Understanding the regulations governing the delivery of healthcare is challenging. Compliance is crucial to avoid sanctions, penalties, and even criminal liability. Here’s an introductory guide on how healthcare providers in New Jersey and New York can best protect themselves.
Understanding the Regulatory Landscape
Providers must adhere to a multitude of laws and regulations that govern all businesses, and others that are specific to the healthcare industry, including, but not limited to:
• Health Insurance Portability and Accountability Act (HIPAA)
• Stark Law
• Anti-Kickback Statute
• False Claims Act
• Medicare and Medicaid Regulations
• State-specific healthcare laws
Additionally, all insurers have an exhaustive list of rules and often ambiguous policies that providers must adhere to, or face allegations of inappropriate billing and even fraud. Staying up to date with all of these feels impossible, but is essential to avoid legal issues and preserve the ability to operate.
Common Compliance Pitfalls
- Inattention to Compliance: Failing to implement and maintain a robust Compliance Program including a Compliance Plan, required policies and protocols, necessary patient forms, a comprehensive and targeted HR manual, annual training, self-monitoring and enforcement.
- Inadequate Documentation: Incomplete or inaccurate record-keeping can lead to allegations of lack of medical necessity from payors and of record-keeping violations from professional boards seeking action against a provider’s license.
- Improper Coding, Billing & Collection Practices: Upcoding, unbundling, and billing for services not rendered will expose providers to payor actions, civil and criminal allegations, and licensure discipline. Other less-obvious billing deficiencies also pose a risk to investigation, audit, penalties, and pay-back demands. Regular training, oversight including regular audits, and corrective actions are critical to avoid unnecessary exposure.
- Improper Ownership and Corporate Structure: Several states, including New Jersey and New York, have strict CPOM, or corporate practice of medicine laws that prohibit lay-ownership of medical practices and entities that are not licensed facilities. It is important to pay close attention to these laws when starting any healthcare business, and when considering new ventures and affiliations.
Implementing Effective Compliance Programs
An effective compliance program should include the following elements:
• Written Compliance Plans
• Written Policies, Procedures, and Protocols
• Required and Recommended Patient Forms
• Designated Compliance Officers
• Compliance Committee and focused Sub-Committees
• Ongoing Training, Education and Monitoring
• Establishing Clear Internal Communication Channels
Conducting Regular and Effective Audits
Self-audits are essential for identifying, correcting and curtailing issues before they become major problems for a provider. Audits should focus on:
• Billing, Coding and Collections: Ensure that these practices align with current regulations and payor guidelines.
• Record-Keeping: Ensuring that medical records, billing & collection records, patient forms and HR records are compliant, complete, accurate, and securely stored.
• Privacy & Security: Assessing and improving the protection of PHI (protected health information), and the safety and security of patients and employees.
Responding to Compliance Issues
Prevention is always best. However, even the most conscientious providers may face an issue. When compliance deficiencies are alleged or discovered, it is crucial to act immediately:
- Immediate Action: Notify the Compliance Officer who should work with the provider to reach out to their healthcare attorney right away.
- Root Cause Analysis: Conduct a thorough investigation to determine the root cause of the compliance breach, and the employees involved.
- Corrective Action Plan: Implement clear corrective measures to prevent future occurrences, which may include additional training, policy revisions, or disciplinary actions, over a defined timeline.
- Self-Reporting: Communicate with counsel to determine if self-reporting is required or recommended, and follow through.
Conclusion
Compliance is a critical, ongoing process that requires planning, vigilance and proactive measures. By understanding the regulatory landscape, avoiding common pitfalls, implementing effective compliance programs, and regular and documented monitoring, healthcare providers can best navigate the complexities of healthcare regulations.
At Garcia-Watts Law, LLC, we are experienced in helping healthcare providers get and remain compliant with the relevant laws, regulations and payor requirements to ensure your practice operates within the legal framework. Contact us today to learn how we can help protect you.
