June 21, 2024
Reminder! Compliance Week is November 3, 2024 - November 9, 2024. The Compliance team will “hide” information in the newsletter for employees to learn more about the Seven Elements of Compliance. Make sure you read the Newsletters as the hidden information will be one of the ways to win prizes. Now let’s check out what’s been happening in Compliance.
Regulatory Affairs & Communication (RAC)
In compliance with policies, the Regulatory Affairs & Communications (RAC) Department is our Health Plan’s primary point of contact with the Department of Health Care Services (DHCS) and the Department of Managed Care’s (DMHC) Office of Plan Licensing.
As our Point of Contact (POC), RAC attends calls held by our regulators including the DHCS Managed Care Plan Call and other regulatory meetings/calls. During the weekly Managed Care Plan Call, DHCS can share key regulatory information with all Managed Care Plans (MCPs). RAC maintains a copy of the agenda and material from those weekly calls. Check it out HERE.
Did you know there is an Inquiry Section on the Compliance Navigation Panel? Use this link to submit inquiry questions check it out here where we track our turnaround time in responding to your inquiries.
Compliance1@hpsj.com is designed to receive communication from our external stakeholders and issue regulatory notices to our internal stakeholders. For faster services or avoiding your inquiries get lost in the sea of emails, use the inquiry request.
NEW! Did you know that our Providers have the right to submit complaints related to payment to the DMHC? Providers must submit a provider dispute resolution to the Health Plan before filing a complaint with DMHC. When the complaints are received, we have a cross functional group that reviews each complaint. The group investigates the cases from the original request, to claims processing and the dispute resolution. Formulating a comprehensive response to DMHC and the provider’s concerns. Between January and June of 2024, the Health Plan received 13 Provider Complaints (original requests) and 22 additional information requests (total of 35 requests). and each complaint may contain multiple issues which require us to respond individually. The following captures the outcomes:
Provider Complaints year-to-date, as of June 7, 2024.
Table 1: Provider Complaints Request Received as of June 7, 2024.
All Plan Letters (APL)
Both the DHCS and DMHC release APLs to communicate changes in policy or procedure at the Federal or State levels and provide instruction to MCPs like us on implementing these changes. In support of our internal (that's ALL OF US!) and external stakeholders, RAC completes an analysis of the APL to ensure timely filing and compliance with the implementation of changes. The following are APLs recently released:
A. DHCS Regulatory Notices
No new APL or draft APL has been issued since the last reporting period.
B. DMHC Regulatory Notices
No new APL or draft APL has been issued since the last reporting period
Regulatory Reports due in the next TWO WEEKS
The table below shows the reports which are coming up for submission, who is responsible for the report, and when the report is due. Check out the list to see if any are in your department to ensure you know what’s being reported. Be sure to click on the report title for more details.
PIN 2024-05
Consolidated Billing 2024-05
Encounter Data 2024-05
Quarterly QIHEC Summary 2024-Q2
Jonathan Melton Liz Le
Clarence Rao Victoria Worthy
Clarence Rao Victoria Worthy
Setar Testo Tracy Hitzeman NMT NEMT 2024-03
Dale Standfill Liz Le
Provider Incentives VBP/SDR Christopher Navarro Michelle Tetreault
C. Our Policies & Procedures
New
Policy System:
A new policy system is under development to replace our current policy management system, C360. This new system will allow for better collaboration between the policy and their supporting staff and allow for a centralized policy tracking system. Once the new policy system is ready to be implemented, Compliance will communicate the go-live date and what steps we will need from you. Training will be provided to all policy owners and those who will be using this new policy system. In the meantime, please continue to use C360 to make updates to policies and to request PRC review and approval.
Program Integrity Unit (PIU)
PIU oversees the Fraud Prevention Program, investigation and reporting of Privacy & Security Incidents, Exclusion Monitoring, Disclosures and much more.
A. PIU is Hiring!
We are looking to fill a Senior Compliance Analyst role. The specific skill set we are looking for is related to Fraud, Waste, and Abuse (FWA) investigations. Do you know someone who has knowledge in claims billing and coding, identifying FWA fraud trends in claim data, and investigation skills? If so, please have them apply for the “Analyst, Compliance Senior” position which is posted online here.
B. Privacy & Security Incidents
It is so important to avoid unintentional disclosures of member’s Protected Health Information/ Personal Information (PHI/PI). Per policy HPA34 Use of Member PHI/PI, it is our responsibility to protect the PHI/PI of our members. Remember your training!
Below is a summary of the types of incidents investigated. As you read these, think through what NOT to do – and when you see it, REPORT IT! We had 10 privacy/security incidents that occurred between May 27 – June 7, 2024, none of these were reportable to DHCS.
1. Caller misrepresenting themselves as the member.
Reminder: Confirming the identity of the caller is mandatory to prevent unintentional disclosure of PHI/PI to the wrong party, and when you discover that a caller is misrepresenting themselves as the member, you should let them know that you can no longer further assist them.
2. Assisting a caller with a member’s account, without the caller having an active authorized representative form on file for the account or assisting the caller without obtaining a members’ verbal consent.
Reminder: Before assisting another person with a member’s account, ensure that there is either an active authorized representative form on file for that person in the member’s account, or that the member has given you verbal consent to assist that person on their behalf.
3 Assisting a member without asking them a minimum of three HIPAA validation questions to confirm their identity, prior to assisting them. Reminder: Confirming the identity of a member is mandatory to prevent unintentional disclosure of PHI/PI to the wrong party.
4. Covered entity sent non-member PHI to another covered entity. Reminder: It is the responsibility of the Covered Entity (CE) who receives the non-member PHI to destroy it and inform the CE who sent the non-member PHI about the incident.
C. Fraud, Waste, and Abuse (FWA) Incidents
Our PIU actively manages potential FWA incidents across different stages of investigation. Currently, PIU is investigating 25 cases. Over the past two weeks we closed two cases. Our efforts have led to an overpayment of $1,396,923.63 for one particular case!
Protecting the integrity of the Medi-Cal Program is important to make sure that funds are spent appropriately on delivering quality, necessary care As taxpayers, this is money we all paid into the Program. Let’s make sure it’s not wasted or abused! When you see it or suspect a fraudulent activity may have occurred, REPORT IT!
D. Provider Exclusion Monitoring
We are obligated to verify the eligibility of our Providers for their participation in the Medi-Cal Program. In accordance with state and federal regulations, our PIU team assesses eligibility no less than monthly. This is performed with a Third-Party vendor that checks an inventory of our providers against a number of sources (e.g. List of Suspended and Ineligible Providers, U.S. Department of Health and Human Services, Office of Inspector General, System of Award Management, SSA Death Master file, and more). In addition to the monthly monitoring, exclusion checks are completed throughout the month ahead of a new Letter of Agreement1 (LOA) being established with an out of network provider. PIU received 44 requests during this reporting period No restrictions were found.
Audit & Oversight (A&O)
To kick-off our inaugural learning series, we will dive into the foundation of the Audit & Oversight team. The Office of Inspector General (OIG) published compliance guidance called “The Seven Elements of an Effective Compliance
Program” to encourage the discovery, remediation and promptly respond to potential violations in accordance with state and federal standards.
The fifth element that directly supports to our oversight goals and objectives is: “Conduct internal auditing and monitoring”
Auditing serves as a systematic review process to ensure adherence to regulatory requirements, internal policies, and industry standards. The A&O Team’s auditing process involves performing retrospective file reviews, policy and procedure reviews, and system and tool reviews to identify any deviations or instances of non-compliance. Audits occur at least annually based on inherent risk (High, Moderate, Low) or in response to specific triggers such as regulatory changes, validation of remediation activities, and/or to confirm noncompliance. Audits also provide valuable insights into the effectiveness of existing operational programs and controls, identify areas for improvement, and mitigate potential risks. We currently audit our external Delegates, NonTraditional Providers, and internal operational areas. We are also developing a comprehensive audit plan that will expand our auditing efforts to include vendors and enhance the scope of internal and external audits. Stay tuned for more information and in our next newsletter we will dive into the second component of the fifth element – Monitoring!
Carelon Corrective Action Plan (CAP) Update
We are pleased to share the progress the A&O team has made to mitigate the outstanding CAPs issued to Carelon to enhance compliance and operational excellence.
A&O continues to host weekly meetings with Carelon to discuss remediation steps and action items coming out of the discussions. We have successfully resolved six (6) of the eighteen (18) CAPs that have been issued ensuring that we meet compliance standards
For the remaining CAPs, A&O is working closely with Carelon to obtain the required validation elements, such as evidence of reporting and implementation, to ensure complete remediation of the issues identified. We are also working closely with our internal business partners impacted by the respective CAPs to ensure we receive insight on performance data and enhanced workflows needed to remediate the CAPs.
On April 1, 2024, we were made aware of a Carelon contracted provider, Inpathy Behavioral Healthcare Group P.C. dba Array Behavioral Care, that voluntarily termed. Unfortunately, we subsequently found that this term resulted in non-compliant notification of impacted members.
Our Behavioral Health/Social Work Team stepped in to mitigate member harm concerns, ensured members understood their Continuity of Care (COC) rights, and redirected members to a new provider. CAPs were issued to Carelon to address all five (5) instances of non-compliance related to timeliness of notification, use of appropriate notices, consideration of member’s primary language and provision of evidence to illustrate compliance with DHCS APL 21005 CAP responses are due to back to A&O by June 21, 2024.
For detailed information and to review the respective CAPs, please visit our Compliance and Regulatory CAP Tracker.
Compliance Program Projects and other Key information
Our Compliance team supports and leads various projects that impact ALL OF US!
DHCS Operational Readiness (OR)
The DHCS Operational Readiness Project is quickly approaching its June 30th , 2024, completion date. Currently, 96% of all milestones have been identified by Business Owners and Project Managers as complete. The remaining project milestones are reported to be on track for timely completion. (See current status: Operational Readiness Milestone Tracker.)
As mentioned previously, the Compliance Project Team is busy validating evidence submitted to ensure that regulatory requirements are met and operational gaps are remediated for this fiscal year (7/1/23 - 6/30/24). At this point in time, over half of the contract sections have been reviewed and the majority of the sections thus far have provided evidence that demonstrates that the regulatory requirements are met. If for any reason the Project Team outreaches because of missing evidence or the evidence provided does not sufficiently evidence compliance, please be sure to submit the requested evidence within 5 business days. If you have any questions about DHCS Operational Readiness, please reach out to Debbie Rieger.
2024 Compliance Program:
HPSJ/MVHP implements a comprehensive Compliance Program which incorporates all elements of an effective compliance program as recommended by the Department of Health and Human Services (DHHS) Office of Inspector General (OIG) and required by the CMS. The Compliance Program is continually evolving and maybe modified and enhanced based on compliance monitoring and identification of new areas of operations, regulatory, or legal risk. The Health Plan Commissioners, Workforce, and FDRs (First Tier, Downstream, and Related Entities) are required to conduct themselves in accordance with the requirements of the Compliance Program. The Program Plan describes the following program functions:
1) Written Standards: Implement written policies, procedures, and standards of conduct.
2) Oversight: Designating a compliance officer and a compliance committee.
3) Education & Training: Conducting effective training and education.
4) Lines of Communication: Developing effective lines of communication.
5) Auditing & Monitoring: Conducting internal monitoring and auditing.
6) Enforcement and Disciplinary Standards: Enforcing standards through wellpublicized disciplinary guidelines.
7) Response & Remediation: Responding promptly to detected offenses and undertaking corrective action.
8) Fraud Prevention Program: Designate a Fraud Prevention Officer and ensure fraudulent activities are reported and investigated timely.
Sunny Cooper, our Chief Compliance Officer (CCO), and the Compliance Committee are responsible for the operations of the Compliance Program to ensure that the Health Plan complies with all regulatory and legal requirements. The COO has a reporting path directly to the Health Commission.
Stay Connected with Compliance!
Stay informed and up-to-date with Compliance 4 U, a biweekly newsletter focused on connecting and informing ALL OF US as Champions who Play as One!!
