Breaking down the basics of healthcare screening and best practices for OIG compliance

By Lorinda Walters

Lorinda Walters (lwalters@appriss.com) is Director, Healthcare Screening Solutions, at Appriss Insights in Louisville, KY.

No industry has remained immune to the challenges of this year’s labor shortage, but the demand for workers in the healthcare sector is more complicated than most. Healthcare organizations and employers are responsible for the safety of millions of patients, so at the same time as they deal with a dire need for new employees, they must ensure that the individuals they employ are properly licensed, have a clean history with their licensing board, and are not excluded from any state or federal programs.

According to data from the occupational employment statistics from the Bureau of Labor Statistics, in 2019 there were more than 20 million people working in healthcare and social assistance.[1] By 2029, the Bureau of Labor Statistics projects more than 23 million people to be working in healthcare, making it one of the largest and fastest-growing industry sectors in the United States.

The magnitude and complexity of the industry makes screening for issues challenging, and the process for screening providers in various healthcare-related, publicly accessible databases is not a smooth or easy one. The inter-relationships among government agencies that maintain their own exclusions lists can be opaque even to veterans of the industry.

The key to finding and retaining healthcare providers and maintaining quality standards is to understand the differences between three main industry compliance requirements—sanction, exclusion, and termination—as well as the best practices for screening out questionable providers.

Sanctions, exclusions, and termination

Enforced by the Office of Inspector General (OIG) at the U.S. Department of Health & Human Services[2] or a state Medicaid program, a healthcare sanction is handed out when an individual or entity is found to be in violation of an administrative rule, civil law, or criminal offense. An exclusion is one of several possible results of an OIG sanction in a federal or state-funded healthcare program. The purpose of the OIG is to prevent and detect fraud, waste, and abuse.

Individuals or entities that are convicted of committing Medicare or Medicaid fraud, along with various other offenses related to the delivery of items or services under Medicare, Medicaid, State Children’s Health Insurance Program, or other state healthcare programs are excluded from participation in all federal healthcare programs by the OIG.

But even if an excluded individual can no longer participate in federally funded healthcare programs such as Medicare and Medicaid, they can still provide care for private practice organizations—and can continue to put patients at risk. Although organizations that do not receive federally funded healthcare dollars will not be held liable by the OIG when providers practice privately, they should still perform due diligence to ensure they are doing everything possible to protect patients. By using the exclusion database provided by the OIG, checking state Medicaid lists, and performing checks for any disciplinary actions against a potential provider, healthcare organizations can protect patients and themselves from potential negative exposure.

There are two different kinds of exclusions enforced by the OIG.[3] Mandatory exclusions can occur if the entity or individual is convicted of patient abuse or neglect, or if they are convicted of a felony related to healthcare fraud. Permissive exclusions are imposed for incidents such as defaulting on student loans or a misdemeanor conviction related to healthcare fraud.

However, the most common kind of exclusion is a state-sanctioned revocation or suspension of a healthcare professional’s license. State Medicaid can also exclude for cause, not only for license actions. When this occurs in a single state, any excluded provider in one state should also be excluded in all states.[4] It is important to note that reinstatement does not occur automatically at the end of a term of exclusion, however, but that an excluded party must apply for reinstatement.[5] No national database exists to keep track of license revocations, so in some cases providers and practitioners who have had their licenses revoked in one state will “state hop” elsewhere and continue to practice.

Not all practitioners who have had their licenses suspended or revoked will be excluded by the OIG, since the OIG makes its own determination. Even if a provider is not excluded by the OIG but is excluded by state Medicaid, the healthcare organization is still at risk since providers who are excluded in one state are excluded in all states. This can lead to Department of Health & Human Services fines and penalties against the healthcare employer.

Figuring out why someone’s license was revoked or suspended isn’t always so simple, as the notes or minutes from the state licensing board responsible for the action don’t necessarily specify a reason, especially since the relinquishment could also have been voluntary. It is often necessary to dig deeper to ascertain the full picture, and even then, it may not be possible to gather all of the relevant details.

A closer look at all the relevant information requires access to a much more robust dataset than only the OIG and Systems for Award Management (SAM) exclusion lists.

Healthcare organizations can leverage a service provider to check not only these exclusions lists, but also state board actions, state abuse registries, the Centers for Medicare & Medicaid Services preclusion list (which is only available to certain organizations), and the Social Security Administration’s Death Master File. These additional datasets help provide healthcare organizations with the full picture.

The third category within the healthcare screening industry is termination, which is not, despite common misconceptions, the same thing as exclusion. According to a Centers for Medicare & Medicaid Services bulletin,[6] “termination” occurs when the state terminates the participation of a Medicaid or Children’s Health Insurance Program provider from the program or when the Medicare program has revoked a Medicare provider’s or supplier’s billing privileges and they are ineligible to appeal the decision. This means a provider could be terminated by the state and continue working at a private healthcare organization, as long as they don’t provide services that are billable to Medicare.

Being excluded from a federal healthcare program, such as Medicare, Medicaid, Children’s Health Insurance Program, and TRICARE, is one example of a penalty imposed on providers by the OIG. Providers that are excluded by the OIG have a much harder time maintaining their practices, as there is the additional obstacle of being unable to see patients using any federal healthcare programs.

There are serious consequences unique to healthcare employers that fail to properly vet their employees: civil monetary penalties, corporate integrity agreements, and the exposure to medical malpractice lawsuits and litigation. On the financial side, healthcare organizations can not only be fined more than $10,000 in civil monetary penalties, but also treble (tripled) damages for each service rendered by an excluded individual or entity.[7] In addition, medical malpractice liability costs the healthcare industry $55.6 billion dollars annually.[8] Not only can high-quality healthcare screening improve the quality of a healthcare organization’s workforce, it can be used to demonstrate due diligence in the event of a lawsuit.

Healthcare organizations should also maintain a corporate compliance program, since the federal government has provided clear guidelines to that effect. This kind of program is a group of protocols laid out by an organization to ensure adherence to industry standards and a high quality of care. Similar to most industries, the healthcare industry comes with myriad regulations, standards, and laws on both the state and federal level that must be closely followed. Noncompliance can carry fines and penalties.

In 1991, the United States Sentencing Commission put into effect organizational sentencing guidelines, which, according to the deputy general counsel of the U.S. Sentencing Commission, were designed to engender both “just punishment” (a punishment that fits the crime) and “deterrence” (incentives for organizations to identify and root out crime in their workforces).[9] While organizations can be held liable for criminal activity, the commission mitigated potential fines by as much as 95% if an organization can prove it was operating an effective compliance program—as long as offenses are reported promptly and high-level company personnel are not the offenders.

According to the OIG,[10] the seven steps include: the implementation of written policies and procedures, the designation of a compliance officer and committee, effective employee training and education, effective communication to all employees, internal monitoring and auditing, the consistent enforcement of compliance standards, and reasonable steps to prevent similar offenses in the future.

This document is only available to members. Please log in or become a member.
Become a Member Login
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook X LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings