Warning! Physicians, please share this article with your management consultants, CPAs and any other advisers who look over your claims submission, records documentation and contracting activities. Inadvertently, they may be placing you and themselves in serious trouble!
The problem stems from the dramatic new fraud rules imposed on providers by the Health Insurance Portability and Accountability Act of 1996, initially known as the Kennedy-Kassebaum Law. The cumulative dangers from these expanded rules make it extremely important for physicians and other health care providers to assess their internal operations, correct deficiencies and assemble a practical compliance program to govern ongoing operations.
Repeated billing deficiencies may now be evidence of fraudulent activity, when the government believes the provider has been "recklessly indifferent" to compliance with reimbursement rules. Physicians are already re- ceiving carrier review letters that request specific medical records because of statistical outliers in claims submissions. The provider is denied reimbursement while the carrier or intermediary reviews the records and determines whether to deny reimbursement because of incorrect coding, insufficient documentation, lack of medical necessity, duplicate billing or some other reason. When a significant number of problems are identified in this review, the carrier or intermediary will take any — or perhaps all — of the following actions:
* Review additional medical charts, both for claims already reimbursed and those submitted but not yet paid;
* Freeze payment and obtain further data;
* Conclude that, because 40 percent (for example) of the reviewed records reveal billing errors, 40 percent of all claims submitted by the provider over the past period are likely to be inaccurate, and based on that extrapolation, demand repayment of those amounts plus interest, fines and even penalties, or
* Refer the provider's file to the carrier's or intermediary's internal fraud unit and then to the Office of Inspector General of the Department of Health and Human Services to evaluate whether the problems suggest that the provider submitted intentionally or recklessly inaccurate — i.e., false — claims. Either way, an investigation may ensue.
These dangers require providers to take carrier or intermediary review letters extremely seriously and undertake a careful internal review of their internal operations. This internal review will enable the provider to identify the nature of the problems, how widespread they are, how accurate any statistical extrapolation by the carrier or intermediary may be, and what sort of response strategy is appropriate.
It can be even better to undertake this sort of review before receiving an inquiry. Not only can problems be corrected before the carrier scrutinizes the provider, but the implementation of proactive solutions will help persuade the government in any subsequent review that problems are probably isolated and inadvertent errors rather than evidence of fraud.
But if these internal reviews are handled incorrectly, they may bring more trouble than they fix! This is because of questions of confidentiality and privilege. Specifically, information identified by the provider in assessing its compliance, as well as any documents created by that analysis and any notes taken in connection with that analysis, must be turned over to the government (or to the investigatory carrier or intermediary) upon its request. And if the government undertakes a fraud investigation, it is virtually certain to request this sort of information as part of its "discovery" efforts in preparation for prosecution. Information identified by a consultant, CPA or other non-privileged adviser must be delivered upon request. The adviser's reports and work notes must also be turned over.
The dangers that thus arise from the careless identification of practice problems by providers and their advisers are numerous and substantial. If a party to a lawsuit is permitted to review this information, the provider will have assisted in identifying pertinent information, analyzing that information and consolidating that information into summary conclusions. If an adviser also gives a report to the provider which states, "You have problems X, Y and Z; you should correct these problems, repay overpayments to the government and then implement a compliance plan," this set of recommendations is discoverable by the government/carrier/intermediary/plaintiff. If the provider fails to fix the problems, the government will come down on the provider with substantial penalties and fines. To the inspector general, almost nothing is worse than failing to correct a known problem.
Variations of this problem may also occur. If that same report were to suggest a particular solution to the problem, and the provider instead implemented an acceptable alternate solution, the failure to act as recommended in the report could lead to enhanced scrutiny, suspicion and, perhaps, attempted sanctions by the government if it believes that the provider's failure to implement the precisely recommended solutions means that no acceptable solution was implemented. Similarly, if the report recommended that certain alleged overpayments be repaid by the provider, but the provider concluded after further analysis with a competent lawyer that the alleged billing violation was not certain and therefore present repayment was not required, the government or carrier/intermediary might view the failure to repay as evidence of the provider's willful continuing violation of the law. The provider would then be put in the unfortunate position of having to explain why its failure to act on the report's recommendations was nonetheless justifiable.
Finally, if the physician were to conclude that a recommended compliance program was not yet essential, and that the practice merely needed to correct the deficiencies specifically identified, the provider would be in full compliance with the law at that point. Nothing in the law requires compliance programs; providers merely are required to obey the reimbursement rules. But, in our example, failure to implement a recommended compliance program may suggest to the government that the provider failed to take other recommended actions or has an indifferent attitude toward compliance generally. Either assessment will create more suspicion.
There is a solution to this conflict: Compliance work usually should be handled under the direction of a competent health lawyer, working with competent advisers and provider staff, paying careful attention to the delicate requirements of the attorney-client privilege. Such an arrangement can respond to problems while protecting the confidentiality of your analyses and conclusions.
Next month we will discuss how the attorney-client privilege works in this context.