Bill Text: FL S1764 | 2017 | Regular Session | Introduced
Bill Title: Medicaid Compliance
Spectrum: Partisan Bill (Republican 1-0)
Status: (Failed) 2017-05-05 - Died in Health Policy [S1764 Detail]
Download: Florida-2017-S1764-Introduced.html
Florida Senate - 2017 SB 1764 By Senator Perry 8-01335A-17 20171764__ 1 A bill to be entitled 2 An act relating to Medicaid compliance; amending s. 3 395.003, F.S.; requiring that certain hospitals comply 4 with provisions relating to the establishment of a 5 Medicaid compliance office and procedures as a 6 condition of licensure; amending s. 409.913, F.S.; 7 defining the term “covered person”; requiring that 8 certain hospitals establish a Medicaid compliance 9 office; requiring that the hospitals appoint a 10 compliance officer and committee; providing 11 responsibilities for such compliance officer and 12 committee; requiring the hospitals to develop a code 13 of conduct, policies and procedures, a risk assessment 14 and internal review process, a training plan, and 15 other specified procedures; providing requirements for 16 such code of conduct, policies and procedures, risk 17 assessment and internal review process, training plan, 18 and other specified procedures; requiring a hospital 19 to notify the inspector general of the Agency for 20 Health Care Administration of certain reportable 21 events; providing requirements for such notifications; 22 establishing a daily fine for failing to notify the 23 inspector general of a reportable event; requiring 24 that each hospital submit an annual report to the 25 agency by a specified date; providing requirements for 26 such report; providing definitions; providing an 27 effective date. 28 29 Be It Enacted by the Legislature of the State of Florida: 30 31 Section 1. Subsection (11) is added to section 395.003, 32 Florida Statutes, to read: 33 395.003 Licensure; denial, suspension, and revocation.— 34 (11) A hospital that is subject to s. 409.913(39) must 35 comply with the requirements in that subsection as a condition 36 of licensure. 37 Section 2. Subsection (39) is added to section 409.913, 38 Florida Statutes, to read: 39 409.913 Oversight of the integrity of the Medicaid 40 program.—The agency shall operate a program to oversee the 41 activities of Florida Medicaid recipients, and providers and 42 their representatives, to ensure that fraudulent and abusive 43 behavior and neglect of recipients occur to the minimum extent 44 possible, and to recover overpayments and impose sanctions as 45 appropriate. Beginning January 1, 2003, and each year 46 thereafter, the agency and the Medicaid Fraud Control Unit of 47 the Department of Legal Affairs shall submit a joint report to 48 the Legislature documenting the effectiveness of the state’s 49 efforts to control Medicaid fraud and abuse and to recover 50 Medicaid overpayments during the previous fiscal year. The 51 report must describe the number of cases opened and investigated 52 each year; the sources of the cases opened; the disposition of 53 the cases closed each year; the amount of overpayments alleged 54 in preliminary and final audit letters; the number and amount of 55 fines or penalties imposed; any reductions in overpayment 56 amounts negotiated in settlement agreements or by other means; 57 the amount of final agency determinations of overpayments; the 58 amount deducted from federal claiming as a result of 59 overpayments; the amount of overpayments recovered each year; 60 the amount of cost of investigation recovered each year; the 61 average length of time to collect from the time the case was 62 opened until the overpayment is paid in full; the amount 63 determined as uncollectible and the portion of the uncollectible 64 amount subsequently reclaimed from the Federal Government; the 65 number of providers, by type, that are terminated from 66 participation in the Medicaid program as a result of fraud and 67 abuse; and all costs associated with discovering and prosecuting 68 cases of Medicaid overpayments and making recoveries in such 69 cases. The report must also document actions taken to prevent 70 overpayments and the number of providers prevented from 71 enrolling in or reenrolling in the Medicaid program as a result 72 of documented Medicaid fraud and abuse and must include policy 73 recommendations necessary to prevent or recover overpayments and 74 changes necessary to prevent and detect Medicaid fraud. All 75 policy recommendations in the report must include a detailed 76 fiscal analysis, including, but not limited to, implementation 77 costs, estimated savings to the Medicaid program, and the return 78 on investment. The agency must submit the policy recommendations 79 and fiscal analyses in the report to the appropriate estimating 80 conference, pursuant to s. 216.137, by February 15 of each year. 81 The agency and the Medicaid Fraud Control Unit of the Department 82 of Legal Affairs each must include detailed unit-specific 83 performance standards, benchmarks, and metrics in the report, 84 including projected cost savings to the state Medicaid program 85 during the following fiscal year. 86 (39)(a) For purposes of this subsection, the term “covered 87 person” means: 88 1. An owner, officer, director, commissioner, or employee 89 of the hospital; 90 2. A contractor, subcontractor, agent, or other person who 91 provides patient care items or services or who performs billing 92 or coding functions on behalf of the hospital, excluding a 93 vendor whose only connection with the hospital is selling or 94 otherwise providing medical supplies or equipment and who does 95 not bill any federal health care program for such medical 96 supplies or equipment; or 97 3. Physician or nonphysician personnel who are members of 98 the hospital’s active medical staff. 99 (b) Each hospital licensed under chapter 395 that annually 100 accepts state or federal funds in the amount of $10 million or 101 more to provide services to Medicaid recipients shall establish 102 an office of Medicaid compliance within the hospital. The 103 hospital shall appoint a compliance officer who is a member of 104 senior management of the hospital and who shall report directly 105 to the chief executive officer or president of the hospital. The 106 compliance officer shall: 107 1. Develop and implement policies, procedures, and 108 practices designed to ensure compliance with all state and 109 federal health care program requirements. 110 2. At least quarterly, submit a report regarding compliance 111 matters directly to the chief executive officer or president of 112 the hospital. 113 3. Monitor the day-to-day compliance activities of the 114 hospital and analyze the hospital’s risk areas for 115 noncompliance. 116 4. Report any suspected or substantiated violations of the 117 hospital’s code of conduct or policies and procedures to the 118 chief executive officer or president of the hospital and to the 119 agency. 120 (c) Each hospital shall appoint a compliance committee that 121 must include, at a minimum, a compliance officer and other 122 members of senior management. The compliance officer shall serve 123 as chair of the compliance committee. The compliance committee 124 shall assist the compliance officer in fulfilling his or her 125 responsibilities as provided in paragraph (b). 126 (d)1. Each hospital shall develop, implement, and annually 127 distribute a written code of conduct to each covered person. The 128 code of conduct must, at a minimum, address the hospital’s: 129 a. Commitment to fully comply with all state and federal 130 health care program requirements. 131 b. Requirement that each covered person is expected to 132 comply with all state and federal health care program 133 requirements and with the hospital’s policies and procedures. 134 c. Requirement that each covered person is expected to 135 report to the compliance officer suspected violations of any 136 state and federal health care program requirements or the 137 hospital’s policies and procedures. 138 d. Commitment to not retaliate against a covered person who 139 reports a suspected violation as provided in sub-subparagraph c. 140 and to maintain, as appropriate, the confidentiality and 141 anonymity of such reports. 142 2. Each hospital shall evaluate the performance of its 143 employees based on their compliance with the code of conduct. At 144 least annually, the hospital shall review the code of conduct 145 and make any necessary revisions. 146 (e)1. Each hospital shall develop and implement written 147 policies and procedures regarding the operation of its 148 compliance office and program. The policies and procedures must 149 address the criminal penalties for violations under Title XI of 150 the Social Security Act, 42 U.S.C. ss. 1320a-7b(b) and 1395nn, 151 including implementing regulations and other federal guidance; 152 the types of business or financial arrangements that violate 153 such federal laws and regulations; and the penalties associated 154 with violations of state anti-rebating and anti-kickback laws 155 applicable to hospitals and health care providers. 156 2. The hospital shall distribute the policies and 157 procedures to each covered person. The hospital shall enforce 158 and comply with its policies and procedures and shall evaluate 159 the performance of its employees based on their compliance with 160 the policies and procedures. At least annually, the hospital 161 shall assess and update the policies and procedures as 162 necessary. 163 3. Within 90 days after implementing the policies and 164 procedures required under this paragraph, each hospital subject 165 to this subsection shall develop and implement a centralized 166 annual risk assessment and internal review process to identify 167 and address risks associated with arrangements as defined in 168 paragraph (f). The risk assessment and internal review process 169 shall be evaluated and updated annually, if necessary, and must 170 include procedures for: 171 a. Identifying and prioritizing risks; 172 b. Developing and implementing remediation plans in 173 response to such risks, including internal auditing and 174 monitoring of the identified risk areas; and 175 c. Tracking results to assess the effectiveness of the 176 remediation plans. 177 (f)1. Each hospital shall develop a written training plan 178 that ensures: 179 a. A covered person, except an individual employed only in 180 food service, maintenance, or housekeeping, receives adequate 181 training regarding the hospital’s code of conduct and policies 182 and procedures. 183 b. A covered person receives adequate training regarding 184 business or financial arrangements that may violate Title XI of 185 the Social Security Act, 42 U.S.C. ss. 1320a-7b(b) and 1395nn, 186 including implementing regulations and other federal guidance; 187 the hospital’s policies and procedures governing such 188 arrangements; the hospital’s internal review and approval 189 processes for such arrangements; the hospital’s tracking of 190 remuneration to and from sources of health care business or 191 referrals; and the penalties associated with violations of state 192 anti-rebating and anti-kickback laws applicable to hospitals and 193 health care providers. 194 c. Each individual involved in the development, approval, 195 management, or review of the hospital’s arrangements understands 196 his or her personal obligation to know the applicable legal 197 requirements and the hospital’s code of conduct and policies and 198 procedures. 199 d. A covered person understands the criminal penalties and 200 sanctions imposed under Title XI of the Social Security Act, 42 201 U.S.C. ss. 1320a-7b(b) and 1395nn, and has been provided 202 examples of violations under such federal laws and related 203 regulations. 204 2. The training plan must include information regarding the 205 topics to be addressed, the identification of covered persons 206 required to attend each training session, the length of the 207 training, the schedule for training, and the format of the 208 training. 209 3. For purposes of this paragraph, the term “arrangements” 210 means any contract, transaction, or agreement that: 211 a. Involves, directly or indirectly, the offer, payment, 212 solicitation, or receipt of anything of value; 213 b. Is between the hospital and any actual or potential 214 source of health care business or referrals, or any actual or 215 potential recipient of health care business or referrals from 216 the hospital; or 217 c. Is between the hospital and a physician or a physician’s 218 immediate family member who makes a referral to the hospital for 219 health services. 220 (g)1. For purposes of this paragraph, the term “focus 221 arrangement” means each arrangement, as defined in paragraph 222 (f), that is between a hospital subject to this subsection and: 223 a. Any actual source of health care business or referrals 224 to the hospital and involves, directly or indirectly, the offer, 225 payment, or provision of anything of value; or 226 b. Any physician or a physician’s immediate family member, 227 as defined in 42 C.F.R. s. 411.351, who makes a referral, as 228 defined at 42 U.S.C. s. 1395nn(h)(5), to the hospital for 229 designated health services, as defined in 42 U.S.C. s. 230 1395nn(h)(6). 231 2. Each hospital subject to this subsection shall create 232 procedures reasonably designed to ensure that each existing and 233 new or renewed focus arrangement does not violate Title XI of 234 the Social Security Act, 42 U.S.C. ss. 1320a-7b(b) and 1395nn, 235 or the federal regulations, directives, and guidance related to 236 those statutes. The procedures must include the following: 237 a. Creating and maintaining a centralized tracking system 238 for all existing and new or renewed focus arrangements; 239 b. Tracking remuneration to and from all parties to focus 240 arrangements; 241 c. Tracking service and activity logs to ensure that 242 parties to the focus arrangement are performing the services 243 required under the applicable focus arrangement, if applicable; 244 d. Monitoring the use of leased space, medical supplies, 245 medical devices, equipment, or other patient care items to 246 ensure that such use is consistent with the terms of the 247 applicable focus arrangement, if applicable; 248 e. Establishing and implementing a written review and 249 approval process for all focus arrangements to ensure that all 250 existing and new or renewed focus arrangements do not violate 251 Title XI of the Social Security Act, 42 U.S.C. ss. 1320a-7b(b) 252 and 1395nn, which must, at a minimum, include: 253 (I) A legal review of all focus arrangements; 254 (II) A process for specifying the business need or business 255 rationale for all focus arrangements; and 256 (III) A process for determining and documenting the fair 257 market value of the remuneration specified in the focus 258 arrangement; 259 f. Requiring the compliance officer to, at least annually, 260 review the focus arrangements tracking system, internal review 261 and approval process, and other focus arrangement procedures and 262 to provide a report on the results of such review to the 263 compliance committee; and 264 g. Implementing effective responses when suspected 265 violations of Title XI of the Social Security Act, 42 U.S.C. ss. 266 1320a-7b(b) and 1395nn are discovered, including disclosing 267 reportable events pursuant to paragraph (h). 268 (h)1. For purposes of this paragraph, the term “reportable 269 event” means: 270 a. A substantial overpayment for inpatient or outpatient 271 Medicare services, Medicaid managed care services, or any other 272 state or federal health care program service; 273 b. A matter that a reasonable person would consider a 274 probable violation of criminal, civil, or administrative laws 275 applicable to any state or federal health care program for which 276 penalties or exclusions may be authorized; 277 c. The employment of or contracting with a covered person 278 who is an “ineligible person,” which means an individual or 279 entity who: 280 (I) Is currently excluded, debarred, suspended, or 281 otherwise ineligible to participate in federal health care 282 programs or in federal procurement or non-procurement programs; 283 or 284 (II) Has been convicted of a criminal offense pursuant to 285 42 U.S.C. s. 1320a-7(a), but has not yet been excluded, 286 debarred, suspended, or otherwise declared ineligible; and 287 d. The filing of a bankruptcy petition by the hospital. 288 2. If a hospital subject to this subsection determines, 289 after a reasonable opportunity to conduct an appropriate review 290 or investigation of the allegations, that a reportable event has 291 occurred or is occurring, the hospital shall notify the agency’s 292 inspector general within 30 days after making such 293 determination. 294 3. When notifying the agency’s inspector general of a 295 reportable event, the hospital shall include a complete 296 description of all details relevant to the reportable event, 297 including the types of claims, transactions, or other conduct 298 giving rise to the reportable event; the period during which the 299 conduct occurred; the names of entities and individuals believed 300 to be implicated, including an explanation of their roles in the 301 reportable event; and any additional information necessary for 302 the agency’s inspector general to investigate the reportable 303 event. 304 4. The agency’s inspector general shall, after 305 investigating the reportable event and concluding that it is a 306 violation of federal law governing a state or federal health 307 care program, report all relevant details regarding the 308 reportable event to the appropriate federal agency for further 309 investigation. 310 5. In addition to any actions that may be taken against a 311 license under s. 395.003, a hospital that fails to notify the 312 agency’s inspector general of a reportable event within the 313 timeframe required in subparagraph 2. shall be fined $1,000 each 314 day per reportable event until the agency’s inspector general is 315 notified. 316 (i) By January 1, 2019, and each year thereafter, a 317 hospital that is subject to this subsection shall submit to the 318 agency a report detailing the hospital’s compliance activities 319 during the preceding year. Each report must include, at a 320 minimum: 321 1. Any change in the identity, position description, or 322 other noncompliance job responsibilities of the compliance 323 officer. 324 2. Any change in the membership of the compliance 325 committee. 326 3. The dates of each report made by the compliance officer 327 to the chief executive officer or president of the hospital. 328 4. A summary of any change or amendment to the hospital’s 329 code of conduct or policies and procedures as required in 330 paragraphs (d) and (e). 331 5. A copy of the hospital’s training plan developed 332 pursuant to paragraph (f) and for each type of training required 333 by the training plan, a description of the training, including a 334 summary of the topics to be addressed; the length of sessions; a 335 schedule of training sessions; a general description of the 336 categories of individuals required to complete the training; and 337 the process by which the hospital ensures that each covered 338 person receives the required training. 339 6. All reports of suspected or substantiated violations of 340 the hospital’s code of conduct or policies and procedures 341 reported to the chief executive officer or president of the 342 hospital and the agency. 343 7. Details regarding the hospital’s risk assessment and 344 internal review process required in paragraph (e). 345 8. Details of all reportable events as defined in paragraph 346 (h), when the agency’s inspector general was notified of each 347 reportable event, and the status of the state investigation of 348 each reportable event, and, if applicable, the status of the 349 federal investigation of each reportable event. 350 Section 3. This act shall take effect July 1, 2017.