Congress has charged the US Department of Health and Human Services (DHHS) with oversight responsibility for a number of Federal health care programs. To that end, the department’s Office of Inspector General (OIG) has been authorized through a series of laws and amendments to conduct inspections and audits, as well as to impose monetary penalties and/or exclusion from all Federal programs (including Medicare and Medicaid) against individuals and entities who submit false, fraudulent, or otherwise improper claims for Medicare or Medicaid payment. The effect of the OIG authorities on an offending provider are dramatic and pervasive; indeed, they may prove to be career ending.

This article attempts to dispel a number of common misconceptions about the broad issue of Medicare/Medicaid reimbursement and abuse, as well as point out areas of potential provider liability that are often overlooked. Additionally, the design and implementation of a formal practice compliance program are discussed in terms of a program’s use as a tool for the achievement of continuous improvement in a variety of billing office-related processes.


The Office of Inspector General has been established in the US Department of Health and Human Services for the purpose of identifying and eliminating waste, fraud, and abuse in the department’s programs. In the Medicare-Medicaid Anti-Fraud and Abuse Amendments of 1977, Public Law 95-142 and in the Civil Monetary Penalties Law (CMPL) of 1981, Public Law 97-35, Congress authorized the OIG to exclude physicians and other practitioners found guilty of certain program-related offenses from participation in Medicare, Medicaid, and other federal health care programs for periods of up to 5 years for one offense, with permanent exclusion for three or more convictions.

These authorities have been codified in sections 1128 and 1128A of the Social Security Act. In addition, the CMPL authorizes the DHHS and the OIG to impose civil monetary penalties of $10,000 per offense, assessments, as well as program exclusions against individuals and entities that submit false, fraudulent, or otherwise improper claims for Medicare or Medicaid payment. Note that the term “improper claims” includes those claims submitted by an excluded individual or entity for services or items furnished during a period of program exclusion.

The Medicare and Medicaid Patient and Program Protection Act of 1987, Public Act 100-93, expanded the OIG’s administrative sanction authority by establishing certain mandatory and discretionary exclusions for various types of misconduct.

The Health Insurance Portability and Accountability Act (HIPAA) of 1991, Public Law 104-191 and the Balanced Budget Act (BBA) of 1997, Public Law 105-33, further expanded the sanction authorities of the OIG by extending the scope and application of civil monetary penalty and exclusion authorities beyond (only) those programs funded by the department to include all Federal health care programs. The BBA also authorized a new civil monetary penalty authority to be imposed against health care providers or entities that employ or enter into contracts with excluded individuals for the provision of services or items to Federal program beneficiaries.

It is the position of the OIG that the development and issuance of voluntary compliance program guidance serves as a positive step in assisting health care providers in preventing the submission of erroneous claims or engaging in unlawful conduct involving the Federal health care programs. The OIG has previously developed and published voluntary compliance program guidelines focused on several other areas of the health care industry, including hospitals, clinical laboratories, third-party medical billing companies, and others. As of October 5, 2000, individual and small group practices are included in this focus.

Federal billing compliance is probably best described as a health care provider’s adherence to applicable statutes, regulations, and program requirements.

Dispelling Misconceptions

At the outset, the existence of a number of misconceptions about federal billing compliance issues, including monetary penalties, program exclusions, and a provider’s liability in various scenarios, must be acknowledged. While the following may well be perceived as a good news-bad news scenario, every attempt has been made to dispel these misconceptions in an unbiased fashion.

Issue No. 1: Federal law does not require a compliance program at the present time, although compliance with all applicable statutes, regulations, and program requirements is clearly mandated. Such a program does demonstrate a practice’s intent and proactive, good faith effort at instituting a quality improvement program aimed at achieving continuing reduction in the incidence of erroneous and/or fraudulent claims in the case of a carrier audit.

Issue No. 2: Under the law, innocent billing errors, even negligence, will not result in program exclusion, civil monetary penalties, or jail. The Government’s chief enforcement tool, the civil False Claims Act, covers only those offenses committed with actual knowledge of the falsity of the claim, or the reckless disregard, or deliberate ignorance of the falsity of the claim (see 31 USC 3729). The Civil Monetary Penalties Law, referred to previously, is similar in scope and effect to the False Claims Act and has the exact same standard of proof (see 42 USC. 1320a-7a). For criminal penalties, intent to defraud must be proved beyond a reasonable doubt. In short, absent a violation of civil, administrative, or criminal law, when physicians discover that an innocent billing error or negligence has resulted in erroneous claims being filed, the physician practice should return any funds paid on these claims, but without penalties.

Issue No. 3: Outsourcing a practice’s billing to a third party does not relieve the provider of the responsibility to submit true and accurate claims when seeking reimbursement from federal health care programs for services rendered. The captain-of-the-ship doctrine applies here. It is, therefore, of paramount importance to employ a billing company that offers a staff that is not only well-grounded in all phases of the reimbursement cycle, but also one whose procedure and diagnosis coders are credibly certified; for example, by the American Health Information Management Association (AHIMA), or the American Association of Professional Coders (AAPC), or, in the alternative, to ensure that these skills are possessed by in-house billing staffers. To be sure, providers must be cognizant of the potential negative impact their choice of billing options may have on their practices if, as a result of the incompetence and/or fraudulent acts of your biller (whether in-house or outsourced), their own billing practices are subjected to OIG scrutiny and one or more of the possible sanctions described previously.

Issue No. 4: The OIG, unlike the Internal Revenue Service, has no shortage of operating funds. Recent successes in monetary recoveries and reductions in claim error rates ensure the continuing flow of funding necessary to carry out OIG’s assigned mission.

Issue No. 5: Exclusion from participation in federal health care programs is problematic in two ways. Not only is an excluded individual or entity prohibited from receiving direct payment for services rendered to a beneficiary under the Medicare, Medicaid, Tricare and Veterans programs, an excluded individual or entity may not receive indirect compensation for such services through a contract with, or employment by a non-excluded provider. Thus, due diligence is required if a non-excluded provider is to avoid BBA-authorized civil monetary penalties of $10,0000 for each item or service provided if the provider submits claims to a Federal health care program for services provided, directly or indirectly, by excluded individuals or entities. The practical effect of an OIG exclusion may be, therefore, to preclude employment of an excluded individual in any capacity by a health care provider that receives reimbursement from a Federal health care program in all but a few, limited circumstances.

A Voluntary Compliance Program

Several opportunities for collaborative compliance efforts exist, including participation in training and education programs offered by outside entities such as hospitals, local medical societies, insurance carriers, and using another practice entity’s policies and procedures as a template for the development of a practice’s own unique written compliance program. Physician practice management companies may also provide compliance program guidance. To prevent possible problems with Stark self-referral and anti-kickback laws, it is important to ensure payment at fair market value for compliance services performed for potential provider referral sources. Guidance may also be found on the OIG Web site at Additional source material may be accessed on HCFA’s website at, which includes Medicare and Medicaid regulations, program memoranda and manuals.

A physician practice compliance program can often be justified as a cost effective business decision, since development of such a program creates focus on risk areas that may have proven problematic for the practice. For example, reviewing claim denials may result in the process corrections necessary to generate accurate payment the first time a claim is submitted, thus improving cash flow. Similarly, scrutinizing claims that have resulted in repeated overpayments in order to identify and correct the most frequent causes of those overpayments will reduce the unnecessary duplication of effort required by the need to refund monies and reconcile patient accounts. These are but two examples of processes that are, in fact, integral compliance functions.

OIG program guidance contains seven core elements upon which a physician practice can create a solid, beneficial, voluntary compliance program.

1. Conducting internal monitoring and auditing through the performance of periodic audits

2. Implementing compliance and practice standards through the development of written standards and procedures

3. Designating a compliance officer or contact to monitor compliance efforts and enforce practice standards

4. Conducting appropriate training and education on practice standards and procedures

5. Responding appropriately to detected violations and developing corrective action

6. Developing open communication

7. Enforcing disciplinary standards through well-publicized guidelines.

Full implementation of all seven components may not be feasible for every practice due to financial and staffing resource constraints, a fact acknowledged by the OIG. Initial development of the compliance plan can, therefore, be focused on practice risk areas that have previously proven problematic for the practice, such as billing and coding. If your practice outsources its billing, require your biller to review its compliance plan with you. Confirm that appropriate compliance issues are dealt with in detail. Ideally, your choice of billers includes practice management and compliance consulting among its services. An individual well versed in compliance issues will prove an invaluable aide in your quest to initiate and complete a comprehensive compliance plan.

Continuous Quality Improvement

The OIG states that “an effective compliance program provides a mechanism that brings the public and private sectors together to reach mutual goals of reducing fraud and abuse, improving operational quality, improving the quality of health care and reducing the costs of health care.”? Attaining these goals provides positive results to business, government, and individual citizens alike. The implementation of an effective compliance plan allows a practice to fulfill its legal duty to ensure that it is not submitting false or inaccurate claims to the government and private payors. An effective compliance plan also constitutes much of what may be used as a blueprint for streamlining systems, creating optimal levels of efficiency, and making the practice organization customer-friendly and employee-friendly, as well as cost-effective. Processes do not work by themselves; people make quality happen. A dynamic compliance plan can be considered a means of empowering staff through development and training outlined in the plan, then holding people accountable and responsible for doing the things deemed to be the right things by the organization. The plan, thus, becomes a primer for continuous quality improvement in all processes related to reimbursement. Resulting benefits include:

? The formulation of effective internal controls to assure compliance with Federal regulations, private payor policies, and internal guidelines

? Improved medical record documentation

? Improved collaboration, communication, and cooperation among health care providers and those processing and using health information

? The ability to more quickly and accurately react to employees’ operational compliance concerns and the capability to effectively target resources to address those concerns

? A concrete demonstration to employees and the community at large of the practice’s strong commitment to honest and responsible business conduct

? The ability to make an accurate assessment of employee and contractor behavior relating to fraud and abuse

? Increased likelihood of identification and prevention of criminal and unethical conduct

? A methodology that encourages employees to report potential problems

? Procedures that allow the prompt, thorough investigation of possible misconduct by corporate officers, managers, employees, and independent contractors, who can impact billing decisions

? A centralized source for distributing information on health care statutes, regulations and other program directives related to fraud and abuse and related issues

? Early detection and reporting, minimizing the loss to the government from false claims and thereby reducing the practice’s exposure to civil damages and penalties, criminal sanctions, and administrative remedies, such as program exclusion.

A well-designed, written compliance plan can serve as a valuable management tool. It has been said that, in order to claim success in an endeavor, you must first be able to measure that success. Because it is difficult to know whether an organization is winning without using a scorecard, many are improving their methods of measuring and monitoring performance related to key service indicators. The practice compliance plan offers the means of taking a performance snapshot that enables the creation of benchmarks against which future performance may be compared.

Michael J. Vogelbach, MBA, is president of Physician Billing Services, Inc, Richmond, Va, [email protected].