With the recent passage of the Health Insurance Portability Accountability Act, the jurisdiction of federal law enforcement authority has been expanded to incorporate local state health care fraud issues, as well as traditional federal enforcement of Medicare violations. Criminal, civil and administrative liability of health care providers can wreak havoc on the provider’s continued ability to operate within the health care marketplace. Monetary fines, restitutionary payments and civil penalties can quickly add up and more and more offenders are finding themselves behind bars, sometimes for years, as a result of health care fraud.

In 1984 Congress adopted strict criminal sentencing guidelines within the federal justice system. The federal sentencing guidelines now require the imposition of uniform and proportional sentences for federal criminal conduct. While Texas state criminal justice programs do not have sentencing guidelines similar to the federal system, Texas courts often try to emulate the federal sentencing protocols when dealing with health care fraud issues.

The federal sentencing guideline rules have had a profound effect on the type and length of criminal sentences imposed on health care fraud offenders. In a memorandum decision of one federal judge, the particular predicament of health care providers was brought to light in an interesting commentary:

Prior to the federal sentencing guidelines, this judge could have taken the position that two months is a substantial sentence for a defendant like Dr. Jones. Dr. Jones is, after all, a first time offender, much of whose life has been spent caring for patients in his role as a physician. Dr. Jones is charged with a non-violent crime. In days past, this Court would have been able to focus solely on Dr. Jones as an individual offender. This judge would have been able to decide that, for this defendant, whose career as a physician has already been ruined, merely walking into a penal institution for the first time, hearing the iron doors clank shut behind him, would be sufficiently devastating. However, these options have been stripped away from the Courts and now, all such bets are off! Now, under our federal sentencing guidelines it will take nearly seven years of taxpayers money to effect his rehabilitation or deter others from the sort of conduct for which Dr. Jones was convicted.

In order to re-arm the federal judges with some form of objective criteria in their sentencing evaluation process, the federal guidelines now encourage solo and small health care providers to integrate procedures into their health care practices that will actually reduce the sentencing guideline “score” and the resultant penalty assessed against the provider. The most important of these mitigating factors is the existence of an effective health care fraud and abuse compliance program.

Health care providers who are considering adoption of a fraud compliance program now have the benefit of guidance from the United States Department of Health and Human Services’ (“HHS”) Office of Inspector General (“OIG”) recommended protocols. Since 1998 HHS-OIG has offered compliance guidance to various sectors of the health care industry. In June, 2000 HHS-OIG issued model fraud compliance guidelines for third-party billing companies and small or solo health care provider practices.

The 2000 OIG guidelines were designed to help steer individual and small group provider organizations through the morass of federal rules and regulations that apply to Medicare, Medicaid and many related state and federal health care programs. While the repeated inclusion of certain key, essential, elements in model OIG compliance programs underscore their importance as an integral part of any health care compliance program, a provider’s health care compliance program need not succeed in deterring all acts of fraud and abuse to be considered “effective” for purposes of mitigating punishment under federal criminal sentencing guidelines. In order to receive credit for implementing an effective fraud and abuse compliance program, at a minimum, all providers and health care organizations must exercise due diligence in their effort to detect and prevent provider fraud and abuse within their provider organization(s). Today, in order to implement a fraud and abuse compliance program that is acceptable under the federal Medicare regulatory guidelines small provider organizations must, at a minimum, satisfy the following seven requisites:

      (1) Develop a program with established compliance rules and procedures that are reasonably capable of reducing criminal conduct, and ensure that such rules are followed by all of its employees and agents;

      (2) Create a system designed to delegate responsibility for overseeing compliance to high level personnel within the organization;

      (3) Exercise due care to prevent assignments of substantial discretionary authority to individuals who the organization knows (or by exercising due diligence, should know) have a propensity to engage in criminal conduct or otherwise disregard established protocols for the health care industry;

      (4) Communicate the program’s compliance rules and procedures to the organization’s employees and agents (e.g., by mandating their participation in compliance training programs or by distributing understandable materials that describe the procedures);

      (5) Implement reasonable procedures to police its work force’s fraud compliance standards (e.g., by conducting random audits designed to detect intentional or unintentional fraudulent conduct and through the establishment of a confidential reporting system through which employees and agents can report misconduct without fear of retaliation by management or their co-employees);

      (6) Discipline individuals within the organization who engage in fraudulent conduct or who fail to detect such misconduct; and

      (7) Establish and implement all procedures and protocols necessary to enable the organization to quickly identify and respond to intentional or unintentional acts of misconduct and prevent the reoccurrence of similar offenses.

The precise dimension of an “effective” corporate compliance program will vary from case to case, depending on the size of the organization, the nature and sophistication of the provider’s practice and the organization’s past track record of compliance. However, the mere adoption of a fraud and abuse compliance program will not save an organization or a practitioner who stands idly by while persons with high-level or substantial authority involve themselves in, tolerate, or simply ignore acts of mis-conduct. By contrast, a health care provider or organization with an effective fraud and abuse compliance program in place, whose management and staff aggressively strive to identify and eliminate fraudulent or abusive practices, stands to significantly reduce, if not totally eliminate, potential civil and criminal exposure. At the very least, small providers operating in good faith under an effective model fraud and abuse compliance program will substantially reduce the likelihood of criminal exposure and stave off costly litigation expenses.

Increasingly, health care providers have relied on third-party billing companies to process claims and provide advice on reimbursement matters affecting the provider’s business transactions. Inasmuch as third party billing companies often support a number of providers with differing specialties and areas of fraud and compliance risk, the individual health care practitioner must ensure that his/her billing company takes sufficient steps to ensure that its billing practices properly safeguard those practice areas under which the practitioner provides services. All third-party billing companies should maintain compliance protocols designed to identify and avoid billing for services or items not properly documented, double billing, unbundling, up-coding, inappropriate balance billing, inadequate resolution of overpayments, lack of integrity of computer systems, improper use of modifiers, routine waiver of co-payments and improper discounting of professional services.

When OIG issued its guidance protocols for small practice providers OIG reaffirmed its belief that the great bulk of such providers practice honestly and do so with a commitment to provide high quality medical care to their program recipients. In this regard the OIG did emphasize that its model fraud and abuse compliance guidelines for small practice providers are designed to assist solo and small providers in ensuring the accuracy of their submitted claims and to protect against innocent or even negligent errors.

The above discussion attempts to illustrate the growing importance for chiropractic care providers to “think outside the box” in assessing those areas within their health care practices that can give rise to problems involving health care fraud and abuse. Doctors of chiropractic should take note that many private insurance companies, as well as state and federal law enforcement authorities, are in the field actively investigating and pursuing leads which may give rise to civil or criminal charges against unsuspecting providers. No one ever anticipates getting in trouble. Nonetheless, it is happening to chiropractors across the State of Texas on an increasing basis and proper preventive medicine, in the form of an effective fraud and abuse compliance program, may be the only appropriate cure for a doctor of chiropractic’s prospective ills.