Transcription
2/24/2014Building a Healthy ACO ComplianceProgramHCCA 2014 Compliance InstituteMary C. Malone, Esq.Hancock, Daniel, Johnson & Nagle, P.C.Disclaimer: The content of this presentation does not constitute legal advice.1Accountable Care Organizations In CMS’s words:ACOs are voluntary groups of physicians, hospitals,and other health care providers that are willing toassume responsibility for the care of a clearly definedpopulation of Medicare beneficiaries attributed tothem on the basis of patients’ use of primary careservices.Donald Berwick, Administrator of CMSNew England Journal of MedicineMaking Good on ACOs’ Promise1
2/24/20142Accountable Care Organizations Private Payer Model: Insurance carriers have a history of offering ACO-type models of careto private insurance markets Medicare Model: Pioneer The first experimental model that placed participants at higherfinancial risk if Medicare savings goals were not realized. MSSP Reduces the amount of financial risk for ACOs. Many providers that started in the Pioneer program are switchingto the MSSP. Advanced Payment Selected MSSP ACOs can apply for this special payment programthat pays ACOs for “projected” savings to help with fixed andvariable start-up costs.3The MSSP The Centers for Medicare & Medicaid Services(CMS) established the Medicare Shared SavingsProgram to facilitate coordination and cooperationamong providers to improve the quality of care forMedicare Fee-For-Service (FFS) beneficiaries andreduce unnecessary costs. The Shared Savings Program will reward ACOs thatlower their growth in health care costs whilemeeting performance standards on quality of careand putting patients first by sharing a portion of thesavings.2
2/24/20144Legal BackdropMSSP Accountable Care OrganizationsAffordable Care Act – Section 3022- Enacts Section 1899 of the Social Security Act establishingthe Medicare Shared Savings Program.Code of Federal Regulations- Part 425 outlines the regulations implementing therequirements for ACOs participating in the MedicareShared Savings Program.Other Laws Applicable to ACOs- Anti-Trust Statutes;- Anti-Kickback Statute;- Stark Law;- Civil Monetary Penalties;- False Claims Act; and- State Specific Laws.See Attachment 1:Checklist of MSSP ACORequirements5The Triple AimLower GrowthofExpendituresBetter HealthforPopulationsBetter Care toIndividualsSuccessful ACOs will be rewarded with a slice of the shared savings pie.3
2/24/20146ACO Program Integrity Although not specifically required by the ACA,CMS enacted several program integrityrequirements for MSSP ACOs. For example: ACO must have a compliance plan and official. ACO must maintain ultimate responsibility forcompliance with the ACO agreement. All contracts or arrangements between or among theACO and its participants must require compliancewith the ACO’s participation agreement as well asother laws.7ACO Program Integrity ACO governing body must adopt a conflicts ofinterest policy that applies to members of thegoverning body. ACOs must adopt screening procedures forparticipants (program integrity history, sanctions,affiliations with excluded individuals, etc.). This is consistent with current Medicare regulationsprohibiting payment to individuals excluded fromfederal health programs.4
2/24/20148Mandatory Compliance Plans Along with other program integrityrequirements, CMS finalized regulations forMandatory ACO Compliance Plans (42 C.F.R. §425.300(a)). Generally, the elements required for ACOcompliance plans are similar to the elementsoutlined by the OIG for other individual providertypes (i.e., hospitals, nursing facilities, smallphysician groups, home health and ambulancesuppliers).9Mandatory Compliance Plans ACOs can use existing guidance to anticipateCMS’s and the OIG’s expectations. Compliance guidance documents are availableon the OIG’s idance/ ACOs can also refer to the Final Rule for CMS’scomments on the elements of an effective ACOcompliance plan.5
2/24/201410Mandatory Compliance Plans Over the years, the government has used the terms“compliance plan” and “compliance program”interchangeably. The term “compliance plan” seems to describe thedocument that sets forth the general framework of acompliance program; whereas, the complianceprogram is the operationalized compliance plan (i.e., aliving, breathing part of the organization). CMS requires ACOs to have a “compliance plan,”although more likely, the expectation is that the ACOhave a fully implemented, operational, dynamic, andeffective compliance program11ACO Compliance Plan Does your ACO Compliance Plan contain all ofthe elements? There is one question on the ACO Applicationabout compliance plans. When completing the ACO MSSP Application, anACO must attest that it has a compliance plan inplace that meets the minimum requirements.See Attachment 2: Sample ACO Compliance Plan6
2/24/201412ACO Compliance Plan Here is what the attestation looks like on the ACOapplication. NOTE that ACOs are not required to submit a copy ofthe compliance plan with the application, but mustmake it available to CMS upon request.Image captured from 2013 MSSP Application13The Elements of an Effective ACO Compliance Plan(42 C.F.R. § 425.300(a))1. Designated compliance official who is not legalcounsel to the ACO and reports directly to theACO’s governing body Legal counsel to the ACO and the complianceofficer must be different individuals, in order toensure independent and objective legal reviews offinancial analyses of the organization’s complianceefforts and activities by the compliance officer. ACOs may use their current compliance officerprovided that the compliance officer is not legalcounsel to the existing organization.7
2/24/201414The Elements of an Effective ACO Compliance Plan(42 C.F.R. § 425.300(a))2. Mechanisms for identifying and addressingcompliance problems related to the ACO’soperations and performance ACO compliance officials must ensure that policiesand procedures adequately define how ACOparticipants can report potential compliance andquality issues so that the compliance officer cantake steps to investigate or audit ACO activities. This also includes collecting and reporting onvarious quality measures. There are currently 33 such measures.15The Elements of an Effective ACO Compliance Plan(42 C.F.R. § 425.300(a))3.A method for employees or contractors of the ACO, ACOparticipants, ACO providers/suppliers, and other individualsor entities performing functions or services related to ACOactivities to anonymously report suspected problems relatedto the ACO to the compliance officer Compliance plans on their own do not stop fraud and abuse;however, compliance programs provide a resource for: Increased likelihood of identifying and preventing unlawful andunethical conduct; Providing a centralized source for distributing information onhealth care statutes, regulations, and other program directivesrelated to fraud and abuse; and Creating an environment that encourages employees and others toanonymously report potential problems.8
2/24/201416The Elements of an Effective ACO Compliance Plan(42 C.F.R. § 425.300(a))4. Compliance training for ACO, ACO participantsand the ACO providers/suppliers. Requiring compliance training for the ACO andall of its ACO participants and ACOproviders/suppliers helps to ensure that everyACO participant, ACO provider/supplier, andcontractor understands their legal obligationswith respect to the ACO’s operations andperformance, as well as the requirements of thecompliance program and the manner in whichtheir ACO is implementing such requirements.17The Elements of an Effective ACO Compliance Plan(42 C.F.R. § 425.300(a))5. A requirement for the ACO to report probableviolations of law to an appropriate law enforcementagency. The OIG has outlined industry best practices forcompliance programs as well as a description of the risksof fraud and abuse that various providers may face.CMS suggests that providers without experiencedeveloping compliance programs review the variousresources that are available from the OIG’s web site tohelp determine the risk of fraud and abuse in the ACO andwhen an activity may rise to the level of a violation thatmay need to be reported. CMS encourages the use of the OIG Self-Disclosure Protocol todetermine which activities amount to a “probable violation.”9
2/24/201418ACO Fraud and Abuse Waivers ACO Pre-Participation Waiver Protections against the AKS, Stark and Gainsharing CMP. ACO Participation Waiver Protections against the AKS, Stark and Gainsharing CMP. Shared Savings Distribution Waiver Protections against the AKS, Stark and Gainsharing CMP. Compliance With Stark Exception Waiver Protections against the AKS and Gainsharing CMP. Patient Incentives Waiver Protections against the AKS and Beneficiary InducementCMP.19ACO Fraud and Abuse Waivers Pre-Participation Waiver Protections begin in the year preceding the ACO’starget year of Participation. Only one party to the financial arrangement must bean ACO or ACO participant. However, the party cannot be a DME Drug/Device, orHome Health Supplier The ACO Governing Body must make a bona fidedetermination that the financial arrangement isreasonably related to the MSSP’s triple-aim. Parties must maintain adequate documentation for thefinancial arrangement including the “diligent steps”toward becoming an ACO by the selected target year.See Attachment 3A: Pre-Participation Flow Chart10
2/24/201420ACO Fraud and Abuse Waivers Participation Waiver Protections are available to ACOs that are in goodstanding under an ACO participation agreement. Only one party to the financial arrangement mustbe an ACO or ACO participant. The ACO Governing Body must make a bona fidedetermination that the financial arrangement isreasonably related to the MSSP’s triple-aim. Parties must maintain adequate documentationfor the financial arrangement.See Attachment 3B: Participation Waiver Flow Chart21ACO Fraud and Abuse Waivers Shared Savings Distribution Waiver Protections are available to ACOs that are in good standing underan ACO participation agreement. Protects financial disbursements of earned shared savings. Disbursements can be made at any time as long as the savingswere earned during the term of the ACO’s participation agreement Disbursements can be made to: Current ACO participants, providers and suppliers; Individuals or entities that were ACO participants, providers orsuppliers during the year that the shared savings were earned bythe ACO; or To other parties if their activities are reasonably related to theMSSPs triple-aim. Disbursements from hospitals cannot be intended to preventphysicians from referring patients for medically necessaryservices.See Attachment 3C: Shared Savings Distribution Waiver Flow Chart11
2/24/201422ACO Fraud and Abuse Waivers Compliance with Physician Self-Referral Waiver Protections are available to ACOs that are in goodstanding under an ACO participation agreement. The financial arrangement must be reasonablyrelated to the MSSP’s triple-aim. The financial arrangement must fit into one of theStark Law’s current exceptions (42 C.F.R. §411.355 through 411.357).See Attachment 3D: Compliance With Physician Self-Referral Flow Chart23ACO Fraud and Abuse Waivers Patient Incentives Waiver Protections are available to ACOs that are in goodstanding under an ACO participation agreement. ACOs and ACO participants, providers andsuppliers may offer items or services for free orbelow market value to Medicare beneficiaries. Items and services must be “in-kind”. NO CASH INCENTIVES Items and services must be meant to promotepreventative care or the advancement of patientcare goals.See Attachment 3E: Patient Incentives Waiver Flow Chart12
2/24/201424ACO Fraud and Abuse Waivers ACOs can enjoy broad applicability of Waivers tofinancial arrangements with non-ACOparticipants. Activities “Reasonably Related” to the MSSP’s“Triple-Aim” can qualify for Waiver protections. Only one party to most agreements must be anACO or ACO participant. In many cases, Waiver protections will not betriggered because the arrangement fits within anexisting exception or safe harbor.25ACO Fraud and Abuse Waivers CMS has indicated that it is willing to consideradditional Waivers as ACOs begin to offerservices to beneficiaries. May include ability to offer cash incentives forbeneficiary participating in preventative healthscreenings. Waivers may need to be expanded to pre-emptapplicable state fraud and abuse laws. However, there is no guarantee that the CMS orthe OIG will not tighten the Waiverrequirements as time goes on.13
2/24/201426Conflict of Interest for ACOs MSSP requires 75% of the ACO’s Board to beACO Participants. This means that board members will also havefinancial interests in the operation of the ACO. MSSP requires disclosure of Conflicts ofInterest. Conflict of interest policy must: Provide for disclosure of financial interests; Create procedure for identifying and addressingconflicts; and Establish remedies for violation of policy.See Attachment 4: Sample Conflict of Interest Policy27Other ACO Compliance Functions Adhering to Marketing Limitations 42 C.F.R. § 425.310 Complying with Patient Engagement Requirements 42 C.F.R. § 425.112 Ensuring Freedom of Choice 42 C.F.R. § 425.304(c) Proper Record Management and Retention 42 C.F.R. § 425.314 Protecting Privacy of Patient Data (HIPAA) 42 C.F.R. § 425.700 et seq. Appropriate Billing and Coding 42 C.F.R. § 425.208(b) “The ACO must agree, and must require its ACO participants, ACOproviders/suppliers, and other individuals or entities performingfunctions or services related to the ACO's activities to agree, or tocomply with all applicable laws.”14
2/24/201428CMS Monitoring of ACOs ACO compliance plans should include policies andprocedures for proactive internal audits to ensurethat all 5 elements of the compliance plan areeffective. This means that compliance officials should haveaccess to all patient charts and medical records toconfirm quality and utilization information. Consider the use of integrated EHR and other centralizedelectronic communications systems for consistent datacollection. Compliance Officers must be able to identify andcorrect deficient practices before issues becomesanctionable non-compliance.29CMS Monitoring of ACOs “WHEN” not “IF” CMS has indicated that ACOs will be audited through: Analysis of financial and quality measurement datareported by ACO; Site visits; Beneficiary and provider complaints; and Claims analysis, chart reviews, beneficiary surveys, andcoding audits. Because CMS will be auditing ACO activity, it isimportant that ACOs implement their complianceplans early, self-audit often, and revise policiesperiodically.15
2/24/201430ACO Compliance First Steps If an ACO is comprised of participants thathave never operated under a complianceplan, compliance program developmentshould start with a ReadinessAssessment. If an ACO is able to leverage an ACOparticipant’s existing compliance program,compliance program development shouldstart with a Gap Analysis.31ACO Compliance First Steps Compliance Program Readiness Assessment A Readiness Assessment should focus on theACO’s and ACO participants’ infrastructure toensure that all ACO participants start on equalfooting in the compliance program. Factors to consider: Teamwork; participant buy-in; and currentbusiness cultures Technologies; EHR compatibility; andcommunication systems Costs and charges16
2/24/201432ACO Compliance First Steps Compliance Program Gap Analysis should focus onthe ACOs current compliance needs and resourcesand how they compare to the best practice. Best practice may be difficult to assess at this earlystage but, some factors to consider include: Quality Assurance Data Collection PracticeBilling and Coding ComplianceClinical IntegrationPatient Engagement EffortsReporting Obligations (public reporting and CMSreporting)33ACO Compliance First Steps Create an Action Plan For each item that is identified as a shortcoming during theReadiness Assessment or Gap Analysis, create anAction Plan. Start with 5 to 10 shortcomings that need to be addressed. Create step by step goals and dates to implement a procedureto correct each shortcoming. Monitor and track the goals to ensure that the tasks areaccomplished. Share accomplishments or deficiencies during regularcompliance meetings. Once all goals on the Action Plan have been complete, replacethe task with another shortcoming from the ReadinessAssessment or Gap Analysis until all shortcomings have beenaddressed.17
2/24/201434ACO Compliance First Steps The Importance and Role of the ComplianceOfficer Create a Culture of Compliance Actively develop an organizational structure thatsupports compliance activities Individuals should be comfortable participating withcompliance activities, including reporting potentiallynon-compliant activities without fear of retaliationfrom the governing body35ACO Compliance First Steps The Importance and Role of the ComplianceOfficer Integrate Care and Communication Open communication among all ACO participants,management and governing body allows thecompliance officer to manage potential risks in realtime, which is essential to preventing systemiccompliance deficiencies.18
2/24/201436ACO Compliance First Steps The Importance and Role of the Compliance Officer Develop Training and Education Programs The importance of training and education programscannot be stressed enough. Experience shows that ACO compliance officers can usetraining to gauge whether the ACO is accomplishing itscompliance goals. For MSSP ACOs, training and education programs arerequired as conditions of participating in the MSSP. ACOs that fail to educate all levels of the ACOorganization, including the governing body, will likely seethe compliance program’s efficacy diminish over time.37ACO Compliance First Steps Collaboration with Risk Managers and ACOExecutives In some organizations compliance officers areincorporated into the overall management hierarchyand are highly integrated with the governing body. In other organizations the compliance officer is almostcompletely isolated from the governing body but morein touch with ACO staff and participants. The goal is to strike the right balance. Participants need to trust the compliance officer, but thecompliance officer must also maintain support from thegoverning body.19
2/24/201438ACO Compliance First Steps Participant Buy-In When approaching an independent physician group, the group mustunderstand what the benefits are of giving up their autonomy and buyingin to ACO compliance oversight. Those benefits are: Assuring that care is medically necessary; Removing obstacles/distractions to the provision of care; and Assuring that coding is accurate for purposes of fully and accurately representingthe care that was delivered. Buying into the ACO compliance program must also make good cents. The ACO must demonstrate to all participants, including clinicians, thebenefits of being a participant in a larger organization complianceprogram. Increased billing and coding efficiency;Decreased claims denials;Faster payments;Reduced fraud and abuse liability exposure for improper billing; andIncreased trust and confidence in the patient community.39Predictions for the Future ofACO Compliance Plans Litigation Issues Because of the loose language used in many of theACO regulations (i.e., “reasonably related,” “bonafide determination,” etc.), there is ampleopportunity for CMS and the OIG to interpret andreinterpret how ACO’s should operate. Litigation may include: Waiver applicability; Participation Agreement obligations; and Individual provider fraud and abuse liability.20
2/24/201440Predictions for the Future ofACO Compliance Plans Waiver Evolution CMS will evaluate the need to reduce or expandWaiver protections as ACOs and the MSSP programevolves. One definite hurdle for the near future is the fact thatthe Waivers do not operate to pre-empt applicablestate fraud and abuse laws. For example, compliance with the federal ACOParticipation Waiver rules does not automaticallyassuage an ACO’s obligations to comply with statephysician anti-kickback statutes (i.e., Virginia FalseClaims Act (Va. Code §§ 8.01-216 et. seq.) and Antikickback Statute (Va. Code § 54.1-2962.1)).41Predictions for the Future ofACO Compliance Plans How much will Compliance Cost? It is likely that many providers entering intocompliance plans for the first time will have to devotea great amount of resources to aligning themselveswith partners that can provide compliance programtraining and tools. Will shared savings be enough to make the expensesworth it? Audits of the ACO will likely cause greater scrutiny onindividual providers. What will the cost be for those participants when auditsreveal compliance deficiencies for time periods predating the ACO participation agreement and complianceplan implementation?21
2/24/201442We are in this together. ACOs are all in the same boat trying to figure outhow to operationalize an effective complianceprogram. This is also new territory for CMS. By using the existing guidance and CMS’scomments in the final rules, ACOs can at leastanticipate CMS’s compliance expectation andbegin to adopt policies and practices thatminimize ACO compliance risks.43QuestionsMary C. Malone, Esq., ShareholderHancock, Daniel, Johnson & Nagle, P.Cmmalone@hdjn.com22
compliance with the ACO agreement. All contracts or arrangements between or among the ACO and its participants must require compliance with the ACO's participation agreement as well as other laws. 6 ACO Program Integrity ACO governing body must adopt a conflicts of interest policy that applies to members of the governing body.
