The Patient Protection and Affordable Care Act (ACA), enacted in 2010, brought about sweeping changes to the healthcare landscape in the United States. Beyond expanding insurance coverage, the ACA introduced significant measures to combat fraud, waste, and abuse within federal healthcare programs. A cornerstone of these measures is the mandate for healthcare providers and suppliers to establish and maintain comprehensive compliance programs. This article delves into the critical aspects of the Affordable Care Act Compliance Program, outlining its requirements, enforcement mechanisms, and the steps healthcare organizations must take to ensure adherence and mitigate risks.
Understanding Mandatory Compliance Programs Under the ACA
A pivotal provision within the Affordable Care Act is Section 6401(a)(7), which mandates that all healthcare providers and suppliers participating in federal healthcare programs must implement and maintain compliance programs as a condition of continued enrollment. This requirement marks a significant shift from previous advisory guidelines to legally binding obligations. The ACA directs the Department of Health and Human Services (HHS), in collaboration with the HHS Office of Inspector General (HHS-OIG), to define the essential components of these programs through formal regulations and to establish timelines for implementation. Non-compliance carries substantial consequences, including potential disenrollment from federal programs, civil monetary penalties, and other sanctions.
Historically, the HHS-OIG has provided voluntary compliance program guidance for various segments of the healthcare industry. This guidance, while valuable, was not compulsory. The Affordable Care Act transforms these recommendations into mandatory requirements, necessitating that providers and suppliers actively adhere to industry-specific regulations developed under the Act.
The foundation of HHS-OIG’s guidance, and likely the ACA-mandated programs, rests upon the criteria for “effective” compliance and ethics programs established by the United States Sentencing Commission. These guidelines, broadly applicable, are tailored to the specific risks inherent within the healthcare sector. This approach is expected to persist under the ACA, ensuring that compliance programs are robust and responsive to the unique challenges of healthcare fraud and abuse.
In addition to the overarching compliance program mandate for all providers and suppliers, the ACA, through Section 6102, imposes even more detailed and legally codified compliance and ethics program requirements specifically for skilled nursing facilities (SNFs) and nursing facilities. For these facilities, the law explicitly dictates that “operating organizations” must implement programs demonstrably effective in:
- Preventing and detecting criminal, civil, and administrative violations under the ACA.
- Promoting and enhancing the quality of patient care.
Section 6102 further specifies mandatory elements for SNF and nursing facility compliance programs, directly mirroring the Sentencing Commission’s effectiveness criteria. These include:
- Written Compliance Standards and Procedures: Documented policies and procedures that clearly outline expected conduct and compliance protocols.
- Compliance-Related Training Programs: Regular and comprehensive training for employees and relevant parties on compliance requirements, fraud and abuse laws, and ethical conduct.
- Auditing and Monitoring Activities: Ongoing assessments and reviews to detect potential compliance issues, including anonymous reporting mechanisms for staff to raise concerns without fear of retaliation.
- Screening Procedures (e.g., Background Checks): Pre-employment and ongoing screening processes, such as background checks, to prevent the hiring or retention of individuals with a history of non-compliance or unethical behavior.
- Investigation and Corrective Action: Established procedures for the thorough investigation of potential violations, coupled with prompt and effective corrective actions to address identified issues and prevent recurrence.
- Disciplinary Systems: Consistent and appropriate disciplinary measures for individuals responsible for compliance violations, ensuring accountability at all levels.
- Periodic Risk Assessments and Program Modification: Regular evaluations of the compliance program’s effectiveness and adaptation based on identified risks and evolving regulatory requirements.
The penalties for ACA non-compliance are significant and should motivate healthcare organizations to proactively develop, evaluate, and enhance their compliance and ethics programs. Beyond financial penalties, failure to comply can lead to exclusion from federal healthcare programs, severely impacting an organization’s ability to operate. The amplified enforcement landscape and integrity provisions within the ACA underscore the critical need for robust compliance programs as a fundamental safeguard against legal and financial repercussions.
Key Enforcement Provisions of the Affordable Care Act
The Affordable Care Act is not solely focused on preventative measures; it also significantly strengthens enforcement mechanisms to deter and penalize fraud and abuse. While a comprehensive analysis of all enforcement provisions is extensive, the following highlights some of the most impactful changes introduced by the ACA:
Enhanced Provider Screening and Enrollment: The ACA mandates rigorous screening processes for providers and suppliers seeking to participate in Medicare. HHS is empowered to implement comprehensive screening procedures, including state licensure verification, criminal background checks, fingerprinting, unannounced site visits, and database checks. This enhanced scrutiny extends to:
- Provisional Period of Enhanced Oversight: Newly enrolled providers and suppliers may be subject to a provisional period with heightened oversight, including prepayment claim reviews, payment limitations, and other measures determined by HHS.
- Temporary Enrollment Moratoria: HHS can impose temporary halts on the enrollment of new providers within specific service or supply categories deemed at high risk for fraud.
- Mandatory Disclosure of Affiliations: Applicants are required to disclose current and past affiliations with providers or suppliers who have outstanding debts, payment suspensions, program exclusions, or revoked billing privileges.
- Authority to Deny or Enhance Safeguards Based on Affiliations: HHS has the authority to deny Medicare participation or implement enhanced safeguards if affiliation disclosures raise concerns about potential fraud, waste, or abuse.
Suspension of Payments During Fraud Investigations: The ACA grants HHS the authority to suspend payments to providers or suppliers when a “credible allegation of fraud” is under investigation. HHS, in consultation with the HHS-OIG, determines the credibility of fraud allegations. This payment suspension can have immediate and severe financial consequences for providers, potentially disrupting operations.
Increased Transparency Requirements: The ACA mandates greater transparency across various healthcare sectors. This includes requirements for drug and device manufacturers, pharmacy benefit managers, physician practices with ancillary services, and skilled nursing facilities to report on financial relationships and activities. These mandatory reporting obligations to the government significantly enhance the tracking and monitoring of financial interactions within the healthcare system.
Expanded Data Access and Integration: The ACA facilitates comprehensive oversight by integrating and analyzing diverse data sets related to claims, quality of care, ownership, certifications, adverse actions, penalties, sanctions, and program integrity. The Act established an Integrated Data Repository (IDR) within HHS to centralize claims and payment data from all federal healthcare programs, including data from the Social Security Administration, Department of Veterans Affairs, Department of Defense, and Indian Health Service. This integrated data is shared and cross-referenced among agencies to identify potential fraud, waste, and abuse. HHS-OIG and the Department of Justice are granted access to this database for law enforcement and oversight activities.
Further enhancing data accessibility, the ACA streamlines the collection of information on final adverse actions against healthcare providers, suppliers, and practitioners by consolidating the Healthcare Integrity and Protection Data Bank into the National Practitioner Databank (NPD). HHS is responsible for maintaining this consolidated database, and states are mandated to contribute specific data to the NPD.
Strengthened Civil Monetary Penalties: The ACA amends the civil monetary penalties statute, increasing the penalty to up to $50,000 for false statements, omissions, or misrepresentations made in applications or contracts to participate or enroll in federal healthcare programs. Violators are also liable for three times the amount falsely claimed. Penalties are also applicable to individuals excluded from federal healthcare programs who prescribe covered items or services, if they “knew or should have known” that a claim would be submitted to Medicare or Medicaid for those items or services.
Mandatory Reporting and Return of Overpayments: The ACA mandates that overpayments must be reported and returned within 60 days of discovery. Failure to return overpayments within this timeframe transforms the overpayment into an “obligation,” potentially subjecting the provider to substantial liability under the False Claims Act, as amended in 2009.
Anti-Kickback Statute Reinforcement: The ACA codifies the Department of Justice’s long-standing position that violations of the Anti-Kickback Statute can serve as the basis for False Claims Act violations, including treble damages. Furthermore, the ACA clarifies that prosecutors are not required to prove that a defendant had specific knowledge of the Anti-Kickback Statute or specific intent to violate it; proving general criminal intent is sufficient.
Amendments to the False Claims Act: The ACA introduces several amendments to the False Claims Act, including narrowing the “public disclosure bar” to federal criminal, civil, or administrative hearings, audits, or investigations, overruling a Supreme Court decision that had broadened the bar to include state proceedings. The Act also empowers the Department of Justice to oppose the dismissal of a False Claims Act case even if the allegations have been publicly disclosed and the whistleblower (“relator”) does not qualify as an “original source” of the information.
Healthcare Fraud Criminal Offense Enhancement: Similar to the Anti-Kickback Statute amendments, the ACA amends 18 U.S.C. 1347 (criminal healthcare fraud) to remove the requirement that prosecutors prove “actual knowledge” of the healthcare fraud statute or specific intent to violate it. Proving general criminal intent is sufficient for a criminal healthcare fraud conviction.
Conclusion: Prioritizing Affordable Care Act Compliance
The Affordable Care Act represents a continuing evolution in the government’s efforts to enhance enforcement capabilities and allocate resources towards detecting and prosecuting fraud, waste, and abuse within the healthcare system. The Act reinforces a trend of mandating compliance and ethics programs for organizations operating in government-regulated sectors, particularly healthcare.
For healthcare providers and suppliers, robust compliance and ethics programs are not merely procedural formalities; they are essential defenses against the significant risks associated with government audits, investigations, and enforcement actions. The ACA’s latest wave of anti-fraud and abuse provisions underscores the imperative for healthcare organizations to take their compliance obligations with utmost seriousness. Ensuring that compliance programs are comprehensive, effectively implemented, and regularly updated to address evolving regulatory requirements is paramount for protecting organizations and upholding the integrity of federal healthcare programs.
References
- Patient Protection and Affordable Care Act of 2010, H.R. 3590, March 23, 2010.
- http://www.hklaw.com/publications/Health-Care-Organizations-Targeted-With-Anti-Fraud-Enforcement-Efforts-New-and-ongoing-initiatives-will-affect-oversight-components-of-health-care-reform-06-22-2009/
- H.R. 3590, Sec. 6401 (a)(7).
- H.R. 3590, Sec. 6401 (a)(7).
- H.R. 3590, Sec. 6401 (a)(7).
- http://oig.hhs.gov/fraud/complianceguidance.asp
- 2009 United States Sentencing Commission Guidelines Manual, §8B2.1 Effective Compliance and Ethics Program (2009).
- H.R. 3590, Sec. 6102.
- H.R. 3590, Sec. 6102.
- H.R. 3590, Sec. 6401 (a).
- H.R. 3590, Sec. 6401 (a).
- H.R. 3590, Sec. 6402 (h).
- H.R. 3590, Sec. 6402 (h).
- H.R. 3590, Sec. 6002.
- H.R. 3590, Sec. 6402 (a).
- H.R. 3590, Sec. 6402 (a).
- H.R. 3590, Sec. 6403.
- H.R. 3590, Sec. 6403.
- H.R. 3590, Sec. 6402 (d)(2).
- H.R. 3590, Sec. 6402 (d)(2).
- H.R. 3590, Sec. 6402 (d)(2).
- H.R. 3590, Sec. 6402.
- H.R. 3590, Sec. 6402; see also 31 U.S.C. 3729(b)(3).
- H.R. 3590, Sec. 6402.
- H.R. 3590, Sec. 6402.
- H.R. 3590, Sec. 6402.
- H.R. 3590, Sec. 10104(j).
- H.R. 3590, Sec. 10104(j).
- H.R. 3590, Sec. 10104(j).
- H.R. 3590, Sec. 10606.