March 12, 2025
Compliance4U newsletter provides you with insight into the day-to-day functions of the Health Plan’s Compliance Program.
Regulatory Affairs & Communication (RAC)
How well do you really know your RAC team? � � � � Better yet, can you guess what they actually do all day? Let’s find out! � �
RAC has a crucial role in ensuring that Health Plan follows federal, state, and local regulations. They act as a bridge between Health Plan and regulatory bodies, helping to interpret and implement regulatory requirements effectively. Here is the kickoff to spotlighting our team and increasing everyone’s awareness of who is who and what do we do for YOU. Take a moment to meet RAC –
Oversees compliance strategies for an effective program.
Develops and implements policies and procedures
Ensures effective cross functional relationships with our internal and external customers.
Manages day-to-day compliance operations
Supports the Director in executing compliance programs and resolving escalated issues. Supervises compliance staff, ensuring timely and accurate reporting.
Department of Managed Healthcare (DMHC) Subject Matter Expert (SME)
TPRA and Contract Filings
Provider Complaints
Regulatory Report filings and submissions
Routine deliverables
Provider Termination filings
Department of Healthcare (DHCS) Subject Matter Expert (SME)
DHCS APLs and Ad-Hoc filings
Supports the Policy Review Program
Compliance triage (inbox and inquiries)
Regulatory Surveys and Meetings
Ad-hoc requests
Join us as we explore the roles and responsibilities of RAC. Check out your next issue to see how RAC works with you and supports ongoing Compliance for Health Plan!
What’s going on at the State and Federal levels?
The Department of Health Care Services (DHCS) is establishing a Birthing Care Pathway to advance equitable maternal mental health care. The Birthing Care Pathway includes a comprehensive policy and care model roadmap to, “cover
the journey of all pregnant and postpartum Medi-Cal members from conception through 12 months postpartum.” The goals of this initiative are to:
• Reduce maternal morbidity and mortality; and
• Address racial and ethnic disparities that disproportionately affect Black, American Indian/Alaska Native, and Pacific Islander individuals.
Read more about this multi-year initiative here!
DHCS hosted the Flexible Housing Subsidy Pools ("Flex Pools") Webinar
On February 11th, DHCS conducted the Flexible Housing Subsidy Pools ("Flex Pools") Webinar. This webinar introduced the release of the Flexible Housing Subsidy Pools: Technical Assistance Resource, which outlines the key functions, benefits, and components of Flex Pools. The webinar provided detailed information on what a Flex Pool is, the roles and responsibilities of MCPs and other partner organizations. Additionally, DHCS included two examples of operational Flex Pools, one in San Diego and another in Los Angeles County, demonstrating how each Flex Pool can be tailored to the specific needs of its county. For more details, please refer to “Flexible Housing Subsidy Pools (“Flex Pools”) Webinar.”
DHCS hosted the Closed-Loop Referrals All-Comer Webinar
On February 13th, following the release of the Closed-Loop Referral (CLR) Implementation Guidance, DHCS held the Closed-Loop Referrals All-Comer Webinar. This guidance encompasses the tracking, support, and monitoring of CLRs. The new CLR requirements are designed to improve the connection of Medi-Cal members to essential services by identifying and addressing gaps in referral practices and service availability. The webinar provided attendees with an overview of the new requirements and an opportunity to ask questions. For more details on the webinar or to read through the open floor please refer to “Closed-Loop Referrals All-Comer Webinar.”
RAC maintains materials from those weekly calls. Check out previous meetings HERE.
All Plan Letters (APLs)
DHCS and DMHC release APLs to communicate changes in federal or state policy or procedure and instruct managed care plans (MCPs) on implementing
these changes. RAC analyzes the APLs to ensure compliance with the requirements and to meet timely filing. Draft APLs (denoted by “XXX” indicating that both regulators have not assigned a policy number) are issued by both DHCS and DMHC regularly to solicit feedback from MCPs before they are officially published and become effective During this period, MCPs can provide feedback or concerns to DHCS and DMHC on upcoming APLs. Here are the APLs that were recently released:
A. DHCS Regulatory Notices
DHCS APL 25-004 Community Reinvestment Requirements
Issued Date: February 7th, 2025
This APL outlines the requirements for Medi-Cal Managed Care Plans (MCPs) to reinvest a portion of their net income into local communities. It aims to reinforce health equity by directing Medi-Cal resources toward addressing social determinants of health and supporting underserved communities.
• Community Reinvestment Contributions
o Health Plan must allocate 5% of net income up to 7.5% of Medi-Cal contract revenues.
o Any net income above 7.5% of contract revenues requires a 7.5% reinvestment.
o Applies to Qualifying Subcontractors with significant Medi-Cal membership.
• Quality-Based Additional Reinvestment
o If Health Plan has poor quality performance (Tier 2 or 3 in the Managed Care Accountability Set (MCAS)) it must reinvest an additional 7.5% of net income.
o This additional reinvestment must be used for improving health outcomes.
• Investment Categories
o Health Plan must invest in at least one of these five categories:
• Neighborhood & Built Environment (e.g., housing, green spaces)
• Health Care Workforce (e.g., training, scholarships)
• Well-being for Priority Populations (e.g., foster youth, justiceinvolved populations)
• Local Community Development (e.g., education, employment programs)
• Health Improvement Initiatives (e.g., food security, access to care)
• Community Engagement & Planning
o Health Plan must consult Community Advisory Committees (CACs).
o Health Plan must align with Community Health Assessments (CHA) and County Behavioral Health priorities.
o Health Plan must submit a Community Reinvestment Plan (CRP) every three years.
• Implementation & Compliance
o Health Plan must start planning in 2025, with reinvestment activities beginning in 2026.
o DHCS will review and approve reinvestment plans and monitor compliance.
o Health Plan must revise P&Ps according to APL and submit to DHCS within 90 days of release of APL
o Health Plan may be facing corrective action plans (CAPs) and monetary penalties if found to be out of compliance
DHCS APL 25-005 Standards for Determining Threshold Languages, Nondiscrimination Requirements, Language Assistance Services, and Alternative Formats
Issued Date: February 12, 2025
This APL, superseding APL 21-004, outlines the requirements regarding language assistance services, nondiscrimination, and accessibility. The APL aims to ensure meaningful access to healthcare services for LEP individuals and people with disabilities, reinforcing Medi-Cal's commitment to health equity and non-discrimination.
1. Threshold & Concentration Language Standards
o DHCS defines the languages in which Health Plan must provide written translations based on the number of limited English proficiency (LEP) members in a service area.
2. Ensures Compliance with State & Federal Laws
o Aligns with Section 1557 of the Affordable Care Act (ACA) and California state laws to prevent discrimination based on language, disability, gender, race, and other protected characteristics.
3. Language Assistance Services
o Requires Health Plan to provide oral interpretation 24/7 in all languages.
o Expands written translation requirements to additional threshold languages (e.g., Laotian, Ukrainian, and Mien).
o Mandates use of qualified interpreters and translators to ensure accurate, effective communication.
4. Accessibility for Individuals with Disabilities
o Requires Health Plan to provide Braille, large print, audio, and digital formats for essential health materials.
o Sets new standards for video remote interpreting (VRI) services to improve communication for deaf or hard-of-hearing members.
5. Compliance Deadlines & Enforcement
o Health Plan must implement updated language standards by August 11, 2025.
o P&Ps must be revised according to APL and submitted to DHCS within 90 days of release of APL
o Failure to comply may result in Corrective Action Plans (CAPs) and monetary penalties.
B. DMHC Regulatory Notices
No new APLs or draft APLs have been issued since the last reporting period that are applicable to Health Plan.
Reminder All Plan Letter (APL) Policy Filing Process �
All policies must complete the policy workflow before submission. Policy owners revising their policies for an APL must ensure their department executive approves the policy before submitting it to the Compliance policy team. Compliance will review it upon receipt before submitting it to our CEO for approval. Once all approvals have been obtained, Compliance will submit the policy to DHCS/DMHC if applicable.
RESPONSIBLE PERSON
Revise Policy According to APL > Obtain Dept. Executive Approval > Review Policy Against APL/Review Tool > Obtain CEO Approval > Submit Policy to DHCS/DMHC* ACTION ITEMS * DHCS/DMHC review and approval is not required for all policies.
Regulatory Reports
Under our contract with DHCS and in compliance with our Knox-Keene license (DMHC), we must routinely submit reports demonstrating compliance and performance. Below is a list of reports due for submission in the next few weeks. The table includes a hyperlink to the report and the accountable Director and Executive for the report. Check out the list to find out which ones are in your department. Click on the report title for more information.
Report Title
Provider Directory File & Use 2025-03
ECM/JSON 2025-02
CBAS Waiver 2024-02
274 File 2025-02
MCPDIP 2025-02
Data Certification 2025-02
Post Payment Recovery 2025-02
PIN 2025-02
Encounter Data 2025-02
Consolidated Billing 2025-02
NEMT/NMT 2024-11
DMHC Monthly Financials 2025-02
New Members Mailing Attestation 2025-03
2024 Annual Network Certification
CY 2024 DP/DF SDR
DMHC Quarterly Financials Ending 12.31.2024
Quality Improvement and Health Equity Plan 2025
Quality Improvement and Health Equity Transformation Program FY24
Provider Complaints
Accountable
Ana Aranda Liz Le
Clarence Rao Victoria Worthy
Pamela Lee Tracy Hitzeman
Clarence Rao Victoria Worthy
Clarence Rao Victoria Worthy
Tamara Hayes Sunny Cooper
Christopher Navarro Michelle Tetreault
Ana Aranda Liz Le
Clarence Rao Victoria Worthy
Clarence Rao Victoria Worthy
Dale Standfill Liz Le
Somatra Sourng Michelle Tetreault
Vena Ford Evert Hendrix
Jonthan Melton Liz Le
Clarence Rao Victoria Worthy
Somatra Sourng Michelle Tetreault
Kathleen Dalziel Robert Ruiz
Kathleen Dalziel Robert Ruiz
Provider complaints come to the Health Plan in different forms (e.g., direct call to us or dispute submission to DMHC). While our Provider Services and Claims teams address those coming into us, Compliance is the point of contact for those coming through DMHC. In 2025, Health Plan received eight requests (1 Provider Complaint and 7 additional information requests), disputing 1 claim. In 2024, we received 67 requests (28 Provider Complaints and 39 additional information requests), disputing 56 claims. In addition, each complaint may contain multiple issues that require a response. In 2023, Health Plan received 20 requests (13 Provider Complaints and 7 additional information requests), disputing 28 claims
Compliance coordinates a cross-functional group to review each complaint we receive. This group investigates the cases (from the original request to claim
processing and dispute resolution) and prepares a comprehensive response to the DMHC about the provider’s concerns and the actions taken by us. These tables outline the status:
Table 1: Provider Complaints Received from DMHC as of March 4th, 2025:
Table 2: Provider Complaint Closures by Decision as of March 4th, 2025:
Regulatory Audits
DMHC 2025 Follow-up Survey
As a reminder DMHC conducted a follow-up survey to our 2021 DMHC Routine Survey. The interview session for this follow up survey was held on February 24-25, 2025. The agenda included the following interview sessions:
1. Entrance Conference
2. Emergency Services and Care
3. UM Drug Coverage
4. Grievance and Appeals
5. Access Availability
The auditors asked a limited number of questions regarding the Plan’s corrective actions in the above areas. As a result of the survey three (3) of the 21 previous findings were noted as potential risks for a repeat finding and enforcement sanction:
1. The Plan does not accurately publish the paragraph required by Section 1368.02(b); Rule 1300.68(d)(7), i.e., adding DMHC’s toll-free phone number, TDD line, Web site, etc. Reason for potential risk: The template letters were updated; but not approved prior to the audit review period.
2. The Plan responses to grievances involving a determination that the requested service is not a covered benefit do not include a notice that if the enrollee believes the denial was based on the grounds that the request was not medically necessary, the enrollee may contact the Department to determine if the decision is eligible for an independent medical review (IMR). Reason for potential risk: DHCS approval of the revised template was after the audit review period.
3. Denial letters lack clear, concise language that is easily understandable by members, and the denial rationale is not member specific. Reason for potential risk: Denial reason was found to be unclear in a few cases.
The Department will notify Health Plan when the auditors’ concerns are available for Plan response.
DMHC 2025 Routine Financial Exam
DMHC has officially notified Health Plan of its intent to conduct a routine financial examination. This examination is a comprehensive assessment of our fiscal and administrative functions to ensure compliance with the Knox-Keene Health Care Service Plan Act and applicable regulations. The audit will review our activities and records up to the period ending December 31, 2024.
The Department conducted the last routine financial exam in 2022. The exam covered the three-month period ending 12/31/21. The final report noted the following:
1. Part I. Financial Statements – no findings
2. Part II. Calculation of TNE – no findings
3. Part III. Compliance issues –
o Timely Resolution of Provider disputes – corrective action was accepted and no further action required
o Receipt date of Claims - corrective action was accepted and no further action required
o Claim payment accuracy including interest – corrective action was not accepted, confirmation will be assessed in the 2025 exam
o Overpayment of high dollar claims - corrective action was accepted and no further action required
What to Expect Next:
In preparation for the examination, we have received a detailed request for documents and information. This includes financial statements, operational records, and compliance documentation. Our Compliance and Finance teams will coordinate closely to gather and submit the required materials promptly and accurately.
We ask for your cooperation and support throughout this process. Key staff will assist in providing information or clarifications as needed. Our goal is to demonstrate Health Plan's commitment to regulatory compliance and operational excellence. The following gives you an overview of the audit preparation:
Notification of intent to conduct audit received 02/28/25
The audit kick off meeting scheduled 03/11/25
Audit material is due to Compliance 03/24/25
Compliance will perform a Quality check and submit requested information to DMHC by 04/01/25
Interview sessions to start 06/09/25
Let’s go team!
Do you have a question for Compliance? To submit an inquiry, go to Team Sites > Compliance > Requests > Submit an Inquiry on SharePoint or simply use this link: check it out here.
Program Integrity Unit (PIU)
The PIU investigates and reports all potential fraud, waste, or abuse (FWA) and HIPAA violations. We also conduct exclusion monitoring of our third parties,
provide subject matter expertise for audits, manage members’ rights to access/limit their PHI and plan and track annual compliance training. Here are some things we’ve been working on:
Privacy & Security
Do you ever wonder what happens to your report when you submit a Privacy or Security Incident to us through this link? Read on to find out!
Once you click submit on the Share Point form to submit a Privacy or Security Incident, it feeds it directly into our incident management system and we receive notification by email to review it. Here is what we assess and what we need to understand:
• What happened in this incident? We assess if there was an unauthorized disclosure.
• Who made the unauthorized disclosure and who was the PHI disclosed to? Was it Health Plan Workforce, a third-party vendor/provider, or other? This question is important because it affects the risk level of the incident.
• What steps have already been taken to mitigate the incident? Was a system turned off, reconfigured, or was an incorrect fax number corrected in the system?
• What is the status of the PHI involved in this incident? Is it retrievable? Can it be returned or destroyed? Has it been shredded/deleted by the individual(s) who received it?
• How many Health Plan members have been affected by this incident?
We understand that you may not know all of the above information at the time you report it to us. However, it is better to report it as soon as you suspect an incident occurred, even if you don’t have all the information, because we are required to report it to DHCS within 24 hours of it being discovered.
What can you expect after you submit an incident to us? You will hear from us, through Microsoft Teams, email, or through a scheduled meeting. We will guide you through what we need to mitigate the incident.
After we gather information about the incident, the next steps we complete are incident mitigation and risk assessment. The risk assessment determines the next steps we need to take based on the risk associated with the incident, and we
are obligated to mitigate all incidents. We appreciate you working with us by responding to our requests in a timely manner.
In our next newsletter, we will go over our mitigation and investigation process for privacy incidents.
Privacy & Security Incidents
We had 24 HIPAA incidents occur between February 1 – February 28, 2025 One (1) of these was reportable to DHCS. Below is the detail about this incident:
1. A report containing member PHI was filtered incorrectly by Health Plan staff, which caused it to be sent out to several incorrect Providers. Reminder: Slow down and take your time when working with data that contains member PHI. Double check your work to ensure that you are only sending PHI to the intended recipient(s) and have another team member check your work and sign off on it as well.
Fraud, Waste, and Abuse (FWA)
This month we are going to cover the Preliminary Investigation phase of an investigation. What is it and why is it important? When a report or detection of possible fraud, waste, or abuse (FWA) comes to the PIU, the first step is not jumping straight into a full investigation – we start a preliminary investigation. This helps us determine if there is a cause for concern or if the matter does not represent FWA and can be referred to another internal department for handling.
During the preliminary investigation, we look at several factors, including:
Past Reports and Investigations – Has this provider been reported before? Have they been investigated for similar issues in the past?
Education History – Has the provider already been educated on this issue? If yes, is this a repeat occurrence?
Billing and Payment Trends – Do we see any unusual billing or payment patterns that stand out?
Compliance and Licensing Checks – We verify whether the provider is listed on exclusion databases like the OIG Exclusions List or the Medi-Cal Suspended & Ineligible Provider List. We also check the NPPES NPI Registry, and we confirm if their license is active and in good standing.
Contracts and Credentialing – How a provider is contracted can affect how they can bill us. This is an important step in understanding whether we have an issue or not.
Policy and Program Guidelines – Does the alleged issue violate any policies, or is it within compliance?
We look for patterns of billing that are a violation of regulations . The key words are patterns, and violation. There must be indications that the provider did something wrong repeatedly. Sometimes what looks suspicious at first turns out to be an error, a misunderstanding, a claims processing issue, or a contracting issue. If the preliminary investigation determines there is a reasonable explanation and no evidence of FWA, the case is then documented and closed.
Be sure to read about us next month, too! Our topic for next month is Medical Record Review
Recent Updates
In the last month, our team opened four (4) cases and closed three (3) cases. Our team actively investigated 27 active cases in February, and we monitored two (2) additional.
Your Role
If you notice a suspicious activity, don’t hesitate to report it. Stay vigilant. Stay committed.
Upcoming Compliance Trainings
HIPAA - Apr 1, and due Apr 30
General Compliance and FWA Training – Apr 1, and due Apr 30
Sexual Harassment Prevention – Jun 7, and due Jul 7
Diversity, Equity, and Inclusion (DEI) – Nov 3, and due Dec 3
Provider Exclusion Monitoring
PIU regularly monitors vendors and providers we contract with for exclusions, per 42 Code of Federal Regulations (C.F.R.) §438.610, which prohibits Medi-Cal Managed Care Plans (MCPs) from contracting or maintaining a contract with physicians or other health care providers who are excluded, suspended, or terminated from participating in the Medicare or Medi-Cal programs.
Recent Updates
In case you missed this information last month, here is the update again. The PIU streamlined the process for notifying the BOs of excluded providers by creating an email template and removing excess information and attachments. This allows the BO to have all the information in a consolidated format with one click.
LOA Exclusion Monitoring
Zero (0) provider exclusions were identified.
Audit & Oversight (A&O)
Strengthening Compliance & Oversight: 2025 Audit Work Plan
As we move into the calendar year, the Audit & Oversight Department (A&O) is rolling out a comprehensive work plan designed to strengthen compliance, mitigate operational risks, and enhance oversight efforts across key areas of our organization. This plan ensures we remain proactive in identifying risks and maintaining regulatory and contractual compliance across all business lines.
A primary focus for 2025 will be audits and monitoring of critical areas, including oversight of delegated Third-Parties and First-Tier Entities, Non-Traditional Providers, Internal Clinical and Non-Clinical Functions, Vendor Management, and Monitoring of Key Measurable Performance Metrics. By targeting these areas, we aim to reinforce accountability and operational excellence across all levels.
One of our top priorities is conducting high-risk audits within the first two quarters of the year. These early audits will allow us to identify potential risks and implement corrective actions to remediate instances of non-compliance. Additionally, and throughout the year, we will be conducting Readiness Assessments for Medi-Cal Third-Parties and preparing for future First-Tier, Downstream, or Related Entities (FDRs), as we anticipate the launch of our Medicare D-SNP product, effective January 1, 2026.
Another key initiative will be the validation of Corrective Action Plans (CAPs) from 2024 audits to ensure all necessary remediation activities have been successfully implemented. We will also enhance our continuous monitoring efforts for internal and external activities, leveraging regulatory and contractual performance requirements, as well as the monthly Compliance Dashboard to ensure ongoing compliance.
We look forward to a productive 2025 as we continue to strengthen our oversight framework and prepare for future program expansions. Stay tuned for further updates as we execute on these critical initiatives!
Policies and Procedures
Policy Management Application (PMA) Updates
Do you still have questions about our new Policy Management Application (PMA)? Please refer to our PMA training materials on the Compliance SharePoint page. We will also continue to hold office hours to further assist you with navigating the PMA. The next office hours will be held on Friday, 03/21/2025. Presentation: Policy Management Application (PMA) Training for Policy Owners Videos: Policy Management Application (PMA) Training Videos
February 2025 Policy Review Committee (PRC):
The Policy Review Committee (PRC) convened on February 19th, 2025. During this meeting, the PRC approved one (1) consent policy and the calendar year (CY) 2025 Policy Program Goals. Additionally, the committee reviewed new policies submitted to DHCS for Approval (EM01 Emergency Preparedness and Response Plan & BC01 Business Continuity Plan), CY2024 Annual Review of Policies, CY2025 Policy Status, and new terms added to the glossary of terms. For more details, you can refer to the February PRC meeting minutes HERE.
As announced at the February PRC meeting, the Compliance Policy Team will distribute a survey in March to collect feedback on the new Policy Management Application (PMA) and the Policy Program. We value your honest feedback on the effectiveness of the PMA and any recommended changes you may have Please be on the lookout for the survey
Did you know?
The next Policy Review Committee (PRC) meeting will be held on Wednesday, April 16th, 2025.
You can access all published policies directly via the Policies link on our Intranet. If you have any policy-related questions, please get in touch with the Policy Review Team at Policies@hpsj.com
Stay Connected with Compliance!
Stay informed and updated with Compliance4U, a monthly newsletter focused on connecting and informing