Tag: Compliance

CMS Updates Amid COVID-19 Pandemic

CMS announced that they will allow providers to practice across state lines, to the fullest extent of their license. 

Amid the COVID-19 Pandemic, CMS has relaxed it’s guidelines several times. In March, the Centers for Medicare and Medicaid Services expanded their telehealth coverage to enable more patients to get virtual care services from their providers.

On Thursday of last week (April 9th), the CMS temporarily suspended a number of rules and regulations, making it possible for providers to practice across state lines at the top of their license. “These changes affect doctors, nurses, and other clinicians nationwide, and focus on reducing supervision and certification requirements so that practitioners can be hired quickly and perform work to the fullest extent of their licenses.”

“It’s all hands on deck during this crisis,” said CMS Administrator Seema Verma. “All frontline medical professionals need to be able to work at the highest level they were trained for. CMS is making sure there are no regulatory obstacles to increasing the medical workforce to handle the patient surge during the COVID pandemic.”

For more information, please review this press release from CMS detailing how this may affect you, your facility, and your clients and partners.

OIG Code Descriptions

How do we understand the Office of Inspector General (“OIG”) and the different codes that they use?  Codes are used for many purposes, and OIG uses many different codes for many different things. When we see codes, we look at it and say something like “what does that mean?”  We want to focus on codes that OIG uses for excluded individuals, or individuals who have been excluded from Medicare, Medicaid, and other state and federal healthcare programs. We hope this makes it so that the next time you see a code by someone’s name, you will understand why they have been excluded. There are 2 categories of exclusions we will talk about. Mandatory and Permissive exclusions.

Mandatory Exclusions: OIG is required by law to exclude the person or entity from all federal healthcare programs. Mandatory Exclusions can be imposed only for these 6 reasons:

  • 1128(a)(1): This code means that the person or entity has been convicted for a program related crime. The exclusion will last for a minimum of 5 years. 
  • 1128(a)(2): This code means that the person or entity has been convicted for something related to patient abuse or neglect. The exclusion will last for a minimum of 5 years.
  • 1128(a)(3): This code means that the person or entity has been convicted for something related to health care fraud. The exclusion will last for a minimum of 5 years. 
  • 1128(a)(4): This code means that the person or entity has been convicted for something related to a controlled substance. The exclusion will last for a minimum of 5 years.
  • 1128(c)(30(G)(i): This code means that the person or entity has been convicted for a 2nd time. The exclusion will last for a minimum of 10 years.
  • 1128(c)(3)(G)(ii): This code means the person or entity has been convicted 3 or more times. The exclusion will be permanent. 

Permissive Exclusions: OIG can choose for themselves to exclude people and entities. These are all the reasons they can choose to exclude an individual or entity: 

  • 1128(b)(1)(A): This code means that the person or entity has had a misdemeanor conviction that is related to health care fraud. The exclusion will have a Baseline period of 3 years (Starting point to check progress of the individual or entity).
  • 1128(b)(1)(B): This code means that the person or entity has been convicted for fraudulent activity in non-health care programs. The exclusion will have a Baseline period of 3 years (Starting point to check progress of the individual or entity).
  • 1128(b)(2) This code means that the person or entity has been convicted for obstruction of an audit or an investigation. The exclusion will have a Baseline period of 3 years (Starting point to check progress of the individual or entity).
  • 1128(b)(3) This code means that the person or entity has had a misdemeanor related to a controlled substance. The exclusion will have a Baseline period of 3 years (Starting point to check progress of the individual or entity).
  • 1128(b)(4) This code means that the person or entity’s license has been revoked, suspended, or surrendered. The exclusion will last however long the state license authority imposes.
  • 1128(b)(5) This code means that the person or entity has been excluded or suspended under a state or federal health care program. The exclusion will last no less than whatever the state or federal program imposes. 
  • 1128(b)(6) This code means that the person or entity claims for excessive charges, unnecessary services or services that fail to meet professionally recognized standards of healthcare, or failure of an HMO (Health Maintenance Organization) to furnish medically necessary services. The exclusion period will last for a minimum of 1 year. 
  • 1128(b)(7) This code means that the person or entity has commited fraud, kickback (bribery), or other activities that are prohibited. The exclusion period has no minimum.
  • 1128(b)(8) This code means that there is an entity that is being controlled by a sanctioned person. The exclusion period minimum is the same length as the exclusion of the individual. 
  • 1128(b)(8)(A) This code means that the entity is being controlled by a family or household member of an individual who has been excluded and the ownership or control of the entity has been transferred or passed to someone else. The exclusion period minimum is the same length as the exclusion of the individual. 
  • 1128(b)(9), (10), and (11) This code means that the person or entity failed to disclose required information, supply the requested information on suppliers and subcontractors, or supply the payment information. The exclusion period has no minimum. 
  • 1128(b)(12) This code means that the person or entity failed to grant immediate access. The exclusion period has no minimum.
  • 1128(b)(13) This code means that the person or entity failed to take corrective action. The exclusion period has no minimum.
  • 1128(b)(14) This code means that a person or entity defaulted on their education loans or scholarship obligations. The exclusion period minimum is until the default or obligation has been resolved. 
  • 1128(b)(15) This code means that a person is controlling a sanctioned entity. The exclusion period minimum is the same length as the exclusion of the entity. 
  • 1128(b)(16) This code means that a person or entity is making false statements or misrepresenting material facts. The exclusion period has no minimum. 
  • 1156 This code means that the person or entity failed to meet statutory obligations of practitioners and providers to provide medical services that meet professionally recognized standards of healthcare. The exclusion period minimum is 1 year. 

We hope that after reading this that OIG codes make more sense to you now. We don’t expect you to memorize them but we do hope that these help you when it comes to choosing an individual or entity for a job or other things related to healthcare. 

References:

  1. https://oig.hhs.gov/exclusions/authorities.asp
  2. https://oig.hhs.gov/exclusions/background.asp

Compliance Best Practices

Monitoring excluded providers on an ongoing basis will alert organizations to potential risk of the Office of Inspector General (“OIG”) enforcement.  Once an excluded provider is identified on the List of Excluded Individuals/Entities (“LEIE”) by the OIG, the healthcare organization can take appropriate steps to mitigate and minimize civil monetary penalties (“CMP”) exposure.

Given the nature of the LEIE information, the following best practices will help organizations verify appropriate, actionable data:

  • The LEIE database is updated on a monthly basis so monitoring should occur at least monthly.
  • Because the OIG Database includes only the name known to OIG at the time the individual was excluded, any former names used by the individual (e.g., maiden name, previous married name, etc.) should be searched in addition to the individual’s current name.
  • An individual with a hyphenated name should be checked under each of the last names in the hyphenated name (e.g., Jane Smith-Jones should be checked under Jane Smith and Jane Jones, in addition to Jane Smith-Jones).
  • An organization should maintain documentation of the initial name search performed and any additional searches conducted in order to verify results of potential name matches.
  • Always remember to take the final step of identity verification using the Social Security Number (SSN) for an individual or Employer Identification Number (EIN) for an entity if available. It is not sufficient to simply find a matching name on the LEIE.
  • If a search result does not contain a DOB, UPIN, NPI, EIN, or SSN, it is not available from OIG. Organization may contact the OIG Exclusions Branch to determine if there is any other information available.(1)
  • The OIG recommends that to determine which persons should be screened against the LEIE, the provider should review each job category or contractual relationship to determine whether the item or service being provided is directly or indirectly, in whole or in part, payable by a Federal health care program. If the answer is yes, then the best mechanism for limiting CMP liability is to screen all persons that perform under that contract or that are in that job category.  Providers should determine whether or not to screen contractors, subcontractors, and the employees of contractors using the same analysis that they would for their own employees.(2)

References:

  1. https://oig.hhs.gov/exclusions/tips.asp
  2. https://oig.hhs.gov/exclusions/files/sab-05092013.pdf

OIG Compliance is the Key

When a healthcare organization is found to not be in compliance with laws or regulations, corporate integrity agreements (“CIA”) and civil monetary penalties (“CMP”) may be the unintended consequences.

Beginning in September 1999, the United States Department of Health and Human Services (“HHS”) and the Office of Inspector General (“OIG”) embarked on an initiative to prevent the submission of erroneous claims and combat fraud and abuse in the Federal health care programs through voluntary compliance efforts.  Submitting a false claim, or causing a false claim to be submitted, to a Federal health care program may subject the individual, the entity, or both to criminal prosecution, civil liability (including treble damages and penalties) under the False Claims Act, and exclusion from participation in Federal health care programs.(1)  

The OIG has the authority to exclude individuals and entities from Federally funded health care programs for a variety of reasons, including a conviction for Medicare or Medicaid fraud.  Those that are excluded can receive no payment from Federal healthcare programs for any items or services they furnish, order, or prescribe.  This includes those that provide health benefits funded directly or indirectly by the United States (other than the Federal Employees Health Benefits Plan).

The OIG maintains a list of all currently excluded individuals and entities called the List of Excluded Individuals/Entities (“LEIE”).  Anyone who hires an individual or entity on the LEIE may be subject to civil monetary penalties (“CMP”).  To avoid CMP liability, health care entities should routinely check the list to ensure that new hires and current employees are not on it.(2)

References:

  1. https://oig.hhs.gov/compliance/compliance-guidance/docs/complianceguidance/nhg_fr.pdf
  2. https://oig.hhs.gov/exclusions/index.asp

Let’s Talk about Primary Source Data

What is a Primary Source?

A Primary Source is the original source repository or the source that legally issue licenses, discipline, education, training, or examination. A couple of examples of this in our industry are:

California Board of Registered Nursing
Office of Inspector General, U.S. Department of Health and Human Services (OIG)
Pharmacy Technician Certification Board (PTCB)
Centers for Medicare and Medicaid Services (CMS)

What is a Primary Source Data?

Primary Source Data is the license, certification, or disciplinary data directly from the original source. This means the data we collect is directly from the primary source. This data includes exclusion information, opt-out affidavits, license issuance, and disciplinary records. Another caveat to primary source data is we do not change, adjust, or modify the record found at the primary source.

Why is Primary Source Data Important?

Primary source data is important to your company as a way to confirm that your employee can be authorized to work for your facility.

The OIG has the authority to exclude individuals and entities from participation in federal healthcare programs. Any organization or individual who hires excluded parties may be subject to civil monetary penalties (CMP). To avoid these penalties, the LEIE recommends (as a part of the Updated Special Advisory Bulletin on the Effect of Exclusion from Participation in Federal Health Care Programs) that you check their database upon hire, and on an ongoing monthly basis.

Primary Source data is not only important to us, it’s important to accrediting bodies (i.e. The Joint Commission, URAC) and exclusion bodies (i.e. OIG, GSA).

Typhoon Data is Certified by the NCQA

Typhoon Data, a healthcare data solution provider, announced today it has received certification from the National Committee for Quality Assurance (NCQA), a private, non-profit organization dedicated to improving healthcare quality, for the following credentials verifications services;

License to Practice
DEA Registration
Medical Board Sanctions
Ongoing Monitoring
Medicaid/Medicare Sanctions

This credential verifies Typhoon Data’s use of industry best practices and demonstrates its commitment to quality improvement, increased performance measures, and better compliance data. Typhoon Data was built from the ground up applying knowledge gained from years of industry experience to provide the most effective and accurate solution available. Verification services designed to comply with NCQA credentialing standards demonstrates that Typhoon Data has the systems, process and personnel in place to thoroughly and accurately verify providers’ credentials and help health plan clients meet their accreditation goals.

Recognizing the critical nature of the services they provide, Typhoon Data determined that obtaining certification was a key business strategy. Typhoon Data was built with the customer in mind, and offers integration or turnkey solutions, customization, exclusion data, and verification services. Typhoon Data has revolutionized the method for continuously monitoring compliance data. Typhoon Data is positioned to move the industry forward through innovation and by leveraging technology.

As a bootstrapped startup Typhoon Data has worked to establish sound policies and procedures, and to become an expert in credentialing and compliance. The management and operations teams have created systems that ensure complete, accurate, and timely data gathering and verification. Certification includes rigorous on-site evaluations conducted by a team of health care professionals and certified credentialing specialists. A national oversight committee of physicians analyzes the team’s finding and determines certification based on the CVO’s compliance with NCQA standards.

About Typhoon Data

Typhoon Data is transforming the data industry through automation and partnerships. We make it possible to search for license, exclusion, and board action data in a more efficient and cost effective way. Because our processes are based in the future, we have the ability to offer better products than our competitors at a fraction of the price and in a standardized way that brings new meaning to Compliance Monitoring.

We efficiently handle monthly batching or quarterly reviews, we are constantly monitoring, making it possible for you to truly get the complete picture on your health care staff.

About the National Committee for Quality Assurance (NCQA)

NCQA is a private, non-profit organization dedicated to improving healthcare quality. NCQA accredits and certifies a wide range of healthcare organizations. It also recognizes clinicians and practices in key areas of performance. NCQA’s Web site (http://www.ncqa.org) contains information to help consumers, employers and others make more informed health care choices.

For the original version on PRWeb visit: http://www.prweb.com/releases/2017/01/prweb13989788.htm

It’s a new year…

complianceHappy New Year!!!

Once those words are uttered at 12:01 a.m. on January 1st, we’re all promised improvement. We promise it to ourselves with resolutions and we’re promised it from the people around us. Most resolutions boil down to a single idea: trimming the fat.

Usually, we mean this literally. Whether we’re talking about losing a couple pounds from the holidays, or losing a couple handfuls of pounds. We all want to trim the fat from the previous year. Read More It’s a new year…

Multi-State Licenses and Board Actions

I recently read an article on ProPublica (Read article here) about nurses who skip from state to state after receiving disciplinary actions. This has been and continues to be a huge weakness in the compliance industry.

When Craig Peske was fired from his nursing position in his home state in Wisconsin, and subsequently received an action against his license as well as six felony counts of narcotic possession, he used his “multi-state license” to get a job as a traveling nurse in North Carolina.

His license in North Carolina didn’t have an action against it, it was active and clear. It even surprised him when he checked on it. But, because his license was active, he had the ability to work as a nurse in North Carolina.

His license being clear in North Carolina could have been due to a lag time in getting the discipline on his record. Or because it’s possible that even with a multi-state license, the boards of separate states don’t communicate.

While I’m sure the hospital in North Carolina did their due diligence in searching his North Carolina license to confirm he was active. I believe they probably also searched for him in SAM and OIG to confirm he had no federal actions against him. What was missed, though, was that they clearly didn’t check into his Wisconsin license. The reason for this could range from Craig Peske not releasing the information that he did in fact have a license in another state. Or that their only requirement for employment is to have a free and clear license in the state of the employment.

There are many reasons why licenses for a practitioner can and will stay active when the practitioner shouldn’t be working in the healthcare industry anymore. Employing a nurse that has stolen painkillers at another facility creates a weak spot in your facility. It can open your facility up to being sanctioned or fined. It can put your patients in jeopardy as well.

And, although, most employers ask for every practitioner to disclose their actions, organizations can’t always trust employees to do so. As healthcare organizations, we need to gather as much knowledge about our practitioners as we can to protect our patients and our organization from fraud. I believe we owe this to the people out there trusting us to provide them with quality medical care.

That’s why TyphoonDATA’s product is so invaluable. With each new employee that is hired, you can search TyphoonDATA’s comprehensive database and see if there has been an action against them from a multitude of different sources. Or you can select one of our monitoring products, so with each refresh of the data, your employees are searched against the database. If a new record that matches your employee is found, you will be notified and TyphoonDATA does a verification to confirm or deny whether or not your employee is free and clear. It gives facilities and organizations just a little more comfort in knowing their employees are sanction free.

TyphoonDATA has packages that range from Basic Exclusion (searches against the OIG database) to Standard Plus (Searches against our entire database, including board actions, federal and state exclusions, and medicare opt-outs) to Premium Exclusion searches (Includes everything in Standard Plus, with a license check as well, to guarantee that their license is active and clear). All of our products are available as just a stand alone search, or with verification, or as a monitoring product.

Take a look at our products here.

SAM.gov Exclusions – What Are They, and Where do They Come From?

SAM.gov publishes an exclusion file used by many organizations for screening and/or compliance purposes. This exclusion file replaces the former EPLS files as of November, 2012. The SAM exclusion file receives regular updates and contains the collective exclusion reporting of over 80 different federal agencies totaling to approximately 130,000 exclusion records. An exclusion record from SAM.gov indicates that the individual or organization listed is disqualified from receiving any federal government contracts. S.A.M. stands for System for Award Management. This system is used for any party seeking to be awarded a federal government contract and become a federal vendor or supplier.

Let’s take a look at the break-down of the SAM.gov exclusions to see where most of the information comes from. As seen in the chart below, almost 1/2 of the SAM.gov exclusion records come from the Department of Health and Human Services’ OIG LEIE exclusion list. The top 6 contributors to the SAM.gov file makeup over 90% of its total records. The chart below only shows the top 27 federal agencies that report to SAM, there are many more which have made small record contributions.

Each agency that reports to the SAM exclusion system is responsible for the accuracy of its records and the information they contain. Exclusions records have a “type” and a “termination date”. The types are generally “Prohibition/Restriction” or “Ineligible”. In some cases the type may indicate “Proceedings Pending” or “Proceedings Completed”. These types give a little insight into the status of the investigation resulting in exclusion. The termination date in the record indicates the shelf-life of the exclusion. In some cases, a future date is present. This means that once that date is reached, the party on record is no longer excluded. In many cases, the word “Indefinite” is seen in the termination date. An indefinite exclusion never expires and can only be removed at the digression of the reporting agency. If specific conditions or criteria are met, the excluding agency may remove the exclusion. SAM does not publish a reinstatement list, non-excluded parties are simply removed from the updated file. Some reporting agencies (such as the OIG) do maintain their own reinstatement lists.

 

SAM Pie3

TyphoonDATA offers data and compliance solutions that include the SAM.gov exclusions file and much more.

To speak with TyphoonDATA directly, please contact:

Richard Rupert, VP Compliance Solutions
Office: 800.780.5901 extension 705
rrupert@typhoondata.com

Slipping Through the Cracks in the Process

More and more public watchdog groups, press and user groups are finding holes in the system that may be of concern to those who are hiring or credentialing medical providers.  The article dated June 30, 2014 from NPR demonstrates the complexities and timing issues.  Some providers are able to circumvent the billing process and continue to receive payment for years after being acted upon by the various state medical boards. http://www.npr.org/blogs/health/2014/06/20/323889329/sanctions-common-against-doctors-with-odd-medicare-billing?ft=1&f=1001

Credit Reporting Agencies focusing on hiring, compliance groups and credentialing organizations have the mission to surface issues beyond just the exclusion data repositories like the Office of the Inspector General (OIG) or one of the many Federal sites that track violators.  As you know, being excluded from the Federal Medicare process is only one element of the wider net that is needed to get all the data to make a hiring, risk or just plain due diligence decision.

The problem is often just timing.  A scenario might be a provider is arrested for a crime and adjudication begins.  Maybe a state medical board reviews the incident and takes action.  The various states may jump into action and exclude the provider from receiving Medicaid payments which is administered from the states even though the money comes primarily from the Federal tax dollars.  The license may be affected at the board level and it make take time to get into the exclusion process.  Hearings have to be set and conclusions reviewed.

It is the due process that takes time and we all appreciate the need for it.  But if you are a hiring entity or compliance group you may get caught in the cracks.  The key is to check the various Federal, State and board actions that will blanket the whole process.

It is possible to get an accurate, up to date picture and TyphoonDATA has a solution with will cast a wide net, verify the false positives and close the cracks into a simple to use click process.

If you would like to discuss, call us at 800.780.5901 or email us at RRupert@typhoondata.com or SSkyhawk@typhoondata.com .  We would love to help you with your mission.