Medicare Advantage Compliance: Guidelines for Healthcare Providers

Executive Summary

CMS requires healthcare providers that contract with Medicare Advantage plan sponsors to implement and maintain an effective compliance program. To avoid CMS terminating any Medicare Advantage contracts, healthcare providers should review the Medicare Advantage compliance requirements and ensure that their practices are doing what is expected of them.

Recommended Actions

• Ensure that your practice has a policy and process for screening all new employees upon hire and annually against the OIG and GSA exclusion lists. 
• Ensure that all employees have completed Medicare Advantage fraud, waste and abuse compliance training annually and maintain documentation of this training. 
• Conduct internal audits of your organization’s billing and coding practices.

The Centers for Medicare and Medicaid Services (CMS) contracts with Medicare Advantage plan sponsors (such as Aetna and Blue Cross Blue Shield), which in turn contract with healthcare organizations to provide services under the plans. If your organization provides services to Medicare Advantage patients, CMS requires that your Medicare Advantage sponsors ensure that you are meeting certain compliance requirements.

Organizations can become and remain compliant with the Medicare Advantage compliance requirements by completing the following steps:

1. Create compliance standards, policies and procedures and designate a Medicare Advantage compliance officer.
2. Educate and train all employees on your compliance policies and how to recognize and report noncompliance.
3. Perform routine self-monitoring and auditing of your compliance policies to recognize any noncompliant practices and/or potential fraud, waste or abuse (FWA).
4. Maintain evidence of all these steps to provide to your Medicare Advantage sponsor.

Step One: Establish and Distribute Standards of Conduct, Policies and Procedures

A comprehensive compliance plan is a great place to incorporate your organization’s Standards of Conduct and compliance policies and procedures. Standards of Conduct encompass the values by which the organization operates. An organization’s Medicare Advantage compliance policies and procedures lay out the specifics of the compliance program. Your organization should designate someone, such as your practice administrator or an executive officer, as a compliance officer to implement and operate the compliance program.

Step Two: Ensure that All Employees Are Trained on Medicare Advantage Compliance Policies

It is important that your organization screen all employees (new hires and existing employees) against the OIG’s List of Excluded Individuals and Entities (LEIE) and the General Services Administration’s (GSA) System of Award Management (SAM) for exclusions. The OIG provides an online database so you can search for excluded individuals here. You also can search the GSA SAM database for exclusions. Additionally, background checks to look for any healthcare-related fraud convictions should be performed for all employees,

Your organization should ensure that all newly hired employees, including executives, receive fraud, waste and abuse (FWA) training. CMS provides some standardized modules that meet FWA requirements. Your organization should maintain evidence of your screenings and training to provide to your Medicare Advantage sponsor. Your organization’s employees should be able to identify FWA and know how to report (such as via a call-in hotline or a physical mailing address) actual or suspected noncompliance.

Step Three: Perform Routine Compliance Self-Monitoring

Your Medicare Advantage sponsor will likely require you to routinely monitor your organization’s compliance. It is important to keep evidence of self-monitoring to provide to your sponsor. Your organization’s compliance officer should help develop procedures to monitor compliance issues. This can include regularly evaluating your organization’s employee training for effectiveness by evaluating clinical activities for compliance and conducting interviews. Additionally, your organization should review Medicare Advantage billing and claims practices for any deviations from your policies. Your compliance officer can determine whether a formal internal audit is needed.

Step Four: Maintain Records of Medicare Advantage Compliance

Your healthcare organization should ensure that all records of Medicare Advantage compliance are properly maintained and retained for 10 years. That includes records of your compliance policies and procedures and evidence of your organization’s self-monitoring practices as well as employee training, internal evaluations conducted, reports of suspected noncompliance, investigations of suspected violations and any corrective action.

Your Medicare Advantage sponsor can request proof of your compliance to regularly ensure that your organization is following the proper requirements. 

Lessons Learned

• Conduct routine monitoring of your practice’s Medicare Advantage compliance program and document that self-monitoring process. 
• Keep all records and documentary evidence of your organization’s self-monitoring, compliance and ongoing training of employees in one safe location. 
• Document all fraud, waste and abuse staff training materials and all screenings conducted of new and current employees at your practice. 

Potential Damages

Healthcare organizations not in compliance with CMS requirements for a Medicare Advantage plan will likely have to undertake a corrective action plan with CMS. However, if the organization remains noncompliant, they run the risk of CMS terminating any contracts held with Medicare Advantage plan sponsors.