Healthcare fraud and abuse cases cost the industry billions of dollars a year. Without processes in place to detect and prevent fraudulent activities, healthcare providers could face an investigation that may cost them their reputation and revenue.
However, developing appropriate healthcare fraud and abuse prevention policies and compliance programs may be difficult for provider organizations.
Providers face multiple healthcare fraud and abuse laws at the local, state, and federal levels. Complying with the myriad of regulations can be difficult for providers who already focus on a range of priorities, including care delivery, payer compliance, medical billing, and revenue cycle management.
As value-based purchasing takes hold of the healthcare industry, providers are also seeing claims reimbursement rates drop in favor of incentive payments.
Efforts to maximize revenue may push some providers to engage in healthcare fraud and abuse activities without intending to, such failing to correct a billing clerk who assumes a provider performed specific services, billing for medications that patient never picked up, and coordinating with other provider organizations under value-based agreements.
While providers may or may not intend to commit healthcare fraud and abuse crimes, the federal government is as strict as ever with cracking down on fraud schemes.
HHS recently reiterated its commitment to preventing healthcare fraud and abuse. The federal department stated last year that CMS implemented a proactive approach to fraud protection, eliminating its previous pay-and-chase method.
The federal department now uses predictive analytics to prevent false medical bills before providers receive payments. CMS also upped its efforts to screen providers properly for enrollment in federal healthcare programs.
Providers may find that Medicare and Medicaid officials are scrutinizing claim submissions more than ever to detect potential improper billing practices.
To prevent an organization from participating in healthcare fraud and abuse activities, providers should understand key healthcare fraud laws, implement a compliance program, and improve medical billing and business operations processes.
Understanding healthcare fraud and abuse definitions and regulations
A multitude of definitions and regulations relate to improper billing offenses committed by providers. Providers should be aware of the difference between fraud and abuse as well as the details of the False Claims Act, Anti-Kickback Statute, and the Physician Self-Referral Law.
According to CMS, healthcare fraud involves the following:
- Knowingly submitting, or causing to be submitted, false claims or submitting misrepresentations to acquire claims reimbursement from payers for which no entitlement exists
- Intentionally soliciting, receiving, offering, and/or paying remuneration to encourage or reward referrals for items or services reimbursed by payers
- Providing prohibited referrals for specific designated health services
Examples of common healthcare fraud activities include billing for no-show appointments, submitting claims for services at a higher complexity and claims reimbursement level than provided or documented, billing for services not furnished, and paying for referrals.
Healthcare abuse involves practices that directly or indirectly generate unnecessary costs, CMS explains. Abuse includes any practices that prevent patients from receiving services that are medically necessary, meet professionally recognized standards, and are priced fairly.
The federal agency emphasizes that healthcare abuse can also result in criminal and civil liability.
Policymakers established the following three key laws to regulate both healthcare fraud and abuse cases in addition to creating a criminal healthcare fraud statute:
- Federal False Claims Act: imposes civil liability on any individual who knowingly submits, or causes the submission of, false or fraudulent claims to the federal government, law officials do not need proof of specific intent to defraud to charge individuals
- Anti-Kickback Statute: targets individuals who knowingly and willfully pay, solicit, offer, or receive remuneration directly or indirectly to induce or reward referrals of services and items reimbursed by federal healthcare programs
- Physician Self-Referral Law: prohibits providers from making referrals for certain healthcare services reimbursable by federal healthcare programs to an entity in which the provider (or immediate family member) has an ownership or investment interest or with which he has a compensation agreement, otherwise known as the Stark Law
Providers who violate the healthcare fraud laws could face exclusion from federal healthcare programs and civil monetary penalties. In 2016, penalties ranged from $21,563 to $73,568 per violation, CMS reported.
Federal judges can also sentence violators to prison. For example, an Atlanta-area dentist received 1.5 years of federal prison time in 2016 for submitting false claims to the state’s Medicaid program totaling almost $1 million.
Implementing a compliance program to identify and prevent healthcare fraud
Developing a strong compliance program is key to preventing healthcare fraud and abuse activities.
A strong compliance program should “establish a culture within a hospital that promotes prevention, detection and resolution of instances of conduct that do not conform to Federal and State law, and Federal, State and private payer healthcare program requirements, as well as the hospital’s ethical and business policies,” the HHS Office of the Inspector General (OIG) stated in official compliance guidance geared towards the hospital setting.
The OIG also suggested that providers implement the following components:
- Development and distribution of written conduct standards and policies that promote the hospital’s commitment to compliance (e.g., by including compliance adherence as part of staff evaluations) and that address areas of potential fraud, such as claims management and financial relationships with other providers
- Appointment of a Chief Compliance Officer and other compliance staff charged with operating and monitoring the compliance program and reporting to the hospital’s governing body
- Implementation of continuous education and training for staff
- Maintenance of a process to receive healthcare fraud reports and complaints, such as a hotline, and the development of procedures to protect anonymity and whistleblowers from retaliation
- Establishment of a system to respond to healthcare fraud and abuse accusations and appropriate disciplinary actions against staff who violate compliance policies and laws
- Use of audits and/or evaluations to track compliance adherence and help reduce issues
- Investigation and remediation of systemic problems and the establishment of policies to address if staff involved are retained or terminated
Additionally, OIG recently published a resource for hospitals and providers to evaluate the effectiveness of their compliance programs. The resource explains how healthcare organizations across the size spectrum can evaluate standards and policies, administration, stakeholder screening and assessments, training, internal reporting system monitoring, non-compliance discipline, and investigations and remedial measures.
"To get a little bit deeper, you're going to take a look at the compliance program and see how was it designed, how was it structured, and was it what they call a paper compliance program or a real compliance program."
Providers who can demonstrate that their organization maintains a proper compliance program may be in a better position in the event of a healthcare fraud and abuse investigation, Gejaa Gobena, former Chief of the Healthcare Fraud Unit in the Department of Justice Criminal Division, told RevCycleIntelligence.com in 2016.
“As you're gathering the facts and starting to engage the company on a corporate healthcare investigation, one of the things you'll be looking at what kinds of compliance measures were in place, why they didn't stop the conduct, and why did that happen,” he explained.
“To get a little bit deeper, you're going to take a look at the compliance program and see how was it designed, how was it structured, and was it what they call a paper compliance program or a real compliance program.”
Prosecutors look for comprehensive compliance programs and the existence of such a program could be the deciding factor between civil or criminal charges.
Addressing documentation, coding, and billing processes to avoid misconduct
While a compliance program is the foundation for healthcare fraud and abuse prevention, providers should also consider improving their medical billing and coding processes.
Clinical documentation is the basis upon which payers reimburse providers for their services. Inaccurate and inappropriate coding can lead to potential healthcare fraud and abuse investigations.
Common clinical documentation and coding issues include billing for the following:
- Services that were not rendered
- Medically unnecessary procedures
- Services performed by an improperly supervised or unqualified employee
- Procedures or tests of such low quality they are deemed worthless
- Separate services already included in a global fee, such as an evaluation and management (E&M) code service the day after surgery.
CMS has advised providers to be particularly mindful of upcoding, or requesting a higher reimbursement rate for services that do not merit that level of compensation. Providers may upcode claims in order to maximize their claims reimbursement.
"Providers should be proactive in evaluating their billing data and comparing it to similar providers locally, regionally and nationally."
Providers should also benchmark their medical billing data against industry standards, Michael J. Bittman, a Broad and Cassel law firm partner, advised in a 2016 Orlando Business Journal editorial.
“The government and private payers are mining billing data to detect outliers,” he wrote. “Providers should be proactive in evaluating their billing data and comparing it to similar providers locally, regionally and nationally. Compliance aspirations should be set annually and based on expectations of customers or industry benchmarks. If there are discrepancies, find out why.”
Additionally, CMS recommends that providers exercise caution with investments in healthcare business ventures. Providers may invest in third parties, such as laboratories, imaging centers, equipment vendors, or physical therapy clinics, to expand patient care access. However, referral patterns to these facilities could implicate a provider in an investigation.
“These business relationships can sometimes improperly influence or distort physician decision-making and result in the improper steering of a patient to a particular therapy or source of services in which a physician has a financial interest,” CMS wrote. “Many of these investment relationships have serious legal risks under the AKS [Anti-Kickback Statute] and Stark Law.”
To avoid illegal kickback schemes with investment partners, the federal agency recommends that providers ask the following questions:
- Is the investment interest for a nominal capital contribution?
- Will the provider’s ownership share be greater than his share of the total capital contributions made to the venture?
- Is the investment venture promising the provider high rates of return for little or no financial risk?
- Is the investment venture, or any possible business partner, offering to loan the provider money to make his capital contribution?
- Is the partner asking the provider to guarantee patient referrals or item orders?
- Does the provider believe he will be more likely to refer patients for services provided by the venture just because he made the investment?
- Will the venture have enough capital from other sources to fund its operations?
Providers should ask themselves similar questions if healthcare vendors approach them with free samples, business opportunities, and incentives.
Healthcare fraud laws complicate value-based purchasing implementation
Under value-based purchasing models, providers may seek business relationships with other organizations to fill care gaps. Controlling care across the continuum also allows providers to monitor patient outcomes and costs to maximize value-based reimbursement.
However, the Physician Self-Referral Law and Anti-Kickback Statute raise questions for providers who believe they are engaging in necessary care coordination efforts to support value-based purchasing.
The American Hospital Association (AHA) argued in 2016 that the healthcare fraud and abuse laws prevented healthcare organizations from paying their providers based on outcomes and value, rather than volume of services.
For example, hospitals cannot legally incentivize providers to restructure care delivery or adhere to care pathways, since the fair market value stipulation in the regulations state that providers must only receive rewards based on an hours-worked model, the AHA asserted.
Similarly, hospitals cannot compensate providers for care management and coordination efforts.
"Fraud and abuse laws may serve as an impediment to robust, innovative programs that align providers by using financial incentives to achieve quality standards, generate cost savings, and reduce waste."
The Anti-Kickback law especially troubles providers because hospitals cannot provide support or incentives to a residential facility since the compensation could be viewed as remuneration to induce the care site to make referrals back to the hospital.
HHS recently echoed the AHA’s concerns. “Although we expect that some arrangements may be structured to satisfy the requirements of an applicable exception to the physician self-referral law and not violate the Federal anti-kickback statute, the fraud and abuse laws may serve as an impediment to robust, innovative programs that align providers by using financial incentives to achieve quality standards, generate cost savings, and reduce waste,” the agency stated.
The federal government offered healthcare fraud and abuse law waivers to some providers engaging in value-based reimbursement models. However, the AHA contended that the waivers create a patchwork of exceptions that make it difficult for providers to navigate the regulations.
Both the AHA and HHS also recognized that current healthcare fraud and abuse laws stem from a fee-for-service environment and should be updated to reflect value-based purchasing models.
As the healthcare industry moves to new care delivery and claims reimbursement standards, healthcare fraud and abuse regulations will likely evolve as well. Providers should ensure their organizations stay up-to-date and comply with new regulations to prevent potential fraud investigations.