September 3, Dear Provider:

Similar documents
Compliance Program And Code of Conduct. United Regional Health Care System

Alignment. Alignment Healthcare

STANDARDS OF CONDUCT SCH

Compliance Program Code of Conduct

Compliance Program, Code of Conduct, and HIPAA

October Dear Providers:

2012 Medicare Compliance Plan

Ashland Hospital Corporation d/b/a King s Daughters Medical Center Corporate Compliance Handbook

National Policy Library Document

Compliance Program Updated August 2017

Medicare Advantage and Part D Compliance Training. 42 CFR Parts and

Medicare Advantage and Part D Fraud, Waste and Abuse Compliance Training 2015

Recover Health Training. Corporate Compliance Plan Code of Conduct Fraud & Abuse

THE MONTEFIORE ACO CODE OF CONDUCT

INLAND EMPIRE HEALTH PLAN CODE OF BUSINESS CONDUCT AND ETHICS. Our shared commitment to honesty, integrity, transparency and accountability

Compliance Plan. Table of Contents. Introduction... 3

UNDERSTANDING OUR CODE OF CONDUCT...4 OUR RELATIONSHIP WITH THOSE WE SERVE...5 OUR RELATIONSHIP WITH PHYSICIANS AND OTHER HEALTH CARE PROVIDERS...

BOARD OF COOPERATIVE EDUCATIONAL SERVICES SOLE SUPERVISORY DISTRICT FRANKLIN-ESSEX-HAMILTON COUNTIES MEDICAID COMPLIANCE PROGRAM CODE OF CONDUCT

EMPLOYEE HANDBOOK EMPLOYEE HANDBOOK. Code of Conduct

Managed Care Fraud: Enforcement and Compliance HCCA Compliance Institute March 28, 2017

Anti-Fraud Plan Scripps Health Plan Services, Inc.

BILLING COMPLIANCE HANDBOOK

Independent Living Systems. Code of Ethics & Supporting Documentation For Providers and Subcontractors ILS_COE_FDR

Stark, False Claims and Anti- Kickback Laws: Easy Ways to Stay Compliant with the Big Three in Healthcare

Foundations Health Solutions Nursing Facility Integrity Manual Revised August 2017

Jackson Hospital. Code of Conduct

CODE OF CONDUCT. Policies and Procedures. Corporate Compliance Committee. Interim President and CEO

Code of Conduct. at Stamford Hospital

CODE OF CONDUCT (Regarding Legal and Ethical Conduct) PERFORMED BY: All Staff

Medicare Fraud & Abuse: Prevention, Detection, and Reporting ICN

Compliance Program. Life Care Centers of America, Inc. and Its Affiliated Companies

Mississippi Baptist Health Systems Code of Ethics and Business Conduct

PHILADELPHIA COLLEGE OF OSTEOPATHIC MEDICINE COMPLIANCE AND ETHICS PROGRAM MANUAL

Office of Compliance & Ethics General Compliance Training JHS Annual Mandatory Education

COMPLIANCE PLAN PRACTICE NAME

CORPORATE COMPLIANCE POLICY AUDIT & CROSSWALK WHERE ADDRESSED

Chapter 15. Medicare Advantage Compliance

1.Cultural & Linguistic Competence. 2.Model of Care for Special Needs Patients. 3.Combating Medicare Fraud, Waste and Abuse. Revised January 2017

St. Jude Children s Research Hospital. Code of Conduct

National Policy Library Document

San Francisco Department of Public Health

Code of Ethics Effective date: 02/02/2018

Health Partners Plans Medicare FDR Requirements Frequently Asked Questions (FAQs)

UNIVERSITY OF ROCHESTER MEDICAL CENTER BILLING COMPLIANCE PLAN

ARNOLD & PORTER UPDATE

STANDARDS OF CONDUCT A MESSAGE FROM THE CHANCELLOR INTRODUCTION COMPLIANCE WITH THE LAW RESEARCH AND SCIENTIFIC INTEGRITY CONFLICTS OF INTEREST

UCLA HEALTH SYSTEM CODE OF CONDUCT

ISDN. Over the past few years, the Office of the Inspector General. Assisting Network Members Develop and Implement Corporate Compliance Programs

National Policy Library Document

COMPLIANCE PLAN October, 2014

2018 Florida Provider Manual

Fraud, Abuse, & Waste, Oh My! Developing an Effective Compliance Program

The Purpose of this Code of Conduct

Clinical Compliance Program

Community Mental Health Center 2010 Annual Compliance Plan

Piedmont Healthcare, Inc. Code of Conduct

MEDICAID ENROLLMENT PACKET

RUTGERS BIOMEDICAL AND HEALTH SCIENCES CODE OF CON DU CT

A Day in the Life of a Compliance Officer

AVOIDING HEALTHCARE FRAUD AND ABUSE; Responsibility, Protection, Prevention

Clinton County Corporate Compliance Plan

Department of Health and Human Services. Centers for Medicare & Medicaid Services. Medicaid Integrity Program

Fraud, Waste and Abuse (FWA) Compliance Training. Heritage Provider Network & Arizona Priority Care

Pharmacies Medicare Part D Training Obligations and Medicare Training Resources

Institutional Handbook of Operating Procedures Policy

MEMORIAL HERMANN HEALTH SYSTEM

Working Together for Quality. Our Code of Ethical Conduct

Current Status: Active PolicyStat ID: COPY CONTRACTOR, MEDICAL STAFF, REFERRAL SOURCE AND EMPLOYEE SCREENING POLICY

COMM PATIENTS INTEGRITY PATIENTS COMMUNITY ETHICS PATIENTS ITY C I A D N A T S Y T I R G E T N I N I T S T I S C I H T E

ANNUAL COMPLIANCE TRAINING

Preventing Fraud and Abuse in Health Care

CODE of ETHICAL CONDUCT

Catholic Charities of the Roman Catholic Diocese of Syracuse, NY Compliance Plan

HealthCare Partners Code of Conduct

FDRs = "First tier", "Downstream" and "Related" entities 3/8/2017. Session 410: Medicare FDRs and Compliance Programs. Presentation Overview

COMPLIANCE PROGRAM. Our commitment to ethical conduct and compliance depends on all employees having a clear understanding of Corporate expectations.

Corporate Compliance Program and Code of Conduct

CODE OF CONDUCT. CHLAMG Compliance Department. Medical Group

April, 2007 QUESTIONABLE PRACTICES BY HOSPICES AND NURSING HOMES UNDER HEALTH CARE FRAUD AND ABUSE RULES

Hospice Program Integrity Recommendations

This policy applies to all employees.

3/16/2016. Swapping, Kickbacks, Fair Market Value: Risks for a Post-Acute Provider. AKS designed to prevent improper referrals, which can lead to:

John C. La Rosa, MD, FACP President

R. Gregory Cochran, MD, JD

Provider Enrollment. August 2016

Swapping, Kickbacks, Fair Market Value: Risks for a Post-Acute Provider

Managing employees include: Organizational structures include: Note:

Dun & Bradstreet Partner Code of Conduct

Compassionate Care Hospice

USABLE CORPORATION TRUE BLUE PPO NETWORK PRACTITIONER CREDENTIALING STANDARDS

National Policy Library Document

Combating Medicare Parts C and D Fraud, Waste, and Abuse Web-Based Training Course. January 2017

Medicare s Electronic Health Records Incentive Program- Overview

Code of Conduct Effective October 19, 2017

USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION: HIPAA PRIVACY POLICY

What is your start date? (Date in which you plan to begin seeing patients in the hospital). Specialty SECTION I. IDENTIFICATION DATA

HealthStream Regulatory Script. Corporate Compliance: A Proactive Stance. Version: [February 2007]

A 12-Step Program to Better Compliance: A Practical Approach

CODE OF CONDUCT. and ETHICAL BEHAVIOR

MEMORIAL HERMANN HEALTHCARE SYSTEM

Transcription:

September 3, 2014 Dear Provider: As a contractor with Centers for Medicare & Medicaid Services (CMS), Arkansas Blue Cross and Blue Shield are required by the regulations to develop and maintain a compliance program and provide annual training to all firsttier, downstream and related entities (FDRs). Providers are considered first tier entities because there is a direct contract for Medicare Services between Arkansas Blue Cross and each provider. Annual training should be completed by not only the provider, but the provider s staff who has any contact (indirect or direct) with Medicare beneficiaries, including billing. Compliance training should be completed by December 31, 2014 or within 90 days of hire for any new employees. The OIG has issued guidance with reference to effective compliance programs for specific health care providers and can be found at http://oig.hhs.gov/fraud/complianceguidance.asp. The Federal Register Notice CMS-4124-FC, CMS clarifies that the training and communication requirements apply to all entities with which we partner. In the event that your organization does not have Compliance Training in place, Arkansas Blue Cross has created a Medicare Compliance Training Program to meet CMS training requirements and has made this training available on AHIN and has been made available as a pdf at www.arkbluecross.com\providers under Resources. Arkansas Blue Cross has a deep commitment to conducting business ethically, honestly and in compliance with the law. This commitment is why we expect everyone with whom we do business, including FDRs to also do business ethically, honestly and in compliance with the law. In order to continue to serve our customers in a manner that reflects the highest level of integrity and ethical business conduct, we ask that you take a moment, as a valued business partner, to review our Code of Conduct on our website at www.arkansasbluecross.com/about/conduct.aspx and our Code of Business Ethics at http://www.arkansasbluecross.com/about/mission.aspx These documents provide you with important information regarding Arkansas Blue Cross business integrity, ethics and compliance standards of conduct and how to detect, prevent, report and correct fraud, waste and abuse. All training documents, including a copy of the training materials and training logs must be retained by your organization for 10 years, in accordance with CMS record retention guidelines. No documentation should be returned to Arkansas Blue Cross at this time. All documentation is subject to random audit by Arkansas Blue Cross or may be requested as part of a Compliance Program Audit by CMS or CMS designees. If you have any questions regarding this letter, referenced documents, training requirements, please refer to the Frequently Asked Questions slide in the training, contact your Network Development Representative or the Regulatory Compliance Office at regulatorycompliance@arkbluecross.com Thank you for your time, Sonya Wooderson, RN, BSN Regulatory Compliance Project Manager

FAQ s for Annual Medicare Compliance Training for Providers Do all contracted providers have to complete the Annual Medicare Compliance Training for Providers? No, only contracted providers that provide services to our Medi-Pak Advantage PFFS/PPO/HMO and Medi-Pak Rx PDP members Does the contracted provider with Arkansas Blue Cross need to be the only one completing Annual Compliance Training for Providers? No. Although the provider is contracted with Arkansas Blue Cross, it is the providers responsibility to ensure that all staff serving the Medicare Beneficiaries complete the training. This includes, front office, lab techs, nurses, billing and any other ancillary staff. All new hires must also complete the training within 90 days of hire and annually thereafter. Does any documentation need to be return to Arkansas Blue Cross? No. At the end of the training module provided on the website and on AHIN, there is a training log. Each individual who has completed the training will need to sign and date the training log. However, you will need to retain a copy of the training materials and completed training log for your records for 10 years. In the event you are audited by either CMS, Arkansas Blue Cross Blue Shield or designee, you may be asked to provide copies of training materials and training log as evidence that annual compliance training was completed for the year in which you are being audited. As the Provider, we currently have only one Medicare beneficiary, do we still need to complete the training? Yes. You are required by CMS to complete the annual training if you are providing any service to a Medicare Beneficiary. We have already completed this for another insurer we are contracted with or we have completed the Annual Medicare Compliance Training provided by CMS. Must we take this training provided by Arkansas Blue Cross? No. You and your staff must take the Annual Compliance Training from one source, one time per year. However, the Annual Compliance Training must meet the CMS Compliance Training Requirements.

2014 Medicare Compliance Training for Providers At the conclusion of this training, an individual authorized to represent your organization must retain a copy of this training and completed employee training logs on file for 10 years. You may be asked to present these material in the event of an audit by Arkansas Blue Cross Blue Shield, Centers for Medical Services (CMS) or CMS designee.

Course Content Overview What Rules Must Arkansas Blue Cross Blue Shield Medicare Advantage (MA) and Part D (PDP) First Tier and Downstream Entities (vendors) Comply with? Key Elements of a Compliance Program Policies and Procedures Protecting Personal Health Information (PHI) Chapter 4 Advanced Directive Requirements Training Resources Log & Certificate of Completion

Introduction Training Requirements Arkansas Blue Cross Blue Shield has contracted with the Centers for Medicare & Medicaid Services (CMS) to offer Medicare Advantage (MA) and Part D (PDP) benefits to Medicare enrollees. As part of those contracts, Arkansas Blue Cross requires their employees who have direct or indirect involvement with the Medicare programs to complete a Compliance training course. Federal Register Notice CMS-4124-FC, CMS clarifies that the training and communication requirements apply to all First Tier, Downstream, and Related Entities (FDRs) First Tier is defined as any entity that enters into a written arrangement acceptable to CMS with a Medicare Advantage Organization (MAO) or Prescription Drug Plan (PDP) that provides administrative or health care services to Medicare eligible individuals under the Medicare Advantage (Part C) or PDP (Part D) program. Providers are considered First Tier Entities Arkansas Blue Cross is making this training available in the event you do not have your own Medicare Compliance Training program established.

Overview of Medicare Regulations and Changes Regulations Prior to January 1, 2009, MA and Part D plan sponsors operated their required compliance programs, and providers operated their voluntary compliance programs in parallel. However, times have changed. In December 2007, CMS published new Medicare Advantage (MA) and Part D (PDP) regulations that became effective January 1, 2009 Among other changes, these regulations require Medicare Advantage (MA) and Part D (PDP) Plan Sponsors such as Arkansas Blue Cross Blue Shield to apply their training requirements and effective lines of communication to those entities we partner with that provide services in the MA and Part D programs Those entities include providers who have contracted with Arkansas Blue Cross Blue Shield to provide services to our Medi-Pak Advantage PFFS/PPO/HMO and Medi-Pak Rx PDP members

Changes in Regulations Overview of Medicare Regulations and Changes New regulations at 42CFR Parts 422 and 423 require, in part, that a Plan Sponsor (Arkansas Blue Cross Blue Shield) attests that it will: Develop an effective compliance plan that incorporates measures to detect, prevent, and correct fraud, waste and abuse Establish effective lines of communication between the compliance officer, members of the compliance committee, and the Sponsor s employees, managers, and directors Apply these training and communication requirements to all entities with which they contract to provide benefits or services, also known as FDRs (first tier, downstream, and related entities)

Overview of Medicare Regulations and Changes Rules Arkansas Blue Cross Blue Shield Must Comply With As a Medicare contractor, we must comply with numerous regulations and guidance's. Most of those regulations and guidance documents can be found on the CMS website: Centers for Medicare & Medicaid Services (CMS): http://www.cms.gov The CMS website contains a number of links which will take you to the regulations, guidance documents, manuals and other useful information.

Overview of Medicare Regulations and Changes Rules Arkansas Blue Cross Blue Shield Must Comply With Arkansas Blue Cross and its First Tier, Downstream and Related Entities (FDRs) must comply with all applicable Medicare laws and regulations. Through our contractual arrangements with the Centers for Medicare & Medicaid Services (CMS), Arkansas Blue Cross has agreed to adhere to all Medicare laws and regulations. Arkansas Blue Cross is also required to insure that its First Tier, Downstream and Related Entities (FDRs) also adhere to all applicable Medicare laws and regulations. The Centers for Medicare & Medicaid Services (CMS) regulations outline their expectations and Arkansas Blue Cross utilizes these regulations to develop our health plan operations, workflows, and internal processes to ensure we meet our contractual requirements Arkansas Blue Cross s First Tier, Downstream and Related Entities (FDRs) must also ensure processes are in place to comply with regulations and develop applicable policies and procedures

Key Elements of Compliance Program According to the Centers for Medicare & Medicaid Services (CMS) the key elements of an effective compliance program are: 1. Written policies and procedures (including Code of Conduct) 2. Designation of a Compliance Officer, Compliance Committee, and High Level Oversight 3. Effective Training and Education 4. Effective Lines of Communication 5. Enforcement of standards through well-publicized disciplinary guidelines 6. Internal monitoring and auditing Seven Key Elements 7. Procedures for ensuring prompt responses to compliance issues CMS requires Plan Sponsors to have written Standards of Conduct. One way that Arkansas Blue Cross satisfies this requirement is through our Code of Conduct.

Key Elements of Compliance Defined 1. Written Policies & Procedures All Sponsors are required to have a comprehensive plan to detect, correct and prevent fraud, waste and abuse and should include: The Code of Conduct and related policies that reflect Arkansas Blue Cross s commitment to integrity, ethical conduct and legal/regulatory compliance A few of the policies you can find within Arkansas Blue Cross s Code of Conduct are: Conflict of Interest Arkansas Blue Cross Blue Shield Assets Gifts and Entertainment Control, Accounting and Reporting Information Protection and Privacy Communications and Fair Disclosure Written policies, procedures and standards of conduct should clearly state the commitment to comply with all applicable statutory, regulatory and Medicare program requirements. Policies and Procedures should acknowledge the day-to-day risks and identify and respond to the risk areas

Key Elements of Compliance Defined I. Written Policies & Procedures (including Code of Conduct) Arkansas Blue Cross s Code of Conduct is included in this training under Resources and or can be viewed on our website at www.arkansasbluecross.com/about/conduct.aspx Our Code of Conduct sets expectations for our employees and those whom we contract to understand and comply with all laws, regulations and policies concerning our business. We are committed to integrity, conducting ourselves in a legal, ethical manner and doing business with health care professionals, entities, agents and vendors who are equally committed to adhering to our Code of Conduct. To support our mutual commitment, all organizations including FDRs- who provide services related to our Medicare Advantage (MA) and Part D (PDP) Plans must know and comply with our Code of Conduct. CMS also requires sponsors and their FDRs have policies and procedures in place to ensure compliant and ethical conduct. While Arkansas Blue Cross cannot provide a Code of Conduct or policies and procedures for you to adopt as your own, or help you develop and implement your own compliance program, the following resources should provide assistance to you regarding provider specific compliance program OIG Compliance Program for Individual and Small Group Physician Practices http://oig.hhs.gov/authorities/docs/physician.pdf The American Medical Association (AMA) publishes several regulatory compliance resources on its Web site http://www.ama-assn.org/ama/pub/physician-resources/legal-topics/regulatorycompliance-topics.page

Key Elements of Compliance Defined II. Compliance Officer and Compliance Committee Arkansas Blue Cross has designated a Compliance Officer and a Compliance Committee specifically for the Medi-Pak Advantage and Med-Pak Rx Compliance. Our Compliance Officer is responsible for ensuring compliance with the program requirements and for overseeing the Compliance Committee. The Compliance Committee advises the Compliance Officer and assists in implementing the compliance program. Arkansas Blue Cross Blue Shield Shirl Welch, Director of Regulatory and Marketplace Compliance office: (501) 378-6643 e-mail: regulatorycompliance@arkbluecross.com Confidential Ethics, FWA and Compliance Hot Line 1-877-507-7305

Key Elements of Compliance Defined III. Disciplinary Guidelines Upon the conclusion of any potential non-compliance, fraud, waste or abuse investigation, the Compliance Office shall recommend to management appropriate corrective and disciplinary actions as warranted. All corrective actions shall: Be tailored to address the misconduct identified Provide structure with timeframes Be detailed in a written agreement Be documented and monitored to ensure the entity satisfactorily implements the corrective action Disciplinary actions for employees can range from oral or written warnings, mandatory retraining and up to and including termination based on disciplinary criteria set forth in the corporate administrative manual. For first tier and downstream entities, actions may include monetary or other actions as provided for in the relevant contract, up to and including termination of the contract.

Key Elements of Compliance Defined IV. Auditing and Monitoring Arkansas Blue Cross Audit Programs includes: Program Risk Assessment Arkansas Blue Cross Blue Shield maintains a Medicare Part C & Part D program risk assessment as an ongoing tool for prioritizing program initiatives and to assist in the ongoing maintenance of the Auditing and Monitoring Plan. Management considers a wide range of factors when assessing program risk including, but not limited to, new regulations, changes to existing regulations, industry trends and developments, and areas of focus from the Centers for Medicare and Medicaid Services (CMS). Risks identified through the process are categorized and ranked to help management prioritize efforts. Auditing and Monitoring Activities The Medicare Parts C & D Compliance Officer coordinates both internal and external resources to implement the Auditing and Monitoring Plan. Auditing and monitoring activities are conducted as required to ensure CMS requirements and Arkansas Blue Cross Blue Shield policies and procedures are properly followed. Corrective action plans are developed and implemented in areas where processes do not meet those requirements. External Entity Oversight Arkansas Blue Cross Medicare Part C & D Program is also subject to audits from external parties such as the Centers for Medicare & Medicaid Services (CMS) and the Office of Inspector General (OIG). Corrective action plans for any deficiencies or findings reported during external audits will be developed and implementation will be monitored to ensure processes are strengthened and regulations are followed.

Key Elements of Compliance Defined V. Responding to Detected Offenses Suspected Violations of the: compliance program federal and state statutes rules and regulations any other types of misconduct Will be investigated by the Arkansas Blue Cross Regulatory Compliance Officer or designee Reporting Obligation If you know of, or reasonably suspect, a misappropriation of Arkansas Blue Cross assets or any other violation of law, ethical or business policies you must report the matter It is the obligation of every employee and individual working on Arkansas Blue Cross s behalf who knows of or reasonably suspects a violation of Arkansas Blue Cross s Code of Conduct to promptly report it Report may be oral or written, and made to: Confidential Fraud Hotline at 1-877-507-7305 Online through the secured Fraud and Abuse link at https://secure.arkansasbluecross.com/customer_service/report_fraud.aspx By contacting the Arkansas Blue Cross Regulatory Compliance Officer

Key Elements of Compliance Defined V. Responding to Detected Offenses Non-Retaliation Arkansas Blue Cross will not discriminate or retaliate against anyone who, in good faith, reports potential violations of laws or regulations, the Code of Conduct, or other company policies. Open communication of issues and concerns without any fear of retribution is vital to the success of the Code of Conduct. In addition, employees are protected by federal law against any retaliation for taking action under the federal False Claims Act. Arkansas Blue Cross requires our FDRs to adhere to a non-retaliation policy that provides protection to employees who report suspected or actual compliance violations. Developing Corrective Action Initiatives Reports of suspected misconduct will be investigated and if a violation of applicable law or regulation is found to exist, Arkansas Blue Cross will take steps to correct the problem which may include: Development of a corrective action initiative, or, if material, Immediate referral to criminal and/or civil law enforcement authorities Disclosure to Arkansas Blue Cross senior management and the appropriate governmental authority, where appropriate Reporting to the Government Arkansas Blue Cross shall report to appropriate governmental authorities, such as the Centers for Medicare & Medicaid Services (CMS) and the Department of Health & Human Services Office of Inspector General (OIG), credible information of material violations of the law by Arkansas Blue Cross, subcontractors, providers or enrollees for a determination as to whether any criminal, civil, or administrative action may be appropriate

Policies and Procedures Conflict of Interest Conflicts of interest can arise if you have a direct or indirect financial, business or personal involvement with a current or potential supplier, competitor, customer, or employee of Arkansas Blue Cross In addition, outside financial or business involvement by members of your immediate family, or by persons with whom you have a close personal relationship, may create a possible conflict of interest for you. As an individual working on Arkansas Blue Cross s behalf: You must not take part in any transaction in which you have a personal interest if there is, or might appear to be, a conflict between your interest and the interests of Arkansas Blue Cross You must not take part in any business transaction in which you have a personal interest if your participation is in any way related to information you received, or a relationship you developed, as an employee or director You should not show preferential treatment to any provider or supplier regardless of their relationship with Arkansas Blue Cross. If you become aware of a situation involving preferential treatment to providers or suppliers, you should notify the Arkansas Blue Cross Regulatory Compliance Officer immediately. Each provider or entity that contracts with Arkansas Blue Cross will require its managers, officers and directors responsible for the administration or delivery of Medicare Advantage (MA) and Part D (PDP) benefits to sign a conflict of interest statement, attestation, or certification at the time of hire and annually thereafter certifying that the manager, officer or director is free from any conflict of interest in administering or delivering Medicare benefits.

Policies and Procedures OIG/GSA Exclusion Review Office of Inspector General (OIG) and General Services Administration (GSA) Exclusion Review Arkansas Blue Cross will not knowingly hire any individual or contract with any person or entity for it Medicare program who has been convicted of a criminal offense related to health care or who is listed by a federal agency as debarred, excluded, or otherwise ineligible for participation in a federal health care program Arkansas Blue Cross will review the Department of Health & Human Services Office of Inspector General (OIG) and General Services Administration (GSA) exclusion lists at monthly to ensure that its Medicare employees and subcontractors are not included on such lists If Arkansas Blue Cross learns that an employee or contracted provider is on an OIG/GSA list, Arkansas Blue Cross will notify the individual and remove the individual from any work directly or indirectly related to Federal healthcare programs. Arkansas Blue Cross will also take appropriate corrective actions. If Arkansas Blue Cross learns that an individual is charged with a criminal offense related to health care or proposed for exclusion or debarment, the individual shall be removed from direct responsibility for or involvement in all such Medicare activities until resolution of such charges or proposed debarment or exclusion Provider agrees, warrants and represents to Arkansas Blue Cross that the Provider currently hold and throughout the duration of the Agreement shall maintain all local, state or federal authorizations, licenses, certifications, permits, accreditations including but not limited to unrestricted eligibility to participate as a Provider in all state and federal programs (including Medicare). The Provider further warrants and represents that neither Provider nor any employee or agent of Provider is or has been barred, suspended or restricted from participation in Medicare or any other state or federal program. Provider hereby agrees to notify Arkansas Blue Cross immediately in the event of loss, restriction, suspension or voluntary surrender of any such action.

Policies and Procedures Record Retention Unless specific conditions apply, all relevant Medicare Part C & D records will be maintained for 10 years from the end of the final contract period or completion of an audit, whichever is later CMS has authority under section 1860D 12(b)(3)(c) of the Act and 422.504(e)(2) and 423.505(e)(2) to inspect and audit any books, contracts, and records of a Medicare Advantage (MA) and Part D (PDP) programs its first tier, downstream, and related entities that pertain to any aspect of services performed, reconciliation of benefit liabilities, and determination of accounts payable under the contract or as the Secretary may deem necessary to enforce the contract All records created in the course of business are the property of Arkansas Blue Cross and will be maintained in compliance with all legal, regulatory, and/or government contract requirements Only official records should be retained and they should be accurate and complete

Policies and Procedures Anti-Kick Back It is Arkansas Blue Cross s policy to strictly comply with all laws that regulate government contracting. You must not offer, give, request, or receive anything of value for free or below fair market price in connection with the sale or recommendation of, or referral to, any benefit plan, product or service paid partly or fully by any government program. Anti-Kick Back provides criminal and civil penalties for individual or entities that knowingly and willfully offer pay, solicit, or receive remuneration in order to induce or reward business payable (or reimbursement) under the Medicare or other Federal health care programs 42 U.S.C. section 1320-7b(b) An individual or entity convicted of an AKS violation(s) may be excluded from participation in the Medicare and other Federal health care programs, subject to civil monetary penalties, and/or sentenced to prison. Examples of provider activity that may constitute a AKS violation Taking money from pharmaceutical representatives in exchange for promising to prescribe that company s drug over others Only referring Medicare patients to one physical therapy practice, in exchange for receiving money from that practice for such referrals

Policies and Procedures False Claims Act Prohibits knowingly presenting (or causing to be presented) a false or fraudulent claim for payment or approval Prohibits knowingly making or using (or causing to be made or used) a false record or statement material to a false or fraudulent claim 31 U.S.C. sections 3729-3733 Prohibits knowingly concealing, improperly avoiding, or decreasing an obligation to pay money to the government Persons or entities liable under the FCA may pay a civil penalty of up to $11,000 per false claim, plus three times the amount of damages sustained by the government. In addition, the OIG may exclude such individual or entities from participation in the Medicare and other federal health care programs Examples of provider activity that may constitute a FCA violation are: Billing for services that were not rendered Up-coding billing for a service that was not rendered simply because the coding generates more income than the correct billing for the service that was actually rendered Making a false statement, or the submission of false claims, is among the government s highest fraud and abuse concerns. Such actions can also result in criminal prosecution, up to 5 years imprisonment and/or a fine of up to $250,000 per individual,$500,000 per organization.

Policies and Procedures Protecting Individually Identifiable Health Information (PHI): High Level Overview of the HIPAA Privacy & Security Rules The HIPAA Privacy and Security Rules protect Individually Identifiable Health Information, referred to as Protected Health Information (PHI), held or transmitted by a Covered Entity (Health Care Professionals, Health Plans, Health Care Clearinghouses) and their Business Associates (entities that complete certain functions on the Covered Entity s behalf, such as Medicare subcontractors) PHI includes information that identifies the individual or could reasonably be used to identify the individual. PHI is information, including demographic data, which relates to the: Individual s past, present or future physical or mental health or condition; Health care provided to the individual; or Past, present, or future payment for health care provided to the individual. The HIPAA Privacy Rule protects all PHI in any form or media, whether electronic, paper or oral. The HIPAA Security Rule applies only to electronic PHI (e-phi). In general, this rule requires a Covered Entity to adopt additional safeguards for e-phi ensuring the confidentiality and availability of all it creates, receives, uses, maintains, or transmits. The Health Information Technology for Economic and Clinical Health (HITECH) Act expands certain HIPAA Privacy and Security requirements to cover Business Associates and to provide individuals with additional rights to access and control the use of their PHI, among other things.

Policies and Procedures Protecting Individually Identifiable Health Information (PHI): High Level Overview of the HIPAA Privacy & Security Rules All of the elements of PHI could not be displayed here, however an example of some elements used either alone or if combined in a way that would allow an individual to be identified are below: Zip code alone would not be PHI, but this data element combined with address and phone number would be PHI. This is because the combination of these data elements could be used to identify an individual. Birth date alone would not be PHI, but coupled with SSN and claim numbers could result in identification of an individual and would be considered PHI. Social Security Number (SSN) alone would be PHI as this data element can be used to identify an individual. **Please note: The information provided on PHI is intended as a general description of applicable rules. Variations, exceptions and qualifications to the general rules may be recognized in the rules but are not outlined here. When in doubt, or if a particular fact or circumstance presented in a given cause are not precisely aligned with a general rule referenced here, please contact the Arkansas Blue Cross Privacy Office or Legal Department for clarification.

Policies and Procedures Protecting Individually Identifiable Health Information (PHI): Additional Requirements Safeguarding Protected Health Information Members of the workforce must employ the appropriate administrative, technical and physical safeguards to protect the privacy of protected health information. Use & Disclosure of Information: PHI Confidential information cannot be disclosed to others without the individual s written authorization except for the purposes of treatment (providing care), payment (claim payment) or health plan operations (examples include, but are not limited to: audits and fraud and abuse detection). Minimum Necessary When collecting, accessing, using or disclosing PHI, or when requesting PHI to perform job functions, members of the workforce must make reasonable efforts to limit the use and disclosure to the minimum necessary to accomplish the intended purposes of the use or request. Verification Members of the workforce must follow Arkansas Blue Cross s procedures to verify the identity of a person requesting PHI and the authority of any such person to have access to PHI. Notice of Privacy Practices: Individuals must receive and have access to a Notice of Privacy Practices which describes how their health information may be used or disclosed by Arkansas Blue Cross and what individual rights they have in relation to this information. Individual Privacy Rights The HIPAA Privacy Rule provides individuals with certain rights related to their PHI. These rights include: they can have access to their PHI; request amendment to their PHI; obtain an accounting of disclosures of their PHI; request restrictions on the use and disclosure of their PHI; and request alternate means of communicating with them, such as sending materials to an alternative address or location; and lodge a complaint if they believe there has been a violation of their privacy rights

Policies and Procedures Protecting Individually Identifiable Health Information (PHI): Additional Requirements Protecting Individually Identifiable Health Information (PHI) If you believe that a privacy or security breach or violation occurred due to any act or omission of Arkansas Blue Cross and Blue Shield or its employees, you should immediately report the same to the Arkansas Blue Cross and Blue Shield Privacy Office at the following address and telephone number: Arkansas Blue Cross Blue Shield Privacy Office PO Box 3216 Little Rock, AR 72201 Toll free : 1-866-254-4001 Local: 501-396-4116 Fax: - 501-378-2975 office: (501) 378-6643 Instances of potential non-compliance with the Privacy & Security Rules, HITECH Act and Arkansas Blue Cross's Privacy Policies and Procedures will be investigated and appropriate disciplinary action will be taken as needed.

Chapter 4 - Benefits and Beneficiary Protections MA Obligation on Providing Information on Advance Directives CMS requires that MA programs comply with certain requirements regarding Advance Directives. Advance Directives are basically documents signed by or on behalf of a patient or member that address certain end of life decisions. Advance Directives are also sometimes called Living Willis or Health Care Proxies. Advance Directives express the patient s or member s wishes about end of life choices and direct whether certain actions be taken or not be taken, as the case may be, to preserve and prolong life. Under Arkansas law, the rules around Advance Directives are contained in the Arkansas Rights of the Terminally Ill and Permanently Unconscious Act, which is found at Ark Code Ann. 20-17-201 et seq.

Advance Directive As a Plan Sponsor, Arkansas Blue Cross is required to maintain policies and procedures governing Advance Directives and also to educate its members and the community about Advance Directives. One of the ways that Arkansas Blue Cross insures that its members are given information about Advance Directives is to require that its network providers comply with Arkansas law on Advance Directives and provide information to their patients are required by law. Arkansas Blue Cross also maintains policies and procedures that dictate how it complies with Advance Directives requirements imposed on it as a Plan Sponsor. 27

Resources Arkansas Blue Cross Blue Shield Code of Conduct Statement of Principles Arkansas Blue Cross strives to maintain a professional environment that considers ethics and compliance an integral part of all of our business decisions. Standard 1: At a Minimum, Ethical Professionalism Requires Legal Compliance. For this reason, we must conduct Enterprise business in accordance with all applicable laws, regulations, and contractual obligations at all times Standard 2: Report Data Truthfully and Accurately. We must each take special care to ensure that information is recorded and reported accurately and honestly. Standard 3: Follow Enterprise Record Retention Policies. We must each ensure that all business records are retained in accordance with our Company s record retention policies. Standard 4: Protect Confidential Information. We must each protect the integrity of confidential information at all times. Standard 5: Avoid Conflicts of Interest. We must each ensure that we do not engage in activities that conflict with, or are otherwise incompatible with, our responsibilities as Company employees. Standard 6: Don't Offer or Accept a Bribe or Kickback. We must not accept favors from potential business partners in exchange for your business decisions, and we must not offer favors to potential customers in return for business.

Resources Arkansas Blue Cross Blue Shield Code of Conduct Statement of Principles Standard 7: Always Remember That The Government Is a Unique Customer. We will conduct our government business with the highest degree of integrity and honesty. Standard 8: Compete Ethically and Fairly. We must take special care to avoid engaging in anticompetitive activities or unfair trade practices. Standard 9: Treat Government Investigations As Serious Matters. We will cooperate with all government investigations and reasonable requests for information. Standard 10: Safeguard Company Assets. Company employees should not use Company assets for personal reasons unless they receive specific prior approval from their supervisor. Standard 11: Don't Engage In Improper Political Activities. Because our Company s ability to participate in political activities is constrained by federal, state and local law, all organizational political activity must be cleared by the Company s Legal Department. Standard 12: Recognize That The Company s Greatest and Most Valuable Asset Is Its Workforce. Our Company is committed to maintaining a safe and professional working environment for all of its employees, and to ensuring that all employees are treated with fairness, dignity and respect.

Thank you for completing the Medicare Compliance Training for Providers from Arkansas Blue Cross Blue Shield. By taking this training, you have met Arkansas Blue Cross and CMS s annual training requirement for Medicare Advantage and Part D PDP Providers and their staff, and have assisted us in meeting our plan sponsor requirements. Please retain a copy of the training materials, training logs and completion certificate for 10 years. This documentation may be requested for review in the event of an audit by Arkansas Blue Cross and Blue Shield or Compliance Program Audit by CMS or CMS designee.

Resources Federal Agencies Office of Inspector General Phone: 1-800-HHS-TIPS (800-447-8477) Fax: 1-800-223-2164 E-mail: HHSTIPS@oig.hhs.gov OIG Fraud Hotline: www.oig.hhs.gov/fraud/hotline Mail: Office of inspector General HHS TIPS Hotline P.O. Box 23489 S Washington, DC 20026 Medicare Drug Integrity Contractor (MEDIC) Health Integrity, LLC Phone: (877) 7SafeRx (1-877-772-3379) Web: www.healthintegrity.org *The MEDIC is a CMS-contracted entity charged with investigation of potential fraud, waste, and abuse matters.

Medicare Compliance Training Log This certifies that the named individual(s) below have satisfactorily completed Medicare Compliance Training for Providers as required by 42 CFR sections 422.503 and 423.504. By signing I also understand it is my personal responsibility to comply with the requirements of such standards. Printed Name Signature Date Training Completed

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback