By Corrine Parver, Esq. and Bridget O'Connor, Esq.
Companies of every size and structure can and should develop an ethical culture of compliance where prevention, detection and resolution of abusive practices are "core values." This goal can be achieved in a variety of ways; no single formula would succeed in every corporate environment. In January of this year, the Office of Inspector General ("OIG") of the Department of Health and Human Services ("HHS") issued its Draft Compliance Program Guidance for the Durable Medical Equipment, Prosthetics, Orthotics and Supply Industry ("Draft Compliance Guidance" or "Guidance"). 64 Fed. Reg. 4435 (Jan. 28, 1999).
Companies within the durable medical equipment, prosthetics, orthotics and supply (collectively "DMEPOS") industry likely will find that some, but not all, of the suggested elements are feasible and appropriate to their corporate culture and core values. The OIG itself observed in the Draft Compliance Guidance that "the contents of the guidance should not be viewed as mandatory for providers or as an exclusive discussion of the advisable elements of a compliance program." (64 Fed. Reg. 4436.) This article examines the Draft Compliance Guidance and concludes that DMEPOS companies need not adopt the OIG's Guidance "whole cloth" -- compliance programs simply are not a "one-size-fits-all" item.
A. Looking for Industry Input
On August 7, 1998, the OIG published in the Federal Register a request for information and suggestions from concerned parties on how best to develop an OIG Compliance Program Guidance for the DMEPOS industry. 63 Fed. Reg. 42409 (Aug. 7, 1998). In response to the OIG's request, on September 21, 1998, the Health Law Services Practice of Dickstein Shapiro Morin & Oshinsky, LLP("the Firm"), which represents and provides legal services to a wide variety of health care providers, including numerous manufacturers and suppliers of DMEPOS services, provided extensive Comments to the OIG, urging that it recognize the diversity within the industry, and draft the model plan accordingly. The Firm cautioned that a "canned" compliance program would not be effective, given that compliance programs should be designed to "fit" within a particular DMEPOS company's culture and infrastructure. Such a fit increases the likelihood that compliance efforts will become part of the regular routine in the company and increases the likelihood of management "buy-in"; that is, it increases the chance that managers and employees will accept, and cooperate in, the company's compliance efforts.
The Firm also warned that cost is a major factor in developing an appropriate compliance program for any individual DMEPOS company. Development of a complicated, multi-faceted compliance program is of little use when the company simply cannot afford to implement such a program. In fact, some companies may find even the costs of developing a compliance program daunting -- costs can range from $25,000 to $250,000, or more. There are many small and medium-size home health care companies in this industry for which such an expenditure is simply out of reach. Fortunately, cost is a factor over which the companies do have some control. In large part, the cost of a compliance program is directly related to its complexity, and a program need not be complex to be effective.
The Firm cautioned the OIG that some DMEPOS businesses could not feasibly develop a compliance program containing each of the seven elements (see page 4, below) contained in past guidelines for other health care industries, or implement a compliance program with the same level of complexity as was outlined in previous program guidance. Therefore, the Firm suggested that, for the DMEPOS industry, the OIG should present the seven elements as a "goal," rather than an absolute minimum requirement, and that the OIG recognize the barriers that some home care companies will face in implementing certain of the goals. In that way, the businesses would be encouraged to adopt those elements which are feasible and potentially effective, rather than being discouraged even from attempting a compliance program which would not pass muster under the "minimum" requirements.
B. Draft Compliance Program Guidance
The OIG issued its Draft Compliance Guidance in January 1999, stating that a final version of the Guidance will be published later this year. 64 Fed. Reg. 4435, 4436. The final version probably will not vary substantially from the Guidance. Although many of the concerns raised in the Firm's Comments were reflected in the preamble, the Firm's concern that OIG would present compliance programs as a one-size-fits-all item has largely come to fruition. Although the OIG acknowledged that "[g]iven the diversity within the industry, there is no single "best" DMEPOS supplier compliance program," (64 Fed. Reg. 4438), and noted that "the contents of the guidance should not be viewed as mandatory for providers or as an exclusive discussion of the advisable elements of a compliance program" (64 Fed. Reg. 4436), it nonetheless proceeded to present the Guidance as a set of minimum requirements which must be included in any effective compliance program.
As with previous compliance program guidance for other health care sectors (clinical laboratories, February 1997; hospitals, February 1998; home health agencies, August 1998; and third-party medical billing companies, December 1998), the Draft Compliance Guidance for the DMEPOS Industry includes the following seven elements:
- Written Policies And Procedures;
- Designation Of A Compliance Officer And A Compliance Committee;
- Conducting Effective Training And Education;
- Developing Effective Lines Of Communication;
- Enforcing Standards Through Well-Publicized Disciplinary Guidelines;
- Auditing And Monitoring; and
- Responding To Detected Offenses And Developing Corrective Action Initiatives.
The Draft Compliance Guidance for DMEPOS includes the expectation that such companies will implement each of these elements, and states "regardless of a DMEPOS supplier's size or structure, the OIG believes that every DMEPOS supplier can and should strive to accomplish the objectives and principles underlying all of the compliance policies and procedures recommended within this guidance." 64 Fed. Reg. 437. Elsewhere in the Guidance, the OIG correctly observed that "superficial programs that simply have the appearance of compliance without being wholeheartedly adopted … will likely be ineffective." 64 Fed. Reg. 4437.
DMEPOS companies should adopt only those proposals in the Guidance which are feasible and likely to be effective and can be "wholeheartedly adopted" within their corporate environment.
Copyright © 2000 Corrine P. Parver