We both recently returned from presenting to groups of health care providers on creating and implementing effective compliance programs. Although compliance plans and compliance programs are not new to the health care realm, their importance cannot be understated. Accrediting bodies, payers, auditors and investigating entities expect for providers to have compliance plans in place – and expect them to be followed. Here are a few key points about turning a policy into an effective compliance plan:Read More
On January 31, 2017, the Health Resources and Services Administration (“HRSA”) withdrew the 340B Program Omnibus Guidance (often referred to as the Mega Guidance). The guidance addressed a number of significant issues under the 340B Program, including the definition of eligible patient and contract pharmacy arrangements. The Mega Guidance was issued by HRSA in August 2015 after a HRSA “Mega Rule” was withdrawn in response to concerns that the issuance of the issuance of the “Mega Rule” exceeded HRSA’s regulatory authority.
Receiving an email that your practice has been identified for participating in the HIPAA Privacy, Security, and Breach Rules Audit Program is enough to raise anyone’s blood pressure. The likely response is to open the email immediately, determine the scope of the audit, and mobilize a team to prepare for the response.Read More
On July 27, 2016, the Overall Hospital Quality Star Ratings were released on Medicare’s Hospital Compare website. The Star Ratings represent a summary compilation of individual hospital performance on 64 measures designated by CMS to represent the quality of care delivered at over 4,000 Medicare-certified hospitals. Star ratings are on a scale of one to five, with a five-star rating being the best.
Medicare’s instructions to patients regarding how to use the Hospital Compare website describe the ratings as one factor to be taken into account by patients when determining where to seek non-emergent care.
According to Medicare, the purpose of the star ratings is to not only provide a tool to consumers, but also to encourage hospitals to improve the quality of care that they provide. Industry groups and others have criticized the rating system for a lack of transparency, as well as failure to take into account different hospital types for purposes of compiling the comparative information. CMS delayed release of the information in Spring 2016 following letters signed by 60 Senators and 225 members of the House of Representatives urging reconsideration of the ratings system. CMS was not convinced to extend the delay, however, despite a bill introduced on July 26, 2016 to prevent release of the Star Ratings for another year.
The CMS Compare sites are the official sites for information published by Medicare regarding the quality of health care providers. Quality of care ratings for nursing homes, home health, dialysis facilities, group practices, and other health professionals have previously been issued by CMS on the Compare websites and can be accessed here.
Parker Poe’s healthcare practice group works closing with the firm’s government relations team to represent our client’s interests on the federal and State levels. Our government relations and lobbying practice encompasses activities such as formulating strategy, drafting legislation, appearing before legislative committees and study commissions, and intervening directly with legislative officials.
Section 1128 of the Social Security Act (42 U.S.C. 1320a–7) (available here) established mandatory and permissive authority for exclusion of health care providers from federal health care programs based on provider conduct. In April 2016, the Office of Inspector General of the Department of Health and Human Services (“OIG”) issued an updated list of non-binding criteria for evaluation of provider exclusion under the permissive exclusion authority (the “Exclusion Guidance”). The new Exclusion Guidance is available here. The Exclusion Guidance (i) establishes a presumption of exclusion for any provider who defrauds a federal health care program, (ii) contemplates that the presumption may be rebutted, and (iii) sets forth a list of criteria to be used by the OIG in making a determination whether to seek exclusion.
In applying the Exclusion Guidance, the OIG assesses whether the entity presents a future risk to a federal health care program One of the considerations is an evaluation of the provider’s history of compliance. Lack of a preexisting compliance plan that incorporating the U.S. Sentencing Commission Guidelines Manual’s seven elements of an effective compliance program (available here) indicates that a provider presents a higher risk to the federal health care program supporting exclusion. On the other hand, if the provider has a history of “significant self-disclosures made appropriately and in good faith,” the provider presents a lower risk. The fact that the provider has a preexisting compliance plan alone (in the absence of a history of self-disclosures) does not impact the risk assessment.
Health care providers are subject to a broad range of laws and regulations requiring the development of internal policies and plans to ensure training, ongoing compliance and appropriate response to suspected violations. Parker Poe’s attorneys understand the complex requirements of these laws and regulations and work closely with our health care clients to conduct a risk assessment to identify the appropriate scope of compliance plans, to design and implement those plans, to design training for staff, and to develop procedures to monitor for compliance. When suspected violations of the compliance plan are identified, we work with clients to appropriately investigate and address any non-compliant activity.
On March 11, 2016, CMS proposed implementation of a new two-phase model for drugs reimbursed under Part B of the Medicare Program (“the Proposed Model”). Drugs reimbursed under Part B include drugs administered in hospital outpatient departments or in physician offices. The purpose of the Proposed Model is to test alternative drug payment designs with the goal of (i) reducing overall costs to the Medicare program, and (ii) enhancing quality of care.Read More
The Medicare Shared Savings Program provides financial rewards to Accountable Care Organizations (ACO’s) that successfully manage overall health care costs for a defined population of beneficiaries while meeting quality of care standards. An ACO’s performance each year is based on comparison to the ACO’s financial benchmark. One challenge facing the Shared Savings Program has been criticism of the methodology utilized to establish and update the financial benchmark for each ACO.
Under the current methodology, CMS establishes an initial financial benchmark for each ACO based on the historical healthcare costs for the ACO’s population of beneficiaries. The ACO is then evaluated based on its ability to reduce cost of care from the benchmark number. The benchmark number is revised on an annual basis to reflect (i) updates in the demographics of the ACO’s assigned beneficiaries, (ii) an adjustments based on Medicare’s actual increase in per capital expenditures each year measured on a national basis, and (iii) for years after the first agreement period, adjustments based on the amount of savings generated by the ACO in the prior period.
CMS recently proposed changes to the methodology for adjusting/updating the ACO’s benchmark. The changes are intended to improve the financial incentives for ACO’s by (i) comparing costs of care within the ACO to care provided outside of the ACO in the same geographic region, and (ii) limiting the link between the ACO’s past shared savings and its future benchmark (i.e., addressing the issue that ACO’s are currently penalized in future years based on successful cost savings in prior agreement periods). More information regarding the proposed changes can be found at: https://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2016-Fact-sheets-items/2016-01-28-2.html
If you are interested in learning more about ACO’s, would like to start an ACO or have questions regarding how recent changes within CMS’s Shared Savings Program may impact your organization, please contact a member of our healthcare practice group.
Provider‐based off-campus hospital outpatient departments (OC-HOD’s) established after November 1, 2015 will be subject to a new site-neutral payment limitation starting Jan. 1, 2017 as a result of provisions in the Balanced Budget Act of 2015.
Prior to the effective date of the new law, hospitals will continue to receive higher reimbursement for certain types of services, such as evaluation and management services, procedures and surgeries, provided to Medicare beneficiaries at OC-HOD’s, regardless of when the OC-HOD is established. Commencing on the effective date, however, services provided at OC-HOD’s established after November 1, 2015 will be reimbursed under the Ambulatory Surgical Center or the Medicare Physician Fee Schedule – the same fee schedules currently utilized to reimburse for services provided at free-standing physician offices and ambulatory surgery centers. OC-HOD’s established prior to November 2, 2015 will be grandfathered and will continue to be reimbursed for services to Medicare beneficiaries pursuant to the Medicare Hospital Outpatient Prospective Payment System (OPPS) – at least for now.
The change could have a significant impact on the rate of hospital acquisitions of certain types of suppliers – specifically physician practices– given that the hospital may no longer be able to realize a higher income stream from the provision of physician services by designating the site as “provider-based”.
Proposed regulations issued between now and the effective date will likely address issues such as (i) how a hospital will differentiate between services provided at an OC-HOD site established before or after the effective date of the new law, (ii) the impact of the rule on OC-HOD sites established as provider based prior to November 2, 2015, but subsequently amending their Medicare enrollment application, (iii) what it means to have an “established” OC-HOD location as of November 1, 2015, and (iv) the ability to include OC-HOD established after November 1, 2015 on hospital cost reports (for instance, for purposes such as 340B eligibility) and how inclusion on the cost-report may impact accreditation requirements.
The healthcare attorneys at Parker Poe know and understand the rules and regulations governing provide-based locations and are able to guide clients through the various considerations related to the establishment and operation of provider‐based off-campus hospital outpatient departments.
The Cybersecurity Act of 2015, included in the Omnibus Appropriations and Tax Reform Package adopted into law in December, 2015 (link), specifically addresses cybersecurity in the healthcare industry.
Broadly, the Act (A) establishes the Department of Homeland Security (DHS) as the clearing-house for sharing of cybersecurity threats for the federal government, and (B) provides new rights for network operators (i) to monitor their own networks for the purpose of protecting the network from attempts at hacking, denial of service attacks and other network weaknesses, and (ii) to share cyber threat indicators, and related defensive measures, with others.
Section 405 of the Cybersecurity Act specifically addresses cybersecurity in the healthcare industry by:
1. Requiring the Department of Health and Human Services (DHHS) to develop a report outlining responsibility within DHHS for coordinating efforts regarding cybersecurity threats;
2. Creating a new healthcare industry cybersecurity task force comprised of healthcare stakeholders, cybersecurity experts and federal agencies with specific assignments, which include (i) analyzing how industries, other than the healthcare industry, have implemented strategies to address cyberliability threats, (ii) analyzing barriers that private healthcare entities face to address cyber attacks, (iii) reviewing challenges to securing networked medical devices of software that connects to an electronic health record, and (iv) developing information to be provided to healthcare providers for purposes of improving preparedness for, and response to, cybersecurity threats;
3. Requiring DHHS to establish guidelines and best practices that serve as a resource for cost-effectively reducing cyberliability risks consistent with HIPAA and other relevant laws.
Members of Parker Poe’s HIPAA and Security Team are available to answer questions regarding the Cybersecurity Act as well as to assist clients to address cybersecurity concerns.
Narrow networks (managed care provider networks that include a limited choice of participating healthcare providers and suppliers) have been widely criticized by consumers and consumer-rights groups, particularly in light of the number of narrow network products that are included in the ACA exchange marketplace. Use of narrow networks by self-insured businesses is also growing more prevalent. For consumers who have multiple options for insurance coverage, the question is often one of choice – am I willing to pay more in premiums in order to continue to see my existing doctor, go to the hospital of my choice, or have a wider range of options if I need to see a specialist?
From the doctor’s perspective, however, narrow networks are very confusing. In many cases, it is unclear why a particular doctor is, or is not, allowed to participate in the network. In some cases, only certain physicians are invited to participate in the network, leaving other physicians without knowledge that the plan even exists until a patient calls to find out why the physician does not participate.
While willingness by the physician or physician group to accept the reimbursement rates offered by the payor is one criterion for participation in the narrow network plans, other criteria come into place as well. An invitation to participate in a narrow network may be based upon the payor’s rating of the ability of the physician to offer quality of care and to provide care efficiency (a cost-based rating system). The tier and rating systems, however, are not consistent among payors and often criticized for producing inaccurate, irrelevant and unreliable results. Physicians also worry that there may be a loss of professional autonomy if physicians are pressured, in the course of providing care, to meet the tier and rating criteria developed by the payors in order to participate in the narrow networks rather than to exercise independent medical judgement.
A number of measures have been recently introduced to address consumer-driven concerns with narrow networks. The Patient Protection and Affordable Care Act – HHS Notice of Benefit and Payment Parameters for 2017 (available here: https://www.federalregister.gov/articles/2015/12/02/2015-29884/patient-protection-and-affordable-care-act-hhs-notice-of-benefit-and-payment-parameters-for-2017) proposes that states should be required to develop rules to test the adequacy of provider participants in payor networks. In addition, the National Association of Insurance Commissioners has been working to update model legislation regarding plan network access and adequacy. Finally, legislation regarding network adequacy has been adopted or proposed in a number of states. Typically, state laws incorporate rules regarding maximum travel distances for a patient to see a participating provider, maximum wait-times and/or acceptable provider-to-beneficiary ratios.
If you have questions regarding your relationship with third-party payors, such as managed care contracting, billing audits, or inclusion in narrow networks, Parker Poe has a number of experienced attorneys able to assist.