HHS-OIG items of interest for providers.
From its Annual Work Plan to increased cybersecurity scrutiny, HHS-OIG is focused on fraud and non-compliance.
Recently, as part of its Work Plan, the U.S. Department of Health and Human Services – Office of the Inspector General (HHS-OIG) issued a Bulletin (OEI-02-18-00380) highlighting a disturbing trend that warrants increased scrutiny – inappropriate billing. This should raise a flag for hospitals and other providers alike because it is a priority for HHS-OIG, which could lead to a costly False Claims Act case.
The following Bulletin items are notable for two reasons: (1) compliance initiatives; and (2) legal risk mitigation. Here are some of the key take-aways:
These items should serve as reminders for hospitals and providers alike to ensure medical necessity is met when utilizing a particular code, utilizing a particular modifier is appropriate under the circumstances, and conduct both internal and external billing and coding audits to ensure accuracy of claims submissions.
As protected health information becomes more vulnerable and more valuable, HHS-OIG has established a Cybersecurity Team to “combat threats by fostering enhancements in IT controls, risk management and resiliency.” It is hard to believe that this is a coincidence because the U.S. Department of Justice recently remarked that electronic health records, telehealth, and cybersecurity are three areas of fraud enforcement. “For example, cybersecurity related fraud may be another area where we could see enhanced False Claims Act activity. … To the extent that the government pays for systems or services that purport to comply with required cybersecurity standards but fail to do so, it is not difficult to imagine a situation where False Claims Act liability may arise.”
Providers and healthcare industry participants alike should remain vigilant about cybersecurity and being truthful in attestations to the government. Failing to do so may lead to a government investigation and/or a False Claims Act lawsuit.
Rachel V. Rose, JD, MBA, advises clients on compliance and transactions in healthcare, cybersecurity, corporate and securities law, while representing plaintiffs in False Claims Act and Dodd-Frank whistleblower cases. She also teaches bioethics at Baylor College of Medicine in Houston. Rachel can be reached through her website, www.rvrose.com.