New York State: Entities licensed under Article 28 or 36 Public Health Law; Article 16 or 31 Mental Hygiene Law; all other health care providers billing $500,000 to Medicaid in 1 year. Federal Government: Skilled Nursing Facilities within months under Patient Protection and Affordable Healthcare Act.
A successful compliance program addresses the provider's need to prevent fraud and abuse and carries the added benefit of improving the provision of quality health care at lower costs. A successful compliance program also openly demonstrates, to employees and the public, the provider's commitment to conducting its affairs honestly and responsibly.
Compliance programs encourage employees to report potential problems and permit the provider to conduct an internal investigation and take corrective action. Thus, the successful compliance program should increase the likelihood of preventing, identifying, and correcting unlawful, abusive or wasteful conduct at an early stage, minimizing financial loss to the government, to taxpayers, and to the provider.
Compliance programs need to encompass billings, payments, medical necessity, quality of care, governance, credentialing and other risk areas that a provider, with due diligence, identifies. Specifically, any compliance plan should include the following elements:
1. Designation of a chief compliance officer responsible for the day-to-day operation of the compliance program; this employee should report directly to the provider's chief executive and periodically report to the governing body (if such a body exists) on the activities of the compliance program;
2. Training and education of all affected employees and persons associated with the provider, including executives and governing body members, on compliance issues, expectations, and the operation of the compliance program; such training should occur periodically and should be made a part of the orientation of new employees and governing body members;
3. A communication process, such as a hotline, accessible to all employees, outside vendors, governing body members, patients or other users of the provider's services, for the reporting of compliance issues; the lines of communication should allow for anonymous and good faith reporting of potential compliance issues as they are identified;
4. Disciplinary policies and standards that are distributed to all employees, which are fairly, evenly, and firmly applied, and encourage good faith participation in the compliance process, including policies that articulate expectations for reporting compliance issues and assist in their resolution and outline sanctions for:
1. failing to report suspected problems;
2. engaging in non-compliant behavior;
3. encouraging, directing, facilitating or permitting either actively or passively non-compliant behavior.
5. A system for routine identification of compliance risk areas specific to the particular provider, for self-evaluation of such risks areas, including but not limited to internal audits and as appropriate, external audits, and for evaluation of potential or actual non-compliance as a result of such self-evaluations and audits, credentialing of providers and persons associated with providers, reporting, governance, and quality of care to beneficiaries.
6. A system for responding to compliance issues as they are raised; for investigating potential compliance problems; responding to compliance problems as identified in the course of self-evaluations, external evaluations and audits, correcting such problems promptly and thoroughly and implementing procedures, policies and systems as necessary to reduce the potential for recurrence; identifying and reporting compliance issues to the Office of the Medicaid Inspector General; and refunding overpayments.