Jeffrey Jeter (jjeter@joneswalker.com) is Special Counsel in the Healthcare Practice at Jones Walker LLP in Baton Rouge, LA.
The grizzled, old sensei leaned forward, his battle scars telling the tale of many hard-fought wars over the years. In a measured, hushed tone, he revealed the ancient battle secret passed down by the great masters from generation to generation: “Find victory through…leverage.”
The discipline of judo dates back to the 19th century, and is based on the principles of “seiryoku zen’yo” (maximum efficiency with minimal effort) and “ju yoku go o seisu” (softness controls hardness).[1] Judo’s founder, Kanō Jigorō, famously described it as:
Resisting a more powerful opponent will result in your defeat, whilst adjusting to and evading your opponent’s attack will cause him to lose his balance. His power will be reduced and you can defeat him. This can apply whatever the relative values of power, thus making it possible for weaker opponents to beat significantly stronger ones.[2]
These same principles can be applied to how organizations audit and monitor their compliance. Often described as the 400-pound gorilla, the federal government can be a fearsome adversary. They have limitless resources and a voracious appetite to pursue those they believe are ripping off the system. As one of the “good guys,” we applaud their efforts to root out the wrongdoers, but deep in the back of our minds, we all fear the same thing — being swept up in the crusade. Whether we are targeted with a bogus charge or we must contend with an innocent mistake being distorted into something far more sinister, we must be always ready to demonstrate our integrity and receive credit for the good work that we do. A key part of this demonstration involves our own auditing and monitoring activities.
We all conduct audits and internal reviews. Well, let’s qualify that — we all should be conducting audits and internal reviews. These are foundational to an effective compliance program. At its most basic level, the government expects that prudent and responsible providers will constantly be monitoring their practices to ensure that they are meeting all billing standards. Meanwhile, we extol the value of internal audits as a strong deterrent against wrongdoing. However, how can high-integrity organizations use their auditing to achieve the highest level of compliance enlightenment?
The answer (again): Compliance judo.
Our ultimate objective is to fend off any attack by the government on the integrity of our organizations. Audits and reviews can be your golden glove or your Achilles’ heel, and the difference ultimately turns on what you audit and how you audit. This is why the concept of compliance judo is so important. You must learn how to think the way the government thinks so you can respond to their skepticism and criticisms. You must anticipate the government’s strategy, their trajectory, and how they fight the fight. This will allow you to dodge and direct; to pivot and parry; and to use their weight, size, and strength to your favor.
Basic tenets
So pay attention, Grasshopper, as we consider the basic tenets of compliance (auditing) judo.
Pick the right fight
Fighting just for the sake of fighting is counter- productive, because it provides a false sense of security and wears you down. Instead, you should fight purposefully to either improve your fighting skills, to defend yourself, or to gain some advantage. The same holds true for your auditing and monitoring. Merely looking at charts in an ad hoc or unfocused manner is wholly unavailing. You can claim to have conducted a review, but it was a waste of time and achieves little. Moreover, the government will give you no credit for doing this sort of busywork. Instead, the better use of time and resources is to target specific risk areas that will both reduce your risks and, at the same time, improve your stock with regulators. Two levels of audit scope should be mastered.
The first level of audit scope involves reviewing the basic billing requirements for your organization. These are the basic judo throws, blocks, and kicks that must be mastered just to credibly call yourself a fraud fighter. Think of it as the compliance equivalent of wax-on/wax-off in the movie Karate Kid. These reviews are certainly nothing glamorous, but they are essential to keep the government from roundhouse-kicking your organization in the face. So we should always be reviewing basic issues such as: (a) confirming there is sufficient documentation to support the work for which your organization has billed; (b) confirming the medical necessity of the services that were provided; (c) confirming the eligibility of the patients for whom the services were provided; and (d) confirming that the claims meet the various elements required for their reimbursement.
However, in any large organization, such as a hospital, with many departments billing many different codes, the challenge becomes how to select which of the zillion services to audit. Here, understanding the government’s mind-set becomes critical. Just as the government mines provider data, use what you know about yourself to identify your weaknesses. Your reviews should prioritize the billing codes that are most profitable and/or those that are most often billed; that makes sense. So when a regulator asks why you reviewed cardiac stent procedures, for example, you are able to cite the profitability and/or frequency of your target areas. In this way, the context underlying your decision-making enhances your credibility. You have leveraged the government’s own mind-set and turned it in your favor.
The second level of audit scope involves using the government’s own plan of attack, which is maintained in the Office of Inspector General’s (OIG) Work Plan. Prior to 2017, the OIG annually published a compendium of the subject-matter audits and inspections that they were pursuing. These did not include investigations of specific providers, but rather, billing issues and concerns that the government generally had with respect to federal healthcare programs. The document, which would also be updated midyear, identified those special focus areas broken down by provider group — such as hospitals, physician services, home health, hospice, DME, etc. In 2017, the OIG began updating the Work Plan on a monthly basis, providing even more insight for providers and suppliers. Therefore, consider the OIG’s Work Plan to be their way of calling you out. Through this Work Plan, they are announcing when and where the fight will occur and their fight strategy.
For example, in its update of June 2018, the OIG announced a “Review of Home Health Claims for Services with 5-10 Skilled Visits.”[3] The government is focusing on this particular issue, because the structure of the reimbursement system entices unscrupulous providers to game the system. In order to receive its full, episodic payment from Medicare, a home health provider must provide at least five skilled visits, failing which, the provider’s payment is reduced to a much lower, per-visit payment. So the OIG is suspicious of home health episodes that just exceed the five-visit threshold, fearing that the incremental visits that allowed the provider to eclipse the threshold could be medically unnecessary or otherwise fraudulent.
With this knowledge, the skilled practitioner of compliance judo might move swiftly to proactively audit and review its organization for this same issue. It is noteworthy that each project lists an anticipated completion date, which, in the case above, is 2019. This identifies a window within which one can proactively respond. To effectively block a punch, you cannot throw your hand up to where the attacker’s fist is when he cocks his arm; rather, you must move your hand to where the fist will be as it approaches. By knowing the timeframe of the government’s review, the provider can use that time to set up its defense — by identifying and resolving high-value problems, reducing known compliance risks, and shoring up practices before a subpoena or civil investigative demand is ever sent.
In addition, when an investigation of other providers becomes newsworthy, the practitioner of compliance judo can mitigate any negative publicity and reassure stakeholders that their organization has been aware of this risk for a long time, has already implemented internal reviews to confirm that similar problems do not persist in their organization, and all steps have been taken to ensure that the organization is operating responsibly and in conformity with the law.
There are other areas of intelligence that the compliance judo practitioner can plumb to leverage the government’s power to the benefit of the high-integrity organization. The government periodically releases Special Fraud Alerts and other bulletins outlining areas of concern. Similarly, when the government announces a major arrest or prosecution, as they are apt to do as part of their national HEAT program, it telegraphs the types of issues and concerns that are top of mind for the regulators. All of these various pronouncements from the OIG are instructive and should be used to help guide internal audit decisions by organizations’ Compliance departments.
Likewise, because your foes often come in different shapes and sizes, effective compliance judo is not limited to just billing compliance issues either. The headlines are increasingly dominated by stories of enforcement actions for federal Anti-Kickback Statute (AKS) and Stark Law violations. The same compliance judo techniques can be used to appropriately review and monitor your organization’s exposure in these areas as well. You must continually focus on the basics like the Karate Kid painting the proverbial fence — reviewing space rental arrangements with physicians, reviewing medical director arrangements and physician employment agreements, and monitoring gifts and expense reports. Additionally, tracking the government’s advisory opinions, special fraud alerts, and enforcement actions against other providers will provide critical intelligence about the proactive steps that need to be taken within your own organization.
