travis sutphin manager, regulatory & compliance compliance training program 1
TRANSCRIPT
Travis SutphinManager, Regulatory & Compliance
COMPLIANCE TRAINING PROGRAM
1
Welcome to Compliance Training
•This training includes:▫ 7 Elements of an Effective Compliance Program▫ Reporting compliance violations ▫ Non-Retaliation Policy▫ Non-compliance or fraud violation▫ Who to contact▫ Fraud and Abuse Prevention▫ HIPAA Compliance Training▫ Principles of Professional Conduct
2
HIPAA
3
Health Insurance Portability and Accountability Act (HIPAA)• Health Insurance Portability and Accountability Act (HIPAA )
▫ Privacy – Protection for the privacy of Protected Health Information (PHI) effective April 14, 2003 (including Standardization of electronic data interchange in health care transactions, effective October 2003)
▫ Security – Protection for the security of electronic Protected Health Information (e-PHI) effective April 20, 2005
• Health Information Technology for Economic and Clinical Health Act (HITECH)
▫ Extends Privacy and Security provisions of HIPAA to business associates of covered entities, including criminal and civil penalties
▫ Breach notification requirements for unsecured PHI
4
What is the difference between Privacy & Security
• The Privacy Rule sets the standards for how covered entities and business associates are to maintain the privacy of Protected Health Information (PHI)
• The Security Rule defines the standards which require covered entities to implement basic safeguards to protect electronic Protected Health Information (e-PHI)
5
What is HIPAA?
• Protects the privacy and security of a patient’s health information
• Provides for electronic and physical security of a patient’s health information
• Prevents health care fraud and abuse
• Simplifies billing and other transactions, reducing health care administrative costs
6
Who must follow HIPAA
• The covered entity consists of CarePoint Health Plan and its employees, to the extent that such employees use and disclose individually identifiable health information ▫ Other covered entities include providers, billing clearing houses,
FDRs and contractors
• Business Associates: ▫ A person or entity which performs certain functions, activities, or
services for CarePoint Health Plan involving the use and/or disclosure of PHI, but the person or entity is not a part of CarePoint Health Plan or its workforce.
▫ CarePoint Health Plan is required to have agreements/contracts with business associates that protect a member’s PHI
7
Covered Transactions Consist of…
• Enrollment and disenrollment• Premium payments • Eligibility• Referral certification and authorization• Health claims• Health care payment and remittance advice
8
What patient information must we Protect?
• Protected Health Information (PHI)• Relates to past, present, or future physical or mental condition of
an individual; provisions of healthcare to an individual; or for payment of care provided to an individual.
• Is transmitted or maintained in any form (electronic, paper, or oral representation)
• Identifies, or can be used to identify the individual.
9
Examples of PHI(Health Information with Identifiers)
• Name• Address (including street, city, parish, zip code and equivalent geo
codes)• Any date (birth, admit date, discharge date, date of death)• Telephone and Fax numbers• Electronic (email) addresses• Social Security Number• Medical Records• Any other unique identifying number, characteristic or code
10
What is the most important thing to remember about HIPAA…
11
…YOU may not use or disclose an individual’s protected health information, except as otherwise permitted, or required, by law. If you have questions, please see your Supervisor or the Compliance Department.
Acceptable uses of PHI
• Treatment• Includes direct patient care, care coordination, referrals
• Payment• Includes any activities required to bill and collect for health care
services provided to patients• Health Care Operations
• Includes business management and administrative activities, quality improvement, compliance, competency, and training
12
Acceptable Uses of PHI
• Must use or share only the minimum amount of PHI necessary, except for requests made: for treatment of the patient by the patient, or as requested by the patient to others by the Secretary of the Department of Health & Human Services (DHHS) as required by law to complete standardized electronic transactions, as required by HIPAA Healthcare operations
• CarePoint Health Plan must get a signed authorization from the member for any other use or disclosure of PHI. The authorization must: Identify who may use or release the PHI and identify who may receive the PHI Identify when the authorization expires Be signed by the member or someone making health care decisions (personal
representative) for the member
13
Acceptable Uses of PHI:Copying, Downloading and Faxing Information
• Employees should not download or copy any PHI, except as necessary to perform their jobs. As a general rule PHI should not be removed from the premises.
• Faxing is permitted. Always include, with the faxed information, a cover sheet containing a Confidentiality Statement:• The documents accompanying the transmission contain confidential privileged
information. The information is the property of CarePoint Health Plan, Inc. and intended only for use by the individual or entity named above. The recipient of this information is prohibited from disclosing the contents of the information to another party.
• If you are neither the intended recipient, or the employee or agent responsible for delivery to the intended recipient, you are hereby notified that disclosure of contents in any manner is strictly prohibited. Please notify [name of sender] at [facility name] by calling [phone #] immediately if you received this information in error.
14
Member Rights
• The right to request restriction of PHI uses & disclosures
• The right to request alternative forms of communications (mail to P.O. Box, not street address; no message on answering machine, etc.)
• The right to access and copy patient’s PHI
• The right to an accounting of the disclosures of PHI
• The right to request amendments to information
15
How does HIPAA Affect Your Job
• Only use, view and discuss PHI if you need it to do your job
• Only share PHI with those who need it to do their job
• Refrain from discussing PHI in public areas, such as elevators and reception areas
• Don’t be careless or negligent with PHI in any form
• You must report to the Manager, Regulatory & Compliance any breach in confidentiality
16
HIPAA Best Practices
• Secure PHI in locked offices and cabinets
• Dispose of PHI by shredding
• Remove PHI immediately from any commonly used copiers, printers and fax machines
• Lock your computer any time you leave your work area
17
HITECH
• HITECH is a part of the American Recovery and Reinvestment Act of 2009
• Amends certain sections of HIPAA creating new requirements for covered entities and their business associates regarding health records, Breach notifications, increased enforcement and penalties
• The law requires covered entities and business associates to notify individuals, the Secretary of Health and Human Services and, in some cases, the media in the event of a breach of unsecured protected health information▫ Unsecured
1. Information must be encrypted or destroyed in order to be considered “secured”
2. Information that has not been rendered unusable, unreadable, or indecipherable to unauthorized individuals
18
HITECH and Breach Situations
• A Breach is an unauthorized acquisition, access, use or disclosure of PHI that compromises the security of the PHI
• Examples include:▫ Laptop containing PHI is stolen▫ Receptionist who is not authorized to access PHI looks
through member records▫ Billing statements containing PHI mailed or faxed to the
wrong individual/entity
19
Exceptions to Breach
• Unintentional acquisition, access, use or disclosure by a workforce member (“employees, volunteers, trainees, and other persons whose conduct, in the performance of work for a covered entity, is under the direct control of such entity, whether or not they are paid by the covered entity”) acting under the authority of a covered entity or business associate▫ Example: billing employee receives and opens an e-mail containing PHI
about a member which a UM nurse mistakenly sent to the billing employee. The billing employee notices he is not the intended recipient, alerts the UM nurse of the e-mail and then deletes it. The billing employee unintentionally accessed PHI to which he was not authorized to have access. However, the billing employee’s use of the information was done in good faith and within the scope of authority, and therefore, would not constitute a breach and notification would not be required, provided the employee did not further use or disclose the information.
20
Exceptions to Breach (continued)…
• Inadvertent disclosures of PHI from a person authorized to access PHI at a covered entity or business associate to another person authorized to access PHI at the same covered entity, business associate, or organized healthcare arrangement in which covered entity participates
• If a covered entity or business associate has a good faith belief that the unauthorized individual, to whom the impermissible disclosure was made, would not have been able to retain the information▫ Example: EOBs are sent to the wrong individuals. A few of them
are returned by the post office, unopened as undeliverable. It could be concluded that the improper addresses could not have reasonably retained the information. The EOBs that were not returned as undeliverable, however, and that the covered entity knows were sent to the wrong individuals, should be treated as potential breaches.
21
Reporting Breaches
• All employees who suspect a Breach has occurred must report it immediately to the Compliance (Privacy) Officer and Manager, Regulatory & Compliance
• Breaches must be reported to :▫ The affected individuals (without unreasonable delay and in no
event later than 60 days from the date of discovery—a breach is considered discovered when the incident becomes known to the Covered Entity or Business Associate not when the covered entity or Business Associate concludes the analysis of whether the facts constitute a Breach)
▫ Secretary of Health & Human Services-HHS- (timing will depend on number of individuals affected by the breach)
▫ Media (only required if 500 or more individuals of any one state are affected)
22
Conflicts of Interest,
Gifts and Entertainment
23
Conflicts of Interest (COI)
• It is the policy of CarePoint Health Plan to prohibit employees and other associates from engaging in any activity that conflicts or appears to conflict with the interests of CarePoint Health Plan. Examples:
• Individual has the opportunity to use his or her position for personal financial gain or to benefit a company in which the individual has a financial interest.
• Outside financial or other interests may inappropriately influence the way in which an individual carries out his or her responsibilities.
• When an individual’s outside interests otherwise may cause harm to CarePoint Health’s reputation, staff, or patients.
• Employees are required to disclose any conflict or potential conflict the employee or family member may have.
Conflicts of Commitment
• Exists when an outside relationship that may deter an individual from devoting an appropriate amount of time, energy, creativity, or other personal resources to his or her CarePoint Health Plan responsibilities.
• Examples:• Selling Mary Kay cosmetics during working hours• Assuming multiple part-time positions not allowing to meet required
commitment timeframe• Assuming directorship position requiring significant time involvement
and having conflicting schedule in private practice
Gifts and Entertainment• You are prohibited from accepting any compensation (gifts, favors,
money) from patients, patient’s family members or vendors except items such as candy, fruit, flowers, etc. – absolutely no cash! (refer to CarePoint Health Plan Code of Conduct)
Outside EmploymentOutside Employment
Outside employment must be reported on the Conflict of Interest questionnaire and you must notify HR and your supervisor
You may not use CarePoint Health time or materials in connection with your outside job.
Medicare, Medicaid and other Regulations
Compliance Requirements
27
Centers for Medicare and Medicaid Services (CMS)
• Federal regulatory agency that provides oversight of Medicare, Medicaid and Children’s Health Insurance Program
28
State Agencies: Division of Medical Assistance and Health Services and Medicaid Fraud Division
• The Medicaid Fraud Division of the Office of the State Comptroller works; to the efficiency and integrity of State Medicaid, FamilyCare, and Charity Care. They investigate, detect and prevent Medicaid fraud and abuse.
• The Division of Medical Assistance and Health Services (DMAHS) administers Medicaid and NJ FamilyCare programs.
29
Compliance Requirements
• Training upon hire, and annually thereafter and in response to any issues that may arise where education is beneficial
• Compliance incorporates measures to detect, prevent and correct fraud, waste and abuse
• Compliance is communicated, using training and educational materials, and through the ethical behavior of all staff
• CarePoint Health Plan FDRs (subcontractors) must also ensure processes are in place to comply with regulations, develop applicable policies and procedures, and have compliance programs that address the 7 elements of an effective compliance program in accordance with CMS Guidelines
30
Compliance is Your Responsibility
• All employees and contractors are held accountable for compliance▫ Compliance is a part of our day-to-day responsibilities▫ Managers must ensure that employees are fully trained in all
standards, policies and procedures▫ Employees should request additional training to ensure they are
performing/behaving in compliant manner▫ It is your responsibility to know when and where to report any
concerns or issues you may encounter
31
7 Key Elements of an effective Compliance Program
• Written Compliance Policies & Procedures & Standards of Conduct• Chief Compliance Officer with direct access to the CEO and Board• Education And Training for all staff• Effective Lines of Communication• Consistent enforcement of well publicized disciplinary standards• Effective system for Routine Monitoring, Auditing & Identification
of Compliance Risks• Quick and appropriate response to any deficiencies identified by
employees or during audits
In addition, there is a Code of Business Conduct and Ethics
32
Compliance Officer & Compliance Committee
• Compliance Officer – you can reach the compliance officer at [email protected] or by calling 201-821-8705
• Manager of Regulatory & Compliance at [email protected] or by calling 888-671-6191
• Compliance Committee – made up of senior level staff and responsible for helping to identify compliance issues and supporting compliance efforts
33
Written Policies and Procedures
• CarePoint Health Plan has a Code of Business Conduct and Ethics• CarePoint Health Plan is committed to integrity, ethical conduct and
legal/regulatory compliance and has implemented policies to support this effort
• All entities contracted to perform work related to Medicare and Medicaid Services programs must review CarePoint Health Plan’s Code of Business Conduct and Ethics booklet as well as policies and procedures unless they can demonstrate that they have policies and procedures to address Ethical Conduct , as well as Fraud, Waste and Abuse
34
Disciplinary Actions• Compliance violations are subject to disciplinary action
▫ Non-compliance with the Compliance Program Standards will be subject to disciplinary action.
• The Compliance Officer recommends discipline based on the nature, frequency and severity of the non-compliant act
• Working with the Director of Human Resources and the supervisor (and the CEO, if necessary), the Manager, Regulatory & Compliance will determine the best course of disciplinary action including:▫ Verbal warning▫ Written warning▫ Suspension▫ Termination▫ Restitution.
35
Disciplinary Actions
• CarePoint Health Plan believes coaching and counseling are the best tools for correcting non-compliant performance▫ Our goal is to have a culture of compliance where each employee
performs well and succeeds in their role• Managers should document all coaching/counseling sessions related
to non-compliance• If coaching is unsuccessful, repeated incidents of non-compliance will
result in further corrective actions• Serious non-compliant offenses may result in more advanced steps of
corrective action up to and including immediate termination• Disciplinary standards are applied fairly without regard to position
36
Auditing & Monitoring
• Risk Assessment and Work Plan
• External Audits by government contractors or initiated by CarePoint Health Plan in response to issues or suspected non-compliance
• Internal Audits based on the annual work plan or in response to suspected non-compliance
• All employees and contractors are expected to fully cooperate with all auditing and monitoring activities.
37
Responding to Compliance Issues
• The Manager, Regulatory & Compliance, or designee, thoroughly investigates each report of an alleged violation
• Confirmed cases of violations will be handled as follows▫ Corrective actions will be implemented ASAP▫ Self-reporting to government agencies, involvement of legal counsel
when overpayment is identified (see policy). Self reporting helps with mitigating FWA, saving money for the State and Federal Governments. NJ Law provides for a fair and reasonable process.
▫ To prevent future violations, there will be immediate training and potentially a review of policies and procedures to determine any needed revisions
▫ Follow-up auditing and monitoring
38
Non-Intimidation, Non-Retaliation• CarePoint Health Plan will not discriminate or retaliate against
anyone who, in good faith, reports violations of laws or regulations, the Principles of Professional Conduct, or CarePoint Health Plan policies, whether those violations are by an employee or contractor
• In addition, employees are protected by federal law against any retaliation for taking action under the federal False Claims Act
• Retaliation should be reported to the Director of HR or the Manager, Regulatory & Compliance
• Please remember to report non-compliance in “good-faith”. False reports may lead to disciplinary action
• You can report directly to the Manager, Regulatory & Compliance by emailing [email protected] or by calling XXX-XXX-XXXX
• You can report confidentially by calling the hotline number at : 888-671-6191
39
Fraud, Waste and Abuse (FWA)• HealthCare Fraud is defined in Title 18, United States Code (U.S.C.) § 1347(a)
(1) and (2) as:▫ Knowingly and willfully executing, or attempting to execute, a scheme or
Artifice to defraud any healthcare benefit program or to obtain (by means of false or fraudulent pretenses, representations, or promises) any of the money or property owned by, or under the custody or control of, any healthcare benefit program.
• Abuse is defined as excessive or improper use of services or actions that are inconsistent with acceptable business or medical practice. It refers to incidents that, although not fraudulent, may directly or indirectly cause financial loss such as charging in excess for services or supplies, providing medically unnecessary services and billing for items or services that are not covered.
• Waste is the overutilization of services, or other practices that, directly or indirectly, result in unnecessary costs to the Medicare and Medicaid program. Waste is generally not considered to be caused by criminally negligent actions but rather the misuse of resources.
40
Why is this important and what can we do?• Scams alone cost the health care industry more than $100 billion
annually• Saves dollars for the health plan• Detecting, correcting and preventing fraud, waste, and abuse
requires collaboration between▫ CarePoint Health Plan Employees▫ Providers of services, such as physicians, nurses and pharmacies▫ FDRs▫ State and Federal Agencies▫ Members
41
Where can we find examples of FWA?
• A physician, nurse, pharmacist or other practitioner• A pharmacy, hospital , home health agency or other institutional
provider• A clinical laboratory, DME provider or other supplier• An employee of any provider or vendor• A billing service• A Pharmacy Benefits Manager (PBM)• A beneficiary• Any individual in a position to file a claim for a Medicare or Medicaid
benefits
42
Some Examples
• Billing for missed appointments or services never rendered, • Equipment a member never received or continuing to bill for
equipment which was returned• Billing that appears to be a deliberate application for duplicate
payment, altering claim forms, electronic claim records, medical documentation to obtain a higher payment amount
• Incorrect reporting of diagnosis or procedures to maximize payments• Unbundling or “exploding” charges, misrepresentations of dates and
descriptions of services furnished or the identity of the beneficiary or the individual who furnished the services, billing non-covered or non-chargeable services as covered items or failing to return an overpayment
43
Examples of Potential Provider Fraud
• Submitting photocopies instead of original documents, submitting several medical bills on different dates, with the same or overlapping dates of service for the same patient
• White-out and varying ink color on claims, which may indicate altered or fabricated claims, threats to go to legal action or government agencies if payments aren’t settled quickly, excessively large claims or absence of documentation or medical records
44
Examples of Potential Member Fraud
• A member who allows someone else to use their insurance card (e.g. ineligible member using eligible member’s services)
• Members who intentionally misrepresent information in order to enroll in a plan or to have specific benefits covered once enrolled in the plan (e.g. misrepresentation of medical condition)
• Failure to report other health insurance and intentionally causing a payor to be primary when it should be secondary
• Pharmacy-related Fraud▫ Prescription forging or altering▫ Theft of DEA number or prescribing pad
• Submitting false claims
45
Examples of FWA Related to Agents & Brokers
• Unlawful marketing• Offering cash inducements• Unsolicited door-to-door sales• Use of unlicensed agents• Embezzlement• Identity theft• Requiring premium upfront
46
Examples of Fraud related to Finance
• Receiving Medicare or Medicaid premiums for members who are not enrolled or should not be enrolled
• Diverting funds• Publishing false financial statements• Paying claims to a tax ID that does not belong to the billing provider• Colluding with vendors during the bid process so the vendor is
guaranteed award of the bid
47
Examples of Fraud by Utilization Management
• Directing members to a healthcare provider who is a friend or family member
• Denying services as not medically necessary in order to save CarePoint Health Plan money
• Authorizing services which are medically unnecessary services
• Coaching a member on how to present a medical condition to a provider or to the health plan so it is covered
48
Examples of Fraud by Provider Relations
• Credentialing providers who do not meet CarePoint Health Plan’s credentialing standards
• Limiting providers in a specialty in order to increase referrals to a specific provider
• Incentivizing a provider to not provide medically necessary services
49
Examples of Fraud by Senior Management
• Failing to notify the board of compliance risks and acts of non-compliance, especially which would make the health plan liable for sanctions, legal and/or regulatory actions, civil penalties, and other liabilities
• Neglecting to address and appropriately respond to confirmed cases of fraud and abuse
• Neglecting to self-report and/or return overpayments to CMS
50
When Fraud is Detected
• Improper payments must be paid back• Providers/companies maybe barred from participation in
government-sponsored health insurance programs• Fines can be levied• Law enforcement may be contacted• Arrests and convictions may occur• Employees will be disciplined, which may include termination• Contractors will be sanctioned, which may include requests for
corrective action plans and termination of the agreement
51
When Member Fraud is Detected• Members…
▫ Could lose their benefits▫ Their medical records could be wrong▫ May be limited to certain doctors, drug stores, and hospitals
This is called a “lock-in” program▫ May have to pay money back
• With government programs, such as Medicare and Medicaid , members may be fined or arrested for fraud
52
What Federal Laws Regulate Fraud & Abuse
• False Claims Act (FCA) • Stark Law • Anti-Kickback Statute • HIPAA • Deficit Reduction Act • Criminal Penalties for Acts involving Federal Health Care Programs • The False Claims Whistleblower Employee Protection Act • Administrative Remedies for False Claims and Statements
53
Required Sanctions Check
• It is the responsibility of CarePoint Health Plan to ensure that NO employee is excluded from participating in the Medicare and Medicaid Program.
• Sanctions checks (OIG, SAM, NJ, NY and PA State Debarment) are done upon hire and now monthly to ensure employees have not been excluded.
• Examples include fraud, abuse, defaulting on government loans, violations of any practice act, etc.
False Claims Act
•31 U.S.C. §§ 3729-3733•Also, N.J. False Claims Act, 2A:32C-1, et seq. •Forbids submitting a claim known to be false; making or
using a false record or statement material to a false claim or obligation; conspiring to defraud by improper submission of false claims; or concealing, improperly avoiding, or decreasing an obligation to pay money to the government
•Potential penalties for violation: ▫ Violators of the False Claims Act are liable for three times the dollar amount
that the government is defrauded and civil penalties of $5,500 for each false claim.
▫ Exclusion from participation in federal health programs
55
Stark Statute
• 42 U.S.C. § 1395nn
• Also known as Physician Self-Referral Statute
• Prohibits a physician from making a referral for certain designated health services to an entity in which the physician (or a member of his/her family) has an financial ownership/investment interest or with which he/she has a compensation arrangement unless an exception applies
56
Anti-Kickback Statute
• 42 U.S.C. § 1320a-7b(b)
• Prohibits offering, soliciting, paying or receiving remuneration for referrals for services that are paid in whole or in part by the Medicare and Medicaid program
• In addition, the statute prohibits offering, soliciting, paying or receiving remuneration in return for purchasing, leasing, ordering, arranging for, or recommending the purchase, lease or order of any goods, facility, item or service for which payment may be made in whole or part by the Medicare and Medicaid program
57
Deficit Reduction Act
• Public Law No. 109-171, § 6032, passed in 2005• Designed to restrain Federal spending while maintaining the
commitment to the federal program beneficiaries• The Act requires compliance for continued participation in the
programs• The development of policies and education relating to false claims,
whistleblower protections and procedures for detecting and preventing fraud & abuse must be implemented
58
False Claims Act (FCA) DRAFT 11.12.13
• Federal FCA was written to address issues that arose out of the Civil War. (a.k.a. “Lincoln’s Law)
• President Lincoln asked Congress to write a law so that the Government could go after companies that sold faulty equipment like rifles to the United States. The law was written and passed
• The False Claims Act provides both criminal and civil penalties, contains a qui tam provision, and permits a the “whistleblower” to collect a portion of the damage
• Program Fraud Civil Remedies Act • This final rule implements the Program Fraud Civil Remedies Act of 1986
(PFCRA), which authorizes NSF (Nat’ Science Foundation) to impose, through administrative adjudication, civil penalties and assessments against any person who makes, submits, or presents, or causes to be made, submitted, or presented, a false, fictitious, or fraudulent claim or written statement to the agency.
• NJ Health Care Claims Fraud Act• This law makes health care claims fraud a criminal offense and provides
for the forfeiture of professional licenses (i.e. medical, dental, chiropractic, nursing) in certain instances in which a practitioner commits health care claims fraud. The law also extends to non-practitioners who commit health care claims fraud (i.e. hospital billing personnel).
Additional Federal and State Regulations
• NJ Medical Assistance and Health Services Act- This law provides for criminal penalties for fraud committed in connection with the New Jersey Medical Assistance (Medicaid) Program. A criminal penalty of up to $10,000 or imprisonment for not more than 3 years or both shall apply as follows:
• Any person who willfully obtains medical assistance benefits to who he/she is not entitled to and on any provider who willfully receives medical assistance payments to which it is not entitled;
• Any person or entity who, with an intent to fraudulently secure benefits not authorized or in greater amount than authorized;
• Knowingly and willfully makes or causes to be made any statement or representation of a material fact in any cost study, claim form, or any document necessary to apply for or receive any benefit or payment under the Act;
• Conceals or fails to disclose the occurrence of an event which affects an initial or continued right to benefit payment;
• Any provider, person or entity who solicits, offers, or receives any kickback, rebate, or bribe in connection with the furnishing of services for which payment is made under the Act or whose cost is reported to obtain benefits or payments under the Act, or the receipt of any benefit or payment under the Act.
• This statute also allows for civil penalties in addition to the criminal penalties for violations of the Act.
Additional Federal and State Regulations DRAFT 11.12.13
• NJ False Claims Act• The New Jersey False Claims Act is a statute that imposes civil
liability equal to that of the federal False Claims Act on any person or entity who knowingly submits a false claim, uses a false record or uses a false statement to an employee, officer or agent of the State, or to any contractor, grantee or other recipient of State funds, for payment or approval
Additional Federal and State Regulations DRAFT 11.12.13
• New Jersey law prohibits an employer from taking any retaliatory action against an employee because the employee does any of the following:• Discloses, or threatens to disclose, to a supervisor or to a public body an activity, policy or
practice of the employer or another employer, with whom there is a business relationship, that the employee reasonably believes is in violation of a law
• Provides information to, or testifies before, any public body conducting an investigation, hearing or inquiry into any violation of law, or a rule or regulation issued under the law by the employer or another employer, with whom there is a business relationship
• Provides information involving deception of, or misrepresentation to, any shareholder, investor, client, patient, customer, employee, former employee, retiree or pensioner of the employer or any governmental entity
• Provides information regarding any perceived criminal or fraudulent activity, policy or practice of deception or misrepresentation which the employee reasonably believes may defraud any shareholder, investor, client, patient, customer, employee, former employee, retiree or pensioner of the employer or any governmental entity
• Objects to, or refuses to participate in, any activity, policy or practice which the employee reasonably believes: 1. is in violation of a law, or a rule or regulation issued under the law or, if the
employee is a licensed or certified health care professional, constitutes improper quality of patient care
2. is fraudulent or criminal3. is incompatible with a clear mandate of public policy concerning the public health,
safety or welfare or protection of the environment. N.J.S.A. 34:19-3.
NJ Conscientious Employee Protection Act
NJ Conscientious Employee Protection Act• The protection against retaliation, when a disclosure is made to a
public body, does not apply unless the employee has brought the activity, policy or practice to the attention of a supervisor of the employee by written notice and given the employer a reasonable opportunity to correct the activity, policy or practice. However, disclosure is not required where the employee reasonably believes that the activity, policy or practice is known to one or more supervisors of the employer or where the employee fears physical harm as a result of the disclosure, provided that the situation is emergency in nature.
64
Fraud & Abuse Prevention Strategies
• Prevention - Engage beneficiaries and providers, educate providers on billing mistakes, stop and prevent future improper payments and deny or revoke an individual’s or organization’s application for participation in the network if there is evidence of impropriety such as previous convictions or false information on the application, or if the provider does not meet state/federal licensure or certification requirements
• Detection - Identify and report potential fraud, identify trends that indicate fraud, quickly identify new fraud schemes
• Recovery - Recover improper payments, work to suspend payments to providers subject to credible fraud allegations
• Reporting - Everyone has a responsibility to report instances of suspected or potential fraud and abuse and you can do so without fear of retaliation. You can also report confidentially.
65
Reporting Suspected or Potential Violations
• Internal options for reporting compliance violations:▫ Manager, Regulatory & Compliance:
[email protected] or by calling▫ Compliance Hotline: (888) 671-6191▫ Compliance Fax: (908) 378-7846
66
Reporting Suspected or Potential Violations
• External options for reporting compliance violations:▫ New Jersey Office of the Attorney General: 1-609-292-4925▫ New Jersey Department of Health, Office of Professional
Misconduct:▫ New Jersey Department of Banking and Insurance, Frauds
Bureau: 1-800-446-7467▫ Call 1-800-MEDICARE or Call 1-800-HHS-TIPS▫ Medicaid Fraud Division: 888-937-2835
67
CarePoint Health Plans FDR Employee Attestation
I have reviewed and understand the information contained within the attached slides (Compliance Training Program) and agree to comply with all the stated regulations. As an employee of an CarePoint Health Plan FDR, I understand that failure to comply with the stated regulations could lead to disciplinary action(s).
Employee Name:_____________________________Employee Signature:__________________________Employer Name:_____________________________Date:______________________________________
68