Medicaid providers are subject to two sets of certification requirements, a federal requirement under the Deficit Reduction Act of 2005 (DRA) and a New York State requirement under Social Services Law § 363-d(3). Under both laws, providers must certify compliance for the year 2012 by December 31, 2012, which is accomplished by completing the forms located on the website of the New York State Office of the Medicaid Inspector General (OMIG). OMIG, which is tasked with administering both the federal and state certification processes in New York, has indicated that certification forms will not be posted on its website until November 30, 2012. Providers should be aware that although the forms will be available on November 30, New York State requires completion of the forms in December of each year. As such, do not complete the New York State form before December 1, 2012, as it will not be effective for the 2012 certification year.
The DRA requires health care entities which receive or make $5 million or more in Medicaid payments during the federal fiscal year (October 1 to September 30) to certify annually that they are in compliance with the federal DRA. The DRA requires providers to establish written policies and procedures designed to inform employees, contractors and agents about the federal and state false claims acts and whistleblower protections. Each year, the provider must certify that it maintains written policies, that its employee handbook includes the materials required by the DRA, that the materials have been properly adopted by the entity and that the materials have been disseminated to employees, contractors and agents. Providers can access the DRA certification form on the OMIG website through the following link: http://www.omig.ny.gov/data/content/view/212/53/.
Separate from the DRA certification requirement, NYS Social Services Law § 363-d(3) requires the following providers to certify that they have an effective compliance plan:
- Those providers subject to Article 28 and Article 36 of the Public Health Law (e.g., hospitals, clinics);
- Those providers subject to Articles 16 and 31 of the Mental Hygiene Law (e.g., OMH and OPWDD providers); and
- Those that claim, order or receive payment for services or supplies directly or indirectly, or submit claims totaling at least $500,000 a year.
OMIG has specifically recognized that some providers may be required to certify to the effectiveness of their compliance plan, even though they are not enrolled in Medicaid (e.g., LHCSAs) and have added that category into the form and into the Frequently Asked Questions.
The eight elements of an effective compliance plan are set forth in Social Services Law § 363-d(2): 1) written compliance policies and procedures; 2) designation of an employee to be the compliance officer; 3) training for all employees, executives and board members regarding the compliance program; 4) available communication lines to the compliance officer; 5) disciplinary procedures to encourage good faith participation; 6) identification of compliance risk areas; 7) institution of a system for responding to and investigating reports of non-compliance; and 8) a policy of non-intimidation and non-retaliation for good faith participation in the compliance program. Again, providers can access the SSL § 363-d(3) certification form on the OMIG website November 30, 2012.
In completing the DRA and § 363-d(3) certification forms, providers should be aware of the following requirements and gather needed information in advance of completing the forms:
- A certification must be made for each Federal Employer Identification Number (FEIN) that bills or receives a Medicaid payment;
- The certifying official should be someone at the senior management or Board level. OMIG has stated that, to avoid conflicts of interest, the certifying official should not be either the compliance officer, chief financial officer or legal counsel for the agency; and
- New this year, the Social Services Law § 363-d(3) certification form now contains a section asking the provider to indicate if it meets each one of the eight elements. If a provider cannot answer yes to any one or more of the elements, the form will request that the provider explain what actions will be instituted to complete the requirement and when it will be completed. OMIG is hoping that providers unable to certify to all of the requirements will rectify the issues within 60-90 days.
Having an effective compliance program is extremely important. OMIG has been reviewing the effectiveness of provider plans and will continue to do so in the coming year.
Should you need assistance with the certification process or a review of the effectiveness of any current plan, contact Margaret Surowka Rossi at (518) 429-4295 or msurowkarossi@hblaw.com or any member of our firm's Health Care & Human Services Practice Area.