Learning Center
Plans & pricing Sign in
Sign Out

Training module Blue Cross and Blue Shield of Minnesota


									      Medicare Compliance
      Compliance Program
      Requirements, including Fraud,
      Waste and Abuse

FDR Training                           January 2011
> The Centers for Medicare & Medicaid Services (CMS)
  requires annual fraud, waste and abuse training* for
  organizations providing health, prescription drug or
  administrative services to Medicare Advantage (MA) or
  Prescription Drug Plan (PDP) enrollees on behalf of a health
> As a MA and PDP Sponsor, we are committed to following all
  applicable laws, regulations and guidance that govern these

*42 CFR Section 422.504(b)(4)(vi)(c) and Section 423.504(b)(4)(vi)(c)

Contracting with the Federal
> You are likely aware of various statutes and laws to which our
  industry is subject. The ones you are probably most familiar with
  are HIPAA and state privacy laws.

> What you may not know is what it means to be a government
  contractor, particularly for Medicare.

> Being a government contractor subjects us to additional laws,
  statutes and regulatory requirements.
> It also increases the number of regulatory agencies that have
  oversight authority.
> In addition to the requirements that go along with being a
  government contractor, we are subject to additional requirements
  and oversight as a Medicare contractor.
Contracting with CMS for Medicare
> The Centers for Medicare & Medicaid Services (CMS) is the federal
 agency that oversees the Medicare and Medicaid programs. CMS
 has special requirements for Medicare Advantage plans, 1876 Cost
 plans and Medicare Prescription Drug Plans, also known as Part D
> These requirements are disseminated in various ways, such as:
  – Medicare Managed Care Manual;
  – Prescription Drug Benefit Manual;
  – CMS Audit Guides;
  – The CMS website at; and
  – Health Plan Management System (HPMS) notices (CMS’ method for
    distributing guidance and reminders on a day-to-day basis)

First-Tier and Downstream Entities
> Some plan functions may be delegated by a Plan Sponsor to a
 first-tier or downstream entity.
> You are considered a First-Tier Entity, because we contract
 directly with you. Sub-contractors are considered Downstream
 Entities. (For definitions and examples refer to slides 24 and 25)
> Even when plan functions are delegated to a first-tier or
 downstream entity, the Plan Sponsor is still responsible for
 meeting all CMS requirements and must establish oversight.
> One of CMS’ requirements is that each Plan Sponsor (i.e.
 Medicare health plan) have a comprehensive compliance

Compliance Program Requirements
So what is a Compliance Program?
> A Compliance Program is a series of internal controls and measures to ensure that
  the Plan Sponsor is following state and federal laws and regulations that govern the
> It is comprised of the following seven elements and must incorporate measures to
  detect, prevent and correct fraud, waste, and abuse (FWA):
   1.   Compliance with Federal and State Standards and Written Policies and Procedures
   2.   Designation of Compliance Officer and Committee
   3.   Effective Compliance Training
   4.   Effective Lines of Communication
   5.   Disciplinary Guidelines and Enforcement
   6.   Internal Monitoring and Auditing Procedures
   7.   Response to Detected Offenses and Corrective Action Plan

This training is one way that we fulfill the training requirement above (#3).

Compliance Program Requirements:
7 Elements
1.       Written Standards of Conduct: development and distribution of written
         Standards of Conduct and Policies & Procedures that promote the Plan
         Sponsor’s commitment to compliance and that address specific areas of
         potential fraud, waste and abuse
2.       Designation of a Compliance Officer: designation of an individual and a
         committee charged with the responsibility and authority of operating and
         monitoring the compliance program
3.       Effective Compliance Training: development and implementation of regular,
         effective education and training, such as this training

           Training, education and communication requirements must be applied to all
            entities which provide benefits or services under MA or PDP programs
           Plan Sponsors must be able to produce proof (attestations and copies of
            training logs) from first-tier, downstream and related entities to show
            compliance with these requirements

4.       Internal Monitoring and Auditing: use of risk evaluation techniques and
         audits to monitor compliance and assist in the reduction of identified problem

Compliance Program Requirements:
7 Elements
5.       Disciplinary Mechanisms: policies to consistently enforce standards and
         address dealing with individual or entities that are excluded from participating in
         CMS programs
6.       Effective Lines of Communication: between the compliance officer and the
         organization’s employees, managers and, directors and members of the
         compliance committee, as well as first tier, downstream and related entities
           Includes a system to receive, record and respond to compliance questions, or
            reports of potential or actual non-compliance, while maintaining
           First tier, downstream, and related entities must report compliance concerns
            and suspected or actual misconduct involving the MA or Part D programs to
            the Sponsor
7.       Procedures Responding to Detected Offenses and Corrective Action:
         policies to respond to and to initiate corrective action to prevent similar offenses
         including a timely, reasonable inquiry

Compliance Program Requirements:
Fraud, Waste and Abuse (FWA)
> As indicated previously, CMS requires Plan Sponsors to have measures in
  place as part of its Compliance Program to detect, correct and prevent
> In accordance with these requirements, we have established a FWA
  Program that includes:
   – Policies and procedures that address how to identify and address FWA.
   – Processes for asking questions, requesting clarification and reporting issues.
   – Disciplinary guidelines for non-compliant or fraudulent behavior.

> Chapter 9 of the Prescription Drug Benefit Manual contains CMS’ guidance
  related to measures for detecting and preventing FWA:

Compliance Program Requirements:
Fraud, Waste and Abuse (FWA)
> Fraud
   – is an intentional act of deception, misrepresentation, or concealment in
     order to gain something of value.
   – often involves billing for services that were never rendered or billing for
     services at a higher rate than is actually justified.
   – also occurs when services provided to members are deliberately
     misrepresented, resulting in unnecessary cost to the program, improper
     payments to providers, or overpayments.
> Waste
   – is over-utilization of services, (not caused by criminally negligent actions)
     and the misuse of resources
> Abuse
   – is the excessive or improper use of health care services or actions that are
     inconsistent with acceptable business and/or medical practice.
   – refers to incidents that, although not considered fraudulent, may directly
     or indirectly cause financial loss.

Compliance Program Requirements:
Fraud, Waste and Abuse (FWA)
> Examples of FWA:
   – Double billing: Charging more than once for the same service.
   – Using another person’s Medicare card to get medical care, supplies,
     equipment, or prescription drugs.
   – Soliciting, offering or receiving bribes, rebates or kickbacks.
   – Dispensing expired drugs.
   – Prescription forging.
   – Resale of drugs on the black market.
   – Billing for services that were not furnished and/or supplies not provided.
   – Altering claim forms and/or receipts in order to receive a higher payment
   – Charging in excess for services or supplies.
   – Providing medically unnecessary services.
   – Billing for items or services that should not be paid for by Medicare.

Compliance Program Requirements:
Fraud, Waste and Abuse (FWA)
> Most healthcare professionals, sales representatives and beneficiaries are honest,
  trustworthy, and responsible, so why does CMS require a FWA program?
   – The goal is to weed out the few who operate with the intention of using
      Medicare for personal profit.
   – Healthcare FWA is an issue to be taken seriously. Annual losses to the
      government and health insurers from fraud scams alone are estimated to be
      between $77 and $228 billion*.

   – Healthcare FWA is not just a matter of dollars and cents. Equally important is
      the serious effect on the quality of care received. For example, a physical
      therapist regularly provides only ten minutes of therapy, but bills Medicare for a
      full hour each time. Who loses?

   – Establishing measures to detect, correct, and prevent FWA will benefit the
      government, health plans and beneficiaries because it will save Medicare dollars
      and improve patient care.
  *Data source: National Health Care Anti-Fraud Association (

Compliance Program Requirements:
Fraud, Waste and Abuse (FWA)
> The effort to prevent, detect and correct healthcare
 FWA is a cooperative one that involves:
  – CMS
  – Providers of services such as physicians and pharmacies
  – State and Federal Agencies such as the Department of Health
    and Human Services Office of the Inspector General (OIG), the
    Federal Bureau of Investigation (FBI), the Department of
    Justice (DOJ), and the Attorney General’s Office
  – Beneficiaries
  – Health Plan employees
  – YOU!

Compliance Program Requirements:
Fraud, Waste and Abuse (FWA)
> Medicare utilizes many organizations to assist in the fight against FWA.
   – Their main functions are:
           – Identifying and investigating potential fraud and abuse
           – Developing potential cases for referral to law enforcement
           – Acting as liaison to law enforcement
           – Serving as an auditor of a Medicare Advantage plan, Part D
            plan and their contracted entities.
   – These organizations include:
      > MEDICs: Medicare Drug Integrity Contractors are private organizations
        contracted by CMS to assist in the management of CMS’ audit, oversight,
        and anti-fraud and abuse efforts for Part D.
      > ZPICs: Zone Program Integrity Contractors are authorized to conduct
        investigations, provide support to law enforcement and conduct audits of
        Medicare Advantage plans.
      > RACs: Recovery Audit Contractors. CMS is currently establishing guidance
        on the role of RACs for Medicare Advantage and Part D plans.

Penalties for Compliance Violations
> CMS and other federal agencies can seek civil, criminal and monetary
  penalties from Plan Sponsors for compliance violations, including:
   –   Monetary penalties;
   –   Suspension of enrollment activities;
   –   Suspension of payment for Medicare Beneficiaries who enroll; and
   –   Suspension of all marketing activities to Medicare Beneficiaries.

> Enrollment, payment and marketing sanctions remain in effect until CMS is
  satisfied that the deficiency is corrected and not likely to recur.
> CMS may require the Plan Sponsor to hire an independent auditor to
  provide CMS with additional information to determine if the deficiencies
  have been corrected and are not likely to recur
> For enrollment or marketing sanctions, CMS has the discretion to subject
  the Plan Sponsor to a "test period" to determine if the deficiencies have
  been corrected. If deficiencies remain, the sanction will remain in effect
  until corrected. Sponsor does not have a right to a hearing to challenge
  this determination.

Additional Compliance Considerations
> Anti-Kickback Statute
   – Prohibits the offering or giving of remuneration (payments) or anything of value to:
       > Induce the referral of a Medicare or Medicaid beneficiary.
       > Induce a person to purchase, or arrange for, or recommend the purchase or ordering
          of an item or service paid in whole or in part by the Medicare or Medicaid program.
    – Applies to Plan Sponsors employees and all first tier, downstream, and related entities.

> Civil Monetary Penalties
   – Sanctions may be applied to organizations that offer or give something of value to a
       Medicare beneficiary, such that the organization knows or should know is likely to influence
       the person’s selection of a particular provider, practitioner, or supplier of any item or
       service which may be paid entirely or in part by Medicare.
> False Claims Acts
   – Federal False Claims Act
       > Establishes liability for certain acts by any person who knowingly presents or causes to
           be presented a false or fraudulent claim to the government.
        > A false claim can include any action tied to seeking payment from the government.
    – In addition to the Federal False Claims Act, the State of Minnesota passed it’s own False
       Claims Act in 2010.
> Self-Referral Prohibition Statute (Stark Law)
   – Prohibits physicians from referring Medicare patients to an entity with which the physician
       or a physician’s immediate family member has a financial relationship — unless an
       exception applies.
Avenues to Ask Questions, Request
Clarification and Report Issues
> Everyone has the right and responsibility to report
 possible fraud, waste or abuse. Report issues or
 concerns to:
  – Your organization's compliance officer or compliance hotline
  – The Plan Sponsor’s compliance officer
  – Your health plan contact
  – 1-800-MEDICARE
  – Health and Human Services Office of Inspector General Hotline 1-800-447-8477

    You may report anonymously and retaliation is prohibited when you
    report a concern in good faith.

   Remember, we are committed to providing steps to
   help individuals report violations without fear of
   retaliation. Anyone who, in good faith, reports a
   potential violation or cooperates with an
   investigation is protected against intimidation or
   retaliation (e.g., demotion, discharge or undesirable
   reassignment). Anyone who retaliates against a
   person who has filed a report or cooperated in an
   investigation is subject to corrective action, up to,
   and including, contract termination.

> CMS requires that a Compliance Program be in place.
  – Composed of seven elements
  – Plan Sponsors’ Compliance Programs must include measures to detect,
    prevent and correct fraud, waste and abuse
     > Must have written policies and procedures regarding fraud, waste
       and abuse.
     > Must have specific commitments in the Code of Conduct.
     > Must have processes in place for asking questions, requesting
       clarification and reporting issues.
     > Must have disciplinary guidelines for non-compliant or fraudulent

> CMS and other federal agencies can seek civil,
 criminal and monetary penalties from Plan
 Sponsors for compliance violations, including
 fraud, waste and abuse.
> You have the right and responsibility to report
 any suspected instances of non-compliance
 and/or FWA, without fear of retribution for
 reporting in good faith.

  How to Get Credit for This Training

      You’ve completed the compliance training.

 To get credit and fulfill the CMS requirement, complete one of the
 following important steps:
> Report back to your organization’s compliance officer. Compliance officers
  are required by CMS to keep a log of who completed the training.
> Complete the accompanying training attestation or access the form on-line
  by clicking on the following link: FWA Training Attestation.

> Definitions

> First-tier, Downstream Example

> Medicare Resources

> Fraud, Waste and Abuse Resources

Plan Sponsor:               An entity that has a contract with CMS to offer one or more of the
  following Medicare Products: Medicare Advantage (MA) Plans, Medicare Advantage Prescription
  Drug Plans, Prescription Drug Plans (PDP) and 1876 Cost Plans.

First Tier: A party that enters into a written arrangement, acceptable to CMS, with a Plan
  Sponsor to provide administrative services or health care services for a Medicare eligible
  individual under the MA or Part D programs. Examples include Pharmacy Benefits Manager
  (PBM), contracted hospitals, clinics and allied providers.

Downstream: A party that enters into a written arrangement, acceptable to CMS,
  with persons or entities involved in the MA or Part D benefit, below the level of the
  arrangement between a Plan Sponsor and a first tier entity. These written arrangements
  continue down to the level of the ultimate provider of both health and administrative services.
  Examples include pharmacies, marketing firms, quality assurance companies, claims processing
  firms and billing agencies.

Related Entity:                 An entity that is related to the Plan Sponsor by common ownership
  or control and performs some of the Plan Sponsor’s management functions under contract or
  delegation; furnishes services to Medicare enrollees under an oral or written agreement; or
  leases real property or sells materials to the Plan Sponsor at a cost of more than $2,500 during
  a contract period.
First Tier, Downstream Example
                           (Part D Plan

                            First Tier
                          Entity (PBM)
                                       CMS          CMS
         CMS                       Downstream   Downstream
     Downstream                       Entity       Entity
        Entity                       (Quality     (Claims
     (Pharmacy)                     Assurance    Processing
                                      Firm)        Firm)
      Pharmacist    Marketing
     Downstream     Consultant
        Entity     Downstream

Medicare Resources
> Medicare Managed Care Manual

> Medicare Prescription Drug Benefit Manual

> 42 CFR 422 (Medicare Advantage)

> 42 CFR 423 (Part D)

> CMS Audit Guides


Fraud, Waste and Abuse Resources
> Federal government websites are sources of information regarding
 detection, correction and prevention of fraud, waste and abuse:

> Department of Health and Human Services Office of Inspector

> Centers for Medicare & Medicaid Services (CMS):

> CMS Information about the Physician Self Referral Law:

Blue Cross and Blue Shield of Minnesota is an independent licensee of the Blue Cross and Blue Shield Association


To top