Responding Appropriately to Governmental Inquiries Related to Healthcare Services & Reimbursement

Audits from the U.S. government can occur formally and informally. Regardless of their appearance, all must be treated delicately. This article offers practical advice.   

Most healthcare providers probably go into their careers assuming they will not be involved in a government healthcare fraud investigation or audit. While for some that may turn out to be reality, it’s imperative for all to know what to do in the event of a federal agent paying a visit to one’s practice and/or home. Effective compliance programs can prepare anyone for these types of challenges and situations. Personnel staffed within wound care clinics, hospitals, and manufacturers will benefit from understanding: 1) the current high-risk healthcare fraud issues relevant to this industry; 2) how to manage a “touch” by a governmental enforcer; and 3) the current enforcement climate. The purpose of this article is to highlight these three key areas as well as to educate how those in administrative positions should instruct employees on how to navigate any governmental inquiry. 

Role of the “Feds” 

Individuals and companies throughout the industry know well of the significant role the United States government plays as the dominant payer (eg, Medicare, Medicaid, Children’s Health Insurance Program, U.S. Veterans Administration, TRICARE, Federal Employees Health Benefits Program) of wound care-related products and services. However, the federal government is also the dominant regulator and compliance enforcer related to the provision of these wound care products and services. The government’s recent expansion of its enforcement arm has proven to be worthwhile; in 2015, the government won or negotiated more than $1.9 billion in judgments and settlements and attained additional administrative impositions in healthcare fraud cases and proceedings.¹ Indeed, the federal government’s recent expansion of enforcement resources is a signal to the entire healthcare community that being compliant through self-policing has never been more important. Wound care providers and manufacturers should take effective compliance programs seriously because that’s what the federal government expects. Therefore, those in wound care should keep abreast of the latest trends in the federal government’s regulations and enforcement activities, particularly when the regulatory or enforcement activity is specific to an industry sector, and utilize the newfound knowledge to build and maintain an effective compliance program for one’s practice.

High-Risk HealthCare Fraud Issues

In its 2016 Work Plan,² the U.S. Department of Health & Human Services (HHS) and the Office of Inspector General (OIG) affirmed their continued focus on both inpatient and outpatient services, with these claims being at greater risk for potential overpayments. Recent cases also highlight the high-risk potential for wound care services in the inpatient and outpatient services in the following areas: billing for services that were not actually rendered, upcoded, or medically unnecessary. All of these noncompliant claims can trigger the False Claims Act (FCA), which holds a person liable if he/she knows or causes a false record or statement to be made that results in the wrongful payment by Medicare or Medicaid because of that false record or statement.³ The FCA does not require showing of specific intent to defraud, so the mere causation of fraudulent payment is often sufficient to allege liability. Private parties can be whistleblowers under the FCA, which is often a source (but not the exclusive source) of these enforcement actions by the federal and state governments.

Billing for Services Not Furnished

In the wound care arena, the issue of fraud typically arises when physicians certify (eg, forms 1500 or UB-04 for the Centers for Medicare & Medicaid Services [CMS]) they were either in attendance or directly supervising a session (eg, hyperbaric oxygen therapy [HBOT]) when facts show otherwise. Consequently, wound care providers should educate their physicians about the importance of knowing the terms of this important certification.

Upcoding

This term is generally understood as billing for services at a level of complexity that is higher than the service actually provided or documented. For example, it would be improper to bill for a minor surgical procedure that was actually performed (such as “selective debridement”) as a “surgical/excisional debridement,” which has a higher payment amount. 

Medically Unnecessary Services

Billing for medically unnecessary services may involve misrepresentations in the record. Coverage very often depends on the type of wound. Therefore, it’s important for clinicians to appropriately represent the type of wound a patient has. For example, it is improper to classify wounds as “diabetic ulcers,” so as to qualify these patients for HBOT when the wounds should be classified as “venous leg ulcers” or “pressure ulcers,” which are not covered for HBOT.⁴ 

How to Manage a “Touch”  by Government Enforcement

One of the best ways for wound care clinics, hospitals, providers, and manufacturers to manage their risks of healthcare regulatory noncompliance is to educate their employees about what each of them should do if there is a government inquiry. Such government inquiries come in many forms, including informal approaches at people’s homes as well as former inquiries such as subpoenas. How an employee handles this initial “touch” is important to the overall successful outcome of that government “touch.” When the government approaches either a provider or its employees with the intent to investigate potential fraud, understanding the “who, why, and how” is critical.

The Government’s Players

There are more than 10 U.S. governmental enforcement entities working together on healthcare fraud matters, including the Department of Justice (DOJ), Federal Bureau of Investigation (FBI), and HHS. Within HHS, several offices perform auditing, monitoring, and investigating of noncompliance issues, including the OIG, Organization of American States, Office for Civil Rights, Office of Environmental Information, and CMS. Within CMS, the Center for Program Integrity (CPI) acts as the focal point for all Medicare and Medicaid programs and CHIP integrity fraud/abuse issues. CPI then contracts with other government contractors to monitor Medicare claims. Then, there are Medicaid fraud control units at the state level that possess their own enforcement rights. The pooling of resources between departments has formed successful enforcement groups such as the Health Care Fraud Prevention and Enforcement Action Team and the Medicare Fraud Strike Force through the OIG. In 2015, the Strike Force brought 200 indictments against 391 defendants who allegedly billed Medicare approximately $1.4 billion.¹ Of those, 314 resulted in guilty pleas negotiated and the imprisonment of 263 defendants sentenced during the fiscal year who averaged more than 56 months of incarceration.¹

How Contact Occurs

Generally, the government notifies providers in the form of formal notices such as subpoenas.  The information requested by these subpoenas can be broad in scope. Nevertheless, many courts will enforce the subpoena so long as it’s within the agency’s statutory authority, is relevant to the inquiry, and is not unreasonably burdensome. In certain circumstances, the government may suddenly appear on one’s premises with a search warrant. Once the government obtains a warrant by magistrate judge, it may immediately begin searching and seizing property. Unlike subpoenas, search warrants may be narrow in scope because they must list items (or categories of items) to be seized, along with specific locations to be searched for those particular items. The government may also approach providers via informal notices such as letters. These types of letters will often be in the form of “studies” or research being conducted by the particular office. However, informal notices may advance to formal audits and inspections if improper documentation or irregularities are uncovered. The government also can simply approach people in a parking lot or at their home. Often, under these circumstances, the agent is from the OIG or the FBI and the topic is likely to be about an employee’s former employer. Employees should be trained to get the agent’s business card (Yes, they have business cards!) and let the agent know that he/she will have someone reply to that agent during normal business hours. The employee should notify his/her current employer for further advice before responding. Sometimes it’s not what someone has done in the past that creates the liability but how that person cooperates with the government inquiry that then creates the liability. That said, it’s very important for everyone to treat these government enforcement “touches” with the formality they require, even when the government is attempting to be informal. Also, information letters from government agencies or government contracts that may arrive at one’s company asking for governmental health program information sometimes are treated with less than the formality they require. Such inquiries also should be brought to senior management’s attention so that they may be responded to with the formality they require.

Developing, Implementing, & Maintaining Effective Compliance Programs

Regardless of the type of governmental “touch,” it’s important to educate and train employees about the proper responses and actions to take should the government make contact. One of the best practical ways to ensure a proper response is providing employees with wallet-sized employee hotline cards that outline an appropriate response protocol along with the direct number to the company’s counsel. Emphasize to employees that every communication from the government or its agents needs to be treated seriously. But the best defense is a good offense. If employees are effectively trained and educated, they will be better able to assist in the prevention of noncompliance within the company as well as to respond to government enforcement. Therefore, investing in the development, implementation, and maintaining of an effective compliance program is critical. Here are some tips:

• Obtain baseline information of high-risk areas subject to government enforcement; routinely monitor and perform audits to identify outliers.  
• Investigate potential issues.  
• Update policies as needed and issue consistent, appropriate disciplinary action to prevent recurrence.  
• Part of an effective compliance program is training and educating all employees, including the chief executive, board members, management, and stakeholders.  
• All should feel free to report noncompliant activities. Anonymous lines of communication should be publicized, policy of non-retaliation should be enforced, and all reports should be taken seriously and investigated by the compliance officer. An unresponsive noncompliance reporting system is just as bad as not having one.

Current insurance policies (eg, directors and officers liability insurance, errors and omissions insurance) should be reviewed to determine whether they address potential healthcare fraud liabilities and defense costs. Understanding the policies’ coverage and limitations is a must.

Do not merely put in place “paper” compliance programs. Create a realistic budget that takes into account both new resources needed and the extent to which compliance activities can rely on existing operations (eg, training). Carefully budgeting for unexpected costs will prove useful when required to address unexpected needs. This is often still better and more manageable than what the costs could be to respond to subpoenas, conducting internal investigations, incurring a government settlement, and complying over a five-year period under corporate integrity agreements.

Current Enforcement Climate 

The government continues to utilize its enforcement resources to oust and/or deter bad actors from improperly promoting or providing healthcare services to government beneficiaries. Fraud enforcement among wound care providers is growing as more wound care products and services become reimbursable by Medicare and Medicaid.⁵

Recent Wound Care Cases

In 2013, an FCA lawsuit was settled for $4.3 million. A whistleblower brought a lawsuit under qui tam provisions in the FCA, alleging the submission of false claims by the provider. Medicare specifically excludes coverage for manual lymphatic drainage physical therapy (PT)when performed by massage therapists. According to the lawsuit, the provider had submitted claims for reimbursement to Medicare for PT sessions performed by massage therapists.⁶ In another FCA case, a whistleblower alleged fraudulent practices of a provider in connection to HBOT services to Medicare and Medicaid beneficiaries. Medicare covers HBOT when performed on an outpatient basis under “direct supervision” of the treating physician. Allegedly, the physicians in this case who were primarily responsible for overseeing HBOT were not present onsite at any point during HBOT, and yet the provider submitted claims to the government certifying the physician had “provided direct supervision” and was “immediately available.” Although the case was voluntarily dismissed, it shows the government is quite aware of potential fraud issues among wound care providers.⁷ In an ongoing case, whistleblowers brought a lawsuit alleging a provider had submitted fraudulent claims including upcoding and billing for medically unnecessary services. Although the case was dismissed because the whistleblowers failed to identify specific instances of fraudulent claims submitted to the government, the court granted the whistleblowers to re-plead their case.⁸

Increased Individual Accountability for Corporate Wrongdoing (“Yates Memo”)

The DOJ has increased its pursuit in holding individuals liable for corporate wrongdoing. This aggressive stance to pursue individuals involved or responsible for the misconduct is the belief that it will give the government a more efficient and effective way to determine the facts and extent of any corporate misconduct. U.S. Deputy Attorney General Sally Yates recently released a memo⁹ outlining how the DOJ would encourage that goal. The bottom line: Corporations should create a culture of compliance and self-monitoring among internal stakeholders across all levels of the company or be prepared to face hefty consequences such as incarceration, fines, penalties, exclusion, suspension, and debarment. Effects of the Yates Memo have been seen in recent FCA settlements. For example, whistleblowers alleged a manufacturer had failed to report price rebates used to induce hospitals’ purchase of the drugs over competing products. As part of the settlement between the manufacturer and the DOJ, the terms included the manufacturer would cooperate with investigations relating to the allegations and other “individuals and entities not released” from liability in the settlement. The provision specifically obligated the manufacturer to make “former directors, officers, and employees available for interviews and testimony.”¹⁰ Similarly, an FCA settlement between a home care company and the DOJ included provisions that the company would continue to cooperate with the DOJ in further investigations of other individuals and entities not waived from liability in the settlement.  The allegations against the company were for routinely administering home care visits to patients who were not homebound; performing unnecessary, cursory evaluation and management visits that were billed at the highest billing codes; and duplicating visit notes to support high billing code claims.¹¹

Other Signs the Government is Serious About Effective Compliance Programs

In addition to the extensive resources placed into government enforcement action for healthcare fraud and noncompliance, the fraud section of the DOJ recently hired its first full-time compliance expert, Hui Chen, who will reportedly provide guidance to fraud section prosecutors in evaluating the effectiveness of the compliance programs among targeted companies and in crafting any remedial measures. During a recent New York University roundtable discussion, Ms. Chen briefly described four broad areas of inquiry her office will consider when evaluating a company’s compliance program: 1) whether the design of the program takes into account the company’s complexity and highest risk areas; 2) whether the program’s monitoring and auditing are effective; 3) whether stakeholders throughout all levels of the company are knowledgeable about the program and understand the risks relevant to their duties; and 4) whether the company has demonstrated its seriousness in compliance by investing into the program.¹² Other efforts are being made to strengthen fraud investigatory programs. CMS’ Center for Program Integrity (CPI) will soon (as of press time) unveil the Unified Program Integrity Contractor program, which essentially will combine both Zone Program Integrity Contractors and Medicaid Integrity Contractors. CMS also has invested $50.5 million in creating the CPI’s Division of Modeling and Analytics, which applies data mining and advance statistical concepts to create models that recognize potential patterns of misuse and will examine procedures and diagnostics to determine if claims represent behaviors of interest based on CMS policies. Wound care providers and manufacturers should stay abreast of what the federal government is doing in the areas of health regulatory compliance and enforcement so that they can include these updates in operating their effective corporate compliance programs. In this regard, the authors of this article provided a complimentary webinar for the wound care industry Aug. 17 to address the risks and risk-management tools for practitioners and manufacturers related to federal and state healthcare fraud enforcement under the FCA, including its whistleblower provisions. 

Lynn Shapiro Snyder, board of directors, senior member of the firm (lsnyder@ebglaw.com); George B. Breen, board of directors, member of the firm (gbreen@ebglaw.com); and David E. Matyas, board of directors, member of the firm (dmatyas@ebglaw.com) are on staff at Epstein Becker Green, a national law firm with a primary focus on healthcare and life sciences. Daniel Kim, a 2016 summer associate at Epstein Becker Green, contributed to this article.

*For access to webinar, visit the events page at www.ebglaw.com. 

Editor’s Note: This article is for general information purposes and is not intended to be, and should not be taken as, legal advice.

References

1. U.S. Department of Health and Human Services; Department of Justice. Health Care Fraud and Abuse Control Program Annual Report for Fiscal Year 2015. 2016. Accessed online: https://oig.hhs.gov/publications/docs/hcfac/FY2015-hcfac.pdf

2. Office of Inspector General. Work Plan. Accessed online: https://oig.hhs.gov/reports-and-publications/workplan

3. United States Code 31 [U.S.C. §3729(a)(1)]. Accessed online: https://codes.lp.findlaw.com/uscode/31/III/37/III/3729

4. Centers for Medicare & Medicaid Services. National Coverage Determination (NCD) for Hyperbaric Oxygen Therapy (20.29). Accessed online: www.cms.gov/medicare-coverage-database/details/ncd-details.aspx?NCDId=12&ncdver=3&DocID=20.29&SearchType=Advanced&bc=IAAAABAAAAAA&

5. Le PNJ. Lessons to learn from federal convictions of HBOT fraud. TWC. 2015;9(2):27-31.

6. Lu R. Lymphedema & Wound Care Institute of Texas Inc. Settles False Claims Act Lawsuit for $4.3 Million. San Diego, CA: Robbins Geller Rudman & David LLP;2013. Accessed online: https://blog.whistleblower-lawfirm.com/lymphedema-wound-care-institute-texas-inc-settles-false-claims-act-lawsuit-4-3-million

7. Legal Document: United States of America ex rel. Jennifer Lyon et al. v. Accelecare Wound Centers, Inc. PlainSite^® Accessed online: www.plainsite.org/dockets/2yf40q13g/new-york-southern-district-court/the-united-states-of-america-ex-rel-jennifer-lyon-et-al--v-accelecare-wound-centers-inc

8. Legal Document: United States of America et al v. Healogics, Inc. PlainSite^® Accessed online: www.plainsite.org/dockets/download.html?id=216360661&z=fbd0a9b8

9. Yates SQ. Individual Accountability for Corporate Wrongdoing. 2015. Accessed online: www.justice.gov/dag/file/769036/download

10. Toper E. Pfizer, Wyeth Pay $785M to Resolve Medicaid Rebate Case. Bloomberg BNA Healthcare Blog. 2016. Accessed online: www.bna.com/pfizer-wyeth-pay-n57982070426

11. Topor E.  DOJ Pushes Aggressive FCA Settlement Terms on Individuals. Bloomberg BNA Healthcare Blog. 2016. Accessed online: www.bna.com/doj-pushes-aggressive-b57982076796/

12. New York University Law. Corporate Compliance and Enforcement Roundtable. 2015. Accessed online: www.law.nyu.edu/corporatecompliance/events/roundtable-discussion