No discussion of health care management should ignore the current legal environment in which all physician practices operate. Indeed, given the potential sanctions, to do so would be tantamount to managerial negligence.
What are those potential sanctions? There are many, all very dangerous. For example, a violation of the Federal Anti-Kickback Statute has both civil and criminal implications. What is a “kickback”? The answer to this simple question, unfortunately, is anything but simple. Indeed, because it depends on the specific facts and circumstances under investigation, it is often far more complicated than it would appear. One thing is certain, however, the concept of kickback under the Anti-Kickback Statute is far broader than most doctors – and most lawyers – realize.
On the civil side of the statute, a violation of the Anti-Kickback Statute can be the basis of a civil enforcement action under the Federal False Claims Act. And while only civil in nature, the monetary exposure is theoretically ruinous, e.g., actual damages plus a potential multiplier of three, plus the assessment of a civil money penalty for each false claim of between $5,500 to $10,000, and the assessment of legal fees and litigation costs under certain circumstances.
On the criminal side, a violation of the Anti-Kickback Statute is a felony which, upon conviction, will almost certainly result in prison time.
A corollary, but distinctly different, sanction can also arise from a violation of the federal Physician Self-Referral Act, often referred to as the Stark Act after its congressional sponsor, Congressman Pete Stark of California. Like the Anti-Kickback Statute, violations of the Stark Act can be draconian to say the least. There is at least one significant difference, however. While the Anti-Kickback Statute is an intent based statute (i.e., to prevail, the government must prove an element of intent to violate the statutory prohibitions), the Stark Act is a strict liability statute. This means that the government is not required to prove an intent to violate the statute; if the prohibitive language of the statute applies to the relevant facts, and no exception applies, then the statute is violated and the statute’s potential sanctions will apply. Finally, a violator of either the Anti-Kickback Statute or the Stark Act, in addition to damages and penalties, can also be excluded from participating in federal healthcare programs.
And, in addition to federal sanctions, the State of Florida has enacted state analogs to these federal statutory schemes. The state statutes, like their federal counterparts, have both civil and criminal penalties, including possible prison sentences.
With the above in mind, it would also be foolish to ignore the cost – both monetary and non-monetary – of defending a claim brought under any of the statutes. That expense, much less the cost of any settlement itself, can cause a practice to self-destruct.
The solution, of course, is how to avoid these problems in the first place. The answer – while not foolproof – is to make regulatory compliance an integral part of your group’s practice. And, fortunately, this can be accomplished without an inordinate investment of either time or money. It does, however, require a commitment, both initially and ongoing.
The initial step is to appoint a compliance officer. This is critical for a number of reasons, all of them obvious. First, someone has to drive the group’s compliance initiative and, concomitantly, inculcate the concept of compliance into the group’s day to day culture. And, if someone does not embrace this effort, it simply will not get done. In short, selecting the right person to be the compliance officer, and giving him or her the requisite authority, is critical if any meaningful compliance is to take place.
Once appointed, the compliance officer should embark on a self-education process that will enable him/her to conduct a compliance audit, create and establish appropriate compliance standards and procedures, implement meaningful training and ongoing education, and create appropriate monitoring techniques to detect compliance problems.
To do this, the compliance officer, together with the group’s governing body, must be prepared to not only detect compliance issues, but it must also be willing to respond appropriately. Compliance means open lines of communication between all stakeholders. It means taking corrective action both quickly and consistently. It means informing all concerned what the group expects and what may happen if those expectations are not met. In short, disciplinary standards must be established, be fully publicized, and then adhered to consistently. All of these attributes must be set forth in writing and reinforced on a regular basis.
The above factors are not original with the author – they are straight out of the Compliance Program for Individual and Small Group Physician Practices promulgated by the HHS Office of the Inspector General (“OIG”) almost fifteen years ago. This Compliance Program provides the necessary template for any physician oriented compliance initiative and, as the OIG stated therein, “emphasizes a step by step approach to follow in developing and implementing a voluntary compliance program.”
None of the above concepts are esoteric in the slightest, nor are they difficult. In fact, they are no more than simple common sense. But common sense or not, if there is no will to achieve them, they simply will not happen!
This article has been structured to convince the reader that creating and maintaining voluntary compliance programs is not only a wise move legally but is also a good management move as well. Indeed, the OIG has been advocating for voluntary compliance since the late 1980s. After reading this article, hopefully the management value of an effective compliance program is self-evident.
But if not that management decision is no longer voluntary and has not been voluntary since the Patient Protection and Affordable Care Act was enacted by Congress in 2010. Among the many aspects of that law was a provision that requires any health care organization that participates in either Medicare or Medicaid to adopt and implement a compliance program that includes the seven basic components that are identified in the guidance referred to above. Thus, if you have not already adopted and fully implemented such a compliance program, it should be added to the top of your management objectives list immediately. The legal protection it will provide is, by itself, worth the effort. And the management benefits derived will more than pay for the cost of those efforts.