Weiss Zarett Brofman | Sonnenklar & Levy, P.C. | Attorneys At Law

High Quality Services And Personal Attention

New York’s Mandatory Compliance Program Obligation Deadline Approaching

On Behalf of | Jan 19, 2019 | Articles, Business Law, Healthcare Law

By Mathew J. Levy, Esq. & Stacey Lipitz Marder, Esq.

As per applicable New York State law, certain providers in New York State are required to have an effective compliance program in place and certify on an annual basis that such compliance plan has been implemented and is effective. Specifically, the following providers are required to meet this requirement: organizations that submits claims or orders (or can be reasonably expected to  submit claims or orders) for Medicaid services or supplies of at least $500,000 in any consecutive twelve (12) month period; organizations that receive (or can reasonably expect to receive) Medicaid reimbursement-directly or indirectly-of at least $500,000 in any consecutive twelve (12) month period; organizations that submit Medicaid claims of at least $500,000 in any consecutive twelve (12) month period on behalf of another person or persons; or organizations subject to Article 28 or Article 36 of the NYS Public Health law or Article 16 or 31 of the NYS Mental Health Hygiene Law.

All Medicaid providers subject to New York’s Mandatory Compliance Program Obligation must certify each December that they have in place a compliance program meeting the applicable requirements. The certification is completed using a form provided by the Office of the Medicaid Inspector General (OMIG) on its web site. All certifications must be completed by 11:59 on December 31 at the absolute latest.

OMIG has recently updated its certification process. Specifically, OMIG has adopted five (5) separate categories on its certification form as follows: (i) Annual Certification, (ii) Enrolling Provider Certification, (iii) Revalidating Provider Certification, (iv) Certification After Correcting Insufficiencies Identified in a Compliance Program Review, and (v) Certification After Receiving Notice of Regulatory Action for Failing to Complete Your Annual Certification.

Applicable Medicaid providers will also be required to include their Provider ID and National Provider Identifier Number (NPI) on the certification. Additionally, multiple Provider IDs may be able to be submitted in a single certification form provided the following conditions are met:  (i) The same compliance program applies to all Provider IDs listed on the certification form; (ii) The Certification Category chosen is the same for all Provider IDs; (iii) The Compliance Officer is the same for all Provider IDs; (iv) The Certifying Official is the same for all Provider IDs (the Certifying Official must be someone other than the Compliance Officer); and (v) All Provider IDs reported on the certification have the same FEIN.

In the event that your practice is required to have a compliance plan as per New York law, it is imperative that the compliance plan be developed and implemented as soon as possible. It is further recommended that practices conduct a compliance self-assessment prior to submitting the certification, as making a false statement in the certification can result in serious repercussions. Practices should work with their healthcare legal counsel and compliance consultants with respect to instituting an effective compliance program.

As per OMIG, the purpose of this program is “to enhance the integrity of the NYS Medicaid program by preventing and detecting fraudulent, abusive, and wasteful practices within the Medicaid program and recovering improperly expended Medicaid funds while promoting high-quality patient care.” Some prime risk areas include billing, payment, medical necessity and quality of care, governance, mandatory reporting, and credentialing. Among other things, an effective compliance program helps to establish the culture of compliance for an organization, and correct problems and potential issues before they escalate. Additionally, an effective compliance plan may speed and optimize proper payment of claims, minimize billing mistakes, and avoid conflicts with the self-referral and anti-kickback statutes.

There are eight (8) elements described by OMIG that are required in every compliance program. The eight (8) elements which must be implemented are as follows:

Element 1: Written policies and procedures that describe compliance expectations as embodied in a code of conduct or code of ethics.

Written standards and procedures are a key component to an effective compliance program as they help to identify and address the practice’s risk areas. Potential risk areas for physician practices may include (1) coding and billing; (2) reasonable and necessary services; (3) documentation; and (4) improper inducements, kickbacks and self-referrals.

Element 2: Designation of an employee vested with the responsibility for the day-to-day operations of the compliance program.

In order to streamline the compliance process, a compliance officer/contact should be designated. This person should be responsible for the following: Overseeing and monitoring the implementation of the compliance program; Establishing methods, such as periodic audits, to improve the practice’s efficiency and quality of services, and to reduce the practice’s vulnerability to fraud and abuse; Periodically revising the compliance program in light of changes in the needs of the practice or changes in the law and in the standards and procedures of Government and private payor health plans; Developing, coordinating and participating in a training program that focuses on the components of the compliance program, and seeks to ensure that training materials are appropriate; and Investigating any report or allegation concerning possible unethical or improper business practices, and monitoring subsequent corrective action and/or compliance.

Element 3: Training and education of all affected individuals on compliance issues, expectations and the compliance program.

If a practice’s staff is unfamiliar with the terms of the compliance program, the compliance program is unlikely to be successful. Accordingly, all employees should receive training on how to perform their jobs in compliance with the practice’s standards, and employees should understand the significance of compliance with respect to their jobs.

Element 4: Communication lines to the compliance officer that are accessible to all affected individuals to allow compliance issues to be reported.

Employees need to feel like they can communicate any concerns regarding compliance they may have. Employees should be made aware that they should report conduct that may be deemed to be fraudulent. There should also be a mechanism outlined by which employees would make such reports.

Element 5: Disciplinary policies to encourage good faith participation in the compliance program.

Having a compliance program is useless unless employees are made aware of the compliance program, and actually understand the requirements. Employees should regularly acknowledge receipt and review of the compliance program, and be made aware of any updates.

Element 6: System for routine identification of compliance risk areas and non-compliance.

Self-auditing is one of the best ways to ensure practice compliance with State and Federal billing and coding laws, as well as kickback and self-referral laws and regulations. Conducting self-audits can help determine whether bills are accurately coded and accurately reflect the services provided (as documented in the medical records); documentation is being completed correctly; services or items provided are reasonable and necessary; and any incentives for unnecessary services exist. Providers should consult with a coding/billing expert and work with their legal team to conduct internal audits and external audits to determine whether the practice complies with applicable rules and regulations.

Element 7: System for responding to compliance issues when raised, for investigating and correcting problems.

Providers also need to determine the consequences or ramifications of non-compliance, including for instance documentation of non-compliance in the employee’s file. Other instances of non-compliance, including billing errors and potential overpayments, may require the advice of an attorney as notifications may have to be made.

Element 8: Policy of non-intimidation and non-retaliation for good faith participation in the compliance program.

In order to encourage employees to participate in the compliance program and report instances of non-compliance, it is important for employees to understand that they will not be retaliated against if they participate in good faith.

Although the “Compliance Questions” are no longer a separate section, they are incorporated into the Certification Section which includes a compliance self-assessment form.

Should you have any questions regarding the implantation of a compliance program please contact Mathew Levy at 516-627-7000 or [email protected]

About the Authors:

Mathew J. Levy, Esq. is a Principal of Weiss Zarett Brofman Sonnenklar & Levy, PC. Mr. Levy is nationally recognized as having extensive experience representing healthcare clients in transactional and regulatory matters. Mr. Levy has particular expertise in advising health care clients with respect to contract issues, business transactions, practice formation, regulatory compliance, mergers & acquisitions, professional discipline, criminal law, healthcare fraud & billing fraud, insurance carrier audits, litigation & arbitration, and asset protection-estate planning.  You can reach Mathew Levy at 516-627-7000 or [email protected].

Stacey Lipitz Marder is senior counsel at Weiss Zarett Brofman Sonnenklar & Levy, PC with experience representing healthcare providers in connection with transactional and regulatory matters including the formation and structure of business entities, negotiating and drafting contracts and commercial real estate leases, stock and asset acquisitions and general corporate counseling.  Ms. Marder also has experience advising healthcare clients on a wide range of regulatory issues including Stark, the Anti-Kickback Statute, fraud and abuse regulations, HIPAA, reimbursement and licensing matters.

Weiss Zarett Brofman Sonnenklar & Levy, P.C. is a Long Island law firm providing a wide array of legal services to the members of the health care industry, including corporate and transactional matters, civil and administrative litigation, healthcare regulatory issues, bankruptcy and creditors’ rights, and commercial real estate transactions.