The Deficit Reduction Act of 2005 (the “DRA”) imposes new compliance program requirements on health care entities that receive each year $5 million dollars or more in Medicaid funds. Effective January 1, 2007, the DRA will require these entities to educate their employees, contractors and agents about federal and state false claims acts and about the whistleblower protections under the acts. Because these new requirements are effective on January 1, 2007, covered health care entities should start reviewing their compliance programs and policies now.
The section of the DRA titled “Employee Education About False Claims Recovery” requires each covered entity to provide:
Written policies for all employees, and agents and contractors, that includes “detailed information” about the federal and state false claim acts, administrative remedies for false claims, whistleblower protections under federal and state laws, and the role of these laws in preventing and detecting fraud, waste, and abuse;
Detailed provisions regarding the entity’s policies and procedures for detecting and preventing fraud, waste, and abuse; and
Within any employee handbook, a specific discussion of those state and federal laws, the rights of employees to be protected as whistleblowers, and the entity’s policies and procedures for detecting fraud, waste, and abuse.
There are still a number of unknowns in how to implement the DRA’s education program requirements. The DRA does not define the term “entity”. But, the term might be construed to apply collectively to the facilities owned by a given legal entity. If so, for example, a legal entity owning three imaging centers each with $2 million in Medicaid revenue annually would be required to comply with the DRA’s requirements. It is unclear how extensively entities will have to educate “contractors or agents” and what types of contractors and agents must be educated. Finally, it is unclear whether the DRA requires actual training in addition to the implementation of written policies and procedures.
CMS is expected to provide guidance on DRA compliance, but the timetable for issuing such guidance is uncertain at this time. Despite that lack of clarity, covered entities are subject to recoupment of funds if they fail to comply with the new law. Therefore, covered entities should begin to act now in order to achieve at least minimal compliance by January 1, 2007. Steps entities can take include the following:
Revising compliance plans and employee handbooks to include the new information required by the DRA, including summaries of the relevant federal and state laws.
Reviewing your fraud and abuse compliance program against the DRA requirements to identify any gaps. If your entity lacks a formal fraud and abuse reporting and compliance mechanism, one should be established as soon as possible.
Establishing a formal grievance procedure. It should be clear that there is no retaliation toward the employee for reporting any billing irregularities of other concerns.
Ideally, the policies and/or training that is implemented should satisfy compliance with the DRA, while at the same time maintaining and fostering the organization’s ability to internally address compliance issues. Accordingly, employees should be made aware of internal channels for reporting concerns.
Attorneys with Boult, Cummings, Conners & Berry’s Health Care Team are monitoring the implementation of the DRA’s Education Program requirements and are currently involved in assisting entities with compliance. Should your organization require assistance, please contact Chris Puri or any other member of the Health Care Team.