Imaging Provisions in 2016 OIG Work Plan
By Adrienne Dresevic, Esq., and Leslie A. Rojas, Esq., of The Health Law Partners, P.C.
The OIG released its 2016 Work Plan, available here, which contains provisions affecting the imaging community. Each year, the Work Plan delineates the new and ongoing projects that the OIG plans to address during the fiscal year. This year, the OIG highlighted the following issues affecting the imaging community:
Intensity-Modulated Radiation Therapy (IMRT): The OIG will continue to review Medicare outpatient payments for IMRT to determine whether hospitals are correctly billing for these services. As an example of one billing error, the OIG references Chapter 4 of the Medicare Claims Processing Manual, which provides that CPT codes 77014, 77280-77295, 77305-77321, 77331, 77336, and 77370 should not be billed in addition to CPT code 77301 when performed as part of IMRT planning. (See, Section 200.3.2 of Ch. 4, available here.) Hospitals that perform routine billing audits should add these IMRT CPT codes to the list of services to flag and review for accuracy.
Imaging Services – Payments for Practice Expenses: The OIG will continue to review Medicare Part B payments for imaging services to determine whether they accurately reflect the expenses incurred. The OIG will do so by looking at the practice expense components (eg, office rent, wages, and equipment expenses), as well as the equipment utilization rates. The OIG will also look at whether the utilization rates are reflective of industry practices.
Fraud and Abuse: The OIG continues to highlight diagnostic radiology as a case type that it reviews for healthcare fraud and abuse issues. Fraud and abuse may include: billing for services not rendered; billing for medically unnecessary services; patient harm incidents; and solicitation or receipt of kickbacks in exchange for patient referrals. A compliance program is an essential weapon in any imaging provider’s arsenal to prevent and protect against healthcare fraud and abuse. For more information on compliance programs, see our November 2014 Link article.
Controls Over Networked Medical Devices at Hospitals: New to the OIG’s Work Plan this year is its plan to review whether the FDA’s oversight of hospital networked medical devices is sufficient to protect the electronic protected health information on those devices. The OIG specifically mentions “radiology systems” as one of the computerized medical devices that pose a growing security and privacy threat. The OIG explains that computerized medical devices “use hardware, software, and networks to monitor a patient’s medical status and transmit and receive related data using wired or wireless communications.” For these reasons, hospital imaging departments should assess the security of these devices and the software and networks used to transmit information. For example, a HIPAA security risk assessment can be performed to determine if there are any security weaknesses that should be addressed. For more information on HIPAA privacy and security issues, see our October 2015 Link article.
The imaging provisions discussed in this year’s Work Plan demonstrate that HIPAA privacy and security issues, billing errors, and fraud and abuse issues (including unlawful referral relationships and medical necessity deficiencies) continue to be major risk areas for imaging providers. The development of a comprehensive HIPAA privacy and security manual and a robust compliance program addressing these issues is an integral step in protecting against risk.
Adrienne Dresevic, Esq., is a Founding Shareholder of The Health Law Partners, P.C., a nationally recognized healthcare law firm with offices in Michigan and New York. Practicing in all areas of healthcare law, she devotes a substantial portion of her practice to providing clients with counsel and analysis regarding compliance, Stark Law, Anti-Kickback Statute, and compliance related issues. Ms. Dresevic serves on the American Bar Association Health Law Section’s Council, which serves as the voice of the national health law bar within the ABA. Ms. Dresevic also serves as the ABA Health Law Section’s Co-Chair of the Physicians Legal Issues Conference Committee, Vice Chair of the Programs Committee (Executive Leadership), and Vice Chair of the Sponsorship Committee. She is licensed to practice law in Michigan and New York, and can be contacted at firstname.lastname@example.org.
Leslie A. Rojas, Esq., is an associate with The Health Law Partners, P.C., a nationally recognized healthcare law firm with offices in Michigan and New York. Ms. Rojas’ healthcare practice focuses on compliance with federal and state healthcare regulations; fraud and abuse issues, including the Stark Law and the Anti-Kickback Statute; HIPAA and health information privacy issues; and transactional and corporate aspects of healthcare. Ms. Rojas is licensed to practice law in Michigan and Illinois, and can be contacted at email@example.com.
The authors are members of The Health Law Partners, P.C. and may be reached at (248) 996-8510 or (212) 734-0128, or at www.thehlp.com.
For more regulatory news, visit www.ahraonline.org/news.