AlphaCare’s Compliance Program is designed to:
- Reduce or eliminate fraud, waste, abuse;
- Ensure AlphaCare’s compliance with applicable regulations; and
- Reinforce AlphaCare’s commitment to zero-tolerance for unethical activities.
AlphaCare has a legal requirement to provide information and education to those individuals, entities, and businesses that we work with including providers. The New York State Department of Health ("DOH"), the Centers for Medicare and Medicaid Services ("CMS"), the New York Office of Medicaid Inspector General ("OMIG"), and other agencies provide guidance and regulatory oversight of our Compliance Program.
The information which follows:
- Demonstrates AlphaCare’s commitment to responsible corporate conduct;
- Sets forth the compliance requirements for First Tier, Downstream, and Related Entities ("FDRs") and Affiliates;
- Publicizes mechanisms for reporting fraud, waste, abuse and compliance issues;
- Communicates information about the AlphaCare Code of Conduct and the compliance policies in place to detect, prevent, correct, and monitor fraud, waste, abuse ("FWA");
- Defines and provides examples of FWA; and
- Provides information about relevant laws and regulations.
Additional information on the AlphaCare Compliance Program is available upon request by contacting us at ACcompliance@magellanhealth.com.
AlphaCare uses the CMS definitions to define FDRs:
First Tier Entity is any party that enters into a written arrangement, acceptable to CMS, with a Medicare Advantage Organization or Part D plan sponsor or applicant to provide administrative services or healthcare services to a Medicare eligible individual under the Medicare Advantage program or Part D program.
Downstream Entity is any party that enters into a written arrangement, acceptable to CMS, with persons or entities involved with the Medicare Advantage benefit or Part D benefit, below the level of the arrangement between a Medicare Advantage Organization or applicant or a Part D plan sponsor or applicant and a first tier entity. These written arrangements continue down to the level of the ultimate provider of both health and administrative services.
Related Entity means any entity that is related to a Medicare Advantage Organization or Part D sponsor by common ownership or control and: a) performs some of the Medicare Advantage Organization or Part D plan Sponsor’s management functions under contract or delegation; b) furnishes services to Medicare enrollees under an oral or written agreement; or c) leases real property or sells materials to the Medicare Advantage Organization or Part D plan Sponsor at a cost of more than $2,500 during a contract period.
Affiliate is a person, provider or entity who provides care, services or supplies under the Medicaid program, or a person who submits claims for care, services or supplies for or on behalf of another person or provider for which the Medicaid program is or should be reasonably expected by a provider to be a substantial portion of their business operations.
AlphaCare’s commitment to compliance includes ensuring that our FDRs and Affiliates are in compliance with applicable state and federal regulations. Because we are ultimately responsible for fulfilling Medicare and Medicaid program requirements, we require each FDR and Affiliate to comply with the compliance and FWA expectations below. Failure to meet the requirements may lead to a Corrective Action Plan, retraining, or the termination of a contract and relationship with AlphaCare. First Tier entities are responsible for ensuring that their downstream and related entities are in compliance with this policy and applicable Federal and State statutes and regulations.
Annual FDR and Affiliate Compliance Attestation
An authorized representative from each FDR and Affiliate is required to complete the AlphaCare Compliance Attestation (on behalf of his or her organization) upon contract and on an annual basis to attest to compliance with the standards of conduct, compliance policies, fraud waste and abuse training, OIG and GSA exclusion screening, and publication of FWA and compliance reporting mechanisms requirements. AlphaCare will send a notification to each FDR and Affiliate to communicate the deadline for completion of the annual Attestation. All FDRs and Affiliates must complete Attestations within the designated timeframe.
Standards of Conduct and Compliance Information
AlphaCare requires each FDR and Affiliate to establish and sustain a culture of compliance. AlphaCare FDRs and Affiliates must either: a) establish and publicize Standards of Conduct that meet CMS requirements set forth in 42 CFR § 422.503(b)(4)(vi)(A) and 2 CFR § 423.504(b)(4)(vi)(A) and reflect a commitment to preventing, detecting, and correcting non-compliance; or b) adopt and distribute to all employees and contractors. In addition to the Standards of Conduct, each FDR and Affiliate must distribute compliance information to all employees and contractors upon hire/contract and annually thereafter. FDRs and Affiliates must maintain records (i.e., attestations, logs, etc.) to document that each employee and contractor has received, read, understood, and will comply with the written standards of conduct and compliance policies upon hire/contract and annually thereafter.
Fraud, Waste and Abuse Training
FDRs and Affiliates are required to complete Fraud, Waste and Abuse training within 90 days of contract/hire and annually thereafter. The training requirement extends to all employees and contractors. Each FDR and Affiliate will be required to attest that all employees and contractors have satisfied the FWA training via one of the options listed below:
- CMS Fraud Waste and Abuse training;
- Another FWA Training which meets CMS requirements outlined in 42 CFR § 422.503(b)(4)(vi)(C) and 42 CFR § 423.504(b)(4)(vi)(C);
- CMS Deemed FWA Training through enrollment into Parts A or B of the Medicare program or accreditation Durable Medical Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS).
Each FDR and Affiliate is responsible for maintaining evidence of FWA training, which may include training logs, attestations and training programs.
OIG and GSA Exclusion Screening
Federal law prohibits the payment by Medicare, Medicaid or any other federal healthcare program for any item or service furnished by a person or entity excluded from participation in these federal programs. Therefore, prior to hire and/or contract and monthly thereafter, each FDR and Affiliate must perform a check to confirm that employees and contractors are not are excluded to participate in Federally-funded healthcare programs according to the OIG and GSA exclusion lists.
The websites below should be utilized to perform the required screening:
- OIG List of Excluded Individuals/Entities (LEIE)
- General Services Administration (GSA) database of excluded individuals/entities
If an employee or contractor is on an exclusion list he or she must be removed from any work related directly or indirectly to federal healthcare programs and appropriate corrective action must be taken.
Reporting FWA and Compliance Issues
Everyone is required to report suspected instances of FWA. FDRs and Affiliates may confidentially report a potential violation of our compliance policies or any applicable regulation by emailing ACcompliance@magellanhealth.com or calling 888-770-7814.
The AlphaCare Code of Conduct (available at the end of this presentation) provides guidance to FDRs and Affiliates regarding the ethical and legal standards of our Compliance Program. We expect that every FDR and Affiliate respect these principles and conduct business with AlphaCare in accordance with them. Failure to follow the Code of Conduct may lead to termination of a contract and relationship with AlphaCare.
AlphaCare's Commitment to Compliance
AlphaCare has protocols in place to detect, correct, prevent, and monitor issues of non-compliance.
Monitoring and Auditing
AlphaCare routinely monitors and periodically audits first tier entities to ensure compliant administration of the Medicare and Medicaid contracts as well as applicable laws and regulations. Each first tier entity is required to cooperate and participate in the monitoring and auditing activities. In addition, first tier entities are expected to routinely monitor and periodically audit their downstream entities. All monitoring and auditing activities must be documented and retained for a ten (10) year period. AlphaCare may require evidence of monitoring and auditing for future oversight and/or auditing purposes.
It is AlphaCare’s policy to thoroughly and objectively investigate any specific allegation of misconduct, fraud or abuse involving AlphaCare employees, accounts or operations. AlphaCare will conduct all investigations in a manner that protects the rights of those who may be the subject of allegations of rongdoing as well as those who, in good faith, make such allegations. AlphaCare requires the cooperation of FDRs and Affiliates during any investigations that may involve their organization or individuals associated with their organization. AlphaCare is required to refer potential fraud or misconduct to regulatory agencies.
AlphaCare is committed to a culture that promotes the prevention, detection, investigation and remediation of violations of the AlphaCare Code of Conduct, as well as all applicable laws. To support this, AlphaCare has established a strict non-retaliation policy to protect employees, FDRs and Affiliates who in good faith report known or suspected issues. Each FDR and Affiliate must adopt a policy of non-retaliation and publicize the policy to all employees and contractors.
Definitions of FWA are below:
Fraud – An intentional deception or misrepresentation made by a person with the knowledge that the deception could result in some unauthorized benefit to him/herself or other person.
Waste – The extravagant, careless, or needless expenditure of funds resulting from deficient practices, systems, controls, or decisions.
Abuse – Practices that are inconsistent with sound fiscal, business, or medical practices, and result in an unnecessary cost, or in reimbursement for services that are not medically necessary or that fail to meet professionally recognized standards of care. It includes enrollee practices that result in unnecessary cost.
Common methods of FWA include:
- Fabrication/falsification of claims;
- Duplicate claim submissions; and
- Fictitious providers/members.
Do not be concerned about whether it is fraud, waste, or abuse. Just report any concerns to your compliance department or your sponsor’s compliance department. Your sponsor’s compliance department area will investigate and make the proper determination.
Deficit Reduction Act
Requires any organization that receives $5 million or more in Federal Medicaid funds annually (including payments from managed care companies such as AlphaCare) to adopt a compliance program in accordance with Federal law and to inform its employees and any contractor or agent of the terms of the False Claims Act.
False Claims Act
- Presenting a false claim for payment or approval;
- Making or using a false record or statement in support of a false claim;
- Conspiring to violate the False Claims Act;
- Falsely certifying the type/amount of property to be used;
- Certifying receipt of property without knowing if it’s true;
- Buying property from an unauthorized officer; and
- Knowingly concealing or knowingly and improperly avoiding or decreasing an obligation to pay.
The False Claims Act allows everyday people to bring suits against organizations or individuals who are defrauding the government. If the government moves forward with a case, the individual who brings the suit is generally entitled to receive a percentage of any recovered funds once a decision has been made. Federal statutes and related State and Federal laws shield employees from retaliation for reporting illegal acts of employers. An employer cannot retaliate in any way, such as discharging, demoting, suspending or harassing the whistleblower.
Prohibits a physician from making a referral for certain designated health services to an entity in which the physician (or a member of his or her family) has an ownership/investment interest or with which he or she has a compensation arrangement (exceptions apply).
Prohibits knowingly and willfully soliciting, receiving, offering or paying remuneration (including any kickback, bribe, or rebate) for referrals for services that are paid in whole or in part under a federal health care program.
Health Insurance Portability and Accountability Act (“HIPAA”)
The HIPAA Privacy rule requires providers to take reasonable steps to protect and safeguard the Protected Health Information (“PHI”) of members/patients. A member’s PHI is subject to the protections established by the Privacy Rule and under the contractual relationship between AlphaCare and the member, and between AlphaCare and the provider or FDR. PHI includes information regarding enrollment with AlphaCare, medical records, claims submitted for payment, etc. Such PHI must be safeguarded and held in strict confidence, so as to comply with applicable privacy provisions of State and Federal laws. Ways in which a provider can protect member/patient PHI include:
- Ensuring that only authorized provider office employees have access to member/patient charts;
- Including limited information on member/patient sign-in sheets; and
- Restricting nonemployees from being in areas of the office that contain member/patient records.
The HIPAA Security Rule requires covered entities to adopt national standards for safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (e-PHI) that is collected, maintained, used or transmitted by a covered entity. As a covered entity, you must ensure that you have the appropriate administrative, technical, and physical safeguards in place to protect the data that is being electronically accessed by our workforce. You must:
- Ensure the integrity and confidentiality of the information; and
- Protect against any reasonably anticipated threats or hazards to the security or integrity of the information and unauthorized uses or disclosures of the information.
This can be accomplished by establishing appropriate policies and procedures that outline your compliance with the Rule and your expectations of your workforce in complying with the Rule.
The Deficit Reduction Act of 2005 (DRA) requires all entities that receive $5 million or more in annual Medicaid payments to establish specific written policies.
Deficit Reduction Act of 2005
Section 6032 of the Deficit Reduction Act of 2005 (DRA), effective January 1, 2007, requires all entities that receive $5 million or more in annual Medicaid payments to establish written policies that provide detailed information about the Federal False Claims Act, the administrative remedies for false claims and statements, applicable state laws that provide civil or criminal penalties for making false claims and statements, the “whistleblower” protections afforded under such laws and the role of such laws in preventing and detecting fraud, waste and abuse in federal health care programs. Entities shall establish these written policies for all employees (including management), and for any contractor or agent of the entity.
According to CMS, “an entity includes organizational units (a governmental agency, organization, unit, corporation, partnership, or other business arrangement) and individuals, as long as the organizational unit or individual receives or makes payments totaling at least $5 million annually under a Title XIX State Plan, State Plan waiver, or Title XIX demonstration. It is the responsibility of each entity to establish and disseminate written policies which must also be adopted by its contractors or agents. Written policies may be on paper or in electronic form, but must be readily available to all employees, contractors, or agents. For purposes of determining whether an individual or organization must comply with section 6032 as an entity or as a contractor:
a) if a provider is directly paid $5 million in a Federal fiscal year from the State Medicaid Agency, the provider would qualify as an entity, and must comply as such, regardless of whether the provider also contracts with a Medicaid Managed Care Organization (MCO); or
b) if a provider contracts with a Medicaid MCO that has met the $5 million threshold, but the provider itself receives less than $5 million annually directly from the State Medicaid Agency, then the provider must comply as a contractor of the Medicaid MCO, regardless of the amount it is paid by the Medicaid MCO for Medicaid patients.”
When Magellan is considered the entity under the DRA, Magellan is required to establish and to disseminate these policies to its employees, contractors, agents or other persons who furnish, or otherwise authorize the furnishing of, health care items or services; perform billing or coding functions; or are involved in the monitoring of health care services provided by Magellan. According to CMS, “for purposes of section 6032 compliance, an entity’s contractors and agents, including independent contractors, must abide by the entity’s policies to the extent applicable.”
Failure to comply may disqualify contractors, agents or other persons from receiving reimbursement for the period of non-compliance. Knowing non-compliance may violate the Federal False Claims Act as well as disqualify contractors from participation in federal health care programs.
Magellan's Compliance Activities
Magellan is committed to its role in preventing and detecting health care fraud, waste and abuse and complying with applicable federal and state laws. As a part of this effort, Magellan has a comprehensive compliance program to ensure compliance with the DRA including the following:
- A Medicaid Compliance Program policy that outlines Magellan's comprehensive compliance program for the detection and prevention of fraud, waste and abuse in the Medicaid program. To review the policy, please select the following link: Medicaid Compliance Program policy.
- A False Claims and Whistleblower Protection policy that includes a summary of the Federal False Claims Act, federal whistleblower protections and the federal administrative remedies for Federal False Claims. To review the policy, please select the following link: False Claims and Whistleblower Protection policy.
- A Code of Conduct that includes information on Magellan's Compliance program. All Magellan employees must complete an annual training on Magellan's Code of Conduct. This training includes information on the Federal False Claims Act, applicable state false claims laws including civil or criminal penalties for making false claims and statements, the "whistleblower" protections afforded under such laws and the role of such laws in preventing and detecting fraud, waste and abuse. To review the Code of Conduct, please select the following link: Code of Conduct.
- A summary of the State False Claims Laws that identify state civil and criminal penalties for false claims and statements along with the whistleblower protections afforded under such laws. To review the summary, please select the following link: State False Claims Laws.
Copies of our False Claims and Whistleblower Protection policy, Medicaid Compliance Program policy, State False Claims Laws summary and Code of Conduct are also available upon request by contacting the Compliance Hotline at (800) 915-2108 or e-mailing us at firstname.lastname@example.org.
Additional information about the education requirement (Section 6032) of the Deficit Reduction Act of 2005 is available online at the Centers for Medicare and Medicaid Services (CMS) web site. We provided a few links below.
- CMS - Final Guidance Regarding Employee Education for False Claims Recovery (03/22/2007):
- CMS - Employee Education About False Claims Recovery (12/13/2006):