Scott Rongo: Good morning, good afternoon, and good evening, and welcome to the Therapy Matters podcast, your one-stop resource for expert insights and advice on everything therapy and rehab. I’m your host, Scott Rango, and today I’m joined by Veda Collmer, healthcare attorney that specializes in compliance. Veda, thanks for joining the show today.
Veda Collmer: Thank you Scott for having me.
Scott Rongo: So Veda, in over two decades of being in healthcare technology, I’ve seen innovation drive so many efficiencies and value to constituents across the board. But due to the nature of healthcare, compliance is so important to protect not only the providers, staff, but also patients. Today, would love to kind of just jump in and get your perspective on the landscape and what our listeners should be aware of to be protective of themselves, just involved in everything healthcare.
Veda Collmer: Yes, thank you Scott. Before we get started, I do wanna mention the information that we’ll talk about today is for educational purposes. I am a licensed attorney, but I’m not offering any legal advice and we’re not forming an attorney-client relationship. So now that we’ve got the legal disclaimer out of the way, when I think about compliance and healthcare, this is always changing, but as of today’s podcast, the three big hot topics are billing, fraud, HIPAA regulatory compliance, particularly around patient right of access, timeliness, and then certified electronic health records. And when I say certified, certified by the Office of National Coordinator. So those are the three big topics.
Scott Rongo: Yeah. So maybe let’s start there with billing fraud. You see it in the news all the time, so from your perspective, what’s the biggest risk to provider?
Veda Collmer: So when it comes to billing, healthcare, billing in the United States is extremely complicated, and that is growing with every passing day. In 2015, ICD 9 became ICD 10, quadrupling the number of diagnostic codes that are available. Those codes are important and they change every year. And then you have your billing codes, the CPT codes or the other CPT equivalent codes for billing the services. And those codes have their own definitions, and you have to make sure that you’re always billing. the right code. If not, then you could be getting paid for services that you didn’t provide and that can cause a lot of problems with government payers and commercial payers. And on the other side of billing risk is just the mindset by the healthcare community, sometimes that it’s a victimless crime. You know, nobody’s hurt by not making sure that billing is accurate, and that nobody’s really watching, so it doesn’t matter. It can be an afterthought, you know, provide good clinical care, but let’s just kind of zip through our billing. It doesn’t matter if we’re doing it right. And that does get a lot of providers in trouble. So those are the biggest risks that I see.
Scott Rongo: Yeah, so it’s almost really a question of oftentimes, again, you see it in the news all the time. You see lawsuits across the board happening to not only larger groups, but small independent practices that are out there. And one begs the question, is it fraudulent? Or is it sloppy work that’s being done by the practices or by the staff of the providers.
Veda Collmer: And I agree with that. Sometimes fraudulent can have a mindset component. A healthcare provider is intending to get paid for not providing services, so that’s the extreme. And then there are providers that you’ll see in the Department of Justice press releases that they’ve rounded up a group of providers. They had a billing fraud scheme, they were not providing any services, or they were providing services by unlicensed providers, which is the equivalent of not providing service. And so the Department of Justice will investigate, step in, press charges, and those providers are going to prison most likely. But the other end of the spectrum is not having the mindset of wanting to commit fraud, not wanting to get paid for services that aren’t provided, but just a sloppy mentality that I call billing by feel. If it feels right, let’s bill it. But that’s not the way that you would want to provide clinical care. You would wanna make sure your clinical care was based on evidence, it was supported by strong quality evidence. That’s how you should also treat billing. The ICD 10 diagnostic codes have to be accurate, your billing codes have to be accurate, so sloppy billing practices can get you in trouble as well.
Scott Rongo: And the consequences can still be pretty hefty, even if it is innocent, but yet sloppy.
Veda Collmer: Correct. So when I talked about the providers that have the healthcare fraud scheme, you know, billing millions of dollars, couple hundred thousand dollars to a government payer for services that you didn’t provide, you probably do have prison in your future. But if you are not paying careful attention and you are just billing whatever you feel seems right or maybe somebody in your healthcare network had told you, oh, you should always just build this code for this service, then those are also practices that can get you in trouble. And while those don’t necessarily lead to possibly going to trial with the government and maybe facing imprisonment, they could lead to other very severe penalties. So some of those penalties could be, you have to pay that money back. Obviously if you get money, anyone that’s ever filed taxes knows the IRS can come back and recapture that money. That can happen in healthcare too. But then you have to pay that money back with penalties and sometimes those penalties can triple.
The other serious consequence of not billing correctly is that you can be excluded from participation in federal healthcare programs. And so referencing a big case that we all probably were aware of the Theranose case with Elizabeth Holmes. I don’t think a lot of providers realize she’s is going to prison, but she’s also excluded from participating in any government healthcare program for about a decade. And so that means you can’t bill Medicare, Medicaid, Tricare, the VA, and if you can’t bill the government programs, then you won’t also be able to bill the commercial payers. They will also take actions to exclude you from participating in their networks. And so then it’s down to cash pay only, and you do go on a website where patients can look you up and find out that you’re sanctioned.
Scott Rongo: You know it’s interesting, billing is complicated, right? I think the term you use is “you can’t do it by just a feel.” And so what advice would you give to groups that need to do their billing obviously to survive? But what are some things that they can do to avoid getting in trouble accidentally and not necessarily fraudulent?
Veda Collmer: So that’s a good question. There are several things that providers can do to lower their risk and to set up a good defense against for themselves in case they’re audited. And the first and foremost is recognizing that this is really complicated. And I don’t change my own oil, I don’t do my own taxes, I hire professionals. The same goes for billing, hiring a qualified billing company. Making sure that you really vet that billing company. You know, what are their credentials? Is this one person billing out of their house and if they go away, you have no more billing company and then you have to scramble. And if you’re audited, then you can’t provide any proof of good practice. Or is this a billing company that’s incorporated or registered as a legal entity in the estate. Has good insurance, has employees that are trained, they’re constantly keeping up to date on best practices. Just like our physical therapists, our speech therapists, our OTs are always going to continuing education. You want your billing company to be doing that as well because that means that they’re monitoring the changing landscape.
If you decide it is not industry practice in the rehabilitation-habilitation world to have certified coders perform the coding. So if you are a provider doing your own coding, which is perfectly acceptable, making sure that you are finding good resources to know if you’re billing the right diagnostic codes, like ICD10.com is a great website for diagnostic codes. Pick some codes that you use regularly and have a cheat sheet to make sure you’re constantly looking at those definitions. Same with the billing codes like the CPT codes and the equivalent billing codes is to make sure that you are billing correctly. And that means looking at the definition of that code, purchasing the AMA manuals for CPT codes and making sure that your documentation supports those code. And then when it comes to your billing company, developing that strong communication with them. Every really quality billing company understands all of those administrative requirements. Like do you need to have a KX modifier on these certain procedures or do you need to have your patient sign a Medicare advanced beneficiary notice. And if you can’t lean on your billing company to help you answer those complicated questions, then you don’t have the right billing company in place and it’s time to start researching a better one. So knowing your code, staying up as much as you can on those and then putting in place a really quality billing professional.
Scott Rongo: Yeah. And don’t forget, make sure you get somebody to change your oil, right?
Veda Collmer: Yes, yes.
Scott Rongo: Absolutely. So professionals doing your billing and your oil changes. So let’s shift gears a bit. You mentioned HIPAA, particularly the right to access, so in the HIPAA area, what’s the one biggest risk for the providers? Similar question on the previous topic. .
Veda Collmer: So when it comes to HIPAA, this changes often. Obviously all of the requirements remain in place, but the enforcement trends change and the Department of Health and Human Services has a special enforcement arm of HIPAA called the Office for Civil Rights, and they pick new trends based on the complaints that they get through their website. And over the past couple of years, they have very heavily started to target the patient’s right of access. Patients have a right to their medical records and that right has a 30 day time limit subject to very tiny exceptions. There are new rules that are coming down the pike by the government that are going to shorten that timeframe. You cannot put in place hurdles for your patient to get their records. If you can give it to them electronically, you should do so. You can’t charge excessive fees. And so providers are really getting big fines in this area and patients know that they have this right and they will easily make a complaint. So this is by far the biggest risk at this time period. And then if you say, I’m a cash pay provider, I don’t have to comply with HIPAA, there are still state privacy laws that are being implemented. I mean it’s incredible how many states are starting to adopt their own privacy regulations. So those laws also apply to a individual’s right, to access their information. So across the board, there is this mentality that people have a right to access their information and it should be in ways they need it.
Scott Rongo: For providers that don’t provide that access, don’t comply, are consequences. Are those outlined at this point in time or is it still gray?
Veda Collmer: So the HIPAA underlying regulations have very clear penalties and it can be up to 1.5 million for knowingly intentionally disregarding the rules. And the rules have been out there since before 2013, so a provider that doesn’t provide access to those records faces deep penalties. I think how a busy healthcare practice, how am I supposed to keep up on this? I mean, we get these requests constantly now. And I would say, kind of along the theme of getting a good billing provider, making sure that you have the technology in place to support you in providing those records.
Scott Rongo: Yeah, that makes total sense. And that was gonna be my next question, how do you avoid the risk? There’s constant requests coming into a practice probably on a daily, weekly basis. And you have to manage it, you don’t have much of a choice in the matter to prevent the risk. But I think perhaps as you alluded to, putting the right tools in place to help automate that, certainly will help out.
Veda Collmer: Yeah, exactly, making sure that you have electronic medical records software and that it has a patient portal, and then that’s the most secure way to provide those records. And then you don’t have to worry that you could have your patient submit their request to the portal and then you can provide that information as simply as possible. And probably free of charge to you in terms of not having to photocopy, or not running the risks that you accidentally provide somebody else’s records with those records, which just happens.
Scott Rongo: Yeah. Sending somebody’s phi to another patient wouldn’t be good. So in the time that we have left, perhaps let’s touch on the value of a certified product. You know, all EMRs are not created equal. And a good EMR has to do more with just creating documentation, right? I think sometimes it’s like, oh, system just documents and then sends a claim out and maybe schedules a patient. But can you give some perspective for our listeners, what the difference is? What would classify as a certified product? .
Veda Collmer: So before I answer that question, I’d like to step back and just take a quick, big picture view of where healthcare is going, where the Department of Health and Human Services, the federal level, wants to take healthcare. Because I think it helps us to think about these aren’t just compliance boxes we’re checking. There is a bigger vision here, and that’s that one day our government wants all of our records to be connected to big hubs. And for that data to flow easily so that if live in Arizona, but you go on vacation in Alaska and you get injured, the emergency room doctor has access to your records or you don’t have to go through the hurdles of gathering all your records if you find a new doctor. Your doctor can plug in and access those records and that data can start to be used in meaningful ways to improve the quality of our healthcare. And so the only way that you can connect all of these different healthcare systems is to make sure that they’re secure, that patient portals and messaging is secure. And that they all have the healthcare data in certain formats, and that’s the only way that you would be able to accomplish this objective.
So what had happened many years ago is that the Office of National Coordinator, which is a subdivision of the Department of Health, said we’re gonna certify records, we’re gonna start to put in rigorous standards in place to make sure they’re not healthcare record systems that somebody created in their home and then started selling that has tons of security holes and different types of database formats. And so now to be able to achieve that certification standard through the ONC is a high standard. It’s a high bar to overcome, but what it means is that that system can do so much. It can provide the data that is required by emerging regulations, it can hook up to these hubs, it’s secure. It has good security protocols in place. And so that’s above and beyond what you can buy just in the general marketplace for the therapy world. So that’s what it means to have a certification.
Scott Rongo: So Veda, would there really be a downside to using a certified product then, at this point?
Veda Collmer: Scott, I would say that the only downside right now is that there isn’t a lot of availability in terms of certified products that are geared towards the unique workflows of the therapy industry. However, we know the bigger vision and I talked about this bigger vision of creating these centralized systems and lots of data sharing and data use in different formats. And we also know that meaningful use physicians were required to use the certified health records just probably about a decade ago, and that that trend will start to spread quickly across to the other industries of healthcare. And so there will be a time in the near future where therapists will be expected to have adopted these type of certified products. .
Scott Rongo: Yeah, one could speculate that it’s not a matter of if, but when that this is gonna happen.
Veda Collmer: Exactly.
Scott Rongo: So Veda, I think we are just about out of time, but I feel like on all these topics, we could probably spend an entire podcast or maybe even two on each of them, depending on how deep we went. But if you could leave any one or two items for our listeners, what would they be?
Veda Collmer: I would say make sure that you are billing correctly and don’t do it alone. Find an expert. Use quality electronic health record products to support your practice, and that would include certified products that have really quality patient portal so that you can provide records and fulfill requests. So those are my big takeaways for today’s conversation.
Scott Rongo: Absolutely. Well Veda, it was such a pleasure to spend a little bit of time with you here today, and hopefully we can do it again in the future.
I’d like to thank our audience as well for tuning into Therapy Matters podcast, your one-stop resource for expert insights and advice on everything therapy and rehab. We look forward to seeing you on the next episode. Take care and have a great day!