COMPLIANCEWHAT YOU DON’T KNOW CAN HURT YOU !

Presenters: Jennifer Richter CPA

Carolyn Lookabill

Notice of Disclosure

Richter Healthcare Consultants has produced this material as an informational reference. Richter Healthcare Consultants employees, agents, and staff make no representation, warranty, or guarantee that this compilation of information is error-free and will bear no responsibility or liability for the results or consequences of the use of this material. Although every reasonable effort has been made to assure the accuracy of the information within these pages at the time of publication, the healthcare environment is constantly changing, and it is the responsibility of each individual to remain abreast of the regulatory and reimbursement compliance. Any regulations, policies and/or guidelines cited in this publication are subject to change without further notice. Current Medicare regulations can be found on the Centers for Medicare & Medicaid Services (CMS) Web site at http://www.cms.hhs.gov.

3

Objectives for the Day

Participants will be able to: Describe the components of a compliance program Name at least three accounts receivable risk areas List and explain at least three performance indicators to

help ascertain the monthly efficiency of the SNF Business Office

List the sequential steps of the Triple Check process List and describe at least one of the compliance audit

programs Delineate the steps for denial management by Business

Office staff

5 A/R Risk Areas

Bad Debt/Lost Revenue Compliance Inefficiencies and Waste Cash Flow Theft

Risk #1- Bad Debt and Lost Revenue

Bad Debt Timely filing Poor admissions processes Lack of technical knowledge Lack of documentation Denial Management and Collections Inadequate software

Risk #1- Bad Debt and Lost Revenue

Lost Revenue Poor clinical documentation and MDS process Technical knowledge Charge tracking Software inadequacies

Risk #2- Compliance

Audit programs Lack of audit readiness Insufficient documentation of medical necessity Inadequate training and education Poor internal monitoring

Risk #3- Inefficiencies and Waste

Increased salaries and contract staff Poor productivity and performance Lines of credit-interest Consolidated billing

Risk #4- Cash Flow

Inability to cover expenses Late fees and penalties Interest and penalties Inability to reinvest in the business Community image Industry relationships Inability to obtain financing

Risk #5- Theft

Employee embezzlement Overt/covert

Theft of time Theft of supplies Any theft represents a theft of trust and

security…the foundation of your operations and the premise of your branding…advertising

How Can We Minimize Risk?

Admissions-Best Practices Compliance Processes Personnel Management Billing and Collection Standards Oversight and Monitoring

Admissions

Best Practices- Communication/education with family

Admissions staff, Nurse liaison Exchange of information

Verifications Medicare, third party insurances, prior SNF stays

Paperwork Hospital, Physician, resident Medicaid evidentiary

Contracts Inclusions/exclusions, pre-authorization requirements, billing & documentation

requirements Deal directly with carriers or use a service such as MNS

Costing of care Integration of Electronic Data with other providers

Admissions

Admissions is not about filling beds Admissions is about filling beds and then getting

paid for those beds Admissions is not a person or a department Admissions is a process…one that is impacted by

everyone in the facility Admissions practices from the inquiry forward

impact receivables

Compliance

Legislations and Programs Recent Compliance Changes Developing a compliance program Preparing for a compliance audit Compliance best practices

Compliance

Under the Medicare Prescription Drug, Improvement and Modernization Act of 2003 (MMA), CMS was required to take steps to streamline the claims processing and review process: CMS was required to replace the current Medicare Fiscal

Intermediaries (Part A) and Carriers (Part B) contractors with Medicare Administrative Contractors (MACs)

After setting up the new MAC regions, CMS created new entities, called Zone Program Integrity Contractors (ZPICs)

ZPICs have been taking over the Program Safeguard Contractor (PSC) audit and enforcement activities across the country. The change from PSC to ZPIC is mostly transparent The major difference is in the level of referrals for civil and

criminal referral

Compliance

Entities charged with responsibility for Billing Compliance oversight HHS-OIG (Office of the Inspector General) CMS (Center for Medicare & Medicaid Services)

Medicare Comprehensive Error Rate Testing (CERT) Program Zone Program Integrity Contractors (ZPICs) Recovery Audit Contractor Program (RAC)

Medicaid Medicaid Integrity Contractors (MICs) Medicaid Recovery Audit Contractor Program (MDRAC)

Compliance

CERT Main contributors to claim error rate determination

for SNF Insufficient documentation to support RUG code billed

Medical documents do not contain patient condition, type of treatment provided, documentation of therapy notes or progress notes submitted

No documentation of qualifying medically necessary three day inpatient hospital stay

Insufficient documentation submitted to support a medically necessary three day inpatient hospital stay or

Not submitting an authenticated hospital discharge summary for the dates of service in question

Compliance

If a SNF has a high volume of errors or denials, CGS will take any or all of the following actions: Referral to a ZPIC Expanded pre-payment review resulting in payment

delays

18

Compliance

ZPIC Actions Pre-Payment Audit Post-Payment Audit Suspension Revocation Referrals for Civil and Criminal Enforcement

Compliance

Medicaid Integrity Audit Program Audit Medicaid Integrity Contractors (MICs) are

entities with which CMS has contracted to perform audits of Medicaid providers across the country.

Audit MICs will perform field and desk audits. Providers usually will be selected for audits based

on data analysis by other CMS contractors. May also be referred by State agencies.

CMS will ensure that it’s audits do not duplicate any state audits nor interfere with potential law enforcement investigations.

Compliance

MIC Audit Process MICs have authority to request and review copies

of provider records, interview providers and personnel and have access to provider facilities.

Providers will generally have at least two weeks to respond to record requests and can request an extension, if necessary.

MICs will contact the provider to schedule an entrance conference. Notification letters will identify a primary point of contact at the MIC.

Compliance

RAC Program – Recovery Audit Contractor Provider selection is NON-subjective Areas of review (“issues”) approved by CMS Issues posted on RAC website prior to claim audit Two types of audits:

Automated Complex review

Post Payment Audit Recoupment through MAC

Review Demonstration Project findings: www.cms.hhs.gov/rac

Review the OIG and CERT reportsOffice of Inspector GeneralOIG Reports: www.oig.hhs.gov/reports.html

Comprehensive Error Rate Testing Program-CERTCERT: www.cms.hhs.gov.cert

Recent HIPAA Changes

Redefining of the term “business associate” to include sub-contractors that create, receive, maintain or transmit PHI on behalf of business associate

Requiring direct liability for business associates who fail to comply with the HIPAA rule requirements

Placing new limitations on the use & disclosure of PHI for marketing & fundraising

Restricting the sale of PHI without authorization Adopting a more objective breach notification threshold and new risk

assessment requirements

Recent HIPAA Changes

Allowing individuals access to PHI where requested & providing additional guidance on fee sharing

Restricting disclosure of PHI concerning treatment paid out of pocket Issuing new guidance regarding disclosures of PHI after an individual’s

death Requiring modifications and redistribution of notice of privacy

practices and Incorporating the HITECH Act’s increased & tiered civil money penalty

structure

Information provided by www.Rolflaw.com

Compliance for SNFsMarch 2013 Mandate

The Patient Protection and Affordable Care Act (ACA or ACT) includes section 6102 requiring NFs and SNFs to have in place a compliance and ethics program effective in “preventing and detecting criminal, civil and administrative violations under this Act and in promoting quality of care.”

8 Requirements for SNF Compliance Program

The organization must have established compliance standards and procedures to be followed by its employees and other agents that are reasonably capable of reducing the prospect of criminal, civil and administrative violations under this Act.

Specific individuals within high level personnel of the organization must have been assigned overall responsibility to oversee compliance with such standards and procedures and have sufficient resources and authority to assure such compliance.

8 Requirements for SNF Compliance Program

The organization must have used due care not to delegate substantial discretionary authority to individuals whom the organization knew, or should have known through the exercise of due diligence, had a propensity to engage in criminal, civil and administrative violations under this Act.

The organization must have taken steps to communicate effectively its standards and procedures to all employees and other agents, such as by requiring participation in training programs or by disseminating publications that explain in a practical manner what has happened.

8 Requirements for SNF Compliance Program

The organization must have taken reasonable steps to achieve compliance with its standards, such as by utilizing monitoring and auditing systems reasonably designed to detect criminal, civil and administrative violations under this ACT by its employees and other agents and by having in place and publicizing a reporting system whereby employees and other agents could report violation by others within the organization without fear of retribution.

8 Requirements for SNF Compliance Program

The standards must have been consistently enforced through appropriate disciplinary mechanisms, including, as appropriate, discipline of individuals responsible for the failure to detect an offense.

After an offense has been detected, the organization must have taken all reasonable steps to respond appropriately to the offense and to prevent further similar offenses, including any necessary modification to its program to prevent and detect criminal, civil and administrative violations under this Act.

8 Requirements for SNF Compliance Program

The organization must periodically undertake reassessment of its compliance program to identify changes necessary to reflect changes within the organization and its facilities.

Increased costs of SNF Compliance

March 2013 requirement for SNFs to establish a compliance program

SNFS must “separately report expenditures for wages and benefits for direct care staff.” Info must be made available to interested parties.

Facility must electronically submit direct care staffing information

SNFs must conduct criminal records, fingerprint checks and search State-based abuse and neglect registries and databases on all prospective employees who have patient access

Increased costs of SNF Compliance

Disclosure of ownership interests for owners of NFs NFs must “have reports with respect to any surveys,

certifications and complaint investigations” made within the past three years “available for any individual to review upon request”, must also “post notice of the availability of such reports” in a prominent and accessible to the public locations

Increased costs of SNF Compliance

The owner, operator, employee, manager, agent or contractor of an LTC facility that received at least $10,000 in federal funding, must report to 1 or more law enforcement entities in the facility’s political subdivision any reasonable suspicion of a crime.

Personnel Management

Smart hiring practices Job descriptions and performance

measurements Monitoring Sufficient training and ongoing education Staffing levels based on facility size and type Evaluation protocol

Personnel Management

Smart Hiring Practices Written application vs. resume only-obtain recent work references

Look for errors, check handwriting, length of tenure at past positions, gaps in employment without explanation

Team or group interview Involve department head, co-workers in at least one stage of the interview

process Background checks Situational questions Skills testing

Excel Sample spreadsheets

Personnel Management

Job Descriptions Written job descriptions which include:

Technical and skill requirements for the position Description of job duties and tasks Delineation of organizational chart or supervisory chain Performance measures

Monitoring

Review key indicators Enlist third party process review Conduct job performance evaluations Follow disciplinary track Require minimum continuing education hours

Personnel Management

Training and Education Orientation including 1:1 training Written Policies and Procedures In person or online tutorials & resources for

technical topics Medicare University Regional or Corporate training by the employer Trade or Professional association training via

seminar/webinar Online software tutorials e.g. Excel, billing software

Personnel Management

Staffing levels Industry standard is one FTE in the business office

per 100-150 beds Not including responsibility for:

Human Resources Payroll Accounts Payable Clerical Supervision

Personnel Management

1:1 mentoring and supervision Can new employees shadow seasoned employees?

Use of performance measures Timely filing deadlines Bad debt ratios

Counseling and re-education if needed Disciplinary actions 30 day performance improvement plan

Provide opportunities for ongoing training as appropriate Trade association webinars and seminars List-servs CMS-SNF open door forums Vendor training

Billing and Collection Standards

Software and technical resources Communication Accuracy checks and balances

Triple Check process Technical knowledge of revenue and payer

requirements Denial management Lost revenue charge capture

Oversight and Monitoring

Aging reviews Performance indicators Internal auditing Process review Cash Monitoring Safeguarding A/R and cash Loss Prevention

Oversight and Monitoring

Aging Reviews Regular A/R Reviews with the Business Office

Watch for red flags Private Pay > 30 days Medicare > 30 days Medicaid > 30 days Medicaid Pending Managed Care > 30 days Co-insurance 45-60 days

Oversight and Monitoring

Performance Indicators Days Sales Outstanding (DSO)

Benchmark is 40 days or less

DAYS SALES OUTSTANDING (DSO) EQUATION:

GROSS REVENUE FOR 3 MONTHS DIVIDED BY DAYS

(I.E. 90-92 DAYS) = DAILY AVERAGE REVENUE

CURRENT A/R DIVIDED BY DAR(DAILY AVERAGE REVENUE) =

DAYS SALES OUTSTANDING (DSO) Trend Analysis

Shows aging breakdown by payer and age Shows percentage of A/R from current, 30-60 day and 90 days+

Bad debt should be less than 1% of net revenue

Oversight and Monitoring

Compliance audits Review accuracy of claim data to the chart

Beneficiary Information MDS Information

RUG Comparison Dates (ARD, SOT, COT, EOT, EOT-R, etc. Therapy Minute

Nursing Documentation Physician Orders Supportive of Therapy / Skilled Care Continuation MARS / TARS

Process Review

Charge capture Verify reconciliation to source documents and

census Consolidated Billing practices

Cash processes Daily deposit

Segregation of duties Reconciliation to source documents Documentation storage

Process Review

Billing ( by payer) Medicaid

Verification of charges and claim data Reconciliation of patient resources

Medicare Part A Verification of charges and claim data Triple Check process/Compliance

Process Review

Private Pay Pre-billing? Charge capture-reconciliation

Third Party insurances/payers Verification of charges and claim data

Process Review

Denial Management / Remittance Reconciliation Process

Collections Fair Debt / Collections Act Consistent Processes

Adjustments Documentation / Prior Approval

Process Review

Month End AR Reconciliation Revenue Test Checks & Balances

Resident Trust

Process Review

Documentation Review Questionnaire Review Sample of Accounts for Appropriate Billing /

Collection Compare Processes to Corporate Compliance Plan /

Policy & Procedure Manual

Process Review

Plan of Correction Implementation of Corrective Action

Creation of Compliance Plan / Policy & Procedures Monitoring Compliance Performance Evaluation

Oversight and Monitoring

Cash Monitoring The monthly cash collections should be fairly

consistent Payment receipt by payer:

Medicare- 14 days Medicaid- 7-10 days Managed Care-Electronic- 2-3 weeks Managed Care-Hard Copy- 45 to 60 days Private Pay- facility policy but should be 10-15 days

Oversight and Monitoring

Loss Prevention Segregation of duties should require a minimum of

two staff members to complete a deposit from start to finish

A lockbox or scan directly to the bank is an option to reduce the risk of lost or stolen checks

Medicare, Medicaid and most insurance companies have Electronic Funds Transfer (EFT)

Checks should require more than one signature

Top 10 Recommendations for Compliance

1. Establish a Compliance strategy per the March 2013 mandate

2. Appoint and empower a Compliance Officer/Team

3. Get a copy of the OIG 2013 Workplan for SNFs

4. Learn about the various audit programs such as RAC, ZPIC, CERT, etc. via trade associations, list servs, compliance training

5. Implement the Triple Check process for Medicare claims prior to submission

6. Implement an internal compliance audit process

7. Review all Business Associate Agreements for compliance

8. Review all PHI disclosures, tracking systems and privacy notice procedures

9. Provide training for staff re False Claims Act. Ensure that employees know what and when to report…without retaliation

10. Sign up to receive any of the industry updates on compliance

Resources for Additional Compliance Info

MLN Matters Articles/MedLearn - Medicare Learning Network Keeping providers up to date on Medicare changes

Listservs - Mailing lists where you can pick and choose which topics you’d like to be informed about

Open Door Forums - opportunity for live dialogue between CMS and the provider community

Quarterly Provider Updates – Changes to regulations, major policies, manual instructions

Professional Association newsletters Medicare Carriers Manual

National and Local Coverage Determinations Medicaid Manual

Resources for Additional Compliance Info

• Recovery Audit Contractor Program- www.cms.gov/rac• Office of the Inspector General- www.hhs.oig.gov• HC Pro- www.hcpro.com

Resources for Additional Compliance Info

www.hcpro.com The RAC Report RAC websites and list servs

CGI- http://racb.cgi.com www.aapc.com

American Association of Professional Coders For additional information regarding coding

Contact Richter Healthcare Consultants Today!

Phone: (216) 593.7140Toll Free: 1.866.806.0799Fax: (216) 593.7141Email: jennifer.richter@richterhc.com carolyn.lookabill@richterhc.comWeb: www.richterhc.com

Visit: 8948 Canyon Falls Blvd. Suite 400 Twinsburg, OH 44087