Common experience and our data† suggest that the offices/entities/practitioners subjected to HIPAA and Medicare billing (ACA/OIG) audits and fines and healthcare office OSHA audits and inspection are in the following relative percentages:
- HIPAA – 35.9%
- Medicare ACA/OIG – 56.1%
- OSHA – 8.0%
Discussion: Although HIPAA fine exposure is relatively low compared to Medicare audit exposure, the consequences can be much higher (hefty fines, onerous consent agreements, large mitigation expenses – particularly for HIPAA Security issues…).
Quick Q & A – Administrative Law & Healthcare Compliance:
Q: So, if we get a Medicare audit and penalty, how does CMS collect this money?
A: Simple they immediately garner your CMS (Medicare) accounts receivable. They take it out of your Medicare reimbursements until it is paid off…
Point of Fact: In case you did not know: CMS and HHS (and the IRS – the agency also now charged with healthcare regulatory compliance under the Affordable Care Act) are executive branch actors (under Article II of the Constitution) that do not necessarily need to nor do they actually follow the commonly held aphorism of “innocent until proven guilty” that applies to Article III institutions (the judicial courts). Thus, any Medicare penalty (based upon the analysis of a commission-based auditor’s findings) can be immediately clawed out of your CMS/Medicare accounts receivable until completely paid. This is not to mention the $10,000+ per incident and treble damages for qui tam/whistleblower cases (we do not consider this segment in our analysis since these are generally bad actors).
Stay on guard and make sure you know the rules.
†Source: EPCompliance.com, cumulative data, Customer Console audit defense request submissions, November 1, 2014 through June 15, 2018.
https://www.epicompliance.com/ (Automated, Online HIPAA and Healthcare Compliance)