Category: Fraud and Abuse

CMS’ New Rule Targets “Bad Actors” and Anyone That Associates With Them

On September 4, 2019, the Centers for Medicare and Medicaid Services (“CMS”) issued a final rule allowing it to revoke health care providers’ and suppliers’ Medicare enrollment if they are affiliated with targeted “bad actors.” This first of its kind rule, issued as part of CMS’ Program Integrity Enhancements to the Provider Enrollment Process (CMS-6058-PC), will go into effect on November 4, 2019. According to CMS, this rule will “strengthen the agency’s ability to stop fraud before it happens by keeping unscrupulous providers out of our federal health care insurance programs.”

The new rule provides for several new tools in CMS’ arsenal against fraud, waste and abuse in the federal health care programs. First, it allows CMS to identify individuals and organizations that pose an undue risk based on their relationships with other previously sanctioned entities. CMS, in its press release, provides an example: “[a] currently enrolled or newly enrolling organization that has an owner/managing employee who is ‘affiliated’ with another previously revoked organization can be denied enrollment in Medicare, Medicaid and CHIP or, if already enrolled, can have its enrollment revoked based on the problematic affiliation.” Consistent with this approach, providers and suppliers are going to be required to disclose current or previous direct or indirect affiliations with a provider or supplier that has been suspended, excluded or had their enrollment revoked. The goal is to prevent those found to be involved in criminal and fraudulent conduct from continuing to reappear as part of new organizations or working with new individuals hiding behind their names.

Second, the rule will also permit CMS to now block providers and suppliers who are revoked from re-entering the Medicare program for 10 years, versus the historic 3 year revocation period before allowing re-enrollment. And, for those with second revocations, the provider or supplier can now be blocked from the federal programs for up to 20 years.

CMS believes that this new rule will help put a stop to the “pay and chase” approach that has been the historic model in addressing federal health care fraud.

As a result of this new rule, providers and suppliers will need to be even more mindful of who they do business with and understand that CMS will be taking an even more critical look at their Medicare enrollment if they affiliate with anyone who has had an issue with CMS. Given CMS will arguably be able to now act to revoke a provider or supplier based on a perception of a potential risk due to an affiliation with a “bad actor,” providers and suppliers will need to be even more vigilant given their enrollment could be targeted before they even realize there is any sort of issue. Thus, the onus is on providers and suppliers to be careful who they employ, hire, or otherwise do business with because CMS may lump you in with that “bad actor’s” reputation.

HHS Seeks Input From the Provider Community On Possible Changes to the Federal Anti-Kickback Statute and the Beneficiary Inducement Civil Monetary Penalty Law

On August 27, 2018, the Department of Health and Human Services (“HHS”), Office of Inspector General (“OIG”) published a request for information (“RFI”) seeking input from the public on how it might change the Federal Anti-Kickback Statute (“AKS”) and beneficiary inducement civil monetary penalty law (“CMP Law”) to eliminate barriers to coordinated care and value-based care. Any comments must be submitted by October 26, 2018 at 5:00 p.m.

The OIG’s request states that HHS is “working to transform the health care system into one that better pays for value.” Removing unnecessary government obstacles to care coordination has been identified by HHS as a key priority to accomplishing better care coordination. Accordingly, as part of its “Regulatory Sprint to Coordinated Care”, HHS is looking to identify regulatory provisions that act as barriers, assess whether they are unnecessary obstacles and either issuing guidance or revising regulations to remove the obstacles. The ultimate goal is “to encourage and incentivize coordinated care while protecting against harms caused by fraud and abuse.”

Part of this process is a review by the OIG to identify either new safe harbors that can be created under the AKS or new exceptions to the definition of “remuneration” under the CMP Law. The OIG has identified both of these laws as having a broad reach and a potential significant impediment to beneficial arrangements that would advance coordinated care. The AKS provides criminal penalties for individuals or entities that knowingly and willfully offer, pay, solicit or receive remuneration to induce or reward the referral of business that is reimbursable under Federal health care programs. (Section 1128B(b) of the Social Security Act). The CMP Law provides for the imposition of civil monetary penalties against any person who offers or transfers remuneration to a Medicare or State health care program beneficiary that the benefactor knows or should know is likely to influence the beneficiary’s selection of a particular provider, practitioner, or supplier of any item or service for which payment may be made, in whole or in part, by Medicare or a State health care program. (Section 1128A(a)(5) of the Social Security Act).

In addition, the OIG is looking for input on “[t]he structure of arrangements between parties that participate in alternative payment models or other novel financial arrangements designed to promote care coordination and value” and “terminology related to alternative payment models, value-based arrangements, and care coordination” to better assess where and how to make improvements. The goal is to identify and understand potential beneficial new ways of delivering health care so that appropriate safe guards can be put in place to avoid potential violations of the AKS and the CMP Law.

Another area of interest to the OIG is engagements with beneficiaries, whether through incentives or elimination of cost sharing obligations. The OIG has requested input on the types of incentives the industry would be interested in providing along with explanations of the type of incentive, how it is believed it would improve quality of care and what, if any, restrictions or guidance would be necessary. Similarly, the OIG seems willing to consider possible relief or elimination of beneficiary cost-sharing obligations and has requested input on how this might improve care and what the risks and safeguards should be if modifications were permitted.

Finally, the OIG has asked for input regarding (1) the current use of fraud and abuse waivers for testing delivery models, (2) possibly allowing donations or subsidies for cybersecurity related items or services, (3) accountable care organization beneficiary incentive programs and (4) options for further telehealth expansion.

It remains to be seen what, if any, changes will come about as a result of this RFI. However, it is a step in the right direction that the OIG is acknowledging the impediments of these laws and is beginning a dialogue on how to improve the system.

Beware CMS’ Ability to Preemptively Suspend or Revoke a Provider’s License

Most providers primarily worry about the financial impact of fraud and abuse and other compliance issues. However, as occurred recently in Dallas Texas, federal and state agencies can also come for a provider’s license either via a limitation, suspension or revocation causing far greater long-term and permanent damage to the institution. And, what is most troubling, is that the authority to take such action does not necessarily require the right of the provider to receive a hearing or even an opportunity to refute the allegations.

On August 18th a Dallas laboratory filed suit against federal and state officials and agencies seeking to temporarily restrain them from suspending or revoking the company’s federal laboratory licenses. This lawsuit was prompted as a result of federal inspectors allegedly finding regulatory violations in the way the laboratory operated and conducted business. It is believed that the federal and state investigations came as a result of a lawsuit filed by the private insurer, UnitedHealthcare, against the laboratory. In that lawsuit UnitedHealthcare claims that there were bribes and kickbacks to doctors and other providers during a five year period for overpriced and unnecessary drug and genetic tests.

According to a letter sent on May 10th from CMS to the laboratory’s officials, there were “systemic and pervasive problems throughout the laboratory which [] led to the findings of immediate jeopardy.” A finding of immediate jeopardy provides CMS with the authority under federal law to suspend, limit or even revoke a laboratory’s license to operate arguably without any right to a hearing or opportunity for the laboratory to refute the allegations.

These events demonstrate the broad authority held by CMS to pull licenses if it is believed that the ongoing actions are likely to cause patients injury, harm, impairment or death. This further underscores the critical importance of maintaining an effective compliance program and having proper protocols in place to perform internal audits/investigations and to respond to and remediate any outside audits/investigations. Furthermore, this laboratory is just the latest example of situations where claims and disputes with a private payer can quickly pivot to investigations and claims by the federal or state governments. Providers must be diligent in addressing the allegations of private payers and always be mindful of how those allegations may impact on federal or state health care programs. Failing to do so can place a provider in a detrimental position. And, for most providers, having their licenses suspended or revoked, even if just for the period of time the investigation is occurring, can be catastrophic to their business.