INTRODUCTION

The Medicare Parts C and D General Compliance Training course is brought to you by the Medicare Learning Network®, a registered trademark of the U.S. Department of Health & Human Services (HHS)

Medicare Parts C and D General Compliance Training Medicare Learning Network®

This eLearning Portal Module has taken all necessary and required content from the CMS Web-Based Training (WBT) course and was current at the time it was published or uploaded onto the web. Medicare policy changes frequently so links to the source documents have been provided within the WBT for your reference.

This WBT course was prepared as a service to the public and is not intended to grant rights or impose obligations. This WBT may contain references or links to statutes, regulations, or other policy materials. The information provided is only intended to be a general summary. It is not intended to take the place of either the written law or regulations. We encourage readers to review the specific statutes, regulations, and other interpretive materials for a full and accurate statement of their contents.

Completing this training module satisfies the Medicare Parts C and D plan Sponsors annual general compliance training requirements in the regulations and sub-regulatory guidance at:

• 42 Code of Federal Regulations (CFR) Section 422.503(b)(4)(vi);

• 42 CFR Section 423.504(b)(4)(vi);

• Section 50.3 of the Compliance Program Guidelines (Chapter 9 of the “Medicare Prescription Drug Benefit Manual” and Chapter 21 of the “Medicare Managed Care Manual”); and

• June 17, 2015, Health Plan Management System (HPMS) memo: Update – Reducing the Burden of the Compliance Program Training Requirements. (Keep up-to-date with the most recent memos on the CMS Compliance Program Policy and Guidance website.)

 

Course Content

This WBT course consists of general compliance program training, a post-assessment, and a course evaluation.

Anyone who provides health or administrative services to Medicare enrollees must satisfy general compliance and FWA training requirements. You must use this WBT course to satisfy general compliance training requirements.

Successfully completing the course requires completing the entire lesson and passing the Post-Assessment. After successfully completing the Post-Assessment, you’ll get instructions to print your certificate.

 

Course Objectives

When you complete this course, you should be able to correctly:

• Recognize how a compliance program operates; and

• Recognize how compliance program violations should be reported.

 

LESSON: COMPLIANCE PROGRAM TRAINING

Introduction and Learning Objectives

This lesson outlines effective compliance programs. It should take about 15 minutes to complete. Upon completing the lesson, you should be able to correctly:

• Recognize how a compliance program operates; and

• Recognize how compliance program violations should be reported.

 

Compliance Program Requirement

The Centers for Medicare & Medicaid Services (CMS) requires Sponsors to implement and maintain an effective compliance program for its Medicare Parts C and D plans. An effective compliance program should:

• Articulate and demonstrate an organization’s commitment to legal and ethical conduct;

• Provide guidance on how to handle compliance questions and concerns; and

• Provide guidance on how to identify and report compliance violations

 

What Is an Effective Compliance Program?

An effective compliance program fosters a culture of compliance within an organization and, at a minimum:

• Prevents, detects, and corrects non-compliance;

• Is fully implemented and is tailored to an organization’s unique operations and circumstances;

• Has adequate resources;

• Promotes the organization’s Standards of Conduct; and

• Establishes clear lines of communication for reporting non-compliance.

 

An effective compliance program is essential to prevent, detect, and correct Medicare non-compliance as well as Fraud, Waste, and Abuse (FWA). It must, at a minimum, include the seven core compliance program requirements.

 

For more information, refer to:

• 42 Code of Federal Regulations (CFR) Section 422.503(b)(4)(vi) on the Internet;

• 42 CFR Section 423.504(b)(4)(vi) on the Internet;

• “Medicare Managed Care Manual,” Chapter 21 on the CMS website; and

• “Medicare Prescription Drug Benefit Manual,” Chapter 9 on the CMS website.

 

Seven Core Compliance Program Requirements

CMS requires that an effective compliance program must include seven core requirements:

1. Written Policies, Procedures, and Standards of Conduct These articulate the Sponsor’s commitment to comply with all applicable Federal and State standards and describe compliance expectations according to the Standards of Conduct.

2. Compliance Officer, Compliance Committee, and High-Level Oversight The Sponsor must designate a compliance officer and a compliance committee that will be accountable and responsible for the activities and status of the compliance program, including issues identified, investigated, and resolved by the compliance program. The Sponsor’s senior management and governing body must be engaged and exercise reasonable oversight of the Sponsor’s compliance program.

3. Effective Training and Education This covers the elements of the compliance plan as well as prevention, detection, and reporting of FWA. This training and education should be tailored to the different responsibilities and job functions of employees.

4. Effective Lines of Communication Effective lines of communication must be accessible to all, ensure confidentiality, and provide methods for anonymous and good-faith reporting of compliance issues at Sponsor and First-Tier, Downstream, or Related Entity (FDR) levels.

5. Well-Publicized Disciplinary Standards Sponsor must enforce standards through well-publicized disciplinary guidelines.

6. Effective System for Routine Monitoring, Auditing, and Identifying Compliance Risks Conduct routine monitoring and auditing of Sponsor’s and FDR’s operations to evaluate compliance with CMS requirements as well as the overall effectiveness of the compliance program. NOTE: Sponsors must ensure that FDRs performing delegated administrative or health care service functions concerning the Sponsor’s Medicare Parts C and D program comply with Medicare Program requirements.

7. Procedures and System for Prompt Response to Compliance Issues The Sponsor must use effective measures to respond promptly to non-compliance and undertake appropriate corrective action.

 

Compliance Training‒Sponsors and their FDRs

CMS expects that all Sponsors will apply their training requirements and “effective lines of communication” to their FDRs. Having “effective lines of communication” means that employees of the Sponsor and the Sponsor’s FDRs have several avenues to report compliance concerns.

 

Ethics–Do the Right Thing!

As part of the Medicare Program, you must conduct yourself in an ethical and legal manner. It’s about doing the right thing!

• Act fairly and honestly;

• Adhere to high ethical standards in all you do;

• Comply with all applicable laws, regulations, and CMS requirements; and

• Report suspected violations.

 

How Do You Know What Is Expected of You?

Beyond following the general ethical guidelines on the previous page, how do you know what is expected of you in a specific situation? Standards of Conduct (or Code of Conduct) state compliance expectations and the principles and values by which an organization operates. Contents will vary as Standards of Conduct should be tailored to each individual organization’s culture and business operations. If you are not aware of your organization’s standards of conduct, ask your management where they can be located.

Everyone has a responsibility to report violations of Standards of Conduct and suspected non-compliance.

An organization’s Standards of Conduct and Policies and Procedures should identify this obligation and tell you how to report suspected non-compliance

 

What Is Non-Compliance?

Non-compliance is conduct that does not conform to the law, Federal health care program requirements, or an organization’s ethical and business policies. CMS has identified the following Medicare Parts C and D high risk areas:

• Agent/broker misrepresentation;

• Appeals and grievance review (for example, coverage and organization determinations);

• Beneficiary notices;

• Conflicts of interest;

• Claims processing;

• Credentialing and provider networks;

• Documentation and Timeliness requirements;

• Ethics;

• FDR oversight and monitoring;

• Health Insurance Portability and Accountability Act (HIPAA);

• Marketing and enrollment;

• Pharmacy, formulary, and benefit administration; and

• Quality of care.

 

Know the Consequences of Non-Compliance (part of Lesson Page 9)

Failure to follow Medicare Program requirements and CMS guidance can lead to serious consequences including:

• Contract termination;

• Criminal penalties;

• Exclusion from participation in all Federal health care programs; or

• Civil monetary penalties.

 

Additionally, your organization must have disciplinary standards for non-compliant behavior. Those who engage in non-compliant behavior may be subject to any of the following:

• Mandatory training or re-training;

• Disciplinary action; or

• Termination.

NON-COMPLIANCE AFFECTS EVERYBODY

Without programs to prevent, detect, and correct non-compliance, we all risk:

Harm to beneficiaries, such as:

• Delayed services

• Denial of benefits

• Difficulty in using providers of choice

• Other hurdles to care

Less money for everyone, due to:

• High insurance copayments

• Higher premiums

• Lower benefits for individuals and employers

• Lower Star ratings

• Lower profits

 

How to Report Potential Non-Compliance

Employees of a Sponsor

• Call the Medicare Compliance Officer;

• Make a report through your organization’s website; or

• Call the Compliance Hotline.

First-Tier, Downstream, or Related Entity (FDR) Employees

• Talk to a Manager or Supervisor;

• Call your Ethics/Compliance Help Line; or

• Report to the Sponsor.

Beneficiaries

• Call the Sponsor’s Compliance Hotline or Customer Service;

• Make a report through the Sponsor’s website; or

• Call 1-800-Medicare.

Don’t Hesitate to Report Non-Compliance

There can be no retaliation against you for reporting suspected non-compliance in good faith.

Each Sponsor must offer reporting methods that are:

• Anonymous;

• Confidential; and

• Non-retaliatory.

 

What Happens After Non-Compliance Is Detected?

After non-compliance is detected, it must be investigated immediately and promptly corrected.

However, internal monitoring should continue to ensure:

• There is no recurrence of the same non-compliance;

• Ongoing compliance with CMS requirements;

• Efficient and effective internal controls; and

• Enrollees are protected.

 

What Are Internal Monitoring and Audits?

• Internal monitoring activities are regular reviews that confirm ongoing compliance and ensure that corrective actions are undertaken and effective.

• Internal auditing is a formal review of compliance with a particular set of standards (for example, policies and procedures, laws, and regulations) used as base measures.

 

Lesson Summary

Organizations must create and maintain compliance programs that, at a minimum, meet the seven core requirements. An effective compliance program fosters a culture of compliance.

To help ensure compliance, behave ethically and follow your organization’s Standards of Conduct. Watch for common instances of non-compliance, and report suspected non-compliance.

Know the consequences of non-compliance, and help correct any non-compliance with a corrective action plan that includes ongoing monitoring and auditing.

 

Compliance Is Everyone’s Responsibility!
 

Prevent: Operate within your organization’s ethical expectations to prevent non-compliance!

Detect & Report: If you detect potential non-compliance, report it!

Correct: Correct non-compliance to protect beneficiaries and save money!

 

Lesson Review

Now that you have completed the Compliance Program Training lesson, let’s do a quick knowledge check. The following questions do not contribute to your overall course score in the Post-Assessment.

 

Knowledge Check

You discover an unattended email address or fax machine in your office that receives beneficiary appeals requests. You suspect that no one is processing the appeals. What should you do?

Select the correct answer.

○ A. Contact law enforcement

○ B. Nothing

○ C. Contact your compliance department (via compliance hotline or other mechanism)

○ D. Wait to confirm someone is processing the appeals before taking further action

○ E. Contact your supervisor

 

CORRECT ANSWER   C

 

Knowledge Check

A sales agent, employed by the Sponsor’s First-Tier or Downstream entity, submitted an application for processing and requested two things: 1) to back-date the enrollment date by one month, and 2) to waive all monthly premiums for the beneficiary. What should you do?

Select the correct answer.

○ A. Refuse to change the date or waive the premiums, but decide not to mention the request to a supervisor or the compliance department

○ B. Make the requested changes because the sales agent determines the beneficiary’s start date and monthly premiums

○ C. Tell the sales agent you will take care of it, but then process the application properly (without the requested revisions) – you will not file a report because you don’t want the sales agent to retaliate against you

○ D. Process the application properly (without the requested revisions) – inform your supervisor and the compliance officer about the sales agent’s request

○ E. Contact law enforcement and the Centers for Medicare & Medicaid Services (CMS) to report the sales agent’s behavior

 

CORRECT ANSWER   D

 

Knowledge Check

You work for a Sponsor. Last month, while reviewing a monthly report from the Centers for Medicare & Medicaid Services (CMS), you identified multiple enrollees for which the Sponsor is being paid, who are not enrolled in the plan. You spoke to your supervisor who said not to worry about it. This month, you have identified the same enrollees on the report again. What should you do?

 

Select the correct answer.

○ A. Decide not to worry about it as your supervisor instructed – you notified him last month and now it’s his responsibility

○ B. Although you have seen notices about the Sponsor’s non-retaliation policy, you are still nervous about reporting – to be safe, you submit a report through your compliance department’s anonymous tip line so you cannot be identified

○ C. Wait until the next month to see if the same enrollees appear on the report again, figuring it may take a few months for CMS to reconcile its records – if they are, then you will say something to your supervisor again

○ D. Contact law enforcement and CMS to report the discrepancy

○ E. Ask your supervisor about the discrepancy again

 

CORRECT ANSWER   B

 

Knowledge Check

You are performing a regular inventory of the controlled substances in the pharmacy. You discover a minor inventory discrepancy. What should you do?

Select the correct answer.

○ A. Call local law enforcement

○ B. Perform another review

○ C. Contact your compliance department (via compliance hotline or other mechanism)

○ D. Discuss your concerns with your supervisor

○ E. Follow your pharmacy’s procedures

 

CORRECT ANSWER   E

 

You’ve completed the lesson!

Now that you have learned about compliance programs, let’s take a post-assessment to see how much you’ve learned! 

 

---------------

Payer Compliance Reporting Resources

Payer/Organization	Hotline	Online Reporting	Address
Your Direct PO/ PHO	PO Phone #		Compliance Official For your PO/ PHO
Medicare – HHS Office of Inspector General	800-447-8477   TTY: 800-337-4950	https://oig.hhs.gov/fraud/report-fraud/index.asp	U.S. Department of Health and Human Services Office of Inspector General ATTN: OIG HOTLINE OPERATIONS P.O. Box 23489 Washington, DC 20026
Medicare - Railroad	888-355-9165 Option 5
Medicaid – Michigan Department of Attorney General	800-242-2873 Medicaid Members: 800-222-8558	Email: MDHHS-OIG@michigan.gov   Online form: https://secure.ag.state.mi.us/complaints/medicaid.aspx	Department of Attorney General Health Care Fraud Division P.O. Box 30218 Lansing, MI 48909
Aetna	800-338-6361	Email: AetnaSIU@aetna.com
Blue Cross/Blue Shield PPO (BCBSM) Blue Care Network (BCN) Blue Cross Complete (BCC)	800-482-3787 Medicare – 888-650-8136	https://www.bcbsm.com/health-care-fraud/report-fraud/report-fraud-form.html	Blue Cross Blue Shield of Michigan Corporate & Financial Investigation Department MC 1825 600 E. Lafayette Detroit, MI 48226
CIGNA	800-667-7145	Email: specialinvestigations@cigna.com	Cigna Special Investigations 900 Cottage Grove Road W3SIU Hartford, CT 06152
CuraNet	877-746-2501
Health Alliance Plan (HAP) Alliance Health & Life Insurance Company	877-746-2501		HAP Compliance Department 2850 West Grand Boulevard Detroit, MI 48202
HAP Midwest Health Plan	877-746-2501		HAP Midwest Health Plan Midwest Information Privacy & Security Office 2850 W. Grand Blvd Detroit, MI 48202
Meridian Health Plan	844-667-3560	Email: FWA.mi@mhplan.com	Meridian Health Fraud, Waste and Abuse Department 1 Campus Martius, Suite 700 Detroit, MI 48226
Molina Health Care	866-606-3889	https://MolinaHealthcare.AlertLine.co​m
Priority Health – HMO & PPO	800-560-7013		Priority Health Compliance Officer 1231 East Beltline, NE, MS 3230 Grand Rapids, MI 49525