There's a new type of insurance policy out there. You may have heard about it. Many national, state, and local medical societies sponsor it. If you're a physician or physician group, you may even have one. It insures against violations of Medicare and Medicaid fraud and abuse.
Most such policies are extremely limited in scope. They cover legal expenses incurred by the insured physician arising out of governmental proceedings instituted against the physician. Not just any governmental proceedings, mind you, but ones that are limited to civil proceedings alleging Medicare or Medicaid fraud or abuse or other violations of Medicare or Medicaid guidelines arising from the presentation of a claim by the physician, actually or allegedly erroneous, for reimbursement.
Then, of course, there are conditions to coverage: Typically, coverage for any legal expense will not extend to any event or circumstance which the insured physician knew, or could reasonably have known, might result in legal expense of the kind covered under the policy.
I haven't even gotten to the exclusions, deductibles, and maximum limits of coverage!
Truth is, it's not my purpose here to be critical of fraud-and-abuse policies. They're generally inexpensive, and so there's no harm in having this kind of coverage. But physicians need to understand that a fraud-and-abuse policy hardly reduces the risks associated with fraud and abuse investigations and the potential civil and criminal sanctions that can result.
The best way for physicians to insure against fraud and abuse suits is with self-insurance — specifically, compliance planning.
A well-thought-out and carefully implemented compliance program can go a long way toward reducing the risk that a practice will be the subject of an audit or investigation in the first place. By establishing a framework pursuant to which legal and policy changes can be disseminated quickly and in an orderly fashion to all practice employees, a compliance program can significantly lessen the probability of repetitive billing errors that give rise to liability under fraud-and-abuse laws.
As part of a compliance program, a practice should assess its legal, consulting, and billing needs to ensure that all applicable information is being brought to its attention. A practice should have appropriate advisers (legal and consulting) and/or adequately trained staff, to ensure that the practice is aware of changes in laws, regulations, and billing requirements.
Moreover, the existence and implementation of a compliance plan can have a dramatic effect on penalties imposed in the event a civil or criminal action is brought against a physician. The accepted framework for a compliance plan stems from the federal sentencing guidelines for organizations that establish uniformity in sanctions.
Under the guidelines, judges have little or no discretion in setting fines. Rather, they are set by formula. Base fines can vary depending upon the particular offense: They are then multiplied by a culpability score that can be adjusted depending on aggravating or mitigating factors. An example of an aggravating factor could be the failure of a physician to cooperate with the government during an audit or investigation. Another might be for the physician to obstruct justice during an investigation or audit by destroying or tampering with records. (Obstructing justice can also be prosecuted as a crime, even if the original audit or investigation does not lead anywhere.)
In contrast, the implementation of an effective compliance plan is recognized as a mitigating factor, potentially resulting in the reduction of a fine that would otherwise have been imposed by the government in a particular instance.
A properly implemented compliance plan may also help a practice take advantage of the attorney-client privilege as a tool to protect the practice. There may be practical reasons for a practice ultimately to choose not to take advantage of the privilege, principally due to its desire to cooperate fully with the government during an investigation and thus to turn over all relevant requested information. But it is still better for the practice to be in a position to choose to waive the privilege, rather than to have no privilege at all.
One example of such a circumstance could be where a practice, as part of its compliance process, desires to conduct an audit with the assistance of a consultant. If the practice engages the consultant directly, the attorney-client privilege will not apply to the report and the government, without the knowledge of the practice, could subpoena records of the consultant.
However, if the practice proceeds through legal counsel as part of its own compliance initiatives, it may be successful in invoking the attorney-client privilege. In such circumstances, the government may be required to subpoena the practice directly, which would put the practice on notice at a much earlier point in an investigation. Ultimately, the same records and reports may be turned over to the government, but the potential for application of the attorney-client privilege may force the government to proceed in a different manner.
Implementing compliance initiatives may also help a practice protect itself from whistle-blower suits, also known as qui tam suits. These are suits brought by, or with the help of, private individuals who have an incentive because they get a percentage of the recovery, if any. Disgruntled employees are often the source of qui tam litigation.
Enlist the staff
If, as a result of implementing a compliance plan, a practice routinely and in good faith inquires whether its employees are aware of any improper activity of the practice or its employees or agents, the practice may be in a position at a later time — after an employee brings a qui tam action — to argue that the employee indicated he was unaware of any such activity. This could potentially harm the qui tam suit or be considered a mitigating factor under the guidelines. Practices should consider implementing such inquiries on a formal, written basis as part of employee annual evaluations.
As far as I'm concerned, the protection and benefits physicians can get from compliance planning is right up there with malpractice insurance.
You wouldn't replace that with a fraud and abuse insurance policy? Would you?