HCCA - CHC Study Questions (MASTER FLASHCARDS)

HCCA - CHC Study Questions (MASTER FLASHCARDS) True or False: The ACA requires that all providers adopt a compliance plan as a condition of enrollment with Medicare, Medicaid, and Children's Health Insurance Program (CHIP). - ANS True ref. ACA section 6102 According to HHS-OIG - what are three important reasons for proper documentation in Compliance? (hint: protections) - ANS 1.Protect our programs 2.Protect your patients 3.Protect the Provider At which level of the Medicare Part A or Part B appeals process is the appeal decision by the Office of Medicare Hearings and Appeals (OMHA)? a. first level of appeal b. second level of appeal c. third level of appeal d. fourth level of appeal - ANS c. . third level of appeal Frist level - redetermination by Medicare contractor Second level - reconsideration by Independent contractor Third appeal - Administrative Law Judge (ALJ) hearing Fourth appeal - review by Medicare Appeals Council Fifth appeal - review in Federal District Court What should CCO be able to do? (What skills should this person have?) Choose all that apply. a. Leadership skills. b. Oversee the coding department. c. Skills to design and implement a compliance program. d. Be able to anticipate new risk areas. e. Practical experience with documenting medical necessity. - ANS a. Leadership skills, c. Skills to design and implement a compliance program, and d. Be able to anticipate new risk areas. Which of the following is an absolute necessity in order to have a successful Compliance Program? a. continuous training and improvements b. effective reporting path c. non-retaliation for whistleblowers d. reliable and equal discipline - ANS c. non-retaliation for whistleblowers A Compliance Program with well written policies and procedures: a. can be successful if consistently reviewed and maintained b. cannot be effective due to the sheer volume presented c. will be effective if read by management d. will not be successful without the proper oversight - ANS d. will not be successful without the proper oversight A Compliance Officer can achieve a higher level of compliance and ethics engagement by: a. ensuring leadership reads the policies b. increasing management involvement c. responding to compliance hotline calls d. monitoring the code of conduct - ANS b. increasing management involvement Which of the following requires providers to be permanently excluded from all federal health care programs if found guilty of a healthcare related fraud a third time: a. Deficit Reduction Act of 2005 b. False Claims Act c. Balance Budget Act of 1997 d. Social Security Act section 1128 - ANS c. Balance Budget Act of 1997 Also known as a BBA "three strikes rule" Which statement is TRUE regarding compliance programs? a. Compliance programs are considered more dangerous if they are developed but not implemented. b. Compliance programs can detect but not prevent criminal conduct c. Compliance programs are only required by law for healthcare entities that have more than $500,000 in annual revenue. d. Compliance programs are not mandated by law. - ANS a. Compliance programs are considered more dangerous if they are developed but not implemented. Formal statement outlining a plan for a specified subject area. It usually cites state and/or federal required actions or standards. a. CAP b. Procedure document c. Policy document d. Legal standards - ANS c. Policy document CAP - outlines corrective action plan Procedure - describes process/steps under a certain criteria Legal standards - mandatory action or rule Life cycle of records management - ANS Creation Use Maintenance Retention Disposition Standards of Conduct (written P&Ps) - ANS Demonstrate the organization's ethical attitude and its "enterprise-wide" emphasis on compliance with all applicable laws and regulations Code of Conduct: Content Checklist - ANS • Demonstrate system wide emphasis on compliance with all applicable laws and regulations • Written plainly and concisely so all employees can understand the standards • Includes internal and external regulations • Mentions organizational policies without completely restating them • Is consistent with company policies and procedures • Includes management's responsibility to explain and enforce the code Ref: SCCE Compliance & Ethics Manual, Chapter 2 Code of Conduct and Employees - ANS All employees must receive, read, and understand the standards. A supervisor should explain the standards and answer any questions. Employee should attest in writing that they have received, read, and understood the standards Employee compliance with standards must be enforced through appropriate discipline when necessary Discipline for non-compliance should be stated in the standards Code of Conduct Purpose - ANS • To present specific guidelines for employees to follow • To confirm that all employees comprehend what is required of them • To provide a process for proper decision making • To confirm that employees put standards into everyday practice • To elevate corporate performance in basic business relationship • To confirm that the organization upholds and supports proper compliance conduct Every organization needs policies and procedures for: - ANS • Internal assessments • Record retention (where, how long) • Self-disclosure • Medicare sanction checks (LEIE) • Billing policies • Credit balance • No charge visits • Incomplete/unsuccessful procedure • Documentation requirements When should Code of Conduct be distributed to new employees? - ANS Must be distributed within 90 days of hire RAT-STATS is: (select all that apply) a. statistical software to select randomized samples b. government statistical rule software developed in the 1970s c. free hospital statistical software d. recommended by OIG, CMS and other agencies to select random samples - ANS a. b. d. The software can be used by other entities other than hospitals, so option "c." is not precisely accurate, but it is free to use and can be downloaded here: What is the term called for an organization's commitment to compliance by management, employees, and contractors. Statement should summarize ethical behavior and legal principles under which the healthcare organization operates? - ANS Code of Conduct In the course of an audit, you find that disciplinary actions against certain physicians and high level executives for non-compliance in the organization have been unfair and inconsistent with current policies & procedures. What is your first course of action .a. Work with legal counsel to enforce proper disciplinary actions b. Get HR involved and recommend the use of progressive discipline policies c. Immediately terminate these individuals d. Get local and federal labor department involved for unfair discipline. - ANS b. Get HR involved and recommend the use of progressive discipline policies OIG recommends setting forth the degrees of disciplinary actions. Progressive discipline provides a structure and a set of discipline standards for managers/supervisors to follow to ensure discipline is fair, equitable and consistent. Documentation - ANS • A&M should be documented • Findings should be shared with dept managers • If activity is part of risk priority then compliance committee, senior leadership and board when necessary • OIG calls for written evaluation to be presented to CEO, governing body, committee annually Non-retaliation in compliance - what is important to state in this policy: - ANS For any reporting method to be effective, employees must accept that there will be no retaliation or retribution for coming forward. The concept of non-retaliation is fundamental to the compliance program, and a clearly stated policy regarding non-retribution is the first step. • anonymous reporting and, • no retaliation or retribution for bringing forth problems/concerns Place to start with Enforcement is: - ANS Standards of conduct and P&Ps For Enforcement and Disciplinary Actions, Policies should include: - ANS 1. non-compliant consequences 2. employees duty to report non-compliance 3. list parties responsible for appropriate action 4. outline of disciplinary actions or procedures 5. promise that discipline will be fair and consistent New Employee Policy - three checks OIG recommends to do/perform: - ANS OIG recommends: perform background checks, reference checks, and exclusion list checks Which two main documents become tools to build compliance program? - ANS Code of Conduct and P&Ps You are the new Compliance Officer, hired after ABC Hospital reorganized and decided that the General Counsel should no longer also serve in that role. Upon review of the Code of Conduct (CoC), you find that it is written using lots of legal jargon. What action do you take: a. Keep CoC as it is. b. Pull a sample off the internet and insert hospital name to save time as it was most likely written by experts. c. Rewrite the CoC in plain and concise language tailored to the hospital so employees can use a general guidance. d. Rewrite the CoC with detailed restating hospital's P&Ps, and all laws and regulations possible so that employees can't say they were not aware of requirements. - ANS c. Rewrite the CoC in plain and concise language tailored to the hospital so employees can use a general guidance. Explanation: • CoC should be clear and concise language easy to understand, and should be tailored to specific issues of the organization What is the term called for an organization's commitment to compliance by the board, management, and employees? It summarizes ethical behavior and legal principles the healthcare organization operates. A) Code of Conduct B) Federal Sentencing Guidelines C) Internal Controls - ANS A) Code of Conduct The U.S. Federal Sentencing Commission was organized in _____, published its initial set of guidelines in _____, and included chapter eight of the Federal Sentencing Guidelines for Organizations (FSGO) in _____. a. 1980, 1987, 1999 b. 1985, 1987, 1991 c. 1980, 1985, 1987 d. 1985, 1990, 2001 - ANS b. 1985, 1987, 1991 "The privacy officer for a hospital has updated the Notice of Privacy Practices to reflect a material change because the previous notice did not have a description that individuals have the right to amend their Protected Health Information. The third party review team identified that the notice did not have the required information to let individuals know of their right to amend PHI. What's the BEST course of action to correct deficiency? A. Make arrangements to have copies of the new NPP mailed to all patients seen within the last year at the hospital B. Make arrangements to have the new notice distributed to new patients that come to the hospital C. Post a copy of the new notice on the hospital's internal intranet so that all employees can see the updated version of the notice D. Meet with legal to discuss how to best self-disclose to the OCR that the hospital was in violation of the NPP requirements and has since - ANS B. Make arrangements to have the new notice distributed to new patients that come to the hospital Remember: The NPP must describe the following individual rights: • The right to request restrictions on uses or disclosures of PHI for treatment, payment or healthcare operations; for use in a facility directory (if applicable); or to family members and others involved in the patient's care; however, the provider is not required to agree to the restriction except in the case of a disclosure to a health insurer if the individual has paid for the care as required by §164.522(a)(1)(vi). This is a change necessitated by the Omnibus Rule. • The right to receive confidential communications by alternative means or at alternative locations per §164.522(b). • The right to inspect and copy PHI per § 164.524. The provider may want to include a statement that the provider may charge a reasonable cost-based fee for copies. • The right to amend PHI per § 164.526. • The right to receive an accounting of disclosures of PHI as provided by § 164.528. • The right to receive a paper copy of the NPP upon request. • A brief description of how the individual may exercise the foregoing rights, e.g., by submitting a written request to the provider's privacy officer. What is the best definition of Medicare/Medicaid fraud? a. Attempting a scheme against the Medicare/Medicaid program b. Knowingly executing a scheme against the Medicare/Medicaid program c. Willfully executing a scheme against the Medicare/Medicaid program d. All of the above - ANS d. All of the above Remember: Fraud is generally defined as knowingly and willfully executing, or attempting to execute, a scheme. FRAUD is intentional; WASTE is overuse/misuse of resources carelessly; ABUSE on the other hand, does not require poof of intent, but it's improper practice leading to unnecessary expenses What is the best definition of Medicare/Medicaid abuse? a. Knowingly defrauding the Medicare/Medicaid program b. Intentionally violating Medicare/Medicaid guidelines c. Unknowingly violating Medicare/Medicaid guidelines d. None of the above - ANS c. Unknowingly violating Medicare/Medicaid guidelines FRAUD is intentional (knowingly/willfully); WASTE is overuse/misuse of resources carelessly; ABUSE on the other hand, does not require poof of intent, but it's improper practice leading to unnecessary expenses A provider intentionally upcodes services to a higher level in order to receive a larger reimbursement from Medicare/Medicaid. Is this violation fraud, abuse, or neither? a. Fraud b. Abuse c. Neither - ANS a. Fraud Upcoding - is a type of fraud (knowing/intentionally) coding more expensive codes for higher reimbursement What is true about Medicaid Integrity Programs: a. established by the DRA of 2005 b. federally administered and state monitored c. audited by MACs d. created to combat Medicare provider FWA - ANS a. established by the DRA of 2005 (section 6034) Notes: b. federally administered and state monitored (the opposite) c. audited by MACs (MIPs are audited by MICs) d. created to combat Medicare provider FWA (Medicaid, not Medicare) Reporting systems should be: a. marketed to contractors b. outsourced to a vendor c. operated by management d. publicized to all employees - ANS d. publicized to all employees Are providers financially liable if their billing services commit fraud without the provider's knowledge? Yes No - ANS Yes - they are financially liable for all claims submitted on their behalf that contain their identification number Regarding patient credit balances, which of the following are good practices for addressing credit balance compliance risks: a. Review reporting capability as most EHRs can detect a credit balance issue. b. Perform root-cause analysis to determine the direct source of overpayment, and ongoing monitoring c. Perform random audits and report findings to ensure proper monitoring and corrective action. d. all of the above - ANS d. all of the above Having a clear P&P on overpayments, self-disclosure and credit balances is also recommended to stay up to date with regulatory changes and avoid any penalties An employee reports a potential problem with the attending physician's presence for surgery. Which of the following is the compliance professional's BEST action? a. investigate the issue b. approach the surgeon c. notify the OIG d. request copies of the records - ANS a. investigate the issue The False Claims Act contains a whistleblower-protection provision for persons reporting fraud and abuse. What does this mean? a. Persons reporting fraud or abuse may be subject to the same penalties as the persons committing the fraud or abuse. b. Persons reporting fraud or abuse can be discharged or demoted. c. Persons reporting fraud and abuse who are discharged, demoted, suspended, harassed, or discriminated against have protection from such actions. d. Persons reporting fraud and abuse will be guaranteed another position if they are discharged from their current position. - ANS c. Persons reporting fraud and abuse who are discharged, demoted, suspended, harassed, or discriminated against have protection from such actions. The entity's level of commitment to compliance is directly related to the resources (human and financial) a. True b. False - ANS b. False The code of conduct should address the organization's: a. Culture b. Beliefs c. Ethical position d. All of the above - ANS d. All of the above When developing an effective code of conduct, an organization should consider: a. Soliciting another organization's code and tweaking it to fit b. Methods for reporting issues c. Zero tolerance for fraud and abuse d. B and C - ANS d. B and C Sue works for ABC Family Physicians. The providers at this office ask her to research the department that helps protect patients from unfair treatment or discrimination. What department or agency would that be? a. Equality in Employment Agency b. Office for Civil Rights c. Department of Justice d. Office of Inspector General - ANS b. Office for Civil Rights (OCR) DOL oversees employment discrimination DOJ enforces federal criminal law and implements criminal law policies OIG combats FWA in Medicare, Medicaid and HHS Programs Note: practice question from AAPC CPCO Ch1 Which government department is comprised of thousands of employees who enforce the nation's federal criminal laws and help develop and implement criminal law policies? a. Office of Inspector General b. Centers for Medicare & Medicaid Services c. Healthcare Lawyers Association d. Department of Justice - ANS d. Department of Justice OIG combats FWA in Medicare, Medicaid and HHS Programs CMS administers the nation's major healthcare programs including Medicare, Medicaid, and CHIP to eliminate FWA HLA is an edu org (not a gov department) Note: practice question from AAPC CPCO Ch1 Which department is the largest inspector general's office in the federal government? a. HHS Office of Inspector General b. Office of Civil Rights c. Department of Justice d. Centers for Medicare & Medicaid Services - ANS a. HHS Office of Inspector General Note: practice question from AAPC CPCO Ch1 What term would be used for actions that, either directly or indirectly, results in unnecessary costs to the Medicare program? a. Fraud b. Mistake c. Waste d. Abuse - ANS d. Abuse Abuse - Abuse is similar to fraud, except that the investigator cannot establish the act was committed knowingly, willfully, and intentionally. The difference between fraud and abuse is the individual's intent. Fraud - knowingly/intentionally Waste - overuse/misuse of resources Note: practice question from AAPC CPCO Ch1 You are the new compliance officer for a hospital and see that it is currently under an OIG CIA. What would be the first course of action in your new position? a. Review the current OIG Work Plan and update the audit schedule for the hospital. b. Review the Code of Conduct and Policies and Procedures and update them as appropriate. c. Meet with the Compliance Board and discuss your vision of how compliance will be run in the future. d. Review the audit schedule and pick up where the previous compliance officer left off. - ANS b. Review the Code of Conduct and Policies and Procedures and update them as appropriate. A compliance professional is conducting a policy review. Which of the following procedures MUST be included in the policy for statistically valid sampling and extrapolation? a. financial error rate exceeds 5% with a refund to occur within 60 days b. financial error rate exceeds 5% with a refund to occur within 90 days c. coding error rate exceeds 5% with a refund to occur within 60 days d. coding error rate exceeds 5% with a refund to occur within 90 days - ANS a. financial error rate exceeds 5% with a refund to occur within 60 days Regarding statistical sampling, what is an example of failed efforts to use statistical analysis? a. Users who did not understand subject matter or application of sampling. b. A well-rounded data sample c. Knowledgeable staff who are involved in the process d. Investigations done of improper billing practices - ANS a. Users who did not understand subject matter or application of sampling. The use of qualified personnel and adequate resources is key. Use of experts, when appropriate. True or False: A hospital with an imposed-CIA performs a discovery sample as part of the Claim Review and finds it has a financial error rate above 5%. OIG requires that the hospital then conducts a full sample. - ANS TRUE Probe and Discovery Samples are used to get an initial glimpse and seriousness of a problem to determine if the size of a Full Sample is needed. For example, in Corporate Integrity Agreements (CIA) the OIG requires a Full Sample to be used, if the overpayment error rate, or financial error rate, in a Discovery Sample is at or above 5%. True or False: If an IRO identifies any underpayments during a CIA-Claim Review for a hospital, these may be netted (or offset) from overpayments. The hospital may also consult with the appropriate payor to ensure if the underpayment amounts can be used against outstanding overpayments. - ANS TRUE For purposes of reporting the overpayment to the OIG, underpayments may be netted (or offset) from overpayments. However, in terms of repaying the overpayment to the appropriate payor, the provider should consult with that payor as to whether it will allow underpayments to be netted from overpayments for collection purposes. The following questions would be pertinent to every organization to help the __________________ professional in reviewing policies and procedures that need to be addressed: Does the organization employ non-physician practitioners? Does the organization perform services in a rural clinic settings? Does the organization provide medical services that fall under the Physicians at Teaching Hospital (PATH) rules? Does the organization participate in clinical trials (research)? a. Human Resources Director b. Chief of Hospital Operations c. Chief of Compliance d. Medical Staff Services - ANS c. Chief of Compliance These are common questions that help a compliance officer in reviewing some common areas that policies and procedures may need to be addressed. What is RAT STATS? a. Government hotline for fraud and abuse b. Government statistical rules (for example sample size) c. Hospital technology for tracking sampling d. Statistical software for hospitals to use - ANS b. Government statistical rules (for example sample size) The largest and oldest accrediting body for healthcare organizations in the United States, which has accredited more than 22,000 organizations is: a. World Health Organization b. American Medical Association c. The Joint Commission d. National Committee for Quality Assurance - ANS c. The Joint Commission The Joint Commission is the largest accrediting body/agency. a. World Health Organization - is a goverment agency that leads and champions global efforts to give everyone, everywhere an equal chance to live a healthy life. b. AMA - is a professional association that provides education for physicians and promotes the art and science of medicine and the betterment of public health. d. National Committee for Quality Assurance - is a private, non-profit organization dedicated to improving health care quality. NCQA accredits and certifies a wide range of health care organizations and manages the evolution of HEDIS®, the performance measurement tool used by more than 90 percent of the nation's health plans. Fill in the blank: The Health ____ _______ Administration (HCFA) encouraged the use of statistical sampling to promote consistency in interpretation and establish FCA liability for claims submitted under Medicare - ANS "Care Financing" See HFCA Ruling No. 86-1 (Feb. 20, 1986). One of the most important foundations of your compliance program is: a. The Compliance Policy Manual b. The Organization Code of Conduct c. The non-retaliation policy d. Adequate staffing and information systems - ANS b. The Organization Code of Conduct A number of standard components are usually included in codes of conduct, the most common components are the following EXCEPT: a. Non-retaliation promise b. Auditing status c. Organization's values d. Details on reporting misconduct - ANS EXCEPT: b. Auditing status Which is not one of the seven fundamental elements of an effective compliance program? a. Implementing written policies, procedures, and standards of conduct. b. Conducting effective training and education. c. Developing policy guidance summaries. d. Responding promptly to detected offenses and undertaking corrective action. - ANS This is not a core element of the program. c. Developing policy guidance summaries. What are the three things an effective compliance program can bring to your organization? - ANS (OQC: Operations, Quality and Costs) Enhance your organization's operations, improve quality of patient care and reduce overall costs What are the benefits to a Compliance Program? - ANS 1. Commitment to Code of Conduct. 2. Prevent, detect, and correct unethical behaviors. 3. Minimizes financial losses 4. Encourages employees to report compliance problems/issues What are the two primary objectives of a Board of Directors (BOD)? - ANS 1. Duty of Care decision making 2. Oversight function (BOD can delegate to CEO) What are the two primary focus areas of a Board of Directors (BOD) in compliance? - ANS 1 - structural (need to understand compliance program SOW) 2 - operational (need to understand compliance program needs to operate) What does Duty of Care mean for BOD? - ANS 1. act in good faith 2. level of care a prudent person would (avoid negligence) 3. protect welfare of organization, act in a manner that's best for all What are the three roles of a board member? - ANS 1.Compliance oversight. 2.Structuring your compliance program 3.Evaluating effectiveness of the compliance standards and processes. When creating and implementing a compliance plan, the compliance officer should have: A. no approval B. board approval and resolution C. patient approval D. legal approval - ANS B. board approval and resolution What can an effective compliance program do? - ANS Enhance your organizations operations, improve quality of patient care, and reduce overall costs. True or False - A good compliance program will identify problems from time to time, if it doesn't, that's a sign that what you're doing is NOT effective - ANS TRUE What can providers review that will help them understand the compliance requirements of a clinical lab? a. Laboratory Provider Handbook b. OIG's Clinical Lab Guidance c. OIG Developing an Effective Compliance Program d. Physician Desk Reference - ANS b. OIG's Clinical Lab Guidance The OIG Clinical Lab Guidance provides pertinent information on effective compliance and risk areas for laboratories. Note: practice question from AAPC CPCO Ch3 Any laboratory performing testing on specimens derived from a human being for purposes of providing diagnosis, prevention, treatment, or assessment of health, regardless of whether they participate in Medicare, must: a. Participate in a quality assurance program b. Maintain adequate hours of operation for the underserved community c. Enroll in the CLIA program d. Have a certificate of compliance - ANS c. Enroll in the CLIA program Note: practice question from AAPC CPCO Ch6 If I'm only doing blood draws, do I need a CLIA number? a. No, a CLIA number is not required if the facility only collects specimens and performs no testing. b. No, a CLIA number is not required if the facility only collects specimens and performs minor testing. c. Yes, a CLIA number is required if the facility only collects specimens, even if they perform no testing. d. Yes, a Medicare-participating provider that only collects specimens requires a CLIA number. - ANS a. No, a CLIA number is not required if the facility only collects specimens and performs no testing. Note: practice question from AAPC CPCO Ch6 Which certificate is issued to a laboratory that enables the entity to conduct moderate- to high-complexity laboratory testing until the entity is determined by survey to comply with the CLIA regulations a. Certificate of Compliance b. Certificate for Provider-performed Microscopy procedures c. Certificate of Registration d. Certificate of Waiver - ANS c. Certificate of Registration. Enables the entity to conduct moderate-to high-complexity laboratory testing until the entity is determined by survey to be in compliance with the CLIA regulations. Note: practice question from AAPC CPCO Ch6 Seven basic elements for a fundamental compliance program as per HCCA CHC exam? - ANS 1. Standards and Written Policies & Procedures 2. Compliance Program Admin (CO and Board oversight) 3. Effective Education &Training 4. Screening and Evaluation (Employees, Physicians, Vendors) 5. Communication, Edu & Training 6. Auditing & Monitoring, Internal Reporting System 7. Discipline for Non-Compliance 8. Investigation and Remedial Measures True or False - The OIG requests that you post on your website whether or not the PHRMA CODE is followed - ANS TRUE True or False: Regarding Attorney-Client Privilege, the procedure called "Upjohn warning," in which a company's lawyer explains that the lawyer represents the company and not the individual employee with whom the lawyer is dealing. - ANS TRUE The Upjohn Co. v. United States case (1981), a Supreme Court case that gave rise to the procedure called "Upjohn warning," in which a company's lawyer explains that the lawyer represents the company and not the individual employee with whom the lawyer is dealing. In other words, communications between company counsel and employees of the company are privileged, but the privilege is owned by the company and not the individual employee. The Court made clear that the corporate attorney-client privilege applied to the company. Related to Legal Doctrines for Protection from Disclosure to protect certain documents during the course of discovery. What is the work product doctrine? a. Ensures that attorney documentation is accessible to the hospital. b. Ensures that attorney documentation is accessible to the OIG. c. Protects attorney documents that were prepared for litigation purposes. d. Allows the hospital to protect documents sent to the attorney. - ANS c. Protects attorney documents that were prepared for litigation purposes. Differs from attorney-client privilege (ACP) in that it protects only documents from discovery including interviews, memos, correspondence, notes and briefs, which evidence "mental impressions, conclusions, opinions or legal theories of any attorney. Documents must have been prepared in anticipation of litigation or in anticipation of a disclosure to the government. When should counsel be involved during an internal investigation? a. If corporation may have to disclose inappropriate conduct and take remedial action. b. If there is an inadvertent billing error. c. If there is a question about the training program. d. If there is fraudulent behavior that the CCO wants to cover up. - ANS a. If corporation may have to disclose inappropriate conduct and take remedial action. True or False: Root cause analysis is a high priority among federal law enforcement and regulatory agencies when it comes to investigations and risk assessments. For example, in a compliance investigation, investigators gather evidence either to support or refute specific allegations, but the investigation itself does not assess blame. That is the point in which root cause analysis should follow to determine how the compliance failure occurred or was allowed to happen. - ANS TRUE Root cause analysis is performed after an incident occurs, so in a sense, it could be considered a reactive activity, unlike a risk assessment, which is inherently proactive. The purpose of root cause analysis is to prevent future recurrences of the problem. Ref. 2022/23 HCCA Complete Healthcare Compliance Manual Which of the following agencies indicate a self-evaluation after discovery of potentially fraudulent acts? a. CMS b. OIG c. OCR d. OSHA - ANS b. OIG Fill in the blank: The Healthcare Fraud and Abuse Control (HFCA) program requires ___ and ___ to coordinate federal, state, and local health care law enforcement activities, provide guidance to providers on fraudulent practices, and establish a national data bank to receive and report final adverse actions against providers. - ANS HHS-OIG and DOJ Health Care Financing Administration (HCFA) encouraged one of the following to promote consistency in interpretation of claims? a. Education b. Reporting c. Discipline d. Statistical sampling - ANS d. Statistical sampling Related to Corporate Integrity Agreements with the government, what is an IRO and what are the details of how it works? Choose 2 answers. a. Independent Reorganization Operation. b. They do the auditing required by a CIA. c. The OIG hires them. d. They need to be fair and unbiased and can't have a financial relationship with the hospital. - ANS b. They do the auditing required by a CIA. d. They need to be fair and unbiased and can't have a financial relationship with the hospital. Explanation: IROs need to meet criteria and follow the AICPA and SEC guidance (unbiased judgement, honest neutrality, and demonstrate independence among other requirements) The IRO is conducting a Claim Review for a hospital under a CIA and discovers that there is a discrepancy between the dollar difference between the amount that was reimbursed and the amount that should have been reimbursed when conducting a Discovery Sample. Which of the following is false: a. The dollar difference resulted in an overpayment. And when converted to percentage, the resulting calculation is the error rate b. The net financial error rate calculated was under 10%, no need to conduct a Full Sample c. If the net financial error rate of the Discovery Sample is below 5%, the review is complete d. A and C - ANS b. The net financial error rate calculated was under 10%, no need to conduct a Full Sample According to the OIG, a Full Sample size is only required if the net financial error rate of the Discovery Sample equals or exceeds 5%. Which Act created the Medicaid Integrity Program to ensure that Medicaid payments are for covered services that were actually provided, properly billed and documented; and requires that entities receiving more than $5 MIL in annual Medicaid payments establish written policies and educate employees on the FCA and whistleblower protections to prevent and detect Fraud, Waste and Abuse. - ANS The Deficit Reduction Act (DRA) of 2005 created the Medicaid Integrity Program (MIP) under Section 1936 of the Social Security Act. If you find you actually are doing something wrong, corrective actions should be put in place. For instance, if you identified an overpayment, your FIRST action is to refund to the Fiscal Intermediary. If you suspect the possibility of serious wrongdoing that may affect your organization's reputation, your FIRST action is to contact legal/attorney to assess if attorney-client privilege needs to be attached. If you identified that certain employees are not properly being disciplined for misconduct, your FIRST action is to work with _________ and recommend that discipline should be fair, equitable and consistent. - ANS HR/Human Resources Examples of current Compliance activities in many organizations - ANS • Equal Employment Opportunity Commission (EEOC) • Employee Retirement Income Security Act (ERISA) • Wage and Hour Rule • Occupational Safety and health Administration (OSHA) • Nuclear Regulatory Commission • Joint Commission on Accreditation of Healthcare Organization (JCAHO) • Research compliance What is a benefit of a contemporaneous review? a. Can provide a chance to do a self-disclosure of prior billing errors b. Helps with creating a code of ethics c. Can correct a problem before it grows to become a serious issue d. Allows employees to submit anonymous reports of fraud - ANS c. Can correct a problem before it grows to become a serious issue. How does Medicaid work? Select 2 a. State administered b. Federally administered c. State monitored d. Federally monitored - ANS a. State administered (via SURS and MFCUs); d. Federally monitored (OIG oversights each state MFCU's operational costs) What can a provider do if they are unhappy with an informal review by the state Medicaid Program/SUR unit? a. Dispute the informal review with the SUR. b. Request an administrative hearing. c. Request that the informal review be made into more understandable education. d. Request that the Fiscal Intermediary take back the repayment. - ANS b. Request an administrative hearing A compliance program at its most basic level would be: (think of the 1st CP element) - ANS A set of internal policies and procedures that you put into place to help your organization comply with the law What is a compliance program? - ANS • Ongoing process, part of fabric of organization, commitment to ethical way of conducting business • Prevention, Detection, Collaboration, and Enforcement • System of policies and procedures developed to assure compliance with and conformity to all applicable federal and state laws governing organization Health care Fraud is key priority in the Justice Department, and an effective _________ program safeguards the organization's legal responsibility to abide by applicable laws and regulations - ANS Compliance (program) Benefits of Compliance Program - ANS • Safeguards organization legal responsibility to abide by applicable laws and regulations • Demonstrate organization's commitment to good corporate conduct • Identify and prevent criminal and unethical conduct • Create a centrilized source of info on healthcare regulations • Develop a methodology to encourage employees to report potential problem • Develop procedures that allow the prompt and through investigation of alleged misconduct • Initiate immediate and appropriate corrective action • Reduce organization remedies, such as program exclusion Why Compliance Programs are Essential - ANS • Help reducing threat of qui tam or whisthelblower lawsuits • Prevent exlusion from government program • Probation and court imposed programs • Government designated programs • Payback to fiscal intermediaries or carriers may result in audited services HCCA 2 components of a compliance program - ANS 1. structural component (OIG 7 elements to create the framework - "nuts and bolts") 2. substantive component (applicable laws and regulations) This Act mandates compliance programs for Medicare, Medicaid and Children's Health Insurance Program (CHIP) providers - ANS The Affordable Care Act (ACA) Section 6401 of the ACA provides that a "provider of medical or other items or services or supplier within a particular industry sector or category" shall establish a compliance program as a condition of enrollment in Medicare, Medicaid, or the Children's Health Insurance Program (CHIP) Also ref: 42 CRF 422.503(b)(4)(vi) and 42 CFR 423.504(b)(4)(vi) Which of the following statements is false regarding Statistically Valid Sampling? a. ACA encouraged the use statistical sampling and extrapolation to promote consistency for claims submitted under Medicare. b. develop policies & procedures to address statistical sampling and financial error rate considerations for refunds/overpayments identified c. for CIA claim reviews, if the net financial error rate equals or exceeds 5%, the results of the Discovery Sample are used to determine the Full Sample size d. Audit sampling can be applied using either statistical or nonstatistical sampling approaches - ANS a. ACA encouraged the use statistical sampling and extrapolation to promote consistency for claims submitted under Medicare. Explanation: HCFA, not ACA. See HCFA Ruling No. 86-1 (Feb. 20, 1986). OIG Top 10 Reasons to Implement a Compliance Program (1-5) - ANS • To demonstrate to the community at large the organization's commitment to good corporate conduct • To reinforce employee's innate sense of right and wrong • To help organization fulfill its legal duty to government and private payers • Compliance programs are cost effective • To provide a more accurate view of employee and contractor behavior relating to fraud and abuse OIG Top 10 Reasons to Implement a Compliance Program (6-10) - ANS • To improve quality of care overall • To provide procedures to promptly correct misconduct • To help mitigate any sanction imposed by the government • Voluntarily implementation is preferable than waiting for OIG to impose a Corporate Integrity Agreement (CIA) • To protect corporate directors from personal liability February 27, 1997, what does this date represent? - ANS Date of OIG open letter to all providers - encourages health care organization to implement compliance programs in order to protect themselves from fraud and abuse. With that letter, Model compliance plan for Clinical Laboratory was offered as guidance. Since that time, a Model compliance plan has been implemented in many areas. What provided the groundwork for compliance program development? - ANS Federal Sentencing Guidelines (FSG) Remember, the OIG 7 elements are based on the FSG ref Ch 8 B2.1 (Enactment of the Sentencing Reform Act and Creation of the Commission) In all OIG program guidance, what's the first element they call for? - ANS Development and distribution of written standards of conduct, as well as written policies and procedures that promote a commitment to compliance. Seven (7) Elements in OIG CPG Guidance for Hospital - ANS 1. Written standards of conduct 2. Designating a chief compliance officer and other appropriate bodies 3. Effective education and training 4. Effective lines of communication 5. Conducting internal auditing & monitoring 6. Enforcing standards thru disciplianry guidelines 7. Responding to detected offenses and corrective actions Compliance means (Compliance Program) - ANS Adherence to laws and regulations, as well as principles of ethical conduct Integrity Program - ANS Values doing the right thing Obstacles to Effective Compliance Implementation (1-5) - ANS • Commitment and buy-in • Lack of funding • Too many roles for compliance professional • Interpreting laws and regulations • Lack of resources and staff Obstacles to Effective Compliance Implementation (6-10) - ANS • Lack of education and training • Resistance to change • Lack of or poor communication • Fear of retaliation/retribution • No internal enforcement Compliance Officer Responsibilities according to OIG - ANS • Overseeing, and monitoring day-to-day operations of the compliance and ethics program • Reporting on a regular basis to the organization's governing body, CEO, and compliance and ethics committee • Assessing effectiveness of the compliance program and revising the program periodically as appropriate • Developing, coordinating, and participating in a multifaceted educational and training program • Ensuring that independent contractors and agents are aware of the organization's compliance and ethics program requirements • Serving as a source of information for employees, management, contractors, and the board • Ensuring that appropriate background checks are done to eliminate sanctioned individuals and contractors • Assisting with internal compliance review and monitoring activities • Independently investigating and acting on matters related to compliance • Conduct risk assessments, work with management to prioritize risk and develop mitigation plans • Encouraging employees to report suspected fraud and other concerns without fear or retaliation HCCA prepared and published Code of Ethics for Health Care Compliance Professional addressing 3 principles - ANS Principle 1 - Obligation to public Principle 2 - Obligation to employing organization - should serve organization with highest sense of integrity, unprejudiced, and unbiased judgment Principle 3 - Obligation to the profession - uphold integrity and dignity of profession, to advance effectiveness of compliance program and to promote professionalism in health care compliance Ref: Compliance Committee Purpose - ANS "to advise the compliance officer and assist in the implementation of the compliance program" Ref: OIG Compliance Program Guidance, pg 12 of PFD: Fill in the blank: The ___________ ____ Act further required that the HHS Secretary, in consultation with HHS-OIG, establish "core elements" for provider and supplier compliance programs within a particular industry or sector. - ANS Affordable Care Pursuant to 42 C.F.R. §§ 422.503(b)(4)(vi), 423.504(b)(4)(vi), and as incorporated into Chapter 21, Section 30 of the "Medicare Managed Care Manual": All sponsors are required to adopt and implement an effective compliance program, which must include measures to prevent, detect and correct Part C or D program noncompliance as well as FWA. The compliance program must, at a minimum, include the following core requirements: 1. Written Policies, Procedures and Standards of Conduct; 2. Compliance Officer, Compliance Committee and High Level Oversight; 3. Effective Training and Education; 4. Effective Lines of Communication; 5. Well Publicized Disciplinary Standards; 6. Effective System for Routine Monitoring and Identification of Compliance Risks; and 7. Procedures and System for Prompt Response to Compliance Issues. These seven elements are functionally equivalent to the seven elements of an effective compliance plan identified by HHS-OIG in its publication, Compliance Program for Individual and Small Group Physician Practices. What is required for a compliance program to be effective? a. The compliance program needs to be reviewed daily for any compliance updates. b. Regularly review and update the compliance program. c. The compliance program must be reviewed by healthcare lawyers. d. The compliance program needs to be reviewed weekly for any compliance updates. - ANS b. Regularly review and update the compliance program. Note: practice question from AAPC CPCO Ch1 Leaf Hospital is trying to determine what the goal and focus of their compliance program should be. What would you say, as a compliance officer at your own hospital, to help them with what the compliance department goal should be from a monitoring and auditing perspective? a) Train coders in how to properly code claims. b) Keep track of the CEO's involvement with public affairs. c) Detect and prevent criminal conduct. d) Hire revenue management staff. - ANS c) Detect and prevent criminal conduct. Explanation: The Federal Sentencing Guidelines says M&A done by compliance program should be designed to detect and prevent criminal conduct. From Chapter 4 of the Auditing and Monitoring book 2nd ed. Which entity below could not bill for medically unnecessary services? a. Hospitals b. Physicians c. Ancillary providers d. Patients - ANS d. Patients Note: practice question from AAPC CPCO Ch1 Which of the following can be a result of an effective compliance program? a. Keep a provider from facing criminal penalties b. Make sure a practice or medical organization is 100 percent compliant with federal regulations c. Help create financial success, customer loyalty, community support, and employee satisfaction d. Require starting fresh with new policies and procedures and expensive changes - ANS c. Help create financial success, customer loyalty, community support, and employee satisfaction. Note: practice question from AAPC CPCO Ch1 There are many benefits of having an effective compliance program. Which, of the below, is one such benefit? a. It shows that the practice is making a good faith effort to be compliant. b. It provides a means to cover errors until they can be fixed. c. It allows employees to retaliate against their employer when they believe they have been treated unfairly. d. It provides a basis for the OIG to create a CIA if a problem is identified. - ANS a. It shows that the practice is making a good faith effort to be compliant. Note: practice question from AAPC CPCO Ch2 Which federal government department is the OIG not responsible for overseeing? a. Centers for Medicare & Medicaid Services b. Centers for Disease Control and Prevention c. U.S. Food & Drug Administration d. Drug Enforcement Agency - ANS d. Drug Enforcement Agency DEA is overseen by or an agency under DOJ. Note: practice question from AAPC CPCO Ch1 Function of Compliance Committee - ANS • Analyzing legal requirement and specific risk areas • Regularly reviewing and assessing policies and procedures • Assisting with the development of standards of conduct and policies and procedures • Monitoring internal systems related to standards, policies, and procedures • Determining the appropriate strategy to promote compliance • Developing a system to solicit, evaluate, and respond to complaints and problems OIG Work Plan, what's its main purpose? - ANS Identifies high risk & key areas of focus for auditing. Active Work Plan Items reflect OIG audits, evaluations, and inspections that are underway or planned. Ref: How often does The U.S. Department of Health & Human Services (HHS) OIG publish the OIG Work Plan? a. Annually b. Bi-annually c. Monthly d. Weekly - ANS c. Monthly The Office of Inspector General's (OIG) work planning process is dynamic and adjustments are made throughout the year to meet priorities and to anticipate and respond to emerging issues with the resources available. In order to enhance transparency around OIG's continuous work planning efforts, OIG will update its Work Plan website monthly. One of the processes for risk identification is document review, including OIG key compliance documents. Name some of the documents that should be considered for review. - ANS OIG workplan and bulletins, Advisory Opinions, Special Fraud Alerts, and other guidance True or False: Billing errors always show a health care provider's or supplier's intent to commit fraud. - ANS FALSE Not all improper payments are fraud, but all payments made due to fraud schemes are improper (that is, an intentional misuse of funds). In fact, most improper payments are due to unintentional errors. Most common error is insufficient documentation. Fill in the blank: _______ occurs when someone intentionally deceives or makes misrepresentations to get money or property from any health care benefit program. a. Abuse b. Improper payment c. Fraud d. None of the above - ANS c. Fraud Fraud occurs when someone intentionally (knowingly/willfully) deceives or makes misrepresentations to get money or property of any health care benefit program. True or False: The Health Care Fraud Prevention and Enforcement Action Team (HEAT) is a joint anti-fraud initiative between the HHS and DOJ. - ANS TRUE HEAT task forces are interagency teams comprised of top-level law enforcement and professional staff members to prevent fraud and enforce anti-fraud laws. HHS and DOJ increase coordination, data sharing, and training among investigators, agents, prosecutors, analysts, and policymakers. The board should review reports on the status of the compliance program, how often? - ANS At least annually When there is poor distribution beyond the compliance officer, what happens to the organization? - ANS Program Implementation lags which means you do not have an effective compliance program True or False: Does Compliance Officer impose disciplinary actions? - ANS FALSE - no, only recommend (management imposes discipline) The board must have a solid understanding of compliance objectives. Name a consequence if this does not happen - ANS Weak, ineffective compliance program Undue reliance on detecting vulnerabilities You have done a compliance plan. What comprises a compliance program? A. Budget B. Resources C. Compliance Board D. CO E. All of the above - ANS E. All of the above OIG urges the ____________ to assist in the implementation of the compliance program and serves as advisors. A. Board B. CEO C. Compliance Committee D. Quality Committee - ANS C. Compliance Committee ABC Hospital is under a 5-year CIA with government-imposed requirements for development of a Compliance Program and use of external auditor for periodic claim reviews. Which of the following is TRUE: a. Costs to meeting terms of the CIA are permitted to be included in the cost report like any other operational cost. b. Because the hospital agreed to a settlement and was not convicted for alleged violations, the Compliance Program is considered a voluntary program. c. The government chooses and pays for the external auditors. d. None of the above - ANS d. None of the above. Explanation: • CIA-related costs CANNOT be included in the cost report. • Government-imposed Compliance Program ARE NOT considered a voluntary program. • Hospital is required to choose and pay for any auditors (with government review and right to object) Most expenses related to developing and implementing a compliance program are considered the cost of doing business and are tax deductible for the organization. Which of the following is NOT tax deductible? a. When the expense costs are more than the national average b. When the expenses are a result of the imposition of a penalty c. The annual maintenance of the program d. The salary of the compliance officer - ANS b. When the expenses are a result of the imposition of a penalty. CIA is a penalty imposed upon the organization and, as with any other governmental penalty; the expense of the development, implementation, and maintenance of this program cannot be included as a deductible expense to the organization. Note: practice question from AAPC CPCO Ch2 The Hospital is attempting to open its files to a new Compliance Officer for review. What documentation is not critical for his review? A. The patient charts for the OB floor. B. The record of PHI breaches. C. The labs billing records. D. Contracts with Acme DME suppliers. - ANS B. Records of PHI breaches Explanation: PHI breaches fall under Information security not Compliance activities. Records under Compliance activities include billing records, patient records, vendor contracts. The Federal Sentencing Guidelines uses 2 mitigating factors (but in reality are 4 factors), which are: a. Effective compliance program, reporting the violation promptly, awareness of the violation, and accepts responsibility for the violation. b. Willfully ignorant of the offense, repeat violation, government investigation was hindered and tolerance of the violation was pervasive. c. Effective compliance program, reporting the violation promptly, cooperate with government investigation and accepts responsibility for the violation. d. Effective compliance program, first offense, cooperate with government investigation and accepts responsibility for the violation. - ANS c. Effective compliance program, reporting the violation, cooperate with government investigation, and accepts responsibility for violation (effective prog, and report - cooperate - accept) What are some obstacles to an effective compliance program? a. Lack of funding b. Resistance to change c. Fear of retaliation d. Lack of education and training e. All of the above - ANS e. All of the above What are some of the kinds of compliance training sessions a compliance professional should hold? a. Individualized training b. New board member training c. Employee handbook training d. Both A and B - ANS d. Both A and B Re: c. Employee handbook (HR, not Compliance) What is considered an appropriate start to implementing an effective compliance program for compliance officers of small physician group practices with limited resources? a. Adopt only those components which, based on the practice's specific history with billing problems and other compliance issues, are most likely to provide an identifiable benefit. b. A compliance program will not be effective unless every element is fully implemented. c. Have a manual of policies and procedures available for review in the manager's office. d. Small practices are low-risk so they don't need to implement a compliance program. - ANS a. Adopt only those components which, based on the practice's specific history with billing problems and other compliance issues, are most likely to provide an identifiable benefit. Note: practice question from AAPC CPCO Ch2 What does the OIG Compliance Program Guidance acknowledge patient care as? a. Irrelevant to having an effective compliance program. They are not related. b. Important, but should not get in the way of implementing all seven recommended elements. c. Providers should put patients first in a compliance program. d. The main reason offices fail to implement compliance programs in the first place. - ANS c. Providers should put patients first in a compliance program. In order to improve patient care, you need to put patients first! Note: practice question from AAPC CPCO Ch2 Because of the changing nature of healthcare regulation, which statement is TRUE regarding updating the compliance program? a. The compliance program should only be updated annually to ensure all the changed regulations are captured. b. The compliance program should be updated biannually. c. Hiring a consultant to review the program for accuracy is necessary. d. The compliance program should be continually a work in progress. - ANS d. The compliance program should be continually a work in progress. Note: practice question from AAPC CPCO Ch2 The compliance plan should be reviewed: a. When the OIG issues new guidelines b. When a new regulation is passed c. At least annually d. All of the above - ANS d. All of the above The Board of Directors involvement with compliance includes all except: a. Written endorsement b. Allocating sufficient budgetary resources c. Active role in the daily compliance operations d. Establishing compensation structures that reward compliance - ANS c. Active role in the daily compliance operations OIG can impose mandatory exclusion for a minimum of..? - ANS 5 years If a provider is on the OIG sanctions list, what do you do first? (list valuation report) - ANS Put provider on Administrative Leave Possible sanctions include: - ANS Fines Restitution (pay restitution to victims) Probation Forfeiture (loss of any property or giving up something for wrongdoing) What are the 2 types of OIG exclusions? - ANS Mandatory (ex. criminal offenses) and Permissive (ex. misdemeanor convictions) See definitions: True or False - An excluded individual is automatically reinstated at the end of an exclusion term - ANS FALSE - An excluded individual must apply for reinstatement at the end of their exclusion term How many states currently require nursing facilities to perform a background check of state records for direct-access employees? a. 10 b. 35 c. 43 d. 50 - ANS c. 43 State rules differ regarding background checks: 43 states require nursing homes to perform background checks against state records, 10 of those require an additional FBI background check, and eight states don't require background checks at all. Note: practice question from AAPC CPCO Ch3 How many states require nursing facilities to perform FBI checks on employees? a. 3 b. 5 c. 10 d. 27 - ANS c. 10 State rules differ regarding background checks: 43 states require nursing homes to perform background checks against state records, 10 of those require an additional FBI background check, and eight states don't require background checks at all. Note: practice question from AAPC CPCO Ch3 SNFs are Medicare certified facilities that provide extended skilled nursing or rehabilitative care. This care is reimbursed under which Medicare part(s)? a. A b. B c. C d. A and B - ANS d. A and B SNFs are typically reimbursed under Part A for the costs of most items and services, including room, board, and ancillary items and services. However, SNFs may also receive payment under Medicare Part B. Note: practice question from AAPC CPCO Ch3 What law(s) does not require that nursing facilities conduct state FBI criminal background checks? a. False Claims Act b. Federal law c. Federal and state laws d. State law - ANS b. Federal law Federal law does not require that nursing facilities conduct state or FBI criminal background checks. State laws may, however. It is important to confirm both sources for applicable laws. Note: practice question from AAPC CPCO Ch3 If there is a detection of serious wrongdoing, what is the first step for the compliance professional? - ANS Contact Legal Counsel who can make the initial assessment of risks involved A hospital medical staff office is conducting its monthly review of the Excluded Parties List System (EPLS). The compliance officer is called by the manager of the medical staff office and informed that Dr. Smith, a surgeon who took call 5 times last month for the Emergency Department, was excluded on a date prior to those dates when the surgeon took call. In other words, the effective date of the exclusion involving the surgeon was 4/1/2019 and the surgeon took call and provided surgical services to patients in the ED on 4/13/19, 4/20/19, and 4/27/2019. What is the NEXT action the compliance officer should do? a. Contact the ED and make sure that the involved surgeon is removed from taking any more on call shifts. b. Have the medical office check if the surgeon is listed on other exclusion lists. c. Contact legal counsel to alert of the need to pay back reimbursement received for services provided by an excluded ind - ANS b. Have the medical office check if the surgeon is listed on other exclusion lists. Education (effective training) - ANS The most important lines of defense for a compliance program. The education (& training) is the best strategy for prevention. Training requirements for Compliance include: - ANS 1. engaging 2. thought provoking 3. positive call for action Written Education Plan - include: - ANS 1- update annually 2- Consult with managers to review content areas 3- invite managers to participate in planning 4- outline individual department's content needs Training physicians and providers - include: - ANS Address both, clinical and business: Clinical - quality of care Business - correct documentation for billing and reimbursement OIG suggests training be separated into two sessions: - ANS 1. general session on compliance for all employees 2. specific session, targeted information for appr