July 15, 2024
Compliance
Compliance 4 U newsletter is providing you with insight into the day to day functions of Health Plan’s Compliance Program. DMHC issued an APL reminding Plans about Health Equity and the importance of compliance with measures. Check out the reports due to our regulators over the next 2 weeks. A&O has an update on the CAP with Carelon.
Regulatory Affairs & Communication (RAC)
RAC is our Health Plan’s primary point of contact with the Department of Health Care Services (DHCS) and the Department of Managed Care’s (DMHC) Office of Plan Licensing.
As our Point of Contact (POC), RAC attends calls held by our regulators including the DHCS Managed Care Plan Call and other regulatory meetings/calls. During the weekly Managed Care Plan Call, DHCS can share key regulatory information with all Managed Care Plans (MCPs). RAC maintains a copy of the agenda and material from those weekly calls. Check it out HERE.
Spotlight! Program Improvements to demonstrate a commitment to continuous compliance and ongoing audit readiness. RAC has a few changes you will see soon.
• In support of Health Plan’s strategic goal for Operational Excellence & Growth, RAC has implemented process changes to monitor noncompliance. In collaboration with A&O, RAC will issue Corrective Action Plans (CAP) for regulatory non-compliance matters that impact the organization and may result in sanctions pursuant to DHCS Exhibit E, Subsection 1.1.19.
• Providing high quality and accurate filings and submissions to our Regulators is a collaborative effort. Compliance works with YOU, our internal customers, to ensure the information filed is comprehensive and provides our regulators with a clear picture. This means we are capturing Business Owner (BO) and Dept ET approval before filing. Collaboration across our organization and at the various levels is integral to our program.
DO you have a question for Compliance? Use this link to submit inquiry questions check it out here where we track our turnaround time in responding to your inquiries. Go to Compliance > Requests > Submit an Inquiry
All Plan Letters (APL)
Both the DHCS and DMHC release APLs to communicate changes in policy or procedure at the Federal or State levels and provide instruction to MCPs like us on implementing these changes. In support of our internal (that's ALL OF US!) and external stakeholders, RAC completes an analysis of the APL to ensure timely filing and compliance with the implementation of changes. The following are APLs recently released:
A. DHCS Regulatory Notices
No new APL or draft APL has been issued since the last reporting period.
B. DMHC Regulatory Notices
DMHC APL 24-013: Health Equity and Quality Program Policies and Requirements (6/28/2024)
Date Issued: June 28th, 2024
Summary: The Department of Managed Health Care (DMHC) issues this AllPlan Letter (APL) to inform all health care service plans (health plans) of the DMHC Health Equity and Quality (HEQ) program policies and requirements. The instructions provided herein supersede those previously published in APL 22-028 and REVISED APL 23-029.
Regulatory Reports
The table below shows the reports which are coming up for submission, who is responsible for the report, and when the report is due. Check out the list to see if any are in your department to ensure you know what’s being reported. Be sure to click on the report title for more details.
Report Title
PIN-2024-06
Consolidated Biling
Encounter Data
CY 2023 Early Enrollment Validation
LTC-SNF Quarterly Reporting Q2 2024
CAC Meeting Minutes
CBAS 2024-Q2
DMHC Pending Unresolved Grievances
NMT NEMT 20204-04
Interoperability API 2024-Q2
Quarterly Network Change Report 2024-02
Provider Network Impact Report 2024-Q2
MOU Status 2024-Q2
FSR/MRR
Adult Expansion Default Assignment
MOT Post Transition Quarterly Monitoring
Provider Complaints
Accountable
Ana Aranda Liz Le
Clarence Rao -Victoria Worthy
Clarence Rao Victoria Worthy
Christopher Navarro Michelle Tetreault
Johnathan Yeh Lakshi Dhanvanthari
Setar Testo Tracy Hitzeman
Pamela Lee Tracy Hitzeman
Ramanpreet Kaur Lakshmi Dhanvanthari
Dale Standfill Liz Le
Clarence Rao Victoria Worthy
Ana Aranda Liz Le
Paul Sohn Evert Hendrix
Ramanpreet Kaur Lakshmi Dhanvanthari
Ana Aranda Liz Le
Johnathan Yeh Lakshmi Dhanvanthari
Providers have the right to submit complaints related to payment to the DMHC. Providers must submit a provider dispute resolution requests to us before filing a complaint with DMHC. When the complaints are received, we have a crossfunctional group that reviews each complaint. The group investigates the cases from the original request to claims processing and dispute resolution, formulating a comprehensive response to DMHC and the provider’s concerns. Between January and July of 2024, Health Plan received 16 Provider Complaints (original requests) and 26 additional information requests (total of 40 requests), and each complaint may contain multiple issues that require us to respond individually. The following captures the outcomes:
Regulatory Audits
DHCS and Health Services Advisory Group (HSAG) are conducting a Network Adequacy Validation (NAV) audit on us and all other Managed Care Plans (MCPs). HSAG will review the logic used to determine network adequacy. They are also looking at enrollment and credentialing which impacts our network adequacy.
Prior to the actual audit interviews, a comprehensive and extensive questionnaire was issued by HSAG called Information Systems Capabilities Assessment Tool (ISCAT). In the past few months, key staff have worked hard to complete this ISCAT questionnaire and provided supporting documentation that shows our auditors how we ensure we have an adequate network.
In preparation for the virtual audit review and systems demonstration on July 24, 2024, we have held several mock audits, including system demonstrations, in both June and July to get ourselves ready. This is a cross-functional effort that involves many of us. So, let’s support our peers to have a successful audit.
Program Integrity Unit (PIU)
PIU oversees the Fraud Prevention Program, investigation and reporting of Privacy & Security Incidents, Exclusion Monitoring, Disclosures and much more.
A. Privacy & Security Incidents
It is so important to avoid unintentional disclosures of member’s Protected Health Information/ Personal Information (PHI/PI). Per policy HPA34 Use of Member PHI/PI, it is our responsibility to protect the PHI/PI of our members. Remember your training!
Below is a summary of the types of incidents investigated. As you read these, think through what NOT to do – and when you see it, REPORT IT! We had 9 privacy/security incidents that occurred between June 24 – July 5, 2024. One of these was reportable to DHCS.
1. Assisting a third-party caller who misrepresented themself as a Provider.
Reminder: It is important to do our due diligence to identify callers’ identity prior to disclosing PHI/PI.
2. Covered Entity sending an unencrypted email to another Covered Entity.
Reminder: Ensure all emails containing PHI are encrypted, before sending
3. A members information was stolen, and her ID card was used by someone to obtain medical care and medication
Reminder: It is important that we remind providers of their responsibility to verify the identity of members prior to providing services.
4. Health Plan staff forwarded an email containing PHI to other Health Plan staff.
Reminder: Lets avoid sending PHI via email, but if it is required, ensure all emails (internal and external) with PHI include #PHI/#SECURE before sending.
5 Health Plan staff assisted a member without correctly verifying a minimum of three HIPAA validation questions to confirm their identity.
Reminder: Confirming the identity of a member is mandatory to prevent unintentional disclosure of PHI/PI to the wrong party.
6. A contracted provider sent non-member PHI to Health Plan.
Reminder: Let’s remind providers of their responsibility as a Covered Entity (CE) to protect member PHI. Verify the sender prior to sending is a little step that goes a long way.
B. Fraud, Waste, and Abuse (FWA) Incidents
Our PIU actively manages potential FWA incidents across different stages of investigation. In the past two weeks, we received four new leads, all of which were found not to be credible allegations of fraud and thus not pursued further. Currently, the PIU is investigating 24 cases. Examples of cases investigated include potential fraudulent billing practices, possible Stark Law violations, services billed but may not have incurred, etc.
Protecting the integrity of the Medi-Cal Program is important to ensure that funds are used appropriately to provide necessary, high-quality care These funds come from taxpayers, so it is crucial that they are not wasted or abused. If you notice or suspect fraudulent activity, please REPORT IT to help safeguard our resources.
C. Provider Exclusion Monitoring
We are obligated to verify the eligibility of our Providers for their participation in the Medi-Cal Program. In accordance with state and federal regulations, our PIU team assesses eligibility no less than monthly. This is performed with a Third-Party vendor that checks an inventory of our providers against several sources (e.g. List of Suspended and Ineligible Providers, U.S. Department of Health and Human Services, Office of Inspector General, System of Award Management, SSA Death Master file, and more). In addition to the monthly monitoring, exclusion checks are completed throughout the month ahead of a new Letter of Agreement 1 (LOA) being established with an out of network provider. PIU received 32 requests during this reporting period No restrictions were found.
Audit & Oversight (A&O)
Welcome back to our mini-series on auditing and monitoring! In this issue, we’ll once again focus on audits. Audits help organizations demonstrate their commitment to regulatory compliance and quality care to stakeholders, including patients, regulators, and insurers.
Auditing involves a deep dive into the organization's compliance performance: examining historical data and policies and procedures to assess adherence to regulatory requirements and internal policies. By reviewing past activities, audits provide 1Compliance - Provider Exclusions Check - All Entries (sharepoint.com)
valuable insights into operational strengths, weaknesses, and opportunities for improvement.
Audits typically follow a structured process and methodology:
The A&O Department engages in a variety of audit activities to ensure our compliance and operational efficiency, including conducting:
• Annual audits of delegates and third-party providers; and
• Ad-hoc or focused audits when issues arise.
But we don’t just stop there! The A&O Department is developing an Improvement Plan to enhance our audit process and our audit tools. This includes integrating more qualitydriven audits and developing audit scope based on risk stratification and monitoring outcomes. More to come on the improvement plan in future updates!
For further details on monitoring activities and exciting plans for continuing to enhance our monitoring processes, keep an eye out for our next newsletter!
Carelon Corrective Action Plan (CAP) Update
We are pleased to share the progress the A&O team has made to mitigate the outstanding CAPs issued to Carelon to enhance compliance and operational excellence.
A&O continues to host weekly meetings with Carelon to discuss remediation of outstanding CAPs. Since the initiation of these meetings, Carelon has resolved eleven (11) of the twenty-two (22) CAPs that were issued for 2023 and 2024 Audit and Monitoring Oversight Activities.
For the remaining CAPs, A&O is working closely with Carelon to obtain the required validation elements, such as evidence of reporting and implementation, to ensure complete remediation of the issues identified. We are also working closely with our internal business partners impacted by the respective CAPs to ensure we receive insight on performance data and enhanced workflows needed to remediate the CAPs.
For detailed information and to review the respective CAPs, please visit our Compliance and Regulatory CAP Tracker.
Compliance Program Projects and other Key information
Our Compliance team supports and leads various projects that impact ALL OF US!
Compliance is working to provide our internal customers, YOU, with a better experience when visiting our SharePoint page. We have collected feedback and are working with IT to improve your search of regulatory information and so much more. Keep an eye out for announcement of our new page.
Reminder! Compliance Week is November 3, 2024 - November 9, 2024.
One of the seven elements of an effective Compliance Program is ensuring you, an employee of Health Plan, have an effective way to communicate any compliance-related concerns. You can get in touch with Compliance regarding anything compliance-related, such as, questions related to Private Health Information (PHI) or Fraud, Waste and Abuse (FWA). Feel free to report PHI and FWA incidents on the Compliance SharePoint Homepage or call the anonymous Compliance Hotline at 855-400-6002. While we work hard to safeguard against compliance issues, we recognize that it is possible that some issues may still occur – and when they do, we hope you’ll find it easy to share them through these routes.
Stay Connected with Compliance!
Stay informed and up-to-date with Compliance 4 U, a biweekly newsletter focused on connecting and informing