The year 2010 brings heightened health care focus on compliance, reform efforts and enforcement.

1. Stark Law Self-Disclosure

Providers subject to the physician self-referral law (Stark Law) continue to struggle with the ramifications of unintentional or so-called “technical” violations of the Stark Law. For example, accidental omission of a signature on a lease between a hospital and medical group may result in a noncompliant financial relationship, even if the lease terms are commercially reasonable and the rent is at fair market value. In such case, the Stark Law requires that the hospital refund any Medicare payments for patients referred by physician owners of the medical group during the period of noncompliance. The potential for overpayments can be substantial when the technical deficiency is discovered long after the fact, and the failure to return overpayments could bring exposure under the False Claims Act. Before March 2009, the Office of Inspector General (OIG) self-disclosure protocol provided a pathway for providers to self-disclose and settle Stark Law violations at amounts substantially less than the amount of the Medicare payments. However, in March 2009, the OIG announced that it would no longer accept Stark Law self-disclosures in the absence of a colorable anti-kickback law violation. Consequently, in cases where there is no evidence of improper intent to induce referrals under the anti-kickback law, providers have no readily available avenue for resolving technical Stark Law issues at less than the full amount of the overpayments. Both the House and Senate health reform bills proposed in 2009 require HHS to establish a Stark Law self-disclosure protocol. Both versions also permit settlement of self-disclosed violations for less than the full amount of the Medicare payments if warranted by the circumstances. Regardless of the outcome of health reform, there is significant support for a viable self-disclosure protocol. On January 28, 2010, Senator Grassley introduced the “Strengthening Program Integrity and Accountability in Health Care Act” (S.2964), which includes many of the fraud fighting initiatives from the health reform bills, including establishment of a self-disclosure protocol. Meanwhile, however, the issue will continue to be a source of considerable stress for health care providers, and will consume resources that might otherwise be used to further more substantive compliance objectives.

For more information on health care reform developments, visit McDermott’s health care law reform blog.

2. Compliance Program Effectiveness

A series of important recent and evolving developments in the health care compliance environment highlight the need for a scrupulous emphasis on effective corporate compliance programs. The recent expansion of the False Claims Act and the further expansion of fraud enforcement expected to be included in health reform legislation will have a significant impact on the newest generation of physician-hospital integration initiatives. This comes in the wake of the ever-expanding connection being drawn by regulators between the quality of care and false claims liability. The focus on these matters is borne out by government activity, such as the formation of the Health Care Fraud Prevention and Enforcement Action team (HEAT), an interagency program of the U.S. Department of Justice (DOJ) and HHS designed to combat Medicare fraud.

Moreover, there is increasing emphasis on hospital board compliance oversight obligations. For example, the New York State Medicaid Inspector General has expressed a willingness to pursue sanctions against governing board members of Medicaid providers if compliance problems and violations are attributable to their failure to exercise effective compliance plan oversight. In the federal arena, the HHS OIG recently republished a three-part series on health care compliance, and the DOJ has attempted to apply “Responsible Corporate Officer” and similar theories to assert liability to executives in fraud actions. In addition, compliance program effectiveness is an essential element of the Federal Sentencing Guidelines’ compliance program criteria.

Developing the right approach for assessing compliance effectiveness is an art rather than a science, and no tried-and-true approach exists. Further, the route chosen will likely differ depending upon the program’s stage of development and implementation. In any case, it should be conducted in large part relative to the standards established by the OIG compliance guidance, Federal Sentencing Guidelines and the DOJ Guidelines for the Federal Prosecution of Corporations.

For more information, see McDermott’s On the Subject “New Compliance Plan Effectiveness Proposals.”

3. Increased Enforcement – Complex RAC Audits and Survey Activity

Enhanced RAC audits, called “complex reviews” are taking RAC concerns to entirely new heights starting in 2010. While routine RAC audits are time-consuming for the subject hospitals, the process is largely automated. In contrast, complex reviews are far more labor- and time-intensive for audited hospitals. For those facilities already dealing with increased demands on individuals in administrative roles, the effort and resources required to respond to a comprehensive review could be crippling. Complex reviews focus heavily on coding errors with a more “complex” review featuring a team of specialists (including coders and clinical professionals) that assess information on a retrospective basis. Given that RAC auditors can keep between 9 and 12.5 percent of payments identified as improper, the more complex the review, the more likely the RAC auditors can take a hospital’s audit results straight to the bank.

The pressures of RAC audits come on top of increased survey and enforcement activity by state departments of health and CMS of all types of health care facilities. From Federal Monitoring Surveys of skilled nursing facilities to ordinary course complaint surveys, health care facilities have perceived an upswing in survey activity and the number and type of deficiencies cited during such surveys. The resources required to respond to survey findings, particularly the costs of remediating Life Safety Code-related deficiencies, places an additional burden on health care facility staff and budgets.

4. Health Insurance Industry Reform

Even with health care reform legislation on a slower track than anticipated at the start of 2010, the health insurance market is likely to face significant changes affecting all participants—health insurers, managed care organizations, employer/union group plans and individuals alike. The potential establishment of premium rating limitations, the elimination of lifetime coverage limits and the regulation of medical loss ratios (MLRs) are likely to affect the pricing of insurance products in a material way. Even if Congress fails to act, States may enact reforms related to the small group market and to take their own steps to expand access for un- and under-insured individuals. Medicare Advantage Organizations already are experiencing payment reductions, and the debate over changes to the current payment methodology is likely to continue. These changes would likely affect premium rates and plan benefit packages, including the availability of supplemental benefits.

For more information on health care reform developments, visit McDermott’s health care law reform blog.

5. Health Information Technology

The Health Information Technology for Economic and Clinical Health Act (HITECH Act), enacted in February 2009, included about $20 billion allocated over five years to health information technology (IT) projects, including incentive payments, beginning in 2011, to eligible professionals and eligible hospitals to acquire electronic health record (EHR) technology. In 2015, however, the incentives turn into penalties by way of reduced Medicare reimbursements if “meaningful use” is not demonstrated. It is critical, therefore, for eligible professionals and eligible hospitals to understand what constitutes “meaningful use.” On January 13, 2010, the Centers for Medicare and Medicaid Services published a proposed rule setting forth the first of three stages of criteria defining “meaningful use.” The Department of Health and Human Services (HHS) Office of the National Coordinator for Health Information Technology simultaneously published an interim final rule, effective February 12, 2010, which sets standards, implementation specifications and certification criteria for EHR technology. A third proposal is expected from HHS in the short term, which will provide further guidance about the process for becoming an EHR technology certifying organization. This year will bring significant activity from all stakeholders in analyzing whether EHR is qualified and meets certification criteria, and whether eligible professionals or hospitals have demonstrated “meaningful use.”

The HITECH Act also expanded the reach of HIPAA, extending it to business associates effective February 17, 2010, and imposing nationwide notification requirements for breach of unsecured protected health information (PHI). Business associates will also now be directly obligated to comply with the security rule of HIPAA and implement security policies to safeguard electronic PHI. Increased enforcement of HIPAA, as expanded by the HITECH Act, around breaches of unsecured PHI are anticipated, as foreshadowed by the Connecticut Attorney General’s recent suit against Health Net over the company’s loss of a hard drive holding information on almost 450,000 enrollees. This is the first time a state attorney general has invoked new authority under the HITECH Act to pursue breaches of personal health information—it is likely not the last.

For more information, see McDermott’s White Paper “HHS Establishes the Initial Pathway for Qualifying for HITECH Act Incentives Dollars for Meaningful Use of Certified Electronic Health Record Technology.”

6. Focus on Tax Exemption

Form 990 – Schedule H – This Time It’s for Real

Tax-exempt hospitals must, for the first time, fully complete Schedule H to Form 990 when filing their 2009 tax returns. Schedule H requests disclosure of each hospital’s community building activities, bad debt expenses, Medicare-shortfall and debt-collection practices, arrangements with management companies, participation in joint ventures, and level of charity care and other community benefits. In addition to these data, Schedule H also requests supplemental information in narrative form, including descriptions of how the hospital assesses the needs of its community, informs patients of their eligibility for charity care, and uses community building activities to promote the health of its service area. While many hospitals used last year’s filings as “practice” for Schedule H’s data portions, few prepared sample responses to its narrative portions.

In addition to Schedule H, tax-exempt hospitals must fully complete Schedule K to provide supplemental information on tax-exempt bonds, including disclosure of private business use, posing another disclosure challenge for exempt hospitals. These disclosures will certainly garner attention from Senator Chuck Grassley and Senate Finance Committee staff members. Since many hospitals request automatic time extensions to complete their returns, however, the media and an inquiring public may need to wait another 10 to 14 months before they can view and compare a hospital’s disclosures.

Governance Concerns – Increased Scrutiny of Nonprofit Boards

Nonprofit boards, including those of exempt hospitals, will be expected to more actively assess the effectiveness of internal mechanisms designed to monitor business risk and preserve charitable assets. This should include a particular focus on organizational exposure to economic conditions, the potential impact of new laws and regulations, quality matters and changes to the competitive environment. While the Business Judgment Rule remains the standard, nonprofit directors should expect closer scrutiny of their decisions in a post-recessionary economy that continues to challenge nonprofit hospitals. Regulators are increasingly evaluating the role of the board in connection with organizational noncompliance and preventable corporate harm. Nonprofit organizations are well advised to identify whether board processes adequately support informed decision making in this regard, and take steps to improve processes where warranted.

7. Accountable Care Organizations and Medical Homes

If passed, health reform legislation is likely to promote the creation of cost-saving delivery models, such as Accountable Care Organizations (ACOs) and Medical Homes. ACOs seek to control costs and improve quality by making incentive payments to multi-provider integrated delivery systems that meet cost and quality targets. Medical Homes promote the goal of improving patient care outcomes through payments to a patient’s personal physician to manage the patient’s care across clinical and non-clinical care delivery settings. In 2010, health care providers and private health insurers should anticipate increasing pressure from the public and private sectors to explore the formation of ACOs and Medical Homes. In addition to the financial and strategic aspects of involvement in ACOs and Medical Homes, careful evaluation of participation in these models should include examination of the implications for tax-exempt status, existing quality initiatives, and federal and state regulatory compliance.

8. Patient Safety Organizations

In 1999, the Institute of Medicine (IOM) alarmingly reported that medical error-related deaths in the United States were the equivalent of crashing one jumbo jet per day. One factor underlying the high rate of medical error, according to IOM, was a reluctance on the part of providers to identify and address medical errors due to concerns that such information would be used against them in medical malpractice lawsuits or professional disciplinary actions. The Patient Safety and Quality Improvement Act of 2005 (Patient Safety Act) and regulations promulgated at the end of 2008 are designed to address this concern by creating a mechanism for the reporting and sharing of patient safety information among providers without the fear of liability. The Patient Safety Act, which applies to all health care providers, authorizes the creation of patient safety organizations (PSOs) to receive and analyze information relating to patient safety, and confers broad federal privilege and confidentiality protections to information held by PSOs. The Patient Safety Act also imposes significant penalties for breaches. Although many states have implemented peer review protections, those protections vary from state to state and generally do not protect information that is shared outside of the health care institutions. There are currently more than 75 PSOs in 30 states listed with the Agency for Healthcare Research and Quality; by providing federal privilege and confidentiality protections for information held by PSOs, the Patient Safety Act intends to enhance the data available to assess and resolve patient safety and health care quality issues.

For more information, see David Ivill’s article “The Rise of Patient Safety Organizations,” published in the New York Law Journal.

9. Pension Plans and Benefits

Two items of guidance that could affect executive compensation provided by tax-exempt organizations are likely to be published in the coming year. The first is Internal Revenue Service (IRS) guidance regarding the application of Internal Revenue Code Section 409A—which sets forth certain restrictions on nonqualified deferred compensation plans—to tax-exempt organizations. Last year, the IRS promised that it would provide guidance effectively eliminating a covenant not to compete as a substantial risk of forfeiture under a nonqualified deferred compensation plan. While the guidance was not published by the end of 2009, it will likely follow in 2010. This guidance will affect supplemental retirement arrangements, employment agreements and other arrangements that provide for a deferral of compensation. Such arrangements will need to be analyzed once the guidance is published to determine whether any changes are required to avoid adverse tax consequences to plan participants.

The second item of importance is cafeteria plan regulations expected to be finalized this year. Many tax-exempt employers have historically offered a type of plan through which executive employees can elect either to receive certain benefits, such as additional life insurance or additional disability insurance, or to defer such monies into nonqualified deferred compensation arrangements. The final regulations will likely affect the ability of employers to continue to offer the full range of benefits through this cafeteria-style program in a manner that is tax-favorable to participating employees.

Given these developments, employers should monitor guidance and regulations regarding nonqualified deferred compensation arrangements and cafeteria plans, and take these coming changes into consideration both in terms of internal planning efforts and budgeting for related costs in 2010.

10. Loosening Credit Markets and Increasing M&A Activity

After a slowdown in 2009, mergers and acquisitions (M&A) activity is expected to increase in 2010 as health care systems evaluate their operations, plan strategic acquisitions, and look to offload underperforming or non-core service lines and facilities. Conversion transactions, where nonprofit health care facilities and entities “convert” to for-profit status through acquisition by for-profit companies, are also expected to increase, as are physician-hospital joint ventures. At the root of this activity is the relative loosening of bond and credit markets, providing increased access to capital—though while the costs of borrowing have modulated, so has the appetite for risk. Private equity activity in all aspects of health care continues to be a driver in the M&A environment.

This and other topics will be discussed at the 2010 Healthcare Services Private Equity Symposium.