September 12, 2024
Compliance4U newsletter provides you with insight into the day-to-day functions of Health Plan’s Compliance Program.
Overview of Compliance Element #3: Training and Education
There are a lot of reasons that the Health Plan’s Compliance Program emphasizes training and education. Reasons include that “training and education” is one of the seven elements of an effective compliance program. We are obligated to provide training based on our contract with the DHCS and license with the DMHC, and due to mandates by the state and federal government. Another reason is simply because it matters.
As a Workforce (employees, temps, contractors, & consultants) member of HPSJ, you need to know how to safeguard employees and members protected health information/personal information (PHI/PI) and to prevent fraud. You need to know how to report when these safeguards are at risk (Compliance Hotline 1.855.400.6002 or online at Compliance - Home (sharepoint.com). And you should know that HPSJ prohibits retaliation when you report potential violations in good faith.
The Compliance Department seeks out various avenues to make sure you have the information you need to understand the how’s and the why’s. We implemented a comprehensive training and education program which is made available to all Workforce members to ensure that the importance of these safeguards are understood and remain fresh on your minds In addition to the annual training courses for General Compliance, Fraud, Waste, and Abuse (FWA) and Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security, the training and education program also includes presentations in various organization-wide meetings, the annual celebration of Compliance Week in November, and this newsletter. We work hard to get information out to you directly to ensure that these safeguard measures are front and center in your daily operations
Understanding compliance and your role in ensuring compliance is important because an effective compliance program matters in reducing and mitigating organizational risk, providing patients with safe and high-quality care, and saving costs!
Regulatory Affairs & Communication (RAC)
An effective communication is critical to an effective compliance program. The RAC department is our primary point of contact with the Department of Health Care Services (DHCS) and the Department of Managed Care’s (DMHC) Office of Plan Licensing.
Regulatory Meetings: To support you in your role and ensure timely awareness of changes to regulatory and contractual requirements, RAC attends regulatory calls (DHCS Managed Care Plan Call - MCPC) and other regulatory meetings/calls where key regulatory information is shared.
RAC maintains material from those weekly calls. Check out previous meetings HERE. DHCS cancelled the MCPC scheduled 09/04 and 09/11.
Do you have a question for Compliance? To submit an inquiry, on SharePoint go to TeamSites > Compliance > Requests > Submit an Inquiry or simply use this link: check it out here.
All Plan Letters (APL)
DHCS and DMHC release APLs to communicate changes in Federal or State policy or procedure and provide instruction to MCPs on implementing these changes. RAC analyzes the APLs to ensure compliance with the requirements and to meet timely filing Draft APLs (denoted by “XXX” indicating that a policy number has not been assigned by both regulators) are issued by both DHCS and DMHC on a regular basis to solicit feedback from MCPs before they are officially published and become effective During this period, MCPs have the opportunity to provide feedback or concerns to DHCS and DMHC on upcoming APLs. Here are the APLs that were recently released:
A. DHCS Regulatory Notices
DHCS Draft APL 24-XXX Medical Loss Ratio Requirements for Subcontractors and Downstream Subcontractors
Date of Release: August 20th, 2024
Summary: This draft All Plan Letter (APL) was released by DHCS to provide guidance to Medi-Cal managed care plans (MCPs) on the Medical Loss Ratio (MLR) requirements set forth by the federal Centers for Medicare &
Medicaid Services (CMS) in the California Advancing & Innovating Medi-Cal (CalAIM) Section 1915(b) waiver’s Special Terms and Conditions (STCs)1 and pursuant to the MCPs' contractual requirements in Exhibit A, Attachment III, Provision 3.1.5(B)(31).
DHCS Draft APL 24-XXX Community Reinvestment Requirements
Date of Release: September 6th, 2024
Summary: This draft All Plan Letter (APL) was released by DHCS to provide Medi-Cal managed care plans (MCPs) with guidance regarding the Contract’s requirement for plans to reinvest a minimum level of their net income into their local communities.
DHCS Draft APL 24-XXX Hospice Services and Medi-Cal Managed Care
Date of Release: September 10th, 2024
Summary: This draft All Plan Letter (APL) was released by DHCS to highlight certain contractual, regulatory, and statutory requirements applicable to Medi-Cal managed care plans (MCPs) with respect to their responsibilities to provide medically necessary hospice services to their members.
B. DMHC Regulatory Notices
No new APLs or draft APLs have been issued since the last reporting period.
Regulatory Reports
Under our contract with DHCS and in compliance with our Knox Keene license (DMHC), we must routinely submit reports demonstrating compliance and performance. Below is a list of reports due for submission in the next few weeks. The table includes a hyperlink to the report and the accountable Director and Executive for the report. Check out the list to find out which ones are in your department. Click on the report title for more information.
Provider Information Network (PIN) 2024-08
Consolidated Billing 2024-08
CAC Meeting Minutes 2024-08-08
Encounter Data 2024-08
Provider Complaints
Clarence Rao Victoria Worthy
Clarence Rao Victoria Worthy
Setar Testo Tracy Hitzeman
Clarence Rao Victoria Worthy
When providers exercise their right to submit complaints related to payment to the DMHC, they must submit a provider dispute resolution request to us before filing with the DMHC. Compliance coordinates a cross-functional group to
review each complaint received by Health Plan. This group investigates the cases (from the original request to claims processing and dispute resolution) and prepares a comprehensive response to the DMHC about the provider’s concerns and the actions taken by us.
From January 2024 through September 2024, we received 56 requests (21 Provider Complaints and 35 additional information requests), disputing 49 claims. In addition, each complaint may contain multiple issues that require a response These tables outline the status:
Table 1: Provider Complaints Received as of September 4th, 2024:
Table 2: Provider Complaint Closures by Decision:
Regulatory Audits and Corrective Action Plans (CAP)
As previously reported, DHCS has notified us about our annual medical audit. As a reminder the virtual onsite will be conducted between 10/28/24 and 11/08/24. The audit review period for this audit will cover from 08/01/23 to 07/31/24 And it will cover the following areas:
• Utilization Management
• Case Management and Coordination of Care
• Access and Availability
• Member Rights
• Quality Improvement
• Administrative and Organizational Capacity
• State Supported Services
Compliance has set internal due dates to allow for Quality Assurance reviews of the universe files (files containing all data by audit topic) required for case reviews. Additionally, internal due dates were set to review program documents and reports requested on the Pre-audit information request form.
Health Plan deliverables to the Department are being uploaded this week. With a final due date of 09/13! Thank you to everyone for your work ensuring we provide a complete picture of Health Plan performance and adherence to contractual and regulatory requirements!
Program Integrity Unit (PIU)
The PIU investigates and reports all potential fraud, waste or abuse (FWA) and HIPAA violations, along with conducting exclusion monitoring for Third Parties. Here are some recent items we have been working on:
Privacy & Security Incidents
Privacy Tip – Did you know we are required to report suspected HIPAA incidents to DHCS within 24 hours, starting at the point of discovery of a suspected HIPAA incident? Did you also know that not meeting this requirement was noted as a deficiency in our last DHCS Audit? How can you help? We’re glad you asked! Report all HIPAA incidents to Compliance immediately after the discovery using this link! Even if you are not sure if a HIPAA incident has occurred, you should still report it as soon as possible. Don’t investigate or hesitate, this is what PIU does – we investigate and sometimes we report and then investigate. Please do your part by reporting it immediately. We will take care of the rest!
Report all suspected HIPAA incidents to Compliance immediately when you suspect an incident has occurred!
Don’t wait! We have a very short filing timeline (24 hours). Please help us to be compliant.
Below is a summary of the types of HIPAA incidents that have recently been investigated. As you look through these, think about how you can prevent these incidents from recurring, and make sure to report them when they occur. We had 7 HIPAA incidents that occurred between August 19 – August 30, 2024. Two
of these were reportable to DHCS. See below the description of both of these reportable privacy incidents:
• The identities of a member and her two children were reported stolen.
Reminder: If a member’s identity is stolen, we should advise members to inform our Customer Service as soon as possible so we can issue them a new Health Plan member ID card. Advice should be considered for the member to file a report with the credit monitoring agencies of their choice and possibly a police report if criminal acts were observed as a result of this identity theft.
• A member’s information was added to another member’s existing account by mistake, because both members have the same name and date of birth.
Reminder: It is a good practice to check a 3rd or 4th member identifiers when the first 2 or 3 identifiers are identical. In this case, checking an additional identifier, e.g., CIN numbers of the 2 members, would have prevented this incident.
Fraud, Waste, and Abuse (FWA)
The PIU is on constant alert, managing potential FWA incidents at every stage of investigation.
Recent
Updates: In the last two weeks, we received two (2) new leads. One was converted into an active case, while the other was classified as a privacy incident. Our team is actively investigating 24 ongoing cases.
Did You Know?
Why It Matters
The funds we manage come from taxpayers, and it’s our duty to use them responsibly. Preventing fraud, waste, and abuse isn’t just about compliance – it’s about safeguarding resources that support our community’s health and well-being.
Your Role
If you notice a suspicious activity or have concerns about possible FWA, don’t hesitate to report it. Together, we can ensure our resources are used efficiently and ethically. Stay vigilant. Stay committed.
Provider Exclusion Monitoring
The False Claims Act (FCA) was originally enacted during the Civil War in 1863. It was designed to combat fraud by suppliers who were delivering defective goods to the Union Army. Today, the FCA is one of the primary statutes used to address fraud in federal programs, including healthcare. It allows whistleblowers to file lawsuits on behalf of the government and can result in significant penalties for those found guilty of defrauding federal programs.
We are obligated to verify the eligibility of our third-parties for their participation in the Medi-Cal Program. In accordance with state and federal regulations, our PIU team assesses eligibility no less than monthly. This is performed with a ThirdParty vendor that checks an inventory of our providers against several sources (e.g. List of Suspended and Ineligible Providers, U.S. Department of Health and Human Services, Office of Inspector General, System of Award Management, SSA Death Master file, and more). In addition to the monthly monitoring, exclusion checks are completed throughout the month ahead of a new Letter of Agreement 1 (LOA) being established with an out of network provider. PIU received 31 requests during this reporting period. Zero (0) restrictions were found.
Audit & Oversight (A&O)
Navigating the World of Medicare D-SNPs and Audits in Medi-Cal: Keeping it Simple and Smooth!
Let’s talk about Medicare D-SNPs sounds like a mouthful, right? But it’s actually more simple than it sounds! D-SNPs, or Dual Eligible Special Needs Plans, are special Medicare Advantage plans designed for folks who qualify for both Medicare and Medicaid (in California, we call it Medi-Cal). Think of D-SNPs as VIP passes that combine the best of both worlds: the comprehensive coverage of Medicare and the extra benefits of Medi-Cal. They provide a one-stop shop for healthcare, from doctor visits and prescriptions to extra goodies like dental care and transportation. For many, these plans are a game-changer, bringing peace of mind and streamlined care!
Now, here comes the part where things get a bit like a reality show: audits! Audits, in the D-SNP world, are kind of like surprise inspections in a kitchen they keep everyone on their toes, making sure everything is clean, orderly, and up to code. Audits ensure that the D-SNP plans are playing by the rules set by the Centers for Medicare & Medicaid Services (CMS) and the state agencies that manage Medi-Cal, which is the Department of Health Care Services (DHCS). Auditors dive into the details checking patient records, claims, and provider contracts, access to care to make sure the plans are doing what they promised: providing top-notch care and patient-centered services in accordance with regulatory requirements.
Why do these audits matter? Well, they’re all about protecting our members, and making sure we provide the best care possible! If something is off, audits help identify those issues early so they can be fixed. This keeps the focus where it should be: our mission and our members. So, when you hear “D-SNP audits” in the future, remember it’s all part of the effort to keep the healthcare stage welllit, well-organized, and focused on delivering the best possible care for those who need it most.
Carelon Corrective Action Plan (CAP) Update
We are pleased to share the progress made to mitigate the outstanding CAPs issued to Carelon to enhance compliance and operational excellence.
A&O continues to host weekly meetings with Carelon to discuss remediation of outstanding CAPs. In this reporting period, Carelon closed one more CAP. As a result, since the initiation of these meetings, Carelon has now resolved nineteen (19) of the twenty-two (22) CAPs that were issued for 2023 and 2024 Audit and Monitoring Oversight Activities.
For the remaining CAPs, A&O is working closely with Carelon to obtain the required validation elements, such as evidence of reporting and implementation, to ensure complete remediation of the issues identified. We are also working closely with our internal business partners impacted by the respective CAPs to ensure we receive insight into performance data and enhanced workflows needed to remediate the CAPs.
For detailed information and to review the respective CAPs, please visit our Compliance and Regulatory CAP Tracker.
Compliance Program Projects and other Key information
Our Compliance team supports and leads various projects that impact ALL OF US!
New Policy Email Mailbox
Policies and Procedures
The Compliance Policy Team has established a new email mailbox, Policies@hpsj.com, to centralize all policy related inquires. This mailbox is designed to handle inquires, request revisions, and clarifications concerning all Health Plan policies. By directing all such communication to a single address, it ensures that the Compliance Policy team can efficiently track, manage, and
respond to policy related matters. Additionally, meeting invites and all future policy communications will be sent from this mailbox. Moving forward, please direct all and any policy questions or communications to Policies@hpsj.com.
Public Facing Policies
Department of Healthcare Services (DHCS) requires Health Plans to post key policies, such as member rights, privacy practices, and grievance procedures, on our public website. Posting these policies on our public websiteencourages transparency between the plan and our members, and our plan partners (e.g., providers, vendors). It also allows our members easy access to important information about their health care. It also helps our plan partners know how to service our members on our behalf.
Remember: When drafting policies that will be posted on our public website for our members write them in clear, simple language, making them accessible to all members.
Remember: If you need a policy added or updated on the member facing website, please submit a request to the Policy Team and we will work with CMME to ensure the most up-to-date approved policy is added to the website.
Policies (except for HR policies) are published to the Compliance Management System (C360) and selected policies are made available publicly on the Health Plan website. You can access all published policies directly via the Policies link on our Intranet (see screenshot below).
San Joaquin Health Plan Team Site - Home (sharepoint.com)
Did you know?
The next Policy Review Committee (PRC) meeting will be held on Wednesday, September 18, 2024.
Reminder! Compliance Week is November 4, 2024 - November 8, 2024 The Compliance workgroup has engaged CMME to develop some material. We are also planning games to challenge your knowledge. Prizes will be offered.
Stay Connected with Compliance!
Stay informed and up-to-date with Compliance4U, a biweekly newsletter focused on connecting and informing