Fraud & Abuse
As our society evolves over to a more digital world, it is important to take a step back and review what we are putting online. Recently, data breaches have become a common occurrence in our day-to-day lives. In 2016, personal information from about 25 million Uber customers and drivers in the United States. The notorious website for individuals seeking extra marital affairs, Ashley Madison, has itself fallen victim to a data breach. The hacker dumped 9.7 gigabytes of data into/onto the dark web. The data released in the Ashley Madison breach included names, passwords, addresses, and telephone numbers of users who created an account on the site. When data breaches like these happen, the Federal Trade Commission (FTC) steps in to protect the United States consumers by investigating the source of data breaches and prosecuting hackers.
On October 9, 2019, the Centers for Medicare & Medicaid Services (CMS) issued a proposed rule to modernize and clarify the regulations that interpret the Medicare physician self-referral law (often called the “Stark Law”), which has not been significantly updated since it was enacted in 1989. As CMS tries to reconstruct the healthcare field, it is imperative for compliance programs to prepare for the changes in regulations to come. The following discussion provides a brief overview of the proposed changes but is not an exhaustive list of all rulemakings related to the physician self-referral law.
On October 17, 2019, the U.S. Department of Health and Human Services (HHS) published two proposed rules in the Federal Register that could potentially transform key federal laws restricting health care arrangements. These rules address perceived or actual barriers to care coordination and value-based care under Stark Law, the Anti-Kickback Statute, and the Civil Monetary Penalty (“CMP”) law. The proposals are intended to “modernize and clarify” the regulations that implement and interpret these laws in order to drive innovation and more towards a more affordable health care delivery and payment system, while also maintaining barriers to prevent fraud and abuse. The proposed rules “will improve outcomes by moving away from the old modes of inpatient hospitalizations.”
Despite all preventive measures that hospitals and health care systems put in place to stop data breaches from occurring, employees at these entities still have unsecured and un-encrypted laptops, which are susceptible to cybersecurity attacks. A report from a cybersecurity protection organization stated that a majority of high-risk scenarios that occur in health care entities were due to unsecure laptops. These unsecured laptops can lead to massive data breaches and can result in hefty fines imposed by the Office of Civil Rights. Proper encryption, tracking software, and rarely leaving laptops unattended are a few ways that employees and organizations can help safeguard protected health information and prevent data breaches.
The current Deputy Secretary of the Department of Health and Human Services and former Loyola University Chicago School of Law professor Eric D. Hargan was sworn into his position as the Deputy Secretary on October 6, 2017. Since then, he has been working on assisting providers to help them better understand the intricacies of the Stark law by gathering provider concerns about present governing efforts. All of this work is being done in an effort to shift the healthcare system away from fee-for-service care and towards value-based care in what Hargan is calling the “Regulatory Sprint to Coordinated Care.” Hargan stated that “removing unnecessary government obstacles to care coordination is a key priority for this Administration.”
Although the nation’s longest-ever government shutdown has ended, agencies forced to furlough employees and shutter temporarily are still facing the effects of the funding gap. On January 25th, President Trump agreed to sign a continuing resolution that will reopen and fund the federal government through February 15th. The government reboot means that the roughly 800,000 federal employees furloughed or forced to work without pay should expect to receive their back pay soon, but the thirty-five-day suspension of government functions comes with significant aftershock. While various regulatory agencies scramble to address their backlog of work, life for Americans who interact with these agencies has been hindered indefinitely.
On January 31, 2019, the Trump administration proposed yet another regulation in efforts to control rising prescription costs for Americans. If the regulation becomes final, drug manufacturers and Pharmacy Benefit Managers (“PBM”) will no longer be able to harbor from Anti-Kickback violations when negotiating discounts with Medicare and Medicaid managed care programs. The Administrations, continuing the tone of transparency, will instead provide Medicare Part D beneficiaries with the ability to receive discounted prices at the pharmacy counter. The administration hopes this will allow patients to not endure high out-of-pocket costs by purchasing medications at a more affordable price necessary to sustain their health.
On Christmas Day 2013, The Wolf of Wall Street debuted to rave reviews and quickly became director Martin Scorsese’s top-grossing film. Audiences loved Leonardo DiCaprio’s portrayal of Jordan Belfort, an aggressive stockbroker who rapidly rises to wealth through smooth talking and high-pressure sales tactics. The film is filled with outrageous partying, unethical Wall Street stockbrokers and bankers, and culminates in the arrest of Belfort and the downfall of his criminal enterprise. While certain scenes from the film were arguably embellished, the film is based on a true story. The more amazing true story, however, is that The Wolf of Wall Street was funded and produced through a massive fraud that makes Jordan Belfort’s escapades look miniscule. On November 1, 2018, Timothy Leissner, a Goldman Sachs partner, plead guilty to conspiring to launder money and violating foreign antibribery laws for his role in a massive scandal that involves the prime minister of Malaysia, Middle Eastern sovereign wealth funds, and even Paris Hilton.
In August, the U.S. Department of Health and Human Services (“HHS”) Office of Inspector General (“OIG”) made an additional focus in its Work Plan for the oversight of nursing facility staffing levels. These changes were made in the light of backlash from a July 2018 news article which reported that nearly 1,400 nursing homes had fewer qualified staff on duty than they were required or failed altogether to provide reliable staffing information to the Centers for Medicare and Medicaid Services (“CMS”).
On September 7, 2018, the United States District Court in the District of Columbia (“D.C. District Court”) vacated Medicare’s overpayment “report and return” rule as applied to Medicare Advantage Organizations (“MAOs”). The Patient Protection and Affordable Care Act (PPACA) created the requirement to report and return overpayments. The Centers of Medicare and Medicaid (CMS) issued rules to provide definitions that the PPACA did not define, create a procedure, payment options and timeframes. MAOs may no longer need to comply with CMS’ overpayment rule, but the PPACA remains intact. Providers who service Medicare beneficiaries will need to conduct the same analysis in order to comply with the PPACA “report and return” requirement.