzlement in Connection with Health Care (18 U.S.C. 669)

Description of Unlawful Conduct

It is a crime to knowingly and willfully embezzle, steal or intentionally misapply any of the assets of a health care benefit program.  Note that this law applies not only to Federal health care programs, but to most other types of health care benefit programs as well.

Penalty for Unlawful Conduct

The penalty may include the imposition of a fine, imprisonment of up to 10 years, or both.  If the value of the asset is $100 or less, the penalty is a fine, imprisonment of up to a year, or both.

Example

An office manager for Dr. X knowingly embezzles money from the bank account for Dr. X’s practice.  The bank account includes reimbursement received from the Medicare program; thus, intentional embezzlement of funds from this account is a violation of the law.

III.    False Statements Relating to Health Care Matters (18 U.S.C. 1035)

Description of Unlawful Conduct

It is a crime to knowingly and willfully falsify or conceal a material fact, or make any materially false statement or use any materially false writing or document in connection with the delivery of or payment for health care benefits, items or services.  Note that this law applies not only to Federal health care programs, but to most other types of health care benefit programs as well.

Penalty for Unlawful Conduct

The penalty may include the imposition of a fine, imprisonment of up to five years, or both.

Example

Dr. X certified on a claim form that he performed laser surgery on a Medicare beneficiary when he knew that the surgery was not actually performed on the patient.

IV.    Obstruction of Criminal Investigations of Health Care Offenses (18 U.S.C. 1518)

Description of Unlawful Conduct

It is a crime to willfully prevent, obstruct, mislead, delay or attempt to prevent, obstruct, mislead, or delay the communication of records relating to a Federal health care offense to a criminal investigator.  Note that this law applies not only to Federal health care programs, but to most other types of health care benefit programs as well.

Penalty for Unlawful Conduct

The penalty may include the imposition of a fine, imprisonment of up to five years, or both.

Examples

1. Dr. X instructs his employees to tell OIG investigators that Dr. X personally performs all treatments when, in fact, medical technicians do the majority of the treatment and Dr. X is rarely present in the office.
2. Dr. X was under investigation by the FBI for reported fraudulent billings.  Dr. X altered patient records in an attempt to cover up the improprieties.

V.  Mail and Wire Fraud (18 U.S.C. 1341 and 1343)

Description of Unlawful Conduct

It is a crime to use the mail, private courier, or wire service to conduct a scheme to defraud another of money or property.  The term “wire services” includes the use of a telephone, fax machine or computer.  Each use of a mail or wire service to further fraudulent activities is considered a separate crime.  For instance, each fraudulent claim that is submitted electronically to a carrier would be considered a separate violation of the law.

Penalty for Unlawful Conduct

The penalty may include the imposition of a fine, imprisonment of up to five years, or both.

Examples

1. Dr. X knowingly and repeatedly submits electronic claims to the Medicare carrier for office visits that he did not actually provide to Medicare beneficiaries with the intent to obtain payments from Medicare for services he never performed.
2. Dr. X, a neurologist, knowingly submitted claims for tests that were not reasonable and necessary and intentionally upcoded office visits and electromyograms to Medicare.

VI.    Criminal Penalties for Acts Involving Federal Health Care Programs
(42 U.S.C. 1320a-7b)

Description of Unlawful Conduct

False Statement and Representations

It is a crime to knowingly and willfully:

1)  make, or cause to be made, false statements or representations in applying for benefits or payments under all Federal health care programs;
2)  make, or cause to be made, any false statement or representation for use in determining rights to such benefit or payment;
3)  conceal any event affecting an individual’s initial or continued right to receive a benefit or payment with the intent to fraudulently receive the benefit or payment either in an amount or quantity greater than that which is due or authorized;
4)  convert a benefit or payment to a use other than for the use and benefit of the person for whom it was intended;
5)  present, or cause to be presented, a claim for a physician’s service when the service was not furnished by a licensed physician;
6)  for a fee, counsel an individual to dispose of assets in order to become eligible for medical assistance under a State health program, if disposing of the assets results in the imposition of an ineligibility period for the individual.

Anti-Kickback Statute

It is a crime to knowingly and willfully solicit, receive, offer, or pay remuneration of any kind  (e.g., money, goods, services):

– for the referral of an individual to another for the purpose of supplying items or services that are covered by a Federal health care program; or
– for purchasing, leasing, ordering, or arranging for any good, facility, service, or item that is covered by a Federal health care program.

There are a number of limited exceptions to the law, also known as “safe harbors,” which provide immunity from criminal prosecution and which are described in greater detail in the statute and related regulations (found at 42 CFR 1001.952 and www.hhs.gov/oig/ak).  Current safe harbors include:

– investment interests;
– space rental;
– equipment rental;
– personal services and management contracts;
– sale of practice;
– referral services;
– warranties;
– discounts;
– employment relationships;
– waiver of Part A co-insurance and deductible amounts;
– group purchasing organizations;
– increased coverage or reduced cost sharing under a risk-basis or prepaid plan; and
– charge reduction agreements with health plans.

Penalty for Unlawful Conduct

The penalty may include the imposition of a fine of up to $25,000, imprisonment of up to five years, or both.  In addition, the provider can be excluded from participation in Federal health care programs.  The regulations defining the aggravating and mitigating circumstances that must be reviewed by the OIG in making an exclusion determination are set forth in 42 CFR part 1001.

Examples

1. Dr. X accepted payments to sign Certificates of Medical Necessity for durable medical equipment for patients she never examined.
2. Home Health Agency disguises referral fees as salaries by paying referring physician Dr. X for services Dr. X never rendered to the Medicare beneficiaries  or by paying Dr. X a sum in excess of fair market value for the services he rendered to the Medicare beneficiaries.

APPENDIX C:  CIVIL AND ADMINISTRATIVE STATUTES

This Appendix contains a description of civil and administrative statutes related to fraud and abuse in the context of health care.  The Appendix is not intended to be a compilation of all federal statutes related to health care fraud and abuse.  It is merely a summary of some of the more frequently cited Federal statutes.

I.    The False Claims Act (31 U.S.C.  3729-3733)

Description of Unlawful Conduct

This is the law most often used to bring a case against a health care provider for the submission of false claims to a Federal health care program.  The False Claims Act prohibits knowingly presenting (or causing to be presented) to the Federal Government a false or fraudulent claim for payment or approval.  Additionally, it prohibits knowingly making or using (or causing to be made or used) a false record or statement to get a false or fraudulent claim paid or approved by the Federal Government or it agents, like a carrier, other claims processor, or State Medicaid program.

Definitions

False Claim – A “false claim” is a claim for payment for services or supplies that were not provided specifically as presented or for which the provider is otherwise not entitled to payment.  Examples of false claims for services or supplies that were not provided specifically as presented include, but are not limited to:

–  a claim for a service or supply that was never provided.
–  a claim indicating the service was provided for some diagnosis code other than the true diagnosis code in order to obtain reimbursement for the service (which would not be covered if the true diagnosis code were submitted).
–  a claim indicating a higher level of service than was actually provided.
–  a claim for a service that the provider knows is not reasonable and necessary.
–  a claim for services provided by an unlicensed individual.

Knowingly – To “knowingly” present a false or fraudulent claim means that the provider: (1) has actual knowledge that the information on the claim is false; (2) acts in deliberate ignorance of the truth or falsity of the information on the claim; or (3) acts in reckless disregard of the truth or falsity of the information on the claim.  It is important to note the provider does not have to deliberately intend to defraud the Federal Government in order to be found liable under this Act.

The provider need only “knowingly” present a false or fraudulent claim in the manner described above.

Deliberate Ignorance – To act in “deliberate ignorance” means that the provider has deliberately chosen to ignore the truth or falsity of the information on a claim submitted for payment, even though the provider knows, or has notice, that information may be false.  An example of a provider who submits a false claim with deliberate ignorance would be a physician who ignores provider update bulletins and thus does not inform his/her staff of changes in the Medicare billing guidelines or update his/her billing system in accordance with changes to the Medicare billing practices.  When claims for non-reimbursable services are submitted as a result, the False Claims Act has been violated.

Reckless Disregard – To act in “reckless disregard” means that the provider pays no regard to whether the information on a claim submitted for payment is true or false.  An example of a provider who submits a false claim with reckless disregard would be a physician who assigns the billing function to an untrained office person without inquiring whether the employee has the requisite knowledge and training to accurately file such claims.

Penalty for Unlawful Conduct

The penalty for violating the False Claims Act is a minimum of $5,500 up to a maximum of $11,000 for each false claim submitted.  In addition to the penalty, a provider could be found liable for damages of up to three times the amount unlawfully claimed.

Examples
– A physician submitted claims to Medicare and Medicaid representing that he had personally performed certain services when, in reality, the services were performed by a nonphysician and they were not reimbursable under the Federal health care programs.
– Dr. X intentionally upcoded office visits and angioplasty consultations that were submitted for payment to Medicare.
– Dr. X, a podiatrist, knowingly submitted claims to the Medicare and Medicaid programs for non-routine surgical procedures when he actually performed routine, non-covered services such as the cutting and trimming of toenails and the removal of corns and calluses.

II.  Civil Monetary Penalties Law (42 U.S.C. 1320a-7a)

Description of Unlawful Conduct

The Civil Monetary Penalties Law (CMPL) is a comprehensive statute that covers an array of fraudulent and abusive activities and is very similar to the False Claims Act.  For instance, the CMPL prohibits a health care provider from presenting, or causing to be presented, claims for services that the provider “knows or should know” were:

–  not provided as indicated by the coding on the claim;
–  not medically necessary;
–  furnished by a person who is not licensed as a physician (or who was not properly supervised by a licensed physician);
–  furnished by a licensed physician who obtained his or her license through misrepresentation of a material fact (such as cheating on a licensing exam);
–  furnished by a physician who was not certified in the medical specialty that he or she claimed to be certified in; or
–  furnished by a physician who was excluded from participation in the Federal health care program to which the claim was submitted.

Additionally, the CMPL contains various other prohibitions, including:

–  offering remuneration to a Medicare or Medicaid beneficiary that the person knows or should know is likely to influence the beneficiary to obtain items or services billed to Medicare or Medicaid from a particular provider;
–  employing or contracting with an individual or entity that the person knows or should know is excluded from participation in a Federal health care program.

The term “should know” means that a provider:  (1) acted in deliberate ignorance of the truth or falsity of the information; or (2) acted in reckless disregard of the truth or falsity of the information.  The Federal Government does not have to show that a provider specifically intended to defraud a Federal health care program in order to prove a provider violated the statute.

Penalty for Unlawful Conduct

Violation of the CMPL may result in a penalty of up to $10,000 per item or service and up to three times the amount unlawfully claimed.  In addition, the provider may be excluded from participation in Federal health care programs.  The regulations defining the aggravating and mitigating circumstances that must be reviewed by the OIG in making an exclusion determination are set forth in 42 CFR part 1001.

Examples

1. Dr. X paid Medicare and Medicaid beneficiaries $20 each time they visited him to receive services and have tests performed that were not preventive care services and tests.
2. Dr. X hired Physician Assistant P to provide services to Medicare and Medicaid beneficiaries without conducting a background check on P.  Had Dr. X performed a background check by reviewing the HHS-OIG List of Excluded Individuals/Entities, Dr. X would have discovered that he should not hire P because P is excluded  from participation in Federal health care programs for a period of five years.
3. Dr. X and his oximetry company billed Medicare for pulse oximetry that they knew they did not perform and services that had been intentionally upcoded.

III.    Limitations on Certain Physician Referrals (“Stark Laws”) (42 U.S.C. 1395nn)

Description of Unlawful Conduct

Physicians (and immediate family members) who have an ownership, investment or
compensation relationship with an entity providing “designated health services” are prohibited from referring patients for these services where payment may be made by a Federal health care program unless a statutory or regulatory exception applies.  An entity providing a designated health service is prohibited from billing for the provision of a service that was provided based on a prohibited referral.  Designated health services include:  clinical laboratory services; physical therapy services; occupational therapy services; radiology services, including magnetic resonance imaging, axial tomography scans, and ultrasound services; radiation therapy services and supplies; durable medical equipment and supplies; parenteral and enteral nutrients, equipment and supplies; prosthetics, orthotics, prosthetic devices and supplies; home health services; outpatient prescription drugs; and inpatient and outpatient hospital services.

New regulations clarifying the exceptions to the Stark Laws are expected to be issued by HCFA shortly.  Current exceptions articulated within the Stark Laws include the following, provided all conditions of each exception as set forth in the statute and regulations are satisfied.

Exceptions for Ownership or Compensation Arrangements
–  physician’s services;
–  in-office ancillary services; and
–  prepaid plans.

Exceptions for Ownership or Investment in Publicly Traded Securities and Mutual Funds
–  ownership of investment securities which may be purchased on terms generally available to the public;
–  ownership of shares in a regulated investment company as defined by Federal law, if such company had, at the end of the company’s most recent fiscal year, or on average, during the previous three fiscal years, total assets exceeding $75,000,000;
–  hospital in Puerto Rico;
–  rural provider; and
–  hospital ownership (whole hospital exception).

Exceptions Relating to Other Compensation Arrangements
–  rental of office space and rental of equipment;
–  bona fide employment relationship;
–  personal service arrangement;
–  remuneration unrelated to the provision of designated health services;
–  physician recruitment;
–  isolated transactions;
–  certain group practice arrangements with a hospital (pre-1989); and
–  payments by a physician for items and services

Penalty for Unlawful Conduct

Violations of the statute subject the billing entity to denial of payment for the designated health services, refund of amounts collected from improperly submitted claims, and a civil monetary penalty of up to $15,000 for each improper claim submitted.  Physicians who violate the statute may also be subject to additional fines per prohibited referral.  In addition, providers that enter into an arrangement that they know or should know circumvents the referral restriction law may be subject to a civil monetary penalty of up to $100,000 per arrangement.

Examples

1. Dr. A worked in a medical clinic located in a major city.  She also owned a free standing laboratory located in a major city.  Dr. A referred all orders for laboratory tests on her patients to the laboratory she owned.
2. Dr. X agreed to serve as the Medical Director of Home Health Agency, HHA, for which he was paid a sum substantially above the fair market value for his services.  In return, Dr. X routinely referred his Medicare and Medicaid patients to HHA for home health services.
3. Dr. Y received a monthly stipend of $500 from a local hospital to assist him in meeting practice expenses.  Dr. Y performed no specific service for the stipend and had no obligation to repay the hospital.  Dr. Y referred patients to the hospital for in-patient surgery.

IV.    Exclusion of Certain Individuals and Entities From Participation in
Medicare and other Federal Health Care Programs (42 U.S.C. 1320a-7)

Mandatory Exclusion

Individuals or entities convicted of the following conduct must be excluded from participation in Medicare and Medicaid for a minimum of five years:

1) a criminal offense related to the delivery of an item or service under Medicare or Medicaid;
2) a conviction under Federal or State law of a criminal offense relating to the neglect or abuse of a patient;
3) a conviction under Federal or State law of a felony relating to fraud, theft, embezzlement, breach of fiduciary responsibility or other financial misconduct against a health care program financed by any Federal, State, or local government agency;
4) a conviction under Federal or State law of a felony relating to the unlawful manufacture, distribution, prescription, or dispensing of a controlled substance.

If there is one prior conviction, the exclusion will be for ten years.  If there are two prior convictions, the exclusion will be permanent.

Permissive Exclusion

Individuals or entities convicted of the following offenses, may be excluded from participation in Federal health care programs for a minimum of three years:

1) a criminal offense related to the delivery of an item or service under Medicare or Medicaid;
2) a misdemeanor related to fraud, theft, embezzlement, breach of fiduciary responsibility or other financial misconduct against a health care program financed by any Federal, State, or local government agency;
3) interference with, or obstruction of, any investigation into certain criminal offenses;
4) a misdemeanor related to the unlawful manufacture, distribution, prescription or dispensing of a controlled substance;
5) exclusion or suspension under a Federal or State health care program;
6) submission of claims for excessive charges, unnecessary services or services that were of a quality that fails to meet professionally recognized standards of health care;
7) violating the Civil Monetary Penalties Law or the statute entitled “Criminal Penalties for Acts Involving Federal Health Care Programs;”
8) ownership or control of an entity by a sanctioned individual or immediate family member (spouse, natural or adoptive parent, child, sibling, stepparent, stepchild, stepbrother or stepsister, in-laws, grandparent and grandchild);
9) failure to disclose information required by law;
10) failure to supply claims payment information; and
11) defaulting on health education loan or scholarship obligations.

The above list of offenses is not all inclusive.  Additional grounds for permissive exclusion are detailed in the statute.

Examples
1. Nurse R was excluded based on a conviction involving obtaining dangerous drugs by forgery.  She also altered prescriptions that were given for her own health problems before she presented them to the pharmacist to be filled.
2. Practice T was excluded due to its affiliation with its excluded owner.  The practice owner, excluded from participation in the Federal health care programs for soliciting and receiving illegal kickbacks, was still participating in the day-to-day operations of the practice after his exclusion was effective.

APPENDIX D:  OIG-HHS CONTACT INFORMATION

I. OIG Hotline Number

One method for providers to report potential fraud, waste, and abuse problems is to contact the OIG Hotline number.  All HHS and contractor employees have a responsibility to assist in combating fraud, waste and abuse in all departmental programs.  As such, providers are encouraged to report matters involving fraud, waste and mismanagement in any departmental program to the OIG.  The OIG maintains a hotline that offers a confidential means for reporting these matters.

Contacting the OIG Hotline
By Phone:    1-800-HHS-TIPS (1-800-447-8477)
By E-Mail:    HTips@os.dhhs.gov
By Mail:    Office of Inspector General
Department of Health and Human Services
Attn:    HOTLINE
330 Independence Ave., S.W.
Washington, D.C. 20201

When contacting the Hotline, please provide the following information to the best of your ability:

– Type of Complaint:
Medicare Part A
Medicare Part B
Indian Health Service
TRICARE
Other (please specify)
– HHS Department or program being affected by your allegation of fraud, waste,
abuse/mismanagement:
– Health Care Financing Administration (HCFA)
Indian Health Service
Other (please specify)

Please provide the following information.  (However, if you would like your referral to be submitted anonymously, please indicate such in your correspondence or phone call.)

Your Name
Your Street Address
Your City/County
Your State
Your Zip Code
Your email Address

– Subject/Person/Business/Department that allegation is against.

Name of Subject
Title of Subject
Subject’s Street Address
Subject’s City/County
Subject’s State
Subject’s Zip Code

Please provide a brief summary of your allegation and the relevant facts.

II.  Provider Self-Disclosure Protocol

The recommended method for a provider to contact the OIG regarding potential fraud or abuse issues that may exist in the provider’s own organization is through the use of the Provider Self-Disclosure Protocol.  This program encourages providers to voluntarily disclose irregularities in their dealings with Federal health care programs.  While voluntary disclosure under the protocol does not guarantee a provider protection from civil, criminal, or administrative actions, the fact that a provider voluntarily disclosed possible wrongdoing is a mitigating factor in OIG’s recommendations to prosecuting agencies.  Although other agencies may not have formal policies offering immunity or mitigation for self-disclosure, they typically view self-disclosure
favorably for the self-disclosing entity.  Self-reporting offers providers the opportunity to minimize the potential cost and disruption of a full-scale audit and investigation, to negotiate a fair monetary settlement, and to avoid an OIG permissive exclusion preventing the provider from doing business with Federal health care programs.  In addition, if the provider is obligated to enter into an Integrity Agreement (IA) as part of the resolution of a voluntary disclosure, there are three benefits the provider might receive as a result of self-reporting:

– If the provider has an effective compliance program and agrees to maintain its compliance program as part of the False Claims Act settlement, the OIG may not even require an IA;
– In cases where the provider’s own audits detected the disclosed problem, the OIG may consider alternatives to the IA’s auditing provisions.  The provider may be able to perform some or all of its billing audits through internal auditing methods rather than be required to retain an independent review organization to perform the billing review; and
– Self-disclosing can help to demonstrate a provider’s trustworthiness to the OIG and may result in the OIG determining that it can sufficiently safeguard the Federal health care programs through an IA without the exclusion remedy for a material breach, which is typically included in an IA.

Specific instructions on how a physician practice can submit a voluntary disclosure under the Provider Self-Disclosure Protocol can be found on the OIG’s internet site at www.hhs.gov/oig or in the Federal Register at 63 FR 58399 (1998).  A physician practice may, however, wish to consult with an attorney prior to submitting a disclosure to the OIG.

The Provider Self-Disclosure Protocol can also be a useful tool for baseline audits.  The protocol details the OIG’s views on the appropriate elements of an effective investigative and audit plan for providers.  Physician practices can use the self-disclosure protocol as a model for conducting audits and self-assessments.

In relying on the protocol for audit design and sample selection, a physician practice should pay close attention to the sections on self-assessment and sample selection.  These two sections provide valuable guidance regarding how these two functions should be performed.

The self-assessment section of the protocol contains information that can be applied to audit design.  Self-assessment is an internal financial assessment to determine the monetary impact of the matter.  The approach of a review can include reviewing either all claims affected or a statistically valid sample of the claims.

Sample selection must include several elements.  These elements are drawn from the government sampling program known as RAT-STATS.  All of these elements are set forth in more detail in the Provider Self-Disclosure Protocol, but the elements are (1) sampling unit, (2) sampling frame, (3) probe, (4) sample size, (5) random numbers, (6) sample design and (7) missing sample items.  All of these sampling items should be clearly documented by the physician practice and
compiled in the format set forth in the Provider Self-Disclosure Protocol.  Use of the format set forth in the Provider Self-Disclosure Protocol will help physician practices to ensure that the elements of their internal audits are in conformance with OIG standards.

APPENDIX E:  CARRIER CONTACT INFORMATION

Medicare

A complete list of contact information (address, phone number, email address) for Medicare Part A Fiscal Intermediaries, Medicare Part B Carriers, Regional Home Health Intermediaries, and Durable Medical Equipment Regional Carriers can be found on the HCFA web site at www.hcfa.gov/medicare/incardir.htm.

Medicaid

Contact information (address, phone number, email address) for each State Medicaid carrier can be found on the HCFA web site at www.hcfa.gov/medicaid/mcontact.htm.  In addition to a list of Medicaid carriers, the web site includes contact information for each State survey agency and the
HCFA Regional Offices.

Contact information for each State Medicaid Fraud Control Unit can be found on the OIG web site at www.hhs.gov/oig/oi/mfcu/index.htm.

APPENDIX F:  INTERNET RESOURCES

Office of Inspector General – U.S. Department of Health and Human Services
www.hhs.gov/oig

This web site includes a variety of information relating to Federal health care programs, including the following:

Advisory Opinions
Anti-kickback Information
Compliance Program Guidance
Corporate Integrity Agreements
Fraud Alerts
Links to web pages for the:
Office of Audit Services (OAS)
Office of Evaluation and Inspections (OEI)
Office of Investigations (OI)

OIG List of Excluded Individuals/Entities
OIG News
OIG Regulations
OIG Semi-Annual Report
OIG Workplan

Health Care Financing Administration
www.hcfa.gov

This web site includes information on a wide array of topics, including the following:

Medicare

National Correct Coding Initiative
Intermediary-Carrier Directory
Payment
Program Manuals
Program Transmittals & Memorandum
Provider Billing/HCFA Forms
Statistics and Data

Medicaid

HCFA Regional Offices
Letters to State Medicaid Directors
Medicaid Hotline Numbers
Policy & Program Information
State Medicaid Contacts

State Medicaid Manual
State Survey Agencies
Statistics and Data

HCFA Medicare Training
www.hcfa.gov/medlearn

This site provides computer-based training on the following topics:

HCFA 1500 Form
Fraud & Abuse
ICD-9-CM Diagnosis Coding
Adult Immunization
Medicare Secondary Payer (MSP)
Women’s Health
Front Office Management
Introduction to the World of Medicare
Home Health Agency
HCFA 1450 (UB92)

Government Printing Office
www.access.gpo.gov

This site provides access to Federal statutes and regulations pertaining to Federal health care
programs.

The U.S. House of Representatives Internet Library

uscode.house.gov/usc.htm

This site provides access to the United States Code, which contains laws pertaining to Federal health care programs.

For the purpose of this guidance, the term “physician” is defined as:  (1) a doctor of medicine or osteopathy; (2) a doctor of dental surgery or of dental medicine; (3) a podiatrist; (4) an optometrist; or (5) a chiropractor, all of whom must be appropriately licensed by the State.  42 U.S.C. 1395x(r).
Much of this guidance can also apply to other independent practitioners, such as psychologists, physical therapists, speech language pathologists, and occupational therapists.

Currently, the OIG has issued compliance program guidance for the following eight industry sectors:  hospitals, clinical laboratories, home health agencies, durable medical equipment suppliers, third-party medical billing companies, hospices, Medicare+Choice organizations offering coordinated care plans, and nursing facilities.  The guidance listed here and referenced in this document is available on the OIG web site at http://www.hhs.gov/oig in the Electronic Reading Room or by calling the OIG Public Affairs office at (202) 619-1343.
The OIG has issued Advisory Opinions responding to specific inquiries concerning the application of the OIG’s authorities, in particular, the anti-kickback statute, and Special Fraud Alerts setting forth activities that raise legal and enforcement issues.  These documents, as well as reports from the OIG’s Office of Audit Services and Office of Evaluation and Inspections can
be obtained via the Internet address or phone number provided in Footnote 3.  Physician practices can also review the Health Care Financing Administration (HCFA) web site on the Internet at http://www.hcfa.gov, for up-to-date regulations, manuals, and program memoranda related to the Medicare and Medicaid programs.
31 U.S.C. 3729.
42 U.S.C. 1320a-7a.
See Appendix D.II. referencing the Provider Self-Disclosure Protocol for information on how to conduct a baseline audit.

Physician practices with laboratories or arrangements with third-party billing companies can also check the risk areas included in the OIG compliance program guidance for those industries.
The OIG and HCFA are working to compile a list of basic documents issued by both entities that could be included in such a binder.  We expect to complete this list later this fall, and will post it on the OIG and HCFA web sites as well as publicize this list to physician organizations and representatives (information on how to contact the OIG is contained in Footnote 3; HCFA information can be obtained at www.hcfa.gov/medlearn or by calling 1-800-
MEDICARE).

Physician practices seeking additional guidance on potential risk areas can review the OIG’s Work Plan to identify vulnerabilities and risk areas on which the OIG will focus in the future.  In addition, physician practices can also review the OIG’s semiannual reports, which identify program vulnerabilities and risk areas that the OIG has targeted during the preceding six months.  All of these documents are available on the OIG’s webpage at http://www.hhs.gov/oig.
Appendix A of this document lists additional risk areas that a physician practice may want to review and incorporate into their practice standards and procedures.
For example, Dr. X, an ophthalmologist, billed for laser surgery he did not perform.  As one element of proof, he did not even have laser equipment or access to such equipment at the place of service designated on the claim form where he performed the surgery.

Billing for services, supplies and equipment that are not reasonable and necessary involves seeking reimbursement for a service that is not warranted by a patient’s documented medical condition.  See 42 U.S.C. 1395i(a)(1)(A)  (“no payment may be made under part A or part B [of Medicare] for any expenses incurred for items or services which . . . are not reasonable and necessary for the diagnosis or treatment of illness or injury or to improve the functioning of the malformed body member”).  See also Appendix A for further discussion on this topic.

Double billing occurs when a physician bills for the same item or service more than once or another party billed the Federal health care program for an item or service also billed by the physician.  Although duplicate billing can occur due to simple error, the knowing submission of duplicate claims — which is sometimes evidenced by systematic or repeated double billing — can create liability under criminal, civil, and/or administrative law.
For example, Dr. Y bills Medicare using a covered office visit code when the actual service was a non-covered annual physical.  Physician practices should remember that “necessary” does not always constitute ?covered? and that this example is a misrepresentation of services to the Federal health care programs.
An example of this is when the practice bills for a service performed by Dr. B, who has not yet been issued a Medicare provider number, using Dr. A’s Medicare provider number.
Physician practices need to bill using the correct Medicare provider number, even if that means delaying billing until the physician receives his/her provider number.

Unbundling is the practice of a physician billing for multiple components of a service that must be included in a single fee.  For example, if dressings and instruments are included in a fee for a minor procedure, the provider may not also bill separately for the dressings and instruments.
A modifier, as defined by the CPT-4 manual, provides the means by which a physician practice can indicate a service or procedure that has been performed has been altered by some specific circumstance, but not changed in its definition or code.  Assuming the modifier is used correctly and appropriately, this specificity provides the justification for payment for those services.  For correct use of modifiers, the physician practice should reference the appropriate sections of the Medicare Provider Manual.  See Medicare Carrier Manual sec. 4630.  For general information on the correct use of modifiers, a physician practice can consult the National Correct Coding Initiative (NCCI).  See Appendix F for information on how to download the NCCI edits.

The NCCI coding edits are updated on a quarterly basis and are used to process claims and determine payments to physicians.
This is the practice of coding/charging one or two middle levels of service codes exclusively, under the philosophy that some will be higher, some lower, and the charges will average out over an extended period (in reality, this overcharges some patients while undercharging others).
Upcoding is billing for a more expensive service than the one actually performed.  For example, Dr. X intentionally bills at a higher evaluation and management (E&M) code than what he actually renders to the patient.
The official coding guidelines are promulgated by HCFA, the National Center for Health Statistics, the American Hospital Association, the American Medical Association and the American Health Information Management Association.  See International Classification of Diseases, 9th Revision, Clinical Modification (ICD-9 CM)(and its successors); 1998 Health Care Financing Administration Common Procedure Coding System (HCPCS) (and its successors); and Physicians’ CPT.  In addition, there are specialized coding systems for specific segments of the health care industry.  Among these are ADA (for dental procedures), DSM IV (psychiatric health benefits) and DMERCs (for durable medical equipment, prosthetics, orthotics and supplies).
The failure of a physician practice to:  (i) document items and services rendered; and (ii) properly submit the corresponding claims for reimbursement is a major area of potential erroneous or fraudulent conduct involving Federal health care programs.  The OIG has undertaken numerous audits, investigations, inspections and national enforcement initiatives in these areas.
“ . . . for the diagnosis or treatment of illness or injury or to improve the functioning of a malformed body member.”  42 U.S.C. 1395y(a)(1)(A).
For additional information on proper documentation, physician practices should also reference the Documentation Guidelines for Evaluation and Management Services, published by HCFA.  Currently, physicians may document based on the 1995 or 1997 E&M Guidelines, whichever is most advantageous to the physician.  A new set of draft guidelines were announced in June 2000, and are undergoing pilot testing and revision, but are not in current use.

The anti-kickback statute provides criminal penalties for individuals and entities that knowingly offer, pay, solicit, or receive bribes or kickbacks or other remuneration in order to induce business reimbursable by Federal health care programs.  See 42 U.S.C. 1320a-7b(b).
Civil penalties, exclusion from participation in the Federal health care programs, and civil False Claims Act liability may also result from a violation of the prohibition.  See 42 U.S.C. 1320a-7a(a)(5), 42 U.S.C. 1320a-7(b)(7), and 31 U.S.C. 3729-3733.

The physician self-referral law, 42 U.S.C. 1395nn (also known as the “Stark law”), prohibits a physician from making a referral to an entity with which the physician or any member of the physician’s immediate family has a financial relationship if the referral is for the furnishing of designated health services, unless the financial relationship fits into an exception set forth in
the statute or implementing regulations.
See Appendix B for additional information on the anti-kickback statute.
The OIG’s definition of “fair market value” excludes any value attributable to referrals of Federal program business or the ability to influence the flow of such business.  See 42 U.S.C. 1395nn(h)(3).  Adhering to the rule of keeping business arrangements at fair market value is not a guarantee of legality, but is a highly useful general rule.
See 42 U.S.C. 1320a-7a(a)(5).

In the OIG Special Fraud Alert “Routine Waiver of Part B Co-payments/ Deductibles” (May 1991), the OIG describes several reasons why routine waivers of these cost-sharing amounts pose concerns.  The Alert sets forth the circumstances under which it may be appropriate to waive these amounts.  See also 42 U.S.C. 1320a-7a(a)(5).

All physician contracts and agreements with parties in a position to influence Federal health care program business or to whom the doctor is in such a position to influence should be reviewed to avoid violation of the anti-kickback, self-referral, and other relevant Federal and State laws.  The OIG has published safe harbors that define practices not subject to the anti-kickback statute, because such arrangements would be unlikely to result in fraud or abuse.  Failure to comply with a safe harbor provision does not make an arrangement per se illegal.  Rather, the safe harbors set forth specific conditions that, if fully met, would assure the entities involved of not being prosecuted or sanctioned for the arrangement qualifying for the safe harbor.  One such safe harbor applies to personal services contracts.  See 42 CFR 1001.952(d).

See OIG Special Fraud Alert “Joint Venture Arrangements” (August 1989) available on the OIG web site at http://www.hhs.gov/oig.  See also OIG Advisory Opinion 97-5.

Physician practices should establish clear standards and procedures governing gift-giving because such exchanges may be viewed as inducements to influence business decisions.  There are various Federal regulations governing the privacy of patient records and the retention of certain types of patient records.  Many states also have record retention statutes. Practices should check with their state medical society and/or affiliated professional association for assistance in ascertaining these requirements for their particular specialty and location.

The HHS-OIG “List of Excluded Individuals/Entities” provides information to health care providers, patients, and others regarding individuals and entities that are excluded from participation in Federal health care programs.  This report, in both an on-line searchable and downloadable database, can be located on the Internet at http://www.hhs.gov/oig.  The OIG sanction information is readily available to users in two formats on over 15,000 individuals and
entities currently excluded from program participation through action taken by the OIG.  The on-line searchable database allows users to obtain information regarding excluded individuals and entities sorted by:  (1) the legal bases for exclusions; (2) the types of individuals and entities excluded by the OIG; and (3) the States where excluded individuals reside or entities do business.  In addition, the General Services Administration maintains a monthly listing of
debarred contractors, “List of Parties Debarred from Federal Programs,” at
http://www.arnet.gov/epls.

HCFA also offers free online training for general fraud and abuse issues at
http://www.hcfa.gov/medlearn.  See Appendix F for additional information.
As noted earlier in this guidance, another way for physician practices to receive training is for the physicians and/or the employees of the practice to attend training programs offered by outside entities, such as a hospital, a local medical society or a carrier.  This sort of collaborative effort is an excellent way for the practice to meet the desired training objective without having to expend the resources to develop and implement in-house training.

Some publications, such as OIG’s Special Fraud Alerts, audit and inspection reports, and Advisory Opinions are readily available from the OIG and can provide a basis for educational courses and programs for physician practice employees.  See Appendix F for a partial listing of these documents.  See Footnote 3 for information on how to obtain copies of these documents.

Currently, the OIG is monitoring a significant number of corporate integrity agreements that require many of these training elements.  The OIG usually requires a minimum of one hour annually for basic training in compliance areas.  Additional training may be necessary for specialty fields such as claims development and billing.
Instances of noncompliance must be determined on a case-by-case basis.  The existence or amount of a monetary loss to a health care program is not solely determinative of whether the conduct should be investigated and reported to governmental authorities.  In fact, there may be instances where there is no readily identifiable monetary loss to a health care provider, but corrective actions are still necessary to protect the integrity of the applicable program and its beneficiaries, e.g., where services required by a plan of care are not provided.
The physician practice may seek advice from its legal counsel to determine the extent of the practice’s liability and to plan the appropriate course of action.

The OIG has established a Provider Self-Disclosure Protocol that encourages providers to voluntarily report suspected fraud.  The concept of voluntary self-disclosure is premised on a recognition that the Government alone cannot protect the integrity of the Medicare and other Federal health care programs.  Health care providers must be willing to police themselves,
correct underlying problems, and work with the Government to resolve these matters.  The Provider Self-Disclosure Protocol can be located on the OIG’s web site at: www.hhs.gov/oig.
See Appendix D for further information on the Provider Self-Disclosure Protocol.

In addition to whatever other method of communication is being utilized, the OIG recommends that physician practices post the HHS-OIG Hotline telephone number (1-800-HHS-TIPS) in a prominent area.

1  HCFA has recently developed a web site which, when completed by the end of the year 2000, will contain the LMRPs for each of the contractors across the country.  The web site can be accessed at http://www.lmrp.net.
2  The relevant manual provisions are located at MCM, Part III, sections 7300 and 7320.  This section of the manual also includes the carrier’s recommended form of an ABN.
3  See 42 U.S.C. 1395dd(a).
4  See 42 U.S.C. 1395dd(b)(1).
5  See 42 U.S.C. 1395dd(b)(2) and (3).
6  See 42 U.S.C. 1395dd(c)(1)(A).
7  Hospitals and physicians, including on-call physicians, who violate the statute may face penalties that include civil fines of up to $50,000 (or not more than $25,000 in the case of a hospital with less than 100 beds) per violation, and physicians may be excluded from participation in the Federal health care programs.
8  42 CFR 415.150 through 415.190.
9  42 CFR 415.174
10  Id.
11  This section is not intended to be and is not a complete reference for teaching physicians.  It is strongly recommended that those physicians who practice in a teaching setting consult their respective hospitals for more guidance.
12  This concern is noted in Advisory Opinion No. 98-4 and also the Office of Inspector General Compliance Program Guidance for Third-Party Medical Billing Companies.  Both are available on the OIG web site at http://www.hhs.gov/oig.   Also available through the OIG web site at http://www.hhs.gov/oas/ratstat.html.