Banner Health Compliance Training

February 14, 2022

Event title/location if applicable

Banner Health Compliance Training

Ethics & Compliance Department

Course Objectives

As a result of completing this course, you will be able to:

1. Understand Banner’s Corporate Integrity Agreement (CIA) 2. Describe Banner’s Compliance Program 3. Identify the seven elements of an effective compliance program 4. Recognize key laws and regulations governing the health care industry 5. Explore common conflict-of-interest scenarios

Introduction

At Banner Health (Banner), we strive to always act with integrity and work within the law.

Banner’s Code of Conduct provides guidance to board members, employees, medical staff, volunteers, students, contractors, agents, and others to assist us in carrying out our daily activities within appropriate ethical and legal standards.

Introduction

Legal obligations apply to our relationships with our patients, beneficiaries, third-party payers, independent contractors, vendors, consultants, volunteers, and one another. These obligations require that we conduct business not only in compliance with laws and regulations, but also in an ethical manner.

Banner’s Corporate Integrity Agreement (CIA)

Banner’s Corporate Integrity Agreement (CIA)

Background: In April of 2018, Banner agreed to pay the United States over $18 million to settle allegations that 12 of its hospitals in Arizona and Colorado admitted patients for medical treatment who should have been treated on an outpatient basis.

The settlement resolved a 2013 lawsuit filed in the United States District Court for the District of Arizona under the qui tam or whistleblower provisions of the False Claims Act.

As part of the settlement, Banner also entered into a CIA with the U.S. Department of Health and Human Services Office of Inspector General (OIG).

The CIA is essentially a contract with the OIG in which Banner commits to engage in certain compliance efforts over the next five years. The CIA became effective April 9, 2018.

Banner anticipates being officially released from its CIA by the end of 2023.

Banner’s Corporate Integrity Agreement (CIA) Banner’s CIA is available on the OIG website. Under the CIA, Banner must maintain – and in some cases expand – its Compliance Program to meet the CIA requirements. Fortunately, Banner already has an established Compliance Program that meets many of the requirements in the CIA. However, certain changes – including new compliance personnel, policies, procedures, and processes – have been implemented.

Banner’s Corporate Integrity Agreement (CIA) The CIA applies to all “Covered Persons” at Banner.

Covered Persons are defined as: ● All owners who are natural persons, officers, directors, and employees of Banner ● All contractors, subcontractors, agents, and other persons who furnish patient care items or services or who perform billing or coding functions on behalf of Banner, excluding vendors whose sole connection with Banner is selling or otherwise providing medical supplies or equipment to Banner ● All physicians and other non-physician practitioners who are members of Banner’s active medical staff at covered facilities ● Covered Persons do not include part-time or per diem employees, contractors, subcontractors, agents, and other persons who are not reasonably expected to work more than 160 hours during a year.

Banner’s Corporate Integrity Agreement (CIA) Since the CIA is the result of a short-stay investigation at certain hospitals (covered facilities), some provisions of the CIA only apply to those 12 covered facilities.

The 12 covered facilities are:

● Banner Baywood Medical Center ● Banner Heart Hospital ● Banner Boswell Medical Center ● Banner Del. E. Webb Medical Center ● Banner Desert Medical Center ● Banner Estrella Medical Center ● Banner Gateway Medical Center ● Banner University Medical Center Phoenix ● Banner Ironwood Medical Center ● Banner Thunderbird Medical Center ● North Colorado Medical Center ● McKee Medical Center

Banner’s Corporate Integrity Agreement (CIA)

The CIA contains several requirements, including, but not limited to, obligations related to:

Compliance Personnel Board Oversight Management Certifications Written Standards Training & Education The Independent Review Organization (IRO) Internal Controls Reporting

Banner’s Corporate Integrity Agreement (CIA)

The CIA requires Banner to maintain a Chief Compliance Officer. The Chief Compliance Officer at Banner is David Ledbetter, the Vice President of Ethics & Compliance. The Chief Compliance Officer: ● Develops and implements compliance policies, procedures, and practices ● Makes periodic reports regarding compliance matters to the Board ● Notifies the OIG about certain reportable events, investigations, and legal proceedings

● Chairs the System Compliance Committee Area Compliance Program Directors:

Under the CIA, Banner must also appoint Area Compliance Program Directors. The Area Compliance Program Directors are the Compliance Officers in the facilities, clinics, and ancillary service areas. The Compliance Officers assist the Chief Compliance Officer in implementing Banner’s Compliance Program and monitor the day-to-day compliance activities in their areas.

Banner’s Corporate Integrity Agreement (CIA) Written Policies and Procedures Under the CIA, Banner must have written policies and procedures regarding the operation of its Compliance Program as well as Banner’s compliance with Federal health care program requirements. Banner has several compliance policies. Some of them are included in this course, and others are available upon request. Training and Education Banner is also required to provide compliance training and education to all Covered Persons regarding Banner’s Compliance Program, Banner’s CIA requirements, and applicable Federal health care program requirements, including the Anti-Kickback Statute and the Stark Law. Banner must provide its training materials and records to the OIG upon request. Review Organization To comply with the CIA, Banner engaged an Independent Review Organization (IRO) to perform two audits each year. First, a claims review and, second, an inpatient medical necessity and appropriateness (or short stay) review. Each audit is conducted at two covered facilities that are selected by the OIG.

Banner’s Corporate Integrity Agreement (CIA)

Banner has implemented various internal control processes as outlined below:

Disclosure Program Banner has a Disclosure Program that allows individuals to disclose – outside their chain of command – any identified issues or questions associated with Banner’s policies, conduct, practices, or procedures with respect to a Federal health care program that they believe to be potential violations of criminal, civil, or administrative law. All Covered Persons have a duty to report potential compliance issues.

There are several avenues for reporting including: • A supervisor • A department manager or director • The Compliance Officer • The Ethics & Compliance Department • ComplyLine (confidential hotline)

Banner’s policy: Compliance: Reporting and Investigating Potential Compliance Issues

Banner’s Corporate Integrity Agreement (CIA)

Exclusion Screenings Banner has an exclusion screening process which consists of screening Covered Persons to ensure that they are not ineligible persons prior to engaging their services and on a monthly basis thereafter. • Ineligible persons are individuals and entities that are currently excluded from participation in any Federal health care program or that have been convicted of a criminal offense that requires mandatory exclusion but have not yet been excluded. In addition, Covered Persons must immediately disclose if they become ineligible. Banner’s policy: Compliance: Federal and State Exclusion Review Overpayments Banner has a written policy and procedure regarding the identification, quantification, and repayment of overpayments received from any Federal health care program. • Overpayments are any funds that Banner receives or retains under any Federal health care program to which Banner, after applicable reconciliation, is not entitled under such program. Banner’s policy: Compliance: 60 Day Report/Repay Overpayments

Banner’s Corporate Integrity Agreement (CIA)

As required by the CIA, Banner notifies the OIG about certain Reportable Events within 30 days after making the determination that the Reportable Events exist. Reportable Events include the following : ● Substantial overpayment ● A matter that a reasonable person would consider a probable violation of criminal, civil, or administrative laws applicable to any Federal health care program for which penalties or exclusion may be authorized ● Employment of or contracting with a covered person who is an ineligible person ● The filing of a bankruptcy petition by Banner In addition, Banner is required to submit certain scheduled reports to the OIG. On September 6, 2018, Banner submitted its Implementation Report that discussed the status of its implementation of the CIA requirements. Banner must also submit an Annual Report for each of the five years of the CIA, that discusses the status of Banner’s compliance with the CIA requirements and summarizes Banner’s compliance activities for the Reporting Period.

Banner’s Corporate Integrity Agreement (CIA)

Penalties for Non-Compliance Failure to meet certain CIA obligations may result in monetary penalties called stipulated penalties. For most violations, Banner would be obligated to pay a stipulated penalty of $2,500 per day. For example, Banner may be required to pay $2,500 a day if it fails to appoint Area Compliance Program Directors, and/or train and educate its Covered Persons. In addition, the OIG may exclude Banner from participating in any Federal health care program for materially breaching its CIA obligations. A material breach is defined as: ● Repeated violations or a flagrant violation of any of the obligations under the CIA ● Failure to report a reportable event, take corrective action, or refund overpayments ● Failure to respond to a demand for stipulated penalties ● Failure to engage or use an IRO

Applicable Legal Requirements

Applicable Laws and Regulations

Key Compliance Laws and Regulations: ● Federal False Claims Act ● Deficit Reduction Act ● Health Care Fraud Statute ● Anti-Kickback Statute ● Physician Self-Referral (Stark) Law ● Civil Monetary Penalties Law ● Antitrust laws ● Health Insurance Portability and Accountability Act (HIPAA) ● Emergency Medical Treatment and Labor Act (EMTALA) ● Intellectual Property laws

Applicable Legal Requirements - Federal False Claims Act The Federal False Claims Act is violated when a person “knowingly” makes, uses, or causes to be made or used, a false record or statement to get a false or fraudulent claim paid or approved by the Federal government. The term “knowingly” may be defined as when a person: ● Has actual knowledge of the falsity of the information

● Acts in deliberate ignorance of the truth or falsity of the information ● Acts in reckless disregard of the truth or falsity of the information

The Federal False Claims Act covers fraud involving any federally funded contract or program, such as Medicare or Medicaid, with the exception of tax fraud. A “ claim ” includes any request or demand for money (such as a bill for medical services) that is submitted to the U.S. government or its contractors.

Applicable Legal Requirements - Federal False Claims Act

There are various penalties for violating the Federal False Claims Act, including: • Significant civil monetary penalties for each false claim submitted • Payment of up to three times the amount of damages sustained by the U.S. government • Exclusion from participating in Federal health care programs such as Medicare and Medicaid Qui Tam or Whistleblower: The Federal False Claims Act includes “ qui tam ” or “ whistleblower ” provisions which encourage individuals to report misconduct involving false claims. Qui tam provisions allow any person – known as a “ relator ” – with actual knowledge of false claims activity to file a lawsuit in federal court on behalf of the federal government. A relator cannot be suspended, threatened, or otherwise retaliated against for filing a qui tam lawsuit. If the government decides to join the relator’s lawsuit, the prosecution is directed by the Department of Justice.  If the lawsuit is successful, the relator may: ● Receive an award ranging from 15 to 30 percent of the amount recovered by the government ● Be entitled to reasonable expenses, including attorney’s fees and costs for filing the lawsuit

Applicable Legal Requirements - Deficit Reduction Act To provide consistent enforcement throughout the country, the Deficit Reduction Act of 2005 (DRA) encourages each state to have its own False Claims Act that is comparable to the Federal False Claims Act. Many States have adopted similar State laws pertaining to penalties for false claims and statements, whistleblower protections, and administrative remedies for false claims . Under the DRA, States may keep an additional 10 percent of any recoveries obtained if they have a State law that: ● Establishes liability for the same type of false claims prohibited under the Federal False Claims Act ● Contains incentives that are at least equal to the Federal whistleblower incentives ● Provides for qui tam lawsuits to be filed under seal ● Provides for civil penalties at least as high as the Federal penalties

Banner has a policy addressing the applicable false claims laws for each state in which it operates.

Applicable Legal Requirements - Health Care Fraud Statute The Health Care Fraud Statute states, “Whoever knowingly and willfully executes, or attempts to execute, a scheme or artifice to defraud any health care benefit program … shall be fined under this title or imprisoned not more than 10 years, or both.” Conviction under the statute does not require proof the violator had knowledge of the law or specific intent to violate the law. For more information, refer to 18 USC Sections 1346–1347. Persons who knowingly make a false claim have committed criminal health care fraud and may be subject to: ● Criminal fines up to $250,000; and/or ● Imprisonment for up to 20 years.

If the violations resulted in death, the individual may be imprisoned for any term of years or for life.

Applicable Legal Requirements - Anti-Kickback Statute The Anti-Kickback Statute (AKS) is a Federal criminal law prohibiting persons from knowingly and willfully offering, paying for, seeking, or receiving anything of value to bring about a referral for medical services (in whole or in part) or goods payable under a Federal health care program. The AKS prohibits kickbacks and bribes. It also affects the way health care entities carry out a broad range of ordinary business deals. Safe Harbors Certain business practices may be acceptable under the AKS if they satisfy safe harbors. They include but are not limited to: ● Personal services and management contracts ● Office and equipment leases ● Certain managed care arrangements ● Discounts All the elements of the safe harbor must be satisfied to qualify for protection. If an arrangement falls outside the safe harbor, however, it is not necessarily a violation of the AKS. Failure to comply with the AKS can result in fines, jail time, civil monetary penalties, and/or exclusion from Federal health care programs. For more information, refer to 42 USC Section 1320a-7b(b).

Applicable Legal Requirements - Physician Self-Referral (Stark) Law The Stark Law is a Federal law prohibiting a physician from referring Medicare patients for certain types of services — known as designated health services (DHS) — to an entity with which the physician (or immediate family member) has a financial relationship, unless an exception exists. The Stark Law also prohibits the entity that provided the DHS from submitting claims to Medicare for services that were referred by the physician. Good or bad intent does not matter under the Stark Law. Physician arrangements must fall within an exception, such as those for leases and personal services contracts, in order to comply with the Stark Law. If there is a financial relationship with a referring physician, the relationship must accurately satisfy an exception – even if the arrangement has nothing to do with Medicare patients.  Examples of violations of the Stark Law are non-employed physicians: ● Providing services without a contract ● Occupying hospital space without a lease Failure to comply with the Stark Law can result in the obligation to refund money, civil monetary penalties, and/or exclusion from Federal health care programs. For more information, refer to 42 USC Section 1395nn.

Applicable Legal Requirements - Civil Monetary Penalties Law

Under the Civil Monetary Penalties (CMP) Law, the Office of Inspector General (OIG) may impose civil penalties for several reasons, including: ● Arranging for services or items from an excluded individual or entity ● Providing services or items while excluded ● Failing to grant the OIG timely access to records ● Knowing of and failing to report and return an overpayment ● Making false claims ● Paying to influence referrals Damages and penalties can be assessed but the amount is dependent upon the type of violation. Violators are also subject to three times the amount: ● Claimed for each service or item ● Of remuneration offered, paid, solicited, or received For more information, refer to 42 USC 1320a-7a and the Social Security Act, Section 1128A(a).

Applicable Legal Requirements - Antitrust Laws Antitrust laws forbid companies from doing business in a way that gives them too much control in the marketplace. The purpose of these laws is to preserve competition. These laws may affect your dealings with patients, physicians, payers, suppliers, and competitors of Banner. One application of antitrust laws is prohibition of price fixing. Price fixing is an agreement between business competitors to provide the same service at the same price. In the U.S., price fixing can be prosecuted as a criminal felony offense under the Sherman Antitrust Act. Even exchanging prices may violate antitrust laws.

Applicable Legal Requirements - HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) is a law which governs the way health-related information is used and disclosed by health care providers. HIPAA: ● Creates greater access to health care insurance ● Strengthens the protection of privacy of health care data ● Promotes standardization and efficiency in the health care industry ● Safeguards against unauthorized access to protected health care information Information about a patient’s medical condition is highly sensitive, and its confidentiality must be maintained. All Banner team members with access to protected health care information must comply with HIPAA. In general, Banner employees, contractors, subcontractors, agents, and others should not use or disclose patient-specific information with others (besides the patient) unless that information is necessary for treatment, payment, or health care operations; it is with the patient’s written authorization; or it is required by law. These individuals should also be careful not to discuss patient-specific information in public areas where it can be easily overheard. Similarly, patient- specific information should never be posted or transmitted through non-secure means.

Applicable Legal Requirements - EMTALA Banner must meet or exceed the requirements of Emergency Medical Treatment and Labor Act (EMTALA) in providing emergency medical treatment to all patients. All patients must be treated regardless of their: ● Race ● Religion ● National origin ● Age ● Gender ● Physical condition ● Ability to pay Banner will provide an appropriate medical screening within the capability of the facility’s emergency department (including routine ancillary services) to determine whether an emergency medical condition exists. If so, the facility will provide any necessary stabilizing treatment or, if it lacks the capability to provide the treatment, will arrange for the appropriate transfer of the patient to another facility.

Applicable Legal Requirements - Intellectual Property

Intellectual property includes patents, trademarks, service marks, trade secrets, copyrights, proprietary information, and inventions or techniques. Intellectual property is protected by Federal and State laws. Violations of intellectual property laws may result in personal civil damages or criminal charges. Team members who use intellectual property owned by Banner or other entities in their work must be very careful not to disclose such information to others unless authorized to do so. The use of this information for their own purposes is prohibited.

Potential Risk Areas Banner employees, contractors, subcontractors, agents, and others should be aware of the following potential risk areas:

• Fraud, waste, and abuse • Prohibited billing practices

• Offshore activities • Conflict of interest

Fraud, Waste, and Abuse

Fraud Fraud is knowingly and willfully executing, or attempting to execute, a scheme or artifice to defraud any health care benefit program to obtain, by means of false or fraudulent pretenses, representations, or promises, any of the money or property owned by, or under the custody or control of, any health care benefit program. In other words, fraud is intentionally submitting false information to the government or a government contractor to get money or a benefit. Waste Waste includes practices that, directly or indirectly, result in unnecessary costs to a health care benefit program , such as overusing services. Waste is generally not considered to be caused by criminally negligent actions but rather by the misuse of resources. Abuse Abuse includes actions that may, directly or indirectly, result in unnecessary costs to a health care benefit program . Abuse involves paying for items or services when there is no legal entitlement to that payment, and the provider has not knowingly or intentionally misrepresented facts to obtain payment.

Fraud, Waste, and Abuse There are differences among fraud, waste, and abuse. One of the primary differences is intent and knowledge. Fraud requires intent to obtain payment and the knowledge the actions are wrong. Waste and abuse may involve obtaining an improper payment or creating an unnecessary cost to a health care benefit program , but do not require the same intent and knowledge. Examples of actions that may constitute fraud include: ● Knowingly billing for services not furnished or supplies not provided, including billing Medicare for appointments the patient failed to keep ● Billing for nonexistent prescriptions ● Knowingly altering claim forms, medical records, or receipts to receive a higher payment Examples of actions that may constitute waste include: ● Conducting excessive office visits or writing excessive prescriptions ● Prescribing more medications than necessary for treating a specific condition ● Ordering excessive laboratory tests

Fraud, Waste, and Abuse Examples of actions that may constitute abuse include: ● Unknowingly billing for unnecessary medical services ● Unknowingly billing for brand name drugs when generics are dispensed ● Excessively charging for services or supplies without intent ● Unknowingly using incorrect codes on a claim, such as upcoding or unbundling codes How Do You Prevent Fraud, Waste, and Abuse? ● Look for suspicious activity ● Conduct yourself in an ethical manner ● Ensure accurate and timely documentation, coding, and billing ● Know the Code of Conduct, compliance policies, laws, regulations, and CMS guidance ● Verify all received information How Do You Correct Fraud, Waste, and Abuse? Once fraud, waste, or abuse is detected, promptly correct it. Correcting the problem saves the government money and ensures your compliance with Federal health care program requirements. It is important to develop a plan to correct the issue. The actual plan is going to vary, depending on the specific circumstances.

Prohibited Billing Practices Submitting claims for payment by Federal health care programs that contain incorrect or inappropriate diagnostic or procedural codes may violate the Federal False Claims Act. Incorrect or inappropriate coding may be caused by incomplete documentation or not understanding the coding guidelines. Banner’s policy entitled Compliance: Basic Requirements for Third Party Billing; Prohibited Billing Practices , spells out four major prohibited billing practices. Any violation of this policy that appears to be intentional must be immediately reported to the Ethics & Compliance Department. If violations are discovered, Banner will take all reasonable steps to cure any harm caused by the discovered violations. Billing for Items or Services Not Rendered Billing for items or services that have not been rendered is a prohibited billing practice. This includes items that were ordered but never actually performed.

Prohibited Billing Practices Falsifying Documentation

Billing for items or services based on falsified documentation is a prohibited billing practice. Falsified documentation includes notes of visits or procedures that were not actually performed, documentation that intentionally misconstrues or exaggerates a patient’s diagnosis to obtain more coverage, forged signatures, and false documentation of a physician’s presence during a procedure. Using Incorrect Provider Numbers Billing for services using a provider number not assigned to the providing clinician is a prohibited billing practice. Unless allowed by a specific rule, regulation, or contract provision, bills may not be submitted using the provider number of a clinician who was not the actual provider of the services. Using Incorrect Charge Codes Billing for items or services using incorrect charge code information is a prohibited billing practice. Charge codes, modifiers, and other billing information must accurately reflect the items or services actually provided.

Offshore Contracting Limitations If contractors, subcontractors, agents, and other persons plan to outsource any work for Banner overseas, they need to contact Banner’s Legal Department and/or the Ethics & Compliance Department. Medicare and Medicaid have specific contracting limitations for outsourcing work to other countries. Medicare Offshore Contracting Limitations ● At a minimum, CMS requires notification of any use of an offshore contractor, whether Banner contracts directly with the offshore contractor or Banner’s contractor subcontracts with an offshore entity or person ● Some of Banner’s contracts with Medicare Advantage plans further limit the use of offshore contractors ● If Banner team members are going to use an offshore contractor, they must work with Legal during the contract process to give Banner sufficient time to evaluate the limitations that may be involved.

Offshore Contracting Limitations

Other things to Consider: ● Medicare can prohibit Banner from using the contractor ● Both Banner and the offshore contractor will be required to sign attestations regarding the offshore activity Medicaid also has offshore contracting limitations, particularly in Arizona. Incorrect usage of offshore contractors could result in fines and other penalties from either the State or Federal government.

Conflicts of Interest Everyone, including contractors, subcontractors, agents, and others, has a duty to avoid conflicts of interest or the appearance of conflicts of interest. Banner has developed specific policies regarding how its team members should act to prevent conflicts of interest. A conflict of interest can arise whenever an individual’s financial interests or those of his or her immediate family member conflict or appear to conflict with the interests of Banner. A financial interest occurs when an individual has, directly or indirectly, through business, investment or immediate family: ● An ownership or investment interest in any entity with which any Banner entity does business ● A compensation arrangement with any entity or individual with which a Banner entity does business, or ● A potential ownership or investment interest in, or compensation arrangement with, any entity or individual with which a Banner entity is negotiating a transaction or arrangement

Conflicts of Interest

Outside Business Associate An Outside Business Associate is an entity or individual with which Banner does business, or may do business, including anyone who has an ownership or a compensation arrangement with any entity or individual with which Banner does or may do business. An item cannot be accepted from an Outside Business Associate if it is offered, given, requested, or accepted in exchange for or to induce referrals or other business that may be reimbursed by a Federal health care program. Banner’s applicable policy: Compliance: Acceptance of Items from Outside Business Associates

Conflicts of Interest Except as outlined below, Banner employees cannot accept or solicit items from Outside Business Associates. Nothing in this section should be understood as encouragement to offer items to Banner employees. Business or Personal Gifts ● Must never ask for gifts (this includes gifts of food)

● Can only accept gifts of nominal value ($50 or less per gift) ● No more than four gifts per Outside Business Associate per year ● Unable to accept cash or cash equivalents Meals and Entertainment ● Requires the hosting individual to attend the event ● Unable to accept:

● Tickets to social or entertainment events valued above $500 per person per calendar year ● More than four meals and/or entertainment items per Outside Business Associate per year ● Business meals exceeding $50 per person ● Sponsored department meals exceeding $20 per person

Conflicts of Interest Sponsored Training and Education ● Must serve a legitimate training and educational purpose ● Outside Business Associate must pay subsidies for offsite conferences directly to the conference sponsor or to an established Banner charitable foundation ● May attend a sponsored event at an Outside Business Associate’s invitation if no registration fee is charged to any invitee or the same fee is charged to every invitee (and) ● May accept honoraria under certain circumstances Travel Expense Reimbursement ● Must never ask for trip expenses ● Must never accept reimbursement of travel expenses if they are intended to unduly influence any business decisions that involve Banner Banner employees may accept reimbursement of travel expenses pursuant to a contract or to inspect a vendor pending an active purchase decision if approved by a supervisor.

Conclusion

Your Role in Compliance

Compliance at Banner is everyone’s responsibility. As one of Banner’s team members, you must conduct yourself in an ethical and legal manner. It’s about doing the right thing!

This would include such things as: ● Acting fairly and honestly ● Adhering to high ethical standards in all you do ● Complying with all Federal health care program requirements ● Reporting suspected violations ● Asking questions if you have any compliance concerns

Event title/location if applicable

Thank you for completing Banner Health’s Compliance Training.

If you have any questions regarding this training, please contact BannerHealthComplianceTraining@bannerhealth.com .

Ethics & Compliance Department BannerHealthComplianceTraining@Bannerhealth.com

To access Banner Health Compliance Policies click here: https://www.bannerhealth.com/about/vendors