Skip to main content Skip to home page

Compliance Training Attestation

Medicare Compliance First Tier, Downstream, and Related Entities Attestation

Deaconess Health Plans (DHP) performs credentialing for Managed Medicare networks.  The Centers for Medicare & Medicaid Services (CMS), refers to our contracted partners as First-Tier, Downstream, and Related entities (FDR’s). As such, DHP is required to effectively manage and oversee our FDRs that assist us in providing administrative and/or health care services for our Medicare beneficiaries which include but are not limited to providers, pharmacies, pharmacy benefits managers, claim administration vendors, field marketing organizations, agents, and other contracted vendors. Each FDR must complete an annual attestation.

What Are First Tier, Downstream, and Related Entities? 

First Tier Entity is any party that enters into a written arrangement, acceptable to CMS, with a Medicare Advantage Organization (MAO) or Part D plan sponsor or applicant to provide administrative services or health care services to a Medicare eligible individual under the Medicare Advantage (MA) program or Part D program. (See, 42 C.F.R. § 423.501).

Downstream Entity is any party that enters into a written arrangement, acceptable to CMS, with persons or entities involved with the MA benefit or Part D benefit, below the level of the arrangement between an MAO or applicant or a Part D plan sponsor or applicant and a first tier entity. These written arrangements continue down to the level of the ultimate provider of both health and administrative services. (See, 42 C.F.R. § 423.501).

Related Entity means any entity that is related to an MAO or Part D plan by common ownership or control and
  1. Performs some of the MAO or Part D plan’s management functions under contract or delegation;
  2. Furnishes services to Medicare enrollees under an oral or written agreement; or
  3. Leases real property or sells materials to the MAO or Part D plan sponsor at a cost of more than $2,500 during a contract period. (See, 42 C.F.R. § 423.501).
The following are requirements in order to complete the Attestation:

Medicare Parts C & D Fraud, Waste, and Abuse (FWA) Training and General Compliance Training
Applicable employees should complete CMS’ Combating Medicare Parts C & D Fraud, Waste, and Abuse Training module (unless the organization is “deemed” to have met the FWA training requirement) and CMS’ Medicare Parts C & D General Compliance Training within 90 days of hire and annually thereafter. 

Deemed status refers to those entities enrolled in Parts A or B of the Medicare program or through accreditation as a supplier of Durable Medical Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS). If not “deemed” the training will need to be completed on the Medicare Learning Network (MLN) or was incorporated, unmodified, into existing training materials/systems for applicable employees and FDR’s. 

Training should include the following topics: description of the compliance program including policies and procedures, code of conduct, how to report issues, non-retaliation, Stark, Anti-kickback, False Claims, HIPAA/HITECH, etc. CMS no longer requires FDRs to complete these trainings:
  • January 2019 Medicare Parts C and D General Compliance
  • January 2019 Combating Medicare Parts C and D Fraud, Waste, and Abuse
Instead, you may use and complete your own version of general compliance and FWA training. It can be specific to your organizational needs.  A link is provided below for CMS Combating Medicare Parts C & D Fraud, Waste and Abuse that you can use.

These records should be kept for a minimum of 10 years.
  Code of Conduct and Compliance Policies
Deaconess Health Plans Code of Business and Professional Ethics provides guidelines directing the activities and behavior of our organization, its boards of directors and managers, medical staff and employed staff.  This Code assists us in identifying our values and choosing among alternative courses of action in decision- and policy-making.  Each FDR should have a code of conduct comparable to DHP or share DHP’s code of conduct with staff at time hire and annually thereafter.
Code of conduct >

OIG/GSA Exclusion Screening
Organizations (FDR’s) must review the Department of Health and Human Services (DHHS) Office of Inspector General (OIG) List of Excluded Individuals and Entities and the General Service Administration for Award Management (GSA/SAM) Excluded Parties Lists prior to the hiring or contracting with employees, temporary employees, volunteers, consultants, governing body members, and entities partnered/contracted with to provide benefits or services including FDR’s.  These lists will be checked monthly thereafter to ensure that none of these persons or entities are excluded in the federal health care programs. Monthly screening are required to ensure no one is excluded after the initial hire phase.  An entity may not receive Medicare payment for items or services furnished or prescribed by an excluded provider or entity.  
  Reporting FWA and Compliance Concerns
Employees should be aware they are to report concerns to DHP compliance officer and should not be afraid of retaliation.
Deaconess Health Plans Compliance Information is below:
Phone Number       1-812-450-2361
Hot Line                     1-855-834-6438
Fax                              1-812-471-2061

Offshore Subcontractor Reporting
As an FDR that contracts with DHP, you must ensure that your Downstream or Related Entities do not engage in offshore operations for any of DHP Medicare related work without first having contacting DHP. 

Ongoing Monitoring and Auditing
CMS requires that DHP monitors and audits their downstream entities to ensure compliance with applicable laws and regulations.  If you decide to contract with other entities for contracted Medicare business, you will also have to monitor them.  As part of our monitoring, DHP requires each FDR to complete and return an attestation.  As part of that attestation, DHP will periodically monitor our FDR’s for compliance with our contract and these terms.  If you perform audits of downstream entities, we may ask to see them as well.
The monitoring and auditing requirements are found in 42 CFR § 422.503(b)(4)(vi)(F) for MA and Manual, Chapter 21 § 50.6.6
Provider Attestation > 
Top Back to top