The war on health care fraud and abuse
Gauging the distance covered and the distance ahead
A conversation with Lewis Morris, JD, former chief counsel to the Inspector General of the US Department of Health and Human Services; current senior counsel to Adelman, Sheff & Smith, LLC
Lew Morris is a nationally recognized advocate for strengthening compliance and ethics programs in the nation’s health care organizations and related healthcare industries.
Q: Can you offer us the 10,000-foot view of the health care compliance landscape in the 1990s versus in the current decade?
A: Over the years, I’ve seen significant, positive changes in the health care compliance environment. 30 years ago, it was the exception, not the rule, that people worried about compliance and ethics.
But, there is still room for improvement. We need to remember that a compliance program is only of value if it’s used to strengthen an organization’s integrity. To realize this value, compliance must be incorporated into business processes, not siloed in the coding and billing departments.
Q: As health care organizations begin to venture with others in building out the continuum of care, they will no doubt face compliance challenges. What do you foresee?
A: A top challenge is how to bring other providers — physicians, in particular — into the organization’s compliance program and have them embrace its culture. A related challenge for health care providers will be ensuring the quality of care being provided in their institutions.
Q: In that regard, many trustees bring to the table a connection with the private sector that may be helpful in compliance. What have federal health care programs learned from the private sector in combating fraud, particularly in leveraging technology for fraud detection?
A: OIG and CMS are beginning to collaborate with their private sector counterparts in sharing investigative techniques as well as specific intelligence about ongoing fraud schemes. The federal government is leveraging that expertise to build computer systems and analytic tools that identify Medicare fraud schemes.
Q: The OIG’s review of electronic health records use is on the rise. What fraud risks do EHRs present to the health care industry?
A: EHRs present two categories of risk for health care providers. The first is external – hackers breaking into health records to alter them or steal personal health information for personal gain. The second is internal — when a time-pressed physician takes shortcuts in documenting his or her observations or services by using “cut and paste” documentation or cloning a previous record entry, patient care can be compromised.
Q: In addressing compliance risks today, are there leading practices that you would like to see every organization employ?
A: An effective compliance program focuses on values, not just rules. Employees need to start any compliance challenge they face by asking, “Is this the right thing to do?” Of course, for an employee to meaningfully ask these questions and have the courage to do the right thing, members from all levels of the organization must do the same.