OIG Corporate Integrity Agreements and Physician Compliance Programs
In settling allegations of violating the False Claims Act (FCA), healthcare providers often enter into a Corporate Integrity Agreement with the OIG in exchange for the OIG’s agreement not to exclude the provider from participation in Medicare or other federal health care programs. Corporate Integrity Agreements (CIAs) generally require a provider to establish or supplement an existing compliance program, with detailed requirements described in the CIA.
Many providers, including physician practices, have considered CIAs to set the standard as to what the OIG would consider to be included in a comprehensive and effective compliance program. Generally, a CIA will impose certain requirements on a provider related to the FCA settlement such as billing or Stark Law issues.
A recent FCA settlement by a Georgia dermatology physician practice required the practice to establish a compliance program that meets several requirements, which included an internal auditing and monitoring process.
This FCA settlement was by two physicians and their medical practice, Toccoa Clinic Medical Associates, in April 2016. The settlement with the U.S. Attorneys Office in the Northern District of Georgia resolved allegations that the practice had improperly billed for evaluation and management services (i.e., office visits) on the same day as a procedure and had upcoded evaluation and management services to higher levels than were appropriate. Apparently to address these improper billing issues, the CIA required the practice to develop and implement a centralized annual risk assessment and internal review process to identity and address risks associated with the submission of claims for items and services furnished to Medicare and Medicaid program beneficiaries.
As part of the risk assessment and internal review process, the practice is required to:
- identify and prioritize risks;
- develop internal audit work plans related to the identified risk areas;
- implement the internal audit work plans;
- develop corrective action plans in response to the results of any internal audits performed; and
- track the implementation of correction plans in order to assess their effectiveness.
The practice is also required to develop and implement written policies and procedures regarding the identification, quantification and repayment of overpayments received from any federal health care program. The CIA also requires the practice to repay any overpayments to the appropriate payor within sixty days after identification of the overpayment and to take remedial steps within 90 days after identification and to take corrective action steps to prevent the underlying problem and overpayment from reoccurring. Generally, physician practices should have an internal practice of notification and repayment of any overpayment amount that routinely is reconciled or adjusted pursuant to the policies and procedures established by each particular payor.
The CIA also requires the dermatology practice to engage an accounting, auditing, or consulting firm (referred to as an Independent Review Organization or IRO) to review their coding, billing and submission of claims to the Medicare and state Medicaid programs, and any related paid claims. The CIA contains detailed requirements related to an annual claims review by the IRO during the five-year period of the CIA.
The annual claims review by the IRO engaged by the dermatology practice includes a review of a discovery sample of 75 randomly selected paid claims. If the error rate of the discovery sample is five percent or greater, then the IRO shall review a larger or full sample of paid claim. The IRO will use the findings of the full sample of claims to estimate an actual overpayment amount owed by the practice to the appropriate Federal health care program payor.
In addition, if there is an error rate of 5% or greater in the initial discovery sample, then the IRO is also required to review the practice’s billing and coding systems related to claims submitted to Federal health care programs. This review includes the operation of the practice’s billing system, the process by which claims are coded, safeguards to ensure proper coding, claims submission and billing; and procedures to identify and correct inaccurate coding and billing. The IRO is required to provide an annual report of the claims review, and any review of the practice’s billing and coding process.
The CIA also provides that any paid claim for which the practice cannot produce documentation sufficient to support the claim (e.g., no documentation) shall be considered an error and the total reimbursement received by the practice shall be considered an overpayment.
The practice is also required under the compliance program to provide the OIG with an annual report regarding its compliance activities with certain information detailed in its CIA. Specifically, this annual report is required to include a summary of all internal audits and any corrective action plans developed in response to those internal audits.
Physician practices should consider the risk assessment and internal review process in this and other CIAs between the OIG and physician practices as guides for their own compliance programs and compliance efforts.