January 22, 2025
Compliance4U newsletter provides you with insight into the day-to-day functions of Health Plan’s Compliance Program.
Overview of Compliance Element #7: Responding to Detected Offenses and Developing Corrective Action Initiatives
The 7th and final element of an effective compliance program is responding to detected offenses and developing corrective action initiatives. Simply put, this is “promptly responding to issues.” When the Health Plan gets a report of suspected misconduct or another problem, the Compliance Department looks into it right away and takes steps to resolve the issue as quickly as possible.
Not only is it important to address issues quickly, but it is also required: for example, the Department of Health Care Services (DHCS) requires the Health Plan to report Privacy and Security incidents within 24 hours of discovery.
Don’t hesitate to report potential problems by email, phone, or online, and remember you have the option of reporting anonymously if you choose:
Email: Compliance1@hpsj.com
Phone: Compliance Hotline 855.400.6002
Online: Compliance - Home (sharepoint.com)
Regulatory Affairs & Communication (RAC)
Do you have a question for Compliance? To submit an inquiry, on SharePoint go to Team Sites > Compliance > Requests > Submit an Inquiry or simply use this link: check it out here.
What’s going on at the State and Federal levels? To support you in your role and ensure timely awareness of changes to regulatory and contractual requirements, RAC attends regulatory calls (DHCS Managed Care Plan Call - MCPC) and other regulatory meetings/calls where key regulatory information is shared.
DHCS hosted a webinar on “Hospital Engagement in California Advancing and Innovating Medi-Cal (CalAIM)”
On December 6th, DHCS and CA Bridge held a webinar to discuss Hospital Engagement in CalAIM. This webinar featured three guest speakers: Dignity health, UCSF Hospital, and Marshal Medical Center. Their presentations covered their firsthand experiences and best practices in implementing ECM and Integrated Care Coordination, ECM & MCP partnerships, and improving care network. Their insights highlighted several key aspects that we encourage you to review. For more details refer to “Hospital Engagement in CalAIM 20241206.docx”.
RAC maintains material from those weekly calls. Check out previous meetings HERE.
All Plan Letters (APL)
DHCS and DMHC release APLs to communicate changes in Federal or State policy or procedure and provide instruction to MCPs on implementing these changes. RAC analyzes the APLs to ensure compliance with the requirements and to meet timely filing. Draft APLs (denoted by “XXX” indicating that a policy number has not been assigned by both regulators) are issued by both DHCS and DMHC on a regular basis to solicit feedback from MCPs before they are officially published and become effective. During this period, MCPs can provide feedback or concerns to DHCS and DMHC on upcoming APLs. Here are the APLs that were recently released:
A. DHCS Regulatory Notices
DHCS APL 24-018 Medical Loss Ratio Requirements for Subcontractors and Downstream Subcontractors
Issue Date: December 13, 2024
Summary: This APL provides Plans with guidance on the Medical Loss Ratio (MLR) requirements set forth by the federal Centers for Medicare & Medicaid Services (CMS) in the California Advancing & Innovating Medi-Cal (CalAIM) Section 1915(b) waiver’s Special Terms and Conditions (STCs)1 and pursuant to the DHCS contractual requirements in Exhibit A, Attachment III, Provision 3.1.5(B)(31).
• MLR Reporting Requirements: Health Plan must impose Medical Loss Ratio (MLR) reporting and remittance requirements on their subcontractors and downstream subcontractors, equivalent to the requirements in 42 CFR section 438.8(k)
• Compliance with SB 923: Health Plan must comply with SB 923, which includes specific provisions related to health care service plans and their subcontractors
• P&P Updates: Health Plan must ensure their P&Ps are reviewed and updated according to APL. Additionally, the Health Plan must ensure that their subcontractors and downstream subcontractors have reviewed and updated their P&Ps accordingly
This APL aims to ensure that financial resources are appropriately allocated to improve health care quality and access for members.
DHCS APL 24-XXX Community Advisory Committee
Issue Date: December 16, 2024
Summary: This draft APL summarize the Community Advisory Committee (CAC) requirements and provide Medi-Cal managed care plans (MCP) with information and guidance regarding their responsibility to implement, maintain, and maximize Member, family, and community engagement through the CAC.
• Community Advisory Committee (CAC) Implementation: Health Plan must form a CAC to inform cultural and linguistic service programs, promote member engagement, and provide input on healthcare improvements.
• Membership and Representation: CAC membership must reflect the diversity of the MCP's service area, including members from underrepresented groups, caregivers, foster youth, and others impacted by health disparities.
• Operational Duties: Health Plan must support CAC activities, provide resources, ensure accessibility, and incorporate member input into decision-making processes.
• Compliance and Reporting: Health Plan is required to submit demographic reports and meeting minutes, ensure alignment with community demographics, and follow state and federal guidelines.
• Health Equity and Quality Improvement: CACs play a role in addressing health disparities, evaluating population health management, and influencing health equity initiatives.
• Engagement Practices: Health Plan must offer accommodations like childcare, transportation, and accessible meeting formats to foster broad participation.
DHCS APL 24-019 Minor Consent to Outpatient Mental health Treatment or Counseling
Issue Date: December 31, 2024
Summary: This APL provides guidance on new provisions allowing minors aged 12 and older to consent to certain mental health treatments without parental or guardian consent, provided they meet specific criteria.
• Eligibility for Minor Consent:
o Minors aged 12 and older can consent to outpatient mental health treatment or counseling without being a danger to themselves or others or victims of incest/child abuse (effective July 1, 2024).
o A professional must determine the minor’s maturity to intelligently participate in the services.
• Professional Consultation:
o The treating professional must consult with the minor to decide if parental involvement is appropriate.
o Any decision must be documented in the minor’s records.
• Privacy and Confidentiality:
o Health Plan and associated providers must ensure safeguards against unauthorized disclosure of information to parents/guardians.
o Minors’ consent services must remain confidential unless they expressly allow disclosure.
• Provider Eligibility:
o APL expands the definition of “professional persons” who can provide these services to include licensed and supervised trainees and certain certified professionals.
• Responsibilities:
o Health Plan must update policies and ensure compliance among all providers and subcontractors.
o Non-compliance may result in corrective action or sanctions.
• Foster Care Exception:
o Minors in foster care, aged 12 and above, retain the right to consent to or decline mental health services without adult knowledge.
B. DMHC Regulatory Notices
APL 24-021 (OPM) – Notice of Amendments to Rules 1300.67.2.1, 1300.67.2 and Incorporated Documents – Network Adequacy Standards and Methodology for RY 2025
Issue Date: December 12th, 2024
Summary: The Department of Managed Health Care (DMHC) issues this All Plan Letter (APL) to notice amendments to 28 CCR § 1300.67.2.1, 28 CCR § 1300.67.2, and documents incorporated by reference. The amendments are noticed pursuant to Senate Bill (SB) 225 (Wiener, Chapter 601, Statutes of 2022). Amendments to the Rule and incorporated documents are effective January 1, 2025. For those plans required to submit an Annual Network Report, the DMHC will apply these requirements to the reporting year (RY) 2025 Annual Network Review.
APL 24-022 – Children and Youth Behavioral Health Initiative, Certified Wellness Coaches
Issue Date: December 13th, 2024
Summary: The Department of Managed Health Care (DMHC), together with the Department of Health Care Access and Information (HCAI), issues this AllPlan Letter (APL) to provide health care service plans with information regarding the establishment of the state Wellness Coach certification program and encourage health plans to provide access to Wellness Coach services as a means of increasing behavioral health resources to health plan members
APL 24-023 (OPL) - Newly Enacted Statutes Impacting Health Plans (2024 Legislative Session)
Issue Date: December 20th, 2024
Summary: This All Plan Letter (APL) outlines the newly enacted statutory requirements for health care service plans (plans) regulated by the Department of Managed Health Care (DMHC).
In this APL, the Office of Plan Licensing (OPL) identifies and discusses 23 bills enacted this session that may require plans to update Evidences of Coverage (EOCs), disclosure forms, provider contracts and/or other plan documents. Plans must review relevant plan documents to ensure those documents comply with newly enacted legislation. The DMHC expects plans to comply with all applicable statutes upon the statutes’ effective dates.
This APL does not identify or address every newly enacted statutory requirement that may apply to plans. Plans should consult with their legal counsel to ensure compliance with all newly enacted statutes that impact the plan.
Reminder All Plan Letter (APL) Policy Filing Process �
We've got some exciting changes to our APL policy filing process that you'll want to know about.
All policies must complete the policy workflow before submission. This means that policy owners revising their policies for an APL will need to make sure their department executive approves the policy before it is submitted to the Compliance policy team. Upon receipt, Compliance will conduct a review before it is submitted to our CEO for approval. Once all approvals have been obtained, Compliance will submit the policy to DHCS/DMHC if applicable.
RESPONSIBLE PERSON
ACTION ITEMS
* DHCS/DMHC review and approval is not required for all policies.
Regulatory Reports
Under our contract with DHCS and in compliance with our Knox Keene license (DMHC), we must routinely submit reports demonstrating compliance and performance. Below is a list of reports due for submission in the next few weeks. The table includes a hyperlink to the report and the accountable Director and Executive for the report. Check out the list to find out which ones are in your department. Click on the report title for more information.
Provider
Member Death Notification 2024-Q4 Somatra Sourng Michelle Tetreault
Subcontractor Network Certification 2024 Reshonah Hunte Sunny Cooper
ECM/JSON 2025-1
CBAS Waiver 2024-12
274 File 2024-12
MCPDIP 2024-12
Clarence Rao Victoria Worthy
Pamela Lee Tracy Hitzeman
Clarence Rao Victoria Worthy
Clarence Rao Victoria Worthy
Report Title
Data Certification 2024-12
Post Payment Recovery 2024-12
PIN 2024-12
Encounter Data 2024-12
Accountable
Tamara Hayes Sunny Cooper
Christopher Navarro Michelle Tetreault
Ana Aranda Liz Le
Clarence Rao Victoria Worthy
DMHC Annual Claims Payment and PDR Aimee Griffin Michelle Tetreault
Consolidated Billing 2024-12
NEMT/NMT 2024-10
DMHC Monthly Financials 2024-12
Current Provider Manual 2025
EPSDT/AAP Bright Futures Annual
Attestation 2025
New Members Mailing Attestation 2025-01
Annual Mailing Attestation 2025
Quarterly FWA Report 2024-Q4
Annual Compliance Report
Annual Antifraud Report 2025
Delegation Reporting and Compliance Plan 2025
MOU Status Report 2024-Q4
Annual MOU Report
DMHC Pending Unresolved Grievances
FSR/MRR 2024-07(July-December)
CBAS Report 2024-Q4
Adult Expansion Assignment 2024-07
Interoperability API Utilization 2024-Q4
Quarterly Network Change Report 2024-Q4
Managed Care Program Annual Report (MCPAR) 2024-Q4
Major Organ Transplant (MOT) Post Transitional Monitoring 2024-Q4
Quality Assurance Performance
Improvement (QAPI) Report 2025
Clarence Rao Victoria Worthy
Dale Standfill Liz Le
Sue Nakata Lizeth Granados
Ana Aranda Liz Le
Setar Testo Tracy Hitzeman
Vena Ford Evert Hendrix
Vena Ford Evert Hendrix
Cambria Day Sunny Cooper
Tamara Hayes Sunny Cooper
Cambria Day Sunny Cooper
Reshonah Hunte Sunny Cooper
Paul Sohn Evert Hendrix
Jeanette Lutch Lakshmi Dhanvanthari
Ramanpreet Kaur Lakshmi Dhanvanthari
Ramanpreet Kaur Lakshmi Dhanvanthari
Pamela Lee Tracy Hitzeman
Ana Aranda Liz Le
Pavan Tirumalasetty Victoria Worthy
Ana Aranda Liz Le
Johnathan Yeh Lakshmi Dhanvanthari
Johnathan Yeh Lakshmi Dhanvanthari
Kathleen Dalziel Tracy Hitzeman
Provider Complaints
Provider complaints come to our Health Plan in different forms (e.g. Direct call to us or submission of dispute to DMHC). While our Provider Services and Claims team address those coming into us, Compliance is the point of contact for those coming through DMHC. From January 2024 through December 31st, 2024, we received 65 requests (28 Provider Complaints and 37 additional information requests), disputing 56 claims. In addition, each complaint may contain multiple issues that require a response.
Compliance coordinates a cross-functional group to review each complaint received by us. This group investigates the cases (from the original request to claim processing and dispute resolution) and prepares a comprehensive response to the DMHC about the provider’s concerns and the actions taken by us. These tables outline the status:
Table 1: Provider Complaints Received from DMHC as of December 31st, 2024.
DMHC 2025 Follow up Survey
DMHC is conducting a follow-up survey to ensure that we have addressed the deficiencies identified in our 2021 DMHC Routine Survey. Compliance has been working with Business Owners (BOs) to correct the deficiencies identified since we received the preliminary and subsequent final reports from DMHC in late 2023 and early 2024.
The audit review period is March 1 through September 30, 2024.
Here are the deficiencies DMHC is reviewing during the follow-up survey:
1. Adequate Consideration and Rectification of Grievances.
2. Acknowledgement Letters Contact Person.
3. Published DMHC Statement.
4. Grievance Resolution Letter does not include description of Clinical Criteria.
5. Grievance Resolution Letter does not include IMR Form.
6. For Expedited Grievances, Members are not informed they may contract DMHC.
7. Online Grievance Form does not include the Regulatory Paragraph.
8. Delegate oversight of grievances and appeals.
9. Process for updating Provider Directory does not meet requirements.
10. UM NOA does not include Regulatory Paragraph in the required format
11. Process for the denial of experimental care.
12. UM NOA denial decision is not clear.
13. Annual Notification to request authorizations for post-stabilization care.
14. Timely notifications of decision on authorization request for post stabilization.
15. Rx NOA denial decision is not clear.
16. Pharmacy Formulary all required information.
17. Delegate oversight of prescription drug coverage
18. IMR decisions are not communicated timely and in writing.
19. Summary of UM process on public facing website.
20. Provider Directory does not include Disclosure Notices.
21. 24-hr access to request authorizations for post-stabilization care.
PreOnsite Deliverables
The Department requested the file universe and selected 372 total cases for review in the following areas:
1. Customer Service Call inquiries (78 files selected)
2. Expedited Grievance and Appeals (29 Appeal files selected)
3. Other Grievance and Appeals (48 Appeal files selected)
4. UM Denials, Delays and Modifications (82 files selected)
5. UM Pharmacy Denials, Delays and Modifications (48 files selected)
6. Hospital Admissions (78 files selected)
7. Hospital Admissions (Focused list)(9 files selected)
Mock audits
In preparation for the interviews and questions from our auditors, Compliance has scheduled a series of mock audit sessions designed to simulate the real audit environment and ensure our team is fully prepared. These sessions will focus on addressing the 21 identified deficiencies, resolving any concerns found in the case files, and strengthening our overall readiness to meet audit requirements and demonstrate compliance effectively.
Interviews
Staff interviews will be conducted beginning February 24, 2025. The interviews are estimated to last less than one week.
Program Integrity Unit (PIU)
The PIU investigates and reports all potential fraud, waste or abuse (FWA) and HIPAA violations. They also conduct exclusion monitoring of our third parties, provide subject matter expertise for audits, manage members’ rights to access/limit their PHI, and plan and track annual compliance training Here are some recent items we have been working on:
Privacy & Security Training
Do you remember from our January All Staff Meeting why the date of discovery (DOD) Important? Per our contract with DHCS we are required to report breaches of PHI to DHCS within 24 hours of Health Plan discovery. This requirement makes this everyone’s responsibility to report timely! When is doubt report it to Compliance. Remember the date of discovery is the date you discover the unauthorized disclosure.
Date of Discovery Quiz
What date is used to calculate the Date of Discovery for a HIPAA/Privacy Incident?
A. The date of the unauthorized disclosure of PHI
B. The date the unauthorized disclosure was reported to Compliance
C. The date you learn there was an unauthorized disclosure of PHI
D. I don’t know
The answer is in the text of this Newsletter!
We had 12 HIPAA incidents that occurred between December 1 – December 31, 2024. None of these were reportable to DHCS.
Privacy Tip
Email from Unknown Senders - If you receive a suspicious email from an email address that you are unable to confirm is from a trusted source, it is most likely a
phishing email. Therefore, do not click any links or provide the sender of the email with any information. Report the email to IT by clicking the “Phish Alert Report” button, which is located on the top of the tool bar of your email. It is important to be on the lookout for phishing emails because they are a common strategy used by bad actors to trick their victims into providing them with sensitive information, that they then use to hack into their victim’s account and steal their data.
Fraud, Waste, and Abuse (FWA)
You were introduced to the Special Investigations Unit in our January Staff Meeting. For those of you who did not here is a brief recap in the graphic below left. This is a high level of the stages on an investigation. The SIU assess all allegations of FWA, launch cases on these allegations, and manage the cases from inception to completion, through all stages of investigation. It’s more than what is reported on Compliance dashboards, and we plan to show you!
Over the next several months the SIU will be providing information to you on the steps and processes involved in running a compliant and thorough FWA investigation. We plan to cover the following topics: lead (allegation) triage, data mining, preliminary investigation, medical record review, overpayment pursuit, and regulatory reporting.
In the next edition of Compliance 4U, we’ll cover lead triage and data mining!
Recent Updates
In the last month, we received three (3) leads, one (1) was closed, and our team opened two (2) cases. Our team is actively investigating 21 active cases, and we are monitoring two (2) additional.
Your Role
If you notice a suspicious activity don’t hesitate to report it. Stay vigilant. Stay committed.
Compliance Training Corner
This is new topic to the newsletter! This month we are covering the Health Plan’s conflict of interest statement. Per our contract with DHCS, all employees at the Health Plans are required to complete a conflict of interest statement on an annual basis. The conflict of interest statement is used to determine if an employee has any personal interests, relationships, or financial ties that could potentially influence their professional judgment or decision-making in a potential situation. All employees will be required to complete the annual conflict of interest statement for the 2025 calendar year in February.
Provider Exclusion Monitoring
PIU regularly monitors excluded providers to ensure Health Plan remains compliant with 42 Code of Federal Regulations (C.F.R.) §438.610, which prohibits Medi-Cal Managed Care Plans (MCP) from contracting or maintaining a contract with physicians or other health care providers who are excluded, suspended, or terminated from participating in the Medicare or Medi-Cal programs. PIU monitors providers in multiple ways, which includes:
PIU will receive notice a provider is excluded or has disciplinary action from OIGNow, our sanction screening vendor, and the Department of Health Care Services (DHCS). Once notification is received, a case is opened and an investigation is conducted to confirm the allegation. Once the allegation is confirmed, PIU informs the Business Owners of the provider’s risk level, if the provider is contracted, and any deliverables the BO is responsible for completing.
Recent Updates
In the last month, PIU streamlined the process for notifying the BOs of an excluded or disciplined provider by putting all the pertinent information in an email. This allows the BO to have all the information at once instead of opening and reading a report.
LOA Exclusion Monitoring
Zero (0) provider exclusions were identified.
Audit & Oversight (A&O)
Readiness Assessments
Welcome to 2025!
Over the last couple of months in this Newsletter we’ve talked about Risk Assessments, risk levels, the Risk Matrix, and the Audit & Oversight (A&O) Department’s Audit Work Plan. Another important topic to cover in relation to A&O’s work is Readiness Assessments.
The Readiness Assessment gives Health Plan the opportunity to review policies, procedures, and other supporting documentation of entities we are looking to engage with. Conducting a Readiness Assessment helps ensure the entity performs in alignment with regulatory requirements, Health Plan standards, and pertinent guidelines. The goal is to determine that engaging with the entity would result in an acceptable level of risk for the work the entity will conduct – in other words, to make sure Health Plan doesn’t take on more risk by working with the company which ultimately serves our members and supports our vision.
If an entity has a Low inherent risk, A&O will issue the Third-Party Attestation to ensure they have the appropriate compliance structures in place. If an entity has a Moderate to High inherent risk, there are five (5) phases to a Readiness Assessment.
Readiness Assessments allow Health Plan to ensure an entity is capable of performing the work we are engaging them to do - before finalizing a contract. This is an important step to maintain compliance with state and federal regulations and to reduce potential operational issues.
Just recently, Health Plan conducted a Readiness Assessment for a Pharmacy Benefit Manager (PBM) to support the Medicare D-SNP product. Several findings were identified in the first four (4) phases of the readiness assessment, and the PBM is now working through their corrective actions. We are actively
safeguarding our members, reducing risk, and avoiding future re-work by working through this Readiness Assessment!
Policies and Procedures
Policy Review Committee (PRC) Charter Updates
The PRC charter has been revised for calendar year 2025. The charter was updated with revised dates, new PRC membership, attendance policies, clarification of voting/quorum rules, and refined to enhance the accountability and key duties for the PRC Chair and PRC members.
The 2025 PRC charter was sent to PRC in November 2024 and was approved. It is scheduled to be presented to the Compliance Committee for approval in February 2025. Once approved the charter will be finalized and will be posted to the Compliance SharePoint page.
PRC Meeting Updates
During November and December 2024, PRC reviewed and approved a total of 43 policies. These policies were presented for annual review due to revisions required to meet NCQA standards, APL updates, BHI insourcing, or because they were undergoing annual review with minor or no edits.
Currently, the post-PRC policies are being prepared for e-signature via DocuSign. Signatories include the PRC Chair, policy owner, department executive, and CEO. Once signed, the policies will be published.
Do you still have questions about our new Policy Management Application (PMA)? If so, please refer to our PMA training materials located on the Compliance SharePoint page. We will also continue to hold office hours to further assist you with navigating the PMA. The next office hours will be held on Thursday, 1/22/2025.
Presentation: Policy Management Application (PMA) Training for Policy Owners
Videos: Policy Management Application (PMA) Training Videos
You can access all published policies directly via the Policies link on our Intranet. If you have any policy-related questions, please contact the Policy Review Team at Policies@hpsj.com.
Did you know?
The next Policy Review Committee (PRC) meeting will be held on Wednesday, February 19th, 2025.
Stay Connected with Compliance! Stay informed and up to date with Compliance4U, a monthly newsletter focused on connecting and informing