Compliance Horror Stories and What to Avoid with Chiropractic HIPAA Compliance in Your Practice
I love a good scary story, which is only natural since I grew up in the small southern town of Yazoo City, Mississippi, home to the Witch of Yazoo, a legendary character made famous by author (and Yazoo City native) Willie Morris in his book , “Good old boy.” Scary stories allow us to safely experience fear while learning from the mistakes of the characters in the story, something we can learn from the “horror stories” of chiropractic HIPAA compliance.
Avoid being a main character
We’ve all heard scary stories from consultants, colleagues and local media, and we know all too well what could happen if we end up on the wrong side of an audit or investigation.
Unfortunately, the size of your clinic doesn’t make compliance much easier. The smaller your business, the fewer employees there are to maintain control. The larger your practice, the more moving parts you need to monitor.
Despite the challenges of maintaining a compliant office, those involved in financial and healthcare fraud schemes face civil liability and criminal penalties, including jail time.
The story of: billing for undelivered DC services
A common type of fraud seen in healthcare is billing for services not provided.
Last year, a suburban Chicago chiropractor was sentenced to more than a year and a half in federal prison for fraudulently submitting claims to private insurers and Medicare for nonexistent treatment. From 2010 to 2017, John Kosloski, DC, billed private insurers for services he allegedly provided Amtrak employees and their family members, knowing he did not actively treat them or never saw them as patients.
He paid Amtrak employees cash in exchange for the ability to falsely bill using personal information of employees and their family members. During his scheme, Kosloski submitted more than 18,000 claims to insurers for services he knew he was not providing, and he received more than $500,000 in reimbursements for the false claims.
Kosloski, 57, of Beecher, Illinois, pleaded guilty to one count of health care fraud. U.S. District Chief Judge Rebecca R. Pallmeyer imposed a 20-month prison sentence and ordered Kosloski to pay a $25,000 fine and restitution of more than $500,000 to insurers (DOJ, 2021).
While this is not an example of human error and accidental billing for undelivered services, the truth is that in offices across the country undelivered services are billed daily. Therefore, your chiropractic HIPAA compliance program needs a system to detect and correct these errors before they are submitted for payment. Asking each supplier to review and initial day sheets at the end of the day is a great way to check for billing errors.
The Story of: Discarding Patient Records
Not every case is a blatant attempt to defraud a third party.
For example, earlier this year, two chiropractic clinics in Arkansas had to pay $321,000 after state officials said they dumped patient records in a park. The lawsuit stems from an incident in November 2020 when Mayflower City employees alerted local police that a white truck was parked in a wooded area of Palarm Park where someone left about 271 medical records.
The court found that the defendants violated the Personal Information Privacy Act and the Deceptive Marketing Practices Act of Arkansas for failing to protect their patients’ personal information and failing to dispose of patient information. as required by law (Ringo, 2022). For the record, it costs a lot less than $321,000 for a mobile shredding company to come to your office and dispose of your patient records in a legal and compliant manner.
The story of: HIPAA violations for tracing ex-girlfriends
Speaking of HIPAA, did you know that a pharmacist cost Walgreens $1.4 million for allegedly reviewing the prescription records of a woman who dated her husband?
The case is significant because the order is the first published decision of an appeals court in which a healthcare provider has been held liable for HIPAA violations committed by an employee (Ross, 2014). As part of your compliance program, you and your team should undergo regular HIPAA training. A good rule of thumb is to provide chiropractic training on HIPAA compliance on the first day of employment, annual refresher training, and safety awareness training throughout the year.
The story of: employing “excluded” people
Another often overlooked part of a compliance program is that you need to run your employee list against the exclusion list every month if your practice deals with federally insured patients.
Unfortunately, one practice learned this lesson the hard way when it had to pay $192,000 for employing an “excluded” person. The employee worked as a director of his firm between February 2010 and May 2021. He had a previous conviction in the District of Jersey for health care fraud. Following his conviction, he was barred from all federal health care programs.
While serving as a practice administrator for Windham Eye Group, the practice and its owners billed and sought reimbursements from federal health care programs including Medicare, Medicaid and TRICARE. A portion of the reimbursements received by Windham Eye Group and its owners was used to pay his salary and benefits (DOJ, 2022).
The Story of: Billing Procedures Learned via YouTube
A good rule of thumb when implementing any new procedure, product, or service in your practice is to get billing and coding advice from a trusted source before you take someone’s word for it. .
For example, a chiropractor was accused of wrongfully billing for a procedure he heard about on YouTube. The civil complaint, filed March 10, 2021, alleges that the chiropractor fraudulently obtained more than $3.9 million from Medicare and TRICARE by charging for the implantation of neurostimulation electrodes. These surgical procedures typically require an operating room, and Medicare pays thousands of dollars for this procedure, according to the complaint.
Additionally, the lawsuit alleges that nurse practitioners working for the chiropractic office learned how to implant the devices by watching YouTube videos and participating in training with sales representatives (DOJ, 2021).
Take the time to complete HIPAA chiropractic compliance training
Being a Doctor of Chiropractic is a privilege. But it also comes with a lot of responsibility and yes, risk.
However, all of these risks in your practice can be managed and even eliminated if you set aside time to work. on your practice instead of just in your practice. Compliance is not simply a game of doing, but also of acting quickly and adapting to an ever-changing regulatory environment.
With all the rules and regulations surrounding healthcare today, it can be hard to see where your risks lie. As we learn from the mistakes of others, remember to focus on one task at a time and remember to ask for help.
RAY FOXWORTH, DC, FICC, is founder and CEO of ChiroHealthUSA. For more than 35 years, he worked “in the trenches,” facing billing, coding, documentation and compliance challenges in his practice. He is a former medical compliance specialist and currently serves as chair of the Chiropractic Summit, board member of the Strategic Plan Committee for the Future of Chiropractic, board member of the Cleveland College Foundation, and member of the Board of Trustees of the Foundation for Chiropractic. Progress. He is a former staff chiropractor at GV Sonny Montgomery VA Medical Center and former chairman of the Mississippi Department of Health. Request a third-party gap analysis of your practices to see where you are hitting the target or falling short of compliance at chiroarmor.com/gap.