Archive for the ‘Health care compliance’ Category

2013 OIG Work Plan

Wednesday, October 31st, 2012

The 2013 OIG Work Plan has been released.  To see the complete Work Plan, click here (fair warning, it’s a big pdf file).

The Work Plan is a good resource for providers to review to learn of enforcement and focus areas for their organization (i.e., hospitals, nursing homes, hospices, etc.).  For example, there are 11 new focus areas related to hospitals.

The 2013 Work Plan also has paid special attention to the new healthcare reform law.  For the new programs and reviews related to the ACA, see Appendix A on page 107.

It would be wise for providers to review all the topics in their field, and pay especially close attention to the new areas of compliance.


Disclaimer: This post is not intended as legal advice nor does it create an attorney-client relationship.

~At Matthews Law Firm, P.A., we practice criminal defense & health law.~


ICD-10 Deadline Postponed

Friday, February 17th, 2012

The implementation of ICD-10, a medical coding system which was supposed to go into effect in October 2013, has been indefinitely postponed.

HHS has indicated it will announce a new compliance date moving forward.  This is the second delay of ICD-10.  HHS has explained that the reason for the delay is related to concerns from the medical community about administrative burdens associated with making the switch from ICD-9.

ICD-10 represents a fundamental change over the ICD-9 coding system.  For example, under ICD-9, the code sets can only be from 3-5 characters in length.  ICD-10 allows code sets to be between 3-7 characters in length.  Also, ICD-10 contains approximately 68,000 codes, where ICD-9 contained approximately 13,000.

To read the HHS news release announcing the delay in implementation, go here.

~At Matthews Law Firm, we practice criminal defense & healthcare compliance~

(Disclaimer: This post is not intended as legal advice nor does it create an attorney-client relationship.)

No Comments

Category Health care compliance | Tags: Tags: , ,

New OIG Advisory Opinion 11-18

Monday, December 12th, 2011

The OIG has released its most recent Advisory Opinion (#11-18).  This Opinion was issued on November 30, 2011 and was posted on December 7, 2011.

The Opinion deals with the legalities of an online service that would facilitate the exchange of information between health care practitioners, providers, and suppliers.

In the end, the opinion concludes that although the Proposed Arrangement could potentially generate prohibited remuneration under the anti-kickback statute if the requisite intent to induce or reward referrals of federal health care program business were present, the OIG would not impose administrative sanctions in connection with the Proposed Arrangement.

Hospice Care and the 2012 OIG Work Plan

Tuesday, October 18th, 2011

Those working in hospice settings will want to take notice of the 2012 OIG Work Plan.  Here are 5 ways the Work Plan affects hospice care:

1.  Acute-Care Hospital Inpatient Transfers to Inpatient Hospice Care

The government will review Medicare claims for inpatient stays for which the beneficiary was transferred to hospice care and examine the relationship, either financial or common ownership, between the acute-care hospital and the hospice provider and how Medicare treats reimbursement for similar transfers from the acute-care setting to other settings.

2.  Hospice Marketing Practices and Financial Relationships with Nursing Facilities

The government will review hospices’ marketing materials and practices and their financial relationships with nursing facilities. Medicare covers hospice services for eligible beneficiaries under Medicare Part A. (Social Security Act, § 1812(a).) In a recent report, OIG found that 82 percent of hospice claims for beneficiaries in nursing facilities did not meet Medicare coverage requirements. MedPAC, an independent congressional agency that advises Congress on issues affecting Medicare, has noted that hospices and nursing facilities may be involved in inappropriate enrollment and compensation. MedPAC has also highlighted instances in which hospices aggressively marketed their services to nursing facility residents. They will focus their review on hospices that have a high percentage of their beneficiaries in nursing facilities.

3.  Medicare Hospice General Inpatient Care

The government will review the use of hospice general inpatient care from 2005 to 2010. They will assess the appropriateness of hospices’ general inpatient care claims and hospice beneficiaries’ drug claims billed under Part D. Federal regulations address Medicare CoPs for hospice at 42 CFR Part 418. They will review hospice medical records to address concerns that this level of hospice care is being misused and to determine the extent to which drugs are being inappropriately billed to Part D.

4.  Duplicate Drug Claims for Hospice Beneficiaries (Medicare Part D)

The government will review the appropriateness of drug claims for individuals who are receiving hospice benefits under Medicare Part A and drug coverage under Medicare Part D. They will determine whether payments under Part D are correct, supported, and not duplicated in hospice per diem amounts. They will also determine the extent of any duplication found and identify controls to prevent duplicate drug payments. Medicare Part D drug plans should not pay for drugs that are covered under the Part A hospice benefit. CMS publishes hospice payment rates, which include prescription drugs used for pain relief and symptom control related to the beneficiary’s terminal illness. (Medicare Claims Processing Manual, Pub. No. 100-04, ch. 11, § 30.2.) Hospice providers are paid per diem amounts, which include payments for these drugs. A drug prescribed for a Part D beneficiary shall not be considered for payment if the drug was prescribed and dispensed or administered under Part A or Part B.

5.  Hospice Services: Compliance With Reimbursement Requirements

The government will determine whether Medicaid payments for hospice services complied with Federal reimbursement requirements. Medicaid may cover hospice services for individuals with terminal illnesses. (Social Security Act, § 1905(o)(1)(A).) Hospice care provides relief of pain and other symptoms and supportive services to terminally ill persons and assistance to their families in adjusting to the patients’ illness and death. An individual, having been certified as terminally ill, must elect hospice coverage and waive all rights to certain otherwise covered Medicaid services. (CMS’s State Medicaid Manual, Pub. 45, § 4305.) In FY 2010, Medicaid payments for hospice services totaled more than $816 million.


(Disclaimer–This post is not intended as legal advice nor does it create an attorney-client relationship.)



HIPAA Loophole–Are law firms “covered entities”?

Monday, October 17th, 2011

Recently, a Baltimore medical malpractice law firm lost a portable drive that contained medical records for 161 stent patients, patient names, addresses, dates of birth, social security numbers and insurance information.  It appears as though the law firm represented a cardiologist being sued for alleged malpractice.

According to a Baltimore Sun article, the portable hard drive was “taken home nightly as a security precaution in case of fire or flood…though the portable information was not encrypted–among the most stringent security precautions that is standard practice for health professionals dealing with medical records.”

The law firm employee lost the hard drive while traveling on the Baltimore light rail.  She returned for it within 10 minutes but it was already gone.

HIPAA & Covered Entities

The protection of patient information is regulated by HIPAA, which applies to “covered entities”.  Under HIPAA, a “covered entity” is defined as being:

  • a health care provider that conducts certain transactions in electronic form (called here a “covered health care provider”)
  • a health care clearinghouse
  • a health plan

Here’s the legal question: Should law firms be included in the definition of covered entities?


(Disclaimer: This post is not intended as legal advice nor does it create an attorney-client relationship.)


~At Matthews Law Firm, P.A., we practice health law~

Nursing Home Compliance Plans

Friday, October 7th, 2011

Nursing homes should now have increased motivation to draft and implement a compliance plan. The reason?  Nursing home compliance plans are now listed in the 2012 OIG Work Plan, and will be a target for enforcement.  Specifically, the provision states in full:

Nursing Home Compliance Plans (New)

We will review Medicare and Medicaid-certified nursing homes’ implemention of compliance plans as part of their day-to-day operations and whether the plans contain elements identified in OIG’s compliance program guidance. We will assess whether CMS has incorporated compliance requirements into Requirements of Participation and oversees provider implementation of plans. Section 6102 of the Affordable Care Act requires nursing homes to operate a compliance and ethics program, containing at least 8 components, to prevent and detect criminal, civil, and administrative violations and promote quality of care. The Affordable Care Act requires CMS to issue regulations by 2012 and SNFs to have plans that meet such requirements on or after 2013. OIG’s compliance program guidance is at 65 Fed. Reg. 14289 and 73 Fed. Reg. 56832. (OEI; 00-00-00000; expected issue date: FY 2013; new start; Affordable Care Act)

As you read, according to the Work Plan, a nursing home (and skilled nursing facility) compliance plan should have at least 8 components.  And just what ARE the 8 components?  For that answer, we look to Section 6102 of the Affordable Care Act.  That law states the 8 components are:

REQUIRED COMPONENTS OF PROGRAM —The required components of a compliance and ethics program of an operating organization are the following:

(A) The organization must have established compliance standards and procedures to be followed by its employees and other agents that are reasonably capable of reducing the prospect of criminal, civil, and administrative violations under this Act.

(B) Specific individuals within high-level personnel of the organization must have been assigned overall responsibility to oversee compliance with such standards and procedures and have sufficient resources and authority to assure such compliance.

(C) The organization must have used due care not to delegate substantial discretionary authority to individuals whom the organization knew, or should have known through the exercise of due diligence, had a propensity to engage in criminal, civil, and administrative violations under this Act.

(D) The organization must have taken steps to communicate effectively its standards and procedures to all participation in training programs or by disseminating publications that explain in a practical manner what is required.

(E) The organization must have taken reasonable steps to achieve compliance with its standards, such as by utilizing monitoring and auditing systems reasonably designed to detect criminal, civil, and administrative violations under this Act by its employees and other agents and by having in place and publicizing a reporting system whereby employees and other agents could report violations by others within the organization without fear of retribution.

(F) The standards must have been consistently enforced through appropriate disciplinary mechanisms, including, as appropriate, discipline of individuals responsible for the failure to detect an offense.

(G) After an offense has been detected, the organization must have taken all reasonable steps to respond appropriately to the offense and to prevent further similar offenses, including any necessary modification to its program to prevent and detect criminal, civil, and administrative violations under this Act.

(H) The organization must periodically undertake reassessment of its compliance program to identify changes necessary to reflect changes within the organization and its facilities.

And remember, having a compliance plan is not merely having written policies.  Anyone could copy and paste the 8 components into a document and call it their “compliance plan”.  A compliance plan is a living, breathing document that should be implemented and followed everyday.  It is a “way of life” for an organization, from top administration, to full-time staff members, to part-time employees, and even to third-party business associates.  A compliance plan includes not only talking the talk, but walking the walk.  In order to be compliant, an organization needs to do both by talking it AND walking it.

~At Matthews Law Firm, P.A., we help clients draft & implement compliance plans that suit their needs~

(Disclaimer: This post is not intended as legal advice nor does it create an attorney-client relationship.)

CCHIT Certification

Friday, August 26th, 2011

By now, most healthcare organizations realize that if they want EHR incentive payments, their EHR software needs to be certified.  With the explosion of healthcare organizations shopping for certified EHR products, the certification process has become a frequently asked question.  Exactly HOW do EHR products receive their certification?  WHAT practice areas are eligible for certification?

The CCHIT Certified® 2011 certification program is one of two distinct programs of certification offered by the Certification Commission for Health Information Technology (CCHIT®):

  • CCHIT Certified® 2011
  • ONC-ATCB 2011/2012

On the most basic level, when CCHIT is inspecting a product for review, they are looking at three areas: functionality, interoperability, and security.

CCHIT currently offers certification in the following six areas, plus optional certifications in the subcategories:

1. Ambulatory EHR

  • Child Health
  • Cardiovascular
  • Behavioral Health
  • Dermatology
  • Clinical Research
  • Women’s Health
  • Oncology

2.  Inpatient EHR

3.  Emergency Department EHR

4.  Behavioral Health EHR

5.  Long Term & Post Acute Care EHR

  • Skilled Nursing Facility
  • Home Health

6.  ePrescribing

Enterprise Certification Option

For applicants offering EHR product(s) in three specific 2011 certification domains–Ambulatory, Inpatient, and Emergency Department–CCHIT offers an optional Enterprise certification.  To obtain the optional Enterprise certification, applicants will be required to execute the Enterprise Test Script that demonstrates interoperability and integration between all three domains.  It is important to note that if at anytime any of the 3 core Ambulatory, Inpatient, or Emergency Department certifications expire, are revoked, or suspended, the Enterprise certification option will also be expired, revoked, or suspended at the same time.


To read the current CCHIT 2011 Certification Handbook, which provides much more detail on the certification process, click here. (76 page .pdf file)

To see an example of the certification criteria for Ambulatory EHR, go here.  To see the criteria for the sub-specialty of Child Health, go here.

At Matthews Law Firm, P.A., we practice healthcare compliance law.

(Disclaimer: This post is not intended as legal advice nor does it create an attorney-client relationship.)


Meaningful Use for Eligible Professionals

Wednesday, August 24th, 2011

At Matthews Law Firm, P.A., we practice healthcare compliance law, including legal issues which arise with the EHR Incentive Program.  Some of those issues involve advising clients about EHR meaningful use requirements.

In Florida, Medicaid eligible professionals (EP’s) do not have to demonstrate meaningful use in their first payment year. They only have to demonstrate that they have adopted, implemented, or upgraded certified EHR technology.

In order for an eligible professional to receive payment in the second year of participation, they will have to attest to meaningful use of certified EHR for a continuous 90-day period. In subsequent years, the meaningful use reporting period is the entire calendar year.

What do EP’s have to do in order to show meaningful use?

To qualify for an incentive payment, EPs must meet 20 of the 25 meaningful use objectives identified by CMS.  There are 15 required core objectives an EP will have to show in order to receive incentive payments (starting with the 2nd payment).  The remaining 5 objectives may be chosen from the list of 10 Menu Set Objectives.


In Florida, AHCA has a great website which can help explain each of the core objectives of meaningful use. (Go about halfway down the page under the ‘Eligible Professionals’ subsection.)

For a chart which summarizes the meaningful use core objectives and measure sets, go here. (This is a useful chart because it links to each meaningful use objective and explains each one in detailed format.)

(Disclaimer: This post does not constitute legal advice nor does it create an attorney-client relationship.)

At Matthews Law Firm, P.A., we practice healthcare compliance.

EHR Incentive Programs

Friday, July 29th, 2011

With the exception of dually-eligible hospitals, providers can only participate in one of the EHR Incentive Programs—Medicare or Medicaid—each year.  This blog (with the assistance of some CMS resources) will outline key differences between the Medicare and Medicaid EHR Incentive Programs.

Eligible Participants in the Medicare EHR Incentive Program

  • Doctors of medicine or osteopathy
  • Doctors of dental surgery or dental medicine
  • Doctors of podiatry
  • Doctors of optometry
  • Chiropractors
  • “Subsection (d) hospitals” in the 50 states or DC that are paid under the Inpatient Prospective Payment System (IPPS)
  • Critical Access Hospitals (CAHs)
  • Medicare Advantage (MA-Affiliated) Hospitals

Eligible Participants in the Medicaid EHR Incentive Program

  • Physicians (primarily doctors of medicine and doctors of osteopathy)
  • Nurse practitioners
  • Certified nurse-midwives
  • Dentists
  • Physician assistants who furnish services in a Federally Qualified Health Center or Rural Health Clinic that is led by a physician assistant
  • Acute care hospitals (including CAHs and cancer hospitals) with at least 10% Medicaid patient volume
  • Children’s hospitals (no Medicaid patient volume requirements)

Dually-Eligible Hospitals
If you represent a hospital that meets all of the following qualifications, you are dually-eligible for the Medicare and Medicaid EHR Incentive Programs:

  • You are a subsection(d) hospital in the 50 U.S. States or the District of Columbia, or you are a CAH; and
  • You have a CMS Certification Number ending in 0001-0879 or 1300-1399; and
  • You have 10% of your patient volume derived from Medicaid encounters.

(Disclaimer: This post is not intended as legal advice nor does it create an attorney-client relationship.)

340B Compliance–Who is the Authorizing Official?

Thursday, June 23rd, 2011

When completing the 340B registration forms, a healthcare organization will need to determine who its authorizing official is.  An authorizing official is one who signs the Registration Form.  Sounds easy, right?  It can be, but with certain entities, the answer may not be so obvious.  If OPA (Office of Pharmacy Affairs) determines that the signor is NOT an acceptable authorizing official, then the forms will not be processed.  This can be important for two reasons:

1.  There are quarterly deadlines for applying for 340B eligibility.  If a deadline is missed, then an organization may have to wait several months for acceptance into the program.

2.  Money.  The longer it takes the paperwork to be processed, the longer it takes the organization to become eligible for discounted pharmaceuticals.

For access to the OPA’s website and 340B registration forms, go here.

Who is the Authorizing Official?

Well, it depends on the type of healthcare organization that is applying.  Here’s a (non-exhaustive) list that is based on OPA’s website:

  • For STD and TB applicants, the Authorizing Official is the director of the State or City health department administering the respective STD or TB grant in your geographic area.
  • For Family Planning (FP) applicants, the Authorizing Official is a responsible representative of the funded grantee.
  • For hospitals, the Authorizing Official must be a senior managing official who can sign on behalf of an organization such as the CEO or CFO.
  • For Contract Pharmacies, the form must be signed by a responsible representative of each organization and submitted to OPA.  For the covered entity, the responsible representative may be the President, Chief Executive Officer, Chief Operating Officer, Chief Financial Officer, or Program Director.  For the pharmacy, the responsible representative may be the Owner, the President, Chief Executive Officer, Chief Operative Officer, or Chief Financial Officer.

(Disclaimer: This post is not intended as legal advice nor does it create an attorney-client relationship.  If you have questions regarding 340B compliance, please consult an attorney.)