Table of Contents
Gail Peace (firstname.lastname@example.org) is President and CEO of Ludi, Inc. in Nashville, TN.
Looking back in 2019, it seems every day there was a new headline highlighting bad behavior in healthcare, particularly around Stark Law and the Anti-Kickback Statute (AKS) violations. There were the blatant crime stories, but also multiple cases of personal behavior that somehow crossed a line. Reading these articles reminded me of how I felt in grade school, when as children, we all learned a few key lessons that, unfortunately, were somehow forgotten among many of those same kids who are now adults. Here are some of my favorites:
Respect and listen to your teachers.
Keep your hands to yourself.
Be nice to everyone and treat others as you want them to treat you.
But of course, nothing is ever as simple as it was in childhood, when our biggest worries seemed to be centered around who we were going to sit next to on the bus or if we felt prepared for a pop quiz in math class. In fact, the healthcare world today is quite a far reach from all of that uncomplicated bliss, especially when you factor in the fraudulent activities and crimes that occur. So, how did we get here?
In a nutshell, there are regulatory areas in the hospital industry in particular that fall into a proverbial gray zone, which, in turn, cause people to commit technical violations they never actually intended (e.g., miscalculating the amount of time a physician worked). But intent is not a good enough excuse when the Office of Inspector General (OIG) comes knocking. And given that there have already been millions of dollars spent in regulatory enforcements in 2019 alone (and we still have a few months to go!), these purposeful or non-purposeful violations are equally expensive. Now more than ever as we move into 2020, what is certain is that hospital executives—not just the hospital organization itself—must be willing to take personal accountability for anything that goes wrong. And the truth is, there is much that can and will go wrong in one specific area of hospital management: physician contracts.
Physician and hospital relationships
Since the 1980s when the Stark Law (aka, the Physician Self-Referral Law) went into effect, it has been illegal for hospitals to pay physicians unless seven rules (i.e., safe harbors) are met. Specifically, physicians are referral sources to hospitals, so the government gets very involved in ensuring that, at all times, the physician is acting on behalf of the patient first, and not being motivated by some financial relationship or personal benefit.
This rule has been the same for decades now, and yet we find multiple recent examples where the line has been crossed. In fact, sometimes it is quite obvious that all parties had crossed the line in a certain case, as in paying physicians a bonus to send lab tests to a specific lab. Other times, pointing the finger is a bit harder.
When caught, some executives act as if they were unaware of the rules. But, increasingly, that defense is being met with skepticism from the OIG—and for good reason. You can expect more of that kind of distrust from the government in 2020 and beyond.
2015 was a pivotal year in providing guidance on personal accountability. When the OIG releases a fraud alert, it is for one of two reasons. First, there is a risk to the healthcare provider and the OIG wants to make them aware of this risk before it’s too late. The second reason is that the OIG believes that the provider is ignoring previous guidance the government had provided. On June 9, 2015, the Department of Justice (DOJ) released a fraud alert to physicians: Physician Compensation Arrangements May Result in Significant Liability. While the OIG had been advising hospitals to ensure all physician payments are within fair market value and always appropriate, the number of Stark Law settlements and self-reported protocol disclosures around physician payments continued to grow and still does today.
The good news is that the fraud alert advises physicians in three, easy-to-read paragraphs and states that any type of physician payment (e.g., a medical directorship) needs to reflect fair market value for services the physician actually provides. In other words, if a hospital gives a physician money for a directorship and they did not perform that work, the physician is also held accountable—financially and (potentially) criminally.
2015 also brought another key piece of guidance from the DOJ related to the notion of personal accountability. On September 15, 2015, the Yates Memo 3 was released. The memo put all organizations and executives on alert, stating that if you are involved in a scheme to defraud the United States government, you will be personally pursued, both in the civil and criminal realm. In fact, if the organization is indicted on wrongdoing, in order to settle the case, the organization cannot protect the individuals involved. This was a switch from prior settlements, where the organization’s attorneys acted on behalf of both the organization and the individuals. In other words, no more hiding behind the corporate checkbook.
Beginning in 2015, we began to see multiple instances of physicians and executives being punished; that is, personally paying fines and even going to jail. Today we know where the boundaries are, yet we still see multiple examples of that behavior. Of the $2.8 billion recovered by the government in 2018 fraud cases, $2.5 billion involved healthcare. It is a target-rich environment.
So, what’s the deal? Process and culture matter
The Stark Law went into effect more than 20 years ago, but it is surprising that we continue to see such a high number of violations occurring in 2018 and in 2019, especially with the 2015 DOJ fraud alert that put physicians and executives alike on notice that you cannot entice physicians through bogus physician arrangements or payments greater than market value. But, like I said, our industry is a complicated sector to say the least.
So, why do some organizations and their staff seem less diligent about ensuring these relationships are, in fact, getting enough scrutiny? Especially when it appears that most organizations have put into place some level of checks and balances with the setup of their physician arrangements. The answer, I believe, comes down to two possible causes: process and cultural.
A process-related cause might mean the hospital is not collecting time-log documentation from the physician because, for them, it’s too cumbersome. Another cause might be a mathematical error. That is, physician payment processes are typically manual in nature, so it is easy to make an incorrect calculation or miss a monthly or annual maximum. So, what’s the solution? In a nutshell: automation. Automating any process involved in paying physicians can help minimize the potential missteps from paper-based operations. Organizations that do not embrace this safeguard are engaging in risky behavior.
The nonchalant approach we see around these compliance efforts might also be reflective of organizational culture. That is, a technical mishap in physician payments might be a failure of the culture as a whole. And, when you think about it, it makes sense. If the organization does not share the same seriousness around these relationships and personal accountability, it’s likely physicians and line staff won’t either. So, as a hospital organization, you have to ask yourself a couple of key questions. In our effort to partner with physicians, do we clearly highlight the importance of properly documenting each payment? Is the physician made aware of their part and their individual risk in receiving payments from the hospital that are outside of the contract itself? You need to ensure physicians are trained on the risks and presented with clear instruction of how to do their part in ensuring the contracts are being followed as written.
Hospital staff also need training. Specifically, they need to know that if they intentionally entice a physician to bring business to their facility outside the appropriate channels, they may be personally prosecuted. Compliance programs designed for employees need to have an entire chapter on physician arrangements. Why? Because employees are your front line and are more likely to see when something goes awry. I once worked at a hospital system where an environmental services employee complained on the internal compliance hotline that she had to clean a physician’s office every day, even though that the physician no longer went to that office. This employee ended up alerting the organization of the situation and, by doing so, spotlighted a much bigger problem: the hospital was (unknowingly) paying the doctor for work they weren’t actually performing (i.e., a Stark Law violation).
The beat goes on
Beyond the aforementioned tips for physician payment compliance, there is one other recent turn of events your team should keep their collective eye on for the foreseeable future: whistleblower implications. On May 13, 2019, a unanimous United States Supreme Court ruled in Cochise Consultancy, Inc., et. al. v. U.S. ex rel. Hunt, increasing the amount of time that whistleblowers have to come forward. Some believe this will increase the number of qui tam suits, but whether that happens or not, here are some quick tips on navigating this latest regulatory development.
First, do not forget that employees are the first line of defense in fraud and regulatory matters. Of the $2.5 billion recovered in 2018, $2.1 billion began with a whistleblower. Therefore, it is not only critical that your compliance program train employees and physicians on the risks of physician and hospital contracts, but also who exactly to contact when something seems amiss. In addition, as I mentioned previously, physicians must understand that when they attest they performed work on a medical directorship or teaching agreement, it is legally binding. It does not serve either the physician or the healthcare entity when fraud occurs. Employees who approve physician time logs must also learn (and re-learn) what approving means and of their individual responsibility.
Although it is often a tricky road to navigate, ultimately, compliance assists in driving the culture of any healthcare organization, especially hospitals and health systems. Where there are bad actors, they must be removed; otherwise, the organization is potentially risking their future. Moreover, there is an opportunity here, I might even say an obligation, to integrate personal accountability into compliance training. That’s why it’s important for your organization to encourage employees to report bad behavior immediately. Use examples of things that were corrected in the training program. Engage senior leadership to carry the message of zero tolerance, because the level of diligence needed must be driven from the top. Finally, remind your team of those simple principles from grade school, and that, ultimately, it all comes down to simply doing the right thing.
2019 has already produced a number of new and costly regulatory enforcements. Don’t expect things to slow down in 2020.
Now more than ever, physicians and hospital executives are being held personally accountable when things go wrong with physician arrangements.
Educate and engage physicians in compliance training related to hospital-physician contracts.
Enact best practices to ensure your organization manages each physician payment appropriately by streamlining the process, standardizing the payment approach, and embracing automation.
Own the culture. Train employees throughout the organization on appropriate physician contracts, so that they surface problems before they become deep issues.