Articles Posted in Compliance

Published on:

by

The Department of Health and Human Services (HHS) Office of Inspector General (OIG) announced several new changes in its Work Plan update in August 2022. The OIG Work Plan forecasts the projects that OIG plans to implement over the foreseeable future. These projects usually include OIG audits and evaluations. Below are the highlights from the Work Plan update of which providers and suppliers should take notice.

First, OIG will perform an audit of selected HHS divisions to evaluate the effectiveness of security controls to determine whether service providers are identifying and reporting cybersecurity events. The audit seeks to ensure HHS’s compliance with the Federal Information Security Management Act and OMB Circular A-130 which requires Federal agencies to ensure that service providers meet the security requirements for transmitting, processing, or storing Federal information.

Second, OIG will perform a nationwide review of skilled nursing facility (SNF) costs for services, facilities, and supplies furnished by entities with common ownership with the SNF. Medicare regulations require that the cost of services, facilities, and supplies furnished to a provider by an organization under common ownership or control be the same or lower than the cost of comparable services and supplies purchased elsewhere. Accordingly, the review will compare these costs to determine whether skilled nursing facilities are reporting these related-party costs in accordance with the Medicare regulations. The review will also consider how a skilled nursing facility’s allocation of Medicare funds can impact beneficiary care.

Continue reading
Published on:

by

More of the long-promised enforcement actions related to COVID-19 pandemic relief and healthcare programs have started to unfold. This time it is demands from the Health Resources and Services Administration (“HRSA”) that providers repay funds they have received for providing COVID-19 testing to the uninsured during the pandemic.

As part of the response to the COVID-19 pandemic, Congress provided funding for testing of patients without health insurance. The funding of testing for the uninsured was overseen by HRSA under the COVID-19 Claims Reimbursement to Health Care Providers and Facilities for Testing, Treatment, and Vaccine Administration for the Uninsured Program. HRSA contracted with Optum to administer the program directly. Generally referred to as “HRSA funding” for testing of the uninsured, this system functioned as a claims reimbursement program wherein eligible healthcare providers submitted claims to HRSA/Optum for reimbursement, made certain attestations, and Optum reimbursed providers’ claims.

Recently, healthcare providers who billed and received reimbursements under this program have begun to receive “assessment” letters from HRSA. HRSA has generally insisted that these are not “audits,” but “assessments.” These letters generally indicate that HRSA made payments to the provider in error and demand that the provider make immediate repayment. The letters generally do not provide denial reasons or explain the nature of the “error,” and do not contain allegations of fraud. They simply demand repayment. The letters also generally do not provide for an appeal process. Where a provider receives a letter, HRSA generally also suspends payment to the provider, pending the completion of an assessment.

Continue reading
Published on:

by

The use of telemedicine has exploded over the last few years. The COVID-19 pandemic spurred a shift from in-person services to services provided by telemedicine. As healthcare providers and patients experience the added convenience of telemedicine in some circumstances, some of the large-scale shifts to telemedicine will likely become permanent. However, with increased use comes increased scrutiny from regulators. The Department of Health and Human Services (HHS) Office of Civil Rights (OCR) and the Department of Justice (DOJ) recently released guidance regarding the provision of telehealth services to individuals with disabilities or with limited English proficiency.

Collectively, several federal laws generally prohibit discrimination on the basis of disability, race, color, and national origin, among other bases. Federal regulations also generally require covered health programs or activities provided by covered entities through electronic or information technology to be accessible to individuals with disabilities unless doing so would result in undue financial and administrative burdens or fundamental alteration of the health program. According to the joint guidance, “A health care provider’s failure to take appropriate action to ensure that care provided through telehealth is accessible can result in unlawful discrimination.”

HHS and DOJ’s guidance generally directs providers to make exceptions to their telemedicine policies or to make special accommodations to individuals with disabilities or limited English proficiency, such as allowing extra time for familiarization with the telemedicine platform or for communication with the provider, allowing caregivers or others to be present during a telemedicine visit, adding additional capabilities or support for functions like real-time captioning or screen reader software, and use of language assistance services. A provider’s obligation to accommodate disabilities over telemedicine is generally the same as when providing in-person services.

Continue reading
Published on:

by

As the COVID-19 pandemic continues to recede, efforts by commercial insurance carriers to claw back millions of dollars paid out for COVID-19 testing services are steadily increasing, creating an ongoing audit risk for healthcare providers, especially clinical labs. In many cases, efforts to get people tested, slow the pandemic, and ask questions later have turned into accusations of over-billing and demands that providers repay the insurance carriers.

Early in the pandemic, Congress required commercial insurers to cover certain claims for COVID-19 testing. However, Congress did not provide the insurers with funds to cover the cost of this mandate and some insurers have pushed back against lab claims for COVID-19 testing. As public opinion and political fervor over the urgency of testing has subsided, commercial insurers are taking advantage of the opportunity to audit COVID-19 testing claims, dispute payments they have made to the labs, and demand that labs make repayment, often for significant portions of the lab’s COVID-19 testing volume. These disputes generally focus on the same issues.

First, insurers may audit labs based on the requirement for an “individualized clinical assessment,” including whether the practitioner was authorized, whether the order for testing was within the scope of state law, whether the assessment was conducted by telemedicine or by a questionnaire, whether the ordering provider used a standing order, and what rules apply where a state does not or did not require an order for COVID-19 testing.

Continue reading
Published on:

by

One of the largest areas of debate in healthcare regulatory compliance is the Eliminating Kickbacks in Recovery Act (EKRA). Despite the many question marks by healthcare providers around how to comply with EKRA, the statute also carries some of the stiffest penalties for failing to do so. Enacted in 2018, EKRA provides criminal penalties for paying, receiving, or soliciting any remuneration in return for referrals to recovery homes, clinical treatment facilities, or laboratories. Although initially intended to apply only to substance abuse and recovery, EKRA was written so broadly that it applies to all clinical laboratory services, not just in connection with substance abuse and recovery. It is unclear if Congress intended this effect, as the expansion to all lab services was included a mere 6 days before the final version of the law passed. Regardless, a violation of EKRA may be punished by fines up to $200,000, imprisonment of up to 10 years, or both, for each occurrence.

EKRA is often compared to other federal regulatory statutes, such as the Physician Self-Referral Law (commonly called the Stark Law) and the Anti-Kickback Statute (AKS). However, EKRA is written incredibly broadly and may prohibit conduct that might otherwise be permissible under the Stark Law and AKS. The Stark Law and AKS also have volumes of regulations and decades of enforcement, such that it is generally well understood how these statutes function, how government agencies view and enforce them, and how to structure arrangements to comply with them. EKRA, on the other hand, has no regulations and few enforcement actions, often leaving healthcare providers with only the bare text of what is potentially a very broad statute.

Recent enforcement actions are beginning to show that EKRA is likely as broad as it appears. Initially, enforcement actions under EKRA were limited to allegations regarding substance abuse and recovery services, as originally intended. But this summer, the Department of Justice (DOJ) charged a clinical lab with an alleged multi-million-dollar healthcare fraud scheme, which included allegations that the lab violated EKRA by paying for referrals for COVID-19 testing, showing a willingness to enforce the full breadth of EKRA on clinical lab services.

Continue reading
Published on:

by

On July 15th, 2022, the U.S. Department of Health and Human Services (HHS) extended the COVID-19 Public Health Emergency by another 90 days. The Public Health Emergency has allowed HHS and various federal agencies to issue waivers of regulatory requirements to ensure that providers have greater flexibility with several issues, including reporting requirements and telehealth reimbursement as the Pandemic grew increasingly dangerous.

The Public Health Emergency has existed since January 27th of 2020. After the last extension of the Public Health Emergency in April of 2022, HHS Secretary Xavier Becerra assured that there will also be a 60-day notice to providers nationwide when HHS decides to terminate the Public Health Emergency.

Although the Public Health Emergency has been extended, it is important to note that the Centers for Medicare and Medicaid Service (CMS) has already started to end some of the regulatory flexibilities implemented during the Public Health Emergency. We discussed the termination of some of these blanket waivers in a previous blog post. Providers who are relying on any of the regulatory waivers should verify whether the waivers remain in effect or have been ended prior to the end of the Public Health Emergency.

Continue reading
Published on:

by

On July 20, 2020, the Department of Health and Human Services (HHS) Office of Inspector General (OIG) released a special fraud alert targeting remuneration paid to physicians and other practitioners by telemedicine companies. As telemedicine use has increased exponentially over the last two years, so too have the proliferation of telemedicine marketing arrangements and the prosecution of these arrangements by OIG and federal law enforcement. OIG issued the fraud alert in conjunction with the announcement of a new $1.2 billion enforcement action regarding alleged telemedicine fraud.

Generally, the arrangements at issue involve a telemedicine company that may recruit both patients and physicians (or other practitioners). The telemedicine company then pays the physician to review some form of medical record, possibly contact the patient, and order some product or service, generally durable medical equipment (DME) or laboratory testing. OIG has taken the position that the fees paid to physicians and practitioners under these arrangements may constitute unlawful “remuneration” meant to induce or reward referrals under the Anti-Kickback Statute (AKS). Pursuant to the AKS, it is unlawful to knowingly and willfully solicit, receive, offer, or pay any remuneration to induce or reward, among other things, referrals for, or orders of, items or services reimbursable by a federal health care program.

OIG drafted the alert as a notice to physicians and other practitioners to be wary of certain characteristics in these arrangements. OIG outlined several ‘suspect characteristics’ that it believes may increase the risk of fraud and abuse in telemedicine arrangements:

Continue reading
Published on:

by

This spring, the Department of Justice (DOJ) intervened in a two-year-old qui tam whistleblower lawsuit against a hospital and oncology practice in Memphis, Tennessee. DOJ accused the hospital of violating the Anti-Kickback Statute (AKS) and the False Claims Act (FCA) by paying the oncology practice for its patient referrals. The hospital and the practice have maintained that the complex series of contracts between them represented a lawful business relationship meant to create a new cancer treatment center.

The AKS is a criminal statute that prohibits the knowing and willful payment of “remuneration” to induce or reward patient referrals or the generation of business involving any item or service payable by federal health care programs. Remuneration goes beyond cash payments and includes anything of value. If the AKS applies, conduct may still be lawful if it falls into one of several “safe harbors.” Some of the most common safe harbors are the investment interest safe harbor, specific types of rental agreements for office space or equipment, and contracts for personal services that meet certain criteria. The AKS is often enforced in conjunction with the FCA, which imposes civil liability for knowingly submitting false claims to the government. Importantly, the FCA carries severe consequences, including treble damages and a per-claim penalty that increases each year with inflation ($12,537 per claim for 2022).

In this case, the arrangement between the hospital and practice involved several distinct agreements. First, the hospital purchased many of the assets of the practice, including offices and equipment. Second, the hospital leased approximately 200 physician and non-physician employees from the practice. These first two agreements were supported by fair market value (FMV) opinions. Third, the hospital paid the physicians for management services under a Management Services Agreement (MSA). Lastly, the hospital made a several-million-dollar investment in a for-profit research entity controlled by the practice’s owners.

Continue reading
Published on:

by

SMRC audits can be a difficult and baffling ordeal for a provider. They can last for months or years with very little information provided to the healthcare provider but can have devasting impacts. The Supplemental Medical Review Contractor, or SMRC, is a contractor with the Centers for Medicare & Medicaid Services (CMS) that performs a variety of Medicare and Medicaid audit and medical review tasks. Noridian Healthcare Solutions, which is also a Medicare Administrative Contractor (MAC), was selected as the SMRC in 2018 and remains the current SMRC.  The SMRC conducts nationwide medical reviews of Medicare Parts A and B, DMEPOS, and Medicaid claims for compliance with coverage, coding, payment, and billing requirements.

The SMRC’s audit areas are chosen by CMS and are referred to as “projects.” The focus of the medical reviews may include areas identified by CMS data analysis, the Comprehensive Error Rate Testing (CERT) program, professional organizations, and federal oversight agencies. At the request of CMS, the SMRC may also carry out other special projects. Not every SMRC project is created equal. Some SMRC projects are intended as program integrity audits to identify suspected fraud or are intended as medical necessity reviews to identify overpayments, while other SMRC projects are simply data collection and analysis meant to inform future CMS policy. Where a provider is subject to a SMRC audit, knowing which project the audit falls under can provide valuable information.

Where CMS assigns a project to a SMRC, the SMRC first sends targeted providers an Additional Documentation Request (ADR) letter, usually  in a distinctive green envelope with the Noridian SMRC logo. Upon receipt of the requested medical records and/or supporting documents, the SMRC conducts the review based on the analysis of national claims data, statutory and regulatory coverage, and coding, payment, and billing requirements. Once the review is complete, the provider should receive a Review Results Letter. A provider may sometimes be given 14 days to request a voluntary Discussion and Education session with the SMRC. The provider generally also can appeal the SMRC’s findings directly to the SMRC. Where a SMRC denies an appeal, it may refer the matter to the local MAC to collect the alleged overpayment, which is generally subject to the Medicare claims appeal process. If the SMRC suspects fraud, it may also refer the matter to CMS or other government agencies.

Continue reading
Published on:

by

Healthcare providers are often required to collect co-pays, deductibles, or coinsurance payments from patients. These requirements may be imposed by participation agreements with commercial insurers or, in the case of Medicare and Medicaid, federal and state laws or regulations. It can be tempting to waive copays and other amounts due from patients because it improves patient relationships and may lead to more business. However, waiving copays and the like can implicate beneficiary inducement laws, the Anti-Kickback Statute, the Civil Monetary Penalties Statute, the False Claims Act, and other laws.

While there are some legitimate reasons to waive copays, in most cases, the provider must attempt to collect from the patients. Where a provider attempts to collect copays and other amounts from patients but is unsuccessful and there is no other legitimate reason to waive the copay, what collection efforts are providers required to use to comply with the laws listed above and avoid accusations of waiving copays?

In general, a healthcare provider must use “reasonable collection efforts” to collect copays and the like from patients. Some actions that a provider may consider are: sending multiple bills or invoices to the patient, collections or demand letters, phone calls to or personal contact with the patient, use of a collections agency, threats of litigation, drafts of litigation documents to send to the patient, and initiation of litigation against the patient. Some of these measures are draconian and may well cost more than the copay to be collected. While the size of the amount to be collected can be a factor in determining what collection efforts are “reasonable,” in nearly every case, the provider must make some attempt to collect. That is, a provider generally cannot refuse collection efforts simply because the amount due is small.  Further, a provider’s collection policy generally must be the same for all patients, regardless of the payor.

Continue reading
Contact Information
210 E 3rd St #204
Royal Oak, MI 48067
Phone: 248-544-0888
Fax: 248-544-3111

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please do not include any confidential or sensitive information in a contact form, text message, or voicemail. The contact form sends information by non-encrypted email, which is not secure. Submitting a contact form, sending a text message, making a phone call, or leaving a voicemail does not create an attorney-client relationship.

Copyright © 2016 – 2025, Wachler & Associates, P.C.
JUSTIA Law Firm Blog Design