© 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | Jacqueline C. Leifer, Esq. Senior Partner Pennsylvania Association of Community.

Please download to get full document.

View again

of 35
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Information Report
Category:

Pets & Animals

Published:

Views: 0 | Pages: 35

Extension: PDF | Download: 0

Share
Related documents
Description
© 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | 3 I. Agency Updates The Latest on Enforcement Activities
Transcript
  • 1 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com Jacqueline C. Leifer, Esq. Senior Partner Pennsylvania Association of Community Health Centers: Hottest Topics in Compliance
  • 2 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 2 AGENDA I.Agency Enforcement Updates II.Key Policy Updates –FAPIIS –Health Center Program Compliance Manual III.Hottest Section 330 Compliance Risks IV.Addressing These Risks Through the Health Center’s Corporate Compliance Program
  • 3 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 3 I. Agency Updates The Latest on Enforcement Activities
  • 4 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 4 GOVERNING IN AN ENFORCEMENT ENVIRONMENT: OIG RETURN ON INVESTMENT Sources: OIG Budget Requests to Congress; Health Care Fraud and Abuse Control Program Annual Report (FY 2013, FY 2014, FY 2015, FY 2016) FY 2012FY 2013FY 2014FY 2015 Individuals and entities excluded from Federal health care programs 3,1313,2144,0174,112 Total health care fraud judgments and settlements $3.0 billion $2.6 billion $2.3 billion $1.9 billion Total OIG expected recoveries (including investigations and audits) $6.9 billion $5.8 billion $4.9 billion $2.4 billion Return on investment from various HCFAC activities $7.9 to $1 $8 to $1 $7.7 to $1 $8 to $1
  • 5 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 5 OIG ENFORCEMENT: TWO HEALTH CENTERS MUST RETURN ACA CAPITAL FUNDS Earlier this year, OIG recommended that two health centers each repay ACA capital development grant funds expended on unallowable costs: –$897,000: Health center was not using a building for the purposes described in its application, had inadequate financial management systems, did not maintain sufficient records for equipment purchases, and did not justify its decision to use a non-competitive bidding process in selecting a vendor –$35,000: Health center used ACA capital funds for unallowable construction consulting costs (consulting services for a facility not funded by the award), did not comply with procurement standards for construction-related contracts, did not separately account for grant funds, and did not properly track and maintain equipment purchased with grant funds Per OIG’s recommendation, HRSA must work with both health centers to ensure they strengthen their financial, property management and procurement controls over grant funds
  • 6 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 6 AGENCY ENFORCEMENT UPDATES Key issues for health centers include: –Noncompliance with federal or state laws Services provided at a facility that is not properly certified to operate under state law –Noncompliance with a health center’s § 330 grant application When a health center’s policies and/or practices are contrary to representations made in the grant application –Noncompliance with internal billing practices Staff must follow approved policies and procedures
  • 7 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 7 340B DRUG DISCOUNT PROGRAM UPDATES 340B Drug Discount Program Audits –Audits are on the rise (see next slide) –The audit process and related guidance is ever-changing –New this spring: once an audit report is finalized by OPA, the findings are summarized on OPA’s public website without input from the covered entity (CE) Previously, CEs provided OPA with a letter outlining the findings, which was then posted on OPA’s website, giving CEs the opportunity to frame and contextualize (and to speak directly to manufacturers about) audit findings PROPOSED 340B Program Omnibus Guidance (HHS/HRSA) –Published August 28, 2015 –DRAFT “Mega Guidance” proposed a major change to the patient definition with potentially broad implications for health centers, including: Prescriptions resulting from referrals to outside specialty care will not be covered because the service is not rendered at the health center site and is not billed by the health center –Final guidance anticipated by the end of 2016
  • 8 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 8 340B DRUG DISCOUNT PROGRAM: AUDITS ON THE RISE FYTOTAL AUDITS FQHC AUDITS FQHCs WITH FINDINGS 2012519 (18%) 6 (67%) 20139410 (11%) 7 (70%) 20149914 (14%) 8 (57%) 201520023 (12%) 19 (83%) 20168712 (14%) 5 (42%) Total53168 (13%) 45 (66%) Source: www.hrsa.gov/opa/programintegrity/auditresults (last updated 8/26/2016)
  • 9 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 9 HOT ISSUES IN 340B AUDITS Diversion –Contract pharmacy dispenses 340B drugs to non-patients –Prescription written by ineligible provider –No patient record documenting prescription –Delivery site not registered on OPA database Contract Pharmacies –No written contract –Actual delivery sites do not match OPA database Duplicate Discounts –Inaccurate record on OPA Medicaid Exclusion File Billing Medicaid contrary to data on file No NPI or Medicaid billing number registered –Using contract pharmacy to dispense to Medicaid fee-for service beneficiaries without method to prevent duplicate discounts Administrative –Registration of new health center sites with OPA –Wrong authorizing official or contact person –No, or inadequate, written policies and procedures for 340B program
  • 10 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 10 HIPAA ENFORCEMENT ACTIVITY: UPDATES ON AUDITS Phase 1 (2011- 2012): OCR conducted a pilot audit program to assess 115 covered entities’ (CEs) compliance with HIPAA requirements Phase 2 is HERE! –Every covered entity and business associate is eligible for an audit –On July 11, 2016, 167 covered entities were notified that they had been selected for desk audits; business associate audits will begin in the fall –OCR will conduct multiple sets or “rounds” of audits: Desk audits of CEs and desk audits of business associates to be completed by December 2016 Onsite assessments of either CEs or business associates – organizations receiving a desk audit may nonetheless be selected for an onsite audit –Updated protocol is available on website for review: http://www.hhs.gov/hipaa/for-professionals/compliance- enforcement/audit/protocol/index.html http://www.hhs.gov/hipaa/for-professionals/compliance- enforcement/audit/protocol/index.html –Additional Information and FAQs are also available through OCR’s website: http://www.hhs.gov/hipaa/for-professionals/compliance- enforcement/audit#when http://www.hhs.gov/hipaa/for-professionals/compliance- enforcement/audit#when
  • 11 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 11 Care New England Health System ($400,000): a covered entity in CNE’s System lost unencrypted backup tapes containing the ultrasound studies and associated PHI of approximately 14,000 individuals, resulting in a $150,000 settlement. CNE received a separate penalty for an outdated Business Associate agreement: the BAA between the two parties had not been updated in ten years and did not incorporate revisions required under the HIPAA Omnibus Final Rule. Advocate Health Care Network ($5.55 million): submitted breach notification reports for multiple incidents involving its subsidiary, Advocate Medical Group ("AMG") that, combined, affected nearly 4 million individuals. OCR found that AHCN did not conduct an adequate risk assessment, failed to implement policies and procedures to protect physical access to electronic information systems, and did not execute a Business Associate Agreement with AMG. University of Mississippi Medical Center ($2.75 million): UMMC submitted a breach notification report for a stolen laptop with ePHI impacting as many as 10,000 individuals. OCR’s investigation found that the entire wireless network could be accessed with a simple username and password putting more individuals at risk. In addition, OCR found that UMMC was aware of, but did not address, systemic vulnerabilities and, even after the stolen laptop, did not make changes for several more years. Oregon Health & Science University ($2.7 million): OHSU submitted multiple breach reports involving unencrypted laptops, a stolen, unencrypted thumb drive, and the storage of ePHI on a cloud server without a Business Associate Agreement. OCR determined that OHSU’s risk assessments were insufficient because the analysis did not cover all ePHI and OHSU did not timely implement measures to address any discovered risks and vulnerabilities. 2016 HIPAA ENFORCEMENT HIGHLIGHTS
  • 12 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 12 2016 HIPAA ENFORCEMENT HIGHLIGHTS New York Presbyterian ($2.2 million): NYP disclosed two patients’ PHI during the filming of “NY Med,” without patient authorization and despite a medical professional’s request to stop. NYP failed to safeguard PHI by allowing film crews virtually unfettered access to its facility. Raleigh Orthopaedic ($750,000): failed to execute a business associate agreement prior to turning over PHI for 17,300 patients to a potential business partner. Feinstein Institute for Medical Research ($3.9 million): self-reported a stolen laptop containing PHI for 13,000 patients and research participants. Further investigation found that policies and procedures were unable to address potential risks and vulnerabilities (e.g., lack of a system to track laptops containing PHI into and out of its facilities). North Memorial Health Care of Minnesota ($1.55 million): failed (1) to enter into a business associate agreement with a major contractor and (2) to institute an organization-wide risk analysis to address the risks and vulnerabilities to PHI. Lincare ($239,800): employee removed patient information from the office, left behind (and later abandoned) documents containing PHI of 278 patients in places where an unauthorized person had access. Complete P.T., Pool & Land Physical Therapy, Inc. ($25,000): impermissibly disclosed PHI when it posted patient testimonials, including full names and full face photographic images, to its website without obtaining valid, HIPAA-compliant authorizations
  • 13 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 13 II. Key Policy Updates
  • 14 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 14 Federal Award Performance and Integrity Information System (“FAPIIS”) –Government-wide database of information on the prior performance of federal procurement contractors and recipients of federal financial assistance Applies to recipients of federal financial assistance as of 1/1/2016 FAPIIS entries are publicly available, for the most part Not the same as the exclusions database in SAM –What information is stored in FAPIIS? Agencies must report certain decisions not to award grants as well as terminations of existing awards Information remains in the system for five years Agencies must check FAPIIS before making future awards Non-Federal entities (including health centers) are required to make certain mandatory disclosures if they meet certain thresholds (see next slide) FEDERAL AWARD PERFORMANCE AND INTEGRITY INFORMATION SYSTEM
  • 15 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 15 What does FAPIIS mean for health centers? –Health centers must self-report certain criminal, civil, and administrative proceedings if: The non-Federal entity receives more than $500,000 from HHS over the period of performance or over $10 million in aggregate federal awards The proceeding –is in connection with the award or performance of a federal grant, cooperative agreement, or procurement contract –occurred in the past five years, but not prior to April 5, 2011 –resulted in a conviction (criminal); a finding of fault and liability and payment of a monetary fine, penalty, reimbursement, restitution, or damages above $5,000 (civil); or a finding of fault and liability and reimbursement, restitution, or damages over $100,000 (administrative) –If a health center is listed in FAPIIS, it may impact the health center’s ability to compete for federal awards during the five-year reporting period. However, agencies are not prohibited from awarding funds to organizations listed in FAPIIS FAPIIS CONT’D
  • 16 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 16 Semiannually, health centers must report any new proceedings, or confirm that there are no reportable proceedings Health centers should routinely examine FAPIIS information because recipients (and potential recipients) of Federal awards have certain rights to: –Comment on agency entries –Contest erroneous entries –Seek protection of posted information that may be proprietary Though not required, it would be wise for health centers to check FAPIIS when making subawards or procurements to other organizations –It is not illegal to do business with an organization listed in FAPIIS, but may provide information to aid health center decision-making FAPIIS is available at: https://www.fapiis.gov/fapiis/index.action FAPIIS CONT’D
  • 17 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 17 DRAFT HEALTH CENTER PROGRAM COMPLIANCE MANUAL NEW: On August 23, 2016, the Bureau of Primary Health Care (BPHC) released the long-awaited DRAFT Health Center Program Compliance Manual –The Manual describes the Health Center Program Requirements, integrating policies described in PINs and PALs and providing concrete examples for demonstrating compliance with each requirement –The draft Manual will not be used during upcoming OSVs: reviewers have been instructed to use only current guidance (e.g., the Site Visit Guide, PINs, and PALs) If finalized as proposed, the Manual would: –Serve as a consolidated resource for interpreting the Health Center Program Requirements and the FTCA program –Supersede current HRSA policies including the Governance PIN 2014-01 and Sliding Fee PIN 2014-02, among others (see a full list on p. 6) –Serve as THE definitive guidance for Health Center Program policies and requirements Provide feedback to BPHC: Comments will be accepted until 11:59 PM on November 22, 2016 at: http://www.bphc.hrsa.gov/programrequirements/draftcompliancemanual/index.html http://www.bphc.hrsa.gov/programrequirements/draftcompliancemanual/index.html
  • 18 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 18 BPHC GUIDANCE THAT WOULD BE SUPERSEDED BY THE COMPLIANCE MANUAL If finalized as proposed, the Compliance Manual would supersede the following policies: –PIN 1994-07: Migrant Voucher Program Guidance –PINs 1997-27 and 1998-24: Affiliation Agreements of Community & Migrant Health Centers and Amendment to PIN 97-27 –PINs 2001-16 and 2002-22: Credentialing and Privileging of Health Center Practitioners and Clarification of PIN 2001-16 –PAL 2006-01: Dual-Status Health Centers –PIN 2010-01: Confirming Public Agency Status –PIN 2014-01: Health Center Program Governance –PIN 2014-02: Sliding Fee Discount Program –PAL 2014-08: Health Center Program Requirements Oversight –PAL 2014-11: Applicability of PAL 2014-08 to Look-Alikes
  • 19 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 19 BPHC GUIDANCE REMAINING IN EFFECT If finalized as proposed, the following policies would remain in effect and would NOT be superseded by the final Compliance Manual : –PIN 2007-09: Service Area Overlap –PIN 2007-15: Emergency Management Program Expectations –PIN 2008-01: Defining Scope of Project and Policy for Requesting Changes and additional related resources –PIN 2009-02: Specialty Services and Scope of Project –PIN 2009-05: Special Population-Only Grantees Requesting a Change in Scope to Add a New Target Population –PIN 2013-01: Budgeting and Accounting Requirements –Federal Tort Claims Act Health Center Policy Manual –Site Visit Guides –Uniform Data System (UDS) Resources
  • 20 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 20 Key issues to watch: –Inconsistent with updated requirements for Look-Alike applicants (e.g., the type and extent of services being delivered at the time of application) –Ability to have a contracted CEO/management team –Procurement rules appear to apply to all contracts, not just grant- supported contracts –Heightened expectation to demonstrate accessibility (e.g., distance and travel time) –Prohibition regarding Board member-employee relationships extended to individual contractors –Under the Sliding Fee Discount Program, a referral provider for in-scope services has to offer equal or greater discounts, but there is no mention of referral with payment –Affiliations PINs superseded – leaving little guidance on the do’s and don’ts –Patient definition from PIN 2014-01 altered to require that both the service and the site be in-scope for a consumer board member’s visit to qualify –Grantees receiving only Health Care for the Homeless and/or Public Housing Primary Care funding no longer exempted from certain governance requirements –Service Area Overlap PIN remains intact? DRAFT HEALTH CENTER PROGRAM COMPLIANCE MANUAL
  • 21 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 21 III. Hottest Compliance Risks
  • 22 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 22 OVERVIEW OF SECTION 330 HIGH RISK AREAS #16: Scope of Project #2: Required & Additional Services Services #7: Sliding Fee Discounts #10 & #11: Collaborations & Affiliations Management and Finance #17: Board Authority #18: Board Composition #19: Conflict of Interest Policy Governance
  • 23 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 23 Scope of Project –Maintain accurate and up to date Scope of Project –Segregate out-of-scope activities –Ensure Board review and approval of: needs assessment findings; service area and target population; health center sites, services, and locations; and new grant application(s) Required and Additional Services –Ensure mix and level of services is consistent with needs assessment / strategic plan –Determine most effective mode of delivery for each in-scope service; can vary by site –Ensure contracted service arrangements, hospitalization and other referral arrangements are formalized and compliant SECTION 330 HIGH RISK AREAS
  • 24 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 24 SECTION 330 HIGH RISK AREAS Sliding Fee Discount Program –Schedule of Charges should be consistent with locally prevailing charges and designed to cover the health center’s costs –Evaluate Schedule of Discounts annually to ensure discount levels and/or nominal fee amounts do not create a barrier to care –Ensure discounts offered by in-scope referral providers or pay the difference –Establish and/or review policies and procedures regarding: Eligibility / income verification documentation Waiver or reduction of fees for individuals who do not otherwise qualify for discounts Partial payment / discount schedules and policies Bad debt write offs and collection from self-pay patients Collaborations & Affiliations –Structure affiliations / collaborations in compliance with all Section 330-related requirements and, as appropriate, procurement rules –Address concerns regarding potential service area overlap with other health centers
  • 25 © 2016 Feldesman Tucker Leifer Fidell LLP. All rights reserved. | www.ftlf.com 25 Board Authority –Ensure bylaws a
Recommended
View more...
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks
SAVE OUR EARTH

We need your sign to support Project to invent "SMART AND CONTROLLABLE REFLECTIVE BALLOONS" to cover the Sun and Save Our Earth.

More details...

Sign Now!

We are very appreciated for your Prompt Action!

x