Medicare Compliance Training [Company Name/Logo] Medicare Compliance Training

Agenda Your place in Medicare compliance Protecting consumer health information Detection, prevention, & correction of Fraud, Waste, & Abuse (FWA) Elements of an effective compliance program

Your Place in Medicare Compliance

What are Medicare Parts C and D? Medicare Part C (Medicare Advantage): health insurance option available to Medicare beneficiaries run by private, Medicare-approved insurance companies that arrange for or directly provide health care services to enrollees Medicare Part D (Prescription Drug Plans): provides prescription drug coverage to Medicare beneficiaries enrolled in Part A and/or Part B who enroll in a PDP or an MA-PD plan. Medicare-approved insurance & other companies provide prescription drug coverage to individuals living in a plan’s service area

Compliance Program Guidelines Medicare Managed Care Manual, Chapter 21 Prescription Drug Benefit Manual, Chapter 9 Medicare Communications & Marketing Guidelines (MCMG)

Plan Sponsor & FDRs Plan Sponsor: CMS-contracted carrier FDR: First Tier, Downstream, and Related Entities Plan sponsors may enter into contracts with FDRs to provide administrative or health care services for enrollees on behalf of the sponsor Medicare program requirements apply to FDRs to whom the sponsor has delegated administrative or health care service functions related to the sponsors Medicare Part C and D contracts

(Medicare Advantage Organization) Part C Plan Sponsor (Medicare Advantage Organization) Independent Practice Association (First Tier) Call Centers (First Tier) Health Services/ Hospital Groups (First Tier) Fulfillment Vendors (First Tier) Field Marketing Organizations (FMOs) (First Tier) Credentialing (First Tier) Providers (Downstream) Radiology (Downstream) Hospitals (Downstream) Mental Health (Downstream) Agents (Downstream)

Part D Plan Sponsor (Prescription Drug Plan Carrier) Call Centers (First Tier) Pharmacy Benefit Manager (PBM) (First Tier) Field Marketing Organizations (FMOs) (First Tier) Pharmacy (Downstream) Marketing Firm (Downstream) Quality Assurance Firm (Downstream) Claims Processing Firm (Downstream) Agents (Downstream)

Where You Fit FDR: First Tier, Downstream, and Related Entities First Tier: party contracted with an MAO or Part D plan sponsor to provide administrative services or health care services to a Medicare eligible individual under the MA program or Part D program Downstream Entity: party contracted with persons/entities involved with the MA benefit or Part D benefit, below the level of the arrangement between an MAO or a Part D plan sponsor and a first tier entity Related Entity: entity that is related to an MAO or Part D sponsor by common ownership or control and (1) performs some of the MAO or Part D plan sponsor’s management functions under contract delegation; (2) Furnishes services to Medicare enrollees under an oral or written arrangement; or (3) Leases real property or sells materials to the MAO or Part D plan sponsor at a cost of more than $2,500 during a contract period Contracted Agents are considered Downstream Entities

Your Responsibilities Comply with all applicable statutory, regulatory, & other Medicare Part C and Part D requirements, including adopting and using an effective compliance program Report any compliance concerns and suspected or actual violations of which you may be aware Follow [add specific Code(s) of Conduct distributed to employees here]

Protecting Consumer Health Information

Health Information Protected Health Information (PHI) Individually Identifiable Health Information Protected Health Information (PHI)

Health Information Any information, whether oral or recorded in any form or medium, that is created or received by a health care provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse and relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual

Individually Identifiable Health Information Subset of health information, including demographic information collected from an individual, that identifies the individual or with respect to which there is a reasonable basis to believe the information can be used to identify the individual

Protected Health Information (PHI) Individually identifiable health information that is transmitted or maintained in any form or medium Relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual Could be used to identify the individual

Certificate or License # HIPAA Identifiers Name Address Dates Phone # Fax # Email Address SSN Medical Record # Health Plan # Account # Certificate or License # VIN Web URL IP Address Biometric ID Photo Device Serial # Other identifier

Is it PHI? Does it relate to: (1) The past, present, or future physical or mental health or condition of an individual? (2) The provision of health care to an individual? OR (3) The past, present, or future payment for the provision of health care to an individual? Is the health information coupled with information that could be used to identify the individual?

Protecting PHI PHI can be spoken, written, or electronic PHI examples: Spoken: ensure no one can overhear you Written/hard copy: locked filing cabinet Electronic (including email): encrypted PHI examples: Completed enrollment applications Completed Scope of Appointment (SOA) forms Consumer medication lists Not sure if it’s PHI? Veer on the side of caution

Detection, Correction, & Prevention of FWA

Definitions Fraud: intentionally submitting false information to the Government or a Government contractor to get money or a benefit Waste: includes practices that, directly or indirectly, result in unnecessary costs to the Medicare Program, such as overusing services Abuse: includes actions that may, directly or indirectly, result in unnecessary costs to the Medicare Program. Abuse involves paying for items or services when there is no legal entitlement to that payment, and the provider has not knowingly or intentionally misrepresented facts to obtain payment

Examples Fraud: Waste: Abuse: Knowingly billing for nonexistent prescriptions Knowingly billing for services not furnished or supplies not provided Waste: Prescribing more medications than necessary for treating a condition Ordering excessive laboratory tests Abuse: Unknowingly billing for brand name drugs when generics are dispensed Unknowingly excessively charging for services or supplies

Key Differences Fraud: requires INTENT and KNOWLEDGE Waste & Abuse: may involve obtaining an improper payment or creating an unnecessary cost to the Medicare Program but do not require the same intent & knowledge Abuse: payment for items/services that have no substantiated basis for payment Waste: overutilization of services

Detecting FWA: Know the Law Civil False Claims Act, Health Care Fraud Statute, & Criminal Fraud Anti-Kickback Statute Stark Statute (Physician Self-Referral Law) Exclusion from Federal health care programs Health Insurance Portability and Accountability Act (HIPAA)

Civil False Claims Act (FCA) An individual may be liable to pay damages to the Government if he or she knowingly: Conspires to violate the FCA Carries out other acts to obtain Government property by misrepresentation Conceals or improperly avoids or decreases an obligation to pay the Government Makes or uses a false record/statement supporting a false claim Presents a false claim for payment/approval

Health Care Fraud Statute States, “Whoever knowingly and willfully executes, or attempts to execute, a scheme or artifice to defraud any health care benefit program...shall be fined under this title or imprisoned not more than 10 years, or both.” Conviction under the statute does not require proof the violator had knowledge of the law or specific intent to violate the law.

Criminal Health Care Fraud Persons who knowingly make a false claim may be subject to: Criminal fines up to $250,000 Imprisonment for up to 20 years If the violations resulted in death, the individual may be imprisoned for any term of years or for life

Anti-Kickback Statute Prohibits knowingly and willfully soliciting, receiving, offering, or paying remuneration (including any kickback, bribe, or rebate) for referrals for services that are paid, in whole or in part, under a Federal health care program (including the Medicare Program). Example: A physician operating a pain management practice: Conspired to solicit and receive kickbacks for prescribing a highly addictive version of Fentanyl Reported patients had breakthrough cancer pain to secure insurance payments Received $188,000 in speaker fee kickbacks from the drug manufacturer Admitted the kickback scheme cost Medicare and other payers more than $750,000 Violations are punishable by: A fine up to $25,000 Imprisonment up to 5 years

Stark Statute Prohibits a physician from making referrals for certain designated health services to an entity when the physician (or a member of his or her family) has: An ownership/investment interest or compensation arrangement Example: A hospital was ordered to pay more than $3.2 million to settle Stark Law violations for maintaining 97 financial relationships with physicians and physician groups outside the fair market value standards or that were improperly documented as exceptions Medicare claims tainted by an arrangement that does not comply with the Stark Statute are not payable. A penalty of around $24,250 can be imposed for each service provided. There may also be around a $161,000 fine for entering into an unlawful arrangement or scheme.

Civil Monetary Penalties (CMP) Law The Office of Inspector General (OIG) may impose civil penalties for several reasons, including: Arranging for services or items from an excluded individual or entity Providing services or items while excluded Failing to grant OIG timely access to records Knowing of and failing to report and return an overpayment Making false claims Paying to influence referrals Example: a pharmacy and its owner agreed to pay $1.3 million to settle allegations they submitted unsubstantiated claims to Medicare Part D for brand name prescription drugs the pharmacy could not have dispensed based on inventory records

Exclusion Medicare payment may not be made for items or services furnished or prescribed by an individual who has been excluded/suspended under a Federal or State health care program Federal exclusion lists include: The List of Excluded Individuals and Entities (LEIE), maintained by the OIG The Excluded Parties List System (EPLS), administered by the GSA and accessible on www.sam.gov 30+ states also maintain exclusion lists

HIPAA HIPAA: Health Insurance Portability and Accountability Act of 1996 Created greater access to health care insurance Strengthened the protection of privacy of health care data Promoted standardization & efficiency in the health care industry HIPAA safeguards deter unauthorized access to protected health information (PHI) Individuals with access to PHI must comply with HIPAA

Preventing FWA Look for suspicious activity Conduct yourself in an ethical manner Know FWA policies & procedures, standards of conduct, laws, regulations, and CMS’ guidance If working with providers’ offices, ensure you are aware of applicable laws and regulations

Reporting FWA & Compliance Concerns Agents are to report all potential compliance concerns to the Berwick Insurance Group Compliance Department and all applicable carriers Carriers’ specific reporting mechanisms are included in section PS-9 of the Berwick Insurance Compliance Manual Berwick Insurance Group observes a policy of no retaliation an non-intimidation for reporting potential compliance concerns Refer to Section 4 of the Berwick Insurance Compliance Charter for more information

Correction of FWA Once FWA is detected, it must be promptly corrected A Corrective Action Plan (CAP) should be developed to correct the issue A CAP should: Correct the underlying problem that resulted in violations Directly address the particular problem or deficiency identified Include specific timeframes for actions to be completed Document corrective actions taken and include consequences for failure to sufficiently complete the corrective action Monitor corrective actions continuously to ensure effectiveness

Elements of an Effective Compliance Program

7 Elements Written Policies & Procedures Designation of a Compliance Officer and Committee Effective Training & Education Effective Lines of Communication Auditing & Monitoring Disciplinary Enforcement Responding to and Reporting Detected Problems

Written Policies & Procedures [Include information about the Code(s) of Conduct you utilize here]

Compliance Officer & Committee [Include information for the compliance point of contact for your agency here. If your agency does not have a designated internal compliance point of contact, include the contact information for Berwick Insurance Group’s Compliance Department (compliance@berwickinsurance.com / 888-745-2320)].

Effective Training & Education Available in the Berwick Agent Portal Pre-recorded compliance training webinars Quick-reference compliance checklists Carrier-specific compliance reference documents Live trainings New-hire and annual compliance training Monthly Compliance Training for New Agents webinars hosted by Berwick Insurance Group [Include any information about any additional training your agency conducts here]

Effective Lines of Communication Carrier reporting mechanisms clearly listed in Section PS-9 of the Berwick Insurance Compliance Manual All employees have direct access to the Compliance Officer and Compliance Committee Clearly communicated processes for reporting potential compliance concerns (email and phone) Email: compliance@berwickinsurance.com Phone: 888-745-2320, ext. 7147 [Include additional compliance contact information for your agency, if applicable]

Auditing & Monitoring Downline agencies are randomly selected for audit If deficiencies are identified, results will be delivered to Berwick Insurance Group, and a Corrective Action Plan (CAP) will be implemented If CAP is not completed to satisfaction, consequences may include termination of the agency’s contract

Disciplinary Enforcement Berwick Insurance works with each carrier to ensure consistency in processes for corrective and disciplinary actions and terminations If an issue is identified with a downline agent/agency, Berwick Insurance may require one or more of the following: Compliance coaching from Berwick Insurance or the agent/agency’s direct upline (if applicable) A written warning issued from Berwick Insurance to the agent/agency Development of a Corrective Action Plan (CAP) Termination of the agent/agency’s contract, if the CAP is not completed to satisfaction

Responding to & Reporting Problems Berwick Insurance Group primarily receives notification of incidents of potential non-compliance from carriers For written policies and procedures, please refer to the Berwick Insurance Compliance Manual, Corrective and Disciplinary Action (CDA) Policies & Procedures

Questions? Phone: Email: Vice President of Strategic Alliances: 520-400-9309 Compliance Director: 888-745-2320, ext. 7147 Email: Compliance Department: compliance@berwickinsurance.com Vice President of Strategic Alliances: colleen@berwickinsurance.com Compliance Officer: ann@berwickinsurance.com [Include contact information for your agency here]