Breaking Compliance News Blog

Don’t be discouraged by the title - this story is actually (hopefully) encouraging.

When I first got my Fitbit, I learned I averaged 5,000 to 6,000 steps a day. A few times a week I’d get far more than that, but my weekday average could be better.

Around Thanksgiving 2018, I decided to pick up the pace and set a goal of reaching 10,000 steps a day - no matter what.

I went to Zumba at the Y (7,000 steps), walked around my in-laws’ pond (1,000 steps), walked up and down the stairs at my office (100 steps), and danced around the kitchen (as many steps as it took).

I hit 10,000 steps 14 days in a row. And then I kept going. I of course have an off day every now and then. But overall, I feel better when I find the time to get 10,000 steps. And over time, it’s become easier to work this into my day.

What does this have to do with compliance?

Compliance professionals often tell me: I start working on compliance, but then I get distracted and weeks go by. I start working on an audit and then something else comes up and by the time I get back into the audit, I have to re-learn the entire process. I want to spend more time on compliance, but there is just so much else to do.

The problem here is that compliance needs to be part of our daily routine, no matter what. 

By consistently reaching a small goal (10,000 steps a day), I achieved a bigger goal: I lost 10 pounds. Compliance is the same way. If you commit to working on compliance consistently - even slowly but surely - over time, you will be rewarded with bigger results.

Here are some ways you can commit to compliance every day – and achieve big goals over time:

• In 5 minutes, you can go over a compliance tip, question or flash card with an employee, making a positive connection with compliance and reinforcing compliance knowledge.
• In 10 minutes, you can walk the halls and increase your visibility as Compliance Officer.
• In 20 minutes, you can conduct a HIPAA walk-through audit of a department.
• In 30 minutes, you can review a policy with an employee.

Make room for small tasks, and watch your compliance program meet big goals in 2019.

MPA scours OIG and OCR enforcement updates and news headlines so you don't have to.

Every month, we summarize enforcement trends and bring you the latest compliance and HIPAA developments, and deliver them to your inbox in our Monthly Compliance News Report.

Not yet a subscriber? Use coupon code NEWYEAR to save 25% off the price when you sign up.  

You can read a sample report here.

MPA is excited to partner with LeadingAge Illinois to bring you a two-day compliance and HIPAA workshop in Springfield Illinois on October 24 and 25!

Come for a day of compliance, a day of HIPAA, or both!  You will get some MPA freebies, including our new Compliance Flash Cards.

How to Build & Maintain an Effective Compliance Program

Overview: This workshop will walk you through steps in building a compliance program. Special emphasis will be placed on strategies for evaluating board and Compliance Committee engagement, audit integrity, compliance culture, quality of reporting, and the programs’ ability to spot and address new compliance issues. You will also receive a compliance checklist, draft board resolution, suggested training topics, PEPPER guide, compliance risk area/audit plan worksheet and compliance officer handbook.

Faculty: Margaret C. Scavotto, JD, CHC, President, MPA    
Scott Gima, COO, Executive VP of Compliance & Management, MPA

Date/Location:

Wednesday, October 24, 2018
Illinois Education Association
3440 Liberty Dr. Springfield, IL 62704

Time: 9:00 a.m. – 4:30 p.m.

Fee Per Person: $149 members, $249 Non-members

Learn more or sign up here.

How to Build a HIPAA Program

Overview: In this workshop, we will provide an overview of HIPAA privacy, security, and breach notification that is appropriate for beginners, but will also serve as a refresher for more senior HIPAA professionals. We will emphasize practical strategies to make HIPAA a part of daily life and culture at your organization. Together we will brainstorm strategies to make HIPAA a mindset at our organizations. We will share examples from headlines as well as from around the water cooler, and discuss best practices and practical solutions for preventing these HIPAA hazards, with an emphasis on going beyond a paper policy and annual training.

Faculty: Margaret C. Scavotto, JD, CHC, President, MPA
Scott Gima, COO, Executive VP of Compliance & Management, MPA

Date/Location
 
Thursday, October 25, 2018
Illinois Education Association
3440 Liberty Dr. Springfield, IL 62704

Time: 9:00 a.m. – 4:30 p.m.

Fee Per Person: $149 members, $249 Non-members

Learn more or sign up here.

MPA is excited to partner with LeadingAge Illinois to bring you two two-day compliance and HIPAA workshops!

Come for a day of compliance, a day of HIPAA, or both! Two options: Naperville, IL and Springfield, IL

How to Build & Maintain an Effective Compliance Program

Overview: This workshop will walk you through steps in building a compliance program. Special emphasis will be placed on strategies for evaluating board and Compliance Committee engagement, audit integrity, compliance culture, quality of reporting, and the programs’ ability to spot and address new compliance issues. You will also receive a compliance checklist, draft board resolution, suggested training topics, PEPPER guide, compliance risk area/audit plan worksheet and compliance officer handbook.

Faculty: Margaret C. Scavotto, JD, CHC, President, MPA    
Scott Gima, COO, Executive VP of Compliance & Management, MPA

Date/Locations:

Thursday, September 27, 2018
NIU Naperville Conference Campus
1120 E Diehl Rd, Naperville, IL 60563

Wednesday, October 24, 2018
Illinois Education Association
3440 Liberty Dr. Springfield, IL 62704

Time: 9:00 a.m. – 4:30 p.m.

Fee Per Person: $149 members, $249 Non-members

Learn more or sign up here.

How to Build a HIPAA Program

Overview: In this workshop, we will provide an overview of HIPAA privacy, security, and breach notification that is appropriate for beginners, but will also serve as a refresher for more senior HIPAA professionals. We will emphasize practical strategies to make HIPAA a part of daily life and culture at your organization. Together we will brainstorm strategies to make HIPAA a mindset at our organizations. We will share examples from headlines as well as from around the water cooler, and discuss best practices and practical solutions for preventing these HIPAA hazards, with an emphasis on going beyond a paper policy and annual training.

Faculty: Margaret C. Scavotto, JD, CHC, President, MPA
Scott Gima, COO, Executive VP of Compliance & Management, MPA

Date/Locations
Friday, September 28, 2018
NIU Naperville Conference Campus
1120 E Diehl Rd, Naperville, IL 60563
 
Thursday, October 25, 2018
Illinois Education Association
3440 Liberty Dr. Springfield, IL 62704

Time: 9:00 a.m. – 4:30 p.m.

Fee Per Person: $149 members, $249 Non-members

Learn more or sign up here.

MPA is excited to partner with LeadingAge Illinois to bring you two two-day compliance and HIPAA workshops!

Come for a day of compliance, a day of HIPAA, or both! Two options: Naperville, IL and Springfield, IL

How to Build & Maintain an Effective Compliance Program

Overview: This workshop will walk you through steps in building a compliance program. Special emphasis will be placed on strategies for evaluating board and Compliance Committee engagement, audit integrity, compliance culture, quality of reporting, and the programs’ ability to spot and address new compliance issues. You will also receive a compliance checklist, draft board resolution, suggested training topics, PEPPER guide, compliance risk area/audit plan worksheet and compliance officer handbook.

Faculty: Margaret C. Scavotto, JD, CHC, President, MPA    
Scott Gima, COO, Executive VP of Compliance & Management, MPA

Date/Locations:

Thursday, September 27, 2018
NIU Naperville Conference Campus
1120 E Diehl Rd, Naperville, IL 60563

Wednesday, October 24, 2018
Illinois Education Association
3440 Liberty Dr. Springfield, IL 62704

Time: 9:00 a.m. – 4:30 p.m.

Fee Per Person: $149 members, $249 Non-members

Learn more or sign up here.

How to Build a HIPAA Program

Overview: In this workshop, we will provide an overview of HIPAA privacy, security, and breach notification that is appropriate for beginners, but will also serve as a refresher for more senior HIPAA professionals. We will emphasize practical strategies to make HIPAA a part of daily life and culture at your organization. Together we will brainstorm strategies to make HIPAA a mindset at our organizations. We will share examples from headlines as well as from around the water cooler, and discuss best practices and practical solutions for preventing these HIPAA hazards, with an emphasis on going beyond a paper policy and annual training.

Faculty: Margaret C. Scavotto, JD, CHC, President, MPA
Scott Gima, COO, Executive VP of Compliance & Management, MPA

Date/Locations
Friday, September 28, 2018
NIU Naperville Conference Campus
1120 E Diehl Rd, Naperville, IL 60563
 
Thursday, October 25, 2018
Illinois Education Association
3440 Liberty Dr. Springfield, IL 62704

Time: 9:00 a.m. – 4:30 p.m.

Fee Per Person: $149 members, $249 Non-members

Learn more or sign up here.

Margaret Scavotto authored an article for the August issue of HCCA's Compliance Today: Boost your compliance culture with Corporate Compliance and Ethics Week.

An excerpt is below:

Does your compliance program have a brand, a theme, a slogan, a message, or a logo? It should. A compliance message makes staff aware of the purpose of compliance and keeps it in the forefront. If someone from the Office of the Inspector General (OIG) walked into your organization and said to the nearest employee, “Tell me about your compliance program,” what would they hear? How long would it take for that employee to explain your compliance program to the OIG? Would it be a challenging task? A clear compliance message is easier for everyone to understand and articulate.

Here’s a message that I like: “Compliance is here to help.” It’s not that snappy, and it won’t blow your mind, but it’s true, positive, and easy to remember. In a highly regulated industry like healthcare, an employee’s work can feel daunting. Healthcare employees face a daily mountain of potential HIPAA violations, mind-bending questions about arrangements with referral sources, quality assurance challenges, and ethical conundrums.

A compliance program that feels like a hammer makes this worse and makes an employee’s work harder. Compliance should make things easier. And it can!  

You can read the entire article here.

Copyright 2018 Compliance Today, a publication of the Health Care Compliance Association (HCCA).

Click to learn more and be the first to hear when the store launches.

At the HCCA Compliance Institute held in Las Vegas April 15-18, Keynote Speaker and HHS Inspector General Dan Levinson announced the OIG's new Compliance Resources Portal.

Now, compliance officers can find all of the OIG’s compliance resources on one page.

The resources include:

1. Toolkits
2. Provider Compliance Resources and Training*
3. Advisory Opinions
4. Voluntary Compliance and Exclusions Resources
5. Special Fraud Alerts, Other Guidance, and Safe Harbor Regulations
6. Resources for Health Care Boards
7. Resources for Physicians
8. Accountable Care Organizations

 * Compliance Program Guidance is housed here.

 Soon, the OIG will be posting a new resource: the OIG Toolkit to Identify Patients at Risk of Opioid misuse.

 If you are looking for criminal, civil or state enforcement actions, civil monetary penalties, exclusions or corporate integrity agreement enforcement, those update are still located under the Fraud tab.

Whistleblowers Going After United Healthcare

United Healthcare (UH) sales agents brought a whistleblower lawsuit against UH, alleging fraud and kickbacks.

For example, the whisteblowers claim a UH sales agent promised iPads to customers who agreed to sign up and remain on the plan for six months.

Another sales agent allegedly forged signatures on enrollment paperwork – enrolling patients without their knowledge.

Perhaps most seriously, UH kept two sets of books: one with misconduct complaints about UH; and another set of books that concealed the complaints from federal agencies. By hiding complaints, UH artificially boosted its quality ratings, which enabled it to receive $1.4 billion in Medicare bonuses in fiscal year 2016. For example, in March 2016, UH identified 776 complaints, but only reported 257 to CMS.

The whistleblowers also alleged that complaints were met with little investigation and little disciplinary action.

UH’s employees knew of these practices, and, in at least some instances, reported them internally. According to the whistleblowers, when UH did not address these concerns, the sales agents went to the federal government.

Whistleblowers are most often employees or former employees. Are you confident that you are aware of your employees’ concerns? Have employees made complaints? Were they resolved? Do employees know you took their concerns seriously?

On April 18, 2017, a woman was arrested in St. Louis, MO and is facing federal charges of health care fraud and identify theft after working as an agency nurse in the intensive care unit and geriatric psych unit at a local hospital for three months. The woman is accused of working as a nurse, despite lacking a nursing license or degree in any state.

The Red Flags

In March 2017, this individual applied for a job with a nurse staffing company in Chicago. As reported in the St. Louis Post-Dispatch, the co-owner of the firm found the following problems with her employment application:

• She failed a basic ICU skills test
• She reported a New Mexico nursing license, but her social security number did not match any nursing license in New Mexico
• The copy of her nursing license looked like it was copied and pasted with incorrect numbers and formatting as well as crooked text

Separate criminal charges have also been filed against the woman in New Mexico, where the authorities claim she was hired as a nursing instructor at the Brown Mackie College School of Nursing in 2015 – despite not having a nursing degree or license.

Don’t Let This Happen to You

How does an individual who is not a licensed nurse get hired as 1) a hospital ICU nurse and 2) a school of nursing instructor? This mistake was easily found by the Chicago staffing company which tried to verify her credentials with the state.

License verification is a necessary procedure for all new hires. This requires independent verification with the state – never rely on documentation provided by applicants or staff. Verification should also occur on a monthly basis. Many state license boards publish monthly lists of professionals whose licensed have been disciplined, suspended or revoked. Someone in the HR or Compliance departments should be reviewing this list to see if any staff or contractors are listed. HR and Compliance should also collaborate to audit these procedures periodically to make sure these simple steps are being completed.

Finally, staffing agencies should be thoroughly addressed. If your company uses temporary or agency staff, be confident that the agency(ies) are properly vetting the individuals they send to work in your organization. You are billing Medicare and Medicaid for their work, and exposing your patients to these individuals, after all. The agency’s duty to screen their staff can be addressed by contract. The provider can – and should – also audit the agency to verify that screening occurs. Finally, it is wise for providers to also conduct screens of agency or temporary staff whenever feasible.

On June 30, the Department of Justice passed an interim final rule that gave False Claims Act penalties a big raise. Here's what you need to know: