Category Archives: Medicare Attorney

The Reality of Prepayment Review and What To Do If You Are Tagged – You’re It!

Prepayment review is a drastic tool (more like a guillotine) that the federal and state governments via hired contractors review the documentation supporting services for Medicare and Medicaid prior to the provider receiving reimbursement. The providers who are placed on prepayment review are expected to continue to render services, even if the provider is not compensated. Prepayment review is a death sentence for most providers.

The required accuracy rating varies state to state, but, generally, a provider must meet 75% accuracy for three consecutive months.

In the governments’ defense, theoretically, prepayment review does not sound as Draconian as it is. Government officials must think, “Well, if the provider submits the correct documentation and complies with all applicable rules and regulations, it should be easy for the provider to meet the requirements and be removed from prepayment review.” However, this false reasoning only exists in a fantasy world with rainbows and gummy bears. Real life prepayment review is vastly disparate from the rainbow and gummy bears prepayment review.

In real life prepayment review:

  • The auditors may use incorrect, inapplicable, subjective, and arbitrary standards.

I had a case in which the auditors were denying 100% ACTT services, which are 24-hour mental health services for those 10% of people who suffer from extreme mental illness. The reason that the auditor was denying 100% of the claims was because “lower level services were not tried and ruled out.” In this instance, we have a behavioral health care provider employing staff to render ACTT services (expensive), actually rendering the ACTT services (expensive), and getting paid zero…zilch…nada…for a reason that is not required! There is no requirement that a person receiving ACTT services try a lower level of service first. If the person qualifies for ACTT, the person should receive ACTT services. Because of this auditor’s misunderstanding of ACTT, this provider was almost put out of business.

Another example: A provider of home health was placed on prepayment review. Again, 90 – 100% of the claims were denied. In home health, program eligibility is determined by an independent assessment conducted by the Division of Medical Assistance (DMA) via Liberty, which creates an individualized plan of care. The provider submitted claims for Patient Sally, who, according to her plan, needs help dressing. The service notes demonstrated that the in-home aide helped Sally dress with a shirt and pants. But the auditor denies every claim the provider bills for Sally (which is 7 days a week) because, according to the service note, the in-home aide failed to check the box to show she/he helped put on Sally’s shoes. The auditor fails to understand that Sally is a double amputee – she has no feet.

Quis custodiet ipsos custodes – Who watches the watchmen???

  • The administrative burden placed on providers undergoing prepayment review is staggering.

In many cases, a provider on prepayment review is forced to hire contract workers just to keep up with the number of document requests coming from the entity that is conducting the prepayment review. After initial document requests, there are supplemental document requests. Then every claim that is denied needs to be re-submitted or appealed. The amount of paperwork involved in prepayment review would cause an environmentalist to scream and crumple into the fetal position like “The Crying Game.”

  • The accuracy ratings are inaccurate.

Because of the mistakes the auditors make in erroneously denying claims, the purported “accuracy ratings” are inaccurate. My daughter received an 86 on a test. Given that she is a straight ‘A’ student, this was odd. I asked her what she got wrong, and she had no idea. I told her to ask her teacher the next day why she received an 86. Oops. Her teacher had accidentally given my daughter an 86; the 86 was the grade of another child in the class with the same first name. In prepayment review, the accuracy ratings are the only method to be removed from prepayment, so the accuracy of the accuracy ratings is important. One mistaken, erroneously denied claim damages the ratings, and we’ve already discussed that mistakes/errors occur. You think, if a mistake is found, call up the auditing entity…talk it out. See below.

  • The communication between provider and auditor do not exist.

Years ago my mom and I went to visit relatives in Switzerland. (Not dissimilar to National Lampoon’s European Vacation). They spoke German; we did not. We communicated with pictures and hand gestures. To this day, I have no idea their names. This is the relationship between the provider and the auditor.

Assuming that the provider reaches a live person on the telephone:

“Can you please explain to me why claims 1-100 failed?”

“Don’t you know the service definitions and the policies? That is your responsibility.”

“Yes, but I believe that we follow the policies. We don’t understand why these claims are denied. That’s what I’m asking.”

“Read the policy.”

“Not helpful.”

  • The financial burden on the provider is devastating.

If a provider’s reimbursements are 80 – 100% reliant on Medicaid/care and those funds are frozen, the provider cannot meet payroll. Yet the provider is expected to continue to render services. A few years ago, I requested from NC DMA a list of providers on prepayment review and the details surrounding them. I was shocked at the number of providers that were placed on prepayment review and within a couple months ceased submitting claims. In reality, what happened was that those providers were forced to close their doors. They couldn’t financially support their company without getting paid.

Ok, now we know that prepayment review can be a death sentence for a health care provider. How can we prepare for prepayment review and what do we do if we are placed on prepayment review?

  1. Create a separate “what if” savings account to pay for attorneys’ fees. The best defense is a good offense. You cannot prevent yourself from being placed on prepayment review – there is no rhyme or reason for such placement. If you believe that you will never get placed on prepayment review, then you should meet one of my partners. He got hit by lightning – twice! (And lived). So start saving! Legal help is a must. Have your attorney on speed dial.
  2. Self-audit. Be proactive, not reactive. Check your documents. If you use an electronic records system, review the notes that it is creating. If it appears that all the notes look the same except for the name of the recipient, fix your system. Cutting and pasting (or appearing to cut and paste) is a pitfall in audits. Review the notes of the highest reimbursement code. Most likely, the more the reimbursement rate, the more likely to get flagged.
  3. Implement an in-house policy about opening the mail and responding to document requests. This sounds self evident, but you will be surprised how many providers have multiple people getting and opening the mail. The employees see a document request and they want to be good employees – so they respond and send the documents. They make a mistake and BOOM – you are on prepayment review. Know who reviews the mail and have a policy for notifying you if a document request is received.
  4. Buck up. Prepayment review is a b*^%$. Cry, pray, meditate, exercise, get therapy, go to the spa, medicate…whatever you need to do to alleviate stress – do it.
  5. Do not think you can get off prepayment review alone and without help. You will need help. You will need bodies to stand at the copy machine. You will need legal help. Do not make the mistake of allowing the first three months pass before you contact an attorney. Contact your attorney immediately.

Medicare Appeals Backlog: Is HHS In Danger of Being Held in Contempt?

Four months after the Center for Medicare and Medicaid Services’ (CMS) Final Rule went in effect (March 2017) attempting to eliminate the Medicare appeal backlog and 6 months before United States District Court for the District of Columbia’s first court-imposed deadline (end of 2017) of reducing the Medicare appeal backlog by 30%, the Department of Health and Human Services (HHS) are woefully far from either. According to HHS’ June 2017 report on the Medicare appeal backlog, 950,520 claims will remain in the backlog by 2021. This is in stark contrast to the District Court’s Order that HHS completely eliminate the backlog by 2020. So will HHS be held in contempt? Throw the Secretary in jail? That is what normally happened when someone violates a Court Order.

Supposedly, HHS’ catastrophic inability to decrease the Medicare appeal backlog is not from a lack of giving the ole college try. But, in its June 2017 report, HHS blames funding.

CMS issued a new Final Rule in January 2017, which took effect March 2017, in hopes of reducing the massive Medicare provider appeal backlog that has clogged up the third level of appeal of Medicare providers’ adverse actions. In the third level of appeal, providers make their arguments before an administrative law judge (ALJ). For information on all the Medicare appeal levels, click here.

The Office of Medicare Hearings and Appeals (OMHA) claims that it currently can adjudicate roughly 92,000 appeals annually. The current backlog is approximately 667,326 appeals that HHS estimates will grow to 950,520 by 2021. The average number of days between filing a Petition with OMHA and adjudicating the case is around 1057.2 days. 

HHS had high hopes that these changes would eliminate the backlog. In HHS’ Final Rule Fact Sheet, it states “with the administrative authorities set forth in the final rule and the FY 2017 proposed funding increases and legislative actions outlined in the President’s Budget, we estimate that that the backlog of appeals could be eliminated by FY 2020.” The changes made to the Medicare appeals process by the January 2017 Final Rule is the following:

Changes to the Medicare Appeals Process

The changes in the final rule are primarily focused on the third level of appeal and will:

  • Designate Medicare Appeals Council decisions (final decisions of the Secretary) as precedential to provide more consistency in decisions at all levels of appeal, reducing the resources required to render decisions, and possibly reducing appeal rates by providing clarity to appellants and adjudicators.
  • Allow attorney adjudicators to decide appeals for which a decision can be issued without a hearing and dismiss requests for hearing when an appellant withdraws the request. That way ALJs can focus on conducting hearings and adjudicating the merits of more complex cases.
  • Simplify proceedings when CMS or CMS contractors are involved by limiting the number of entities (CMS or contractors) that can be a participant or party at the hearing.
  • Clarify areas of the regulations that currently causes confusion and may result in unnecessary appeals to the Medicare Appeals Council.
  • Create process efficiencies by eliminating unnecessary steps (e.g., by allowing ALJs to vacate their own dismissals rather than requiring appellants to appeal a dismissal to the Medicare Appeals Council); streamlining certain procedures (e.g., by using telephone hearings for appellants who are not unrepresented beneficiaries, unless the ALJ finds good cause for an appearance by other means); and requiring appellants to provide more information on what they are appealing and who will be attending a hearing.
  • Address areas for improvement previously identified by stakeholders to increase the quality of the process and responsiveness to customers, such as establishing an adjudication time frame for cases remanded from the Medicare Appeals Council, revising remand rules to help ensure cases keep moving forward in the process, simplifying the escalation process, and providing more specific rules on what constitutes good cause for new evidence to be admitted at the OMHA level of appeal.

In early June 2017, HHS issued its second status report on the Medicare appeals backlog and the outlook does not look good.

CMS held a call on June 29, 2017, to discuss recent regulatory changes intended to streamline the Medicare administrative appeal processes, reduce the backlog of pending appeals, and increase consistency in decision-making across appeal levels.

Now HHS is in danger of violating a Court Order.

In December 2016, the District Court for the District of Columbia held in American Hospital Association v Burwell case Ordered HHS to release to status reports every 90 days and the complete elimination of the backlog by 2020, HHS is also required to observe several intermediary benchmarks: 30% reduction by the end of 2017, 60% by the end of 2018, 90% by the end of 2019, and then ultimately 100% elimination by the end of 2020.

BUT LITTLE TO NOTHING HAS CHANGED.

HHS itself has maintained since the requirements were instituted that the elimination of the backlog would not be possible. June’s report projects 950,520 claims will remain by 2021, but this projection is still very far from meeting the court order.

HHS blames funding.

But even significant increase of funding (from about $107 million in 2017, to $242 million in 2018) will not cure the problem! I find it very disturbing that $242 million could not eliminate the Medicare appeal backlog. So what will happen when HHS fails to meet the Court’s mandate of a 30% reduction of the backlog by the end of 2017? Hold the Secretary in contempt?

The court in Burwell drafted a “what if” into the Decision—the Court stated: “if [HHS] fails to meet [these] deadlines, Plaintiffs may move for default judgment or to otherwise enforce the writ of mandamus.”  This allows the Court authority to enforce its Decision, but it has not motivated HHS to try any innovative procedures to reduce the backlog. So far no additional actions have been attempted, and the backlog remains.

If HHS is in violation of the Court Order at the end of 2017, the Court could issue harsh penalties. (Or the Court could do nothing and be a complete disappointment).

Medicare/caid Fraud, Tattletails, and How To Self Disclose

On July 13, 2017, Attorney General Jeff Sessions and Department of Health and Human Services (HHS) Secretary Tom Price, M.D., announced the Department of Justice’s (DOJ) biggest-ever health care fraud takedown. 412 health care providers were charged with health care fraud. In total, allegedly, the 412 providers schemed and received $1.3 billion in false billings to Medicare, Medicaid, and TRICARE. Of the 412 defendants, 115 are physicians, nurses, and other licensed medical professionals. Additionally, HHS has begun the suspension process against 295 health care providers’ licenses.

The charges include allegations of billing for medically unnecessary treatments or services that were not really provided. The DOJ has evidence that many of the defendants had illegal kickback schemes set up. More than 120 of the defendants were charged with unlawfully or inappropriately prescribing and distributing opioids and other narcotics.

While this particular sting operation resulted from government investigations, not all health care fraud is discovered through government investigation. A great deal of fraud is uncovered through private citizens coming forward with incriminating information. These private citizens can file suit against the fraudulent parties on behalf of the government; these are known as qui tam suits.

Being a whistleblower goes against what most of us are taught as children. We are taught not to be a tattletail. I have vivid memories from elementary school of other kids acting out, but I would remain silent and not inform the teacher. But in the health care world, tattletails are becoming much more common – and they make money for blowing that metaphoric whistle.

What is a qui tam lawsuit?

Qui tam is Latin for “who as well.” Qui tam lawsuits are a type of civil lawsuit whistleblowers (tattletails) bring under the False Claims Act, a law that rewards whistleblowers if their qui tam cases recover funds for the government. Qui tam cases are a powerful weapon against Medicare and Medicaid fraud. In other words, if an employee at a health care facility witnesses any type of health care fraud, even if the alleged fraud is unknown to the provider, that employee can hire an attorney to file a qui tam lawsuit to recover money on behalf of the government. The government investigates the allegations of fraud and decides whether it will join the lawsuit. Health care entities found guilty in a qui tam lawsuit will be liable to government for three times the government’s losses, plus penalties.

The whistleblower is rewarded for bringing these lawsuits. If the government intervenes in the case and recovers funds through a settlement or a trial, the whistleblower is entitled to 15% – 25% of the recovery. If the government doesn’t intervene in the case and it is pursued by the whistleblower team, the whistleblower reward is between 25% – 30% of the recovery.

These recoveries are not low numbers. On June 22, 2017, a physician and rehabilitative specialist agreed to pay $1.4 million to resolve allegations they violated the False Claims Act by billing federal health care programs for medically unreasonable and unnecessary ultrasound guidance used with routine lab blood draws, and with Botox and trigger point injections. If a whistleblower had brought this lawsuit, he/she would have been awarded $210,000 – 420,000.

On June 16, 2017, a Pennsylvania-based skilled nursing facility operator agreed to pay roughly $53.6 million to settle charges that it and its subsidiaries violated the False Claims Act by causing the submission of false claims to government health care programs for medically unnecessary therapy and hospice services. The allegations originated in a whistleblower lawsuit filed under the qui tam provisions of the False Claims Act by 7 former employees of the company. The whistleblower award – $8,040,000 – 16,080,000.

There are currently two, large qui tam cases against United Health Group (UHG) pending in the Central District of California. The cases are: U.S. ex rel. Benjamin Poehling v. UnitedHealth Group, Inc. and U.S. ex rel. Swoben v. Secure Horizons, et al. Both cases were brought by James Swoben, who was an employee and Benjamin Poehling, who was the former finance director of a UHG group that managed the insurer’s Medicare Advantage Plans. On May 2, 2027, the U.S. government joined the Poehling lawsuit.

The charges include allegations that UHG:

  • Submitted invalid codes to the Center for Medicare and Medicaid Services (CMS) that it knew of or should have known that the codes were invalid – some of the dates of services at issue in the case are older than 2008.
  • Intentionally avoided learning that some diagnoses codes or categories of codes submitted to their plans by providers were invalid, despite acknowledging in 2010 that it should evaluate the results of its blind chart reviews to find codes that need to be deleted.
  • Failed to follow up on and prevent the submissions of invalid codes or submit deletion for invalid codes.
  • Attested to CMS each year that the data they submitted was true and accurate while knowing it was not.

UHG would not be in this expensive, litigious pickle had it conducted a self audit and followed the mandatory disclosure requirements.

What are the mandatory disclosure requirements? Glad you asked…

Section 6402(a) of the Affordable Care Act (ACA) creates an express obligation for health care providers to report and return overpayments of Medicare and Medicaid. The disclosure must be made by 60 days days after the date that the overpayment was identified or the date any corresponding cost report is due, if applicable. Identification is defined as the point in which the provider has determined or should have determined through the exercise of due diligence that an overpayment exists. CMS expects the provider to proactively investigate any credible information of a potential overpayment. The consequences of failing to proactively investigate can be seen by the UHG  lawsuits above-mentioned. Apparently, UHG had some documents dated in 2010 that indicated it should review codes and delete the invalid codes, but, allegedly, failed to do so.

How do you self disclose?

According to CMS:

“Beginning June 1, 2017, providers of services and suppliers must use the forms included in the OMB-approved collection instrument entitled CMS Voluntary Self-Referral Disclosure Protocol (SRDP) in order to utilize the SRDP. For disclosures of noncompliant financial relationships with more than one physician, the disclosing entity must submit a separate Physician Information Form for each physician. The CMS Voluntary Self-Referral Disclosure Protocol document contains one Physician Information Form.”

“Bye Felicia” – Closing Your Doors To a Skilled Nursing Facility May Not Be So Easy – You Better Follow the Law Or You May Get “Sniffed!”

There are more than 15,000 nursing homes across the country. Even as the elderly population balloons, more and more nursing homes are closing. The main reason is that Medicare covers little at a nursing home, but Medicare does cover at-home and community-based services; i.e., personal care services at your house. Medicare covers nothing for long term care if the recipient only needs custodial care. If the recipient requires a skilled nursing facility (SNF), Medicare will cover the first 100 days, although a co-pay kicks in on day 21. Plus, Medicare only covers the first 100 days if the recipient meets the 3-day inpatient hospital stay requirement for a covered SNF stay. For these monetary reasons, Individuals are trying to stay in their own homes more than in the past, which negatively impacts nursing homes. Apparently, the long term care facilities need to lobby for changes in Medicare.

Closing a SNF, especially if it is Medicare certified, can be tricky to maneuver the stringent regulations.  You cannot just be dismissive and say, “Bye, Felicia,” and walk away. Closing a SNF can be as legally esoteric as opening a SNF. It is imperative that you close a SNF in accordance with all applicable federal regulations; otherwise you could face some “sniff” fines. Bye, Felicia!

Section 6113 of the Affordable Care Act dictates the requirements for closing SNFs. SNF closures can be voluntary or involuntary. So-called involuntary closures occur when health officials rule that homes have provided inadequate care, and Medicaid and Medicare cut off reimbursements. There were 106 terminations of nursing home contracts in 2014, according to the federal Centers for Medicare and Medicaid Services (CMS).

Regardless, according to law, the SNF must provide notice of the impending closure to the State and consumers (or legal representatives) at least 60 days before closure. An exception is if the SNF is shut down by the state or federal government, then the notice is required whenever the Secretary deems appropriate. Notice also must be provided to the State Medicaid agency, the patient’s primary care doctors, the SNF’s medical director, and the CMS regional office. Once notice is provided, the SNF may not admit new patients.

Considering the patients who reside within a SNF, by definition, need skilled care, the SNF also has to plan and organize the relocation of its patients. These relocation plans must be approved by the State.

Further, if the SNF violates these regulations the administrator of the facility and will be subject to civil monetary penalty (CMP) as follows: A minimum of $500 for the first offense; a minimum of $1,500 for the second offense; and a minimum of $3,000 for the third and subsequent offenses. Plus, the administrator could be subject to higher amounts of CMPs (not to exceed ($100,000) based on criteria that CMS will identify in interpretative guidelines.

If you are contemplating closing a SNF, it is imperative that you do so in accordance with the federal rules and regulations. Consult your attorney. Do not be dismissive and say, “Bye, Felicia.” Because you could get “sniffed.”

Do You Pay Your Billing Agent a Percentage of Claims? You May Be in Violation of Federal law!

The Office of Inspector General (OIG) recently disseminated hundreds of recoupment letters to providers in New York who had percentage-based contracts with billing agents. OIG is seeking recoupment for services spanning a five-year period, plus 9% interest. See example redacted letter from OIG.

oig letter

42 CFR 447.10 prohibits the re-assignment of provider claims and applies only to Medicaid. It is recommended that you pay your billing agent a flat fee or on a time basis.

North Carolina Medical Society also discourages fee splitting. On the NCMS website, the Society warns that “Except in instances permitted by law (N.C. Gen. Stat. § 55B-14(c)), it is the position of the Board that a licensee cannot share revenue on a percentage basis with a non-licensee. To do so is fee splitting and is grounds for disciplinary action.”

Not all States prohibit fee splitting, and if Medicare or Medicaid is not involved, then we look to state law. But if Medicare or Medicaid is involved, then federal law matters. Some States prohibit fee splitting for doctors, chiropractors, and hospitals, while other states do not prohibit fee splitting for massage therapists. So it is important to know your State’s laws.

Lawyers also have fee-splitting prohibitions. To split fees with a nonlawyer constitutes the practice of law without a license (and probably multiple other ethical concerns).

Physicians, group practices and management services organizations should continue to carefully examine their current and proposed arrangements to ensure compliance with the fee-splitting prohibition applicable to your State. If you are unsure, consult an attorney.

OIG may have started these audits in New York, but, as New York State says “Excelsior” – ever upward – we can be sure that OIG will continue across the country.

Durable Medical Equipment and Home Health and Hospice Targeted in Region 5!

Durable Medical Equipment (DME) providers across the country are walking around with large, red and white bullseyes on their backs. Starting back in March 2017, the RAC audits began targeting DME and home health and hospice. DME providers also have to undergo audits by the Comprehensive Error Rate Testing Program (CERT).

bullseye

The RAC for Jurisdiction 5, Performant Recovery, is a national company contracted to perform Recovery Audit Contractor (RAC) audits of durable medical equipment, prosthetic, orthotic and supplies (DMEPOS) claims as well as home health and hospice claims. Medicare Part B covers medically necessary DME. The following are the RAC regions:

Region 1 – Performant Recovery, Inc.

Region 2 – Cotiviti, LLC

Region 3 – Cotiviti, LLC

Region 4 – HMS Federal Solutions

Region 5 – Performant Recovery, Inc.

racregions

As you can see from the above map, we are in Region 3. The country is broken up into four regions. But, wait, you say, you said that Performant Recovery is performing RAC audits in region 5 – where is region 5?

Region 5 is the whole country.

The Centers for Medicare and Medicaid (CMS) has contracted with Performant Recovery to audit DME and home health and hospice across the whole country.

dmemap

DME and home health and hospice providers – There is nowhere to hide. If you provide equipment or services within the blue area, region 5, you are a target for a RAC audit.

What are some common findings in a RAC audit for DME?

Without question, the most common finding in a RAC or CERT audit is “insufficient documentation.” The problem is that “insufficient documentation” is nebulous, at best, and absolutely incorrect, at worst. This error is by auditors if they cannot conclude that the billed services were actually provided, were provided at the level billed, and/or were medically necessary. An infuriating discovery was when I was defending a DME RAC audit and learned that the “real” reason for the denial of a claim was that no one went to the consumers door, knocked on it, and verified that a wheelchair had, in fact, been delivered. In-person verification of delivery is not a requirement, nor should it be. Such a burdensome requirement would unduly prejudice DME companies. Yes, you need to be able to show a signed and dated delivery slip, but you do not have to go to the consumer’s house and snap a selfie with the consumer and the piece of equipment.

Another common target for RAC audits is oxygen tubing, oxygen stands/racks, portable liquid oxygen systems, and oxygen concentrators.  RAC auditors mainly look for medical necessity for oxygen equipment. Hospital beds/accessories are also a frequent find in a RAC audit. A high use of hospital beds/accessories codes can enlarge the target on your back.

Another recurrent issue that the RAC auditors cite is billing for bundled services separately. Medicare does not make separate payment for DME provider when a beneficiary is in a covered inpatient stay. RAC auditors check whether suppliers are inappropriately receiving separate DME payment when the beneficiary is in a covered inpatient stay.  Suppliers can’t bill for DME items used by the patient prior to the patient’s discharge from the hospital. Medicare doesn’t allow separate billing for surgical dressings, urological supplies, or ostomy supplies provided in the hospital because reimbursement for them is wrapped into the Part A payment. This prohibition applies even if the item is worn home by the patient when leaving the hospital.

As always, documentation of the face to face encounter and the prescription are also important.

You can find the federal regulation for DME documentation at 42 CFR 410.38 – “Durable medical equipment: Scope and conditions.”

Once you receive an alleged overpayment, know your rights! Appeal, appeal, appeal!! The Medicare appeal process can be found here.

Gordon & Rees Ranked Among 50 Largest U.S. Law Firms by Law360

Here’s a little unabashed, yet well-deserved honor my firm recently obtained. Number 48!! Go Team G&RSM! #Medicaidatty #Medicareatty

Gordon Rees Scully Mansukhani now ranks as the 48th largest law firm in the United States per Law360 in its annual rankings of the 400 largest law firms in the nation. The firm attained this distinction by moving up five spots from the prior year’s rankings and 23 positions from the 2015 list, and currently comprises some 733 attorneys and 304 partners throughout the U.S.

“This distinction represents an important milestone for the firm,” commented Firmwide Managing Partner Dion N. Cominos. “We continue to have good fortune in growing our platform with outstanding lawyers; most importantly, however, the growth has not occurred for its own sake but instead to allow us to best service our clients on a national stage.”

During the last three years, the firm has expanded its U.S. headcount by more than 26 percent and, since 2000, Gordon & Rees has added more than 30 new offices, and now has a major outpost in eight of the 10 largest cities in the United States. In 2017 alone, the firm has opened five new offices: Cincinnati and Columbus, Ohio; Oklahoma City, Oklahoma; Salt Lake City, Utah; and Milwaukee, Wisconsin.

Gordon & Rees is a national litigation and business transactions firm with more than 700 lawyers in 43 offices across the United States. Our lawyers provide full service representation to public and private companies ranging from the Fortune 500 to start-ups. Founded in 1974, Gordon & Rees is recognized among the fastest growing and largest law firms in the country and continues to climb the ranks of both The Am Law 200 and The National Law Journal.”

EHR: What’s In YOUR Contract? Legal Issues You Need to Know.

Electronic health records or EHR have metamorphosed health care. Choosing a vendor can be daunting and the prices fluctuate greatly. As a provider, you probably determine your EHR platform on which vendor’s program creates the best service notes… or which creates the most foolproof way of tracking time… or which program is the cheapest.

But…what’s in YOUR contract can be legally deadly.

Regardless how you choose your EHR vendor, you need to keep the following legal issues in mind when it comes to EHR and the law:

Regulatory and Clinical Coverage Policy Compliance

Most likely, your EHR vendor does not have a legal degree. Yet, you are buying a product and assuming that the EHR program complies with applicable regulations, rules, and clinical coverage policies – whichever are applicable to your type of service. Well, guess what? These regulations, rules, and clinical coverage policies are not stagnant. They are amended, revised, and re-written more than my chickens lay eggs, but a little less often, because my chickens lay eggs every day.

Think about it – The Division of Medical Assistance (DMA) publishes a monthly Medicaid Bulletin. Every month DMA provides more insight, more explanations, more rules that providers will be held accountable to follow.

Does your EHR program update every month?

You need to review your contract and determine whether the vendor is responsible for regulatory compliance or whether you are. If you are, should you put so much faith in the EHR program?

Document Accessibility

You are required to maintain your records (depending on your type of service) anywhere from 5-10 years. Let’s say that you sign a four year contract with EHR Vendor X. The four years expires, and you hire a new EHR vendor. You are audited. But Vendor X does not allow you access to the records because you no longer have a contract with them – not their problem!

You need to ensure that your EHR contract allows you access to your documents (because they are your documents) even in the event of the contract expiring or getting terminated. The excuse that “I don’t have access to that” does not equal a legal defense.

Indemnification

This is otherwise known as the “Blame Game.” If there is a problem with regulatory compliance, as in, the EHR records do not follow the regulations, then you need to know whether the EHR vendor will take responsibility and pay, or help pay, for attorneys’ fees to defend yourself.

Like it or not, the EHR vendor does not undergo audits by the state and federal government. The EHR vendor does not undergo post and pre-payment reviews for regulatory compliance. You do. It is your NPI number that is held accountable for regulatory compliance.

You need to check whether there is an indemnification clause in the EHR contract. In other words, if you are accused of an overpayment because of a mistake on the part of the vendor, will the vendor cover your defense? My guess is that there is no indemnification clause.

HIPAA Compliance

HIPAA laws require that you minimize the access to private health information (PHI) and prevent dissemination. With hard copies, this was easy. You could just lock up the documents. With EHR, it becomes trickier. Obviously, you have access to the PHI as the provider. But who can access your EHR on the vendor-side? Assuming that the vendor has an IT team in case of computer issues, you have to consider to what exactly does that team have access.

I recently attended a legal continuing education class on data breach and HIPAA compliance for health care. One of the speakers was a Special Agent with the FBI. This gentleman prosecutes data breaches for a living. He said that hackers will pay over $500 per private medical document. Health care companies experienced a 72% increase in cyberattacks between 2013 and 2014. Stolen health care information is 10 times more valuable than your credit card information.

Zombie Apocalypse

Obviously, I am exaggerating here. I do not believe that The Walking Dead is real and in our future. But here is my point – You are held accountable for maintaining your medical records, even in the face of an act of God or terrorism.

Example: It was 1996. Provider Dentist did not have EHR; he had hard copies. Hurricane Fran flooded Provider Dentist’s office, ruining all medical records. When Provider Dentist was audited, the government did not accept the whole “there was a hurricane” excuse. Dentist was liable for sever penalties and recoupments.

Fast forward to 2017 and EHR – Think a mass computer shutdown won’t happen? Just ask Delta about its August 2016 computer shutdown that took four days and cancelled over 2000 flights. Or Medstar Health, which operates 10 hospitals and more than 250 outpatient facilities, when in March 2016, a computer virus shut down its emails and…you guessed it…its EHR database.

So, what’s in YOUR contract?

Hospital May Lose Its Medicare Contract, Threatens CMS

Hospital is shocked to learn that its Medicare contract with Health and Human Services may be terminated by April 16, 2017. Medicaid services may also be adversely affected. The hospital was notified of the possible Medicare contract termination on March 27, 2017, and is faced with conceivably losing its Medicare contract within a month of notification. Legal action cannot act fast enough – unless the hospital requests an emergency temporary restraining order, motion to stay, and preliminary injunction and files it immediately upon learning that its Medicare contract is terminated.

The Center for Medicare and Medicaid Services (CMS) threatened Greenville Memorial Hospital, part of Greenville Health System, in South Carolina, that Medicare reimbursements will cease starting April 16, 2017. According to CMS, Memorial’s emergency department is not compliant with Medicare regulations.

A public notice in the Greenville News says: “Notice is hereby given that effective April 15, 2017, the agreement between GHS Greenville Memorial Hospital, 701 Grove Road, Greenville, S.C. 29605 and the Secretary of Health and Human Service, as a provider of Hospital Services and Health Insurance for the Aged and Disabled Program (Medicare) is to be terminated. GHS Greenville Memorial Hospital does not meet the following conditions of participation. 42 CFR 482.12 Governing Body, 42 CFR 482.13 Patients’ Rights and 42 CFR 482.23 Nursing Services.”

“The Centers for Medicare and Medicaid Services has determined that GHS Greenville Memorial Hospital is not in compliance with the conditions of coverage. The Medicare program will not make payment for hospital services to patients who are admitted after April 16, 2017.”

The findings came after an onsite audit was conducted on March 13, 2017. Memorial was notified of the report on March 27, 2017.

Memorial must have submitted a corrective action plan by April 3, 2017, but it has not been released.

The emergency department at Memorial treats about 300 patients per day. An employee of Memorial estimates that the termination would lose net revenue from Medicare and Medicaid could potentially reach around $495 million. Greenville Memorial received $305 million in Medicare funding and $190 million from Medicaid in the most recent fiscal year, accounting for nearly six in 10 patients, officials said.

While CMS and Memorial refuse to discuss the details of the alleged noncompliance, CMS’ public notice cites three CFR cites: 42 CFR 482.12 Governing Body, 42 CFR 482.13 Patients’ Rights and 42 CFR 482.23 Nursing Services.

42 CFR 482.12 requires that hospitals have governing bodies and plans to follow Medicare regulations. Subsection (f) specifically requires that if a hospital has an emergency department that the hospital must follow 42 CFR 482.55 “Conditions of Participation,” which states that “The hospital must meet the emergency needs of patients in accordance with acceptable standards of practice.

(a) Standard: Organization and direction. If emergency services are provided at the hospital –

  1. The services must be organized under the direction of a qualified member of the medical staff;
  2. The services must be integrated with other departments of the hospital;
  3. The policies and procedures governing medical care provided in the emergency service or department are established by and are a continuing responsibility of the medical staff.

(b) Standard: Personnel.

  1. The emergency services must be supervised by a qualified member of the medical staff.
  2. There must be adequate medical and nursing personnel qualified in emergency care to meet the written emergency procedures and needs anticipated by the facility.”

The Memorial audit stemmed from a March 4, 2017, death of Donald Keith Smith, 48, who died as a result of traumatic asphyxiation. After an altercation, the patient was placed on a gurney, supposedly, face-down. South Carolina’s Department of Health and Environmental Controls Site Survey Agency investigated the hospital after the death and the audit found that hospital security officers improperly restrained Smith, strapping him face down to a gurney during an altercation, rendering him unable to breathe. The death was ruled a homicide.

Memorial terminated the security officers involved in the death.

Now the hospital is faced with its own potential death. The loss of Medicare and, perhaps, Medicaid reimbursements could financially kill the hospital. Let’s see what happens…

Health Care Fraud Liability: With Yates Fired – What Happens to the Memo?

“You’re fired!” President Trump has quite a bit of practice saying this line from The Apprentice. Recently, former AG Sally Yates was on the receiving end of the line. “It’s not personal. It’s just business.”

The Yates Memo created quite a ruckus when it was first disseminated. All of a sudden, executives of health care agencies were warned that they could be held individually accountable for actions of the agency.

What is the Yates Memo?

The Yates Memo is a memorandum written by Sally Quillian Yates, former Deputy Attorney General for the U.S. Dept. of Justice, dated September 9, 2015.

It basically outlines how federal investigations for corporate fraud or misconduct should be conducted  and what will be expected from the corporation getting investigated. It was not written specifically about health care providers; it is a general memo outlining the investigations of corporate wrongdoing across the board. But it is germane to health care providers.

See blog.

January 31, 2017, Sally Yates was fired by Trump. So what happens to her memo?

With Yates terminated, will the memo that has shaken corporate America that bears her name go as well? Newly appointed Attorney General Jeff Sessions wrote his own memo on March 8, 2017, entitled “Memorandum for all Federal Prosecutors.” it directs prosecutors to focus not on corporate crime, but on violent crime. However, investigations into potential fraud cases and scrutiny on providers appear to remain a top priority under the new administration, as President Donald Trump’s proposed budget plan for fiscal year 2018 included a $70 million boost in funding for the Health Care Fraud and Abuse Control program.

Despite Sessions vow to focus on violent crimes, he has been clear that health care fraud remains a high priority. At his confirmation, Sessions said: “Sometimes, it seems to me, Sen. Hirono, that the corporate officers who caused the problem should be subjected to more severe punishment than the stockholders of the company who didn’t know anything about it.” – a quote which definitely demonstrates Sessions aligns with the Yates Memo.

By law, companies, like individuals, are not required to cooperate with the Justice Department during an investigation.  The Yates Memo incentivizes executives to cooperate. However, the concept was not novel. Section 9-28.700 of the U.S. Attorneys’ Manual, states: “Cooperation is a potential mitigating factor, by which a corporation – just like any other subject of a criminal investigation – can gain credit in a case that otherwise is appropriate for indictment and prosecution.”

Even though Trump’s proposed budget decreases the Department of Justice’s budget, generally, the increase in the budget for the Health Care Fraud and Abuse Control program is indicative of this administration’s focus on fraud, waste, and abuse.

Providers accused of fraud, waste, or abuse suffer extreme consequences. 42 CFR 455.23 requires states to suspend Medicaid reimbursements upon credible allegations of fraud. The suspension, in many instances, lead to the death of the agency – prior to any allegations being substantiated. Just look at what happened in New Mexico. See blog. And the timeline created by The Santa Fe New Mexican.

When providers are accused of Medicare/caid fraud, they need serious legal representation, but with the suspension in place, many cannot afford to defend themselves.

I am “all for” increasing scrutiny on Medicare/caid fraud, waste, and abuse, but, I believe that due process protection should also be equally ramped up. Even criminals get due process.

The upshot regarding the Yates Memo? Firing Yates did not erase the Yates Memo. Expect Sessions and Trump to continue supporting the Yates Memo and holding executives personally accountable for health care fraud – no more hiding behind the Inc. or LLC. Because firing former AG Yates, did nothing to the Yates Memo…at  least not yet.