OIG HEAT Provider Compliance Training Webcast

The Office of Inspector General (OIG) has made available the Health Care Fraud Prevention and Enforcement Team (HEAT) Provider Compliance Training webcast. OIG is making the training information available to help highlight and educate providers on the the federal government's effort to fight health care fraud and abuse.

More information about  HEAT Task Force and its mission and efforts can be found on the StopMedicareFraud website. The training information includes 16 modules:

Welcome Remarks 4:37
Overview of OIG 9:56
Navigating the Fraud and Abuse Laws 26:26
Compliance Program Basics 17:01
Operating an Effective Compliance Program 15:59
Understanding Program Exclusions 10:26
Navigating the Government 5:10
Overview of Centers for Medicare and Medicaid Services 34:24
Importance of Documentation 17:06
OIG Subpoenas Audits Surveys and Self Disclosure Protocol 17:42
Health Care Fraud Enforcement Panel 6:08
Health Care Fraud Enforcement Panel with CMS Deputy Admin 13:43
Health Care Fraud Enforcement Panel with Special Agent 15:10
Health Care Fraud Enforcement Panel with Asst. US Attorney 17:08
Health Care Fraud Enforcement Panel - Fraud Control Unit 11:15
Adjournment 0:59

OIG Issues Roadmap on Avoiding Medicare and Medicaid Fraud and Abuse for New Physicians

The U.S. Department of Health and Human Services, Office of Inspector General (OIG) has issued a resource and educational guide for new physicians to help them better understand the key Federal fraud and abuse laws.

As a health care attorney who often deals with physicians on fraud and abuse related matters, I applaud the OIG's effort to provide educational information to help raise the level of understanding on these issues and increase the transparency of these federal laws. This guide won't just be useful for "new" physician but for all physicians to gain a better understanding of the very complex legal/regulatory structure of fraud and abuse laws in the United States.

The new OIG document is titled, "Roadmap for New Physicians: Avoiding Medicare and Medicaid Fraud and Abuse." The physician education roadmap document summarized the five main Federal fraud and abuse laws, including the False Claims Act, the Anti-Kickback Statute, the Stark Law, the Exclusion Statute, and the Civil Monetary Penalties Law. The roadmap document provides tips to physicians on how they should comply with these laws in their relationships with payers (like the Medicare and Medicaid programs), relationships with vendors (like drug, biologic, and medical device companies), and relationships with fellow providers (like hospitals, nursing homes, and physician colleagues).

The roadmap guide was developed as a result of a survey conducted by OIG of medical school deans and designated institutional officials at institutions that sponsor residencies and fellowships to learn what types of instruction medical students, residents, and fellows receive on Medicare and Medicaid fraud, waste, and abuse. Nearly all respondents (92% of deans and 90% of designated institutional officials) reported they would like OIG to provide educational materials they can use. The complete survey, "Medicare and Medicaid Fraud and Abuse Training in Medical Education," was recently issued in October, 2010.

You can view online or download a PDF version of the roadmap guidance materials. I plan to include a copy of this as a part of my hand out materials when I talk to physicians and other health care providers on fraud and abuse issues.

SAMHSA and ONC: FAQs on Substance Abuse Confidentiality Regulations for HIEs

The Substance Abuse and Mental Health Services Administration (SAMHSA) and the Office of the National Coordinator for Health Information Technology (ONC) announced last week the release of FAQs for Applying the Substance Abuse Confidentiality Regulations to Health Information Exchanges (HIEs).

Cover letter regarding the FAQs by Pamela S. Hyde, the Administrator of SAMHSA, and David Blumenthal, National Coordinator for ONC. The letter describes that the the Substance Abuse Confidentiality Regulations under 42 CFR Part 2 were enacted years ago (circa 1975). Due to the age of the regulations SAMHSA and ONC created the FAQs to provide guidance and understanding of the scope of these regulations in the context of today's move toward an electronic health information system.

The FAQs outline the general requirements under 42 CFR Part 2, provide guidance on its application to HIEs, and identify methods for including substance abuse related health information into HIEs that is consistent with the Federal statute.

As a follow-up to the release of the FAQs, SAMHSA and ONC will convene a meeting of concerned or interested parties from both the Behavioral Health and Information Technology (BH-IT) communities on August 4, 2010. The meeting will be an opportunity for SAMHSA and ONC to receive questions and comments on the FAQs.

The FAQs for Applying the Substance Abuse Confidentiality Regulations to Health Information Exchanges (HIEs) provide information on the following 37 questions:

1. Does the federal law that protects the confidentiality of alcohol and drug abuse patient records allow information about patients with substance use disorders to be included in electronic health information exchange systems?
2. What types of providers are covered programs under 42 CFR Part 2 (“Part 2”)?
3. What patients, and which records and information, are protected by 42 C.F.R Part 2?
4. For the purposes of the applicability of 42 CFR Part 2, does it matter how HIOs are structured?
5. Does 42 CFR Part 2 permit the disclosure of information without a patient’s consent for the purposes of treatment, payment, or health care operations?
6. Under Part 2, can a Qualified Service Organization Agreement (QSOA) be used to facilitate communication between a Part 2 program and an HIO?
7. May information protected by Part 2 be made available to an HIO for electronic exchange?
8. If Part 2 information has been disclosed to the HIO, either pursuant to a Part 2- compliant consent form authorizing such disclosure or under a QSOA, may the HIO then make that Part 2 information available to HIO-affiliated members?
9. How do different HIO patient choice models regarding whether general clinical health information may be disclosed to or through an HIO (e.g., no consent, opt in or opt out) affect the requirements of 42 CFR Part 2?
10. If an HIO is holding or storing Part 2 patient data through a QSOA, can the HIO redisclose the data coming from the Part 2 program to a third party without patient consent?
11. What are the required elements of a patient consent under Part 2?
12. What must a Part 2 program do to notify the HIO, or any other recipient of Part 2 protected information, that it may not redisclose Part 2 information without patient consent?
13. Can a single consent form be used to authorize the disclosure of Part 2 information to an HIO, as well as authorize the redisclosure of that information to other identified parties, such as HIO affiliated members?
14. Does Part 2 allow the use of multiple-party consent forms?
15. Does Part 2 require the use of original signed consents?
16. Under Part 2, may an HIO release demographic information about Part 2 patients without patient consent?
17. Under Part 2, can an HIO reveal that a patient had an encounter at a mixed use facility (or “general medical” facility – see FAQ #2) as long as the HIO does not reveal that the patient was in the mixed use facility’s Part 2 program? A mixed use facility can be defined as a service provider organization that provides substance abuse treatment services as well as other health services such as primary care, dental care, mental health services, social services, etc.
18. Under Part 2, can an HIO use a consent form that provides for disclosure to “HIO members” and refers to the HIO’s website for a list of those members?
19. Can an HIO use a consent form under Part 2 to allow for the disclosure of information to future HIO affiliated health care providers?
20. Can an HIO use a consent form under Part 2 to allow for the disclosure of information to health care providers who are providing on-call coverage for HIO affiliated health care providers or with whom those affiliated providers consult?
21. Can a Part 2 patient consent be used to enable multiple disclosures?
22. Can a Part 2 program or HIO use a consent form that has no specific expiration date but rather states that disclosure is permitted until consent is revoked by the patient?
23. Is “treatment” a sufficient description of the intended purpose of a disclosure on a Part 2 consent?
24. Under Part 2, can any health care provider make the determination that a medical emergency exists, or must a Part 2 provider make that determination?
25. May a computer system be used to automatically determine whether a medical emergency exists and whether a disclosure of Part 2 data can be made without the patient’s consent?
26. If a medical emergency exists, can the entire Part 2 record be released?
27. For documentation purposes, if a medical emergency is present, would it be permissible under Part 2 to have treating providers simply check a drop down box signifying the existence of such a medical emergency?
28. Under Part 2, may an HIO system make clinical decision support functions (such as showing a patient’s medications to clinicians when they write prescriptions, automatically ordering medications, and/or alerting clinicians about potential drug interactions) available to HIO affiliated health care providers in a medical emergency?
29. Does the Part 2 definition of medical emergency also include mental health emergencies?
30. When the HIO keeps an electronic record of a medical emergency, does that fully meet Part 2’s requirement to document disclosures made in a medical emergencies in the patient’s record?
31. If an HIO’s electronic system makes a disclosure in a medical emergency, would documenting the name of the discloser as “electronically disclosed through the system administered by HIO” meet Part 2’s requirement that the name of the person who made the disclosure be documented in the patient’s record?
32. If an HIO’s electronic system sends Part 2 data in a medical emergency to a printer or fax machine in the emergency room, can “the printer in the emergency department” meet Part 2’s requirement to document in the patient’s record the name of the person to whom the disclosure was made?
33. Once Part 2 information is disclosed in a medical emergency, can that information be redisclosed without obtaining patient consent?
34. If a patient has previously refused to consent to the release of his/her Part 2 record to a particular HIO affiliated health care provider, and then the patient is brought to that provider in a bona fide medical emergency situation, can that provider gain access through the HIO to the information without the patient’s consent under Part 2?
35. Can an HIO disclose data for Disease Management purposes under Part 2 without patient consent?
36. Under Part 2, would an HIO be permitted to disclose to an HIO affiliated payer the data of several patients held by the HIO, which may include Part 2 data, in order for the payer to target where interventions could be made with particular patients to improve care and management of disease?
37. If an HIO affiliated health care provider wishes to gain access to a minor’s Part 2 record held by the HIO, may the HIO or provider obtain only the consent of a parent or guardian, or must the minor’s consent also be obtained?