Excluded Individual Creates Chaos for A Pharmacy IF Not Caught Right Away!

PAAS National®’s Fraud, Waste and Abuse & HIPAA Compliance Program monitors the Office of the Inspector General (OIG) and General Services Administration (GSA) lists daily for our members, even though the requirement is monthly. The program allows members to print exclusion list checks and stores this documentation electronically. PBMs will often request this proof of exclusion checks during an audit. PAAS Audit Assistance members can see our September 2021 Newsline article, OIG and GSA Exclusion Checking – Are You Compliant?.

Recently PAAS identified an excluded individual as an exact match through our proprietary exclusion checking offered by the Fraud, Waste & Abuse and HIPAA Compliance Program. The Pharmacist-in-Charge was called immediately. PAAS’s quick actions prevented this excluded individual from working in the pharmacy, saving the owner a lot of headaches – fines and additional repercussions.

  • What is an excluded individual?
    • An excluded individual has been identified by the OIG and/or the GSA as a person who is not allowed to be involved with any acts or services that are associated with Federal healthcare payments (Medicare or Medicaid). This includes ordering, prescribing, fulfilling orders, or providing services.
  • What causes an individual to become excluded?
    • Conviction of a crime related to federal healthcare programs, patient abuse or neglect, felony conviction related to controlled substances, participating in other healthcare fraud, defaulting on health education loan, or other reasons.
    • See more information on the OIG website
  • What are the consequences of hiring an excluded individual?
    • Hiring an excluded individual is a direct violation of Medicare Part D contracts
    • Items or services involving an excluded individual in any way cannot receive reimbursement from Medicare or Medicaid.
    • The pharmacy may be required to pay up to $10,000 each claim that the excluded individual was involved in as well as up to three times the damages incurred from these claims.
    • A pharmacy owner and pharmacist employee recently agreed to pay $250,000 to resolve False Claims Act liability related to employing an excluded individual

PAAS Tips:

  • The pharmacy Compliance Officer should screen every individual for OIG and GSA exclusions prior to hire, monthly thereafter, or in accordance with state laws. This includes:
  • These exclusion list searches should be documented and retained for 10 years.
  • Enter the hired person’s name into the exclusion review system exactly as it appears on their state or federally issued form of identification in order to ensure integrity of the check
    • Keep in mind, excluding individuals often try to hide their identity by changing their name or using a different name – don’t take a chance.

On-Demand Webinar: Compliance Issues, HIPAA Enforcement and Audit Risks with COVID-19

On April 7, 2022 PAAS National® hosted Compliance Issues, HIPAA Enforcement and Audit Risks with COVID-19 webinar. PAAS Audit Assistance members have access to the recorded webinar, in addition to many other tools and resources on the PAAS Member Portal.

This webinar reviews:

  • Compliance Program Requirements (and why it matters to community pharmacies)
  • HIPAA Enforcement/Action
  • COVID-19 Vaccine Audit Risks (updated)
  • OTC COVID-19 Tests Audit Risks (and Medicare B guidance)
  • Onsite Audit Preparation

Yes, OTC COVID-19 Tests Can Be Audited!

Dispensing OTC COVID-19 tests is widespread through community pharmacies. Pharmacies must be aware that submitting claims to PBMs for these tests opens the window for auditing. Ensuring you have procedures in place to accurately purchase, bill and dispense these home tests is imperative. While the dollar amount of these claims does not seem audit worthy, PBMs will be checking for Fraud, Waste and Abuse and contract violations.

PAAS National® has created a COVID-19 Resources section for our members on the PAAS Member Portal. Here you can find the Patient Request and Attestation for OTC COVID-19 Test Billing and Frequently Asked Questions. These documents have been created for our members to help answer questions and ease the documentation burden so pharmacies can save time and be audit ready.

Recently, a PAAS member received an audit request and results for an invoice audit targeting OTC COVID-19 tests. The audit was for a very short time frame and the PBM had already contacted patients to verify what manufacturer and quantity of tests the patient had received. Only tests that have been authorized by the FDA should be billed and dispensed. You can find a list of approved tests here.

PAAS Tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

Hackers Don’t Sleep, Your PHI is At Risk! What Are Your Safeguards?

Pharmacies, big and small, may find themselves on the probing end of a hacker’s criminal scheme designed to access and steal protected health information (PHI). Recently, CVS Pharmacy, Inc., Ravkoo (affecting Amazon Web Services), and Florida-based BioPlus Specialty Pharmacy Services LLC have all been targets of malicious actors after PHI. It comes as no surprise that the U.S. Department of Health and Human Service’s Office for Civil Rights (OCR) 2022 first quarter Cybersecurity Newsletter reported an increase in cyberattacks from 2020 to 2021. According to the OCR’s report, cyberattacks and “IT incidents” accounted for 66% of breaches affecting 500 individuals or more, and according to the 2020 Data Breach Investigations Report by Verizon, over 80% of data breaches due to hacking were from weak authentication requirements.

Having safeguards in place to detect, and prevent, unauthorized users from accessing PHI and electronic PHI (ePHI) is a requirement for all covered entities as outlined in the Health Insurance Portability and Accountability Act (HIPAA) of 1996 and clarified by the Health Information Technology for Economic and Clinical Health (HITECH) Act in 2009. Although ePHI is usually the target of cyberattacks, it is important to be aware of the potential for internal breaches as well, some of which may be the result of inadequate policies and procedures, not necessarily malicious actors. Rite Aid pharmacy chain found out the hard way that tossing medication vials with patient information into their regular trash bins was not the correct way to dispose of PHI. Rite Aid’s $1 million settlement for having insufficient internal policies and procedures for handling PHI can serve as a reminder of the importance of evaluating your own HIPAA policies and procedures. In fact, periodically reviewing your security protocols and correcting your security shortcomings is a HIPAA Security Rule requirement.

PAAS National® has a customizable Fraud, Waste & Abuse (FWA) and HIPAA Compliance Program with tools and resources to help pharmacies meet HIPAA and HITECH compliance requirements. The PAAS FWA/HIPAA Compliance Program walks members through setting up a robust compliance program which includes:

  • appointing HIPAA Privacy and Security Officers,
  • performing a Risk Analysis to identify and document threats and vulnerabilities that may impact ePHI,
  • developing administrative, technical and physical safeguards to protect ePHI,
  • developing customized HIPAA Policies and Procedures (including proper PHI disposal, security reminders, access controls, prevention of malicious software, etc.),
  • online HIPAA training and much, much more!

Having a robust HIPAA Compliance Program and an educated workforce that is fully engaged in protecting PHI can greatly reduce the risk of unauthorized access to PHI and ePHI. Don’t be the weak link and have no plan in place – it’s the law!

PAAS Tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

  • Review your HIPAA policies and procedures to check for appropriate administrative, technical, and physical safeguards
    • Administrative safeguards should include risk analysis, risk management, sanction policy, and information system activity review
    • Technical safeguards include access control (i.e., user identification, emergency access procedure, automatic logoff, encryption, and decryption), audit controls, ePHI integrity, person/entity authentication, and transmission security
    • Physical safeguards include facility access controls (i.e., contingency operations, facility security plan, access control and validation procedures, maintenance records), workstation use and security, and device and media controls
  • PAAS National® is here to assist you with your FWA and HIPAA Compliance needs and questions, call (608) 873-1342 today to start customizing a program for your pharmacy!

LIVE WEBINAR APRIL 7th: Compliance Issues, HIPAA Enforcement and Audit Risks with COVID-19

Join President of PAAS National®, Trenton Thiede, PharmD, MBA for a LIVE webinar “Compliance Issues, HIPAA Enforcement and Audit Risks with COVID-19” on April 7, 2022 from 2-2:45pm CT as he discusses:

  • Compliance Program Requirements (and why it matters to community pharmacies)
  • Recent HIPAA Enforcement/Action
  • COVID-19 Vaccine Audit Risks (updated)
  • OTC COVID-19 Tests Audit Risks (and Medicare B guidance)
  • Onsite Audit Preparation

We will allow for some Q&A at the end of the webinar.

SIGN UP TODAY!

PAAS Audit Assistance members will have access to a recording on the PAAS Member Portal if they are unable to attend the live event.

Four Tips for Navigating Pharmacy Compliance Audits in 2022

by Tracie Acosta, CPh, Published March 11, 2022 by Pharmacy Times

In recent years, the auditing process has evolved into a full-blown investigation, often requiring pharmacies to submit hundreds of pages of documentation

Compliance audits launched by pharmacy benefit managers (PBMs) have long been a cause of frustration for pharmacies, especially independent community pharmacies with limited manpower and resources compared to large chains. This challenge has only magnified since the onset of the COVID-19 pandemic in early 2020.

PBMs have adapted their practices by switching to virtual audits, leaving them with the ability to review more claims than ever before. As a result, pharmacies that are juggling the chaos of audit documentation, vaccine distribution, prescription refills, and a plethora of other responsibilities stand to lose. It’s no wonder that the average audit in 2020 cost pharmacies $23,978, which is 35% more than the annual average over the previous 5 years, according to the pharmacy audit assistance service, PAAS National.

Traditionally, a PBM would simply check that the pharmacy received a valid prescription, dispensed the proper amount according to the prescription, and submitted a claim for the correct amount dispensed. But in recent years, the auditing process has evolved into a full-blown investigation, often requiring pharmacies to submit hundreds of pages of documentation—and auditors can even use minor clerical errors as excuses to deny payments.

As pharmacy compliance audits grow in sophistication, it’s up to pharmacies to remain diligent in monitoring their operations, especially the following aspects of their operations in 2022. Here are some tips for getting ahead of and managing audits in the year ahead.

Continue to read the full article here.

Top 10 PAAS National Articles of 2021

PAAS Audit Assistance members receive a monthly newsletter with new audit tactics and prevention tips. The printed newsletter, PAAS National® Newsline is only a fraction of the content that we put out each month as members have access to additional content online in the Member Portal, in addition to an archive of articles.

The top 10 Newsline articles for 2021 include:

  1. Audit Risk: Ivermectin Used for Treating COVID-19
  2. COVID-19 Vaccine Billing Guidance
  3. Updated Dispense in Original Container Chart
  4. Are You Documenting DUR and Submission Clarification Codes?
  5. Dispensed Quantity is Different from the Prescription – Do I Need Documentation?
  6. HHS Advisory Opinion on Contract Pharmacies Under the 340B Program
  7. COVID-19 Vaccine Administration Audit Risk (Including a New PAAS Resource)
  8. Fraud, Waste, & Abuse and HIPAA Compliance Updates for 2021
  9. “Forwarding” Unfilled Electronic Prescriptions
  10. Victoza® – One Letter Can Cost You!

PAAS Audit Assistance Admins can also keep their employees informed to increase engagement and lower audit results by adding employees to the Portal so that their whole staff has access to the eNewsline.

2022 Fraud, Waste & Abuse and HIPAA Compliance Program Updates

PAAS National® continuously monitors legislative and regulatory changes that may impact your Fraud, Waste & Abuse and HIPAA Compliance Program. We keep a close eye on enforcement from the Department of Justice and Office for Civil Rights to help ensure the program meets interpretative standards. Furthermore, PAAS works to keep pace with Pharmacy Benefit Managers as they continue to add credentialing requirements that can be extremely difficult and a significant nuisance to independent pharmacies.

The PAAS National® FWA/HIPAA Compliance Program has implemented changes to ensure pharmacies continue to have a robust program in place. PAAS FWA/HIPAA compliance members can login to the member portal to view the 2022 FWAC and HIPAA Updates.

Administrators should review all Compliance tasks (located in the left-hand navigation on the PAAS Member Portal) at least annually to keep the program up-to-date and in compliance. Section 2.6 Updates of Policies and Procedures of your manual contains information on maintaining open lines of communication and the distribution of changes.

Contact us TODAY at (608) 873-1342 or info@paasnational.com and add FWA/HIPAA for a discounted rate.

“We have been with PAAS for many years and added the FWAC/HIPAA material to our membership and as a compliance officer, I’ve never been more pleased with the program. If you have already made the best choice to have PAAS in your corner, then continue with the best for your FWAC/HIPAA needs.” – Member since 2010 from North Carolina

“PAAS National® Fraud, Waste, Abuse and Compliance educational sessions are unsurpassed. The PAAS National® Policy and Procedure manual that you create for your pharmacy is a must for all pharmacies to have for their staff. All of this keeps your pharmacy up to date with current pharmacy procedures and operations and ensure proper pharmacy practices going forward.” – Member since 2021 from New York

“A pharmacy without the compliance program does not have their bases covered and required work finished. I can sleep at night knowing this program keeps me protected and on task.” – Member since 2009 from Iowa

Humana Compliance Requirements – Training and Exclusion Checks Are Not Enough

PAAS National® analysts have received several questions regarding Humana’s 2022 Notice of Program Requirements. Humana’s Compliance Policy for Contracted Healthcare Providers explicitly states pharmacies must have a compliance program that meets the seven elements outline by CMS, including written policies, procedures and standards of conduct. Per the 2022 Pharmacy Compliance Education and Training Requirements FAQs: “Humana reserves the right to request documentation (e.g., policies and tracking records) confirming that your organization has an effective compliance program that meets the requirements outlined in the Compliance Policy and Standards of Conduct.”

PAAS’ Fraud, Waste & Abuse and HIPAA Compliance program keeps members compliant beyond training and exclusion checking. Since 2009, the program was designed to meet these CMS requirements, with the full support of our expert staff – pharmacists just like you, with years of experience helping community pharmacies with FWA and HIPAA compliance.

If you aren’t a member of FWA/HIPAA and are interested in saving $126 on your membership, please contact PAAS at (608) 873-1342 to become an Elite member.

PAAS Tips:

    1. Members can contact PAAS (608) 873-1342 if you have any questions
    2. See December 2021 Newsline article PBM Provider Manual Updates – What You Need to Know
    3. See August 2021 Newsline article Humana Audit Program Updates

Are You Prepared to Prove TIRF REMS Program Compliance?

The purpose of the Transmucosal Immediate-Release Fentanyl (TIRF) Risk Evaluation and Mitigation Strategy (REMS) Program is “to mitigate the misuse, abuse, addiction, overdose, and serious complications due to medication errors with the use of TIRF medicines.” If your pharmacy dispenses Actiq®, Fentora®, Subsys®, or other medications which fall under the TIRF program, now is a good time to evaluate your compliance with all TIRF REMS requirements. The program has strict standards for all stakeholders involved with TIRF products including program administrators, wholesalers, prescribers, pharmacies and patients. Annually, the program administrators must audit all certified outpatient pharmacies who ordered at least one shipment of a TIRF medication in the preceding 12 months, up to 400 pharmacies.

PAAS National® analysts have seen audits recently conducted by Compliance Architects®, a company which offers many services including FDA risk management and compliance consulting. The audits have consisted of a short online survey followed by a self-scheduled virtual meeting. During the audit process, pharmacies are expected to share copies of various program-related documents such as:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

A key factor to successfully completing the audit is being able to provide robust policies and procedures which meet all program requirements. Whether you’re reviewing your current policies and procedures, or find yourself without this key compliance element, reviewing the Pharmacy Education document found online under the Pharmacy page of the TIRF REMS Access Program website is a good starting point. Mirroring each section from the Pharmacy Education document in your own policy and procedure can help ensure all compliance elements are captured.

If your pharmacy is found to be non-compliant, the type and severity of the offense determines the reprimand (which may consist of a corrective and preventative action plan, continued monitoring for compliance or potentially deactivation from the TIRF REMS program). A copy of the TIRF REMS Non-Compliance Protocol can be found on the Access Program website.

PAAS Tips:

  • All pharmacies dispensing TIRF REMS medication must have an Authorized Representative who successfully completed the TIRF REMS Pharmacy Knowledge Assessment, submitted the Pharmacy Enrollment Form and attested to following all program requirements.
  • Ensure all staff involved in the ordering, inventory management and dispensing of TIRF REMS medications have been trained by the pharmacy’s Authorized Representative.
  • The pharmacy must re-enroll and successfully complete the enrollment requirements every two years. The PAAS Vault can be utilized to store your enrollment forms and proof of training to ensure they are readily accessible for an audit. For more information on the PAAS Vault call 608-873-1342.
  • Have robust written policies and procedures which outline how your pharmacy will meet all program requirements including, but not limited to:
    • Checking for changes in a patient’s medication use and opioid tolerance
    • Documenting the patient’s around-the-clock opioid medication and RDA
    • Verifying the prescriber and the patient are enrolled in the TIRF REMS Program
    • Providing the patient with the product-specific Medication Guide and counseling
    • Reporting adverse events
    • Prohibiting the distribution, transfer, loaning or selling of TIRF medicines to other providers
  • For access to the full FDA TIRF REMS program information, access the FDA REMS online database