Three Steps to Immediately Reduce Healthcare Compliance Exposure

Mark S. Kopson

Healthcare fraud – it is the only topic getting more news coverage these days than the healthcare reform debate and increased enforcement activity. One of the reasons involves pure economics.

In fiscal 2008, federal criminal and civil fraud enforcement efforts resulted in the government’s recovery of $2.35 billion. Coupled with post-payment audit recoupments, the government realized a $17 return for every $1 invested in enforcement efforts. That return on investment led to the formation of the Health Care Fraud Prevention and Enforcement Action Team (HEAT).

HEAT is a joint effort by the departments of Justice and Health & Human Services to detect and aggressively prosecute healthcare fraud using real-time claims data. Within 30 days of the May 2009 announcement of HEAT’s formation in Detroit, 58 individuals, some physicians, were indicted for Medicare fraud schemes involving physical, occupational and infusion therapy. Last week, a mere 30 days later, another HEAT strike force led to the indictment and arrest of 27 physicians and other individuals in Houston, New York, Boston and Louisiana for Medicare fraud involving durable medical equipment and enteral nutrition.

Combine HEAT with Medicare recovery audit contractors, the commercial health plans’ beefed-up fraud investigation units, and enhanced HIPAA enforcement and prosecution authorities, and healthcare providers are facing a veritable flood of compliance enforcement activity. Smart providers can take three steps to immediately reduce their compliance exposure:

  • Review all of your healthcare business and financial relationships for additions and changes.

Business arrangements tend to evolve over time, and what was once legally compliant may no longer be so.  If a business relationship has expanded to include new partners, new locations, or new lines of business, an updated compliance analysis is indicated. When reviewing your relationships, take the government’s lead by following the money everywhere it leads and scrutinizing all related contracts. Amendments and even new contracts may be required.

  • Review your existing compliance policies and procedures from a “real-world” perspective. 

Remember those policies and procedures you worked so long and hard to develop? Have they actually been implemented or are they merely filling shelf space? For example, have you conducted any internal charting and billing audits? Have problems been discovered and, if so, have they been properly addressed? Have your employees received initial and ongoing compliance training and has it been documented? From the enforcers’ perspective, adopting compliance policies and procedures and failing to implement them may indicate that any compliance violations occurred “knowingly” rather than unintentionally.

  • Ensure that your compliance activities have appropriately addressed new legal developments.

During the past two years, we have witnessed a number of new compliance requirements and complex twists on previously settled issues. Are you adequately addressing the new FTC Red Flag Rules mandating identity theft prevention and detection measures? Have you updated your HIPAA Business Associate agreements to reflect the new requirements imposed by the HITECH Act? Are your ancillary services being performed and billed in compliance with the new anti-markup rules? Have your day-to-day activities changed in accordance with the latest Stark Law developments? If your answer to any of these questions is “no,” you likely have unnecessary compliance exposure and should take prompt corrective action.

Now more than ever, the key to minimizing legal compliance exposure is a proactive approach to compliance. By taking affirmative steps now to prevent, detect and correct compliance problems, providers can turn the current period of anxiety into an opportunity to avoid future problems.

Plunkett Cooney attorneys are available to help with all of your compliance needs from analysis of business arrangements, to development and revision of compliance plans, to enforcement action response and defense. For assistance, please contact your Plunkett Cooney attorney or, in the alternative, the leader of Plunkett Cooney’s Healthcare Industry Group, Mark S. Kopson, at (248) 901-4061; or