Durable medical equipment (“DME”) companies have faced unique challenges over the past several months and years relating to billing, medical necessity, telemedicine, third party marketers, healthcare program fraud, false claims, etc. DME companies face numerous obligations under federal statutes and Medicare, the violation of which subjects them to substantial fines and penalties. Both the Centers for Medicare and Medicaid Services (“CMS”) and the Department of Health and Human Services’ Office of Inspector General (“OIG”) have been especially vigilant of instances of noncompliance with federal laws, regulations, and guidance. This fact has been exacerbated by the consequences of the novel coronavirus.
In order to reduce liability exposure, DME companies must establish a comprehensive compliance program and focus not only on its implementation but also on its monitoring and improvement.
The Increased Need for DME Compliance
“DME” stands for “durable medical equipment,” which is any equipment that helps patients with their daily living and quality of life such as wheelchairs, portable oxygen, hospital beds, or walkers, as some examples. It is no longer efficient for DME suppliers to send sales representatives to doctors’ offices and hospitals to promote their products, and it is too expensive to market products directly to patients. Over recent decades, DME suppliers have found it useful and profitable for their businesses to use lead generation techniques, whereby the DME supplier hires a lead generation company to provide it with a list of patients who require or may require one or more of the DME supplier’s medical equipment.
While these techniques are not illegal, they may be regarded as improper payments and therefore implicate federal healthcare statutes such as the Eliminating Kickbacks in Recovery Act (“EKRA”); the Anti-Kickback Statute (“AKS”); the False Claims Act (“FCA”); or the Health Insurance Portability and Accountability Act (“HIPAA”). Further, in order to bill Medicare, DME companies need to demonstrate that they satisfied the standards articulated by the CMS. Failure to follow these laws and standards could lead to billing violations and, consequently, substantial fines and penalties.
Other areas of significant concern include improper documentation of billing procedures; inability to justify medical necessity, and issues with the transition to telemedicine. Telemedicine has been incredibly beneficial to patients, but, at the same time, has triggered increased federal scrutiny—especially in the midst of the novel coronavirus. The above underscores the need to set up and implement a compliance program that accounts for both these deficiencies and the increase in federal investigations against DME companies.
The OIG’s Seven Elements of an Effective DME Compliance Program
As the OIG is one of the leading authorities investigating and prosecuting DME companies for various healthcare violations, it decided to publish a list of seven elements for an effective compliance program for DME companies. These elements are integral to a successful compliance program and help DME companies comply with applicable legal and regulatory requirements. These seven elements are described briefly below:
1. “Implementing written policies, procedures and standards of conduct:”
Compliance programs should require written policies, procedures, and conduct developed by the compliance officer and/or compliance committee and be accessible to all individuals who are impacted by the policy—including the DME company’s suppliers and contractors. These factors should address high-risk areas such as fraud in the submissions process or having a financial relationship with physicians.
2. “Designating a compliance officer and compliance committee:”
These entities would be responsible for operating the compliance program and reporting to the CEO. The compliance officer should be a high-ranking official with direct access to the DME supplier’s owner, senior management, counsel, and president or CEO. The compliance committee, if developed, should advise the compliance officer on how to implement the program.
3. “Conducting effective training and education:”
Regular and consistent education and training sessions should be provided for all employees—including officers and managers. The OIG recommends general training for all personnel and also specialized sessions for separate areas such as submission of claims for reimbursement or sales and marketing.
4. “Developing effective lines of communication:”
The communication should be open and transparent and include a special emphasis on the use of hotlines or other reporting systems that receive anonymous complaints. Specifically, written confidentiality and non-retaliation policies should be promoted to all personnel in an effort to encourage the reporting of fraud.
5. “Enforcing standards through well-publicized disciplinary guidelines:”
These disciplinary guidelines should address employees who have violated internal rules and policies or federal/state healthcare program obligations. They should also address the employment of sanctioned individuals. This includes detailed measures on how to respond to personnel who have failed to comply with DME supplier’s standards of conduct. With respect to new employees who have the authority to make compliance decisions, DME suppliers should undergo a background investigation and reference check.
6. “Conducting internal monitoring and auditing:”
It is critical for companies to monitor DME compliance, identify weaknesses, and work to reduce such weaknesses in the future. This entails sound monitoring and auditing procedures as well as regular reporting to the DME supplier’s corporate officers. With respect to audits, the OIG recommends that both internal and external audits be conducted on a periodic basis.
7. “Responding promptly to detected offenses and developing corrective action:”
Where instances of noncompliance are detected or suspected, the compliance officer or other relevant party should immediately investigate the conduct to determine if a material violation has occurred – whether that violation is of state law, federal law, or of the DME company’s internal compliance program. Once the weakness is identified, it can be corrected such as by referring the matter to the appropriate criminal and/or civil authorities, carrying out the DME company’s corrective action plan, reporting the matter to the government, returning overpayments, etc.
Additional Elements to be Incorporated into DME Compliance Programs
In addition to the seven elements recommended and encouraged by the OIG, there are supplemental elements that may be incorporated into DME compliance programs for best practices:
Ensure detailed and comprehensive medical records with no alterations;
Develop robust internal controls and risk assessment procedures;
Identify areas within the DME company that are deemed high-risk such as billing, reimbursement, and relationships with third party marketers;
Perform internal audits and self-assessments above and beyond the periodic audits recommended by the OIG;
Maintain accurate and comprehensive coding procedures;
Adopt medical best practices such as refunding overpayments identified and following all instructions of healthcare benefit programs;
Have validation checks of internal controls and annual reviews of the OIG’s updated work plans; and
Regularly update and review the corrective action plan.
The CMS and OIG have increased their investigative efforts against DME companies, especially with respect to the more high-risk areas such as reimbursement, billing, and medical necessity. Even insignificant mistakes or ignorance of federal obligations can cause significant problems for DME companies and lead to substantial fines and penalties as well as prosecutions. In order to limit your risk exposure and avoid a protracted federal investigation, DME companies should establish and implement an effective compliance program that identifies, monitors, and responds to both internal and external healthcare violations. – Dr. Nick Oberheiden, Founding Attorney of Oberheiden P.C.
Benefits of DME Compliance
DME compliance offers numerous benefits through the successful implementation of a compliance program. In addition to demonstrating to federal authorities that the DME company had the full intention of following the law, a compliance program promotes an open and transparent corporate culture. This includes a strong commitment to honesty and anti-retaliation measures for the reporting of internal fraud, abuse, or other misconduct.
As for the compliance program in practice, the DME company has an increased likelihood of catching criminal or fraudulent conduct before extensive injury is done. This enables the DME company to promptly initiate corrective measures and minimize any loss to the government that results from false claims. As a result, this reduces the company’s liability exposure. In other words, the ability to identify, monitor, and react to noncompliance issues is greatly enhanced. Compliance programs also set up a consistent means of communication between DME suppliers at different locations and within different business units.
DME companies face a host of challenges to their daily business operations from maintaining proper relationships with third party marketers to substantiating medical necessity for their products. Compliance is the best safeguard against inadvertent mistakes and even instances of fraud and abuse within the company. DME companies can achieve DME compliance by implementing an effective compliance program that monitors its marketing activities, billing practices, documentation, etc. This ensures that the companies’ activities do not constitute illegal referrals or kickbacks. It also demonstrates an intent to maintain full compliance with the law. If your DME company is experiencing difficulty achieving compliance or is worried about an impending federal investigation/prosecution, retaining an experienced DME compliance attorney right away is your best defense.
Oberheiden P.C. © 2021 National Law Review, Volume XI, Number 182