Fraud & Abuse
In August, the U.S. Department of Health and Human Services (“HHS”) Office of Inspector General (“OIG”) made an additional focus in its Work Plan for the oversight of nursing facility staffing levels. These changes were made in the light of backlash from a July 2018 news article which reported that nearly 1,400 nursing homes had fewer qualified staff on duty than they were required or failed altogether to provide reliable staffing information to the Centers for Medicare and Medicaid Services (“CMS”).
On September 7, 2018, the United States District Court in the District of Columbia (“D.C. District Court”) vacated Medicare’s overpayment “report and return” rule as applied to Medicare Advantage Organizations (“MAOs”). The Patient Protection and Affordable Care Act (PPACA) created the requirement to report and return overpayments. The Centers of Medicare and Medicaid (CMS) issued rules to provide definitions that the PPACA did not define, create a procedure, payment options and timeframes. MAOs may no longer need to comply with CMS’ overpayment rule, but the PPACA remains intact. Providers who service Medicare beneficiaries will need to conduct the same analysis in order to comply with the PPACA “report and return” requirement.
On October 24, President Trump signed a new bill aimed at combatting issues arising from the opioid epidemic. This bill, entitled the Substance-Use Disorder Prevention that Promotes Opioid Recovery and Treatment for Patients and Communities Act (the “SUPPORT” Act) is a combination of seventy bills that effect the healthcare industry. This act includes new and revised Medicaid and Medicare laws that relate to the opioid crisis through the expansion of substance use disorder services. However, this bill, primarily aimed to combat the opioid epidemic, contains key provisions that will affect healthcare providers. Healthcare providers should be especially mindful of this new Act, as there are new anti-kickback provisions that require compliance officers and departments to ensure that their healthcare entities are in compliance with this new law.
The FDA regulationson human subject protection and Institutional Review Boards(IRBs) provide guidance to protect the rights, safety, and welfare of subjects who participate in FDA-regulated clinical investigations. The regulations conform with the requirements set forth by the Department of Health and Human Services (HHS) Federal Policy of Human Research Subjects(45 CFR 46, part A). In order to reduce confusion and burdens associated with complying with both the FDA regulations and the HHS policies regarding human subject protections, the FDA is revising the current “common rule”.
Judge P. Kevin Castel of the U.S. District Court for the Southern District of New York entered an Order for Final Judgment and Consent Order for Final Judgment (“the Orders”) early this month, resolving charges of a Commodity Futures Trading Commission (the “CFTC”) Complaint against a New York Corporation, Gelfman Blueprint Inc. (“GBI”) and its Chief Executive Officer, Nicholas Gelfman. The CFTC’s complaint, filed in January of 2017, marked the first anti-fraud enforcement action involving Bitcoin filed by the Commodity Futures Trading Commission. The Orders found that from approximately January of 2014-January 2016 Defendants Gelfman and GBI, through its officers and agents and employees, operated a Bitcoin Ponzi scheme in which they fraudulently solicited more than $600,000 from at least 80 customers.
In the age of digitization, data seems less secure than ever. Public companies constantly attempt to safeguard both personal and financial data, yet their efforts fail due to new outbreaks of malicious encryption viruses and persistent email phishing attempts. Data breaches and cyber fraud carry severe financial implications for public companies who fall victim to these types of attacks. But a new Securities and Exchange Commission (SEC) report says that public companies that are easy targets of cyber scams could also be in violation of federal securities laws and accounting regulations that call for firms to safeguard their assets. Although the SEC has issued its warning to public companies about the compliance and financial risks posed by cyber fraud, many companies are still struggling to implement effective protections against newly-evolved forms of cyber-attacks.
Protected Health Information is seeing a surge of breaches on the cyber security front due to contractor error. It’s also impacting the most consumers in comparison to other data breaches and, in some cases, has the power to cause chaos in national infrastructure. Advances in technology and compliance measures can stem the tide and protect the most valuable information in consumers lives.
The Centers for Medicare and Medicaid Services (CMS) have a multitude of resources to detect and protect against fraud and abuse in claims. Particularly, CMS has at least six types of contractors that provide different roles in the prevention, detection, and reporting of fraud and abuse in healthcare. This list includes Recovery Auditors, which serve to reduce fraud and abuse by detecting and collecting overpayments from entities and Comprehensive Error Rate Testing (CERT) Contractors, which determine rates of improper payments by reviewing claims under Medicare Fee-For-Service (FFS). Another auditor that providers should be particularly mindful of are the Zone Program Integrity Contractors (ZPICs). This article is an overview ZPICS, its role in Medicare, and outlines the steps providers should take when faced with an audit by ZPICs.
One month after the largest health care fraud enforcement action was taken, the Assistant Attorney General, Brian A. Benczkowski, of the Justice Department’s Criminal Division, announced the addition of the Newark/Philadelphia Regional Medicare Strike Force. The newly added 11th Medicare Strike Force will largely focus on healthcare fraud that is contributing to the opioid epidemic.
Finance Director for UnitedHealth Group brought qui tam suit against UnitedHealth Group, Inc. alleging that the organization upcoded risk adjustment data resulting in increased payments (more than $1.14 billion) to UnitedHealth Group. The Department of Justice (DOJ) intervened in the case, yet UnitedHealth Group was successful in getting the primary False Claims Act Claims dismissed by arguing that the Centers for Medicare & Medicaid Services (CMS) would not have refused to make the adjustment payments had they known of the errors in the risk adjustment. The Escobar materiality standard helps clarify threshold level of risk to Managed Care Providers in attesting to their risk adjustment payments; the falsities must have had an impact on the respective payment.