2013 Medicare Compliance Training - Cigna · External Medicare Compliance Training 7/62 Cigna- H e a l t h S p r i n g M e d i c a i d Medicaid is a federal health insurance program

Medicare Compliance Training –

for External Parties

Medicare Compliance Training – for

External Parties © Copyright 2014 Cigna. All rights reserved.

External Medicare Compliance Training 1/62

Medicare Compliance

Training


“Cigna,” “HealthSpring” and “Bravo Health” are registered service marks, and the “Tree of Life” logo is a service mark, of Cigna Intellectual Property, Inc., licensed

for use by Cigna Corporation and its operating subsidiaries. All products and services are provided by or through such operating subsidiaries and not by Cigna

Corporation. Such operating subsidiaries include Connecticut General Life Insurance Company (CGLIC), HealthSpring Life & Health Insurance Company, Inc.

(HSLH), HealthSpring of Tennessee, Inc. (HSTN), HealthSpring of Alabama, Inc. (HSAL), HealthSpring of Florida, Inc. (HSFL), Bravo Health Mid-Atlantic, Inc.

(BHMA), and Bravo Health Pennsylvania, Inc. (BHPA). CGLIC is a Medicare approved Part D sponsor. HSLH, HSTN, HSAL, HSFL, BHMA and BHPA are

Medicare approved Medicare Advantage Organizations.

Confidential property of Cigna. Do not duplicate or distribute. All examples and fact patterns used herein are fictitious. © C2014 Cigna






I n t r o d u c t i o n

Cigna-HealthSpring has contracted with the Centers for Medicare & Medicaid Services (CMS) to offer multiple benefits to

Medicare enrollees. As part of those contracts, Cigna-HealthSpring employees who have direct or indirect involvement with the

Medicare and/or Medicaid programs are required to complete this Medicare Compliance training course.

Additionally, per the Federal Register Notice CMS-4124-FC, CMS clarifies that the training and communication requirements apply to all entities

we partner with. Therefore, Cigna-HealthSpring is making this training available in the event you do not have your own Medicare Compliance

Training program established.






T r a i n i n g R e q u i r e m e n t s C e r t i f i c a t i o n

At the end of this training a Certification is provided as evidence of compliance

with Medicare requirements in audits conducted by the Federal government.

Cigna-HealthSpring requires employees, or anyone working on Cigna's behalf,

who have direct or indirect involvement with the Medicare or Medicaid programs to

complete this training, certify their completion, and acknowledge they have

received, read, and will comply with all written Cigna-HealthSpring policies.






O v e r v i e w o f M e d i c a r e P r o g r a m s

This section provides an overview of Cigna-HealthSpring's Medicare &

Medicaid programs.

The government offers four types of Medicare programs:

Medicare Part A - covers Hospital Care

Medicare Part B - covers Medical Services

Medicare Part C - covers Medical Services for Medicare

Advantage plans like HMO, PPO, and Private Fee for Service

Medicare Part D - covers Prescription Drug Plans

Cigna offers two types of Medicare programs:

Cigna-HealthSpring Medicare Part D

Cigna-HealthSpring Medicare Part C

Cigna-HealthSpring offers a Medicaid program: Medicaid – STAR+PLUS.

HealthSpring offers a Medicaid program: Medicaid – StarPlus.






C i g n a M e d i c a r e P a r t D P r e s c r i p t i o n D r u g P r o g r a m ( P a r t D - P D P )

Cigna-HealthSpring’s PDP program encompasses many

offices with the core staff located in Bloomfield, Connecticut

and Nashville, TN. This program contracts with CMS to provide

individual prescription drug benefits for Medicare beneficiaries

and employer-sponsored prescription drug plans.

Employer-sponsored prescription drug plans include:

Employer Retiree Drug Subsidy - Employers or unions with

prescription drug coverage that is at least as good as

Medicare’s can apply to CMS to receive a retiree subsidy.

Employer-Specific PDP - employer makes special

arrangements with entities offering Part D Medicare plans

such as, Connecticut General Life Insurance Company

(CGLIC). These entities provide a retiree prescription drug

plan that integrates the basic Part D individual coverage with

the supplemental coverage (i.e., coverage for classes of

prescription drugs not covered under Part D, such as

coverage for Barbiturates and Benzodiazepines).






M e d i c a r e A d v a n t a g e P l a n s ( P a r t C )

Medicare Advantage Plans – also known as Medicare Part C plans –

provide Part A (hospital, SNF, in-patient coverage and Hospice) and Part B

(medically necessary and preventive care, outpatient services) coverage

and must cover all medically necessary services. Participants must be

enrolled in Medicare Part A and Part B to join a Part C plan.

These plans are part of the government’s Medicare program but they are

offered and managed through approved private insurers, and may offer plan

extras not found in “Original Medicare.”

There are various types of Medicare Advantage plans available – many of

which you may find familiar such as HMO, PPO, and Private Fee-for-

Service plans. Cigna-HealthSpring offers a Medicare Advantage plan in

certain counties in Arizona. Cigna-HealthSpring, Leon Medical Centers, and

Bravo Health offer Medicare Advantage plans in a number of states.






C i g n a - H e a l t h S p r i n g M e d i c a i d

Medicaid is a federal health insurance program for individuals who can't afford medical care for some or all of their medical bills.

It covers children, the aged, blind and/or disabled and is available to people with limited incomes.

There are certain requirements that an individual must meet in order to be eligible for Medicaid. If their income is low and they

need medical care, they should apply for Medicaid and ask for a qualified caseworker to take a look at their circumstances.

STAR+PLUS is a Texas Medicaid managed care program designed to provide health care, acute and long-term services and

support through a managed care system. If an individual is eligible for the STAR+PLUS program, Cigna HealthSpring will send

payments directly to their health care providers.

The program provides a range of options to meet individual needs.

Primary and specialty provider care

Medical supplies

Mental health care and substance use disorder treatment

Hospital care






C i g n a - H e a l t h S p r i n g M e d i c a i d

Cigna-HealthSpring Illinois Medicare Medicaid Alignment Initiative (MMAI)

To help implement Medicaid reform law (Public Act 96-1501) the State of Illinois is requiring 50% of Medicaid recipients to be in

“Risk-Based Care Coordination” by 2015. The MMAI program is a new partnership model between the State of Illinois, CMS,

and participating managed care plans designed to help achieve the State of Illinois’ goal to move Medicaid recipients to Risk-

Based Care Coordination programs. Cigna-HealthSpring is a participating MCO in the MMAI program, and was awarded a 3

year contract in November of 2012.

The Goal: A redesigned, cost effective health care delivery system, more patient-centered care with a focus on improved health

outcomes, and enhanced patient access and safety. Also, to provide Medicare-Medicaid patients with a better care experience

by testing a person-centered, integrated care program that provides a more easily navigable and seamless path to all covered

Medicare and Medicaid services.

Contracted Service Area: Cook, Kane, DuPage, Will, and Lake counties.

Who: Persons who are elderly; persons with disabilities; persons with HIV/AIDS; persons with brain injury; persons residing in

supportive living facilities. Also, patients eligible for both Medicare and Medicaid Services (called "dual eligibles").

Voluntary Enrollment began March 1, 2014. Estimated Annual Enrollment for 2014 is approximately 15,000 new members.






E m p l o y e e E t h i c s

Ethical principles are the foundation of Cigna-HealthSpring's unwavering commitment to integrity, ethical conduct, and legal and

regulatory compliance. These principles are at the heart of our core value to Act with Integrity. For example, at Cigna-

HealthSpring we must:

Behave ethically in a way that reflects Cigna-HealthSpring's commitment to do what is right, honest, fair, and

trustworthy.

Take actions to ensure that we, and Cigna-HealthSpring, comply with all laws, rules, and regulations that apply to our

business.

Conduct business in a way that avoids any conflict or even the appearance of a conflict between our own personal

interests and Cigna-HealthSpring's interests.

Take all the right steps to protect Cigna-HealthSpring's assets (for example, property, information, and financial

records) from loss, damage, or misuse.

The Code of Ethics & Principles of Conduct and its related policies are the cornerstone of Cigna's Enterprise Compliance Program.

Annual training on the Code of Ethics & Principles of Conduct and related policies is required with an affirmation at the end of the

training. The Code of Ethics training only partially satisfies the Medicare Compliance training requirement.

http://www.cigna.com/aboutus/corporate-governance







E m p l o y e e E t h i c s , C o n t i n u e d

Cigna-HealthSpring leadership demonstrates its continued

commitment to maintaining the highest legal and ethical

standards in the conduct of its business by all Cigna-

HealthSpring employees and individuals working on behalf of

Cigna-HealthSpring.

Cigna-HealthSpring employees annually reaffirm their

commitment to and understanding of Cigna's Code of Ethics &

Principles of Conduct by completing an annual ethics

affirmation statement.






K e y E l e m e n t s o f a C o m p l i a n c e P r o g r a m

This section discusses the Key Elements of a Medicare Compliance Program and

Medicare Compliance.

According to the Centers for Medicare & Medicaid Services (CMS), the key

elements of an effective compliance program are:

Requiring Written Policies/Procedures and Standards of Conduct

Designating a Compliance Officer, a Compliance Committee, and high

level oversight

Conducting an Effective Training and Education Program

Developing Effective Lines of Communication

Enforcing the program through well Publicized Disciplinary Guidelines

Developing program for routine monitoring and identification of

Compliance Risks

Developing procedures and system for prompt response to Compliance

issues

Developing a plan to Detect, Correct, and Prevent Fraud, Waste, and

Abuse






W r i t t e n P o l i c i e s a n d P r o c e d u r e s

CMS requires that plan sponsors have written Policies/Procedures and

Standards of Conduct. One way that Cigna-HealthSpring satisfies this

requirement is through our Code of Ethics & Principles of Conduct. We are

responsible for knowing, understanding, and complying with Cigna's Code

of Ethics & Principles of Conduct, as well as the policies and procedures

that apply to the work we do. The Code of Ethics & Principles of Conduct

and related policies reflect Cigna-HealthSpring's commitment to integrity,

ethical conduct, as well as, legal and regulatory compliance






W r i t t e n P o l i c i e s a n d P r o c e d u r e s , C o n t i n u e d

A few of the topics you can find covered in Cigna’s Code of Ethics &

Principles of Conduct are:

Conflict of Interest

Cigna Assets

False Claims

Control, Accounting, and Reporting

Information Protection and Privacy

Communications and Social Media

All entities contracted to perform work related to Medicare

programs must review Cigna’s Code of Ethics policies and

procedures or have appropriate policies and procedures to

address Code of Conduct policies, as well as Fraud, Waste and

Abuse.






W r i t t e n P o l i c i e s a n d P r o c e d u r e s , C o n t i n u e d

The Code of Ethics & Principles of Conduct is available for clients, members, and other stakeholders who want to learn more about Cigna-HealthSpring's commitment to integrity, ethical conduct, and legal and regulatory compliance.

The Code of Ethics & Principles of Conduct is also located at http://www.Cigna.com/ on the Corporate Governance page found under the Corporate Responsibility link

If you do not have access to the Internet or to Your Cigna Life, you should contact a Cigna-HealthSpring manager or Medicare/Medicaid Compliance Officer.

http://www.cigna.com/






C o m p l i a n c e O f f i c e r a n d C o m p l i a n c e C o m m i t t e e

The Medicare Compliance Committee is led by the Medicare/Medicaid Compliance Officer, Rich Appel. Members of the Committee are comprised of: • President, Cigna-HealthSpring • Senior Vice President, Government Affairs • Senior Vice President & Chief Medical Officer • Senior Vice President Human Resources • Vice President of Operations • Vice President Sales • Medicare/Medicaid Compliance Officer • Associate Chief Counsel • General Counsel • Chief Information Officer • Director Special Investigations • Operations Senior Director • Operations Director (2) • Segment Lead General Manager (2) Compliance Manager (Arizona)






C o n d u c t i n g a n E f f e c t i v e T r a i n i n g a n d E d u c a t i o n P r o g r a m

Organizations must have effective training and education to

ensure the appropriate information is being disseminated to the

correct individuals.

Everyone at Cigna-HealthSpring that contributes

directly or indirectly to Medicare is required to

complete compliance training upon hire and annually

thereafter

Training must address the prevention and detection

of fraud, waste and abuse






E f f e c t i v e L i n e s o f C o m m u n i c a t i o n

The Medicare/Medicaid Compliance Officer, Compliance Office, and

the Privacy and Security Officer have an Open Door Policy.

This allows employees to freely seek compliance and Health

Insurance Portability and Accountability Act (HIPAA)-related guidance

and encourages employees to openly discuss any compliance

questions, concerns, or issues they may have.






P u b l i c i z e d D i s c i p l i n a r y G u i d e l i n e s

Compliance with Cigna’s Code of Ethics & Principles of Conduct and

related policies, as well as applicable Medicare Policies and Procedures

Manuals (which incorporate legal and contractual requirements), is an

ongoing performance objective for all Cigna-HealthSpring employees AND

contractors.

On a case-by-case basis, the severity of the disciplinary action is

determined by the Medicare/Medicaid Compliance Officer, Human

Resources, and the employee’s supervisor.

Violation of Cigna’s Code of Ethics & Principles of Conduct and related

policies and/or operational policies and procedures may result in

disciplinary action, up to and including, termination.

Disciplinary actions related to violations of Cigna's Code of Ethics &

Principles of Conduct are discussed in Cigna's Code of Ethics & Principles

of Conduct. (Note: external contracted entities and individuals working on Cigna’s behalf without Cigna network access must use this website address: http://www.cigna.com/aboutus/corporate-governance).

http://home.cigna.com/CignaPage.aspx?page=5029

http://home.cigna.com/CignaPage.aspx?page=5029







A u d i t i n g a n d M o n i t o r i n g

Auditing and monitoring at Cigna-HealthSpring is performed

through Risk Assessment, Internal Audits, External Audits, and

Subcontractor/Delegated Entity Oversight:

Risk Assessment - Cigna-HealthSpring conducts periodic risk assessments; as well

as, an annual risk assessment. These tools are supplemented by a quarterly

enterprise risk assessment, to evaluate functional areas of the organization to

assess potential business risk. Results of the assessment are scored and those

areas identified as the highest risk are considered when developing the internal

audit plan. Other factors are considered in the risk assessment, such as areas at

risk of not meeting CMS standards.

Internal Audits - The Medicare/Medicaid Compliance Officer coordinates with

management to implement the internal audit plan. Audits are performed to ensure

adherence to CMS requirements and internal policies and procedures. Corrective

action plans will be developed and implemented in areas where processes do not

meet the requirements.

External Audits - Cigna-HealthSpring is also subject to audits from external parties

such as CMS and the Office of Inspector General (OIG). Corrective action plans for

any deficiencies or findings reported during external audits will be developed and

implementation will be monitored to ensure processes are strengthened and

regulations are followed.

Subcontractor/Delegated Entity Oversight Audits - Cigna-HealthSpring conducts

periodic, risk based Subcontractor/Delegated Entity Oversight audits to ensure

adherence to CMS/State requirements.

*Data Management Systems

Q

Corrective action plans will be developed and implemented by

Subcontractor/Delegated Entity where processes do not meet

CMS/State requirements. The Medicare/Medicaid Compliance Officer

will monitor corrective action implementation to ensure issues are

resolved.






R e s p o n d i n g t o C o m p l i a n c e I s s u e s

Violations of the Compliance Program, Federal and State statutes, rules

and regulations, or any other types of misconduct will be investigated by the

Medicare/Medicaid Compliance Officer or designee.

Reporting Detected Criminal Violations: If you know of, or reasonably

suspect, a misappropriation of Cigna-HealthSpring assets, or any other

violation of law, ethical, or business policies, you must report the matter.






R e s p o n d i n g t o C o m p l i a n c e I s s u e s , C o n t i n u e d

Reporting Obligation: It is the obligation of every employee, and individual

working on Cigna-HealthSpring's behalf, who knows of, or reasonably

suspects, a violation of Cigna's Code of Ethics & Principles of Conduct to

promptly report it.

Unless a specific policy states otherwise, the report may be oral or written,

and made at https://Cignaethicshelpline.alertline.com, or by calling

1.800.472.8348. You may also report issues to the Medicare/Medicaid

Compliance Officer.

https://cignaethicshelpline.alertline.com/







Policy of No-Retaliation: Cigna-HealthSpring will not discriminate or

retaliate against anyone who, in good faith, reports violations of laws or

regulations, the Code of Ethics & Principles of Conduct, or other

company policies; whether those violations are by a Cigna-HealthSpring

company, another employee, or agent. In addition, employees are

protected by Federal law against any retaliation for taking action under

the Federal False Claims Act.

Any employee or non-employee worker working on Cigna-

HealthSpring’s behalf who engages in retaliation is subject to

disciplinary action up to, and including, termination.

Cigna’s Ethics Help Line: Cigna-HealthSpring has a toll-free, 24-hour

Ethics Help Line (1.800.472.8348) to facilitate confidential and

retribution-free reporting of violations, and to handle requests for

information about Cigna's Code of Ethics & Principles of Conduct. You

can also report issues by going to the Cigna Ethics Help Line webpage

at https://cignaethicshelpline.alertline.com.









Cigna's Fraud Hot Line: Cigna has a toll-free, 24-hour Fraud

Hotline (1.800.667.7145) and email address

([email protected]) to facilitate confidential and

retribution-free reporting of suspected fraud, and to handle

requests for information about Cigna's FWA policies.

Cigna-HealthSpring: To submit a referral regarding FWA to the

Cigna-HealthSpring Benefit Integrity Unit (BIU), Cigna-

HealthSpring employees can do so by calling 1.800.668.3813.

Compliance is Everyone’s Business…and it begins with you!

mailto:[email protected]







Cigna’s Privacy Office: All information reported by Cigna-HealthSpring employees,

enrollees, individuals working on Cigna-HealthSpring's behalf, or others, is kept

confidential to the extent reasonably possible during any resulting investigation. It

is possible that an individual’s name may become known or revealed in certain

instances when governmental authorities intercede, or as otherwise required by

law.

If you have questions related to Cigna’s Privacy Policy, contact Cigna’s Privacy

Office at [email protected]

Medicare Privacy Office Contacts:

Patti Hoffman: 615-236-6157, or email at: [email protected]

Jenn Duncan: 615-236-6232, or email at: [email protected]










Information and Data Security: Cigna’s Information Protection Policy outlines

safeguards and activities needed to protect proprietary information and avoid

unintended disclosures. If you witness an act that looks like a policy violation or

puts Cigna-HealthSpring information at risk, tell your manager, HR representative,

contact the Medicare/Medicaid Compliance Officer, or send e-mail to Cigna

Information Protection e-mail box [email protected] if

outside the network.








Developing Corrective Action Initiatives: Reports of suspected misconduct will be

investigated. If a violation of applicable law or regulation is found to exist, Cigna-

HealthSpring will take steps to correct the problem. These steps may include

developing a corrective action initiative; or, if material, immediate referral to

criminal and/or civil law enforcement authorities, disclosure to senior

management, and the appropriate governmental authority, where appropriate.

Reporting to the Government: Cigna-HealthSpring shall report to appropriate

governmental authorities, such as CMS and OIG, credible information of material

violations of the law by Cigna-HealthSpring, subcontractors, health care providers,

or enrollees for a determination as to whether any criminal, civil, or administrative

action may be appropriate.






P l a n t o D e t e c t , C o r r e c t , a n d P r e v e n t

CMS requires all Medicare sponsors to develop a comprehensive program to detect, correct, and prevent FWA.

Entities contracted with Cigna-HealthSpring should also have appropriate policies and procedures to address fraud, waste, and

abuse.

To reflect Cigna-HealthSpring's commitment to the Medicare program, Cigna’s Special Investigations Unit (SIU), along with

Cigna-HealthSpring's Benefit Integrity Unit (BIU):

Administers required annual anti-fraud training for key employees

Detects, deters, and investigates suspicious claims

Provides methods to report suspicious activity

Maintains a process for receiving and documenting complaints of internal and external fraudulent activity

Files reports and quarterly documentation regarding FWA to CMS

Assists CMS and State and Federal law enforcement in investigational activity






M e d i c a r e P o l i c i e s a n d P r o c e d u r e s

This section also describes policies with provisions of special

relevance to Medicare. These policies include but are not

limited to:

External Review and Studies

Conflict of Interest

Office of Inspector General (OIG)/General Services

Administration (GSA) Exclusion Review

Records Management

Government Contracts/Anti-Kickback

False Claims

Gifts






E x t e r n a l R e v i e w s a n d S t u d i e s P o l i c y

As a Medicare contractor, we will at times be requested to participate in external audits, studies, or reviews that are beyond

normal day-to-day requests. These requests may come from CMS, the OIG, the General Accounting Office (GAO), the

Department of Justice (DOJ), or from an entity contracted with these organizations.

The requests may be made via telephone or received in writing. We may also be issued subpoenas for the production of

information.

If you receive a subpoena related to Medicare data, records, or information (or any other information), you should immediately

contact Medicare Compliance and Cigna-HealthSpring business legal counsel for assistance. If you receive a request for

Medicare records, or any information from an external party, immediately contact Medicare Compliance for assistance.

Medicare Compliance will work with you to ensure we respond appropriately and in accordance with applicable law. Cigna-

HealthSpring will cooperate with CMS and other governmental agencies and their authorized representatives to provide access

to information and records.






C o n f l i c t s o f I n t e r e s t

Conflicts of interest can arise if you have a direct or indirect financial, business or personal involvement with a current or

potential supplier, competitor, member, or employee of Cigna-HealthSpring. In addition, outside financial or business

involvement by members of your immediate family, or by persons with whom you have a close personal relationship, may

create a possible conflict of interest for you. As an individual working on Cigna-HealthSpring's behalf:

You must not take part in any transaction in which you have a personal interest if there is, or might appear to be, a

conflict between your interest and the interests of Cigna-HealthSpring.

You must not take part in any business transaction in which you have a personal interest if your participation is in any

way related to information you received, or a relationship you developed, as an employee or director.

You should not show preferential treatment to any health care provider or supplier regardless of their relationship with

Cigna-HealthSpring. If you become aware of a situation involving preferential treatment to health care providers or

suppliers, you should notify the Medicare/Medicaid Compliance Officer immediately.

Each provider or entity that contracts with Cigna-HealthSpring will require its managers, officers, and directors responsible for the administration

or delivery of Medicare/Medicaid benefits to sign a conflict of interest statement, attestation, or certification at the time of hire and annually

thereafter certifying that the manager, officer, or director is free from any conflict of interest in administering or delivering Medicare/Medicaid

benefits.






E x c l u s i o n R e v i e w

Cigna-HealthSpring will not knowingly hire any individual, or contract

with any person or entity for its Medicare or Medicaid program, who

has been convicted of a criminal offense related to health care or who

is listed by a Federal agency as debarred, excluded, or otherwise

ineligible for participation in a Federal health care program.

Cigna-HealthSpring will review the Department of Health & Human

Services OIG and System for Award Management (SAM) (formerly

EPLS) exclusion lists to ensure that its Medicare employees and

subcontractors are not included on such lists.






E x c l u s i o n R e v i e w , C o n t i n u e d

If Cigna-HealthSpring learns that an individual has been charged with a criminal offense

related to health care or proposed for exclusion or debarment, the individual will be removed

from direct responsibility for or involvement in all such Medicare activities until resolution of

such charges or proposed debarment or exclusion.

FDRs must review the Department of Health & Human Services OIG and

System for Award Management (SAM) (formerly EPLS) exclusion lists to

ensure that no FDR new employee, temporary employee, volunteer,

consultant, governing body member responsible for administering or delivering

Medicare benefits is excluded from Federal health care programs. The FDR

must conduct this review upon initial hire or contract execution and monthly

thereafter. Additionally, if an employee responsible for the administration or

delivery of any Medicare or Medicaid benefits is included on one or both of

these lists, the FDR must immediately remove the employee from any work

related directly or indirectly to any Federal health care program and must take

appropriate corrective actions. Your organization must retain documentation to

show that your organization conducted the required review of the lists (screen

prints of negative results is acceptable), and took corrective action if and when

an employee was identified on the list(s). This information must be available

upon request by Cigna-HealthSpring or CMS and records should be

maintained for 10 years.






R e c o r d s M a n a g e m e n t

Unless specific conditions apply, all relevant Medicare records will be

maintained for10 years from the end of the final contract period or

completion of an audit, whichever is later.

CMS has authority under section 1860D–12(b)(3)(c) of the Act and

§422.504(e)(2) and §423.505(e)(2) to inspect and audit any books, contracts,

and records of a Part D sponsor or MA organization and its first tier,

downstream, and related entities that pertain to any aspect of services

performed, reconciliation of benefit liabilities, and determination of accounts

payable under the contract or as the Secretary may deem necessary to enforce

the contract.

All records created in the course of business are the property of

Cigna-HealthSpring, and will be maintained in compliance with all

legal, regulatory, and/or government contract requirements.

Unauthorized disposal or removal of records from Cigna-

HealthSpring is prohibited.






A n t i - K i c k b a c k

It is Cigna-HealthSpring's policy to strictly comply with all laws

that regulate government contracting.

You must not offer, give, request, or receive anything of value

for free or below fair market price in connection with the sale or

recommendation of, or referral to, any benefit plan, product or

service paid partly or fully by any government program.

To ensure compliance with this policy, contracts or other

business arrangements between Cigna-HealthSpring and any

health care provider or supplier (including pharmaceutical

companies), and between Cigna-HealthSpring and any

government agency or program, must be in writing and must

be reviewed and approved by the member of Cigna-

HealthSpring's legal department assigned to the relevant

business division.






A n t i - K i c k b a c k E x a m p l e s

The following scenarios are examples of potential kickback violations.

A medical provider group compensates a referral

coordinator for channeling members to their practice.

A pharmacy’s waiving of Medicare co-payments in order to

encourage enrollees to fill their prescriptions there.

A Medicare Part D plan sponsor’s acceptance of a

pharmaceutical manufacturer’s offer of a free disease

management program in return for encouraging Medicare

enrollees to use the manufacturer’s products.

A drug manufacturer’s provision of a free trip to an

employee of a Medicare Part D plan sponsor in return for

the plan sponsor’s decision to place the manufacturer’s

drug in the preferred tier of the plan’s Medicare formulary.






A n t i - K i c k b a c k - T h e S t a r k L a w

The Stark Law prohibits physicians from referring Medicare patients for

health services in which the physician or member of the physician’s

immediate family has a financial interest or other arrangement, unless

an exception applies.

There are specific exceptions for certain referral services and

management contracts that meet certain specified requirements without

being in violation of the law.

The Stark Law was passed to prevent over-utilization of services (due to

the physician benefiting from the referral), reduce healthcare costs and

promote competition.






A n t i - K i c k b a c k P e n a l t i e s

Anti-Kickback Statute

o Criminal penalties of up to 5 years in

prison and/or $25,000 in fines

o Civil money penalties of $50,000 per act

plus three times the remuneration offered

o Exclusion from participation in federal and

state health care programs

Stark Law

o Civil money penalties of up to $15,000 for

each claim submitted, plus three times the

amount claimed

o Civil money penalties of up to $100,000 for

each arrangement or “scheme” that

violates the law

o Exclusion from participation in federal and

state health care programs






F a l s e C l a i m s

It is Cigna-HealthSpring’s policy to comply with all applicable laws

regulating claims and information submitted in connection with goods

and services reimbursable by any United States federal or state

governmental agency or program.

As an employee, director, or agent of Cigna-HealthSpring you must

not participate in submitting a claim for payment or reporting any

information that is false, fictitious, fraudulent, or misleading (by falsely

stating or leaving out any information).






F a l s e C l a i m s , C o n t i n u e d

Anyone who participates in submitting a false or fraudulent claim to

the United States government for payment, including Medicare or

Medicaid claims, can be held personally liable. Examples of

prohibited conduct include, but are not limited to:

Filing a claim for services that were never provided, were

medically unnecessary, or were described inaccurately.

Inflating the number of claims processed or failing to

process any claims.

Falsifying data entered into a reimbursement-related

database, cost reports, Medicare enrollee satisfaction data,

or audit-related documents.







As an individual working on behalf of a Cigna-HealthSpring Company, you must ensure the integrity of the product or service provided, and of the

related submissions made to the government.

Never falsify a document or knowingly submit misleading information and exercise due care and due diligence by verifying the accuracy of all data

on which the certification is to be made. Take every submission of information to the government seriously and review the underlying

requirements associated with certifications.

You are responsible for complying with this policy, including all related policies, and for promptly reporting any possible violations when you know

or suspect that a fraud, waste, abuse, or other illegal act relating to a false claim or statement has been committed. By doing so, you are helping

to protect business, clients, customers, partners, and your co-workers. When you report Code of Ethics and Principles of Conduct or other

compliance concerns, or participate in an investigation of these matters, you will not be subject to retaliation. Any individual working on Cigna's

behalf who engages in retaliation is subject to disciplinary action up to and including termination.

Keep in mind that, for purposes of payments made under the Medicare and Medicaid programs, an overpayment must be reported and returned

to the government within 60 days after the date on which the overpayment was identified. If the overpayment is retained beyond the 60-day

period, it can trigger false claim liability if the retention is knowing and improper.







You must also report any false, inaccurate, or altered requests for

payment or claims to the Medicare/Medicaid Compliance Officer,

Cigna’s Chief Compliance & Ethics Officer, Cigna Legal Counsel, or

contact Cigna’s Ethics Help Line (1.800.472.8348).

Employees and subcontractors are protected from retaliation for

False Claims Act complaints under 31 U.S.C. § 3730(h), and other

applicable anti-retaliation protections.

Violations of Cigna's False Claims policy may result in disciplinary

action, including termination of employment and, depending on the

jurisdiction, criminal and/or civil penalties.






G i f t s

Employees and directors must not offer or give gifts, entertainment, or

anything of value that would, or might appear to, improperly influence the

business decisions of others. Gifts, entertainment, or other benefits of value

greater than $50 must not be given - doing so is prohibited by company

policy.

Employees and directors must not accept gifts or entertainment that would,

or might appear to, improperly influence the employee's or director's

decisions regarding Cigna-HealthSpring business. Employees and directors

must not give or accept money or gift certificates to or from subcontractors

or anyone doing business with Cigna-HealthSpring, or contemplating doing

business with Cigna-HealthSpring, under any circumstances.

As a Medicare contractor, we must take special care to never provide or

offer to provide gifts or entertainment to government officials and

employees.






M e d i c a r e C o m p l i a n c e

Cigna-HealthSpring and its contractors must comply with all applicable Medicare

laws and regulations and any regulation deviations must be approved by

Medicare. Through our contractual arrangements with CMS, Cigna-HealthSpring

has agreed to adhere to all Medicare laws and regulations.

CMS outlines their expectations and Cigna-HealthSpring utilizes these regulations

to develop our health plan operations, workflows, and internal processes to ensure

we meet our contractual requirements. Cigna-HealthSpring subcontractors must

also ensure processes are in place to comply with regulations and develop

applicable policies and procedures.






M e d i c a r e C o m p l i a n c e , C o n t i n u e d

Updates and revisions to CMS directives are communicated to

Cigna-HealthSpring business areas internally through the

Medicare Compliance Department.

When Medicare Compliance issues a CMS directive that result

in a process change, the process owner must update the

applicable departmental policies and procedures. When a

policy or procedure is updated, it must be submitted through

the established organizational process for review and approval.







Any Subcontractor/Delegated Entity of Cigna-HealthSpring must comply

with all applicable Medicare laws and regulations and any regulation

deviations must be submitted to the Medicare/Medicaid Compliance

Officer and approved by CMS. Subcontractors/Delegated Entities are

required to submit an annual Attestation to evidence compliance. The

Attestation will cover, but is not limited to, the following areas:

Code of Conduct - Subcontractor/Delegated Entity must adopt and follow a code

of conduct that reflects a commitment to detecting, preventing, and correcting fraud,

waste and abuse in the administration or delivery of Medicare benefits. Code of

conduct should include provisions to ensure employees, managers, officers and

directors responsible for the administration or delivery of the Medicare benefits are

free from any conflict of interest in administering or delivering Medicare benefits.

Compliance Oversight - Subcontractor/Delegated Entity are required to respond

to identified compliance deficiencies promptly. Upon the discovery of a compliance

deficiency, the organization must promptly address and correct the deficiency and

report to Cigna-HealthSpring, in accordance with CMS regulations.

Compliance Training – Annual compliance training is required for all persons

involved in the administration or delivery of the Medicare or Medicaid Program. Cigna

HealthSpring’s Medicare Compliance Training module is made available to

Subcontractor/Delegated Entities who may not have appropriate training. New hires

should receive training within 90 days of hire.

Fraud Waste and Abuse (FWA) Training – All persons involved in the

administration or delivery of the Medicare Program must receive Fraud Waste, and

Abuse (FWA) Training upon hire and annually thereafter. CMS’ FWA Training module

is made available to Subcontractors/Delegated Entities who may not have

appropriate training.







…continue

Subcontractors/Delegated Entities are required to submit an annual

Attestation to evidence compliance. The Attestation will cover, but is not

limited to, the following areas:

Exclusion Review - - Subcontractors/Delegated Entities must review the Office of

Inspector General (OIG) and System for Award Management (SAM) (formerly EPLS)

exclusions lists to ensure that any Subcontractor/Delegated Entity employee or

manager responsible for administering or delivery Medicare benefits is not excluded

from Federal programs. Subcontractors/Delegated Entities must conduct this review

upon initial hire and monthly thereafter. If an excluded employee is identified, the

Subcontractor/Delegated Entity must immediately remove the employee from any work

related directly or indirectly to any Federal health care program and must take

appropriate corrective actions.

2012 Audit Protocols – Upon selection by CMS for audit, Subcontractors/Delegated

Entities must be able to show data requested by CMS live in their system and have a

plan representative available to address questions as requested.

Compliance Program Guidelines – CMS released the Compliance Program

Requirements for Part C and Part D respectively. Subcontractors/Delegated Entities

who have delegated administrative or health care service functions relating to Cigna-

HealthSpring’s Medicare contracts must review and have processes in place to ensure

compliance with program requirements.






L i n k s t o G u i d e l i n e s a n d R e g u l a t i o n s

As a Medicare contractor, we must comply with numerous regulations. Here are several important links to regulations and

guidance issued by CMS.

Annual Part C and Part D Application - http://www.cms.gov/Medicare/Prescription-Drug-

Coverage/PrescriptionDrugCovContra/RxContracting_ApplicationGuidance.html

Call Letter - http://www.cms.gov/Medicare/Health-Plans/MedicareAdvtgSpecRateStats/downloads/Announcement2014.pdf

Medicare Part D Manuals - http://www.cms.gov/Medicare/Prescription-Drug-Coverage/PrescriptionDrugCovContra/PartDManuals.html

Medicare Part C Manuals - http://www.cms.gov/Regulations-and-Guidance/Guidance/Manuals/

Internet-Only-Manuals-IOMs.html

Instructions issued by CMS via the Health Plan Management System (HPMS) - http://www.cms.gov/Regulations-and-

Guidance/Guidance/Transmittals/2014-Transmittals.html

Code of Federal Regulations (CFR) applicable to Medicare - http://www.access.gpo.gov/nara/cfr/cfr-table-search.html#page1

Pharmacies contracted with Medicare Sponsors (such as Cigna-HealthSpring), must comply with numerous regulations, for example:

Pharmacy specific instructions can be found at: http://www.cms.hhs.gov/center/pharmacist.asp

http://www.cms.gov/Medicare/Prescription-Drug-Coverage/PrescriptionDrugCovContra/RxContracting_ApplicationGuidance.html



http://www.cms.gov/MedicareAdvtgSpecRateStats/Downloads/Announcement2013.pdf

http://www.cms.gov/Medicare/Health-Plans/MedicareAdvtgSpecRateStats/downloads/Announcement2014.pdf

http://www.cms.gov/Medicare/Prescription-Drug-Coverage/PrescriptionDrugCovContra/PartDManuals.html

http://www.cms.gov/Medicare/Prescription-Drug-Coverage/PrescriptionDrugCovContra/PartDManuals.html

http://www.cms.gov/Regulations-and-Guidance/Guidance/Manuals/Internet-Only-Manuals-IOMs.html

http://www.cms.gov/Regulations-and-Guidance/Guidance/Manuals/%0bInternet-Only-Manuals-IOMs.html

http://www.cms.gov/Regulations-and-Guidance/Guidance/Manuals/%0bInternet-Only-Manuals-IOMs.html

http://www.cms.gov/Medicare/Prescription-Drug-Coverage/PrescriptionDrugCovContra/HPMS-Guidance-History.html

http://www.cms.gov/Regulations-and-Guidance/Guidance/Transmittals/2014-Transmittals.html

http://www.cms.gov/Regulations-and-Guidance/Guidance/Transmittals/2014-Transmittals.html

http://www.access.gpo.gov/nara/cfr/cfr-table-search.html#page1

http://www.access.gpo.gov/nara/cfr/cfr-table-search.html#page1

http://www.cms.hhs.gov/center/pharmacist.asp






M e d i c a r e R u l e s a n d F r a u d , W a s t e , a n d A b u s e ( F W A )

This section discusses Medicare rules that Cigna-HealthSpring

must comply with and Fraud Waste and Abuse (FWA)

activities.






S p e c i a l I n v e s t i g a t i o n s U n i t

Cigna's Special Investigation Unit (SIU) uses a variety of means to help

employees detect suspicious claims, including: delivering annual anti-fraud

training for key employees, "Red Flags" job aids (Medical – Medicare Part C,

Pharmacy – Medicare Part D); maintaining a dedicated phone line and an email

box for questions and reporting suspected FWA, and conducting data mining.

The SIU investigators are responsible for identifying schemes specifically related

to Medicare Part C and Medicare Part D.

Cigna’s SIU communicates with other SIUs, law enforcement, regulatory agencies,

CMS, Medicare Drug Integrity Contractors (MEDIC), and associations to identify

schemes and/or suspect pharmacies.






C i g n a - H e a l t h S p r i n g ' s B e n e f i t I n t e g r i t y U n i t ( B I U )

Cigna-HealthSpring's Benefit Integrity Unit (BIU) uses an online referral form, so that suspected fraud, waste and/or abuse

(FWA) activity concerning Cigna-HealthSpring members or providers may be reported. Annual FWA training is also provided to

Cigna-HealthSpring employees so they may sharpen their skills at FWA detection.

The BIU investigators are responsible for proactively identifying schemes specifically related to Medicare and Medicaid, along

with responding to member complaints regarding FWA issues.

Cigna-HealthSpring’s BIU not only supports law enforcement, CMS, Medicare Drug Integrity Contractors (MEDIC), and

associations to identify schemes, but also participates in local law enforcement task force meetings as part of our commitment

to fighting healthcare FWA.

http://hsintranet/compliance/biu/Lists/ReferralForm/NewForm.aspx?RootFolder=%2Fcompliance%2Fbiu%2FLists%2FReferralForm&Source=http%3A%2F%2Fhsintranet%2Fcompliance%2Fbiu%2FLists%2FReferralForm%2FBIU%2520Quick%2520View%2Easpx






F W A I n v e s t i g a t i o n

The SIU/BIU gathers information and evidence by auditing claims,

interviewing customers and health care professionals, reviewing

medical records and prescriptions, data mining, and then

documenting findings.

CMS has contracted with certain companies to be Medicare Drug

Integrity Contractors (MEDIC). The SIU/BIU refers cases of

suspected FWA to MEDIC for investigation.

MEDIC's activities include:

Data analysis to identify potential Part C and Part D fraud

Investigation of potential Part C and Part D fraud for

referral to law enforcement

Liaison with law enforcement/sponsors for Part C and Part

D issues, and audits of sponsor and subcontractor Part C

and Part D operations






F W A P r o s e c u t i o n a n d R e s t i t u t i o n

Cigna-HealthSpring takes appropriate action against fraud offenders by

stopping payments to health care providers and referring cases to State and

Federal law enforcement for legal action. They partner with State insurance

departments, fraud bureaus and professional organizations and pursue

sanctions through State licensing boards.

Within 30 days of identifying a suspicion of fraud or the documentation of

fraud, the SIU/BIU makes a referral to MEDIC and the appropriate State

Department of Insurance.

Cigna’s SIU/Cigna-HealthSpring's BIU tries to recover losses incurred due

to fraud by:

Pursuing and recovering damages

Pursuing civil remedies

Pursuing criminal charges






F W A P r e v e n t i o n

Increased fraud awareness is created by requiring anti-fraud training programs for key

Cigna-HealthSpring employees, vendors, and partners; maintaining anti-fraud policies

and procedures; and communicating new fraud schemes to Cigna-HealthSpring

employees.

Cigna employees should refer all suspicious claims to [email protected]

Calls pertaining to Medicare FWA should be placed to the Fraud Hot Line at

1.800.667.7145.

Cigna-HealthSpring employees can refer Medicare FWA activity to the BIU using the

online referral form or by calling 1.800.668.3813.


http://hsintranet/compliance/biu/Lists/ReferralForm/NewForm.aspx?RootFolder=%2Fcompliance%2Fbiu%2FLists%2FReferralForm&Source=http%3A%2F%2Fhsintranet%2Fcompliance%2Fbiu%2FLists%2FReferralForm%2FBIU%2520Quick%2520View%2Easpx






P r o t e c t e d H e a l t h I n f o r m a t i o n ( P H I )

This section provides information about protecting individually

identifiable health information, referred to as Protected Health

Information (PHI).






O v e r v i e w o f H I P A A P r i v a c y a n d S e c u r i t y R u l e s

The Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules protect Individually Identifiable

Health Information, a subset of which is referred to as Protected Health Information (PHI), held or transmitted by a Covered

Entity, such as, Health Care Providers, Health Plans, and Health Care Clearinghouses and their Business Associates, including

entities that complete functions on the Covered Entity’s behalf, such as Medicare subcontractors.

PHI includes information that identifies the individual or could reasonably be used to identify the individual. PHI is information,

including demographic data, which relates to the individual’s past, present or future physical or mental health or condition,

health care provided to the individual, or past, present, or future payment for health care provided to the individual.

The HIPAA Privacy Rule protects all PHI in any form or media, whether electronic, paper or oral. The HIPAA Security Rule

applies only to electronic PHI (e-PHI). In general, this rule requires a Covered Entity to adopt additional safeguards for e-PHI

ensuring the confidentiality, integrity, and availability of all it creates, receives, uses, maintains, or transmits. The Health

Information Technology for Economic and Clinical Health (HITECH) Act expands certain HIPAA Privacy and Security

requirements, including requiring HIPAA covered entities and their Business Associates to provide notification following a

breach of unsecured PHI.






P H I

All of the elements in this chart could be PHI, either alone, or if combined in a way that would allow for an individual to be

identified. Let’s look at a couple of examples of information Cigna-HealthSpring holds as a Medicare subcontractor.

Zip code alone is not PHI, but zip code combined with address and phone number is PHI. This is because the

combination of these data elements could be used to identify an individual.

Birth date alone is not PHI, but coupled with Social Security Numbers (SSNs) and claim numbers, could result in

identification of an individual and is considered PHI.

SSN alone is PHI, as this data element can be used to identify an individual.

It is important to remember that the context and combination of information determines whether information is PHI. If you have

any questions about what is, or is not PHI, always check with the Cigna or Medicare Privacy Office.






P H I R e q u i r e m e n t s

Employees must follow the Privacy Policy regarding the additional requirements list below.

Safeguarding Protected Health Information - Members of the workforce must employ the appropriate administrative, technical, and physical safeguards

to protect the privacy of protected health information.

Use and Disclosure of PHI - PHI is confidential information that cannot be disclosed to others without the individual’s written authorization except as

permitted or required by the HIPAA Privacy Rule such as treatment (providing care), payment (claim payment), or health plan operations (examples

include, but are not limited to: audits and fraud and abuse detection).

Minimum Necessary - When collecting, accessing, using or disclosing PHI, or when requesting PHI to perform job functions, members of the workforce

must make reasonable efforts to limit the use and disclosure to the minimum necessary to accomplish the intended purposes of the use or request.

Verification - Members of the workforce must follow business unit procedures to verify the identity of a person

requesting PHI, and the authority of any such person to have access to PHI.

Notice of Privacy Practices – Individuals must receive and have access to a “Notice of Privacy Practices” which

describes how their health information may be used or disclosed, and what individual rights they have in relation to

this information.

Individual Privacy Rights - The HIPAA Privacy Rule provides individuals with certain rights related to their PHI. These

rights include: accessing or receiving a copy of their PHI, requesting an amendment or restriction of their PHI, and the

ability to receive an accounting of certain disclosures of their PHI. They can also request that a covered entity

communicate with them by alternate means, such as sending materials to an alternative address or location. Individuals

also have the right to lodge a complaint if they believe there has been a violation of their privacy rights.

For more information on any of these Privacy Policy requirements click Cigna’s HIPAA policies.

http://www.cigna.com/health-careprofessionals/resources/news/HIPPA






T r a n s m i t t i n g P H I

Important facts regarding transmitting PHI:

PHI via the “Internet” – Even when transmitting PHI for permitted or required purposes (e.g., based on an individual’s authorization),

it is NEVER acceptable to transmit PHI via email over the Internet unless the email is encrypted through the use of Cigna’s

SecureMessage process. Cigna-HealthSpring employees can utilize the established "SecureMessage" process.

Cigna ONLY - Cigna's IT department has provided a secure electronic transmission solution for business with several of our

external business partners. As a result, email sent to the following email extensions is secure:

Convey Health Solutions (formerly NationsHealth) (email addresses ending with @conveyhs.com, @uspgi.com,

@nationshealth.com, and @nhrx.com)

e-mail address ending within @HealthSpring.com, @Bravo.com, @GulfQuest.com

Cigna-HealthSpring ONLY – HealthSpring’s IT department has provided a secure electronic transmission solution for business with

several of our external business partners.

We DO NOT have a secure connection with CMS. These are email addresses ending with @cms.hhs.gov.

Important Note: Even if CMS inadvertently transmits PHI, you should never reply or forward the email without removing the PHI or

securing the message appropriately by using the SecureMessage solution.






T r a n s m i t t i n g P H I , C o n t i n u e d

PHI via fax – Prior to faxing PHI, ensure the receiving fax machine is

attended and an authorized person is waiting to receive the fax.

Click Cigna's Privacy Practices for information on any of Cigna's privacy

policies.

http://www.cigna.com/privacy/privacy_healthcare.html






R e p o r t i n g P r i v a c y I n c i d e n t s

If a member of the workforce, including a contractor or a subcontractor,

becomes aware of any potential violation of the HIPAA Privacy or

Security Rules, Health Information Technology for Economic and

Clinical Health Act (HITECH) Act, or Cigna's Privacy Policies and

Procedures, they should report the issue either orally or in writing to any

manager, the Medicare/Medicaid Compliance Officer, the Medicare

Privacy Officer, or Cigna's Privacy Office.

Medicare/Medicaid Compliance Officer – Rich Appel –

615.236.6150

Medicare Privacy Officer – Patti Hoffman – 615.236.6157 or

[email protected]

Cigna HealthCare Privacy Office – via email to -

[email protected]

Instances of potential non-compliance with the Privacy & Security

Rules, HITECH Act, and Cigna's Privacy Policies and Procedures will

be investigated and appropriate disciplinary action will be taken.








R e p o r t i n g P r i v a c y I n c i d e n t s , C o n t i n u e d

Report privacy complaints and incidents promptly so that

appropriate action can be taken.

All employees, managers, contractors, and subcontractors will

immediately notify the Medicare/Medicaid Compliance Officer,

the Medicare Privacy Officer, or the Cigna Privacy Office of

any incident involving a potential violation of the HIPAA Privacy

or Security Rules, HITECH Act or Cigna's Privacy Policies and

Procedures.






C e r t i f i c a t i o n

Completion of Cigna-HealthSpring’s

Medicare Compliance Training Certification

I hereby certify that I have received, read and understand Cigna’s written standards of conduct for Medicare Compliance,

including standards of conduct on Fraud, Waste and Abuse, that I have been trained on such standards, and that I understand

my responsibility to comply with the requirements of such standards

S i g n a t u r e : _____________________

Date: ________

Retain for your records

Documents

2013 Medicare Compliance Training - Cigna · External Medicare Compliance Training 7/62 Cigna- H e a l t h S p r i n g M e d i c a i d Medicaid is a federal health insurance program