Medicare Advantage and Medicare Part D Required Fraud, Waste and Abuse Training 2009

Introduction The Centers for Medicare & Medicaid Services (CMS) requires Medicare Advantage Organizations (MAO) to have policies and procedures to identify and address Fraud, Waste and Abuse (FWA) in the delivery of health care services through the Medicare Advantage benefit. CMS also requires the MAO to have a procedure in place to facilitate FWA training and education for vendors and providers. SOURCE: Prescription Drug Benefit Manual, Chapter 9 - Part D Program to Control Fraud, Waste and Abuse as well as part 42 of the Code of Federal Regulations sections 422.503 and 423.504.

Our Commitment Empire Blue Cross Blue Shield (Empire) and subsidiaries, must ensure that all delegated and external entities implement fraud, waste and abuse training for all personnel who deal directly with our Medicare members or who view Protected Health Information (PHI) in any capacity. We must establish training requirements and communication to our first tier, downstream and related entities of which we have a contractual relationship. SOURCE: Federal Register – Part V Department of Health and Human Services, 42 CFR 422 and 423.

How Does this Effect You? As an entity that contracts with Empire, on behalf of our Medicare Advantage members, your office must meet the new education and training requirements outlined in the contract addendums sent earlier this year.

Requirements In order to ensure we are in compliance with the CMS regulations, we are providing three avenues for you to fulfill the training requirements. 1. Provide your own internal FWA and compliance training, and complete the attestation form via our online attestation with United Mail. You will need to enter User ID: EmpireBCBS and Password: fwatrain 2. Take the training through LearnSomething, Inc. 3. Continue through this presentation as your FWA training, and complete the attestation form at the end of this presentation. Click Here Click Here Click Here

Providing Your Own Internal FWA Training Providing your own internal FWA and compliance training will require that the training is acceptable per the regulations found in 42 CFR 422.504(b)(4)(vi)(c) and 423.504(b)(4)(vi)(c), as well as the learning objectives listed on the next page.

Providing Your Own Internal FWA Training FWA Training Learning Objectives Laws and regulations including the False Claims Act, Anti-Kickback Statute and HIPAA Identify processes for reporting fraud, waste and abuse to the Medicare Advantage and Part D plan sponsors Information on protections for employees who report suspected fraud, waste and abuse Identifying fraud, waste and abuse Click Here for the Attestation

LearnSomething, Inc. If your practice does not have a training program and using the Empire training is not an option for you, the National Health Care Antifraud Association (NHCAA), in conjunction with the Blue Cross and Blue Shield Association (BCBSA), has launched an online Fraud, Waste and Abuse General Compliance Training Course.

LearnSomething, Inc. This course was developed in collaboration with LearnSomething, Inc., a leading producer of customized, multimedia training and learning management solutions. This online training program was specifically developed to help Medicare Advantage first tier and downstream contractors meet CMS compliance requirements. You can access the online training via the course portal at www.wellpoint.learnsomething.com. This course is reasonably priced, with volume discounts available and can be purchased through this link.  

Fraud, Waste and Abuse Training

Empire Blue Cross Blue Shield Fraud, Waste & Abuse Training The following slides provide learning objectives, regulations, definitions, relevant laws and examples of potential FWA and prevention plans. At the conclusion of this presentation, an authorized representative from your organization will need to complete the attestation statement.

FWA Training Outline Identify Who Needs to Take the Training Identify Fraud, Waste and Abuse Who Can Commit Fraud? Laws and Prohibitions Compliance Programs Reporting Suspected Fraud & Abuse Attestation Statement Additional Sources and Finding More Information Acronyms and Glossary

Who Needs to Take the Training?

Who Needs to Take the Training? The Prescription Drug Benefit Manual, Chapter 9 states that these requirements are related to all first tier, downstream, and related entities.

First Tier Entity The First Tier Entity is any party that enters into a written arrangement acceptable to CMS with a sponsor or applicant to provide administrative services or health care services for a Medicare eligible individual under Part D. First Tier Entity Examples Pharmacy Benefits Manager (PBM) Contracted hospital Clinics Physicians and non-physician practitioners SOURCE: Prescription Drug Benefit (PDB) Manual, Chapter 9 – Part D Program to Control Fraud, Waste and Abuse; 42 CFR 422.503 and 423.504 Third bullet refers more to the changing external marketplace than to the internal reorganization. Even if Senior members were on just one system, there is no single system in WellPoint that supports Senior’s unique needs as a result of how fundamentally the Senior business has changed in the last 1.5 years with the introduction of Part D, new variations of MA, and the Senior consumer growing increasingly sophisticated 15

Downstream Entity The Downstream Entity is any party that enters into a written arrangement, acceptable to CMS, below the level of the arrangement between a sponsor and a first tier entity. These written arrangements continue down to the level of ultimate provider of both health and administrative services. Downstream Entity Examples Pharmacies Marketing firms Quality assurance companies Claims processing firms Billing agencies SOURCE: Prescription Drug Benefit (PDB) Manual, Chapter 9 – Part D Program to Control Fraud, Waste and Abuse; 42 CFR 422.503 and 423.504 Third bullet refers more to the changing external marketplace than to the internal reorganization. Even if Senior members were on just one system, there is no single system in WellPoint that supports Senior’s unique needs as a result of how fundamentally the Senior business has changed in the last 1.5 years with the introduction of Part D, new variations of MA, and the Senior consumer growing increasingly sophisticated 16

Related Entity A Related Entity is any entity that is related to the sponsor by common ownership or control and performs some of the Sponsor’s management functions under contract or delegation, or furnishes services to Medicare enrollees under an oral or written agreement; or leases real property, or sells materials to the Sponsor at a cost of more than $2,500 during a contract period. SOURCE: Medicare Managed Care Manual (MCM) Chapter 11- Medicare Advantage Application Procedures and Contract Requirements Third bullet refers more to the changing external marketplace than to the internal reorganization. Even if Senior members were on just one system, there is no single system in WellPoint that supports Senior’s unique needs as a result of how fundamentally the Senior business has changed in the last 1.5 years with the introduction of Part D, new variations of MA, and the Senior consumer growing increasingly sophisticated 17

Identifying Fraud, Waste & Abuse

What is Fraud? Fraud is the intentional misrepresentation of data for financial gain. Fraud happens when an individual knows or should know that something is false and makes a knowing deception that could result in some unauthorized benefit to themselves or another person. SOURCE: CMS Glossary; CMS Medicare Learning Network (MLN)

What is Waste? Waste is the extravagant, careless or needless expenditure of healthcare benefits or services that results from deficient practices or decisions. SOURCE: CMS Glossary; CMS Medicare Learning Network (MLN)

What is Abuse? Abuse involves payment for items or services where there was no intent to deceive or misrepresent but the outcome of poor insufficient methods results in unnecessary costs to the Medicare program. Abuse may include: Billing for a non-covered service. Misusing codes on the claim. Inappropriately allocating costs on a cost report. SOURCE: CMS Glossary; CMS Medicare Learning Network (MLN)

Who Can Commit Fraud?

Who Commits Fraud and Abuse? Many individuals and organizations can potentially commit fraud including: Beneficiaries Physicians, nurses and other healthcare providers Pharmacies Laboratories Pharmaceutical manufacturers Durable Medical Equipment (DME) Providers Hospitals Pharmacy Benefit Managers (PBMs) Employees of health plans Home Health Agencies SOURCE: CMS Glossary; CMS Medicare Learning Network (MLN)

Beneficiary Fraud Examples of fraud committed by beneficiaries of a federal program may include: Identify theft Resale of drugs on black market Falsely reporting loss or theft of drugs to receive replacements Doctor shopping SOURCE: PDM Manual Chapter 9, Part 70.1.7

Provider Fraud Fraud can be found in some day-to-day operations within any medical practice. Some forms of fraud may include: Billing for items or services not rendered or not provided as claims. Submitting claims for equipment or supplies and services that are not reasonable and necessary. Double billing resulting in duplicate payments. Unbundling. Failure to properly code using coding modifiers or up-coding the level of service provided, inappropriate use of place of service codes. Altering medical records. SOURCE: CMS Glossary; CMS Medicare Learning Network (MLN); Medicare Physician Guide: A Resource for Residents, Practicing Physicians, and Other Health Care Professionals, Tenth Edition.

Pharmacy Benefit Manager (PBM) Fraud Fraud committed by a PBM may include: Unlawful remuneration in order to steer a beneficiary toward a certain plan or drug, or for formulary placement. Includes unlawful remuneration from vendors beyond switching fees. Not offering a beneficiary the negotiated price of a Part D drug. SOURCE: Prescription Drug Benefit Manual, Chapter 9 – Part D Program to Control Fraud, Waste and Abuse

Fraud Committed by Plan Sponsors and Medicare Advantage Organizations Plan Sponsors and MAOs may commit fraud by: Making payments for excluded drugs. Conducting marketing schemes. Offering beneficiaries a cash payment as an inducement to enroll. Unsolicited door-to-door marketing. Enrollment of beneficiaries without their consent. Stating that a marketing agent/broker works for or is contracted with the Social Security Administration or CMS. Misrepresenting the product being marketed as an approved Part D Plan when it actually is a Medigap policy or non-Medicare drug plan. Requiring beneficiaries to pay up front premiums. SOURCE: Prescription Drug Benefit Manual, Chapter 9 – Part D Program to Control Fraud, Waste and Abuse

Laws, Statutes and Prohibitions

False Claims Act A person is in violation of the False Claims Act if they have: Purposefully supplied false information on an application for a Medicare benefit or payment or for use in determining the right to any such benefit or payment; Known about, but did not disclose, any event affecting the right to receive a benefit; Knowingly submitting a claim for a physician service that was not rendered by a physician or Supplied items or services and asked for, offered, or received a kickback, bribe or rebate. Under the 42 U.S.C section 1320a-7b(a), if an individual participates in an activity above, they will be found guilty of a felony and upon conviction shall be fined a maximum of $50,000 per violation or imprisoned for up to five years per violation or both. SOURCE: Chapter 6 Protecting the Medicare Trust Fund

Anti-Kickback Statute The Anti-Kickback Statute, 42 U.S.C. §1320a-7b(b), prohibits offering, soliciting, paying, or receiving remuneration for referrals for services that are paid in whole or in part by the Medicare Program. Remuneration is defined as the transfer of anything of value, directly or indirectly, overtly or covertly in cash or in kind. When this happens, both parties are held in criminal liability of the impermissible “kickback” transaction. SOURCE: Medicare Fraud & Abuse Resource Reference, January 2009; 42 U.S.C. 1320-7b(b).

Anti-Kickback Statute An arrangement will be deemed to not violate the Anti-Kickback Statute if it fully complies with the terms of a safe harbor issued by the Office of the Inspector General (OIG). Arrangements that do not fit within a safe harbor and thus do not qualify for automatic protection may or may not violate the Anti-Kickback Statute, depending on their facts. SOURCE: Medicare Fraud & Abuse Resource Reference, January 2009; 42 U.S.C. 1320-7b(b).

Whistle Blower Provision Under the Whistle Blower or qui tam provision of the False Claim Act, any individual who has knowledge of a false claim may file a civil suit on behalf of the U.S. Government and may share a percentage of the recovery realized from a successful action.

Physician Self-Referral “Stark” Prohibition The physician self-referral prohibition commonly known as the “stark law”, prohibits physicians from referring Medicare patients for certain designated health services (DHS) to an entity where the physician or member of the physician’s immediate family has a financial relationship. SOURCE: www.cms.hhs.gov/PhysicianSelfReferral; Medicare Fraud & Abuse Resource Reference, January 2009

Physician Self-Referral “Stark” Prohibition In 2003, Congress amended section 1877 by establishing an 18-month moratorium (in effect from 12/08/03 – 06/07/05) on physician referrals to certain specialty hospitals in which the referring physician has an ownership or investment interest. Under the moratorium, specialty hospitals cannot fill or submit claims to anyone for DHS furnished as a result of a referral that is prohibited under the moratorium.   On June 7, 2005, CMS instituted a temporary suspension on the processing of specialty hospital applications for participation in the Medicare program.  SOURCE: www.cms.hhs.gov/PhysicianSelfReferral; Medicare Fraud & Abuse Resource Reference, January 2009

Health Insurance Portability and Accountability Act (HIPAA) The Administrative Simplification provisions of the HIPAA of 1996 (HIPAA, Title II) required the Department of Health and Human Services (HHS) to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. It also addressed the security and privacy of health data. As the industry adopts these standards for the efficiency and effectiveness of the nation's health care system will improve the use of electronic data interchange. 

Legal Actions A provider, supplier or health care organization that has been convicted of fraud may receive a significant fine, prison sentence or be temporarily or permanently excluded form the Medicare program or other Federal health care programs, and in some states, lose their license. Failure to comply with fraud and abuse laws may result in: Investigations referred to the OIG Civil Monetary Penalties that can result in up to $10,000 per violation and exclusion from the Medicare program Denial or revocation of a Medicare Provider Number Suspension of payments SOURCE: Chapter 6 Protecting the Medicare Trust Fund

Compliance Programs

What is a Compliance program? A compliance program is a series of internal controls and measures that will ensure that the sponsor follows applicable laws and regulations that govern Federal programs, like Medicare.

Implementing a Compliance Program The adoption and implementation of a compliance program significantly reduces the risk of fraud, abuse and waste in the health care setting, while providing quality of services and care to patients.

Implementing a Compliance Program Organizations contracting directly or indirectly with the federal government are obligated to: report fraud, waste and abuse and demonstrate their commitment to eliminating fraud, waste and abuse and implement internal policies and procedures to identify and combat heal care fraud. SOURCE: National Healthcare Anti-Fraud Association (NHCAA)

Preventing Fraud CMS follows four parallel strategies to prevent fraud and abuse: Preventing fraud through effective enrollment and through education for physicians, providers, suppliers and beneficiaries. Early detection through Medical Review (MR) and data analysis. Close coordination with partners, including contractors, the MEDIC and law enforcement agencies Applying fair and firm enforcement policies. SOURCE: CMS Medicare Fraud and Abuse MLN Web Based Training

Implementing a Compliance Program The expectations for an organization’s compliance program includes: Written policies, procedures, standards of conduct and a plan to identify and respond to fraud, waste and abuse issues. Designation of a compliance officer and compliance committee. Effective training and education to all staff and new employees Effective lines of communication. Enforcement of standards through disciplinary guidelines. Internal monitoring and auditing procedures. Procedures to ensure prompt response and corrective action for detected offenses SOURCE: National Healthcare Anti-Fraud Association (NHCAA); Office of the Inspector General (OIG)

Reporting Fraud & Abuse

Our Position Empire believes the vast majority of providers and groups are honest and share our interest in deterring health insurance fraud. However, a relatively small group of people may take advantage of Empire and our policyholders. When someone takes advantage of Empire, that person also takes advantage of you. 

Special Investigations Unit (SIU) That's why Empire has a Special Investigations Unit (SIU) to detect, analyze, investigate and refer for prosecution any alleged fraudulent practices by providers, members, groups, brokers and Empire associates. MISSION "To protect the integrity of the healthcare system we serve through the detection and prosecution of those parties responsible for fraud against Empire and its affiliated companies." 

Where to Report Fraud Our Special Investigations Unit consists of investigators and auditors from Indiana, Kentucky, Ohio, Connecticut, Maine, New Hampshire and Colorado/Nevada. Our investigators have various backgrounds which includes law enforcement and claims administration.  Review and print the next slide for your local SIU phone number.

Reporting Fraud in the East Region California (888) 231-5044 Colorado (800) 377-2227 Connecticut (800) 258-3258 Georgia (800) 831-8998 Indiana (877) 283-1524 Kentucky (800) 866-1186 Maine (800) 285-7424 Missouri (888)451-1155 Nevada (800) 377-2227 New Hampshire (800) 203-3738 New York (800) ICFRAUD Ohio (800) 848-9276 Virginia (800) 368-3580 Wisconsin (800) 377-2227 ALL OTHER STATES National Blue Cross Blue Shield Anti-Fraud Hotline (877) 327-BLUE

Where Can You find More Information?

Where to Find More Information Resource Link Centers for Medicare and Medicaid Services (CMS) www.cms.hhs.gov Medicare Managed Care Manual and Medicare Prescription Drug Benefit Manual www.cms.hhs.gov/Manuals/IOM/ Chapter 6 – Protecting the Medicare Trust Fund www.cms.hhs.gov/MLNProducts/downloads/Chapter6.pdf Fraud & Abuse General Information www.cms.hhs.gov/MDFraudAbuseGenInfo Part D Prescription Drug Benefit Manual www.cms.hhs.gov/PrescriptionDrugCovContra/12_PartDManuals.asp#TopOfPage

Where to Find More Information Resource Link Compilation of the Social Security Laws www.ssa.gov/OP_Home/ssact/comp-ssa.htm Federal Register citations 42 CFR 422.50342, 422.50442, CFR 423.50442 and 423.505 www.cms.hhs.gov/quarterlyproviderupdates/downloads/cms4124fc.pdf Medicare Learning Network (MLN) www.cms.hhs.gov/MLNGenInfo/ Medicare Fraud and Abuse Brochure www.cms.hhs.gov/MLNProducts/downloads/081606_Medicare_Fraud_and_Abuse_brochure.pdf Health Insurance Portability and Accountability Act (HIPAA) http://www.cms.hhs.gov/EducationMaterials/02_HIPAAMaterials.asp#TopOfPage

Where to Find More Information Resource Link Office of Inspector General (OIG) www.oig.hhs.gov Reporting Fraud to the OIG www.oig.hhs.gov/fraud/hotline/ Physician Self Referral Law www.cms.hhs.gov/PhysicianSelfReferral Social Security Administration www.ssa.gov/oig/guidelin.htm Federal Bureau of Investigation http://www.fbi.gov/ Office of Inspector General Department of Health and Human Services http://oig.hhs.gov/

Where to Find More Information Resource Link Office of Inspector General Office of Personnel Management www.opm.gov/ Office of Inspector General U.S. Postal Service http://www.uspsoig.gov/ U.S. Postal Inspection Service http://www.usps.gov/postalinspectors Food and Drug Administration Department of Health and Human Services http://www.fda.gov/ Office of Inspector General Department of Labor http://www.dol.gov/ Other Partners National Health Care Anti-Fraud Association http://www.nhcaa.org

Where to Find More Information Resource Link Other Partners National Health Care Anti-Fraud Association http://www.nhcaa.org Coalition Against Insurance Fraud http://www.insurancefraud.org Association of Certified Fraud Examiners http://www.acfe.com/home.asp

Attestation Statement

Congratulations! This concludes the Fraud, Waste and Abuse and Compliance training requirement for calendar year 2009. We ask that an authorized representative attest to the completion of this or an internal FWA training. Failure to do so could result in the loss of the organization’s contract to provide Medicare Part C & D services. The attestation statement is critical for us to ensure that all of our first tier, downstream and delegated entities are taking an FWA training.

Training Documentation Please note that you must be able to submit records of training logs documenting employee participation in the training upon request. Review the example of a training log below. Employee Name – PRINT Employee Signature Name of Training (Anthem) Date of Training Manager’s Initials

Click Here for the Attestation By clicking on the link below and completing the required fields, you are certifying that you are the authorized representative of your organization having responsibility directly or indirectly for all employees, board members, officers, contracted personnel, contracted providers/practitioners, contractors, sub-contractors and vendors affiliated with your organization who have direct or indirect contact with the Medicare business, have completed a Medicare Fraud, Waste & Abuse General Training as mandated by the Centers for Medicare & Medicaid Services (42 CFR § 422.503(b)(4)(vi)(C), § 423.504(b)(4)(vi)(C)). IMPORTANT NOTICE: Without clicking on the link we will not be able to verify that your organization has completed the Fraud, Waste and Abuse training. LOGON: You will need to enter User ID: EmpireBCBS and Password: fwatrain Click Here for the Attestation

Services provided by Empire HealthChoice HMO, Inc Services provided by Empire HealthChoice HMO, Inc. and/or Empire HealthChoice Assurance, Inc., licensees of the Blue Cross and Blue Shield Association, an association of independent Blue Cross and Blue Shield plans. The Blue Cross and Blue Shield names and symbols are registered marks of the Blue Cross and Blue Shield Association.