Physician Practice Compliance Plans


October 25, 1999

Dear Physician Client:

You probably already have heard or seen many of the quotes and statistics concerning health care fraud and false claims enforcement activities.

Attorney General Janet Reno has targeted the prosecution of health care fraud and abuse as the federal government's highest enforcement priority second only to violent crime. The Health Care Insurance Portability and Accountability Act has given the Office of Inspector General (OIG) of the Department of Health and Human Services a substantial budget increase through 2003 which has to be justified. The United States Justice Department has assigned hundreds of prosecutors and the FBI has engaged hundreds of new agents to focus specifically on health care fraud and abuse. In addition to federal enforcement activities and regulations, states are seeking to coordinate their activities in the area with the federal government and have their own self-referral, anti-kickback and false claims acts and regulations. In response to the government's pressures and seeing an opportunity to challenge claims, private insurers have increased their investigations and scrutiny of providers. Along with this governmental and private insurer activity, many patients and other individuals are aware of the OIG Fraud and Abuse Hotline, and Qui Tam ("whistle blower") actions are increasingly being brought by private individuals with such individuals hoping to get a percentage of the government's recovery. The oft-repeated statement, "It's not a question of whether a physician's practice will be audited, but simply a question of when," may in fact hold a measure of validity.

In light of this overheated enforcement environment, the purpose of this Health Law Alert is to discuss what physicians and their practices can do to protect themselves and the issues that such efforts entail. As to what can be done, the federal government has provided an answer- voluntarily developed and implemented compliance plans. An effective compliance plan provides internal controls: (i) to promote adherence to the applicable law and program and health plan requirements, (ii) to prevent violations and (iii) to detect problems which have already occurred so they can be addressed, and before they worsen. Another advantage to an effective compliance plan is that it provides evidence that any mistakes made by a physician or his or her practice were inadvertent.

Issues exist as to whether the plan can be developed affordably and where and how to begin. As to costs, the OIG's view as expressed in its published compliance program guidance is that "although it may require significant additional resources or reallocation of existing resources to implement an effective compliance program, the long term benefits of implementing the program significantly outweigh the costs." However, the fact remains that, although much of the same effort must be engaged in by a small physician practice as by a large institution or health care business in developing a compliance plan, a small physician practice is less able to bear the associated expenses. This is especially true in this health care market of decreasing reimbursement and increasing costs.

We suggest that before beginning the process you first contact our firm. As your legal counsel and having experience in the development of physician practice compliance plans, we can help you assess what approach is best for you and your practice, and depending on that approach, discuss costs. For example, guidance is necessary with regard to what place in the spectrum between a totally "home grown" plan (i.e., all plan development steps, including audits, are done internally) and "full blown" plan your practice falls. Also, many practices find it useful to use an outside billing and coding consultant such as a certified procedural coder ("CPC") or a health care consulting firm with billing and coding expertise to conduct the baseline-billing audit and to work on the development of certain aspects of the plan. If you decide to take that approach, consideration should be given to allowing us to engage such expert consultants on your behalf in order to maintain confidentiality and establish the attorney-client privilege with respect to the outside consultant's work-product and communications. Moreover, legal counsel must develop all health law aspects of the plan.

To date, the OIG has not published any compliance program guidance or model plans for physician practices. The OIG did however announce on September 8, 1999 that it was opening a 60-day period to obtain comments and input on the idea of it developing a model compliance plan specifically for physician practices. From the Federal Sentencing Guidelines and the OIG's pronouncements on the subject both generally and specifically with regard to other providers in the health care industry (for example third party billing companies), we see that there are certain minimum common elements that a physician practice compliance plan should contain.

Although there are certain minimum common elements to a physician practice compliance plan, there is no one right way to develop the plan. Instead what is important is that the plan is effective in meeting the goals of training, prevention, detection and correction. Plans must be tailored to the particular practice and its specific issues. The plan should not be a "cookie cutter" document, and should be designed in an effective fashion so as to promote, as opposed to discourage, implementation.

In formulating the plan, it is crucial to consider the practicality and reasonableness of the processes that are being established. If the processes are not practical and reasonable, there is a higher likelihood that what is set forth in the plan will not entirely be implemented. This eventuality in some respects is worse than not having a plan. Thus, it is better to develop a narrowly tailored plan that can be implemented versus a more expansive "full-blown" plan, which largely remains unimplemented and "on the shelf." An unimplemented plan can be considered a sham and potentially used against you. As counsel to practices in the process of developing plans, we seek to assist the practice in developing an effective program that is not overly complicated and that is tailored to how the practice actually "works."

The lynchpin of a plan is its effectiveness in preventing errors in coding and billing, and the first step in the development of a compliance plan is the baseline audit. Issues with respect to this first step and on which we often provide counsel involve the question of whether or not a practice can conduct its own audit. Also, if an outside consultant is engaged, what would be an appropriate process and scope for such audit. As discussed above, we also provide counsel on the importance of preserving the attorney client privilege in this outside consultant engagement.

In addition to the baseline audit, we believe the plan should contain the following minimum elements:

(a) The establishment of specific standards, rules and procedures that are reasonably capable of reducing the prospect of wrong doing by the organization's employees and agents in connection with the billing of third party payers and other areas of regulatory risks;

(b) The appointment of a trustworthy and empowered compliance officer to oversee the overall compliance efforts;

(c) Training and education sessions and dissemination of information in order to ensure effective communication of standards, rules and procedures;

(d) Initial and ongoing auditing and monitoring designed to detect improper billing activities and other areas of regulatory risk, including a reporting system which permits employees and agents to report improper conduct without fear or retribution;

(e) A commitment to enforcement of the compliance program through appropriate disciplinary measures, and the establishment of processes to investigate reports and enforce the program and to take corrective action;

With regard to the foregoing, physician practice plans the we have been involved in developing have included among other things specific policies and procedures on the following :

(a) A code of conduct or statement of integrity and ethics;

(b) Duties of the compliance officer and committee;

(c) Voluntary reporting of violations and noncompliance;

(d) Responding to reports or to the detection of violations and noncompliance, and corrective and disciplinary actions;

(e) Responding to federal and state government audits, interviews, searches and other contacts;

(f) Patient waivers of co-payments and deductibles and professional courtesies;

(g) Contractual/financial/compensation arrangements with physicians and health care service entities including a legal overview of the pertinent health care laws which commonly impact upon physician practices and their business arrangements.

(h) Patient record and other record retention and confidentiality.

We hope the above discussion and overview is helpful in your consideration of a very important topic for you and your practice. Contact us with any questions you have concerning compliance plans and programs or if you wish more information. We are happy to help you in your decision-making and in the development of a plan for your practice.

Thomas J. Tamburelli
Health Care Department