Compliance Training 2020-2021
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Compliance Training2020-2021
Doctors HealthCare Plans, Inc.
• Doctors HealthCare Plans, Inc. is a Medicare Advantage Prescription Drug Plan. We contract with Medicare to provide all Part A and Part B benefits as well as Part D prescription drug coverage.
• Doctors HealthCare Plans, Inc. is an Health Maintenance Organization. Enrollees must chose a Primary Care Physician (PCP) who will provide and coordinate care.
Doctors HealthCare Plans, Inc.
There are four parts of Medicare: Part A, Part B, Part C, and Part D.
• Part A provides inpatient/hospital coverage.
• Part B provides outpatient/medical coverage.
• Part C offers an alternate way to receive your Medicare benefits (i.e., Medicare Advantage Prescription Drug Plan).
• Part D provides prescription drug coverage.
See https://www.medicare.gov/what-medicare-covers for more information.
MISSION STATEMENTTo develop and establish a healthcare organization that is responsive and
attentive to the needs of all beneficiaries by offering high quality, cost effective healthcare services.
VISION STATEMENTTo develop the premier managed healthcare organization for
beneficiaries and providers while recognizing and rewarding our employees.
Effective Compliance ProgramDoctors HealthCare Plans, Inc. (DHCP) works to have an effective compliance program which complies with:
• 42 Code of Federal Regulations (CFR) Section 422.503 - https://www.ecfr.gov/cgi-bin/text-idx?SID=c66a16ad53319afd0580db00f12c5572&mc=true&node=pt42.3.422&rgn=div5#se42.3.422_1503
• 42 CFR Section 423.504 – https://www.ecfr.gov/cgi-bin/retrieveECFR?gp=&SID=c66a16ad53319afd0580db00f12c5572&mc=true&r=PART&n=pt42.3.423#se42.3.423_1504
• Section 50 of the Compliance Program Guidelines (Chapter 9 of the Medicare Prescription Drug Benefit Manual and Chapter 21 of the Medicare Managed Care Manual) - https://www.cms.gov/Regulations-and-Guidance/Guidance/Manuals/Downloads/mc86c21.pdf
• CMS Compliance Program Policy and Guidance - www.cms.gov/Medicare/Compliance-and-Audits/Part-C-and-Part-D-Compliance-and-Audits/ComplianceProgramPolicyandGuidance
An effective compliance programs fosters a culture of compliance within the organization and:
• Prevents, detects, and corrects non-compliance
• Is fully implemented and is tailored to an organization’s unique operations and circumstances
• Has adequate resources
• Promotes the organization’s Code of Conduct
• Establishes clear lines of communication for reporting non-compliance
The Compliance Program is designed around the 7 Elements that align with the Centers for Medicare & Medicaid Services (CMS) compliance requirements noted in Chapter 21 of the Medicare Managed Care Manual and Chapter 9 of the
Prescription Drug Benefit Manual. Here’s an overview:
ELEMENT I - Written Policies, Procedures and Standards of Conduct
• Includes comprehensive system-wide written policy and procedures and standards of conduct articulating organizations commitment to comply with applicable federal and state standards
• Code of Conduct, Training , Compliance Program and all Policies are always available on P Drive (P:\DHCP P&P)
ELEMENT II - Compliance Officer, Compliance Committee and High Level Oversight
• The organization has designated a Compliance Officer (CO) and established a Compliance Committee that are accountable to senior management
• The Compliance Officer has full access to all documents relevant to compliance activities
• High Level Oversight – Compliance Committee/engagement by CEO and senior management in compliance program oversight
ELEMENT III - Effective Training and Education
• Effective compliance training for all which includes topics such as Ethics, Marketing, Sales Practices, Medicare, HIPAA (KnowBe4 Trainings), Fraud, Waste and Abuse,
ELEMENT IV - Effective Lines of Communication
• Includes effective lines of communication between the CO and the organization’s employees, contractors, directors, and the members of the Compliance Committee
• Compliance email , hotline and fax to report compliance issues • Anonymous reporting available• Clear policy of no retaliation
ELEMENT V - Well Publicized Disciplinary Standards • Disciplinary policies explained in compliance training• Compliance is everyone’s responsibility
ELEMENT VI - Effective System for Routine Monitoring, Auditing and Identification of Compliance Risks
• Includes internal monitoring (Metrics) and auditing procedures. The Compliance Program is a process of constant evaluation.
ELEMENT VII - Procedures and System for Prompt Response toCompliance Issues
• Includes procedures for ensuring prompt responses to detected offenses and development of corrective action initiatives, including responses to potential offenses and reporting misconduct to regulatory bodies.
The Compliance Program
What is Non-Compliance and its ConsequencesNon-compliance is conduct that does not conform to the law, Federal health care program requirements, or an organization’s ethical and business policies. CMS identified the following Medicare Parts C and D high risk areas:
• Agent/broker misrepresentation
• Appeals and grievance review (for example, coverage and organization determinations)
• Beneficiary notices
• Conflict of Interest
• Claims processing
• Credentialing and provider networks
• Documentation and Timeliness requirements
• Ethics
• FDR oversight and monitoring
• Health Insurance Portability and Accountability Act (HIPAA)
• Marketing and enrollment
• Pharmacy, formulary, and benefit administration
• Quality of Care
Consequences of Non-Compliance
Failure to follow Medicare Program requirements and CMS guidance can lead to serious consequences, including:
• Contract termination
• Criminal penalties
• Exclusion from participating in all Federal health care programs
• Civil monetary penalties
• Imprisonment (violating fraud, waste, and abuse (FWA) laws)
• Additionally, those who engage in noncompliant behavior may be subject to any of the following:
• Mandatory training or re-training
• Disciplinary action
• Termination
Element I- Written Policies, Procedures and Standards of
Conduct
Element I- Written Policies, Procedures and Standards of Conduct
• DHCP is committed to comply with all Federal and State Standards. The Organization maintains Operational and Compliance Policies and Procedures to demonstrate compliance with requirements and conduct business in a sound and ethical manner.
• DHCP has comprehensive system-wide written policy and procedures available to all associates via corporate (public) P Drive. This includes the Compliance Program and the Code of Conduct. Policy reviews are conducted as needed as requirements change but at a minimum annually.
• DHCP is committed to the highest standards of business conduct in our relationships with members, providers, shareholders, vendors, suppliers and each other. The Code of Conduct is the foundation of our Compliance Program. It helps to articulate our standards as we approach our work with both integrity and professionalism.
• The success of DHCP depends on its reputation and its employees for integrity and principled business conduct. Our conduct should reflect the Company’s values, demonstrate ethical leadership, and promote a work environment that upholds the Company’s reputation for integrity, ethical conduct and trust.
Compliance is everyone’s responsibility.
Raise your questions and concerns.
We all have a duty to speak up and report concerns.
Who to contact:
• Your supervisor or others on the management team
• Compliance at:• Email: [email protected]• Help Line: (833) 500-3427• Fax: (786) 578-0294• Mailing: Doctors HealthCare Plans
Attn: Compliance Department2020 Ponce de Leon PH 1Coral Gables, FL 33143
• Fraud, Waste & Abuse at:• Email: [email protected]• Help Line: (833) 342-7911• Fax: (786) 628-2600• Mailing: Doctors HealthCare Plans
Attn: Special Investigations Unit2020 Ponce de Leon PH 1Coral Gables, FL 33143
• Suspected violations will be investigated and disciplinary action will be taken when violations occur.
• No retaliation will be taken against anyone for exercising his/her rights for filing a report.
• Information will be kept confidential and can be made anonymously. However, DHCP wants you to understand that you can raise concerns and make reports without fear of reprisal or retaliation. Retaliation is not tolerated.
Element II- Designation of Compliance Officer and Compliance Committee
Rafael Perez
President & Chief Executive Officer
Martin Perez
CFO
OPEN
Director, Finance
Arisay Martinez
Director, Claims
Lazaro Miranda
Senior Director, IT
Maitee Delgado
Provider Data Maintenance
Human Resources
Alex Rojas
MRA Department
Frank Maritote
Director, Finance Operations
Francisco Hernandez
Chief Medical Officer
R. Valencia
Quality Management
Risk Management
Dixis Gonzalez
Director, Case Management
Alexandra Rodriguez
Director, Credentialing
Charles Olson
Director, HEDIS
Maria E. Duran
VP Network Development
OPEN
VP Provider Relations
Noelle Pagliery
Manager, Provider Relations
Susan Griffin
VP Administration
Gloria Hernandez
Director, Enrollment
Jenny Curbelo
Director, Member Services, G&A
Mercedes Maldonado-Howle
Director, Special Needs Plans
Nelson Gaviria
Provider Inquiry & Research Unit
Arlen Delgado
Sr. Director
Sales & Marketing
Ariel Rodriguez
Manager, Sales and Marketing
Doris Meneses
Sales Operations Manager
Mayra Campuzano CHC
VP Compliance Officer
Kristina Fernandez
Compliance Specialist/Delegation
Oversight
Andres Prieto
Medical Director
Cristina Segrera
Director, Medical Management
Roberto Pichardo
Director, Pharmacy
Elba Reyes
Executive Assistant
Executive Organizational Chart Element II
Board Of Directors
Compliance Committee Quality
Element II- Designation of Compliance Officer and Compliance Committee
• The Compliance Plan is overseen by the Compliance Committee which consists of senior management and is chaired by the Compliance Officer (CO).
• The CO serves as the liaison to the Board of Directors.
P&Ps
Element III- Effective Training and Education
Element III- Effective Training and Education• Training is required for all DHCP employees including the CEO / President,
senior managers, Board of Directors, and First Tier, Downstream, including temporary workers, volunteers and those entities’ contracted via a Business Associates Agreement.
• New Hire Compliance Training must be completed within the first 30 days of hire and annually thereafter.
• This training identifies:• How a Compliance Program operates• The major laws and regulations pertaining to Compliance and Fraud, Waste and
Abuse (FWA).• The consequences and penalties associated with violations• Methods for preventing non-compliance or FWA• How to report violations, non-Compliance or FWA• How to correct Non-Compliance
Element III - Effective Training and Education• Fraud: is knowingly and willfully executing, or attempting to execute, a scheme or artifice to defraud
any health care benefit program or to obtain, by means of false or fraudulent pretenses, representations, or promises, any of the money or property owned by, or under the custody or control of, any health care benefit program 18 U.S.C. § 1347.o Knowingly billing for services not furnished or supplies not provided, including billing for
appointments a patient failed to keep
• Waste: is the overutilization of services, or other practices that, directly or indirectly, result in unnecessary costs to the Medicare program. Waste is generally not considered to be caused by criminally negligent actions but rather the misuse of resources.o Conducting excessive office visits or writing excessive prescriptions
• Abuse: includes actions that may, directly or indirectly, result in: unnecessary costs to the Medicare Program, improper payment, payment for services that fail to meet professionally recognized standards of care, or services that are medically unnecessary. Abuse involves payment for items or services when there is no legal entitlement to that payment and the provider has not knowingly and/or intentionally misrepresented facts to obtain payment.o Unknowingly billing for unnecessary medical services
Section 20, Chapter 21 of the Medicare Managed Care Manual and Chapter 9 of the Prescription Drug Benefit Manual on the Centers for Medicare & Medicaid Services (CMS) website.
Element III - Effective Training and EducationCombating fraud, waste and abuse is essential and it is everyone’s role to make sure guidelines are implemented, followed and adhered to at all times.
Laws - FWA • Civil False Claims Act - https://www.govinfo.gov/content/pkg/USCODE-2016-title31/pdf/USCODE-2016-title31-subtitleIII-chap37-subchapIII.pdf.
Example: If MRA Unit fails to report unsupported diagnosis codes to Medicare • Health Care Fraud Statute - https://www.gpo.gov/fdsys/pkg/USCODE-2016-title18/pdf/USCODE-2016-title18-partI-chap63-sec1346.pdf. States-
“Whoever knowingly and willfully executes, or attempts to execute, a scheme or artifice to defraud any health care benefit program … shall be fined under this title or imprisoned not more than 10 years, or both.” Example: Physician submits claims to a Medicare Advantage Plan for office visits and services that were not provided .
• Criminal Health Care Fraud – https://www.gpo.gov/fdsys/pkg/USCODE-2016-title18/pdf/USCODE-2016-title18-partI-chap63-sec1347.pdf. Persons who knowingly make a false claim may be subject to criminal fines up to $250,000, Imprisonment for up to 20 years
• Anti- Kick Back Statute - https://www.gpo.gov/fdsys/pkg/USCODE-2016-title42/pdf/USCODE-2016-title42-chap7-subchapXI-partA-sec1320a-7b.pdf. The Anti-Kickback Statute prohibits knowingly and willfully soliciting, receiving, offering, or paying remuneration (including any kickback, bribe, or rebate) for referrals for services that are paid, in whole or in part, under a Federal health care program (including the Medicare Program).
• Stark Statute (Physician Self-Referral Law) -https://www.govinfo.gov/content/pkg/USCODE-2016-title42/pdf/USCODE-2016-title42-chap7-subchapXVIII-partE-sec1395nn.pdf. The Stark Statute prohibits a physician from making referrals for certain designated health services to an entity when the physician (or a member of his or her family) has an ownership/investment interest or a compensation arrangement
• Civil Monetary Penalties Laws - https://www.gpo.gov/fdsys/pkg/USCODE-2016-title42/pdf/USCODE-2016-title42-chap7-subchapXI-partA-sec1320a-7a.pdf. The Office of Inspector General (OIG) may impose civil penalties for several reasons, including: arranging for services or items from an excluded individual or entity, providing services or items while excluded, failing to grant OIG timely access to records , knowing of and failing to report and return an overpayment, making false claims , paying to influence referrals.
• Exclusion from all Federal health care programs - https://exclusions.oig.hhs.gov/, https://www.sam.gov/, https://www.cms.gov/Medicare/Provider-Enrollment-and-Certification/MedicareProviderSupEnroll/PreclusionList.html - No Federal health care program payment may be made for any item or service furnished, ordered, or prescribed by an individual or entity excluded. Specially Designated Nationals and Blocked Persons List (SDN) is also checked https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx
• Health Insurance Portability and Accountability Act (HIPAA) - https://www.hhs.gov/hipaa - HIPAA safeguards deter unauthorized access to protected health care information. As an individual with access to protected health care information, you must comply with HIPAA.
Government agencies, including the Department of Justice, the Department of Health & Human Services Office of Inspector General (OIG), and the Centers for Medicare & Medicaid Services (CMS), are charged with enforcing these laws.
Element III- Effective Training and EducationMember personal and protected health information is protected by the Health Insurance Portability and
Accountability Act (HIPAA), The Health Information Technology for Economic and Clinical Health Act (HITECH)
and State Confidentiality Laws. Additional trainings related to HIPAA must be completed timely via KnowBe4
training portal.
• Protected Information (PI) - Data elements that could identify or reasonably identify an
individual.
• Personally identifiable information (PII) is information that, when used alone or with other
relevant data, can identify an individual. For example; Name, Social Security Number,
Photograph, Email address.
• Protected Health Information (PHI)- information about health status, provision of health care,
or payment for health care that is created or collected and can be linked to a specific individual.
This includes; medical records and other information that identifies a member, including
demographic, medical, and financial information in any form.
• Protected Financial Information (PFI)- Includes PI and financial information such as credit card
number, bank account number, and premium billing.
Definitions can be found on P Drive (P:\DHCP P&P\Compliance)
Element III - Effective Training and EducationPrivacy Rule
The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. The Rule requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The Rule also gives patients rights over their health information, including rights to examine and obtain a copy of their health records, and to request corrections. https://www.hhs.gov/hipaa/for-professionals/privacy/index.html
Security Rule
The Security Rule and the Privacy Rule are closely interconnected. While the Privacy Rule established standards for who may have access to PHI, and for what purposes, the Security Rule created the standards for ensuring that only those who should have access to ePHI will in fact have access. The purpose of the of the HIPAA Security Rule is to specify the safeguards that need to be implemented to protect PHI from misuse. Security Rule applies to ePHI. Make sure you follow processes to protect against any reasonably anticipated threats or hazards to the security of ePHI, and any reasonably anticipated uses or disclosures of such information. https://www.hhs.gov/hipaa/for-professionals/faq/security-rule/index.html
HITECH
The Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 included a series of modifications to the HIPAA privacy and security standards. Many of the changes were enacted to address the concerns of privacy advocates and other stakeholders. The HITECH Act created a notification requirement for breaches of unsecured (i.e., unencrypted) PHI, increased the civil monetary penalties for violating HIPAA, and expanded and strengthened enforcement activities by the Office for Civil Rights. It also made business associates of covered entities (i.e., companies and consultants with whom covered entities share PHI to help them operate) directly liable and subject to civil and criminal penalties for HIPAA violations. https://www.hhs.gov/hipaa/for-professionals/special-topics/hitech-act-enforcement-interim-final-rule/index.html
Element III- Effective Training and Education
• We must safeguard protected information and ensure it is available to those who need it. Information includes that created, maintained or received in any form –electronic, written or oral form.
• All information must be kept secured.
• Access information when it is necessary to perform your job duties.
• Only the minimum amount of information necessary to accomplish the intended purpose must be used and disclosed.
• Report suspected and actual violations or incidents to Compliance
• Comply with all applicable privacy and security laws
Element III - Effective Training and Education• A Notice of Privacy Practices is provided to members upon enrollment and
again if any changes are made. It is also located on the website (www.doctorshcp.com). This notice indicates how we are required by law to safeguard member information and our legal duty to protect the privacy of member information. The notice describes how member medical information is used and disclosed and their rights including how to file a complaint. (www.doctorshcp.com Webpage: Located in footer and under Members submenu Privacy Practices contains information and forms for members to exercise rights)
• Certain information is considered hypersensitive and protected under the state and federal laws to prevent access to care issues and/or discrimination. These include: Mental and/or behavioral health, substance abuse (drug and/or alcohol, HIV/AIDS, Sexually Transmitted Disease (STD), Abortion, Genetic Information.
Element III - Effective Training and EducationWRITTEN• Follow a clean desk policy by securing information in locked offices, desks or file cabinets when not in use.• Lock cabinets after hours and when not in use.• If you make a photocopy or printout, keep track of it.• Use shredding bins or shredder to dispose of paper documents containing protected information• Remove abandoned documents that you find in common areas and give them to your supervisor or Compliance
VERBAL• When communicating orally simple commonsense measures are sufficient, such as:
• Speaking quietly when discussing a member’s protected health information over the phone and be mindful of those around you. Avoid the use of names or other identifying information in conversations whenever possible.
• Try to go to “quiet areas” when exchanging sensitive information. Avoid public areas such as hallways, elevators and break rooms.
ELECTRONIC• Always use secure emails when sending Protected Information externally. Communication by unencrypted email
presents a risk that personally identifiable information contained in such email, may be intercepted by unauthorized third parties. Use {ENC} in subject line to encrypt and double-check email attachments and recipients when PHI/PI is sent externally
• Do not click on unfamiliar links or open attachments from someone you do not know• Save protected information only on network drives• Do not share computer systems, User ID and Passwords and lock your workstation when you leave your desk
(Ctrl+Alt+Del or the Microsoft icon key + “L” key). Make sure you sign off when you leave at the end of the day.
Element III - Effective Training and Education
• Faxing (SOTEL) of sensitive information should:• Be sent only to known locations, where the physical security and
monitoring practices of the receiving fax machine are known.• Not be sent to unattended fax machines, or where the physical security
of the receiving system is unknown.
OCR Concludes 2018 with All-Time Record Year for HIPAA Enforcement -OCR has concluded an all-time record year in HIPAA enforcement activity. In 2018, OCR settled 10 cases totaling $28.7 million. This total surpassed the previous record of $23.5 million from 2016 by 22 percent. https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/2018enforcement/index.html
Element III - Effective Training and Education
• To provide for the safety and security of employees and the company, all employees will be issued an access badge to enter the DHCP building and parking area. Only authorized visitors are allowed in the workplace.
• Restricting unauthorized visitors helps maintain safety standards, protects against theft, ensures security of equipment, protects confidential information, safeguards employee welfare, and avoids potential distractions and disturbances.
• All visitors should enter the Company at the reception area. Authorized visitors will receive directions or be escorted to their destination. Employees are responsible for the conduct and safety of their visitors.
• If an unauthorized individual is observed on the Company’s premises, employees should immediately notify their supervisor or, if necessary, direct the individual to the reception area.
• Report security violations or suspicious incidents immediately. Secure your belongings when you leave your desk for any reason or duration.
• Report lost or stolen items.
• Report damage or malfunction of security equipment (file cabinet doesn’t lock, door doesn’t lock) to your supervisor.
Element III - Effective Training and Education
• Employees, are entrusted with valuable information, and we all share a responsibility for keeping this information confidential. This confidential information is and remains the sole property of DHCP. To protect member health information, the organization requires staff, officers and directors to sign a Confidentiality Agreement upon hire and annual thereafter.
• The protection of confidential business information and trade secrets is vital to the interests and the success of DHCP. Such confidential information includes, but is not limited to, the following examples: o Membership lists o Provider agreements o Financial information o Marketing strategies o Pending projects and proposals o CMS Bidso Any other information that would place DHCP in a harmful situation
Element III - Effective Training and Education
Exclusion Statute – DHCP reviews for exclusions from state and federal programs (i.e., the CMS Preclusion List, and Office of Inspector General (OIG) Exclusion Lists) to ensure individuals are not excluded fromparticipation in federal programs. This is done prior to hiring or contracting and monthly thereafter.
Element III - Effective Training and Education
• DHCP will market and advertise accurately, fairly, truthfully and ethically and in compliance with laws and regulations.
• DHCP employees, providers, vendors, suppliers must follow laws, rules and regulations and policies and procedures when marketing or communicating (i.e., Chapter 3 -Medicare Communications and Marketing Guidelines https://www.cms.gov/Medicare/Health-Plans/ManagedCareMarketing/Downloads/CY2019-Medicare-Communications-and-Marketing-Guidelines_Updated-090518.pdf
and AHCA agreement).
• Marketing materials must be developed by Marketing team.
Element III - Effective Training and Education
• All marketing pieces (bill boards, print advertisements, tv commercials, social media, radio ads etc.,) and member communications (letters, brochures, post cards) must have clear and accurate messaging, contain material id # and the proper disclaimers.
• DO NOT write letters to member or create your own marketing flyers without proper management and compliance approval.
• DO NOT engage in conversation with the media. Direct the call to the Compliance so it can be addressed accordingly.
• DO NOT post DHCP information of any type in social media or speak on behalf of the company.
Element III - Effective Training and Education
• DHCP is required to enroll all eligible Medicare beneficiaries. DHCP does not discriminate based on race, ethnicity, national origin, religion, gender, sex, age, mental or physical disability, health status, receipt of health care, claims experience, medical history, genetic information, evidence of insurability, or geographic location.
• Eligible enrollees, must be entitled to Part A, be enrolled in Part B and live in Miami Dade County. If the beneficiary is enrolling in Special Needs Plan (SNP) they must have the chronic condition or certain Medicaid eligibility required to enroll. DHCP will collect the proper evidence to ensure eligibility prior to enrollment. • Monthly and annual verifications are conducted in accordance with requirements
and company policies.
Element III - Effective Training and Education
• Sales- Sales Agents are licensed, appointed, trained and certified via AHIP. All agents and brokers that sell for DHCP are trained and tested annually on Medicare rules and regulations, and details specific to the DHCP products they are selling.
• Sales Agents must accurately present products and services and refrain from engaging in inappropriate or prohibited marketing activities which include but are not limited to: conducting health screenings, providing cash or monetary rebates and making unsolicited contact.
Element III - Effective Training and Education
Sales events are designed to steer or attempt to steer potential enrollees, or the retention of current enrollees. The following requirements apply to sales events:
• Only DHCP CMS approved Sales Presentation will be used
• Sign in sheets will clearly be labeled as optional.
• Health screenings or other activities that may be perceived as, or used for, “cherry picking” are prohibited.
• Sales Agents may not require attendees to provide contact information as a prerequisite for attending an event.
• Contact information for potential enrollees provided for raffles or drawings for purposes other than may only be used for that purpose.
• No meals. Refreshments and light snacks may be provided. Items provided could not be reasonably considered a meal and/or that multiple items are not being “bundled” and provided as if a meal.
• Soliciting enrollment applications prior to the start of the AEP is prohibited.
Element III - Effective Training and Education
Giving Gifts to Medicare Beneficiaries: • The plan may offer nominal gifts ($15 or less) to potential enrollees, provided the gift is given
regardless of whether they enroll, and without discrimination.
• Nominal gifts may not be in the form of cash or other monetary rebates even if their worth is $15 or less.
• DHCP will not provide or subsidize meals at sales/marketing events.
• Refreshments and light snacks may be provided. Items provided could not be reasonably considered a meal and/or that multiple items are not being “bundled” and provided as if a meal.
• DHCP may offer meals at CMS-defined educational events and other events that would fall under the definition of communications
• Educational events must not include marketing or sales activities or distribution of marketing materials or enrollment forms.
Compliance is everyone’s responsibility.
Raise your questions and concerns.
We all have a duty to speak up and report concerns.
Who to contact:
• Your supervisor or others on the management team
• Compliance at:• Email: [email protected]• Help Line: (833) 500-3427• Fax: (786) 578-0294• Mailing: Doctors HealthCare Plans
Attn: Compliance Department2020 Ponce de Leon PH 1Coral Gables, FL 33143
• Fraud, Waste & Abuse at:• Email: [email protected]• Help Line: (833) 342-7911• Fax: (786) 628-2600• Mailing: Doctors HealthCare Plans
Attn: Special Investigations Unit2020 Ponce de Leon PH 1Coral Gables, FL 33143
• Suspected violations will be investigated and disciplinary action will be taken when violations occur.
• No retaliation will be taken against anyone for exercising his/her rights for filing a report.
• Information will be kept confidential and can be made anonymously. However, DHCP wants you to understand that you can raise concerns and make reports without fear of reprisal or retaliation. Retaliation is not tolerated.
Element III - Effective Training and Education
How you can help:
• Know policies and procedures, The Code of Conduct, laws, regulations, and CMS’ guidance
• Conduct yourself in an ethical manner
• Ensure accurate and timely data
• Ensure coordination with other payers
• Verify all received information
• Report suspicious activity, non-compliance and potential FWA
Element IV- Effective Lines of Communication
Element IV- Effective Lines of Communication
• Open lines of communication are encouraged. Resources include: • Reporting issues to supervisor, others on the management team, • Reporting issues to Compliance email ([email protected]), Fax: (786) 578-0294,
Compliance Help Line (833-500-3427). The Help Line is confidential, toll-free resource available 24 hours a day, 7 days a week to report violations or raise questions or concerns related to compliance. Calls may be made anonymously.
• Reporting issues to FWA email [email protected], Fax: (786) 628-2600, FWA Help Line (833-342-7911). This line is confidential and available 24 hours a day, 7 days a week.
• The above is disseminated via Compliance Training and the Code of Conduct. DHCP also includes information on Website and Provider Manual.
• All suspected violations will be investigated and disciplinary action will be taken when violations occur.
• Utilizing the resources listed is confidential and allows for anonymous, good faith reporting of potential compliance issues. DHCP supports and enforces a strict policy of non-intimidation and non-retaliation for the good faith reporting of suspected compliance concerns and good faith participation in the compliance program. This includes but is not limited to reporting potential issues, investigating issues, conducting self-evaluations, audits, and remedial actions, and reporting to appropriate officials
ELEMENT V Well Publicized Disciplinary Standards
ELEMENT V- Well Publicized Disciplinary Standards
Discipline o Adherence to Compliance Program is a condition of employment and doing business with DHCP
o Suspected violations will be investigated promptly by the compliance team and necessary actions will be taken. Compliance will:
o Issue need for corrective action to correct the underlying problem that results in non compliance/violations and to prevent future noncompliance.
o Compliance investigations are thorough and all steps are documented
o Disciplinary actions will be taken when violations occur up to and including termination
o Disciplinary action may call for any of four steps -- verbal warning, written warning, suspension with or without pay, or termination of employment -- depending on the severity of the problem and the number of occurrences. There may be circumstances when one or more steps are added or bypassed.
ELEMENT VI - Effective System for Routine Monitoring & Auditing
and Identification of Compliance Risks
Element VI - Effective System for Routine Monitoring & Auditing and Identification of Compliance Risks
Compliance Program is a process of constant evaluation
• The Compliance team will implement an effective system for routine monitoring, auditing and the identification of compliance risks. This includes: • Risk based assessments, • Internal auditing and monitoring via monthly metrics and participation in work groups and as
appropriate external monitoring and auditing to evaluate overall effectiveness of the compliance program. o Monthly metrics with key operational area (Claims, Enrollment, Pharmacy, Member Services, Appeals
&Grievance, Pharmacy) to monitor key regulatory requirements. o This will be published to leadership and the Board of Directors.
Monitoring: Regular reviews performed as part of normal operations, to confirm ongoing compliance i.e. Metrics
Auditing: Formal reviews of compliance, with particular set of standards as base measures
Element VII- Procedures and System for Prompt Response to
Compliance Issues
Element VII- Procedures and System for Prompt Response to Compliance Issues
• Allegations on non-compliance including allegations of fraud and misconduct are investigated.
• Investigations of FWA are concluded within a reasonable amount of time. DHCP must conduct appropriate corrective actions (e.g., repayment of overpayments and disciplinary actions against responsible individuals) in response to a potential violation of payment or delivery of items or services.
• DHCP expects all employees to ensure polices are adhered to and to raise concerns via the Compliance Hotline and/or the other communication resources referenced in presentation and the Code of Conduct when a compliance issue is suspected.
• DHCP may self-report identified instances of misconduct, including privacy, security and serious issues of noncompliance and potential FWA and refer to the appropriate regulatory agency such as NBI MEDIC, FBI, HHS, AHCA and/or CMS.
WORK ENVIRONMENTAlways show integrity and professionalism in the workplace
WORK ENVIRONMENT
• DHCP is committed to a discrimination and harassment FREE workplace.
• Intimidating and disruptive behaviors will not be tolerated. Such behavior can contribute to hostile work environments, errors, poor member satisfaction, and adverse outcomes, and cause good employees to seek new positions elsewhere.
• DHCP is committed to providing a work environment that is free from all forms of discrimination and conduct that can be considered harassing, coercive, or disruptive, including sexual harassment.
Conflict of Interest
Avoid any personal, financial or other interests that might hinder your capability or willingness to perform job duties.
Conflict of Interest Occurs:
• When your private interests interferes in any way, or even appear to interfere, with the interests of the Company as a whole or when your loyalties or actions are divided between the Company’s interest and those of another, including, but not limited to, acompetitor, supplier or member.
Some common examples that illustrate actual or apparent conflicts of interest that should be avoided include:
• Outside Employment or Activities with a Competitor
• Outside Employment with a Supplier or Provider
• A manager dating an employee who reports to them
• Negotiating an agreement for DHCP in which you will directly benefit
Employees may hold outside jobs as long as they meet the performance standards of their job with DHCP and have approval.
• Please see Policy & Procedure in the P Drive and make sure you review carefully and complete the new Conflict of Interest Form.
WORKPLACE CONDUCT AND EMPLOYMENT PRACTICES
Alcohol and Drug Free Workplace
• It is DHCP’s desire to provide a drug-free, healthful, and safe workplace. Employees are required to report to work in appropriate mental and physical condition to perform their jobs in a satisfactory manner. While at work and conducting business-related activities off DHCP premises, no employee may use, possess, distribute, sell, or be under the influence of alcohol or illegal drugs.
• The legal use of prescribed drugs is permitted on the job only if it does not impair an employee's ability to perform the essential functions of the job effectively and in a safe manner that does not endanger other individuals in the workplace, members or providers.
WORKPLACE CONDUCT AND EMPLOYMENT PRACTICES -Gifts
Gifts can come in many forms –
Gifts of money and cash equivalent are not allowed. Avoid accepting or giving gifts. Discuss gifts with your supervisor or senior leader.
Questions&
Answers
Q&A
1. You discover unattended medical records. What should you do?
○ A. Contact law enforcement
○ B. Nothing
○ C. Contact your Compliance department (via compliance hotline or other mechanism)
○ D. Wait to confirm someone is using information before taking further action
○ E. Contact your supervisor
Correct Answer: C
Q&A
2. Which of the following requires intent to obtain payment and the knowledge the actions are wrong?
○ A. Fraud
○ B. Abuse
○ C. Waste
Correct Answer: A
Q&A
3. What is the policy of non-retaliation?
○ A. Allows the Plan to discipline employees who violate the Code of Conduct
○ B. Prohibits management and supervisor from harassing employees for misconduct
○ C. Protects employees who, in good faith, report suspected non-compliance
○ D. Prevents fights between employees
Correct Answer: C
Q&A
4. Where can I find DHCP’s Policies & Procedures and Code of Conduct.
○ A. Regis Employee Portal
○ B. In the Public Drive – P Drive
○ C. In the S Drive
○ D. On the website at doctorshcp.com
Correct Answer: B
Q&A5. At a minimum, an effective compliance program includes four core
requirements.
○ A. True
○ B. False
Correct Answer: B
Q&A6. I can report issues of non-compliance and FWA anonymously?
○ A. True
○ B. False
Correct Answer: A
Related Documents
