NEWS AND VIEWS FOR PTs
A complimentary newsletter from
MAILLY INGLETT & BARMAK, LLC
Educators and Consultants to Physical Therapists
APRIL, 2010 - Volume 1, Issue 4 |
|
|
|
|
|
| An Overview of the Federal and New Jersey Fraud and Abuse Laws |
Federal and New Jersey Fraud and Abuse laws all but require that healthcare providers develop and implement Corporate Compliance Programs. The term "Corporate Compliance Program", originally brought to the attention of the healthcare industry by the federal Office of the Inspector General, has become a term of art. It does, however, represent a federal and state recognized program that has as its main goal to eliminate the element of "intent" if and when a federal or state body investigates and accuses a health care provider of fraud and abuse. But what do we mean when we refer to "fraud and abuse"?
Fraud and abuse ("F&A") is commonly used to refer to any activity by a healthcare provider or supplier or its agents (e.g.; billing agents, consultants, marketing representatives, etc.), that is intended to or does in fact result in the improper provision of goods or services or the inappropriate provision of benefits (i.e. payment).
F&A includes, among other things: violations of various laws discussed below; claims for services not rendered; duplicate claims; claims in violation of specific Medicare or other third party reimbursement rules; claims for medically unnecessary services; claims for more complicated and expensive procedures than actually rendered (i.e. upcoding) and routine waiver of Medicare coinsurance and deductible services.
Fraud requires an intentional deception or misrepresentation made by a person with the knowledge that the deception could result in some unauthorized benefit to that person or another.
Abuse is anything less than fraud (i.e. the element of intent is absent) which results in the undeserved payment of benefits under Medicare or Medicaid. For example, repeated provision of medically unnecessary services. Conduct that starts out as abuse may become fraud if continued in the face of warnings or other notice that the conduct is improper.
F&A may be prosecuted either criminally or civilly. Criminal prosecutions involve the element of intent (knowingly and willfully).
F&A laws include but are not limited to:
- The Federal Anti-Kickback Statute makes it a crime to knowingly and willfully offer, pay or receive remuneration (i.e., anything of value) in exchange for or in order to induce the referral of patients or other business which is reimbursable under Medicare, Medicaid or other federal health benefits programs. Violations of the anti-kickback statue may be prosecuted either criminally or civilly. The Government must prove the element of intent.
- The Federal False Claims Act prohibits a person from knowingly submitting claims or making a false record or statement in order to secure payment by the Federal Government of a false or fraudulent claim. "Knowingly" is defined as actual knowledge; deliberate ignorance of the truth or falsity of the claim; or reckless disregard of the truth or falsity of the claim. There is a "Qui Tam" ("whistleblower") provision. Penalties include treble damages and $5,000 - $11,000 per false claim.
- The New Jersey Insurance Fraud Prevention Act is a civil statute which provides for civil penalties if any person or practitioner knowingly presents or causes to be presented a claim for payment which includes false or misleading information or conceals or knowingly fails to disclose any information which affects any person's (including a corporation) initial or continued right to any insurance benefit or payment. Penalties for violating the Act include $5,000 for the first violation, $10,000 for the second and $15,000 for each additional violation. Insurance companies may also bring suit under the Act and if a pattern of violations is established the insurance company may be entitled to treble damages. The Commissioner may also refer the matter to the Attorney General for criminal prosecution.
- The New Jersey False Claims Act parallels the Federal False Claims Act. This law covers "claims" submitted to the State of New Jersey (e.g., Medicaid). Civil penalties are the same as under the Federal False Claims Act (i.e., $5,500 - $11,000 per false claim) as well as treble damages.
- The New Jersey HealthCare Claims Fraud Act is part of the criminal code that includes a specific offense for "health care claims fraud" - a second degree offense if the false claims were "knowingly submitted". Penalties may include prison and a fine of up to 5 times the financial benefit obtained through the false claim.
|
| Negligent Hiring |
Healthcare providers, as employers, are subject to direct liability for the negligent hiring, retention, or supervision of their employees when third parties are injured by the tortious acts of unfit or incompetent employees. In order to succeed during a lawsuit, the injured party must show that the employer knew or in the exercise of ordinary care should have known that its employee's conduct would subject third parties to an unreasonable risk of harm.
When a patient has been injured as a result of the negligent or intentional conduct of a physical therapist or physical therapist assistant (collectively "caregiver"), one possible ground for a lawsuit against the healthcare provider is the provider's negligence in hiring or retaining an incompetent employee. Such a claim is based upon the independent negligence of the provider itself. In other words, the claim is that the provider was administratively negligent in hiring an incompetent caregiver.
There are a number of types of incompetence which may be alleged in these types of lawsuits. If physical or sexual abuse is involved, the employer may be liable if it knew or should have known of the caregiver's tendency or history toward such conduct. Injuries to patients may also result from the failure of an incompetent employee to provide proper instruction or from lack of proper and adequate supervision. A caregiver and consequently a provider may be determined to have been unfit where the caregiver was unable to properly maintain control of a patient's behavior which leads to the patient's injury. If, however, there is no evidence that the caregiver was incompetent or where there is no connection between the alleged incompetence and the injury to the patient then there should be no liability to the provider. Providers owe a duty of care to their patients; however, providers are not insurers of their patients' safety and are not obligated to provide patients with constant and complete supervision.
It is this author's opinion that healthcare providers must very carefully screen applicants, through pre-employment investigations, for caregiver employment to ensure that there are no skeletons in the closet (abuse, theft, etc.). A jury will be unforgiving if a criminal background check for a few dollars could've prevented an ultimate injury to the patient. The other critical factor is that if an applicant is hired and deemed at any time to be incompetent, it is crucial that the provider terminate that incompetent employee's employment immediately after remedial efforts prove unsuccessful. To continue to employ an incompetent caregiver after all reasonable efforts to rehabilitate have failed will be viewed by a jury as unconscionable and result in liability for the provider. On the other hand employers must exercise caution because they may be incurring legal liability if the pre-employment investigations utilized discriminate, fail to protect third parties from liability or invade privacy interests.
|
|
|
|
| HIPAA - Introduction to Data Security | |
Data security, as it relates to the HIPAA, involves the protection of individual health data through the implementation of policies/procedures and technologies that assure data integrity, confidentiality, and availability. Individual health data includes any information that can be used to link a person to their medical records. This information includes the patient's name, telephone number, social security number, medical record number, photographs, geographic region, and specific dates; such as birth, admission, discharge, or death. The HIPAA security standard organizes the data security requirements into four main groups: (1) Administrative Procedures, (2) Physical Safeguards, (3) Technical Security Services, and (4) Technical Security Mechanisms.
(1) Administrative Procedures defines where individual health data are located and specifies formal procedures to protect these data. Some of the processes included are the creation of a contingency plan to guarantee secure data backup and recovery, granting additional data access rights, incident handling, and employee termination procedures. This section also covers policies and procedures for the ongoing maintenance of a secure information technology configuration including computer virus scanning and the routine evaluation of emerging vulnerabilities.
(2) Physical Safeguards - Many organizations already have some Physical Safeguards in place in the form of card access to buildings and formal visitor sign-in procedures. This section expands upon these requirements by specifying additional measures to protect and recover data from physical disasters and intrusion. One example of a procedure mandated by this section is the handling of data backup tapes. With today's technology, your organization's entire patient database (not to mention other sensitive company information) can be stored on one magnetic tape that can easily fit into someone's shirt pocket. You may have the ultimate security plan in place but if backup tapes are kept in relatively insecure places (near the server, on your desk, in your car, even in your own home) a malicious visitor can walk away with your entire organization's data.
(3) Technical Security Services and (4) Mechanisms protect the access and transmission of sensitive data. Data access is controlled by the three 'A's: Authentication, Authorization, and Auditing. Authentication services control who is allowed access to the network by requiring a unique user identity and one or more access control features (such as a password and/or fingerprint). Authorization requirements define that different levels of data access can be assigned to different user identities. Auditing control specifies that systems are in place to record all access to sensitive data and other critical system activity (such as the unauthorized modification of data access rights). Finally, sensitive data that is transmitted outside of your corporate network must be encrypted so unintended recipients cannot read or alter the data.
New computer network vulnerabilities are discovered every day. These vulnerabilities can come from malicious hackers who exploit inherent flaws in existing software or changes to your infrastructure which obsolete existing security precautions. Maintaining data security is a journey, not a destination. Consistent and aggressive diligence is required to ensure the integrity, confidentiality, and availability of your data.
|
| For Your Information - Q & A | |
Question:
I am attending a course this weekend. This course has not applied for credits for CEU for NJ Board of PT. What information should I gather to have in my files to try to use to get credit for this course.
There is no published description from the NJ Board of PT examiners as to what information an attendee would have to gather in this specific situation, so this question would really need to be posed directly to the Board for an authoritative and official response. That being said, it appears from a review of the regulations that an attendee would have to provide the following to the Board upon their request:
- The participant's name and State Board of Physical Therapy Examiners' license number,
- The title and, if the title does not adequately describe the educational content, subject matter of the course, program or seminar;
- The name of the instructor;
- The course, program or seminar provider;
- The date and location of the course, program or seminar;
- The number of continuing education credits awarded; and
- The signature of a course, program or seminar official or other verification of successful completion by the course, program or seminar provider.
Source: N.J.A.C 13:39A-9.4Documentation of continuing education credit
Question:
I hope you can settle a discussion that we have been having in our practice regarding Medicare claims. Do we have to enter the last date that the patient was seen by their physician on the claim form?
Response:
This very question is specifically addressed by Highmark in their FAQs, and as you see below the simple answer is no. You should absolutely bookmark this site for future reference.
"Does the date of the return visit to the referring physician need to be entered on the claim form?"
Effective June 6, 2005, providers are no longer required to report the name of the referring physician, the date of the first physical therapy evaluation, or the date of the re-certification on the claim form. This information, however, must be documented in the patient's medical record and must be medically necessary.
Source: https://www.highmarkmedicareservices.com/faq/partb/pet/lpet-physical_therapy.html
Question:
Is there a statute of limitations on insurance companies requesting a refund for overpayments? We just received one from Horizon for a case that was closed over two years ago and I don't want to drag the chart from offsite storage if there is a statute of limitations that this request exceeds.
Response:
NJ has a 6 year statute of limitations on such monetary recoveries (N.J.S.A. 2A: 14-1), but there is some case law that might limit this time period to 18 months. As such, the exact circumstances of why they are seeking this recovery are critical.
|
|
Mailly Inglett & Barmak, LLC | |
|
Ken Mailly, PT, NJ Lic. # NJ40QAOO335900
Ken is a graduate of the State University of New York at Downstate Medical Center, and is completing his Master's in Public Administration at Seton Hall University, with a concentration in Health Care Policy and Management. He is also certified as an Ergonomic Specialist.
In addition to his graduate studies, with well over 2,500 hours of continuing physical therapy education, Ken has amassed an extremely diverse and extensive knowledge of the clinical practice of physical therapy, rehabilitation, and practice management. Ken's primary clinical focus is in orthopedics, chronic soft tissue disorders, and management of patients with bleeding disorders.
Along with this clinical knowledge base, Ken has devoted the last 10 years to the study of regulation, legislation, and reimbursement for physical therapy & rehabilitation services. He has served as an expert witness, on behalf of both plaintiffs and defendants, in numerous malpractice cases. He has also been consulted on state, federal, and third party payer inquiries regarding physical therapy and rehabilitation billing, regulatory, and legal issues.
Ken is a partner in Mailly & Inglett Consulting. His focus is on compliance with professional standards, state and federal regulations, as well as practice management strategies.
Barry G. Inglett, PT, CHT, Cert. MDT, NJ Lic # NJ40QA00146200
Barry is a graduate of Columbia University, a Certified Hand Therapist and a Credentialed McKenzie Therapist. He is a physical therapist and co-owner of Wayne Physical Therapy & Spine Center, a private practice established in 1977. Barry is also a partner in Mailly & Inglett Consulting, working with both physical therapists and Payers.
Barry is a guest lecturer for UMDNJ's Physical Therapy Program as well as a clinical instructor for several colleges including Columbia University, New York University, Temple University, Stockton State College, Kean College and the University of Medicine and Dentistry's Physical Therapy Program. He is also an instructor for HMW (Human Mechanical Wellness) Seminars, specializing in mechanically oriented treatment programs for the spine and extremities.
Barry has been retained by numerous insurance companies as well as the New Jersey Attorney General's Office offering expert witness testimony in physical therapy practice. He has been involved in utilization review and reimbursement issues in physical therapy for over 20 years. Barry also instituted, and was retained as the lead expert, in the largest PT fraud case in NJ history (Cobo v. MTF). He also served as a physical therapy consultant from 1997-2005 for Horizon Healthcare running the NJ Plus pre-certification program. Barry has served on the New Jersey Board of Physical Therapy for the past eight years and has also served as the Chairman of the Board of Physical Therapy.
David S. Barmak, Esq.
David S. Barmak, Esq. received a JD from Cornell University and a BA from Duke University. The Law Offices Of David S. Barmak, LLC was established in 1984. David is licensed to practice law and has clients in the states of New York, New Jersey, Pennsylvania and Connecticut.
David's legal focus is in the areas of corporate compliance, risk management, human resources and operational legal affairs.
David has a strong background in operations, having served as both the Associate Administrator and General Counsel for a large New York Certified Home Health Agency, initiating and directing a New York Licensed Home Care Services Agency as well as owning and operating a Durable Medical Equipment company. David also provides defense of enterprises, directors, officers and other professionals accused of misconduct.
For more information, please contact us:
|
|
| © Copyright, 2010. Mailly Inglett & Barmak, LLC. All rights reserved. No portion of these materials may be reproduced by any means without the advance permission of the author. | |
|
|
