Articles on Compliance Strategies

Featured Health Business Daily Story Nov. 21, 2008

OIG Deputy Chief Imparts Key Lessons Learned From Corporate Integrity Agreements

Reprinted from REPORT ON MEDICARE COMPLIANCE, the nation's leading source of news and strategic information on false claims, overpayments, compliance programs, billing errors and other Medicare compliance issues.

By Nina Youngstrom, Managing Editor, (nyoungstrom@aispub.com)

As integrity agreements evolve to reflect the changing nature of the fraud-and-abuse landscape, there are some common themes that can benefit health care organizations even when their compliance programs are voluntary.

The purpose of corporate integrity agreements (CIAs) and voluntary compliance programs is the same: to "establish a culture that promotes prevention, detection and resolution of inappropriate conduct," said Tamar Terzian, deputy chief of the HHS Office of Inspector General's (OIG) Administrative and Civil Remedies Branch. "People not under a CIA can learn lessons from people who are."

There are now 380 integrity agreements, which includes CIAs and certificate of compliance agreements (which are a sort of "CIA Lite"), said Terzian. She spoke Oct. 6 at the Fraud and Compliance Forum in Baltimore sponsored by the Health Care Compliance Assn. and American Health Lawyers Assn. and in an interview with RMC.

The "vast majority" of organizations that implement CIAs don't jump ship after the term of the CIA expires, Terzian said. They continue their compliance programs in voluntary mode, moving forward with the budget and high profile generated by the CIA.

One of the more novel CIAs was imposed in September on Cephalon, Inc., a drug manufacturer, said Robert DeConti, chief of the Administrative and Civil Remedies Branch, who also spoke at the conference. Cephalon pleaded guilty to and paid $425 million "to resolve claims that it marketed three drugs for uses not approved by the Food and Drug Administration (FDA)," according to the Department of Justice. The plea involved an alleged crime that triggers permissive, not mandatory exclusion, he explained. Instead of exclusion, OIG required an extensive CIA with "unique" provisions, he said. The Cephalon CIA mandates compliance certifications from the board and top management, an independent review organization (IRO) review of the company's promotions and interactions between sales reps and physicians, a review of payments to physicians, a review of three additional items that OIG and Cephalon will select together to reflect mutual audit concerns, a number for physicians to call if they have questions about sales reps' conduct, and a public Web site posting of all Cephalon's payments to physicians. Cephalon also must send physicians a letter informing them of the settlement.

"This is a good bellwether for the direction CIAs are going," DeConti contended.

Training, IROs Are Effective Components

As for other integrity agreements, Terzian shared some of the insights she's had about what's generally effective in compliance based on her experience with mandatory agreements:

• Training: "Keep training fresh, updated and engaging," Terzian said, and use qualified trainers. Where applicable, train nonemployees, such as the medical staff. "We want these people trained as well because they're involved in billing," she said. Also, it's OIG's experience that Web-based computer training is more effective for large providers, such as hospitals. "With doctors and nurses running around, it's hard for the whole organization to stop for an hour and have them all come together and do training," she said. And it's easier to track. After completing a training module, trainees usually take a quiz, and if they fail, they must start over. When they pass, trainees certify completion, so it's all documented. "It's more interactive than a lecture format," Terzian said.
• Independent review organizations (which correspond to external audits in the voluntary compliance world): She said 75% of CIAs have mandatory IROs. Auditors must have expertise, proper credentials, knowledge of statistical sampling and the ability to follow audit protocols, said Terzian. Their firm should be "sufficiently staffed" and "independent." Make sure the auditor is an expert in the specific area being audited. In terms of CIAs, there have been IRO engagements all over the map, including reviews for clinical quality, claims, coding, billing, work performed by consultants, cost reports and off-label pharmaceutical use.
• Confidential disclosure programs: Terzian said OIG wants assurances that employees have the opportunity to report anonymously. In addition, employees should be able to report to someone outside their chain of command. OIG also likes Web-based reporting, she said. It allows the employee who reported the alleged misconduct to check (using a code) on how the organization is responding to their allegation (e.g., an investigation). "Organizations should publicize the existence of the disclosure mechanism," she said. Also drive home the nonretribution, nonretaliation policy. And keep a disclosure log.

Tell OIG quickly about overpayments, reportable events and ongoing investigations/legal proceedings. "Sometimes, if you report something under a CIA, we may kick it out to the Self-Disclosure Protocol. It's case by case," Terzian said. The bottom line is "don't let reports of misconduct sit in a drawer. Act quickly," she emphasized. "Quickly and thoroughly respond to reports of suspected misconduct, and take appropriate steps to resolve and prevent the identified deficiency."

Advertise With AIS

Privacy

Site Map