October 2025
The Compliance4U newsletter offers insight into the day-to-day functions of the Health Plan’s Compliance Program and serves as a resource to help staff stay informed about key regulatory updates, reporting obligations, audit activities, and policy changes. Its goal is to promote awareness, accountability, and a culture of compliance across all departments within HPSJ/MVHP (“Health Plan”).
Regulatory Affairs (RA)
The Compliance Regulatory Affairs department is responsible for analyzing and implementing regulatory changes, coordinating the timely filing of routine regulatory reports, overseeing regulatory audits, managing DMHC provider complaint resolution, and tracking member complaints submitted to state and federal regulators to ensure the Plan maintains ongoing compliance with all applicable requirements. Check out what has happened since we released our last newsletter.
Routine Reports for DHCS and DMHC Submission
The Compliance Regulatory Affairs (RA) department is responsible for tracking submission of Health Plan’s mandatory routine reports to both the Department of Health Care Services (DHCS) and the California Department of Managed Health Care (DMHC). Health Plan’s Compliance Regulatory Affairs department works closely with other internal stakeholders to complete and submit these required reports to both regulators.
Report Timing:
RA tracks the mandatory reports, sorting them by frequency, including:
Monthly
Quarterly
Semi-Annual
Annually
As Needed
Both regulatory due dates and internal due dates are tracked. As a general practice, RA targets an internal due date that is 5 calendar days prior to the regulatory due date. This gives RA staff time to review the report submissions and ask questions, when needed, and still ensure Health Plan has adequate time to submit the reports timely.
RA Continuous Improvement Project:
To help make Health Plan’s routine reporting process more efficient, RA is working to implement the following process improvements:
1. Replace the current, manual report reminder emails with recurring calendar reminders. This updated process will require one more round of manual input and will then be automated, which reduces the risk for manual error (e.g., missing a report in the reminder email, mistyping report details and/or due dates in the reminder email, etc.).
2. Update the internal attestation form to streamline the signatories required for all regulatory report submissions to RA and to add space for outlining identified risks in the data reported.
3. Implementing a new Report Tracker on SharePoint to more easily track and search reports that are coming due and that have been submitted. The new Report Tracker will include both Medi-Cal and D-SNP regulatory reports for a streamlined approach to all regulatory reports.
Why This Matters
This structured process:
Maintains compliance with state and federal requirements by ensuring health plan operations meet all applicable regulatory obligations.
Promotes easier collaboration between Health Plan departments and Compliance Regulatory Affairs.
What’s
going on at the State and Federal levels? To support you in your role and ensure timely awareness of changes to regulatory and contractual requirements, Regulatory Affairs staff attends regulatory calls (e.g., DHCS Managed Care Plan Call - MCPC) and other regulatory meetings/calls where key regulatory information is shared.
Calls Held by Health Plan’s Regulators
Regulatory Affairs staff maintains materials from regulator calls. Check out previous meetings HERE.
DMHC Fined Cigna for Improperly Reviewing and Denying Health Care Claims Payments
The California Department of Managed Health Care (DMHC) has taken enforcement action against Cigna, issuing a significant fine for improperly reviewing and denying claims payments DMHC found that Cigna did not have a physician conduct a clinical review of the claims prior to issuing denials. Additionally, DMHC found that Cigna was using a different review process than the policy it filed with the DMHC, which is a violation of the requirements in the Knox-Keene Act. DMHC levied a $500,000 fine. Cigna agreed to pay the fine, re-review the non-compliant cases, and implement corrections actions to correct its process.
Important takeaways from this report:
• This situation highlights the critical importance of ensuring that Health Plan complies with the requirements of the Knox-Keene Act and keeps its policies and procedures on file with the Department updated
For more details, read the official press release here.
All Plan Letters (APLs)
DHCS and DMHC issue All Plan Letters (APLs) to formally communicate updates to federal or state policy, regulatory requirements, or operational procedures. These directives are intended to guide Managed Care Plans (MCPs) on how to implement changes and ensure compliance with applicable laws and regulations.
RA reviews and analyzes each APL to interpret its impact, coordinate internal implementation, and ensure timely compliance and required filings.
Draft APLs often identified with placeholder codes such as “XXX” are released by the regulators to solicit feedback from MCPs before finalization. During this comment period, MCPs can raise concerns or seek clarification, which may influence the final version of the policy.
Below is a list of recently released APLs for your awareness:
A. DHCS Regulatory Notices
APL 25-013 Medi-Cal Rx Pharmacy Benefits, And Cell and Gene Therapy Coverage (Supersedes APL 22-012)
Issue Date: September 18, 2025
Summary: This APL provides guidance for how Health Plan must have proper oversight and administration of the Medi-Cal pharmacy benefit, including specific guidance on Cell and Gene Therapy Coverage.
APL 25-014 Update to Provider Directory Requirements
Issue Date: September 26, 2025
Summary: This APL provides guidance Health Plan must follow to remain compliant with the updated Provider Directory requirements pursuant to the Consolidated Appropriations Act, 2023.
APL 25-015 Data Sharing and Quality Rate Production for Directed Payment
Initiatives and Alternative Payment Methodology Programs
Issue Date: October 2, 2025
Summary: This APL provides details on Health Plan’s obligations surrounding data sharing and quality measures in the DHCS Directed Payment Initiatives or administered Alternative Payment Methodology (APM) programs. For these programs, payment to and/or participation of Providers are tied to specific quality measures.
RETIRED APL 20-022 COVID-19 Vaccine Administration
Retirement Effective Date: September 4, 2025
Summary: This APL is officially retired as of 09/04/2025. It used to provide Health Plan with information and guidance regarding the COVID-19 vaccine coverage and administration in the Medi-Cal Program. Coverage of COVID19 vaccines is now included in Health Plan’s standard vaccine/preventive care guidelines pursuant to requirements by the California Department of Public Health (CDPH).
B. DMHC Regulatory Notices
APL 25-015 Assembly Bill (AB) 144 and Coverage of Preventive Care Services
Issue Date: September 18, 2025
Summary: This APL outlines the obligations of Health Plan to cover preventive care services prior to the enactment of AB 144 and summarizes AB 144’s new
requirements regarding coverage of preventive care services. This APL also highlights recent updated guidance from CDPH regarding immunizations to protect against COVID-19, RSV, and influenza.
REVISED APL 24-013 Health Equity and Quality Program Policies and Requirements (Supersedes APLs 22-028 and 23-029)
Issue Date: October 1, 2025
Summary: This APL informs Health Plan of the DMHC Health Equity and Quality (HEQ) program policies and requirements.
Regulatory Reports
Under the terms of our contract with DHCS and in alignment with our KnoxKeene license requirements regulated by DMHC the Plan is required to routinely submit reports that demonstrate operational performance and regulatory compliance. RA tracks and coordinates these submissions to ensure timeliness and accuracy across all departments.
Below is a list of upcoming regulatory reports due to our regulators this month. The table includes the accountable Director and Executive sponsor for awareness and coordination. Please review the list to determine which reports fall within your area. Reports due for the upcoming month should be saved in this Dropbox Folder.
Monthly ECM/CS File
Weekly Encounter Data Files
Worthy
Worthy
Monthly MCPD/PCPA Files Clarence Rao Victoria Worthy
Monthly Financial Reports Somatra Sourng Michelle Tetreault
Monthly New Member Mailing Attestation Vena Ford Evert Hendrix
Monthly NEMT/NMT Report Dale Standfill Liz Le
Report Title
Monthly Post-Payment Recovery (PPR) Report
Monthly Provider Directory File and Use Submission
Monthly Provider Information Network (PIN) Files
Monthly Restricted Provider Site Verification
Quarterly CBAS Report
Quarterly Fraud, Waste, and Abuse Status Report
Quarterly Global Subcap Member Level Data
Quarterly Interoperability API Utilization Report
Quarterly LTC-SNF Report
Quarterly MCPAR CI Report
Quarterly Member Death Notification Report
Quarterly Pending & Unresolved Grievances Report
Quarterly Provider Network Impact Report
Quarterly Network Report (QNR)
Christopher Navarro Michelle Tetreault
Ana Aranda Liz Le
Ana Aranda Liz Le
Toni White Betty Clark
Pamela Lee Lakshmi Dhanvanthari
Toni White Betty Clark
Christopher Navarro Michelle Tetreault
Clarence Rao Victoria Worthy
Johnthan Yeh Lakshmi Dhanvanthari
Johnthan Yeh Lakshmi Dhanvanthari
Somatra Sourng Michelle Tetreault
RJ Ruiz Lakshmi Dhanvanthari
Ana Aranda Liz Le
Ana Aranda Liz Le
Quarterly MOU Good Faith Efforts Status Report Jeanette Lucht Lakshmi Dhanvanthari
Semi-Annual Provider Directory Review Submission
Provider Complaints
Ana Aranda Liz Le
Provider complaints come to Health Plan in different forms (e.g., direct call to us or dispute submission to DMHC). While our Provider Services and Claims teams
address those coming into us, Compliance is the point of contact for those coming through DMHC. In 2025, Health Plan received 52 requests (25 new Provider Complaints and 27 additional information requests), disputing 29 claims. In 2024, we received 67 requests (28 Provider Complaints and 39 additional information requests), disputing 56 claims. In 2023, Health Plan received 20 requests (13 Provider Complaints and 7 additional information requests), disputing 28 claims. In addition, each complaint may contain multiple issues that require a response.
Compliance coordinates a cross-functional group to review each complaint we receive. This group investigates the cases (from the original request to claim processing and dispute resolution) and prepares a comprehensive response to the DMHC about the provider’s concerns and the actions taken by us. These tables outline the status:
DMHC Consumer Complaints and Independent Medical Review (IMR):
Effective May 2025, RA manages the intake, tracking, and submission of all DMHC consumer complaints and Independent Medical Reviews (IMR) to ensure timely, compliance, and coordinated responses in collaboration with Grievance & Appeals.
DMHC Consumer Complaints
The following reflects the Consumer Complaints received, including analyses by case reason, urgency and outcome.
• Table A displays the Consumer Complaint reasons for Standard Cases, Expedited Cases and Additional Information Requests.
• Table B shows the Consumer Complaint outcomes for Standard Cases, Expedited Cases and Additional Information Requests.
2, 2025)
Independent Medical Review
Table C below reflects the number of IMR cases received from the Department since May 30, 2025, and their outcomes.
C: DMHC Independent Medical Review (IMR) (May 30, 2025-Oct 2, 2025)
Regulatory Audits:
As part of our commitment to compliance and quality care, our health plan is regularly audited by the DHCS and the DMHC. These audits help ensure that we’re meeting all state and federal requirements, fulfilling our contractual obligations, and provide the highest level of service to our members.
Each audit varies and can range from several regulatory areas of focus. Such as, but not limited to, access to care, timely claims processing, grievance and appeals handling, and provider network adequacy. These reviews not only hold us accountable but also give us opportunities to strengthen our processes and improve outcomes. Your role in supporting these efforts whether through documentation, timely responses, or following procedures plays a critical part in our overall success.
Key takeaways from our latest audits.
DHCS Routine Medical Survey – 2024 Update
In 2024, the Department of Health Care Services (DHCS) conducted its Routine Medical Survey to assess Health Plan’s compliance with Medi-Cal contractual requirements and applicable federal and state regulations. The review evaluated several key operational areas, including Utilization Management, Care Management, Coordination of Care, Access and Availability, Member Rights, and Quality Management.
Following the survey, DHCS issued its Final Report in April 2025, which identified a limited number of findings related to prior authorization and pharmacy benefit processes. Specifically, DHCS noted the need to strengthen procedures involving preventive services, cancer biomarker testing, family planning services, adverse benefit determination notices, and the use of DHCS-issued templates for denial communications.
Since April, Health Plan has been implementing the approved Corrective Action Plan (CAP) to address these findings. Through policy and procedure revisions, staff training, workflow updates, and system configuration changes, the Plan has achieved substantial progress. Monthly progress reports have been submitted to DHCS, and all milestones remain on track.
Over the coming months, the Compliance and operational teams will continue gathering evidence to validate sustained compliance and ensure all corrective actions remain effective. This effort will also support readiness for the DHCS onsite audit scheduled for January 2026
What’s coming next?
DHCS announced the next audit cycle covering the period August 1, 2024, through December 31, 2025. The virtual onsite review is scheduled for January 12–23, 2026.
The Plan received the official audit notification on October 15, 2025. In preparation, teams are coordinating the collection and validation of documentation for the two required submission periods:
1. Universe #1 (Aug 1, 2024 – Sept 31, 2025) – due November 18, 2025
2. Universe #2 (Oct 1, 2025 – Dec 31, 2025) – due January 16, 2026
These deliverables will support the upcoming onsite audit and demonstrate Health Plan’s ongoing commitment to regulatory compliance, data accuracy, and operational readiness.
Compliance & Ethics Week: November 2–8, 2025
Compliance & Ethics Week is a nationwide initiative that highlights the importance of integrity, accountability, and ethical decision-making in the workplace. It’s a time to reflect on our shared responsibility to uphold the standards that protect our members, our organization, and each other. Let’s continue to test your knowledge with three trivia questions*.
� � Q1: Which of the following best describes a Conflict of Interest?
A. Taking on extra work to help the company succeed
B. Following company policy even when it slows things down
C. Receiving approval from your manager before making a decision
D. A situation where personal interests may interfere with professional duties
� � � Q2: Which of these is considered Unethical Behavior in the workplace?
A. Reporting time worked accurately
B. Using company resources for personal gain
C. Following safety rules
D. Respecting confidential information
� � � Q3: TRUE or FALSE? It is okay to share your system login and password with a coworker if they need quick access and you trust them.
*Answers are at the end of the newsletter
Do you have a question for Compliance? To submit an inquiry, go to Team Sites > Compliance > Requests > Submit an Inquiry on SharePoint or simply use this link: check it out here.
Program Integrity Unit (PIU)
Privacy & Security
Individuals have the right to know how their protected health information (PHI) may be used and disclosed.
Member Rights for PHI
Do you know what rights the member has when it comes to their PHI? Just in case you do not know or need a refresher, take a moment to review the information below.
• Health Plan processes requests from members to obtain, access, correct, and/or restrict their PHI.
• Members may request confidential communications in an alternative format, or have their PHI sent to an alternate location. Health Plan provides access and information to members in the form and format requested if it is readily producible.
• Members may request an inspection and/or obtain a copy of their PHI. Certain exceptions apply for psychotherapy notes or information for use in a civil, criminal, or administrative action or proceeding
• Members may request that their PHI be amended.
• Members may request an accounting of disclosures made or maintained of their PHI.
• Members may request restrictions on the uses and disclosures of PHI for treatment, payment, and health care operations.
For more information about members’ rights, please refer to HPA43 Member Rights for Protected Health Information.
Privacy & Security Incidents
In the month of September, 70 HIPAA incidents were reported to PIU. One (1) of these incidents was reportable to DHCS. The incident was not reportable to OCR.
Fraud, Waste, and Abuse (FWA)
How to Spot FWA Red Flags
Everyone at Health Plan of San Joaquin (HPSJ) plays a part in protecting our healthcare system. Here’s how you can stay alert and help prevent Fraud, Waste and Abuse (FWA) in your day-to-day work:
• Look for unusual billing patterns or suspicious provider behavior.
• Look for duplicate or excessive medical claims which includes routine and lab procedures.
• Flag claims or documentation that seem inconsistent or incomplete.
• Never alter records or “fill in” information after the fact.
• Don’t ignore red flags, even a small concern can reveal a bigger issue.
• Complete all required FWA and compliance training on time.
• Report any suspected FWA activity through the proper internal channels.
• Familiarize yourself with the latest policies and procedures.
• Don’t be afraid to ask questions if you are unsure about a billing or compliance issue – basically don’t guess.
Maintaining the highest standards of ethics and accountability is everyone’s responsibility here at HPSJ. By staying vigilant, informed and proactive, we can work
together to detect and prevent FWA – protecting our organization, patients, members and community as a whole.
Need to Report a Concern?
You can report FWA concerns anonymously, confidentially and without fear of retaliation to the Program Integrity Unit (PIU):
• Online Reporting Tool: Report Non-Compliance, Privacy or Fraud, Waste & Abuse Issues
• Email: PIU@hpsj.com
Fraud, Waste, and Abuse Cases
In September, the PIU opened four (4) new cases and closed two (2) existing cases. At month end, our team had 23 open cases
Provider Exclusion Monitoring
PIU regularly monitors vendors and providers we contract with for exclusions, per 42 Code of Federal Regulations (C.F.R.) §438.610, which prohibits Medi-Cal Managed Care Plans (MCPs) from contracting or maintaining a contract with physicians or other health care providers who are excluded, suspended, or terminated from participating in the Medicare or Medi-Cal programs.
Identified Excluded Parties
Zero (0) excluded, restricted, and suspended providers were identified in the month of September through ad hoc and standard monthly screening.
Conflict of Interest (COI)
Understanding Conflict of Interest (COI) in Healthcare: What Should You Report?
When determining if you have a conflict of interest, think about your life, not just your work life. Ask yourself the following: Do you…
• Volunteer
• Have a second job
• Own a business
• Have an financial interest in a business and/or serve as a board member of a Health Plan supplier and/or vendor
• Accept gifts from a person/company that is doing business or intends to do business with Health Plan
If you answered “yes” to any of these questions, you should most likely complete a COI form and submit it to the Compliance Department for review.
If you’re unsure about whether you have a COI or need to file Form 700, consult policy CMP23 – Conflict of Interest or contact PIU@hpsj.com for guidance.
Audit & Oversight (A&O)
Onsite vs. Desk Review Audits
Audit and Oversight Department (A&O) Program Managers conduct Readiness Assessments, Baseline Audits, and Annual Audits of Internal Business Areas and Third Parties to ensure ongoing compliance with regulatory and contractual requirements. These audits may be performed via Onsite Review or Desk Review.
Onsite Audits involve the A&O Program Manager’s presence on location. They involve reviewing documentation and interviewing staff at the location where activities are performed. Onsite Audits allow the A&O Program Manager to more closely examine the Business Area’s or Third Party’s practices and evaluate proper handling of Member Protected Health Information (PHI).
Conversely, for Desk Review Audits, fieldwork is conducted by the A&O Program Manager remotely. They involve requesting documentation electronically and conducting interviews of staff performing activities virtually. Desk Reviews allow for a more in depth and focused review and may include an evaluation of policies, procedures, systems, materials, reports, and files.
Shift from Onsite to Desk Review Audits
Prior to COVID-19, Onsite Audits were the primary method for oversight activities conducted by Health Plan and Regulators. Given the health concerns posed by the pandemic, a shift was made industry-wide from Onsite to Desk Review Audits to continue oversight functions while protecting Health Plan and external staff involved in the audit process.
