| Health Law Office || Law Firm For The Health Care Industry

health reform: a second glance

6.23.10

“You must form an ACO or you will miss the health reform boat,” said the health care consultant. “An ACO? Okay, I do not know what that is, but how do we get started?” replied the primary care physician.

In the 1970s, we heard the acronym HMOs (health maintenance organizations), in the 1980s it was PPOs (preferred provider organizations), and IPAs and PHOs in the 1990s (independent practice associations and physician-hospital organizations). The gist of these organizations was to try to deliver health care services more cost-effectively through various provider structures and payment mechanisms.

One payment mechanism, known as capitation, was fairly popular in the 1990s. Capitation was a payment to a provider of a set amount of money per month to manage the care of an assigned population of patients. If providers carefully watched over the amount of services being provided, they would retain the leftover money not spent on services. The theory was that providers would be incentivized to provide care or refer to specialists only when necessary. Capitation, while it still exists, eventually fell out of favor as a payment method because it ended up being more about providing only medically necessary care rather than managing care to head off more serious medical conditions.

What does all that have to do with ACOs? And, furthermore, what are ACOs? Well, with the 2010 health reform ink starting to dry, the new buzzword is ACO, and that is short for accountable care organization.

In the first of the two companion health reform laws, the Patient Protection and Affordable Care Act (Public Law 111-148), two ACO programs are established. There is a Pediatric Accountable Care Organization Demonstration Project set up in Medicaid and the Children’s Health Insurance Program (see Section 2706), and a Shared Savings Program in Medicare (see Section 3022 as amended by Section 10307). Both ACO programs are set to start January 1, 2012, and the Medicaid/CHIP project basically defers to the Medicare program for ACO standards.

The Centers for Medicare and Medicaid Services describe an ACO as “an organization of health care providers that agrees to be accountable for the quality, cost, and overall care of Medicare beneficiaries who are enrolled in the traditional fee-for-service program who are assigned to it.” If the ACO meets specified quality performance standards, it will be eligible to receive a share (a percentage) of “any savings if the actual per capita expenditures of their assigned Medicare beneficiaries are a sufficient percentage below their specified benchmark amount.” Sounds rather complicated, and to be fair, it is rather complicated when described with such vague terminology. Hopefully, the regulations that are due to be drafted by the early fall will spell out the detail of the programs in a clear and straightforward manner.

Notably, last minute language added to the Medicare program by Section 10307 specifically refers to capitation as a possible payment mechanism. It is unclear if this provision is Congress simply catching up with the 1990s and we are doomed to see capitation fall out of favor again, or if we will see more detailed regulations that view the statutory language simply as a suggestion and seek more creative ways to incentivize physicians to care for beneficiaries and recipients and be fairly compensated for doing so. Regardless, the key to these programs obviously will be doing a better job actually heading off serious medical conditions, demonstrating clearly the actual savings to the federal programs, and being rewarded financially for those efficiencies.

What should provider organizations do? Common sense dictates that if this proposal fits with your organization’s mission and structure, you should take a closer look. If you have not already done so, form a committee to research the law, learn about what the law’s criteria will mean in practice, and discuss with commercial payors whether they are interested in applying what is learned from these government projects to a broader range of commercial insurance products. Furthermore, if the proposed regulations for the trial projects are off track, and we should know more about that by the fall of this year, let Health and Human Services (HHS) know that and suggest ways to make the programs work better. Congress provided little detail to HHS so there is room for folks working on the front lines to say, “hey, that won’t work, or this way might be better.”

Above all, do not get hung up on acronyms. ACO may or may not be the buzzword in five or ten years, but if your organization can provide care that improves the overall health of a patient population, do so efficiently with less health care dollars, and still make a profit, those seem like worthy business goals to pursue.

health insurance: buyer beware

5.24.10

While the days of junk faxes should be nearing an end, yet another story surfaces that demonstrates the deceptive side of the practice is still alive and, unfortunately, profitable.

In May 2010, the Oregon Insurance Division (OID) reported that some Oregonians had been solicited by fax to buy “affordable health care” for $369 for an entire family. Even though that sounded way too good to be true, nearly 400 unsuspecting folks sent money to the companies offering the coverage. Average annual family premiums, at least in Oregon, are about $12,000 according to the OID. Of course, that is a pre-reform average, and premiums likely will start increasing in advance of federal insurance mandates.

It took an investigative effort by the Tennessee Insurance Division (TID) to shut down the companies, but not before people from Oregon had sent in their premiums. The TID investigation uncovered boxes of unpaid medical claims. While this practice had been going on for a while, and was fairly sophisticated, the concept of selling health insurance coverage and collecting premium money without paying any claims may become more commonplace.

Predictably, in the wake of the March 2010 passage of federal health insurance reform, many opportunists sought to take advantage of the confusion associated with the upcoming changes. State insurance departments have started alerting their residents to bogus sales practices such as offering a product called an “ObamaCare Insurance Policy.” There is no such policy. The message to consumers should be buyer beware, but due to the confusion created by the complexity of health insurance reform, many people are likely to fall victim to health insurance scams.

So, a couple rules of thumb: (1) If it sounds too good to be true price-wise, it probably is a scam; and (2) For consumers and providers, if you see a commercial insurance product that you have never heard of before, verify that the company offering the product is licensed to do business in the state. Commercial health insurers are still regulated by state insurance departments, and each insurer must be authorized to do business in the state they are offering policies. For example, in Oregon, you can call the Oregon Insurance Division, and in Washington, you can call the Washington Office of the Insurance Commissioner.

health reform 2010: a first glance

4.9.10

“A ten percent tax on tanning salons?” the confused client asked. “Is that health reform?” he questioned again. “Are you asking or complaining?” the lawyer responded.

And, so the conversations go around the country as the health care industry begins what will be years of work analyzing and figuring out how to respond to the Patient Protection and Affordable Care Act (the “Reform Law” or Public Law 111-148) and its amendments contained in a reconciliation bill called the Health Care and Education Reconciliation Act (the “Reconciliation Law” or Public Law 111-152).

The bulk of the new laws address changes to the health insurance industry with the dual goals of getting most Americans covered under some type of health insurance policy, and then paying for the cost of expanding such coverage to the roughly 15% of those without insurance currently. In plain financial terms, the expected cost will be about $100 billion annually.

The process was not graceful, and the use of two bills, one to amend the other, was a disservice to the historic significance of the effort. Until codified, the general public will be forced to painstakingly cross-reference the bills over and over to see what is coming down the road. But, no matter your political feelings and because the context almost is collectively forgotten, health reform is here, and it is only the beginning. So what to do?

Well, begin with figuring out what is coming and in what order. There are hundreds of changes including: new deadlines, new reporting requirements, new penalties, and new taxes. Of course, there will be amendments along the way too in the coming years, and new regulations, pages and pages of regulations. If you think the lawyers are happy, you probably are right.

So for today, and this note, what is coming immediately for some health care providers? This is by no means an analysis of the bills. Hopefully, the provider trade associations will begin rolling detailed analyses out soon. These are just a couple of highlights to start, and ones which might present some risk for providers, right now, today.

Effective January 1, 2010 (yes, oddly retroactive), physicians who own imaging services (i.e., magnetic resonance imaging, computed tomography, or positron emission tomography) pursuant to the in-office ancillary services exception to the Stark Law, and who refer Medicare patients for those services, must provide written notice to such patients at the time of referral that: (a) informs them the services may be obtained from another supplier; and (b) provides them a list of suppliers who furnish such services in the area where they reside. This requirement is set forth in Section 6003 of the Reform Law. One has to wonder if the effective date simply is a drafting error left over from when Congress thought the original reform bill would pass in 2009. A best guess says that this notice requirement likely will be expanded by the Department of Health and Human Services through rulemaking to include other ancillary services. The risk for not providing notice is a possible technical violation of Stark (e.g., denial of reimbursement, civil penalties, etc.). New rule of thumb (at least for Medicare patients)? If you own the imaging machine, just let patients know about that and offer them a choice.

Effective March 23, 2010, providers must return overpayments from Medicare or Medicaid within sixty (60) days of being identified along with a reason for the overpayments. This requirement is set forth in Section 6402 of the Reform Law. The legal question that still remains is what does “identified” mean. While the return of overpayments logically has been considered an obligation for providers, it is the risk created by the new sixty-day deadline that could turn innocent billing mistakes into more serious and costly “false claims.” Why is this significant? Well, as an example, if your organization conducts retrospective internal audits (i.e., audits on claims after they have been paid), and those audits detect federal program overpayments, you will no longer be able to sit on the results for weeks and weeks. If refunds need to be made, they need to be made quickly and, if reasonable to do so, made through the carrier’s refund process. For simple annual educational audits, if feasible, providers may want to reconsider doing retrospective audits in favor of prospective audits (i.e., audits on claims after they have been coded but before they are submitted for payment). The distinction between the two types of routine audits has become far more important now because the risk of liability associated with delaying a refund of an identified overpayment has increased. So, new rule of thumb, be very careful with audits and overpayments.

In closing, those are just a couple of timely highlights. If you were wondering, yes, there really is a new tax on indoor tanning services (see Section 10907 of the Reform Law). Apparently, the Botox lobby effectively avoided a similar tax. And, so it goes.

top ten issues for 2010

3.6.10

While no top ten list from the desk of a health lawyer could be complete given the ever-changing nature of the health care industry, here are a few significant legal issues to think about this year.

1. Health Reform

Even though the health reform frenzy of late 2009 was stopped in its path by a Senatorial election in Massachusetts, federal efforts at health reform are not quite over. Something, albeit a watered-down something, is bound to be passed by Congress, so stay tuned.

2. HIPAA Tweaks

The Stimulus Bill of 2009 provided a new HIPAA compliance deadline in February 2010. This marks the starting point at which business associates of covered entities will become directly obligated under HIPAA as though they were covered entities. This is a significant change to HIPAA law, and there likely will be a flurry of updates to business associate agreements.

3. Compliance Reviews

The lead federal health insurance reform proposals included provisions that would have mandated compliance programs for all providers, whether large or small in size. If a health care provider has never heard of a compliance program, it may be time to get initiated. The key for non-institutional providers is to tailor the program properly so it does not cause practical or legal problems.

4. Fraud and Abuse Enforcement

Much of the talk about cost savings in federal health reform centered on attacking the estimated $60 billion in health care fraud annually. While fraud can and should be prosecuted, the effect of ramped up enforcement efforts likely is to drag in many providers who simply are making a series of bad mistakes or may even be negligent in billing for services. The goal for providers should be to stay off the enforcement radar by taking reasonable steps to monitor and, if necessary, correct their billing practices.

5. Recover Audit Contractor (RAC) Requests

Providers in most states like Oregon and Washington now are potential targets for retrospective review of Medicare claims. RAC firms are paid a contingency fee based on the amount of overpayments they find. Be sure to check RAC websites for subject areas approved for review.

6. Credit Crunch

While the severely injured economy apparently is showing signs of recovery, many medical practices continue to find themselves in cash crunches due to lines of credit with banks being reduced or shut off altogether. Because cash flow crunches can lead to serious legal problems in the operation of a business, providers should work closely with their financial advisors to find alternate ways to weather credit shortages.

7. Imaging Services

Providers who own imaging equipment and bill for the technical component of imaging services should be mindful of upcoming efforts to require accreditation of those services.

8. Reimbursement Remodels

In the 1990s, health insurers gave us capitation and gatekeepers, now in 2010, we are hearing concepts such as the medical home model and Triple Aim. The goals of the new reimbursement models seem to remain the same: increase access and quality, and decrease costs. In health care, this likely remains an eternal struggle (which is what makes working in this field challenging and interesting).

9. Medicare Woes

Every few months, a physician will ask whether they have to keep seeing Medicare patients. The typical reasons are that the pay is low, the work is demanding, and there is fear that mistakes in billing will be treated as fraud. The typical response is that there is no legal requirement to see Medicare patients unless a contract says so, but can the practice really afford to stop doing Medicare work. Notably, just this month, and past the twelfth hour, Congress yet again pushed off a 21% cut to Medicare reimbursement. Congress needs to fix that problem permanently if only to prevent an exodus of providers from participating in Medicare who may just be sitting on the fence waiting for another excuse to leave the program.

10. Dispute Resolution

In economic slumps, businesses and people wrestle about money. Ask any litigator, and they will tell you they are busy these days. Health care providers should be wary of protracted legal disputes, and consider all options for resolving disputes. While litigation certainly serves its purpose, many disputes can and should be resolved through a business resolution.

october compliance review

10.31.09

About October each year, the Office of Inspector General (OIG) within the Department of Health and Human Services issues its annual Work Plan for the coming year. The plan describes the activities that OIG will focus on to protect the integrity of the federal health care programs.

In general, a review of relevant sections of the plan may help providers update internal compliance policies or develop new ones to address issues that likely will be targeted by the government for closer scrutiny.

For example, this coming year, OIG will study physician coding of place of service (“POS”) on claims for services performed in ambulatory surgical centers and outpatient departments versus a physician’s office. The concern is that physicians may be miscoding POS to realize higher reimbursement associated with services performed in a nonfacility setting.

Other examples, to name just a few, include studies of evaluation and management services during global surgery periods, services performed by independent physical therapists, appropriateness of payments for sleep studies, compliance with Medicare assignment rules, and payments for services ordered or referred by providers excluded from participation in the federal health care programs.

While the Work Plan is simply an overview document, it can be used as a tool by providers to hone their own compliance efforts. For OIG, it represents an updated roadmap for getting to more monetary recoveries in the federal health care programs.

In fiscal year 2008, the Health Care Fraud and Abuse Control Program reported that the federal government won or negotiated approximately $1 billion in judgments and settlements in cases and proceedings related to fraud and abuse in the federal health care programs. Even though billion is the new million today, that figure represents a significant compliance problem. Consequently, scrutiny of federal payments to providers will continue to be one of the primary risk areas for any internal compliance program.

summer in review

9.24.09

“So what happened in health care this summer?” the recently vacationing physician asked his rather jumpy health care lawyer. “I think the question is what didn’t happen?” the lawyer responded. The summer was fairly busy in the health care legal arena. Some things happened, some were pushed off, and some may be pushed off for longer than expected.

As for some legal things that happened, well, the Department of Health and Human Services (HHS) and the Department of Justice (DOJ), turned up the heat on health care fraud. In fact, the new initiative that was rolled out early in the summer was called Health Care Fraud Prevention and Enforcement Action Team or HEAT. The unique aspect to HEAT is the use of what is labeled “real time” data analysis of claims to identify and investigate unexplainable billing patterns.

Another thing that happened was the Federal Trade Commission (FTC), in tandem with the Office for Civil Rights (OCR) within HHS, issued final rules regarding security breaches related to health information as a result of a directive contained in the 2009 Stimulus Bill. The separate rules apply to parties not covered and covered under the Health Insurance Portability and Accountability Act (HIPAA). Because the FTC was involved, many medical practices thought these new rules were related to the Red Flags Rule. The security breach rules are different.

As for things that got pushed off for a bit, well, remember the Red Flags Rule? That rule will require many, if not most, physician offices to add consumer credit protection policies to their compliance programs. The deadline set by the FTC to comply with the new rule, had been moved from November 1, 2008 to May 1, 2009, and then it was pushed out to August 1, 2009. In late July, the FTC pushed that deadline out again until November 1, 2009. Confusing? If an office has not put some controls in place by now though, it should revisit the issue to see what will be required. The American Medical Association (AMA), which continues to oppose enforcement of the rule, started posting sample guidance recently as well.

Of course, to make this all more interesting, the spread of swine flu pushed itself off over the summer. Cases this coming fall and winter, however, are projected to touch 40% of the population. One has to wonder why this is a legal issue, but there actually could be many issues. At the American Health Lawyers Association annual meeting, HHS Secretary Sebelius spent half of her half-hour key note speech discussing swine flu (and the other half discussing health care reform). At the very least, it might be a good idea to check up on office sick leave and telecommuting policies. If the spread of swine flu cases is dramatic, offices can be prepared for a worst case scenario to keep the office up and running.

Finally, as for things that may be pushed off for longer than expected, there is federal health care reform. To date, there has been a lot of talk, and a lot of drafting, but not much has happened, legally, yet. There has been some curious rhetoric such as reform would create death panels. Rhetoric aside, health care reform appears to have slowed down due to a fair amount of confusion about what reform actually means. The leading bill in Congress has yet to be identified clearly, but a push is on for something to be completed this fall. Whatever version takes to the floor for debate likely will include many detailed changes to existing laws and new laws themselves, similar to HIPAA in 1996. As we learned from HIPAA, all of that type of piecemeal change will take many years to sort out. Stay tuned.

federal enforcement changes

6.2.09

On May 20, 2009, President Obama signed the Fraud Enforcement and Recovery Act (FERA) into law. The main policy reason behind FERA was to address fraud in the mortgage industry. The law, however, broadly expands the scope of the federal False Claims Act which is the primary tool used by the government to prosecute fraud and abuse activity in the health care industry. The use of the False Claims Act in health care is not without controversy. Due to the large volume of reimbursement claims processed by each health care provider, the penalties under the law multiply dramatically because they are assessed on a per claim basis. While prosecuting outright fraud by bad apple providers is necessary to protect the integrity of the federal programs, the actual effect of these changes on the majority of good apple providers is far from clear. If the risk of liability due to errors in claims processing outweighs the reimbursement received for services provided, good providers could be driven away from servicing Medicare and Medicaid patients. A practical response would be to keep medical trade associations informed of enforcement activity that attempts to recharacterize mere overpayments as false claims, or worse, fraud. There is a common misconception in health care that every mistake in billing, even a mistake caused by negligence, is fraud or a false claim. Mistakes happen given a complex coding and billing system, and without doubt, even negligence happens. Neither mistakes nor negligence are false claims or fraud. With the changes to the False Claims Act, however, there is heightened concern that unknowing or inadvertent retention of overpayments could be pushed into a false claims box. For most practices, the changes should mean that before you continue with business as usual for Medicare or other federal program patients, you must properly document medical necessity and document clearly that the billing codes are supported by the medical record based upon the most current guidance from the federal programs. If overpayments are detected, those should be verified first and generally should be refunded through the process recommended by the carrier or claims processing unit of the relevant agency. Again, some thought needs to be developed at the federal level about the wisdom of using the False Claims Act to recoup payments made to health care providers that did not exactly follow the billing rules. Fraud should be that, fraud, and handled through a different mechanism. Where services are legitimately provided, however, but the billing process is faulty, the provider should not have to fear a potentially drastic result under the False Claims Act. In other words, a clearer user-friendly mechanism should be established to not only to head off problems but also to handle mistakes and negligence in health care billing.

red flags rule delayed

4.30.09

on april 30, 2009, the federal trade commission (ftc) announced it will delay enforcement of the red flags rule from may 1, 2009 until august 1, 2009. given the eleventh-hour notice, health care providers can breathe a sigh of relief for now. there is some indication that congress may narrow the scope of the law, but whether that will occur before the new effective date is unclear. lessons learned for health care providers? review relevant compliance materials, be ready to implement red flags policies, and check back with the ftc on or about july 31, 2009.

red flag compliance starts now

4.28.09

on may 1, 2009, health care providers who are considered creditors should begin compliance efforts with the federal trade commission’s (ftc’s) red flags rule aimed at identity theft protection. the application of the red flags rule to some health care providers such as physicians continues to be a point of controversy, and organizations like the american medical association (ama) continue to argue against application of the rule. the ftc’s current position, however, is that the rules apply. so, for now, health care providers should take affirmative steps to document efforts to comply with the rule. a first step includes an assessment of whether the provider is a creditor with covered accounts. in short, the ftc says that if a provider sets up a payment account for a patient and waits for payment after services are rendered, they are a creditor with covered accounts. practically, that puts most providers in the creditor box. a second step would be to implement a written internal policy that causes providers and staff to look for basic “red flags” of identity theft and take appropriate action when those problems are detected. some of this may be as simple as checking a photo id at the time of service or calling the financial fraud officers within the local police department if id theft is detected. the ftc set up a red flags page with basic compliance information. to get physician providers started, the ama developed a resources page which includes basic guidance documents and a sample policy. local trade associations also should have compliance resources available for members. hopefully, these types of resources will remain easily accessible so physicians and other providers are able to conduct reasonable and low cost compliance work.

self-disclosure protocol restricted

3.31.09

on march 24, 2009, the office of inspector general (oig) for the department of health and human services issued an open letter about its voluntary self-disclosure protocol. in the past, oig encouraged use of the protocol to self-report suspected violations of law related to the federal health care programs. in 2006, oig specifically invited disclosures about potential physician self-referral violations (i.e., stark law violations). now, however, oig stated it no longer will accept disclosures that involve only liability under the physician self-referral law unless they also are associated with colorable anti-kickback statute violations. further, oig established a minimum settlement amount of $50,000 for providers filing under the protocol. while the reason for and the outcome of the oig’s latest restrictions on the use of the protocol are unclear, it is doubtful much will change for providers deciding whether to utilize the protocol. in general, the protocol can be a trap for the unwary because it was designed to address potential violations of law, not issues that are related to mere overpayments. once locked into the protocol process, a provider likely will be required to accept a settlement amount that is at least two times the amount of the disclosed damages. and, there is the potential that the provider will be required to enter into a corporate integrity agreement (cia) or certification of compliance agreement (cca). the open question for a provider now is what to do when it detects significant stark violations because one avenue to correct the problem appears to have been taken away. to be fair, though, dealing with stark issues always has been complicated and challenging.