Standards of Conduct Compliance & Training Requirements for Providers - First Tier, Downstream & Related Entities (FDR)

Transcription

1 Compliance & Training Requirements for Providers - First Tier, Downstream & Related Entities (FDR) 5100 Commerce Crossings Louisville, KY (Main Office Number) (Provider Services) (Compliance)

2 Section Contents Page Section I Introduction 2 Section II Laws and Regulations 3 Section III Medicare Compliance Program Requirements 5 Section IV Standards of Conduct (Code) 8 Section V Violations of Standards of Conduct 13 Section VI Attestation example 13 Section VII Contact Information 16 Section VIII Frequently asked Questions 16 Page 1

3 I. Introduction As a Provider contracted with University Health Care, Inc. d/b/a Passport Advantage (HMO SNP), you and/or your organization are a first tier entity under applicable Medicare regulations and must comply with certain CMS training and oversight requirements. FDRs are expected to adhere to these Standards of Conduct when conducting business on behalf of Passport Advantage. These requirements apply to you and all of your employees, including temporary workers and volunteers, who provide health or administrative services in connection with Passport Advantage s Medicare Advantage program (including but not limited to employees who engage in data entry, claims filing, or patient care- collectively referred as Staff. FDR stands for First Tier, Downstream and Related Entities. First Tier Entity: is any party that enters into a written arrangement, acceptable to CMS, with an MAO or Part D plan sponsor or applicant to provide administrative services or health care services to a Medicare eligible individual under the MA program or Part D program. i. Downstream Entity: is any party that enters into a written arrangement, acceptable to CMS, with persons or entities involved with the MA benefit or Part D benefit, below the level of the arrangement between an MAO or applicant or a Part D plan sponsor or applicant and a first tier entity. These written arrangements continue down to the level of the ultimate provider of both health and administrative services. ii. Related Entity: means any entity that is related to an MAO or Part D sponsor by common ownership or control and 1. Performs some of the MAO or Part D plan sponsor s management functions under contract or delegation; 2. Furnishes services to Medicare enrollees under an oral or written agreement; or 3. Leases real property or sells materials to the MAO or Part D plan sponsor at a cost of more than $2,500 during a contract period. This Compliance Guideline summarizes your Medicare Compliance Program responsibilities including expected standards of conduct & training requirements. A critical element to University Health Care (UHC) is our commitment to promoting an ethical and compliant approach while conducting business in compliance with all applicable federal and state laws and regulations. UHC is dedicated to take all necessary steps to effectively ensure that our First Tier, Downstream and Related Entities (FDRs) fulfill specific Medicare program requirements. The Code of Federal Regulations (C.F.R) details the Medicare Compliance requirements and is further described in the Medicare Managed Care Manual, Chapter 21-Compliance Program Guidelines and Prescription Drug Benefit Manual, and Chapter 9 -Compliance Program Guidelines released by Centers for Medicare & Medicaid Services (CMS). Page 2

4 II. Compliance with Laws & Regulations Passport Advantage expects FDR s to operate and conduct business in accordance with all applicable federal and state laws, and CMS requirements, including but not limited to Title XVIII of the Social Security Act o Enacted in 1965, Title XVIII of the Social Security Act established regulations for the Medicare program, which guarantees access to health insurance for all Americans, aged 65 and older, younger people with specific disabilities, and individuals with end stage renal disease Title 42 C.F.R. 422 and 423 o The United States Code dealing with public health, social welfare, and civil rights including Medicare regulations governing parts C and D False Claims Acts{FCA} (31 U.S.C ) o The FCA prohibits any person from submitting a claim to the federal government that he or she knows (or should know) is false. The FCA is a law that provides a cause of action to the United States and private whistleblowers for treble damages and civil penalties when false or fraudulent claims for payment are made to the federal government Federal Criminal False Claims Statutes (18 U.S.C. 287,1001) Page 3

5 o Under this law the Federal Government makes it a criminal offense for any person to make or present a false, fictitious, or fraudulent claim to a department of the United States; knowing such claim was false, fictitious or fraudulent; and doing so with the specific intent to violate the law or with a consciousness that what he was doing was wrong Fraud Enforcement and Recovery Act (FERA)of 2009 o This comprehensive legislation expands the reach of federal law and increases funding for federal agencies to combat financial fraud. FERA expands potential liability for false claims by applying the FCA to more entities and a broader range of transactions, reducing the proof required to establish liability, and expanding the pool of potential whistleblowers that may bring retaliation claims Anti-Kickback Statute (42 U.S.C. 1320a-7b(b ) o The federal Anti-Kickback Statute ( Anti-Kickback Statute ) is a criminal statute that prohibits the exchange (or offer to exchange), of anything of value, in an effort to induce (or reward) the referral of federal health care program business. The Civil Monetary Penalties Law (42 U.S.C. 1320a-7a) o Among other prohibitions; prohibits against offering or transferring remuneration to a Medicare or State health care program beneficiary that the person knows or should know is likely to influence beneficiary selection of a particular provider, for which payment may be made in whole or part by Medicare or State health care program. Stark Law (42 U.S.C 1395nn) o Prohibits a physician from making referrals for certain designated health services (DHS) payable by Medicare to an entity with which he or she (or an immediate family member) has a financial relationship (ownership, investment, or compensation), unless an exception applies o Prohibits the entity from presenting or causing to be presented claims to Medicare (or billing another individual, entity, or third party payer) for those referred services o Establishes a number of specific exceptions and grants the Secretary the authority to create regulatory exceptions for financial relationships that do not pose a risk of program or patient abuse. Health Insurance Portability and Accountability Act o A Federal law that allows persons to qualify immediately for comparable health insurance coverage when they change their employment relationships. Title II, Subtitle F, of HIPAA gives HHS the authority to mandate the use of standards for the electronic exchange of health care data; to specify what medical and administrative code sets should be used within those standards; to require the use of national identification systems for health care patients, providers, payers (or plans), and employers (or sponsors); and to specify the types of measures required to protect the security and privacy of personally identifiable health care information limits how companies can use Page 4

6 your pre-existing medical conditions to keep you from getting health insurance coverage. III. Medicare Compliance Program Requirements Chapter 21 of the Medicare Managed Care Manual goes on to reference the following expectations. Medicare Managed Care Manual; Chapter 21 Compliance Program Guidelines And Prescription Drug Benefit Manual; Chapter 9 - Compliance Program Guidelines Training Standards of Conduct (Chapter 21 - Rev. 109, Issued: , Effective: ; Implementation: ) (Chapter 9 - Rev. 15, Issued: , Effective: ; Implementation: ) 42 C.F.R (b)(4)(vi)(A), (b)(4)(vi)(A) Standards of Conduct, also known in some organizations as the Code of Conduct or by other similar names, state the overarching principles and values by which the company operates, and define the underlying framework for the compliance policies and procedures. Standards of Conduct expectation is that all employees conduct themselves in an ethical manner; that issues of noncompliance and potential FWA are reported through appropriate mechanisms; and that reported issues will be addressed and corrected. Standards of Conduct are everyone s responsibility from the top to the bottom of the organization Distribution of Compliance Policies and Procedures and Standards of Conduct (Chapter 21 - Rev. 109, Issued: , Effective: ; Implementation: ) (Chapter 9 - Rev. 15, Issued: , Effective: ; Implementation: ) 42 C.F.R (b)(4)(vi)(A), (b)(4)(vi)(A) In order to communicate the sponsor s compliance expectations for FDRs, sponsors should ensure that Standards of Conduct and policies and procedures are distributed to FDRs employees. Sponsors may make their Standards of Conduct and policies and procedures available to their FDRs. Alternatively, the sponsor may ensure that the FDR has comparable policies and procedures and Standards of Conduct of their own Effective Training and Education 42 C.F.R (b)(4)(vi)(C), (b)(4)(vi)(C) Passport Advantage must establish, implement and provide effective training and education for FDRs. The training and education must occur at least annually and be made a part of the orientation FDRs who have met the FWA certification requirements through enrollment into the Medicare program or accreditation as a Durable Medical Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS) are deemed to have met the training and educational requirements for fraud, waste, and abuse. Page 5

7 General Compliance Training 42 C.F.R (b)(4)(vi)(C), (b)(4)(vi)(C) Sponsors must ensure that general compliance information is communicated to their FDRs. The sponsor s compliance expectations can be communicated through distribution of the sponsor s Standards of Conduct and/or compliance policies and procedures to FDRs employees. Distribution may be accomplished through Provider Guides, Business Associate Agreements or Participation Manuals, etc Fraud, Waste, and Abuse Training (FWA) 42 C.F.R (b)(4)(vi)(C), (b)(4)(vi)(C) FDRs employees who have involvement in the administration or delivery of Parts C and D benefits must, at a minimum, receive FWA training within 90 days of contracting and annually thereafter. Sponsors must be able to demonstrate that FDRs have fulfilled these training requirements as applicable. Examples of proof of training may include copies of sign-in sheets, employee attestations and electronic certifications from the employees taking and completing the training. Sponsors must provide the FWA training directly to their FDRs or provide appropriate FWA training materials to their FDRs. To reduce the potential burden on FDRs, CMS has developed and provided a standardized FWA training and education module. The module is available through the CMS Medicare Learning Network (MLN) FDR s are accountable for maintaining records for a period of 10 years of the time, attendance, topic, certificates of completion (if applicable), and test scores of any tests administered to their employees. Communication 50.4 Effective Lines of Communication (Chapter 21 - Rev. 109, Issued: , Effective: ; Implementation: ) (Chapter 9 - Rev. 15, Issued: , Effective: ; Implementation: ) 42 C.F.R (b)(4)(vi)(D), (b)(4)(vi)(D) Passport Advantage must establish and implement effective lines of communication, ensuring confidentiality between the compliance officer, members of the compliance committee, the sponsor s employees, managers and governing body, and the sponsor s FDRs. These lines of communication are accessible to all and allow compliance issues to be reported including a method for anonymous and confidential good faith reporting of potential compliance issues as they are identified Communication and Reporting Mechanisms (Chapter 21 - Rev. 109, Issued: , Effective: ; Implementation: ) (Chapter 9 - Rev. 15, Issued: , Effective: ; Implementation: ) 42 C.F.R (b)(4)(vi)(D), (b)(4)(vi)(D) Page 6

8 FDRs must report compliance concerns and suspected or actual violations related to the Medicare program to Passport Advantage. We enforce a no-tolerance policy for retaliation or retribution against any employee or FDR who in good faith reports suspected FWA. FDR s are protected from retaliation for False Claims Act complaints, as well as any other applicable anti-retaliation protections. Auditing Monitoring and Auditing FDRs (Chapter 21 - Rev. 109, Issued: , Effective: ; Implementation: ) (Chapter 9 - Rev. 15, Issued: , Effective: ; Implementation: ) 42 C.F.R (b)(4)(vi)(F), (b)(4)(vi)(F) Sponsors are responsible for the lawful and compliant administration of the Medicare Parts C and D benefits under their contracts with CMS, regardless of whether the sponsor has delegated some of that responsibility to FDRs. If you subcontract, with other individuals/parties to provide administrative and/or health care services for Passport s Medicare lines of business, you are required to ensure these downstream entities comply with all laws and regulations that apply to first tier entities You or your organization are required to conduct sufficient oversight to test and ensure your employees and downstream entities are compliant with applicable law and retain evidence of completion, and implement corrective action plans or take disciplinary actions, as necessary to prevent recurrence of noncompliance with applicable law. FDR s are prohibited from using any offshore individual or entity to perform any service for Passport Advantage s Medicare line of business if the individual or entity is located outside of the United States unless an authorized Passport representative agrees in advance and in writing. You are required to notify Passport Advantage immediately if you intend to use an offshore entity to perform services for our Medicare members OIG/GSA Exclusion The Act 1862(e)(1)(B), 42 C.F.R (b)(4)(vi)(F), (a)(8), (b)(4)(vi)(F), (a)(6), Review of the DHHS OIG List of Excluded Individuals and Entities (LEIE list) and the GSA Excluded Parties Lists System (EPLS) prior to the hiring or contracting of any new FDR, and monthly thereafter, to ensure that none of these persons or entities are excluded or become excluded from participation in federal programs. Monthly screening is essential to prevent inappropriate payment to providers, pharmacies, and other entities that have been added to exclusions lists since the last time the list was checked. After entities are initially screened against the entire LEIE and EPLS at the time of hire or contracting, you need only to review the LEIE supplement file provided each month, which lists the entities added to the list that month, and review the EPLS updates provided during the specified monthly time frame. Page 7

9 IV. Standards of Code & Conduct Pursuant to Medicare regulations, you must distribute to your Staff a code of conduct and compliance policies and procedures that comply with CMS requirements. The Code and policies and procedures comply with the elements described at 42 CFR (b)(4)(vi)(A) and (b)(4)(vi)(A) and reflect a commitment to comply with applicable statutory and regulatory requirements. If you do not have a Code and policies and procedures already in place, that meets CMS requirements, please require all Staff, as a condition of employment, to read and agree to comply with Passport s code of conduct (Code) within 90 days of initial hiring (or contracting with Passport Advantage) and annually thereafter. Below is Passport s Code of Conduct This Code covers a wide range of business practices and procedures. It does not cover every issue that may arise, but it sets out basic principles to guide associates of Passport. Associates must conduct themselves accordingly and seek to avoid even the appearance of improper behavior. If a law conflicts with a policy in this Code, you must comply with the law. Alternatively, if a local custom or policy conflicts with this Code, you must comply with the Code. If you have any questions about these conflicts, you should ask the Chief Compliance Officer or VP of Human Resources how to handle the situation. Associates are responsible for understanding the legal and policy requirements that apply to their responsibilities and should report any suspected violations of law, this Code, or Passport policy. Passport s success is built on its mission, vision and values. They serve as the basis for Passport s business practices and the rules for associate behavior. Therefore, associates are required to act in a manner consistent with the mission, vision and values. Passport is guided by the following principles: Equal Opportunity - In our work with other people Passport makes no differentiation in respect of gender, skin color, religion, culture, education, social status, or nationality, or other protected status. Respect of contractual and legal obligations - Passport will fulfill all contractual commitments. Transparency - Passport makes sure that all actions and motives are understandable and comprehensive. Confidentiality - Passport handles all business information confidentially whenever its nature necessitates discretion or confidentiality is expressly required. Partnership-based Cooperation - Passport works together with business partners, project partners, and target groups in a fair and reliable manner based on mutual trust. Page 8

10 Ethical Responsibilities Passport s Board has adopted this Code. The responsibility of each associate is to be truthful and cooperate fully with any Passport inquiry, investigation or audit. Associates must not partake in activities that may reflect negatively on Passport. Compliance with the Law and Contractual Obligations Violations of this Code may also be violations of the law and may result in civil or criminal penalties for you or Passport. Therefore, Passport will comply with all federal, state, and local laws and regulations and its contractual obligations. Each associate is responsible for being familiar with laws applicable to Passport and the obligations and responsibilities of its contractual arrangements. Any questions or concerns regarding specific laws or regulations should be brought to the attention of the Chief Compliance Officer or VP of Human Resources. Conflict of Interest A conflict of interest exists when a person s private interest interferes in any way - or even appears to interfere - with the interests of Passport. A conflict situation can arise when an associate takes actions or has interests that may make it difficult to perform his or her Passport work objectively and effectively. Conflicts of interest may also arise when an associate or a member of his or her family, receives improper personal benefits as a result of his or her position at Passport. Actual or potential conflicts of interest should be reported immediately to the Chief Compliance Officer or VP of Human Resources. For further information about conflicts of interest refer to the Passport Conflict of Interest policy. Gifts and Kickbacks Passport has a zero tolerance policy for receiving gifts and entertainment when there is any chance that the purpose is to improperly influence the recipients, violate Passport s policies, or violate the law. Associates should not accept gifts of a value greater than $100. The rules regarding gifts and entertainment apply to anything received as a result of an actual or potential business relationship and for which the recipient does not pay face value. Examples of gifts and entertainment include: meals, travel and travel accommodations for business or vacation purposes, tickets to sporting or cultural events, discounts not available to the general public, gift certificates, vendor product samples for personal use, wine or alcohol and any other merchandise or services. These guidelines apply at all times and do not change during traditional gift-giving seasons, or during the planning of a Passport event. Under no circumstances will Passport accept or give kickbacks when obtaining or awarding contracts, services, referrals, goods, or business. For further information about gifts and gratuities refer to the Business Gifts Policy for Associates. Page 9

11 Confidentiality of Information Associates must not disclose confidential and proprietary information entrusted to them by Passport or its members or vendors, except when disclosure is authorized by the Chief Executive Officer, Chief Compliance Officer or as required by law or regulation. Proprietary information includes all non-public information that might be of use to competitors or harmful to Passport or its members or vendors if disclosed and information that vendors and customer have entrusted to Passport. This also includes protected health information (PHI) protected by the privacy and security provisions of the Health Insurance Portability and Accountability Act (HIPAA). The obligation to preserve confidential and proprietary information continues even after employment ends. Associates are prohibited from taking for themselves opportunities that are discovered through the use of corporate property, information or position without the consent of the Chief Executive Officer or Chief Compliance Officer. No associates may use Passport property, information, or position for personal gain. Also, associates owe a duty to Passport to advance Passport s interests when the opportunity to do so arises. Passport often needs to acquire and retain personal information on individual associates for effective operation of Passport. Passport's policy is to maintain the confidentiality of this information and to limit access to authorized persons who need the information for business or legal purposes. Maintenance and Accuracy of Records Passport requires honest, accurate, and timely recording and reporting of information in order to make responsible business decisions. All business expense accounts must be documented in this manner. All of Passport s books, records, accounts, and financial statements must be maintained in detail, must appropriately reflect Passport s transactions, must be promptly disclosed in accordance with any applicable federal, state, or local laws and regulations and Passport s policies and procedures. Business records and communications should be written professionally because they are subject to public record. Records should always be retained or destroyed according to Passport s Record Retention Policy or applicable law. If a law conflicts with the record retention policy, you must comply with the law. Cooperating with the Government Passport is committed to complying with the laws and regulations that govern the programs we administer (e.g., Medicaid). Passport must always show respect for government and regulatory officials. Passport will cooperate with all reasonable requests for information from government and regulatory agencies. Associates are required to provide truthful and accurate information. Passport will never take any steps that would impede, obstruct, improperly influence the conclusions of, or affect the integrity or availability of any inquiry or investigation performed by government personnel. Page 10

12 Non-Retaliation Policy Passport is committed to adhering to the letter and the spirit of all applicable laws and regulations. Passport requires associates to report suspected or actual occurrence(s) of illegal, unethical or inappropriate events. In doing so, Passport will promote high standards of business and personal ethics amongst associates in the conduct of their duties and responsibilities. Passport prohibits any retaliation against individuals who report suspected or actual occurrence(s) of illegal, unethical or inappropriate activities. Protecting these individuals should not be viewed only as a mechanism designed to avoid associate lawsuits. Instead, protecting these individuals from retaliation and encouraging good faith reporting of suspected or actual occurrence(s) of illegal, unethical or inappropriate activities benefits Passport by increasing transparency and by giving management the opportunity to learn early on of unethical or unlawful practices directly from their associates rather that from the media, law enforcement, or a regulatory agency. In addition, a non-retaliation policy helps foster a work environment in which all associates are held accountable, thereby improving performance and empowering associates. While associates will hopefully feel comfortable raising concerns, associates are reluctant to raise concerns for fear of retaliation, especially where their concerns pertain to unethical or illegal conduct by Passport management. Therefore, Passport is committed to the following: Passport requires associates to disclose, any activity, policy, or practice of Passport, an associate or any other individual that the associate reasonably believes is in violation of a law or regulation mandated pursuant to law or is in violation of a clear mandate of public policy concerning the health, safety, welfare, or protection of the environment. Passport will not retaliate against an associate or any other individual who makes a good faith report of suspected or actual occurrence(s) of illegal, unethical or inappropriate activities including possible violations of state or federal law. Passport will, when appropriate, provide options for associates to raise concerns, including the option of raising a concern anonymously, although confidentiality cannot be guaranteed in all circumstances. For further information about the reporting of suspected or actual occurrence(s) of illegal, unethical or inappropriate events refer to the Non-Retaliation Policy for associates. Solicitation Solicitation either by the public in general or among associates is not allowed on the premises of Passport during scheduled working time. Prohibited solicitations during scheduled working time include, the general public selling retail goods to associates or any associate trying to sell any item to another associate or any other solicitation determined to be inappropriate by Passport. Companies who do business with Passport on a regular basis should conduct their business through authorized Passport personnel. Page 11

13 Representation of Passport Associates should represent Passport in a professional manner. Passport has a duty to be honest and trustworthy in its business dealings with others. Passport must ensure that the information we furnish is accurate, complete, and not misleading. Associates must act ethically in the disclosure of materials and facts to others. Personal Use of Passport Resources Associates are expected to use good judgment in the use of Passport resources. Any use of Passport resources must not result in significant added costs, disruption of business processes, or any other disadvantage to Passport. Political Activity Passport prohibits political contributions directly or through trade associations. This includes: (a) any contributions of Passport funds or other assets for political purposes, (b) encouraging individual associates to make any such contribution, or (c) reimbursing an associate for any contribution. Post - Employment Recruiting and Confidentiality No associate shall use confidential information obtained at Passport to further their own personal interests or the business of a competitor of Passport after employment at Passport has ceased. Code of Conduct and Ethics Reporting Risk avoidance and mitigation is an essential element needed for Passport to obtain its goals and objectives. As such, management is responsible for identifying and reporting actual or potential risks (e.g., operational, legal, financial, regulatory, etc.) that could affect Passport and implementing processes and controls to mitigate these risks. Management must also encourage their direct reports to report any actual or potential illegal, unethical or inappropriate activity. Associates may contact Passport if they want to report suspected or actual occurrence(s) of illegal, unethical or inappropriate activities. The report can be made by: contacting your manager or if uncomfortable speaking to your manager, contact another manager director or Vice President; contacting the Chief Compliance Officer or VP of Human Resources by telephone or by ; calling Passport s Hotline at ; or sending an to ComplianceHotline@passporthealthplan.com. Passport will carefully examine all information reported and maintain the anonymity of the person reporting the possible Code of Conduct and Ethics violation. Passport will, if appropriate as determined by Passport, maintain the anonymity of the person making the report and the overall confidentiality of the matter reported. Page 12

14 V. Violations of Standards of Conduct Compliance with this Code is a requirement of Passport. Suspected violations of Passport s Standard of Code & Conduct, violations of law, CMS regulations, non-compliance with the Medicare program and FWA must be reported to Passport immediately. Any individual who makes a report in good faith will not be subject to retaliation. Those who violate the standards will be imposed with disciplinary actions for these violations which may include, but are not limited to; oral & written warning, suspensions, financial penalties, reporting to appropriate law enforcement agencies and/or contract termination. VI. Attestation Example Below is the example of the Attestation that will be sent out for the 2018 plan year. The Attestation is one document (2 pages) that is set up to capture the various requirements in one signed form CY Provider Attestation As a provider/provider group contracted with University Health Care, Inc. d/b/a Passport Advantage (HMO SNP), you and/or your organization are a first tier entity under applicable Medicare regulations and must comply with certain CMS training and oversight requirements. These requirements apply to you and all of your employees, including temporary workers and volunteers, who provide health or administrative services in connection with Passport Advantage s Medicare Advantage program including but not limited to employees who engage in data entry, claims filing, or patient care - (collectively Staff ) and includes the following requirements: General Compliance (GC) and Fraud, Waste and Abuse (FWA) training- annually I attest that I require all Staff to complete, within 90 days of initial hire or contracting with Passport and annually thereafter, the Medicare Parts C & D Fraud, Waste and Abuse Training and Medicare Parts C and D General Compliance training module set out on CMS Medicare Learning network website within 90 days of initial hiring or contracting with Passport Advantage and annually thereafter located at Standards of Conduct (Code of Conduct) policies and procedures: Pursuant to Medicare regulations, you must distribute to your Staff a code of conduct and compliance policies and procedures that comply with CMS requirements within 90 days of initial hire or contracting with Passport Advantage and at least annually thereafter. I attest that I require all Staff to read and agree to comply with my organization s code of conduct (Code) and policies and procedures within 90 days of initial hire or contracting with Passport Advantage and annually thereafter. The Code and policies and procedures comply with the elements described at 42 CFR (b)(4)(vi)(A) Page 13

15 and (b)(4)(vi)(A) and reflect a commitment to comply with applicable statutory and regulatory requirements. If I do not have a Code and policies and procedures already in place that meets CMS requirements, I will contact my Provider Relations Specialist at Passport and require all Staff, as a condition of employment, to read and agree to comply with the Passport Advantage code of conduct (Code) and policies and procedures within 90 days of initial hiring (or contracting with Passport Advantage) and annually thereafter. Passport Advantage Model of Care (MOC) and Our Product (Passport Advantage Dual Special Needs Plan) Training I attest that I require all Staff to complete, within 90 days of initial hire or contracting with Passport and annually thereafter. The Office of Inspector General s (OIG) List of Excluded Individuals & Entities (LEIE) & General Services Administration (GSA) systems. I attest that I adhere to the requirements to screen all Staff against the Office of Inspector General (OIG) List of Excluded Individuals and Entities (LEIE list) and the General Services Administration (GSA) Excluded Parties Lists System (EPLS) prior to hiring or contracting and monthly thereafter. I also monitor downstream entities and include a review of the LEIE list and EPLS prior to hiring or contracting and monthly thereafter. Maintain training records of the above required training, and be able to produce those records if needed for 10 years I attest that I adhere to the requirements to maintain records of general compliance training, specialized Medicare and fraud, waste and abuse training for all Staff for ten (10) years (Chapters 9 and 21 Compliance Program Guidelines of the Prescription Drug Benefit Manual and Medicare Managed Care Manual). Have in place a system in your organization to receive, record, respond and track compliance questions, concerns & potential FWA that emphasizes a policy of non-retaliation & non-intimidation I attest I have in place a system to receive, record, respond and track compliance questions or concerns and potential fraud, waste and abuse that emphasizes a policy of non-retaliation and non-intimidation for good faith reporting of allegations of noncompliance and potential fraud, waste and abuse within my organization, steps are taken to ensure that such a policy is well-publicized. Monitor or provide the above mentioned training to all Staff and any downstream entities that your organization involves in providing services on behalf of Passport Advantage and/or their Medicare Part C & D members I attest that I adhere to the requirements to provide the above mentioned training to any downstream entities that is involved in providing administrative, health, and/or Page 14

16 prescription services on behalf of Passport Advantage and/or their Medicare Parts C and D members. Report to Passport Advantages Compliance hotline at : I will report any and all reported situations of non-compliance & potential FWA as it relates to Passport Advantage members I attest that I will meet this requirement. ************************************************************************************* It is required that all applicable Staff with in your organization will meet the above attested requirements and you will maintain those records, as well as be prepared to supply that information if necessary or requested by Passport or CMS. By signing;, I agree that I am the authorized representative of my organization and confirm to adhere to all above attested requirements and that all Staff is in compliance with applicable statutory and regulatory requirements pursuant to Title 42 of the Code of Federal Regulations Parts 422 and 423 and guidance provided by CMS. Organization Name (if applicable) Tax ID # (s) Address *please provide address to use for updates to training/compliance requirements communication* Name (Please print clearly) Title Signature Date Page 15

17 VII. Contact Information For questions please contact your Provider Representative (Provider Services) (Main Office Number) (Compliance) VIII. Frequently Asked Questions Passport Advantage Dual Special Needs Plan Health Care Providers Compliance and Training Requirements Frequently Asked Questions & Answers 1. Why did I receive notice to complete training for Passport Advantage-Dual Special Needs Plan (DSNP)? I. As a Healthcare Provider, or Healthcare Provider Group that is contracted with Passport Advantage DSNP, you are considered to be a FDR (See definition below #2). Therefore you are required to ensure that your organization (you, your employees, your downstream and related entities) complete the required training and meet compliance expectations. 2. What is a FDR? i. FDR stands for First Tier, Downstream and Related Entities. i. First Tier Entity: is any party that enters into a written arrangement, acceptable to CMS, with an MAO or Part D plan sponsor or applicant to provide administrative services or health care services to a Medicare eligible individual under the MA program or Part D program. ii. Downstream Entity: is any party that enters into a written arrangement, acceptable to CMS, with persons or entities involved with the MA benefit or Part D benefit, below the level of the arrangement between an MAO or applicant or a Part D plan sponsor or applicant and a first tier entity. These written arrangements continue down to the level of the ultimate provider of both health and administrative services. iii. Related Entity: means any entity that is related to an MAO or Part D sponsor by common ownership or control and 1. Performs some of the MAO or Part D plan sponsor s management functions under contract or delegation; Page 16

18 2. Furnishes services to Medicare enrollees under an oral or written agreement; or 3. Leases real property or sells materials to the MAO or Part D plan sponsor at a cost of more than $2,500 during a contract period. 3. Why is Passport requesting these requirements and training? i. The Centers for Medicare & Medicaid Services (CMS) mandates that all contracted FDR s complete the compliance requirements and requires Sponsors (Passport Advantage DSNP) to ensure that this is done. CMS requires Passport Advantage DSNP to conduct oversight of contracted entities to ensure they are meeting CMS compliance expectations for Part C & D related responsibilities. One of those oversight responsibilities is to ensure FDR s complete training. 4. What is the Purpose of this attestation? i. Passport s purpose in this request is that our contracted healthcare providers verify receipt, acknowledgement and understanding of the training materials and compliance requirements. The attestation helps meet contractual obligations to comply with CMS requirements, and Passport Advantage s policies and procedures and verifies completion of the requirements. 5. Does this requirement apply to my organization? i. Yes; because you or your organization is a FDR by virtue of being contracted with Passport Advantage. 6. Who can sign the Attestation? i. The healthcare provider contracted or the individual authorized to complete attestations and acknowledgements on behalf of your organization. Please make sure that person is not only authorized but can confirm the requirements were satisfactorily met. 7. What is the OIG (Office of Inspector General) & GSA (General Services Administration) exclusion list(s)? i. OIG s List of Excluded Individuals/Entities (LEIE) & GSA s Excluded Parties Lists System (EPLS) provides information to the health care industry, patients and the public regarding individuals and entities currently excluded from participation in Medicare, Medicaid and all other Federal health care programs. Individuals and entities who have been reinstated are removed from the LEIE. The purpose of this screening is to ensure individuals/employees, who are determined by the government to be disqualified from working in Medicare, do not perform any work for Passport Advantage. 8. What must I do if an employee is listed on the exclusion list? i. If any person is found to be on the exclusion list, you are required to immediately remove them from ant work related directly or indirectly to Federal health care programs, including Medicare. Please notify Passport Advantage s Compliance Department at in the event this occurs. Page 17

19 9. How do I access the Exclusions database? i. Please visit the OIG website at & to access the database, as well as obtain further information. 10. Does every Provider in my organization need to sign an Attestation? i. That will be determined by how you are contracted with Passport Advantage DSNP. If every provider in your organization has a direct contract with Passport Advantage DSNP, then yes, each healthcare provider will need to complete an attestation. If you are contracted through a Group Contract, your organization s authorized representative is signing and attesting for your organization that all requirements met for all Providers included in the contract. Please see the Provider Attestation for further detail. 11. Does every Provider need to meet training and compliance requirements listed in the Attestation? i. Yes, Every Provider, who handles our (Passport Advantage DSNP) Medicare business, must take the training and meet compliance requirements. This is defined as all employees, including temporary workers and volunteers, who provide health or administrative services in connection with the plan- essentially anyone performing work on behalf of Passport Advantage 12. Are all Staff members in the organization required meet the training and compliance requirements i. Yes, All Staff, who handles our (Passport Advantage DSNP) Medicare business, must take the training and meet compliance requirements. This is defined as all employees, including temporary workers and volunteers, who provide health or administrative services in connection with the plan- essentially anyone performing work on behalf of Passport Advantage 13. Is this a one- time requirement? i. No, this will be required within 90 days of contracting and then annually thereafter. 14. My organization is already deemed for Fraud, Waste and Abuse (FWA) & General Compliance (GC) and education requirements, why do I have to do this? i. You do not need to repeat the FWA training required by CMS if this has already been done for the current plan year. The attestation states you have met this requirement, so when you sign, that is what you are attesting to. You only need to complete the FWA/GC training through the provided CMS link if you or those in your organization have not already done so for the calendar year. You can also submit certificates of completion for your Staff, along with the Attestation, if that is your choice. 15. My organization already has in place similar training and compliance requirements; do we still have to do this? i. You will not need to repeat the CMS required FWA/GC training if you have already done so through CMS s Medicare Learning Network (MLN). You will need to complete and attest to the remaining requirements listed in the attestation. Once this is complete Page 18

20 and/or confirmed, then you can complete the Attestation stating as such. You can also submit certificates of completion for your Staff, along with the Attestation, if that is your choice. 16. My organization has already completed these requirements for a different Medicare Sponsored plan; do we still have to do this? i. You will not need to repeat the CMS required FWA/GC training if you have already done so through CMS s Medicare Learning Network (MLN). You will need to complete and attest to the remaining requirements listed in the attestation. Once this is complete and/or confirmed, then you can complete the Attestation stating as such. You can also submit certificates of completion for your Staff, along with the Attestation, if that is your choice. 17. What do I need to do, to complete this requirement? i. Please confirm that all items listed in the attestation, your organization is confirming, are met. ii. Once that is done, fill out the attestation by authorized individual, and return to Passport Advantage either through electronic version or hard copy from our Website. 18. What will happen if I do not fulfill this requirement? i. Failure to follow Medicare Program Requirements and CMS guidance can lead to serious consequences including but not limited to; contract termination, criminal penalties; exclusions from participation; civil monetary penalties. 19. What time frame does my organization have to complete these trainings and requirements? i. Please complete and return attestations, no later than 60 days from receipt date. 20. What documentation do I need to retain for proof of meeting training requirements? i. Proof of completion may be in form of employee attestations, attendance/training logs, completion certificates through the CMS MLN website, or other means determined by you to best represent fulfillment of your obligations. You should retain evidence of completion for all employees and Downstream and/or Related Entities for at least 10 years. Passport or CMS may request this evidence to ensure compliance. 21. What documentation does Passport Advantage DSNP need after completion of training and meeting compliance requirements? i. Passport obtains attestations from Providers (dependent on how you are contractedsee FAQ #10) to confirm completion. In addition you are also welcome to send back the training certificates from the FWA/GC training on the MLN. If you do send back these certificates- we still need the attestation as it addresses additional requirements, not just FWA/GC training. 22. Why do I need to retain training records for 10 years? i. This is mandated per CMS. Sponsors are accountable for maintaining records for a period of 10 years of the time, attendance, topic, certificates of completion (if Page 19

21 applicable), and test scores of any tests administered to their employees, and must require FDRs to maintain records of the training of the FDRs employees. 23. Where can I obtain further information regarding CMS requirements? i. Requirements for plan sponsors and their first-tier, downstream or related entities, which include health care providers, are outlined in Title 42 of the Code of Federal Regulations, Part In addition, there is guidance in Chapter 9 of the CMS Prescription Drug Benefit Manual and Chapter 21 of the Medicare Managed Care Manual. 24. Who should I contact for further questions? i. Please contact Provider Page 20