Skip to main content

Compliance is a million-dollar word

June 1, 1998

Compliance is a million-dollar word

Here's how to get compliance program started

Compliance is this year's buzzword among health care providers given the Health Care Financing Administration (HCFA) crackdown on potential fraud and abuse activities. So it's no surprise that organizing an effective compliance program will be a key part of any successful provider sponsored organization (PSO).

"Compliance officers are being hired in-house, full-time to work with these PSOs; this is not something you can farm out," warned William J. DeMarco, MA, CMC, president of DeMarco & Associates in Rockford, IL. DeMarco emphasized the importance of compliance programs during a seminar on PSOs at the 10th annual National Managed Health Care Congress conference, held in Atlanta in April.

Laurie J. Levin, JD, a health care attorney with Baker & Hostetler in Orlando, FL, also recommends PSOs have their own compliance plans and procedures in place to reduce the prospect of unlawful conduct.

"It's a lot cheaper to do things right the first time than to pay the penalties later," she says. "The risks are too great and enforcement efforts are too strong."

A newly formed PSO - St. Joseph's Care Management Corp. in Atlanta - hired a full-time compliance officer more than six months before it received final approval from HCFA, says Tom Flora, vice president for the PSO.

The PSO, which recently launched its Medicare SMART product, is affiliated with 21 hospitals, including Emory University Health Care and St. Joseph's Hospital, both in Atlanta.

Flora says the PSO made compliance a priority, partly because of HCFA's review process, which includes a site visit about six-to-nine months after final approval. "We call HCFA's reviewer's guide, the `101 questions,' and we work around those questions to make sure we comply with all the different regulations," he says.

"We also use HCFA's two model compliance programs for labs and hospitals, and we're reviewing those to incorporate in our plan," Flora says.

St. Joseph's Care Management Corp. also has incorporated into its plan the seven elements of a compliance program, established by the Office of Inspector General of the U.S. Department of Health and Human Services in Washington, DC, says Gloria Jordan, the PSO's regulatory compliance officer.

Jordan and Levin explain how the seven elements may be incorporated into a PSO compliance program, using St. Joseph's Care Management's compliance plan as an example:

1. Write policies and procedures addressing potential fraud.

The PSO's compliance overview addresses all compliance issues, how it affects staff, and what the risk areas are. St. Joseph Hospital also has a compliance program, and some of its policies will be incorporated into the PSO's plan, Jordan says. "We have to make sure none of our policies and procedures conflict with the health system, and they really shouldn't."

The PSO's policies will address many details relating to sales and marketing, quality of care, and how to determine if financial arrangements with contractors and providers are detrimental to members, she adds.

2. Hire a chief compliance officer and create a committee to operate and monitor the compliance program.

Hiring Jordan was the PSO's first step. With her help, it will develop a compliance committee and possibly hire additional compliance staff.

"The committee probably will have a representative from each area, and they'll meet monthly or quarterly to discuss compliance issues and to give feedback about what's going on in their areas," Jordan says. "The committee's success will depend on members keeping an open dialogue and being the eyes and ears - but not the spies - of the organization."

3. Emphasize education and training for all employees.

"All employees from Medicare SMART will go through compliance training within 30 days of their hire dates," Jordan says.

The training will last about one hour and will include an overview of compliance and information about state and federal regulations. Once employees complete the training, they'll receive a certificate of completion for compliance.

After the new employees have worked for 90 days, they'll fill out a questionnaire to see if they've encountered any compliance issues on their jobs and need clarification or information, Jordan says.

The questionnaire will ask these questions:

· Did the compliance training meet your needs?

· Do you still have any questions in this area?

· What do you recommend for future compliance updates?

"If [employees] note they still have a need for remedial updates in some particular area, then I would meet with them one-on-one to discuss it," she adds. "If everybody is struggling with the same issue, then we'll do some more training on a companywide basis.

Additional education will include sending employees copies of articles, periodicals, and updates on compliance, and keeping the company up-to-date through compliance seminars and workshops. Plus, there will be an update for all staff each year.

Physicians could be educated about coding details and what constitutes fraudulent billing through workshops and seminars, Levin says.

The PSO also will educate community physicians through its network management department, Jordan says.

The Network staff have been meeting with physicians in the community, taking their questions, and providing them with necessary policies and procedures.

4. Establish a complaint process.

"You want all of your providers to know who to contact, either identifying themselves or anonymously, if they see some billing problems," Levin advises.

A PSO needs to have several different types of complaint processes, Jordan says. So St. Joseph's Care Management has established these three methods:

- for employees to report suspected fraud and abuse;

- for providers to complain about slow or incorrect payments;

- for grievances by Medicare recipients.

Medicare members may call the PSO's member services department if they have a complaint. Then their grievance will be heard through a formal process that includes sending them explanations in writing for every step of the process.

The PSO's employees will have a complaint box in which they may deposit anonymous memos. They also can e-mail or call Jordan personally. And the providers may contact the Network Management Department if they have any issues to resolve.

5. Enforce disciplinary action against violators.

In general, a PSO should have a clause written into its provider contracts that states what type of fraudulent or abusive activity could be grounds to terminate the contract, Levin says.

"All of us want to believe we won't have to follow through on this, that everyone will follow the rules," Jordan says. "But our challenge will be to put in a policy that addresses what will happen if you are caught in violation of a compliance issue."

The steps may include oral warnings, written warnings, and even termination, she says.

Since the PSO has no contracts with physicians, it has no way to enforce discipline except through a quality process, Jordan says. "If someone calls and they have a quality of care issue, we do have a process to investigate that and try to get it to the right party, depending on what the complaint is."

6. Audit and evaluate techniques to monitor compliance.

As soon as a PSO has any claims or bills from providers, it should start its audit process, Levin says. "When you're starting up and are small, you might have the luxury of doing a 100% audit," she says, adding that PSOs could hire law firms to conduct the audits. The law firm then will hire accounting firms when necessary.

These techniques still are under development, Jordan says. But in general, the PSO likely will audit enrollment applications by pulling samples to see if they've been completed correctly and entered into the system correctly. "We'll make sure they're being paid correctly and within time."

"Right now it will be a 100% audit: Everything that comes through will be audited, and as we grow, there will be a percentage of materials to be checked," she explains.

Also, any new documents, newsletters, sales brochures, and other material will have to be checked by Jordan for compliance before it is sent to HCFA for approval.

7. Investigate and fix problems.

This area also is continuing to be developed. But typically, Jordan, as compliance officer, would be the first person to investigate any problems. Later it could be reviewed by the compliance committee.

She'll also routinely check and monitor the PSO's processes to look for inconsistencies. If employees have questions about some procedure, they may ask Jordan to find them an answer or clarification. "Even if they don't come to me, and if I see something coming off the fax machine or if I hear a discussion, I'll tell them where they can find the information," she says.

"With HCFA, there are definite laws and regulations you need to be in compliance with, and one thing a lot of staff members have not understood is that it's not optional," Jordan explains. "We're not going to cut corners and find ways around it; we're simply going to comply with the regulation, and if the PSO follows that mindset, we're going to stay in compliance."