DOJ Updates Corporate Compliance Plan GuidanceClient Alert
With the passage of the Affordable Care Act in 2010, all healthcare providers were required to adopt and implement a corporate compliance plan. Historically, having an effective corporate compliance plan in place has been key to defending healthcare providers in fraud and abuse actions by Medicare, Medicaid, and commercial payers. Over the past couple of years, the U.S. Department of Justice’s (DOJ) Criminal Division has increased the number of prosecutions against U.S. corporations, including healthcare providers. Earlier this month, the DOJ’s Criminal Division updated its “Evaluation of Corporate Compliance Programs” guidance to educate prosecutors on how a corporate compliance program will be evaluated going forward. https://www.justice.gov/criminal-fraud/page/file/937501/download
If a healthcare provider is able to actively demonstrate its commitment to a culture of compliance as reflected in a comprehensive program, an Assistant U.S. Attorney (hereinafter “AUSA”) may elect to not file charges and/or may seek reduced charges. Regardless if an AUSA does bring formal charges, the new guidance allows a federal judge to impose a reduced sentence. Now, more than ever, it’s critically important that healthcare providers have an effective compliance program in place as it materially affects the penalties imposed for healthcare fraud and abuse violations. Having an effective compliance program can mean the difference in whether criminal charges are brought (which could result in prison time or large fines).
The June 2020 update from the DOJ covers a variety of specific topics, but essentially focuses on three questions in relation to an organization’s compliance program:
- Is the compliance program well designed?
- Is the program applied earnestly and in good faith?
- Does the program work in practice?
In other words, an effective compliance plan must be a “living, breathing document” and not just a generic set of policies and procedures that is left forgotten on a shelf or computer system.
A successful compliance program should focus on the provider’s internal compliance training program. The DOJ described an appropriately tailored training as “the hallmark of a well-designed compliance program” and periodic training helps to ensure that a compliance program is integrated into the organization. Relevant employees, as well as, senior managers (and in some situations, agents and business partners) should have training provided by the company regularly so that they may properly communicate and implement compliance policies and procedures. Furthermore, the organization must pay special attention to providing employees with the tools in which to seek assistance and/or respond to any potential compliance issues.
Throughout the update, the DOJ identifies specific areas where AUSA’s should focus in their determination of whether a compliance program is well-designed, earnestly implemented and effective. Two of these areas assist providers in designing, implementing and improving their compliance-based programs.
- Risk-Bask Training
Providers are expected to conduct an in-depth analysis of which employees require training and on what subjects. The organization should provide tailored trainings which reflect the specific risks in the work environment. Any employee who works in a high-risk role, has been involved in prior misconduct, or is senior management should receive ongoing trainings.
- Form/Content/Effectiveness of Training
AUSA’s will not be impressed by merely having a program designed. They will instead focus on the form in which the training is being provided, including who is presenting the trainings. Real-world compliance lapses and testing by companies should be frequent.
The attorneys of Brennan, Manna & Diamond’s healthcare team are available to assist healthcare providers in drafting, implementing and improving their corporate compliance programs, trainings, and implementation processes. Please contact Jeana Singleton at firstname.lastname@example.org or 330-253-2001, Richard Crosby at email@example.com or 614-246-7500, or your BMD healthcare attorney for more information.