No organization looks forward to the Feds knocking on their door, but it is possible to prepare for it and make the process less stressful. Beyond understanding the basics of Corporate Integritity Agreements (CIAs), exploring best practices identified in CIAs could help your organization avoid or prepare for an investigation. Preparation is critical and can make the audit process go more smoothly. And with more than 350(!) CIAs in effect, you have no shortage of resources to use to uncover ways to try and preemptively avoid federal intervention.
Take steps to prevent violations.
If you are not currently involved in an investigation or settlement for Stark or Anti-Kickback violations, don’t rest on your laurels. The OIG is actively investigating potential regulatory violations at healthcare entities. These violations may come to light through routine and programmatic auditing by the OIG or through a whistleblower allegation. By familiarizing yourself with CIAs issued for organizations similar to yours, you can take steps to reduce your organization’s potential violations. Model your compliance program after the requirements outlined in the CIAs so that you can prevent violations.
You can use existing CIAs as a template for a compliance program, as well as a roadmap of what to anticipate if your organization is found to be in violation. CIAs dealing with compliance issues with physician agreements provide insight into what you might be required to do under a CIA. We suggest reviewing several recent CIAs for entities structured similarly to yours. There are a significant number of CIAs available for review, and organizations that have built their compliance programs under a CIA have some of the most robust compliance programs in the industry. Borrow best practices from them!
Create a compliance committee.
A compliance committee should be an integral part of any health care organization, providing a front line of defense to ensure an adequate compliance program that is properly administered and monitored. The committee should advise the compliance officer as well as assist in compliance program implementation. Members of the compliance committee should be well informed about the regulations, legal requirements, and potential risks that may impact the organization. The compliance committee should assess current policies and procedures, develop appropriate new policies and procedures, and monitor performance.
Use the guidelines outlined in CIAs for other healthcare entities similar to yours to structure your physician contracting program.
By using guidelines in CIAs for other healthcare entities similar to yours, you can mimic compliant program requirements. By using the OIG’s requirements, your organization should be well positioned if it’s ever under federal scrutiny.
Physician contracting is an area where healthcare organizations are especially vulnerable to government intervention given Stark and Anti-Kickback statutes. While CIAs vary slightly from case to case, generally they require:
- A contract management system
- Tracking of payments and up-to-date time logs for physician services
- A written review process for all arrangements to ensure they are not violating Stark or AKS. The process should require that each arrangement has documented the following:
- A review by an attorney with Stark and AKS knowledge
- Demonstration of a business need for the arrangement
- Documentation that agreements meet FMV for all payments
- Annual reviews of all arrangements to be completed by the Compliance Officer and submitted for review by the compliance committee
- Training for everyone who is involved with arrangements surrounding the contract management system, internal review and approval process, and the tracking of payments corresponding to the arrangements
Evaluate stipulations of CIAs that might pose a problem for your organization.
While you are reviewing other CIAs, think about requirements that could pose an issue if they were placed upon your organization. Some aspects of a CIA are non-negotiable, but you may be able to create alternate policies that are acceptable to both your organization and the Feds. Your in-house and external counsel are key people in negotiating the terms of a CIA, but it is important for everyone to think about the reasonableness and timing of the requirements. For example, if you have an existing personnel training program that covers the requirements outlined in the CIA but requires fewer hours, your lawyers may be able to negotiate an acceptable compromise. For more on CIA negotiations, this article is a great resource.
What happens if an organization fails to comply with a CIA?
Failure to comply with the requirements of a CIA can result in a fine, with $2,500 per day commonly cited. More serious consequences can occur if the OIG considers violations to be breached, including exclusion from federal health programs.
CIAs are serious business. Learning from the mistakes of others may help prevent an audit or mitigate the consequences of an audit if steps are taken that have worked for others. Some of the best in class compliance programs have been developed in response to a CIA, and many of those documents are available for public review.