MPA Winter CE + Ski January 12th, 2014 Jason Walker-Crawford, R.Ph. – PAAS National®, Inc. Learning Objectives Discuss the Medicare Part D requirements for Fraud, Waste & Abuse Compliance (FWAC). Discuss penalties for non-compliance with FWAC. Provide advice and tools for pharmacies to meet compliance requirements. History of FWAC Federal False Claims Act (FCA) Enacted post-Civil War Heavily amended in 1986 Amended multiple times Criminal felony to submit a false claim for payment from Federal funds Medicare, Medicaid, TriCare, Federal Employee Program (FEP), grants, etc. Includes making or using a false statement History of FWAC FCA cont. Criminal penalties Civil Money Penalties (CMPs) Up to treble (triple) damages Qui Tam provisions Incentives of up to 30% of settlement or judgment may be awarded to whistleblowers Protections in place to protect whistleblowers from retaliation of any kind Pharmacist as Whistleblower Bernard Lisitza – former independent pharmacy owner and pharmacist Worked for Omnicare Also did temp work at CVS and Walgreens Filed multiple Qui Tam lawsuits against Omnicare, CVS, Walgreens and Johnson & Johnson Lawsuits have recovered billions of dollars in Federal funds Has been awarded more than $31 million History of FWAC Federal Anti-Kickback Statute 42 U.S.C. § 1320 Effective 1972 Prohibits providing or receiving a “kickback” for referral of any product or service paid by Medicare or Medicaid Any remuneration Safe Harbors 5 years in prison Fines up to $25,000 CMPs up to $50,000 Exclusion History of FWAC Anti-Kickback Statute cont. OIG maintains list of Safe Harbor regulations More than 20 published Must follow regulations exactly to be “safe” OIG will provide advisory opinions in situations that do not meet regulations Based on facts provided Only opinion Doesn’t mean practice is legal OIG likely not to prosecute History of FWAC Stark Statute 42 U.S.C § 1395nn “Stark I” – OBRA 1989 “Stark II” – OBRA 1993 AKA Physician Self-Referral Law Prevent financial incentives for unnecessary medical services Prohibits ordering or referring medical services with a financial incentive (ownership) Provides for CMP and treble damages Violation of Stark/Anti-Kickback NY medical practice – 2013 Agreed to pay $1,140,260 Paid remuneration to patients in the form of “points” Points redeemable under program for additional medical services and products History of FWAC Public Law 104-191, Health Insurance Portability and Accountability Act (HIPAA) of 1996 Established the Health Care Fraud and Abuse Control (HCFAC) Program Public and private health care Under joint direction of the Department of Health and Human Services (HHS), Office of the Inspector General (OIG) and the Attorney General Coordinates Federal, State and local law enforcement History of FWAC Medicare Modernization Act (MMA) of 2003 Created Medicare prescription drug program (Part D) Requires plan sponsors to have a compliance program Covers general compliance and FWAC Plan sponsors must assure that their employees, contractors and first-tier, downstream and related entities (FDRs) meet requirements Pharmacies are FDRs History of FWAC Deficit Reduction Act (DRA) of 2005 Enhanced the Federal False Claims Act (FCA) Provides financial incentives to States to pass their own FCA Required FWAC requirements for any entity with $5 million or more in revenue per year from Medicaid History of FWAC MT False Claims Act MT Code Ann. §§ 17-8-401 through 17-8-413 Originally enacted 2005 Amended 2009 and 2013 Approved by OIG October 24th, 2013 OIG approval provides incentive to State Min penalty of $5,500 up to $11,000 per incident Two to three times damages (claim amount) Costs History of FWAC American Recovery and Reinvestment Act (ARRA) of 2009 (Stimulus) Health Information Technology for Economic and Clinical Health (HITECH) Act Enhanced HIPAA Introduced Breach Notification requirements Increased CMPs Up to $1.5 million per violation per year Omnibus Final Rule Effective March 26th, 2013 History of FWAC Health Care Fraud Enforcement and Action Teams (HEAT) Began May 9, 2009 http://www.stopmedicarefraud.gov CMS, FBI, DEA, OIG, State and local law enforcement Medicare Fraud Strike Force, nine cities Baton Rouge, LA; Brooklyn, NY; Chicago, IL; Dallas, TX; Detroit, MI; Houston, TX; Los Angeles, CA; Miami-Dade, FL; Tampa Bay, FL In 2011, HEAT coordinated fraud takedown of $530 million in fraudulent billing History of FWAC Patient Protection and Affordable Care Act (ACA) of 2010 (Obamacare) Expanded the Recovery Audit Contractor (RAC) program to include Medicaid and Medicare Part C and D Additional $350 million to fight FWA Expected to be budget neutral FWA Recovery ≥ Enforcement Cost History of FWAC ACA Cont. Increased provider/supplier review Site visits, background checks, licensure checks, fingerprinting False applications may lead to exclusion from all Federal programs Medicaid termination for unpaid overpayments Suspension of payments if fraud is expected! What’s the big deal? Why are there some many different laws all about FWA? It’s all about the money! Health Care Expenditures In 2012, health care expenditures have been estimated to be $2.82 trillion = 17.6% GDP In 2020, health care expenditures are projected to be $4.6 trillion = 19.8% GDP Fraud is estimated to be 3-10% of total dollars spent (National Health Care Anti-Fraud Association/FBI) Waste is estimated to be 20-30% of total dollars spent (HHS-OIG Daniel Levinson, Inspector General – Keynote address 2012 Health Care Compliance Associations) HHS Announces Record Breaking Recoveries – February 11, 2013 Joint efforts to combat Health Care Fraud resulted in a record $4.2 billion in 2012 ROI of $7.90 per dollar spent over last 3 years Enforcement efforts have recovered $14.9 billion in the last four years, compared to $6.7 billion over the prior four years. OIG Semiannual Report to Congress – Spring 2013 First half of FY 2013 (October 2012 – March 2013) Recoveries of $3.8 billion 1,661 new individuals or entities excluded from Federal programs. What is Fraud? Knowingly and willfully executing, or attempting to execute, a scheme or artifice to defraud any health care benefit program or to obtain (by means of false or fraudulent pretenses, representations, or promises) any of the money or property owned by, or under the custody or control of, a health care benefit program. 18 U.S.C. Section 1347 Examples of Possible Fraud Intentionally submitting false information in order to get money or a benefit Billing for items that were not purchased or picked up Prescription forging, altering or shorting Switching to a more expensive dosage form to increase the amount of reimbursement Submitting claims for entire amount on partial fills were the balance is not picked up Chain Drug Store settles for $35 million In 2008 a major drug chain settled for $35 million for switching Medicaid patients from tablets to capsules of the same drug to increase the amount they were reimbursed Another major drug store chain paid $21.1 million to settle the same claim for submitting more expensive Ranitidine capsules instead of tablets The qui tam plaintiff received $4.3 million for his share of the federal and state settlement What is Waste? Waste is the overutilization of services, or other practices that, directly or indirectly, result in unnecessary costs to the Medicare program. Waste is generally not considered to be caused by criminally negligent actions but rather the misuse of resources. (CMS, Prescription Drug Benefit Manual Chapter 9 – Compliance Program Guidelines, Section 20) Waste is a misuse of resources or to spend carelessly Examples of Possible Waste Overbilled quantities – submitting for a quantity larger than what is allowed by the plan or ordered by the prescriber Dispensing a 90 day supply that is discontinued after 30 days Billing an incorrect day supply resulting in the patient receiving a larger quantity than allowed Dispensing a 60 gram tube of ointment when a 15 gram tube would be sufficient Auto-refills when the previous supplies not exhausted What Waste Looks Like $11,000 of unused medication from mail order What is Abuse? Abuse includes actions that may, directly or indirectly result in: unnecessary costs to the Medicare program, improper payment, payment for services that fail to meet professionally recognized standards of care, or services that are medically unnecessary. Abuse involves payment for items or services when there is no legal entitlement to that payment and the provider. Abuse may involve obtaining an improper payment, but does not require the same intent and knowledge as fraud. Examples of Possible Abuse Using an override code to force a claim to go through early Filling a prescription after expiration Splitting prescriptions to obtain additional dispensing fees Changing to an incorrect diagnosis code in order to receive payment Fraud vs. Abuse Did you do it intentionally? Can you prove that you didn’t? Repeated abuses are often considered to be intentional frauds in the eyes of the auditors Once or twice = oops Twenty = Fraud Basics of FWAC Prevent! Detect! Correct! Required to adopt and implement an effective compliance program CMS requires 7 core elements 33 sub-elements Much more than just training! The 7 core elements are: 1. 2. 3. 4. 5. 6. 7. Written Policies, Procedures and Standards of Conduct; Compliance Officer, Compliance Committee and High Level Oversight; Effective Training and Education; Effective Lines of Communication; Well Publicized Disciplinary Standards; Effective System for Routine Monitoring and Identification of Compliance Risks; and Procedures and System for Prompt Response to Compliance Issues Element I: Written Policies, Procedures and Standards of Conduct Standards of Conduct AKA “Code of Conduct” (CoC) State the principles and values by which you operate Expectation that ALL employees will act in an ethical manner Noncompliance and potential FWA is reported Reported issues are addressed and corrected Compliance is everyone’s responsibility! Element I: Written Policies, Procedures and Standards of Conduct Policies and Procedures Detailed and Specific Describe operations of Compliance Program Reporting structure Training requirements Investigation and remediation Element I: Written Policies, Procedures and Standards of Conduct Distribution of P&P and Code of Conduct Compliance program not effective unless distributed to employees Within 90 days of hire Updates Annually Can distribute manually or electronic Need proof of distribution Signed acknowledgement Element II: Compliance Officer, Compliance Committee and High Level Oversight Compliance Officer Should be full-time employee Experience with compliance Recommend manager or direct report Duties: Aware of daily activities Develop and Implement compliance program Coordinate internal reviews and investigations Maintain reporting mechanisms Exclusion list checking Element II: Compliance Officer, Compliance Committee and High Level Oversight Compliance Committee and Governing Body Oversee and advise Compliance Officer and Program Plan sponsors = large committees, varied backgrounds FDRs = may be the Compliance Officer + Owner and/or Managers Element II: Compliance Officer, Compliance Committee and High Level Oversight Senior Management Involvement Senior management must be involved with Compliance Program to be effective Ensure Compliance Officer has credibility, authority and resources needed to operate the program Compliance Officer must report to senior management any compliance issues Element III: Effective Training and Education General Compliance Training ALL Employees (includes temps and volunteers) Within 90 days of hire and annually Classroom, online or attestation that have read and received CoC and P&P Must have proof of training (sign-in, attestation or certificates) Element III: Effective Training and Education General Compliance Training cont. Contents of training: Review of P&P and CoC Identifying potential noncompliance (examples) Reporting noncompliance Review disciplinary policies Disclosing conflicts of interest Confidentiality (HIPAA/HITECH) Element III: Effective Training and Education Fraud, Waste and Abuse Training Only requirement deemed to have been met thru Part B accreditation Only employees that are involved in the administration or delivery of Medicare benefits Within 90 days of hire and annually May be required as corrective action to noncompliant employees May be tailored to specific job functions Sponsors required to provide training to FDRs May use CMS’ FWA training module Element III: Effective Training and Education Fraud, Waste and Abuse Training cont. Contents of Training: Laws and regulations (False Claims Act, Anti-Kickback statute, HIPAA/HITECH, etc.) Reporting FWA Protections for reporting FWA Types of FWA (examples) Maintain training records for 10 years Time, attendance, topic, certificates and/or test scores Element IV: Effective Lines of Communication Effective Lines of Communication Among the Compliance Officer, Compliance Committee, Employees, Governing Body and FDRs Ways to communicate information from the Compliance Officer to others Officer’s name, location, and contact information Changes to P&P, CoC, laws and regulations Methods of communication Written, email, website, or meetings Element IV: Effective Lines of Communication Communication and Reporting Mechanisms Must have P&P and CoC that requires reporting of suspected or detected noncompliance or FWA Must maintain confidentiality Allow anonymous reporting Prohibit retaliation or retribution (no-tolerance policy) User friendly, easy to access Element IV: Effective Lines of Communication Enrollee Communications and Education Plan sponsor requirement only Must educate Medicare enrollees on identifying and reporting potential FWA Element V: Well-Publicized Disciplinary Standards Disciplinary Standards Clear and specific disciplinary standards Contents: Expectation to report noncompliant, unethical or illegal behavior Participate in required training Timely, consistent and effective enforcement Disciplinary action must be appropriate to seriousness of the violation Retraining, suspension, termination Element V: Well-Publicized Disciplinary Standards Methods to Publicize Disciplinary Standards Must publicize disciplinary standards to all employees Methods: Newsletters Staff Meetings General Compliance Training Intranet Posters Element V: Well-Publicized Disciplinary Standards Enforcing Disciplinary Standards Maintain records for 10 years Date reported Description of violation Date of investigation Summary of findings Disciplinary action taken and date CMS encourages that de-identified disciplinary actions be reported to employees Demonstrate importance of Disciplinary Standards Element VI: Effective System for Routine Monitoring, Auditing and Identification of Compliance Risks Routine Monitoring and Auditing Compliance Officer must conduct Monitoring = regular review of operations to ensure compliance Auditing = formal review based on a set of standards (P&P, laws and regulations) Address areas at risk Element VI: Effective System for Routine Monitoring, Auditing and Identification of Compliance Risks Development of a System to Identify Compliance Risks Conduct an assessment of risk Complexity of work Past compliance issues (audit results) Chapter 7 – Quality Assurance Credentialing Element VI: Effective System for Routine Monitoring, Auditing and Identification of Compliance Risks Development of the Monitoring and Auditing Work Plan, Audit Schedule and Methodology What audits will be performed? When will audits be conducted? Who will conduct audits? How will audits be conducted? Element VI: Effective System for Routine Monitoring, Auditing and Identification of Compliance Risks Audit of Operations and Compliance Program Review pharmacy operations to ensure compliance Review compliance program Modify P&P and program as appropriate Track and document compliance efforts Report compliance success and noncompliance to employees Element VI: Effective System for Routine Monitoring, Auditing and Identification of Compliance Risks OIG/GSA Exclusion OIG LEIE: Office of the Inspector General List of Excluded Individuals and Entities http://exclusions.oig.hhs.gov GSA EPLS: General Services Administration Excluded Parties Lists System Moved to SAM (System for Award Management) website http://www.sam.gov OIG Exclusion Search up to 5 individuals at a time Allows SSN/EIN verification Provider records also contain NPI/UPIN if available GSA Exclusion Search only 1 individual at a time Need to contact the excluding agency to confirm Exclusions often not related to health care Element VI: Effective System for Routine Monitoring, Auditing and Identification of Compliance Risks OIG/GSA Exclusion cont. “Federal funds may not be used to pay for services, equipment or drugs prescribed or provided by a provider, supplier, employee or FDR excluded by OIG or GSA.” Must screen PRIOR to hire and at least Monthly Any employee, temporary employee, volunteer, consultant, governing body member or FDR Ensure that not excluded or become excluded Element VI: Effective System for Routine Monitoring, Auditing and Identification of Compliance Risks OIG/GSA Exclusion cont. Mandatory Exclusions: Previous fraud, patient neglect or abuse, felony convictions relating to unlawful manufacture, distribution, prescribing or dispensing of controlled substances Permissive Exclusions: Misdemeanor convictions for above, Pharmacy License suspension for reasons bearing on professional competence, financial integrity – providing unnecessary or substandard services, engaging in unlawful kickback arrangements, defaulting on a health education loan or scholarship obligations Element VI: Effective System for Routine Monitoring, Auditing and Identification of Compliance Risks OIG/GSA Exclusion cont. Costs of Employing Excluded Individual CMPs of up to $10,000 for each item or service Recovery up to three times the amount claimed Exclusion Self-Disclosure Protocol Reduce recovery to 1.5 times amount paid Can prevent exclusion Limited to $10,000 minimum Examples of Exclusion 2012: Hy-Vee Pharmacies, Iowa Agreed to pay $831,871.61 for allegedly violating CMP Law Employed an individual that they knew or should have known was excluded 2013: Atmore Community Hospital, Alabama Self-disclosed potential violation by employing an excluded individual Agreed to pay $10,996.20 Element VII: Procedures and System for Prompt Response to Compliance Issues Conducting a Timely and Reasonable Inquiry of Detected Offenses Investigation into any issue of noncompliance or FWA ASAP – no later than 2 weeks after identified Element VII: Procedures and System for Prompt Response to Compliance Issues Corrective Actions Correct the cause of FWA or noncompliance Must include a timeframe to complete Detailed in writing Consequences of failing to implement May include termination Monitor implementation Element VII: Procedures and System for Prompt Response to Compliance Issues Procedures for Self-Reporting Potential FWA and Significant Noncompliance Voluntary Recommended for an effective compliance program Can report to OIG CMS-Issued Fraud Alerts Sent to plan sponsors Fraud schemes identified by CMS or law enforcement Plan sponsors must respond: Review contracts with providers Consider termination Review claims May recover claims involved FWA Investigation Could withhold payment Fraud Suspect?? 2012: Fraud Alert? Many “Sunshine” pharmacies in Florida No common ownership Began to receive FWA investigation notices Many received notices from multiple plan sponsors Some plans were withholding payment of claims Still allowing processing Plan sponsors unwilling to disclose any information Fraud Suspect?? 2013: Florida pharmacist convicted of Fraud against Medicare, Medicaid and TRICARE Operated 3 stores in Florida named “Sunshine” NBI MEDIC National Benefit Integrity Medicare Drug Integrity Contractor Health Integrity, LLC Only MEDIC that is responsible for Part D and C program compliance Investigate and monitor plan sponsor compliance and FWA Could result in a FDR (pharmacy) audit Plan sponsors will also refer suspected FWA for investigation CMS Sanctions January 15th, 2013 SilverScript (CVS/Caremark) Immediate suspension of marketing and enrolling new members Failed to enroll beneficiaries into correct plans Failed to calculate cost-sharing correctly for LIS Resulted in millions of members leaving pharmacies without needed medications CMS Sanctions November 21st, 2013 Health Alliance Plan (MI) CMP of $423,200 Failed to provide transition supply due to formulary Billed patients incorrectly for premiums and late fees Failed to provide appropriate notices to patients How do they know if I’m compliant? 2008-2009: Plans first started asking for attestation for completion of FWA training 2012: Major revisions to Chapter 9 & 21 2013: Catamaran attestation requires pharmacy to attest to ALL 7 elements of Chapter 9 & 21. Catamaran has begun onsite compliance audits 30 minute onsite audit Check for compliance: 7 elements, HIPAA, licensing requirements, DEA, liability insurance, OBRA ‘90, storage (include fridge temps) Penalties for being noncompliant 2012: CVS/Caremark began fining pharmacies $100 that did not complete the online attestation or retain proof of completion Plans to issue fines up to $500 for 2013 attestations TERMINATION! Assessment Questions Which Federal law included Qui Tam provisions allowing a whistleblower to initiate suit on behalf of the government? A. Health Insurance Portability and Accountability Act B. C. D. E. (HIPAA) Stark Statute False Claims Act (FCA) Patient Protection and Affordable Care Act (ACA) All of the above Assessment Questions Which Federal law prohibits a physician from referring or ordering health care products or services in which they have a financial relationship? A. Health Insurance Portability and Accountability Act B. C. D. E. (HIPAA) False Claims Act (FCA) Patient Protection and Affordable Care Act (ACA) Stark Statute All of the above Assessment Questions My pharmacy has been deemed to have met all of the requirements for FWAC through DMEPOS accreditation. A. True B. False Assessment Questions The following apply to checking exclusion lists: A. Only the OIG list has to be checked since GSA isn’t healthcare related B. Exclusion lists must be checked within 90 days of hire and at least annually C. Exclusion lists must be checked prior to hire and at least monthly D. A and B E. A and C Assessment Questions Your Code of Conduct must include which of the following? A. Compliance is everyone’s responsibility B. Principles and values in which you operate C. That everyone will act ethically D. Potential FWA and noncompliance is reported E. All of the above Questions? MPA Winter CE + Ski January 12th, 2014 Jason Walker-Crawford, R.Ph. – PAAS National®, Inc.