Common Issues Facing Corporate Compliance Officers

p>I. Our organization has uncovered a billing error that has been going on for some time within our organization. The net effect of the billing error is an overpayment received by our organization. Should we self-report?
  • Potential Liability for Retaining Funds. Understand that the federal government takes the position that retaining Medicare or Medicaid funds after determining that you are not entitled to is a federal crime. 42 U.S.C. Section1320 a-7b(a)(3). We are unaware of any reported cases to date interpreting the statute in question, however, few providers want to be the test case. "Finders keepers" does not sound like much of a defense, does it?
  • Historic Medicaid Protocol. If the issue is a Medicaid issue, Pennsylvania providers have had a long-standing protocol with the Bureau of Program Integrity of the Department of Public Welfare that has provided a relatively well-known procedure and likely outcome of the process. However, due to recent changes within the Department of Public Welfare, that protocol is no longer in affect and may or may not be followed in the future. The early indications anecdotally seem to indicate that the Department of Public Welfare will continue to handle these matters in a substantially similar fashion to that in the past. Keep talking to your colleagues, however, to see if this changes.
  • Credit Balance Report. To put the issue into context, providers should understand that they may already be required to file a credit balance report with Medicare indicating amounts that they are holding to which they are not entitled. (See generally the Credit Balance Report Form and 42 U.S.C. Section1320 a-7b(a)(3)). Assuming one does not want to potentially run afoul of that statute, the real choice is whether to follow the federal government's voluntary disclosure protocol or to follow a different method of refunding or attempting to refund the money.
  • Benefits of Voluntary Disclosure. The federal government's disclosure protocol leaves much to be desired. The primary benefit of voluntary disclosure through the OIG protocol is the expectation for leniency and the likely avoidance of criminal penalties for the organization. In most situations, the risk of criminal prosecution is remote, even following disclosure, as most overpayments result from inadvertence, confusion or, at worst, benign neglect. Voluntary disclosure also provides the organization with the chance to head off a potentially messy investigation and have the process handled in a more controlled or normal fashion. There is no assurance, however, that criminal charges will not be brought nor that a full-blown investigation with search warrants and subpoenas will not be pursued. The federal government's voluntary disclosure protocol may be found at www.dhhs.gov.progorg/oig. Voluntary disclosure under the False Claims Act can reduce the company's liability to the government to twice the damages instead of the normal treble plus $5,000 to $10,000 per claim. This act seems to require disclosure to be made to the Justice Department in order to receive the limited liability protection (See 31 U.S.C. Section3729(a)).
  • Drawbacks to the Voluntary Disclosure Protocol. The primary detriment to following the voluntary disclosure protocol is that in order to fit within it requires very extensive investigation and analysis. Following the protocol format literally can also be quite an expensive process and potentially self-incriminating disclosures will be made in writing without any assurance of leniency or other benefit. In other words, it is largely a "trust me" protocol. In an environment where many providers have little or no trust of the federal enforcement actors this can be a bitter pill to swallow.
  • Alternatives to Following the Federal Protocol. The foregoing concerns have lead many providers to consider other alternatives. One alternative approach is to make a refund in the normal course of business. Increasingly, the Medicare fiscal intermediaries and carriers have been instructed to report and involve the fraud and abuse enforcement arms of the federal government when they receive unusual or large refunds. Another variation on this theme involves highlighting the issue for the fiscal intermediary or carrier and hoping that they deal with it themselves. While this worked well years ago, it is a long-shot today as the government contracts are being accused of being too lax on fraud and abuse and are likely to call the OIG or at least their own fraud unit. A third approach that we have used on serious matters is to call an enforcement agent with whom you or your organization has a good relationship and in whom you have some trust. While the advice you are given is not binding, it is often very helpful or comforting. Be prepared to follow this unofficial advice, even if it is unpleasant.
  • Factors to Consider in Making Your Decision. Among the facts to be considered in evaluating which option to pursue are:

(i) the likelihood of being found to be involved in criminal wrongdoing;

(ii) the likelihood of being found to have violated the federal False Claims Act or similar law;

(iii) the likelihood of a qui tam action being brought;

(iv) the prevalence of the compliance problem in the industry;

(v) whether the issue has shown up on the OIG's Work Plan or is already the subject of a regional or national initiative;

(vi) whether your organization has had the same problem before and has not fixed it despite being sanctioned previously; and

(vii) the amount of money involved and your organization's financial condition.

There are other factors to be considered but the foregoing are key factors. Additionally, to the extent that you can determine how the enforcement agencies have handled similar problems in the past will usually be a good predictor of how they will handle your organization's situation. Talking to other compliance officers can be very helpful.

  • Advance Negotiation of a Different Disclosure Protocol. Consider whether you want to attempt to negotiate a voluntary disclosure agreement that deviates from the federal self-disclosure protocol. While it is too early to tell, it is possible that some U.S. Attorneys may be willing to go their own way, particularly in situations where national initiatives are not involved and the error appears not be to deliberate.
  • Disclosure Is Going to Become the Norm. Many of us believe that voluntary disclosure of compliance errors will become the norm. Disclosing voluntarily in one or more situations may enable you to position your organization as a "good corporate citizen" down the road when future problems are uncovered, as they inevitably will be in the complex world of health care reimbursement and coverage issues. The organization should understand, however, that beginning a practice of self-disclosure voluntarily will likely mean that in future cases the failure to voluntarily self-disclosure could be viewed in a very damaging light by the regulators or U.S. Attorneys. It will be very hard to justify picking and choosing when to voluntarily self-disclosure if you begin the practice of voluntary self-disclosure. If we are correct in assuming that self-disclosure will become the norm and "doing the right thing" is to be expected of all organizations, then this risk may not be seen as significant.

II. When conducting an internal investigation of a potential problem do I always need to advise employees of their rights to separate counsel? This seems to create an adversarial situation and could potentially run up huge legal bills. Also, who is responsible for the legal bills if separate counsel are retained?

  • Ethical Duties. If you as the compliance officer are acting as a lawyer, you have certain ethical duties which are covered in other courses. We will not repeat those rules here but suggest that you consult the applicable ethical rules. While the ethical rules are relatively clear, it is desirable for the company or the organization to get information from its employees. It is also perfectly appropriate for the company to expect an employee to cooperate with it in connection with an internal or external investigation.
  • Advising the Employees Regularly. Regardless of the ethical consequences, we generally believe it is advisable to tell the employees clearly and unequivocally of their right to separate counsel and of your own or outside counsel's role of representing the interests of the organization and not necessarily the personal interests of the employee. It is perfectly acceptable to go on and tell those employees that, if they think they have done nothing wrong and that any mistakes were innocent mistakes, they likely will have no liability, particularly no criminal liability. How the employee is handled is likely to affect substantially how eager they are to cooperate and how candid they will be.
  • Tell Employee of Possibility of Disclosure. The employee should also be advised that while the information given to the organization's legal counsel will be privileged and confidential, the organization may decide to make disclosure of that information to the government. You do not want your employees arguing that you have breached a duty owed or a promise made to them.
  • Generally Do Not Offer to Pay For Separate Counsel. We do not generally advise in "normal" investigations, which are not criminal in nature and which appear to be routine billing or compliance problems, that the company volunteer to pay for separate employee counsel. While the employee should be advised of his or her right to engage separate counsel at his or her expense, it should be made clear that the decision to retain separate counsel is the employee's but the decision to have the company pay for separate counsel will be made by the company and not the employee.
  • Note - Check Your By-Laws and Contracts. One important caveat to the foregoing comment may arise in situations where under company policy, employment contracts or by-laws there is a duty of indemnification. Often the investigating attorney may be unaware of the corporate by-laws or these contract rights. The compliance officer should have the by-laws, relevant policies and any employment contracts handy and should advise any counsel involved in conducting the investigation of relevant provisions.
  • Possible Obstruction of Justice. Inaccurately advising an employee that he or she is not entitled to be reimbursed for separate counsel fees could be viewed as obstruction of justice or otherwise hindering an investigation.
  • Consider a JDA. If the company is intending to provide separate counsel, serious consideration should be given to entering into a joint defense agreement ("JDA") at the commencement of the engagement. While the investigating agency will probably be upset by use of a JDA, the benefits from this approach may well out weigh the possible backlash to the provider.
  • Document Your Advice to Employees. We also suggest that a memorandum be placed in the file indicating a list of employees who were interviewed and attaching the statement which was read to each of them confirming legal counsel's role and the employee's right to retain his or her separate counsel.
III. We need to conduct an investigation of a potential compliance problem. We will be using outside experts to do some of the review. Should I always run these types of investigation through our outside legal counsel or can I use our internal legal department?
  • No Rules. There is no legal requirement that outside legal counsel be involved in each and every investigation. Similarly there is no requirement that outside reviewers always be used in responding to an investigation.
  • Benefits of Outside Counsel. The primary benefits of utilizing outside counsel are greater independence and presumably greater knowledge of and familiarity with the fraud and abuse laws, as well as the regulators and their practices. Increasing the likelihood that the review itself can be protected under the attorney client and/or work product privilege can also be a significant benefit, particularly if it is an investigation that seems likely to become involved in litigation.
  • Detriments of Outside Counsel. The detriments of utilizing outside counsel include increased costs, somewhat less familiarity with the organization and, at times, a greater reluctance on the part of employees to open up and share information with outsiders. Outside counsel can at times be intimidating to workers within the organization.
  • Privileges. The attorney client and/or work product privileges are not ironclad. While a discussion of the privileges are beyond the scope of this presentation, the privilege can be lost in numerous ways including inappropriate waiver or disclosure, a determination that it is really not an attorney-driven process, a determination that the in-house lawyer is not functioning in a legal capacity and the crime fraud exception.
  • Factors to Weigh. If you are highly likely to disclose voluntarily the results of the review to the enforcement agencies, the benefit of a privilege is likely to diminish. If you are unsure of what the investigation will turn up and/or whether you will make disclosure of the report to the enforcement agencies, then the importance of the privilege grows.
  • No Accountant-Client Privilege. Understand that Pennsylvania, like most jurisdictions, does not recognize accountant-client privilege or expert-client privilege. Also understand that in federal court rules of privilege are determined under federal law, not state law.
IV. Enforcement investigators and/or reviewers have shown up at our company. They have a letter requesting that we provide certain patient care records for Medicare patients. Must my company always give in to these requests at the time the reviewers appear on our doorstep?
  • Understand Your Duties to Furnish Information. Your organization and the compliance office in particular should obtain an understanding of your general duties of complying with administrative subpoenas, search warrants, investigative demands and document requests. The topic is one which could fill several chapters of a treatise.
  • Understand Limitations on the Investigating Agency's Rights and Your Ability to Disclose. Experience has shown that often times the investigators or reviewers have an erroneous assumption that they can get anything that they want whenever they want upon presentation of their business card, badge or letter of authority. How you determine to assert your rights and "level the playing field" is very important. It is not unreasonable (it may be negligent not to) request a citation of authority for their right to the information. Experience has also shown that in many situations the request is overbroad, burdensome or otherwise not supported by the law. Being firm but respectful and reasonable is key.
  • Use Legal Counsel as a Shield (i.e. Blame the Lawyers!). Do not be afraid to have legal counsel go up the chain of command within the enforcement agency in order to talk to a government lawyer who understands your concerns about the lawfulness or reasonableness of the document request, particularly as they may relate to patient confidentiality obligations in the drug, alcohol, mental health and HIV areas. Also, do not forget state confidentiality laws as there is no general overriding federal policy in effect at this time. If there were, President Clinton would not have needed to take the action which he took in late 1999. Note that search warrants are quite a different animal and are not subject to negotiation.
  • Consider Developing a Policy. With the growing frequency of audits, investigations and other reviews it may be prudent for your company to develop a policy and procedure for dealing with these requests.
  • Protect the Integrity of the Records. In the event that you determine to question or not to comply fully with such a request, be prepared to deal with the consequences. In no event should you allow the records in question to be altered or purged in any way during the pendancy of the dispute on the enforcement agent's right to the records. We would strongly encourage that the records be placed in a secure location with a responsible, identified person being the only one with access to the information. The use of a custodian can help ease the enforcement agent's fears that the records will be altered and the investigation hampered. It can also reduce your company's exposure to a charge of obstruction of justice
V. How far back should we look when we conduct a self audit?
  • Difficult Question. This is a great question without a correspondingly great answer. As was noted above, keeping funds that you know were paid to you by Medicare or Medicaid can be viewed as a crime. At best, retaining such funds will raise questions about your organization's bona fides and increase the price of future settlements. Having said that, we know of no legal requirement saying that you do not have to go back to the beginning of time with every issue and make a clean breast of it on every issue.
  • Contemporaneous Reviews. Many organizations have been conducting contemporaneous reviews and not doing retrospective reviews unless there is an active investigation. One of the risks of such approaches is an increased exposure to qui tam actions as employees may learn that the correction should have been implemented long ago.
  • How Far Back Could the Government Look? The problem of going back long term is also exacerbated by the federal government's very aggressive interpretation of the relevant statutes of limitations and the financial crises facing many health care providers today. These factors coalesce to make this a very difficult decision for many providers. No current standard of practice appears to have yet emerged on this issue.

VI. Our organization can not afford to do self audits on every possible compliance issue. The list of issues is just too long. Where should we start?

  • You Must Prioritize. In times of limited resources, you must search for opportunities to get the "most bang for your buck."
  • Conduct an External or Environmental Assessment. First assess the environment for risk areas. Matters to consider are enforcement actions taken against your "neighbors", national or regional initiatives which have been undertaken, the OIG Work Plan, comments made by Jim Sheehan and other leaders on the enforcement side and areas which have been reviewed in the not too distant past by regulators. Increasingly, we believe that the regulators will come back and reexamine areas which they have found to be out of compliance in the past.
  • Conduct an Informal Internal Risk Analysis. Next, assess the risk factors within your own organization. Among questions to ask of your company are the following:

(i) Have any areas within the organization been found to have been out of compliance in the past?

(ii) Have any areas had a great deal of turnover, particularly at the senior manager level?

(iii) Are high risk areas frequently understaffed and overworked?

(iv) Are there any risk areas within the organization where employee disgruntlement is very high?

(v) Have any qui tam relators come out of any areas within your organization in the past?

(vi) Have there been wrongful discharge or discrimination claims made by employees in any risk area?

(vii) Is there fierce competition with another provider in your area where they complained that you compete unfairly and violate the law?

Consider seriously whether you should involve counsel in this process so as to increase the protection from disclosure of this analysis.

  • Evaluate and Focus on High Risk Areas First. After conducting the internal and external self-evaluation, some key areas will likely be highlighted as high risk areas. They will frequently and not surprisingly be in the following areas:

(i) medical records documentation;

(ii) lack of coordination between medical information input and billing output;

(iii) billing in general (e.g., "cheat sheets", outdated chargemasters, etc.); and

(iv) contracts or other arrangements with referral sources with physicians.

In Pennsylvania, out-patient hospital departments have had particular problems with what are sometimes unusual Medicaid billing rules and have been found to be repeat offenders.

  • OIG Website. Do not forget to look at the OIG's web site for new areas of interest to the federal enforcement folks.

VII. When is it appropriate for my organization organization and my compliance office to conduct self audits and reviews internally and not to pay an outside reviewer?

  • See Prior Analysis. This analysis is very similar to the use of outside versus in-house counsel, except there is typically not a privilege issue involved with consultants.
  • Situations Favoring Use of an Outside Reviewer. Where the dollars are big, the risk is high, the rules are exceedingly complex or your organization is likely to be viewed in a very bad light by the investigators, you should strongly consider the use of an outside reviewer. The outsider reviewer can bring added credibility and expertise to the process. They unfortunately also bring additional costs but this can be more than outweighed in appropriate circumstances by the benefits that they bring to the process.
  • Situations Favoring Use of an Internal Reviewer. Where the amount at issue is small, the rules are clear and compliance is a relatively objective determination or you are very comfortable that you have a good defense, the use of internal staff can be quite appropriate. Similarly, where your internal staff has acknowledged expertise in the area under investigation, they may be quite appropriate also.
  • Independence. When using an internal reviewer, you should make sure they are (or their family members) not from the department or area of the organization which is being scrutinized. Independence is key!
  • Check Existing Agreements. Understand that under an existing corporate integrity agreement ("CIA") your organization may have signed, you may be required to contractually use an outside review organization for certain audits.
  • Communications. If you are attempting to privilege the report prepared by the internal reviewer, take extra pains to instruct them on how to communicate through legal counsel. Very often they communicate in their "normal" fashion which can destroy any claim for privilege. Outside reviewers tend to be more sensitive to this issue.
  • Be Prepared for the Enforcement Agency's Skepticism. When using internal reviewers be prepared to see the enforcement agency discount or heavily scrutinize the internal report. Often allowing your internal reviewer to talk directly to the enforcement agency's internal or external expert can help build credibility and consensus. This approach can also help when using outside reviewers, although they tend to be given greater initial respect by the enforcement agencies and their experts.

VIII. When I use an outside reviewer to assist us in one of our investigations or self audits it seems that the engagement letter is getting longer and more complex. Are these provisions standard or should we try to negotiate them?

  • The Laws of Economics Prevail. Understand that the laws of economics apply to health care expert services just as they do to virtually every other area of the economy. Due to the increased level of investigations and compliance activity there has been a dearth of outside expertise available to help organizations. This will come into balance in the not too distant future we believe. In the meantime, the outside reviewers do seem to have somewhat of the upper hand and are using their leverage to obtain more favorable terms in their engagement letters.
  • Threats to Experts and Legal Counsel. The enforcement agencies have been making outside reviewers and outside attorneys nervous with threats that they may be held liable for their clients' misdeeds. The Kansas City LaHue case and the Metzinger and Ritter situations are just two recent examples where legal counsel or experts have been dragged into fraud and abuse litigation. Obviously review organizations will tend to protect themselves against perceived additional risk through raising prices and/or shifting risk contractually to the extent they are capable of doing so.
  • Lawyers Cannot Limit Certain Exposure. Beware of lawyers who seek to limit their own exposure for negligence or other malpractice problems. There are ethical rules which we understand prohibit such activity. It is not unethical for a lawyer to clarify with the client the scope of the work for the client (e.g. the depth of research to be undertaken). However, non-lawyer experts may be able to contractually limit their liability and even obtain indemnification from your company for the expert's negligence.
  • Points to Negotiate. The engagement letters are negotiable particularly for large engagements and with smaller organizations providing the expert services. Some typical areas that require scrutiny and negotiation are:

(i) the fees to be charged and what is included within the scope of service;

(ii) whether expert testimony is included within the scope of services;

(iii) who may be a recipient of the ultimate report and who determines to whom the report will be distributed;

(iv) the scope of liability of the consultant (some try to disclaim any responsibility for anything short of their own gross negligence or willful misconduct);

(v) a liability limitation provision (some consultants seek to limit their liability to the amount of fees paid for the specific engagement);

(vi) an indemnification provision (some try to have the client indemnify the consultant in the event the consultant is investigated or sued); and

(vii) a mandatory arbitration provision in the event there is a dispute over the fees owed for the engagement.

Additional objectionable provisions will probably come to light, particularly if the health care provider community lays down and allows consultants to dictate terms that look very similar to those on the back of a car rental form. Presumably health care providers will wake up and realize that these are professional services charged at very high but fair rates. For that consideration the consultant should stand behind the work in a reasonable fashion. By all means, negotiate the terms and conditions!

  • Open Issues. Often times the fee arrangement is unclear. Particularly left open on many engagement letters is what happens if the scope of work changes, as it often does. Under the best of circumstances there will be a renegotiation. Alternatively you could provide for an hourly arrangement with notice by the consultant to the client that certain services are outside the scope of the original engagement.
  • Do Not Wait to Negotiate. Understand that if you wait until the 11th hour to ask for the engagement letter and to negotiate fair terms you have diminished your leverage substantially. Ask for it at the very beginning and seek your CFO's help to provide additional leverage if needed.

IX. The Federal Enforcement Agencies always seem to be requiring a corporate integrity agreement (CIA) as a part of any settlement agreement. The list of providers that have executed CIAs seems to be endless. The enforcement agents say that these terms are essentially standard and that we cannot negotiate them. Should we just go along and sign the agreements containing the CIAs?

  • Caveat Emptor! Do not sign a settlement agreement with a CIA unless you are absolutely prepared to live up to every term and condition in that agreement. They are long term, binding agreements, often ranging from three to five years. You must know and understand what your CIA means.
  • Pitfalls for the Unwary. If you read the most recent CIA's you will notice several disturbing factors about them. One is that the provisions are becoming increasingly intricate and burdensome. Second is that the enforcement agencies give themselves broad discretion in interpreting the meaning of the CIA. Third, the enforcement agencies give themselves broad remedies to pursue, including exclusion remedies, in the event that your organization fails to live up to the CIA. Fourth, many of the CIA's also require your organization to waive certain procedural and substantive rights (although they are not set forth as express waivers in the CIA itself).
  • Look to the Future. If providers lay down on this issue they will, we believe, live to rue the day. In the current environment with increasing federal budgets for enforcement activities and the desire on the part of the enforcement agencies to demonstrate their worth, enforcement activities will grow. As providers get better in their compliance efforts it will become harder for the enforcement agencies to pick "low hanging fruit." One easy area that will be tempting to them in three, four or five years, will be to go back to old settlement agreements and try to find lack of compliance.
  • Understand the Limited Nature of Federal Releases. The federal settlement agreements typically do not cap or release the client from all liability relating to the claims at issue. Many of them are also time limited, i.e., they do not release claims from the beginning of time. Others do not contain any release of criminal claims.
  • United We Stand. Consider getting together with other providers who are similarly situated and try to negotiate as a group a fairer settlement agreement. Contrast the recent form of settlement agreement in Operation Bad Bundle with that which came out for the DRG Window settlement. We believe the group leverage exerted by providers played a significant role in the advantages of the DRG Window settlement agreement over the Operation Bad Bundle agreement which has been negated ad hoc, provider-by-provider.
  • Seek a Hold Harmless Clause. Try to have included in the settlement agreement a provision indicating that the provider will be held harmless if they engage in certain prophylactic activity. (See for example the DRG Window settlement agreement.)
  • You May Need to Go the Political Route. If this trend continues with settlement agreements becoming increasingly burdensome, particularly with regard to the CIA's, consider the political route to get this issue resolved. Tell your trade associations about your concerns. So far, however, they have not been actively involved in this issue on a broad scale.
  • Consider Not Signing a Settlement Agreement. In cases where the cost of a CIA implementation far exceeds, in your view, the amount in dispute consider whether you can get by without a settlement agreement. It may be more beneficial not to have a release and not to have a CIA but to have your company make the payment being requested by the government. We do not know yet on a wide scale how the enforcement agencies will react to this mild form of "civil disobedience."

X. What is my personal liability as a compliance officer?

  • Don't Ask and We Won't Tell. At first blush, you probably do not want to know. However, if you are doing your job diligently and your organization supports you, you should have no more risk than, for example, the CEO or CFO or head of billing has within your organization.
  • Things To Be Wary Of. If your organization does not support you with adequate resources or does not take the compliance function seriously, then your risk could be substantial. One of the key aspects of the compliance plan is to have identified persons responsible within the organization for certain behavior designed to assure a high level of compliance. In a typical compliance plan the compliance officer has been designated to be responsible for a variety of functions. Therefore, it is incumbent upon you to have the organization adequately support your efforts. Remember your indemnification rights, if any, under the corporation's by-laws are only as good as the assets of the corporation standing behind the promise of indemnification. We say this not to alarm but to put the risk level in perspective. Having said this, we do not believe that in a well run organization a compliance officer is at substantial risk personally. A well run, enlightened organization recognizes the value of compliance efforts and will support the functions of that office and the persons in the office.
XI. I am the chief compliance officer in our company. However, when I find a problem, The CEO and the CFO seem to ignore it and refuse to let me talk to board members about the problem. What should I do?
  • Your Action Plan. Consider doing the following:

(i) double check your facts to make sure that your assertions are correct as you could be exposed to defamation or other claims of liability;

(ii) prepare your resume and be ready to look for a new job;

(iii) advise the CEO and CFO in writing of your concerns and your belief that you have a duty under the organization's rules (cite chapter and verse) to inform the appropriate board member(s) or board committee;

(iv) once you have confirmed your beliefs, you probably have a duty to notify the appropriate powers that be within the organization of the problem. These persons are typically either the board chair, the chair of the finance committee, a compliance committee or the entire board itself. Obviously this is a large step and one which will result in you burning many bridges; and

(v) you should probably seek your own legal counsel at this point and expect to pay for the same, at least initially.

XII. Our health system has a hiring freeze. I need additional help in the compliance effort, but have been told I need to figure out a way to get that help without hiring additional personnel. Do you have any suggestions?
  • This is a Risk Management/Quality Improvement Process. Despite what many consultants have tried to sell, essentially compliance plans and the entire compliance process is simply an extension of the existing risk management and continuous quality improvement processes already present in all health systems. If you consider what hospitals, for example, have historically done in the patient care arena, you can draw very strong parallels to the compliance planning area. Much of the documentation and the approaches to problems are similar, as is the end goal. In one case, the end goal is to improve patient care and reduce liability exposure for malpractice claims. In the other case, the goal is to improve compliance with legal requirements and to reduce exposure to qui tam actions and government enforcement initiatives.
  • Look At Your Risk Management and Quality Improvement Departments. Very often there are qualified persons who are now being under-utilized in these departments. In part this is because there has been a substantial drop off over the past five years in the inpatient volume at most health systems. While there are still many malpractice claims being filed, in many situations, hospitals and health systems had been looking at cutting back in their risk management and quality improvement departments. You may be able to save somebody's job by cross-training them in the compliance area and get yourself needed help in the process. We have found that many compliance officers who have a risk management background get off to a very fast start in the compliance arena.
  • Internal Audit. Internal auditing departments may also be fertile ground for personnel who can be cross-trained. Often they help the compliance officer in investigations and internal reviews. They could be a source of partially-trained personnel who might have an interest in helping the compliance officer fulfill his or her duties. In tough budget times, this is also an area where senior management is inclined to cut back on FTE's.

XII. Given the intense cost pressure facing most health systems, do you have any other ideas for saving money while still operating an effective compliance plan?

  • Look to the Internet. There are quite a few sites from the government and a few companies where you can get good information off of the internet, essentially for free. Among the sites are the following:

(i) www.hcfa.gov/medlearn (this is the HCFA Medicare Learning Network);

(ii) www.healthlinks.net (links to and reviews of various health-related web sites); and

(iii) www.dhhs.gov/progorg/oig (contains, inter alia, OIG advisory opinions).

The OIG's site includes model compliance plan information, fraud alerts, advisory opinions and other very much up to the minute information. Columbia HCA has a web site which includes some of their own compliance policies and procedures which are available for downloading. They may be too grandiose for most health systems but can be whittled down and made useable in a different form.

  • Trade Associations. A variety of trade associations have arisen around the compliance issue. Additionally, some traditional associations, such as Hospital Council of Western Pennsylvania, are forming groups or chapters for chief compliance officers.
  • Talk to Neighbors. In today's highly competitive healthcare market, defending oneself against government compliance attacks is a rare common bond among providers. While there is a need to respect a certain level of confidential information, much information could be shared among providers.
  • Swap Services. We have encouraged numerous clients to save consultant fees by sharing services relating to operating the corporate compliance plans with similar providers. Among the services being shared are development costs for corporate compliance plan sections, conducting mock surveys and conducting records and billing reviews. While there are downsides to this approach, they may be outweighed by the benefits.
  • Use Technology. We have found uses of technology to provide money saving opportunities. Some approaches have included:

(i) use video conferencing to cut down on travel costs;

(ii) circulate information via e-mail, thereby reducing printing and copying costs; and

(iii) video-tape presentations that can be used on multiple occasions (e.g. new employee orientation on the company's compliance initiative).