It starts off so simple – a few physicians want to hang a shingle, treat patients, and make a decent living. But then a few more doctors join, one practice merges with another, and before you know it there’s a new physician group in town with power to negotiate with payers. Along with such growth comes an entirely new set of issues, some of which have legal and financial risks to a practice.
The first thing I encourage small to mid sized practices to do is to form a compliance plan. With the passage of the Patient Protection and Affordable Care Act and its amendment in 2010, Congress for the first time mandated that medical practices adopt a compliance plan, rather than allowing it to be discretionary. Not doing so exposes a practice to potential False Claims Act liability for failure to prevent or identify improper federal health care plan claims and payments.
Practices might have an overall compliance plan or even a set of HIPAA policies buried in a binder, but they aren’t actually used. Having a robust compliance plan is a life-saver for a practice, because it enables the practice to spot issues before they become major problems, and allows employees to understand the important of compliance-related reporting.
Even practices with strong coding teams and compliance programs catch incidents of inadvertent upcoding or unbundling, and they can voluntarily pay back the overages to the applicable federal program. However, it is important to note that claims of fraudulent billing also can be reported by whistleblowers. The False Claims Act permits individuals who have knowledge of fraudulent activity committed against the government to bring a lawsuit, called a qui tam claim, against the company or individual allegedly committing the fraud. Then, if the claim is proven, the informant is entitled to receive a percentage of recovered funds, which can be a huge sum of money. Thus, physicians must be diligent in their billing and coding practice to ensure fraud does not occur.
Another area of weakness I see in provider practices over my years working with physicians is in the world of contracting. There are the obvious payer contracts, which have to be negotiated and re-negotiated to consistently ensure market rates, but there are a variety of other contract issues that pop up that providers aren’t well equip to deal with.
First is the issue of physician (or midlevel) contracts. Make sure there are provisions covering non-competes, what to do with tail insurance if a provider leaves, and clear termination clauses of the relationship turns sour. There should always be a way for the practice to terminate a provider without cause with a certain notice period. Similarly, vendor contracts can be tricky, locking a practice into years of services without relief. It’s a good idea to make sure venue is set locally, and there’s a clear exit strategy should the vendor not provide good service. And if the vendor at all touches protected health information, it might need a Business Associates Agreement (BAA) either woven into or attached to a vendor contract. Recruiting contracts are also tricky. If you are using a physician recruiter, I recommend half of the recruitment fee to be paid upon the physician starting employment and the other half due thirty days after employment. I’ve seen a lot of fights between provider groups and recruitment firms over the issue of whether a certain fee is due and when. Clearly spell these issues out in the agreement with a termination clause that’s easy to understand.
Policies are also important; they don’t have to be empty boilerplate. Your Employee Handbook can contain valuable protections for your practice, spelling out non-retaliation issues, explaining your position on overtime, encouraging reporting of compliance concerns – let it work for you! Also, if a HIPAA violation occurs, the first thing CMS will do is to ask for a copy of your HIPAA policies and procedures. Do you have them? Do you have a way to track whether breaches are occurring, and are you performing risk assessments on potential breaches? Are you outlining clear and concise discipline for breaching the standards? Are you training your employees in a real and meaningful way, or just having them click through an online training they don’t pay attention to? Also, I recommend practices take a look at their company bylaws or operating agreements to make sure they are being followed and whether they are current.
Most physicians in Texas work hard to deliver high-quality medical care to their patients. They would never think of defrauding the federal government with inappropriate or illegal billing practices, or to enter into improper relationships that might result in criminal or civil penalties. Fundamentally, physicians just want to help care for people and make sure they have a long, healthy future.
That being said, the world of health care is extremely complicated. Codes, rules, and billing practices change over time. Many physicians are able to keep up, but others cannot. Even worse, a small minority exploit the health care system for illegal personal gain by submitting inaccurate or untruthful claim information, or form relationships with health care providers or vendors that are contrary to law. So it’s wise for physician groups to perform a legal audit, either internally or with the help of someone on the outside, to make sure they are strong in these various areas that can really come back to hurt them in the end.