CPCO prep

Ace your homework & exams now with Quizwiz!

Seven elements the OIG states are necessary in an effective compliance program:

1-Conducting internal monitoring and auditing 2-Implementing compliance and practice standards 3-Desiginating a compliance officer or contact 4-Conducting appropriate training and education 5-Responding appropriately to detected offenses and develop & implement corrective action 6-Developing open lines of communication 7-Enforcing disciplinary standards through well-publicized guidelines

What year did the GAO identify Medicare claims to be at high risk for fraud and abuse which resulted in the OIG initiating an audit of HCFA (CMS) payment system?

1992

If an internal audit reveals issues, its time to do some interviews and document reviews. How many people should be involved in the interview process of an employee?

2 (an attorney is not required, but you should have 2 people interviewing a single employee)

CLIA certificates are valid for how long?

2 years

If an internal audit reveals issues, it's time to do some interviews and document reviews. How many people should be involved in the interview process of an employee?

2+ the attorney

Comprehensive error Rate Testing Program (CERT) started in what year?

2001

What year was the Patient Protection and Affordable Care Act (PPACA) enacted?

2010

After initial education and training have been implemented, when does the OIG recommend a benchmark audit be performed?

3 months

The typical duration of a Corporate Integrity Agreement (CIA) is?

3-5 years

Changes in ownership must be reported within how many days to the Medicare program?

30

How many days does a medical billing company have to send providers determinations?

30

After enacting CLIA, what percentage did the total number of quality deficiencies decrease by from the first laboratory survey to the second?

40%

How many components are required by the OIG to have an effective Compliance Program?

7

Because it is such a large component of their responsibility, what percentage of resources does OIG dedicate to Medicare and Medicaid?

80%

What is the recommended timeframe for a performance review?

90 days

An initial review of all areas of possible non-compliance within the practice/organization is necessary to reveal what areas of the practice/organization are currently in compliance and which areas are not. This assessment is called what?

Baseline

Why is the annual OIG Work Plan so important to compliance officers when they are developing their risk assessments?

Because it shows results of previous year's audit findings the current year's focus.

Why did OSHA publish a Blood Borne Pathogen standard?

Because of significant exposures to viruses and other microorganisms

Federal and state statutes, regulations and health insurance guidelines

Besides policies & procedures, what other item is important for third parties to integrate into their compliance program?

What timeframe is an employer required to post the OSHA 300?

Between Feb 1 and April 30th

Which of the following is not true regarding how improper payments are categorized?

Billed based on time

What third party plays a critical role in accurate billing and reimbursement?

Billing agencies

What is an important component of the compliance officers responsibility when managing incidents and investigations?

Board of Directors need to be kept apprised of ongoing investigations and results.

What determines exposure?

By reviewing job classifications

CMS is a division of ______.

HHS

What is considered an appropriate start to implementing an effective compliance program for compliance officers of small physician group practice with limited resources?

Adopt only those components which, based on the practice's specific history with billing problems and other compliance issues are most likely to provide and identifiable benefit

When drafting audit protocol in an internal investigation, it should be carefully worded and tied back to the regulatory scope and applicability research. If an attorney does not draft the protocol, one should review it for language. Why?

The government or opposing party may obtain a copy

The two states that have mandatory compliance program certification requirements are ___________

Arkansas and Vermont

RAC's perform what type of review(s)

Automated and complex Automated = no medical record required Complex = medical record required

What does HITECH stand for?

Health Information Technology for Economic and Clinical Health

What is a OSHA 300 form used for?

It provides a total of job-related injuries for the year

How does a GFCI function?

It will shut off in the event of a ground fault.

Medicare Fraud is ___________

Knowingly submitting a false statement to obtain federal healthcare payment

Which of the following is not an example of PPE?

Lab coat

Should laboratories develop standards of conduct for employees?

Laboratories SHOULD develop standards of conduct

What are limits of auditor record requests?

Large Groups (16+ individuals): 50 medical records per 45 days per NPI requested. Partnership (2-5 individuals); 20 medical records per 45 days per NPI Group (6-15 individuals) 30 medical records Solo Practitioner: 10 medical records

Key risk areas defined for medical billing companies include:

Unbundling Up-coding Inappropriate balance billing

$2000-$11000, plus the assessment of not more than three times the amount claimed for damage.

Under the CMP law, HIPAA increased the maximum penalty amount per false claim from?

There is no current criminal or civil enforcement action pending

Under the FCA, a person or entity may voluntarily disclose a violation and if they cooperate with any ensuing investigation and satisfy certain other criteria, the damages will be doubled instead of tripled under what circumstances?

Which office is at the top level of concern and usually involved in whistle blower actions and national investigations?

United States Attorney's Office

CLIA is funded by whom?

Users

The referring physician, or an immediate member of the referring physician's family, has a financial relationship with the entity receiving the referral.

Violation of the Stark law occurs when

When can PHI not be disclosed without a patient's consent?

When a neighbor overhears someone may have a STD

How soon are practices or medical organizations required to process record requests?

Within 30 days

Is OIG guidelines for compliance program mandated for third party health care companies?

Yes, but the implementation date hasn't been provided yet. (Mandated by PPACA)

Can providers request an extension for providing records requested by an auditor?

Yes, by sending a valid explanation.

If a person presents to the emergency department and collapses outside the ER doors is EMTALA evoked?

Yes, the 250 yard zone applies in this case

What is the limits of Medicaid Fraud Control Units (MFCU's)?

Limited to investigating Medicaid provider fraud

The Medicare assignment rules contain a number of exceptions governing who can bill the Medicare program. If a group practice is using a billing agent, what type of payment arrangement is necessary?

Lockbox (the agent can't receive payment from Medicare directly).

The Medicare program has program manual instructions on overpayment. Generally, overpayments are returned to the ___________?

MAC

HR policies will need to _______________

Make sense for the needs of the medical facility

All medical facilities must allow people with disabilities to ________?

Maneuver freely with their mobility devices

Third party health care audits should be designated to address the companies _______________.

Marketing services

How long can an employee be off during an approved FMLA?

Maximum 12 weeks

What is the most significant state program for healthcare?

Medicaid

What third-party is in a unique position of fraud discovery?

Medical Billing Companies

Because it is considered the overarching criteria for determining a level of service, the provider must ensure that the documentation supports what?

Medical Necessity.

What third-party health care provider is becoming a vital part of the health care indsutry?

Medical billing companies

What can result in imprisonment and penalties for providers and covered entities

Medical fraud

What can result in imprisonment and penalties for providers and covered entities?

Medical fraud

A majority of the OIG's resources goes to oversight of which programs?

Medicare and Medicaid

The bulk of federal regulations in 42 CFR part 4 covers the _________ and _____________programs

Medicare and Medicaid

What is a key concept of the privacy rule?

Minimum necessary

If I am only drawing blood, do I need a CLIA number?

NO, a CLIA number is not required if the facility only collects specimens and performs no testing.

What can providers review that will help them understand the compliance requirements of a clinical lab?

OIG's Clinical Lab Guidance

When can patients instruct their provider not to share information about their treatment with their health plan?

Only when the patient tells the secretary when scheduling an appointment that he or she is paying cash for the visit and does not want his or her information to be given to the health plan.

When a hospital sends a patient home, or transfers the patient, without providing care is called what?

Patient dumping

20 years

Penalties for mail fraud include fines and imprisonment of up to?

What defines and limits the circumstances in which an individual's PHI may be used or disclosed by covered entities?

Privacy Rule

Which organization publishes CLIA rules and regulations?

CMS

____________provides opinions for Stark law

CMS

What is a CCA?

Certification of Compliance Agreement in which providers agree to continue to operate their existing compliance program

The guidance provided by the OIG can be incorporated in policies to prevent ____________and _____________errors from occurring.

Coding and billing

The attorney-client privilege protects___________

Communications made to obtain legal advice

What is one way to discourage whistleblowers?

Conduct performance reviews

If a state or federal agent arrives at your office and presents a search warrant, it is best practice to what?

Contact your attorney immediately

What are the requirements for containers used to store waste?

Container must be color-coded

Medical practices should be aware of risks identified in the past and then establish policies and procedures for what?

Continual monitoring

Private or government investigations usually start with a request for __________.

Records

MAC's are responsible for administering the what for Medicare Services?

Refunds

What is a key compliance element for enacting PPACA?

Requiring mandatory compliance programs as a condition of enrollment in federal healthcare programs

Private payers will send letters to providers directly, although some are now turning to third party agencies. These agencies get a percentage of what is recovered and use what kind of techniques to find claims aberrations?

Data mining software

What should not be ignored and ay require policy measures to prevent avoidable recurrence?

Risk areas

Waived and PPM laboratories may apply directly for their certificate as they are not subject to _________?

Routine inspections

Waived and PPM laboratories apply directly for their certificate as they are not subject to ___________?

Routine inspections.

The anti-kickback statute

Routine waiver of co-pays would be considered a violation of which law?

Which one of the following is not considered an engineering control?

Safe medical devices

If a referred patient to your practice has a hearing deficit and needs an appointment, what steps should your practice take when scheduling?

Schedule the appointment a few days ahead to make arrangements for an interpreter.

What establishes the Medicare Integrity Program?

Section 1936 of the Social Security Act

What is EAP?

Employee Assistance Plan

What is ERISA?

Employee Retirement Income Security Act

What employees fall under category III?

Employee not exposed to blood borne pathogens

What is not included in the hazard communications standard?

Employee training on evacuation routes

Why should compliance officers have set disciplinary policies for non-compliance?

Employees should know the consequences for non-compliance of set policies.

Which of the following is considered the primary means of minimizing employee exposure?

Engineering controls

The OIG's ______to Congress keeps the Secretary of HHS and Congress currently informed about OIG's most significant findings, recommendations and activities for specific six-month periods.

Semi-annual report

On what date do all covered entities need to be in compliance with HIPAA Omnibus Rules?

September 22, 2014

The ______addresses compensation paid by laboratories to referring physicians and physician group practices for blood specimen collection, processing and packaging and for submitting patient data to registry or database.

Special Fraud Alert

What is an example of using the process of complete elimination or destruction of all forms of microbial life?

Sterilization

What safeguard is defined as a measure to protect ePHI

Technical safeguards

Under EMTALA a treating physician can consult other physicians in what ways that are not prohibited?

Telephone Video Conferencing Internet

In an internal investigation, if your attorney does the interview, what is important for the employee to know?

That the attorney is not the employee's attorney

One benefit of having an effective compliance program is:

it shows the practice is making a good faith effort to be compliant.

Generally, routine screening procedures done as part of an asymptomatic annual examination for a Medicare patient are ___________?

non-covered services.

Under EMTALA, all Medicare participating hospitals are required to provide at least a medical screening exam to a patient who comes to the emergency department....

regardless of the patient's insurance or ability to pay.

Once a vulnerability or risk has been identified, it is important to determine the risk rating. This is determined by _____________.

the likelihood or probability of occurrence and the severity of impact.

The risk assessment is an essential component of the compliance officer's responsibilities. Once the risks have been identified and prioritized, the next step in the process is to __________.

conduct audits based on the risk assessment findings.

Failure to respond quickly to suspected instances of non-compliance threatens the organization's reputation as trustworthy, law-abiding, and _______.

the organization's ability to participate with federally funded healthcare pans and/or third party payers.

Alerts for Physician's Office labs from Medicare on expired certificate, will cause your Medicare carrier to

deny claims

When a practice identifies that a provider is an outlier, it becomes most important to verify that the billed services are what?

documented and coded accurately

What are the BENEFITS of a compliance program?

help speed and optimize proper payment of claims Help protect patient privacy Reduce chances of an audit Minimize billing mistakes Comply with self-referral and anti-kickback statutes

The purpose of EMTALA is to prevent:

hospitals from rejecting patients in a discriminatory manner to anyone, refusing treatment to patients, or transferring patients to "charity hospitals" or "County hospitals" because they are unable to pay.

Improper advertising can get the physician in trouble with whom?

the state licensing board

What is a typical term of a Certification of Compliance Agreement (CCA)?

three years

A certificate of provider-performed microscopy (PPM) procedure is issued:

to a laboratory in which the provider performs no tests other than waived tests and PPM procedures.

A search warrant, State or federal (or both) allows the agents the right to what?

to enter and seize documents

The final CLIA regulations were published on February 28, 1992 and are based on the complexity of the test method; thus, the more complicated the test, the more stringent the requirements. What are the three categories of tests that have been established?

waived, moderate-microscopy (PPM), and high complexity

A serious danger for compliance programs is _______

when they are developed and not implemented.

Because of the changing nature of healthcare regulation, the compliance program _______

will be a "work in progress"

The Office of Civil Rights (OCR) has enforcement power for violations occurring as a result of willful neglect. OCR can now impose civil monetary penalties of up to how much per HIPAA privacy regulations violation.

$50,000

Hospitals with over 100 beds that violate EMTALA also may be subject to civil penalties and civil monetary penalties of up to how much?

$50,000 per violation

The OIG requires that documentation relating to the CIA be kept for how long after the CIA term?

1 year

What is the OIG's Five-Principle Strategy to combat healthcare fraud, waste, and abuse?

1-Enrollment = scrutinize individuals and entities that WANT to participate PRIOR to enrollment 2-Payment = Establish payment methodologies that are reasonable and responsive to changes in the marketplace 3-compliance = Assist providers and suppliers in adopting practices that promote compliance with program requirements, including quality and safety standards 4-Oversight=Vigilantly monitor programs for evidence of fraud, waste, and abuse 5-Response=respond swiftly to detect fraud, impose sufficient punishment and promptly remedy program vulnerabilities

What steps should a billing company take if they find credible evidence of provider misconduct, fraudulent or abusive conduct?

1. Refrain from submitting any false or inappropriate claims 2. Terminate the contract 3. Report the misconduct to the appropriate Federal and State authorities within 60 days.

CMS is headquartered in Baltimore and has _________regional offices around the country, which primarily oversee enrollment and certification issues.

10

CMS is headquartered in Baltimore and has _____regional offices.

10

How many states require nursing facilities to perform a FBI check on employees?

10

How many months of coverage does COBRA provide?

18 months

Franklin D. Roosevelt signed social security into law in __________.

1935

What year did OSHA publish the Bloodborne Pathogens standard?

1991

Hospital compliance guidance was published by the OIG in February of what year?

1998

When did the Needle Stick Safety and Prevention Act become effective?

2001

The Medicare learning network (MLN) began in _________.

2004

When was the supplemental compliance guidance for hospitals published?

2005

The nationwide network of MAC's date back to ________.

2006

What year was the ADA amendment enacted?

2008

Medicare requires physician and mid-level providers to certify the need for physical, occupational or speech therapy. The first certification is needed within how many days of starting therapy?

30

Which Code of Federal Regulation section is important to Compliance Officers and why?

42, it covers the Medicare and Medicaid programs

How many states currently require nursing facilities to perform a background check of state records for direct-access employees?

43

How many employees does an employer need to be held to FMLA policies?

49 years

In general , the OIG recommends auditing how many medical records per federal payer?

5 or more

In general, the OIG recommends auditing how many medical records per federal payer?

5 or more

How many regions are part of the Medicaid Fraud Control Unit?

6

How many days after determining that there is a credible evidence of fraudulent conduct should la billing company take to notify federal and sate authorities regarding the violation?

60 days

How many percutaneous injuries that involve contaminated sharps occur annually?

600,000

Physicians needs to report any change in their name, taxpayer ID, and bank arrangements within how many days?

90

When is the recommended timeframe for a performance review?

90 days

Skilled nursing facilities are Medicare certified facilities that provide extended skilled nursing or rehab care under Medicare Part _____-

A and B

fair market value

A basic concept in the anti-kickback safe harbors and Stark exceptions is that financial transactions between potential referring parties be conducted under what conditions?

Employees have ____________to report erroneous conduct, without repercussion, so that it may be corrected immediately.

A duty

What is OSHA?

A federal agency in charge of employee safety

What could constitute an occupational exposure?

A needle stick A cut with a sharp object A percutaneous injury

A patient is considered new if they meet which of the following criteria?

A patient who has not received any professional services from the physician of the same specialty who belongs to the same group practice within the past 3 years

Fraud waste and abuse are all areas that must be controlled when providing services to beneficiaries. Fraudulent billing:

A willful act.

What safeguard covers maintenance of security measures to protect ePHI, and to manage the conduct of the covered entity's workforce in relation to the protection of ePHI?

Administrative safeguards

Form CMS-R-131 is better known as?

Advanced beneficiary notice of non-coverage

Monthly

After hiring, how often should providers check to make sure employees are not on the OIG list of excluded individuals?

What should be readily accessible to all coding staff?

All essential coding resources

The 250-yeard zone rule does not apply to:

All hospital-owned physician practices

When there is notice of an investigation, employees must know that it is against policy to __________

Alter, destroy or remove any documentation from a patient's medical record

If a compliance problem is not detected, or detected too slowly, the compliance program may require modification. What steps should the compliance officer take to determine what is necessary to prevent future violations?

Analyze the situation

Routine waiver of Medicare deductibles or copayments is a violation of which statute?

Anti-kickback

What two laws relate primarily to the relationships between referral sources, such as physicians and hospitals?

Anti-kickback and Stark Laws.

Some joint ventures may violate the Medicare and Medicaid ______________.

Anti-kickback statute

For billing companies that provide marketing services, percentage arrangements may implicate the ________ statute.

Anti-kickback.

Which law governs relationships between competitors?

Antitrust

What employees should get Hep B vaccines?

Any employee exposed to blood borne pathogens

If a patient walks into your practice with a leashed dog, what should you do?

Ask the patient if the dog is a service animal and, if the patient states ye, allow the animal on the premises.

Attorney-client privilege protects communications that you have with your attorney and ____________

Attorney-client work-product

Work the attorney does in creating reports, interview memos, or research is called what?

Attorney-client-work-product.

What is the process that determines if the compliance program is effective?

Audit

The entire organization should be included in the initial, audit to identify current compliance and areas of non-compliance. What type of audit is this?

Baseline

Why did OSHA publish a Bloodborne pathogens standard?

Because of significant exposures to viruses and other microorganisms

The guidance from OIG can be incorporated into policies to prevent _______and _________errors from occurring

Billing and coding (help prevent false claims)

What is not a typical way that providers try to defraud Medicaid?

Billing under several NPI's at a time

Records associated with an inquiry will include the nature of the inquiry or report, the investigation procedures and outcomes, and all actions taken by the Compliance Officer and/or the organization to rectify any non-compliance uncovered. What is an important component of the compliance officers responsibility when managing incidents and investigations?

Board of Directors need to be kept apprised of ongoing investigations and results.

What is not a definition of occupational exposure?

Bruised skin

Some of the largest breaches reported to HHS have involved __________

Business associates

How are RAC auditors paid?

By a contingency fee basis

What department monitors the MAC's?

CERT

To avoid a conflict of interest, the OIG specifically states that the compliance officer should not report directly to whom?

CFO (may be fiscal conflict of interest) Would be acceptable to report to Board or CEO

What is required on all CMS-1500 forms when billing for laboratory testing?

CLIA number Date of service NPI number

A participating hospital is required to keep a ______on each individual who comes to the emergency department seeking assistance, whether or not that person refused treatment, was refused treatment, admitted and treated, stabilized and transferred or discharged

Central Log

Which certificate is issued to a laboratory that enables the entity to conduct moderate- to high-complexity laboratory testing until the entity is determined by survey to be in compliance with the CLIA regulations?

Certificate of registration

To enroll in the CLIA program, laboratories must first register by completing an application, pay fees, be surveyed, and if applicable become what?

Certified

To enroll in the CLIA program, laboratories must first register by completing an application, pay fees, be surveyed, if applicable and become what?

Certified

Primary safety concerns in the medical setting include bloodborne pathogens, radiation, bio-hazardous waste, and __________.

Chemicals

Qui Tam

Civil actions may be brought in federal district court under the FCA by the Attorney General, or by a person known as a relator, in what type of action?

Every third party health care company should designate someone to serve as the focal point for compliance activities. This position is called a ___________.

Compliance Coordinator.

What will show a third parties good faith towards remediation?

Compliance Program

What will show a third party's good faith toward remediation?

Compliance Program

Every third party health care company should designate someone to serve as the focal point for compliance activities. This position is called a _________.

Compliance officer

What are corrective actions resulting from an audit?

Conducting educational sessions for providers (NOT clinical staff) Improving system edits Updating coverage policies and manuals Refining improper payment rate measurements

Under EMTALA, the following requirements must be met when transferring an unstable patient:

Consent of receiving hospital Patient's consent must be documented Physician must attest the medical benefits outweigh the risk of the transfer in writing

What is it called when the OIG waives its exclusion authority concurrent with resolution of monetary liability under the False Claims Act and the CMP law?

Corporate Integrity Agreement

OIG integrity agreements have been a catalyst for change in ___________.

Corporate culture

The HITECH Act revisions significantly increased the penalty amounts the Secretary may impose for violations of the HIPAA rules and encourage prompt _________?

Corrective action

The compliance officer is responsible to find areas of non-compliance and then formulate solutions to rectify the problem. This is known as what?

Corrective action plan

Which of these responsibilities is not one of a compliance officer?

Create all policies and procedures

Health information that does not identify an individual is called ______.

De-identified information

Alerts for Physician's office labs from Medicare on expired certificate will cause your Medicare carrier to

Deny claims

Clinical laboratory services Physical Therapy services Home health services Radiology services Radiation therapy Parenteral and enteral nutrients Prosthetics Outpatient prescription drugs Inpatient and outpatient hospital services

Designated health services include

If the practice uses an outsourced compliance officer, the OIG recommends________?

Designating a liaison from the practice to communicate with the outside compliance officer That the practice have a business service agreement with the outside compliance officer (HIPAA)

A review and analysis of all the applicable documents in a specific area is what type of audit?

Desk

How do nursing facilities accomplish compliance?

Development of protocols with a system that reviews and analyzes patient outcomes with the protocols.

LCD's and NCD's provide information for converge limited to certain what?

Diagnosis codes

A lab's requisitions should include the following:

Diagnosis codes need to be on the order for any test requested by the provider (diagnosis information for all tests ordered)

What should never be tolerated by an employer?

Discrimination

During an internal investigation, the nest step after the regulatory scope and applicability are researched is?

Draft an audit protocol

A physician who is on call and who fails or refuses to appear after being called by an ER physician (or other physician) is in violation of what?

EMTALA

If physician recruitment arrangements are not properly structured, it can result in ________________

EMTALA violations

One of the most important elements of an effective compliance program is to have a compliance officer or committee who is _________.

Empowered.

What is one way to discourage whistleblowers?

Encouraging open communication during performance reviews (in order to do this, annual performance reviews should be conducted)

What would require a high-level disinfection?

Endoscope

OSHA was created to assure safe and healthful working conditions for working men and women by?

Enforcing standards Providing training Outreach, education and assistance

What employees do not fall under Category II?

Environmental services personnel

A physician who negligently violate EMATALA also are subject to civil monetary penalties and. for repeated or gross and flagrant violations risk __________?

Exclusion from Medicare

Medicare has Part E. T/F

F, the parts to Medicare are A, B, C, and D.

False Claims Act

FERA expands the grounds for liability under which Act?

What Acts have oversight by the Dept. of Labor?

Fair Labor Standards Act (FLSA) Employee Retirement and Income Safety Act (ERISA) Occupational Safety and Health Act (OSHA)

Clinical Laboratories should charge physicians a price for ordered tests at ____________

Fair Market Value

Clinical laboratories should charge physicians a price for ordered tests at _________

Fair market value

T/F: Exempt employees must be paid overtime

False

A billing company's written policies and procedures should reflect current ________.

Federal and state statutes

Besides policies and procedures what other item is important for third parties to integrate into their compliance program?

Federal and state statutes, regulations and health insurance guidelines.

What law does not require that nursing facilities conduct state or Federal (FBI) criminal background checks?

Federal law

A compliance officer does not have to be a lawyer, but your chances of implementing a successful compliance program increases when you are familiar with:

Federal regulations

According to the OIG, an effective compliance program can create what?

Financial success Customer loyalty Community support Employee satisfaction

When drafting audit protocol in an internal investigation it should be carefully worded and tied to the regulatory scope and applicability research. If an attorney doe snot draft the protocol, one should review it for language, Why?

For attorney client privilege.

What is FPS?

Fraud Prevention System

What is the maximum amount of money an employer can charge for personal protective equipment?

Free of charge

What does the term RAT-STATS represent?

Free statistical software used to select a random sample for audit.

Welfare Benefit plans include

Fringe benefits

Accountable care organizations (ACO's) involve different providers, including hospitals and physicians. Members of the ACO share both the gains and losses for certain Medicare fee-for-service beneficiaries with high-risk conditions such as heart failure, COPD, and diabetes. What is this arrangement called?

Gain sharing

Members of the ACO share both the gains and losses for certain Medicare fee-for-service beneficiaries through high-risk conditions such as heart failure, COPD, and diabetes, this arrangement is called what?

Gainsharing

HIPAA established what comprehensive program to combat fraud committed against all health plans, both public and private?

HCFAC (Health Care Fraud and Abuse Control Program) under the joint direction of the Attorney General and Secretary of HHS

HITECH revisions significantly increased the penalty amounts the Secretary may impose for violations of _________

HIPAA

What can be an effective support system of the desired organizational culture?

HR policies & procedures

What is the level 3 of the RAC Claims appeal process?

Hearing by an Administrative Law Judge (ALJ)

In February 1998, the OIG created the first compliance document. What type of provider was the first Compliance Program Guidance issued for?

Hospitals

Which of the following is not part of the annual OSHA employee training?

How to voice concerns about HIPAA

Skilled Nursing Facilities best practice guidelines would have the compliance officer doing which of the following?`

If audit determines claims did not meet medical necessity you should report to CMS within 60 days.

When is it acceptable to bill an office visit based on time?

If over half of the visit is spent counseling the patient.

After an audit reveals areas for improvement, what is the next step a compliance officer should take?

Implement corrective action plans

What is considered the most important aspect of a compliance program?

Implementation

What is the most important aspect of a compliance program?

Implementation

The __________is when an organization offers another organization an incentive referrals.

Improper inducements.

What is considered a significant element in fraud, waste and abuse?

Improper payment

15-30%

In a qui tam action, the relator is entitled to receive a monetary settlement between?

What is not a function of ZPIC's?

Initiate appropriate administrative actions to deny or to suspend payments that should not be made to providers where there is reliable evidence of fraud

How do CMS and contractors categorize improper payments?

Insufficient documentation No documentation Medical necessity

CMS relies on a number of program contractors to identify and respond to fraud, abuse and improper payments in the Medicare and Medicaid programs. these contractors are charged with protecting the programs ____________?

Integrity

CMS relies on a number of program contractors to identify and respond to fraud, abuse, and improper payments in the Medicare and Medicaid programs. these contractors are charged with protecting the programs ____________.

Integrity

What element is a requirement for third party billing?

Integrity in computer systems

What authority has CMS contractors been given?

Interview providers and office personnel

It is important to educate employees o the methods they may utilize to directly notify and communicate issues of suspected areas of non-compliance. What is considered a best practice method of anonymous reporting?

Intra-office or USPS mail

What is the function of ZPIC's?

Investigate allegations of fraud made by beneficiaries, providers, CMS, OIG and other sources Proactively identify incidents of potential fraud that exist outside of its service area Refer cases to OIG/Office of Investigations for consideration of civil and criminal prosecution and/or application of administrative sanctions.

What does the acronym LEP stand for?

Limited English Proficiency

What usually happens next when settlement negotiations are unsuccessful?

Litigation

Under the MSP, the Medicare statute and regulations require all entities that bill Medicare for items or services rendered to Medicare beneficiaries must determine whether ______________.

Medicare is the primary payer for those items or services.

Can an individual provide a verbal authorization to release PHI?

NO, all authorizations must be in writing

When creating handicap parking spaces, which is true with regards to 4 or less spaces

No handicap sign is required as long as there is an access aisle

What foreign language does OSHA mandate the OSHA poster be posted with at each medical facility?

No requirement but also available in Spanish

A person having an asthma attack presented to the physician office on the hospital campus. The office did not have a provider in the office and the patient had to go to the ER around the corner for treatment. Is the physician office in violation of EMTALA?

No, EMTALA does not include physician practices

A person having an asthma attach presented to the physician office on the hospital campus. The office did not have a provider in the office and the patient had to go to the Emergency department around the corner for treatment. Is the physician office in violation of EMTALA?

No, EMTALA does not include physician practices.

Are compliance officers required to know all OSHA laws?

No, but they should know where to find the information

Should all compliance programs be the same?

No, compliance programs need to be tailored to fit the unique needs of every organization or physician practice

A clinical laboratory gets all of their Medicare patients to sign a blank ABN in case Medicare does not pay for a service. This is part of the clinic's written policy, therefore is in compliance Y/N

No, laboratory may never ask a patient to sign a blank ABN

When should a third party health care company start a compliance program?

Now, to be proactive

The OIG also provides a SUPPLEMENTAL compliance program guidance for ________

Nursing facilities, published in 2008

Medicaid Fraud Control Units (MFCU's) operate under the direction of ______________.

OIG

What department monitors and recertifies MFCU's?

OIG

Which office provides guidance to the healthcare industry in the form of Advisory Opinions, Special Fraud Alerts, Special Advisory Bulletins, and Compliance Program Guidance?

OIG

____________ provides advisory opinions on the anti-kickback law.

OIG

_________provides advisory opinions on the anti-kickback law.

OIG

What federal agency is in charge of employee safety?

OSHA

Which office would a compliance officer contact if he or she had questions regarding discrimination in certain healthcare programs?

Office for Civil Rights (OCR)

Which component of the OIG has a duty of conducting audits, which results in reducing waste, abuse and mismanagement?

Office of Audit Services

Who is responsible for administering and enforcing HIPAA's privacy, security and breach notification rules?

Office of Civil Rights

Who is responsible for enforcing the HIPAA Privacy Rule and Security Rule provisions?

Office of Civil Rights (OCR)

What is the Federal agency that provides compliance program guidance to providers and covered entities?

Office of Inspector General

What Federal department will consider self-reporting of misconduct as a mitigating factor?

Office of Inspector General (OIG)

Which government branch was created to fight waste, fraud and abuse in all federal health care programs, especially Medicare and Medicaid?

Office of Inspector General (OIG)

Which office is mainly responsible to investigate health care fraud waste and abuse?

Office of Inspector General (OIG)

When conducting a risk assessment, one of the most important and key sources of information that a compliance office should utilize is ___________.

Office of Inspector General's Annual Audit Plan

Which OIG office conducts criminal, civil and administrative investigations of fraud and misconduct related to HHS programs, operations and beneficiaries?

Office of Investigations

Which component of the OIG has a duty of operating the OIG hotline?

Office of Investigations

Which department of the OIG is responsible for providing mission and administrative support to the OIG?

Office of Management and Policy

During an internal investigation, creating an audit report for negotiation is important. Overpayments (and underpayments) should be included as ______?

Offsets

The compliance Officer is also responsible for the coordinating and/or screening of employees, agents and independent contractors. Why is this important?

Organizations cannot do business with individuals who have been excluded from participating in federally funded healthcare plans.

What area is of concern when patients are referred to home health agencies and/or DME suppliers?

Patients freedom of choice; not allowing patients to choose could violate anti-kickback laws

treble damages, plus a penalty of $5500 to $11000 for each false claim filed.

Penalties under the FCA (False Claims Acct) include how much?

If the main entrance cannot be made handicap accessible, then _______________

People should be detoured to another entrance.

Which serves as a reference source of information about personnel policies and procedures

Personnel Policy Manual

$25,000, imprisonment of up to five years, and exclusion from participation in federal health care programs for up to one year

Persons found guilty of violating the anti-kickback statue may be subject to a fine of up to how much?

What safeguard is defined as measures to protect electronic systems?

Physical safeguards

Medicare Part B pays for what type of services?

Physician

PAR means what?

Physicians agree to take assignment on all Medicare claims.

A high-level statement or plan that embraces an organization's general beliefs, goals, objectives and acceptable procedures for a specified subject area is a ________.

Policy

What are not part of Exit Route requirements for a medical facility?

Posting evacuation routes on company web site

What does Medicare Part D cover?

Prescription drugs

Once the risk levels are identified, what is the next step a compliance officer should take?

Prioritize which risks will be addressed

What is more important to have in place for enforcing and disciplining individuals who violate the practice's compliance or other practice standards?

Procedures

What is the routine cleaning guidelines for BP cuffs?

Provide disposable cuffs to all isolation patients

What does the CMS website say about RAC audits?

Providers billing fee-for-service are subjected to RAC audits

Repay the excess

Providers can give physicians gifts and other benefits up to a set amount each year, adjusted for inflation. Gifts and benefits should be tracked; if the set amount is in exceeded, the physician can ________

When will office notes need to have special security?

Psychotherapy notes

Unless there is a conspiracy with a provider, MFCU cannot ____________.

Pursue recipient fraud

MAC's can initiate an investigation if there is complaint, or if something about the billing profile is triggering flags. If quality concerns are an issue, what type of organization may be involved?

QIO (Quality Improvement Organization) CMS Regional Office State Surveyors

What do CMS regional offices focus on?

Quality initiatives Children's health Health plan standards

What is an essential component for the lawful behavior and success of nursing facilities?

Quality of care

There has been an increased national focus on ______.

Quality of health care.

What was established for all laboratory testing by Congress passing the Clinical Laboratory Improvement Amendments (CLIA) in 1988?

Quality standards

Free statistical software that can be used to select a random sample for audits is called what?

RAT-STATS

Which law increases the severity of penalties for violations involving organized crime?

RICO Act

For larger physician practices, how often does the OIG suggest reporting compliance activities to the board of directors?

Regularly

Incident to rules can be complicated and present additional risks to a practice/organization. If a provider is available only via paper or telephone, incident-to billing _________________

Requirements are not met.

Any contribution and participation of a student to the performance of a billable service must be performed in the physical presence of the teaching physician, except for what?

Review of systems (ROS) or past family or social history (PFSH)

What are types of Engineering controls?

Safer medical devices Needless devices Shielded needle devices Plastic capillary tubes

The OPPS rule require hospitals to include on the same claim all OPPS services provided at the same hospital to the same patient, on the same day, unless certain conditions are met. This is the _________.

Same-day rule.

The OIG recommends a billing company, when establishing a compliance plan to take a _____of the company's operations.

Snapshot

What employees do not fall under Category I?

Social Workers

Physicians sometimes own other health-related businesses, such as physical therapy facilities, CME or home health companies, diagnostic imaging centers, or laboratories. Because these businesses provide designated health services, what may be triggered?

Stark

Which law provides for a civil monetary penalty (up to $15,000 per service) and exclusion from government programs in any case where a person submits an improper claim, which was know to have been, or should have been know to have been, provided through a prohibited referral, and has not refunded the payment?

Stark

The billing manager reports a significant increase of correspondence from the carriers and insurers challenging the medical necessity of claims. What is the next step the compliance officer should take regarding the reported incident?

Start an investigation

Employees should be told that if they are questioned in an investigation they should always what?

Stick to the facts and don't speculate They should also know they have the right to request an attorney

Everyone should be educated in their role in adhering to the Compliance Program including their duty to report_______________.

Suspected misconduct

What should you do when you find out one of your employees has been excluded from government programs?

Suspend the employee, request documentation, and investigate the matter.

Which of the following is not true regarding Audit MIC?

The Audit MIC can only audit a Medicaid provider in its zone (they can audit any provider throughout the country)

Which of the following is a documentation guidelines that will help you avoid overpayment demands and potential False Claim Act violations in the event the organization is audited by a third-party payer.

The CPT and diagnosis codes reported on health insurance claim form or billing statement should be supported by the documentation in the medical record.

$50,000

The Office of Civil Rights (OCR) has enforcement power for violations occurring as a result of willful neglect. OCR can now impose civil monetary penalties of up to how much for HIPAA violations?

What sets ZPIC audits apart from other Medicare audits?

The audits are targeted by potential Medicare fraud

Whose responsibility is it to focus on the key risk areas through education and documented audit improvement?

The compliance officer

If a patient in the emergency department asks to be transferred to another hospital, what is the one condition that must be met so that EMTALA is not evoked?

The consent of the receiving hospital must be received.

What types of time record keeping policies is not required?

The employee's illness when taking sick time

The compliance officer will report directly to

The managing physicians and board

What does the term "Disclosure" mean?

The release or transfer of information to an outside entity

What is a requirement of MFCU's?

They must employee attorneys

Which is the underlying principal of the Equal Employment Opportunity law?

This law requires all persons to be entitled to equal employment opportunity regardless of race, color, religion, sex, national origin, age, disability, or any other characteristic protected by law.

How many agencies oversee ERISA?

Three

RAC's can look back how many years from date of service?

Three

Why is it important for nursing facilities to track patient outcomes?

To accomplish compliance

Why must an employer implement an Exposure Control Plan?

To ensure proper employee protection measures

What is one of the responsibilities CMS has under the Medicaid Integrity Program?

To hire contractors to audit Medicaid provider claims

According to the OIG, medically unnecessary services can be billed to Medicare for what purpose?

To receive a denial so a claim can be submitted to a secondary payer.

A pertinent component of an effective compliance program include____________

Training and educating employees

Anti-dumping statutes do not require what?

Transfer to another hospital if emergency room is busy.

PHI may be disclosed without the patient's authorization for _________-

Treatment, payment and operations

Penalties under the FCA include how much

Treble damages, plus a penalty of $5500 to $11,000 for each false claim filed.

T/F: Hourly employees must be paid overtime per federal law

True

OIG's Clinical Lab Guidance

What can providers review that will help them understand the compliance requirements of a clinical lab?

Which of the following is not a requirement for MSDS sheets?

What quantity the medical facility purchases yearly

Billing agencies

What third party plays a critical role in accurate billing and reimbursement?

Anti-kickback and Stark laws

What two laws relate primarily to the relationships between referral sources, such as physicians and hospitals?

ABN's should be presented:

When a service is not a covered benefit/service of Medicare

Temporarily remove them providing services Review all paperwork and return them to service only after documented governmental reinstatement Assess to determine if they were properly excluded

When it is discovered that an employee is excluded from federal programs, what steps should be taken?

When can a covered entity disclose PHI without a patient's consent?

When providing in cases of suspected abuse.

Why wouldn't a medical facility need an ionizing Radiation policy?

When they do not have an X-ray machine

When does an employee's declination of Hep B expire?

Whenever the employee decides to get the vaccine

The Balanced Budget Act (BBA)

Which act authorized the imposition of civil monetary penalties against health care provider and entities that employ or enter into contracts with excluded individuals or entities to provide items or services to federal program beneficiaries?

Stark

Which law provides for a civil monetary penalty (up to $15,000 per service) and exclusion from government programs in any case where a person submits an improper claim, which was known to have been, or should have known to have been, provided through a prohibited referral, and has not refunded the payment?

Personal services

Which safe harbor can shelter physician independent contractor-type agreements with hospitals or other providers, such as skilled nursing facilities (SNF's)

The US Dept. of Health & Human Services (HHS)

Who is responsible for the oversight of the Medicare and Medicaid Programs?

What is one of the main responsibilities of the CMS regional office?

Work on quality initiatives

The practice/organization should have a clear directive to the staff on the consequences of not attending the required training sessions. What is the best method of communication assuring all employees understand the directive?

Written policies

Are there certain rules for PHI disclosure in cases of an emergency?

YEs, PHI can be released for emergency treatement

Should employees be allowed to download software?

Yes, as long as it is authorized

Can an employee transfer a chemical to another container?

Yes, as long as the secondary container label is used and meets regulatory requirements.

Can patients request amendments to their PHI?

Yes, but the provider does not have to make the amendment based on his or her professional opinion.

Can a provider disregard an auditor's request for records?

Yes, however it will result in a "no documentation" finding

Is it acceptable for practices to call and remind patients of their appointments?

Yes, if it is stated in the Notice of Privacy Practices

Should American taxpayers be concerned about Medicaid fraud?

Yes, it costs taxpayers hundreds of millions of dollars a year

If a person presents to the emergency department and collapses outside the ER doors, is EMTLA evoked?

Yes, the 250 yard zone applies in this case.

Can a billing companies compliance officer work with provider offices?

Yes, the OIG recommends this action and a BAA Is NOT required.

If a provider does not bill Medicare or Medicaid, do they still need CLIA certification?

Yes, the conditions of enrollment are regardless of whom payment is received from.

Does a provider who is only providing waived tests need a CLIA number?

Yes, the law requires that no matter what type of testing is performed, a CLIA number is required

Can the government take back monies from a nursing facility for failure of a patient's care?

Yes, there is a direct link to quality of care and billing for services.

Did the HIPAA Omnibus Rule affect business associates?

Yes, they are more accountable for their client's PHI

Should providers learn about Medicare guidelines?

Yes, they are obligated under law

Can CMS take back monies without reviewing a patient record?

Yes, through the use of data mining

Can CMS take back monies without reviewing a patient's record?

Yes, through the use of data mining.

What is a ZPIC?

ZPIC's are PRIVATE companies contracted by CMS, used to conduct audits for Medicare and Medicaid overpayments

Which of the following best describes ZPIC's?

ZPIC's are private companies contracted by CMS

What key item(s) can protect a medical practice from harassment liability

Zero tolerance policy for harassment

If a physician signs a participating (PAR) agreement with Medicare, they agree to what?

accept Medicare's allowed charge as payment in full

In addition to keeping a training log, and records, to make sure employees understand the training content compliance officers should also obtain what from employees?

an attestation

A hospital may satisfy their on-call coverage obligations by ___________per HHS

approved community call/regional call program

Billing companies should never use ____coding.

assumption

What is the target of Physician at Teaching Hospitals (PATH) audits?

documentation of physician involvement in services performed by residents and documentation for level of service provided

In an internal investigation it is important to communicate to employees that it is against policy to destroy or remove any documentation from a patient's medical record. Document reviews can be extensive and may include:

emails, mobile phone calendars and notes

Any laboratory performing testing on specimens derived from a human being for purposes of providing diagnosis, prevention, treatment, or assessment of health, regardless of whether they participate in Medicare, must:

enroll in the CLIA program

The Patient Protection and Affordable Care Act of 2010 (ACA) requires that all providers adopt a compliance plan as a condition of what with Medicare, Medicaid ad CHIP?

enrollment

What is the term of a CIA

five years

As specified in t he Coe of Conduct, no employee or agent of the practice/organization may have a relationship of they have a criminal conviction related to health care or _________?

have been excluded from participating in federally funded healthcare plans.

For potential criminal violations, a practice should have immediate discussions with a criminal attorney who

is well versed in Healthcare Fraud and Abuse law

Requirements for transferring an unstable patient include all but ____________

making sure the patient has either Medicare or Medicaid

The OIG acknowledges that full implementation of all components of a compliance program for physician practices________-

may not be feasible

What is the mission of the OIG?

protect the integrity of Department of Health & Human Services (HHS) programs as well as the health and welfare of program beneficiaries

If a provider is available only through pager or telephone, incident-to billing ___________?

requirements are not met (the provider has to be in the office and readily available)

An emergency medical condition is defined as having symptoms such that the absence of immediate medical attention could result in:

serious impairment of bodily functions, and/or serious dysfunction of any bodily organ or part

How many years should providers keep track of disclosures?

six or more years

The OIG compliance program guidance acknowledges patient care as:

the first priority of a physician practice.

When would an employer need to complete an OSHA 300 form?

when there is a work-related contaminated needle stick or sharps injury

If an employer doesn't meet requirements for FMLA, do they still need Leave of Absence policy?

yes, they should still address leaves of absence requests

When did MMA become a law?

2003

What year did HITECH Act get implemented?

2009

Federal and state statutes

A billing company's written policies and procedures should reflect current _________

60

A qui tam complaint is initially sealed for how many days?

What should the compliance officer do to ensure standing orders are medically necessary and within compliance of the laboratory?

Have a policy in place to monitor standing orders periodically.

According to Inspector General Daniel Levinson, what can help reduce enforcement on a provider from a CIA to a CCA?

Have a robust and effective compliance program

What goes together with compliance issues?

Human Resources

Which of these statements is true?

IRS, DOL, PBGC all have separate penalty assessments

Anti-kickback statute

If a group pays a hospital monthly rent for office space that is one-half the going rate or fair market value, this is a violation of?

Most CIA's require an IRO. What does this stand for?

Independent Review Organization (IRO)

Which screening exam does not require an order, in any setting?

Mammogram

Does Medicare pay for all tests ordered by Providers?

No, they need to determine if it's covered and medically necessary.

What policy is important in dealing with employee concerns?

Non-Retaliation policy

What policy is written to encourage communication?

Non-retaliation policy

How long does the privacy rule state that a practice or covered entity needs to retain medical records?

Not stated - it would follow state or other applicable law

Which one of the following is not an administrative sanction?

Revocation of Aetna enrollment

Modifier 25 is used to allow additional payment for E/M services performed by a provider on the same day as a procedure, as long as _____________.

The E/M service is significant, separately identifiable and above and beyond usual pre or post-operative care of the procedure.

HHS

The OIG works within which agency?

The mission statement of the healthcare organization and a statement of why they are in business are also know as ___________?

The code of conduct.

What rights do patients have when paying cash?

They can restrict the use of their PHI

When can an employer do a drug screen on employees?

When the employer has reasonable concerns of addiction

All expenses related to developing and implementing a compliance program are considered the cost of doing business and are tax deductible for the organization, except:

When the expenses are a result of the imposition of a penalty.

Which statement is true?

All businesses should educate employees about ADA

Which area would not be considered during a performance review?

An employee's attendance at a company party

The compliance program should be monitored and updated at least _______.

Annually

Which of the following is not an example of sexual harassment?

Asking another employee to date

A standard boiler plate clause in a CIA includes language on the rights of the OIG to inspect any aspect of the provider's business under what circumstance?

At any time

Who is responsible for providing analysis, research and technical assistance and conducts laboratory quality improvements for CLIA?

CDC

What must a Personnel Policy Manual adhere to?

Civil Rights Act

The risk assessment is an essential component of the compliance officer's responsibilities. Once risks have been identified and prioritized, the next step in the process is to________?

Conduct audits based on the risk assessment findings

What are the key functions of the compliance officer with regard to planning, implementing and monitoring the compliance program?

Coordination and communication

Audit MIC's can audit a Medicaid provider throughout his or her __________.

Country

What can employers do to increase employee engagement?

Employers should hold management accountable for engagement

One of the most important elements of an effective compliance program is to have a compliance office or committee who is

Empowered

What are key responsibilities of a compliance officer?

Ensure internal controls are capable of preventing and detecting significant instances or patterns of illegal, unethical or improper conduct. Monitor the performance of the practice's compliance program on an ongoing basis and take steps to improve effectiveness. Identify and assess areas of compliance risk.

A physician who fails to respond to an emergency situation when she is assigned as the on-call physician:

is in violation of EMTALA and may subject herself and the hospital to a penalty.

What covered entity as the most HIPAA breaches?

Business Associates

Hourly employee overtime pay is dictated by state or federal law?

Federal

HHS, CMS and the OIG publish regulations in the __________

Federal Register

The OIG has described seven basic components of an effective compliance program for a small physician practice that are based off of the _______-.

Federal Sentencing Guidelines.

What type of software process identifies potential claim errors?

data mining

What year was the Civil Rights Act implemented?

1964

Which of the following is not an example of safety measures?

A security alarm system with same access ID for everyone

Providers need to have a _____signed by the patient prior to services if they believe that Medicare will not cover the services

ABN Form

If the patient presents to an ER, the provider must not delay the screening process to ask about what?

Insurance

What does NIOSH stand for?

National Institute for Occupational Safety & Health

Two states that have mandatory compliance program certification requirements are ________________

New York and Arkansas

What is a function ZPIC's do NOT perform?

Proactive identify incidents of potential fraud that exist outside its service area (they proactively identify incidents within its service area and take appropriate action on each case)

A compliance program is the _________each organization implements to achieve their stated goals.

Process

e-prescribing

The Medicare Modernization Act (MMA) of 2003 gave momentum to what movement?

Snapshot

The OIG recommends a billing company, when establishing a compliance plan to take a ______ of the company's operations.


Related study sets

Ch. 13 The Eye and Ear ABBREVIATIONS

View Set

Bio 181 final exam (units 13-16)

View Set

IBUS TEST 2 multiple choice q's ch 6-12

View Set

Physics: Circular Motion (True/False)

View Set