The OIG’s Focus on Compliance [CIAs Part II]

In the last episode, we talked about what a corporate integrity agreement is and what compliance programs should look like. In this episode of Talking with the Toothcop, we continue our series on corporate integrity agreements by looking at the OIG’s Focus on Compliance roundtable discussion. If you participate with Medicare or Medicaid, you HAVE to pay attention to this. 

Outline of This Episode

  • [3:23] Corporate Integrity Agreements
  • [5:21] The focus on compliance document
  • [8:59] The board of directors
  • [10:53] The role of the internal audit
  • [11:26] Claims review requirements

Corporate Integrity Agreements 

Just to recap, according to the OIG, a corporate integrity agreement is “Part of the settlement of Federal health care program investigations arising under a variety of civil false claims statutes. Providers or entities agree to the obligations, and in exchange, OIG agrees not to seek their exclusion from participation in Medicare, Medicaid, or other federal healthcare programs.” 

A CIA usually remains in effect for five years. If you don’t agree to this, you lose the ability to participate in federally funded programs. If Medicare or Medicaid represent a large cross-section of your business, you could lose your business by losing the ability to work with them. It’s a large reason why organizations agree to CIAs. CIAs have evolved into what they are today. 


Focus on Compliance: The Next Generation of Corporate Integrity Agreements

In 2012, the OIG held a roundtable discussion with stakeholders with entities and organizations that were under an active CIA to get feedback. The goal was to tweak CIAs to make them more effective to organizations. 

In this discussion, the CIAs required each participant to have a code of conduct setting forth their commitment to compliance. They also had to implement policies and procedures governing the compliance program and adherence to program requirements. 

A code of conduct is a great foundation for a compliance program and establishing policies and procedures. Your written policies and procedures should address each of your risk areas. The OIG now leaves it up to the organization to identify what topics you need further training on based on the CIA. So they’re moving away from an hours-driven training program to topic-driven. The government is responding to and taking feedback on some of their requirements. 

The board of directors involvement 

We do work with some dental partnership organizations and DSOs. CIAs require that the board of directors also receive training, reports from the compliance officer, and pass an annual resolution certifying the board is overseeing the compliance program. 

The board’s responsibilities result in more engaged board members, which assists in the allocation of resources to mitigate risk. An engaged board motivates executives and healthcare providers to commit more fully to compliance

I spend a lot of time working actively with boards and compliance committees and I see this. It takes a few meetings to see people get why it’s necessary. Once things click, I become more of a silent presence and less of the person leading the charge. This is how it should be. 

What is the role of an internal audit? Why is it so important? Listen to learn more!

Claims review requirements

Most CIAs require the provider to conduct a discovery sample of 50 paid Medicare claims randomly selected from those submitted by the provider during a specified 12-month period. If the error rate is 5% or greater, the provider must conduct a full sample systems review—which is far more involved. 

When an organization is under a CIA, they have to maintain an error rate of less than 5% in their audits. Based on my experience, this is difficult to accomplish. I’ve been doing record audits for over 10 years and the average error rate is north of 15%. Why? Because auditing processes aren’t in place and people don’t go back and check for mistakes.

The average dentist thinks they don’t make that many mistakes, but unless you do audits and have definitive proof, you don’t know. If you’re playing the Medicaid/Medicare game, you’ve got to know that your error rate is below 5%. 

You’re not expected to have a full-time compliance officer in place—but you are required to have auditing and monitoring processes in place. So if you’re a small dental office, you must pull and audit at least 50 coding and billing records a year. 

Need help with this process? Send me an email and I’ll share some samples of overpayment lists. 

Resources & People Mentioned

Connect With Duane

On LinkedIn

Share this post

← Older Post Newer Post →