Deaconess Health Plans Compliance Program Guidelines Provider Attestation
Centers for Medicare & Medicaid Services (CMS), requires First Tier, Downstream, and Related Entities (FDRs) that provide administrative and/or health care services for Medicare Parts C and D plans must meet specific CMS compliance program expectations. This attestation confirms your organization has reviewed Deaconess Health Plans on line educational training, Code of conduct, Compliance Policy and your commitment to comply with the CMS requirements. These requirements are listed below, apply to all services your organization, as Deaconess Health Plan downstream entity, provides for Deaconess Health Plan contracted Medicare business described within CMS’s updated guidance on the compliance program requirements and related provisions for Sponsors (“Guidelines”), published in both Pub. 100-18, Medicare Prescription Drug Benefit Manual, Chapter 9 and Pub. 100-16, Medicare Managed Care Manual, Chapter 21.
1. Code of Conduct(“COC”) and/or Compliance Policies
Our organization has adopted either Deaconess Health Plans or a comparable Code of Conduct and/or Compliance Program policies which are provided to applicable employees within 90 days of hire, upon revision, and annually thereafter. Records of employee, contractor and downstream entity acceptance/attestation of the Code of Conduct and Compliance Policies are maintained for at least 10 years.
2. CMS’ Fraud, Waste and Abuse (“FWA”) and General Compliance Training
Our organization’s applicable employees completed CMS’ Combating Medicare Parts C & D Fraud, Waste, and Abuse Training
module (unless we were “deemed” to have met the FWA training requirement) and CMS’ Medicare Parts C & D General Compliance Training
within 90 days of hire and annually thereafter. Deemed status refers to those entities enrolled in Parts A or B of the Medicare program or through accreditation as a supplier of Durable Medical Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS). If not “deemed” the training was completed on Medicare Learning Network (MLN) or was incorporated, unmodified, into existing training materials/systems.
Our organization screens the United States Department of Health & Human Services Office of Inspector General (“OIG”) and General Services Administration’s System for Award Management (“SAM”) exclusion lists prior to hire or contracting, and monthly thereafter, for our applicable employees and Downstream Entities. Any person/entity will be removed from work if found on these lists.
4. Reporting Mechanisms
Employees, contractors and downstream entities are informed of their obligation to report any suspected or detected non-compliance or potential FWA for internal investigation, as well as the disciplinary standards for non-compliant behavior. The reporting mechanisms allows for confidentiality and anonymity and are available 24 hours a day. In addition, we have policies and/or do not allow retaliation against anyone who reports in good faith. As appropriate, our organization reports any applicable incidents to Deaconess Health Plans as they arise.
5. Offshore Operations
If my organization and/ or our Downstream Entities perform work that involves the receipt, processing, transferring, handling, storing or accessing of Protected Health Information (PHI) offshore, we have informed Deaconess Health Plans and have received the necessary approval.
6. Downstream Entity Oversight
My organization either doesn’t use Downstream Entities, or uses Downstream Entities for Deaconess Health Plans’ contracted Medicare business and conducts robust oversight to ensure that they comply with all the requirements described in this attestation and any applicable laws, rules and regulations.
7. Operational Oversight
- Contractual agreements with Downstream Entities contain all CMS-required provisions
- Downstream Entities comply with the Medicare compliance program requirements described in this attestation
- Downstream Entities comply with any applicable Medicare operational requirements
Our organization ensures compliance is maintained by our downstream entities. We will conduct oversight of the services that we perform for Deaconess Health Plans to ensure that compliance is maintained with applicable laws, rules and regulations.
I certify, as an authorized representative of my organization, that the statements made above are true and correct to the best of my knowledge. Also, my organization agrees to maintain documentation supporting the statements made above. We’ll maintain this documentation in accordance with federal regulations, which is no less than ten (10) years. Our organization will produce this evidence, upon request. Our organization understands that the inability to produce this evidence may result in a request by Deaconess Health Plans for a Corrective Action Plan (CAP) or other contractual remedies such as contract termination.