In its recent notice of proposed rulemaking setting policy for Medicare Advantage (MA) and the Prescription Drug Program (PDP) for calendar year 2020, CMS announced that it would establish extrapolation as a method to be used in risk adjustment validation (RADV) audits, and further, that it would not make any adjustments to account for errors in Medicare fee for service data in determining recovery amounts.

CMS uses a risk adjustment process to modify MA plan payments to better reflect the relative risk of each plan’s enrollees. Payments to each MA plan are adjusted based on risk scores that reflect enrollees’ health status (categorized into Hierarchical Condition Categories (HCCs)) and demographic characteristics derived from member claims data. To counteract incentives that a plan might have to over-report enrollee diagnoses, CMS emphasizes that all diagnoses submitted to enhance risk must be documented in a medical record, and uses RADV audits to ensure that medical record documentation exists, and thus, that payments to MAOs accurately reflect the level of risk assumed. Continue Reading CMS Announces and Solicits Comments on Expanded RADV Audit Methodology

On November 1, 2018, the Centers for Medicare & Medicaid Services (“CMS”) filed the pre-publication version of the CY 2019 Physician Fee Schedule Final Rule (“2019 PFS Final Rule”). Within this massive publication, CMS finalized two regulatory changes affecting the exceptions at 42 CFR § 411.357 to the Physician Self-Referral Law (also known as the “Stark Law”) for compensation arrangements. The 2019 PFS Final Rule reconciles the regulations with the statutory changes made to the Stark Law enacted by the Bipartisan Budget Act of 2018 (“2018 BBA”) with respect to (1) how arrangements may fulfill the “writing” requirement under the compensation exception and (2) how arrangements that initially proceed without a signed agreement may still meet the signature requirement of an applicable exception. Parties to financial arrangements in effect on or after February 9, 2018 that implicate the Stark Law may rely upon these new modifications.

The Stark Law generally prohibits a physician from making a referral of designated health services (“DHS”) to an entity with which he or she (or an immediate family member) has a financial relationship. Section 411.357 details several excepted compensation arrangements carved out from the “financial relationship” definition for the purposes of the Stark Law. These exceptions include arrangements for the rental of office space and equipment, bona fide employment relationships, group practice arrangements with hospitals, certain fair-market-value compensation arrangements, among others. Continue Reading 2019 Physician Fee Schedule Rule Modifies Stark Regulations to Reflect Statutory Changes

On October 3rd, the United States Senate passed a bipartisan opioids package with a sweeping vote of 98 to 1, after the U.S. House of Representatives passed the final version of the bill with a vote of 393 to 8. One of its components, the “Fighting the Opioid Epidemic with Sunshine Act,” expands the scope of reporting requirements under the Physician Payment Sunshine Act (known as the “Sunshine Act”), which will have immense implications for the pharmaceutical and medical device and supply industries.

Enacted at section 6002 of the Affordable Care Act in 2010 to increase transparency around the financial relationships between health care providers and drug manufacturers, the Sunshine Act requires “applicable group purchasing organizations” and “applicable manufacturers,” including pharmaceutical and medical device or supply companies with operations in the United States, to track and report payments and transfers of value that they make to “covered recipients,” currently defined to include physicians and teaching hospitals. These transfers of value include items such as consulting fees, honoraria for speaking events, and research grants.

The opioids legislation package expands the definition of “covered recipients” to include other types of health care professionals: physician assistants, nurse practitioners, clinical nurse specialists, registered nurse anesthetists, and certified nurse midwives. The new legislation additionally sunsets a prohibition in the Sunshine Act that prevents the inclusion of the National Provider Identifier on the CMS Open Payments website.

Given the Administration’s focus on the opioid crisis, identified as a “national emergency,” the expansion of the Sunshine Act reflects the reality that prescriptions of opioids and other drugs to individuals may come from health professionals who are not physicians. State “sunshine laws” that imposed reporting requirements on payments to these professionals have existed for a number of years, but the changes passed in the opioids package would make this standard the baseline for reporting covered payments nationwide. By the time these changes would be effective on January 1, 2022, applicable group purchasing organizations and manufacturers will need to update their Sunshine Act compliance and monitoring activities to account for the greatly enlarged scope of individual health care professionals to whom they may be providing direct or indirect transfers of value.

The expansion of the Sunshine Act’s covered recipient definition was introduced in the Senate version of the opioids package, and remained in the overall legislation despite vigorous opposition. To become law, the bill requires the signature of President Trump.

Federal agencies are signaling closer oversight of Medicaid managed care organizations (“MCOs”). On August 21, 2018, the U.S. Comptroller General Gene Dodaro and Centers for Medicare and Medicaid Services (“CMS”) Administrator Seema Verma testified to the Senate Homeland Security and Governmental Affairs Committee about combating Medicaid fraud and urged additional oversight of Medicaid MCOs and a larger restructuring of the Medicaid program. This testimony follows other steps taken by the Governmental Accountability Office (“GAO”) and CMS earlier this year to encourage increased scrutiny of Medicaid managed care programs.

GAO Reports Recommend Improved Oversight

           Over the past few months, GAO has released several reports focused on program integrity issues in Medicaid and urging increased oversight, including in the managed care context.

           In May, the GAO released the results of a study it conducted to determine whether the methodology used by CMS to calculate program integrity risks adequately measured the risks in the Medicaid managed care context. Using the Payment Error Rate Measurement (“PERM”) methodology, CMS had estimated that $37 billion in improper Medicaid payments were made in fiscal year 2017, equaling about 10.1 percent of the $364 billion in federal spending on Medicaid. For Medicaid managed care, which constitutes about half of total federal Medicaid expenditures, the improper payment rate determined under the PERM methodology was only 0.3 percent ($500 million in improper payments out of $171 billion in expenditures). In its study, the GAO found that the PERM methodology may not account for key program integrity risks such as unidentified overpayments and unallowable costs. GAO recommended that CMS take steps to mitigate program risks not measured in the PERM, consider revising the PERM methodology, or focus additional audit resources on managed care.

           In July, GAO released another report analyzing payment risks in Medicaid managed care, based on interviews with state program integrity stakeholders in ten states. The study identified six payment risks, four of which relate to the payments made by Medicaid agencies to MCOs and two of which relate to payments by MCOs to providers. The report identified two of the payment risks as being the most significant: (1) incorrect fee-for-service payments from managed care organizations to providers, and (2) inaccurate state payments to managed care organizations due to payments being determined on incorrect data. GAO recommended that CMS expedite planned guidance on Medicaid managed care program integrity, address impediments to managed care audits, and ensure that states account for overpayments when setting future capitation rates.

           The GAO has also released several other reports on Medicaid program integrity not specific to managed care. For instance, in June, GAO released a report highlighting the major program integrity risks for the Medicaid program generally. In August, GAO released reports assessing CMS’s oversight of state-reported Medicaid expenditures and recommending additional actions CMS could take to improve oversight of Medicaid.

CMS Increases Oversight

           CMS has taken steps to increase overall Medicaid program integrity oversight. On June 26, 2018, CMS announced several new initiatives and increased emphasis on existing initiatives intended to improve Medicaid program integrity and maintain sustainability of the program. In its press release on the initiatives, CMS noted that Medicaid spending has rapidly increased over recent years due to several factors, with specific mention of the Medicaid expansion. Three of the main initiatives aim to

  1. Emphasize program integrity in audits of state claims for federal match funds and medical loss ratios (MLRs).
  2. Conduct new audits of state beneficiary eligibility determinations.
  3. Optimize state-provided claims and provider data.

The initiatives enhance audit functions, oversight of state contracts with private payers, beneficiary eligibility oversight, and enforcement of state compliance.

Senate Testimony

           On August 21, 2018, Comptroller General Dodaro and Administrator Verma testified before the Senate Homeland Security and Governmental Affairs Committee on the topic of combatting Medicaid fraud. As committee members questioned Dodaro and Verma about oversight of Medicaid managed care programs, all parties appeared to support greater scrutiny.

           Notably, both Dodaro and Verma urged the senators to increase auditors’ review of managed care organizations. Administrator Verma specifically discussed a recent action by CMS to recoup an anticipated $9.5 billion in improper payments made by the State of California to managed care organization. Her written testimony echoed “concerns that managed care rates resulted in significant profits for insurance companies . . . .”

           Comptroller General Dodaro recommended that CMS utilize state auditors to reduce improper Medicaid payments and hold Medicaid programs accountable. He suggested that it would be a “game changer” to involve state auditors in a “substantive, ongoing way.” He noted that Medicaid is projected to cost the federal government and states nearly $1 trillion annually by 2025 and that the program accounts for one-third of many state budgets.

           Verma and Dodaro also directed particular criticism at the use of federal Medicaid funds on the Medicaid expansion population, as provided for under the Patient Protection and Affordable Care Act (the “ACA”). Dodaro criticized the Obama administration for not increasing oversight of Medicaid managed care plans upon the increased Medicaid enrollment caused by the expansion.

           In her testimony, Verma emphasized her support for structural changes to the Medicaid program, which she described as an “open-ended entitlement.” Administrator Verma attributed some of the government’s overspending to the high match rates that states receive for the Medicaid expansion population and urged for a new system that would make states accountable for outcomes. For example, she noted that the high match rate may have incentivized states to improperly keep pregnant women enrolled in the expansion population rather than appropriately transition them to traditional Medicaid when they become pregnant, as traditional Medicaid has a lower match rate.

           Overall, the committee members, Comptroller General Dodaro, and Administrator Verma all agreed that increased oversight is necessary under Medicaid managed care programs.

Conclusion

           Taken together, the reports, announcements, and testimony discussed here provide a clear signal from the Administration that Medicaid managed care is likely to become subject to increasing scrutiny. CMS and federal and state auditors have not yet taken significant concrete action, but MCOs may be well served to proactively evaluate and address program integrity risks related to their payments to providers and their premium rate payments from states.

The Health Care Group’s newest partners, William S.W. Chang and Laura M. Kidd Cordova, along with Counsel Stephanie D. Willis, have authored an Alert about the 21st Health Care Fraud and Abuse Control Program (HCFAC) annual report released last Friday.  The HCFAC report is a joint effort of the U.S. Department of Justice (DOJ) and the U.S. Department of Health and Human Services (HHS) that describes the expenditures, results, and enforcement actions of the previous fiscal year.  The authors note that compared to FY 2016, other than expanded efforts to combat the opioid crisis, enforcement remained more or less consistent with prior trends.  In monetary terms, HCFAC spending slightly increased, while overall monetary recovery and returns on investment in fraud prevention efforts significantly decreased.  Interestingly, however, the proportion of overall recoveries resulting from HHS auditing activities considerably increased.

Read the rest of the Alert’s analysis of the HCFAC report and register for our webinar next Tuesday, April 17th.  During the webinar, listeners will hear Will and Stephanie, who were attorneys employed by DOJ and the HHS Office of the Inspector General (HHS-OIG), respectively, give their insights about the significance of the report for health care companies and the health care industry.

 

The Department of Health and Human Services, Office of the Inspector General (OIG), modified its Work Plan to announce that the agency will be conducting a nationwide audit of hospitals that participated in the Medicare Electronic Health Records (EHR) Incentive Program (also known as the Meaningful Use Program).  The OIG review is focusing on hospitals that received Medicare EHR incentive payments between January 1, 2011 and December 31, 2016.

The OIG’s modification to its Work Plan follows last month’s report that CMS improperly paid an estimated $729 million in Medicare EHR incentives. In our prior client alert, we flagged these findings as a potential area for significant overpayment recovery actions and noted that such actions could pose risks for incentive payment recipients. Read our entire client alert on the OIG’s nationwide audit on hospitals that participated in the EHR Incentive Program Here.

First 100 Days LogoOn Tuesday, April 18, 2017, our Health Care Group will hold a webinar on the health care policy and transition challenges still at play as the Trump Administration nears the end of its 100 days in power.  During the webinar, participants will hear important insights and predictions on what a Trump-led Executive Branch will mean for health care industry stakeholders from:

  • Partner Xavier Baker, whose practice focuses on the regulatory and compliance aspects of commercial insurers’ participation in Medicare Advantage, Medicaid managed care, and the health insurance exchanges;
  • Counsel Gary Baldwin, the former deputy director of Plan and Provider Relations at the California Department of Managed Health Care (DMHC), with expertise in state insurance regulatory issues for commercial plans;
  • Partner Laura Cordova, the former assistant chief in the Fraud Section of the Criminal Division at the U.S. Department of Justice, who focuses primarily on counseling health care companies and executives in criminal, civil and administrative enforcement actions, which may still increase under a Trump administration; and
  • Counsel Stephanie Willis, who counsels health care entities in licensure and regulatory matters related to participation in health care reform incentive programs such as the Medicare Shared Savings Program and Meaningful Use.

Register for the webinar here.

On November 28, 2016, the U.S. Department of Health and Human Services Office of the Inspector General (OIG) issued an unfavorable advisory opinion (No. 16-12) that addresses the permissibility, under the federal Anti-Kickback Statute (AKS), of a laboratory’s proposal to label test tubes and collect specimen containers at no cost to, and for the benefit of, dialysis facilities. The OIG found that the arrangement may violate the AKS, potentially subjecting the laboratory to civil monetary penalties and exclusion from Medicare.

The laboratory in question provides testing services to dialysis patients pursuant to service contracts with dialysis facilities. Testing services provided by the laboratory are reimbursed by Medicare. Under the proposed arrangement, the laboratory would provide some of the dialysis facilities with free labeling services; the laboratory would label test tubes and specimen collection containers that would later be used by those dialysis facilities when sending specimens to the laboratory for testing. These labeling services would be provided to the dialysis facilities at no cost.

The OIG analyzed the applicability of the personal services and management contracts AKS safe harbor and found that the safe harbor would not apply. The safe harbor requires that the compensation paid for services be consistent with fair market value in an arms-length transaction. In the proposed arrangement, however, the dialysis facilities would not pay any compensation to the laboratory for the labeling services despite the value of those services to the dialysis facilities. As a result, the OIG determined that the proposed arrangement is inconsistent with fair market value, rendering the safe harbor inapplicable.

Under a factual analysis, the OIG found that the laboratory’s provision of services to dialysis facilities at no cost would be a tangible benefit to the dialysis facilities. The advisory opinion states that from such arrangements, an inference arises that the service is offered to induce the referral of business. In addition, an inference arises that the free labeling services would be intended to influence the dialysis facilities’ selection of a laboratory – an inference supported by the representation by the laboratory that the labeling services would be offered when necessary to retain or obtain business from dialysis facilities.

Interestingly, the same laboratory sought an advisory opinion of a factually identical arrangement in 2008 (No. 08-06) at a time when Medicare employed a composite rate reimbursement system for laboratory testing services. At that time, the OIG issued an unfavorable advisory opinion of the arrangement. Medicare now employs a bundled payment system in which all laboratory tests related to end-stage renal disease (ESRD) are reimbursed as part of the ESRD prospective payment system bundle (ESRD PPS). Reviewing the arrangement under the ESRD PPS, the 2016 advisory opinion found that OIG’s previous analysis of the arrangement applies, particularly since physicians are currently able to order separate laboratory tests unrelated to a patient’s ESRD. Due to this fact, the labeling services may constitute prohibited remuneration intended to induce or reward referrals for services reimbursed by Medicare. The arrangement viewed under both the composite rate reimbursement system and the ESRD PPS raise AKS concerns.

The AKS risk may be lessened in circumstances where laboratories bill for fewer separately reimbursable tests; however, the offering of such free services remains a concern. This advisory opinion highlights challenges laboratories may face in providing free services to entities with which they contract. As payment models shift toward bundled payments and value-based care, it remains important for providers to consider fraud and abuse risks that may arise.

On December 14, 2016, CMS issued an interim final rule with comment period to amend Medicare’s dialysis facility conditions for coverage to require certain disclosures to patients and health insurance issuers to address widespread concerns over inappropriate steerage of dialysis patients to individual market plans. After issuing an RFI about “inappropriate steering of people eligible for Medicare or Medicaid into Marketplace plans” by third parties in August 2016, CMS decided to focus on dialysis providers given the “overwhelming majority of comments [received in response to the RFI] focused on patients with [end-stage renal disease (ESRD)]” and “the high costs and absolute necessity of transplantation or dialysis” for people with ESRD.

CMS explained that reimbursement rates for dialysis and other ESRD treatment are “tens or even hundreds of thousands of dollars more per patient when patients enroll in individual market coverage rather than public coverage.” As such, providers have strong incentives to steer patients to private coverage and pay a few thousand dollars in premiums on their behalf. But doing so places patients at substantial health and financial risk. As CMS noted, third-party payment of premiums to enroll a patient in individual market coverage may interfere with transplant readiness, expose the patient to substantial financial harm for services beyond dialysis, and may result in mid-year coverage disruption.

To address these concerns, the interim final rule requires Medicare-certified dialysis facilities to disclose the array of costs and coverage options available to a patient, including the availability of Medicaid, Medicare ESRD coverage, and individual market plans, and to ensure that health insurance issuers are aware of and willing to accept a third-party’s payment of premiums on behalf of the patient. As summarized by the CMS Fact Sheet, providers must:

  • Make up-front disclosures to patients regarding their health insurance coverage options, including information about available individual market plans, Medicaid or Children’s Health Insurance Program (CHIP) coverage, and available options and costs of Medicare ESRD coverage.
  • Provide a summary of short- and long-term cost estimates of various health coverage options for patients and information on enrollment periods for those health coverage options.
  • Inform issuers of the individual market plans for which they make payments of premiums for individual market plans.
  • Receive assurance from the issuer that it will accept these payment of premiums for individual market plans for the duration of the plan year, or else not make such payments.

The interim final rule does not preclude providers from making charitable donations that support access to health care. CMS also noted that it remains concerned about third-party payment of premiums for persons who are eligible for public coverage, such as Medicaid or Medicare, and is considering whether to issue a blanket prohibition on third-party payment of premiums for such persons. CMS has solicited comments on this and alternative approaches, such as whether to allow third-party payments upon a showing that it was in the individual patient’s best interest. The comment period for the interim final rule closes on January 11, 2017 and the rule is effective on January 13, 2017.

On August 24, 2016, Judge Edgardo Ramos of the Southern District of New York approved a settlement in which Mount Sinai Health System (Mount Sinai) will pay $2.95 million to New York and the federal government to resolve allegations that it violated the False Claims Act (FCA) by withholding Medicare and Medicaid overpayments in contravention of the 60-day overpayments provision of the Affordable Care Act (ACA).  The provision creates FCA liability for healthcare providers that identify overpayments but fail to return them within 60 days, and the Mount Sinai settlement is the first one that specifically resolves allegations of violations of the provision.

The settlement stems from the qui tam action Kane v. Healthfirst, Inc., No. 1:11-cv-02325-ER, in which it was alleged that employee Robert Kane alerted Continuum Health Partners, Inc. (now a part of Mount Sinai) to hundreds of potential overpayments, and, instead of pursuing the refund of overpayments, Continuum fired Kane and delayed further inquiry.  Last year, as we discussed in a previous post, Judge Ramos denied Mount Sinai’s motion to dismiss and provided first-of-its-kind guidance on what it means to “identify” an overpayment and start the 60-day clock created by the ACA.  He opined that a provider has identified an overpayment if it has been “put on notice” that a certain claim may have been overpaid.  In February of this year, CMS released its final 60-day overpayment rule, largely adopting the same interpretation of “knowledge” and “identified” that Judge Ramos used.

Although the Kane court did not hold that the “mere existence” of an obligation under the ACA established an FCA violation, the 60-day period in the statute clearly carries a heightened risk of potential liability for providers that fail to carry out compliance activities or undertake an investigation once they have been given credible evidence of the existence of overpayments.  The settlement further signals to providers the importance of taking any allegation related to overpayments seriously, and to take swift action in order to be ready for the start of the 60-day clock deadline for returning any overpayments.