Prior to 2005, hospitals were not required to have a compliance program to address issues of fraud, waste, and abuse. After the passage of the Deficit Reduction Act of 2005, any entity that receives at least $5 million annually from Medicaid is now required to have a compliance program in place. The Deficit Reduction Act requires that the policies be in writing and be available to all employees. The policies for these particular providers now must specifically address issues of fraud, waste, and abuse.
The recently enacted healthcare reform law, the Patient Protection and Affordable Care Act, (or as many are referring to it now, the Affordable Care Act (ACA)) requires the Secretary of Health and Human Services (Secretary) in cooperation with the Office of the Inspector General (OIG) to ensure that all entities receiving reimbursement under Medicare, Medicaid, and the State Children’s Health Insurance Program (CHIP) not only have a compliance program in place, but it also requires the Secretary and the OIG to establish the “core elements” that the compliance program should contain. The ACA gives the Secretary and OIG broad discretion in establishing these “core elements” and requires that they be based on the provider’s industry or category. The ACA also gives the Secretary and the OIG broad discretion in establishing a timeline for implementation, stating that the implementation dates should take into account the impact of the requirements on the industry sector or provider category. The ACA further provides that states must require compliance plans as a condition of enrollment in each state’s Medicaid plan. This creates multiple levels of enforcement for these compliance program requirements with respect to providers that receive reimbursement from both Medicare and Medicaid.
Based on the wording of the ACA, it is likely that the “core elements,” which the Secretary and the OIG will create will vary based on category of provider and industry sector. Currently, neither governmental agency has proposed any regulations addressing this issue; however, once these regulations are created, it will be crucial that the current and future compliance policies meet the “core elements” specific to the correct provider category. Until that time, Onslow Memorial Hospital will continue to ensure compliance through its current comprehensive compliance program and will ensure future compliance as the Secretary and the OIG establish these new regulations.