OIG ISSUES DRAFT COMPLIANCE GUIDANCE FOR INDIVIDUAL AND SMALL GROUP PHYSICIAN PRACTICES

OIG ISSUES DRAFT COMPLIANCE GUIDANCE FOR INDIVIDUAL AND SMALL GROUP PHYSICIAN PRACTICES

Andrew B. Wachler, Esq.
Wachler & Associates, P.C.
Royal Oak, MI

Introduction

In the latest of its series of compliance program guidances, the Office of the Inspector General ("OIG") focuses on physician practices. On June 7, 2000, the OIG released the Draft Compliance Guidance for Individual and Small Group Physician Practices (hereinafter "Physician Guidance" or "Draft Guidance") on its web site. The Draft Guidance was subsequently published as a Federal Register notice on June 12, 2000 and includes an extended comment period of 45 days from the date of publication. The OIG departed from the usual 30-day comment period in an effort to provide additional time for the physician community to review the Draft Guidance and provide the OIG with "thoughtful comments."1 In the Draft Guidance, the OIG states that while it believes that the great majority of physicians are honest, "all health care providers have a duty to ensure that the claims submitted to Federal health care programs are true and accurate" and that "the development of effective compliance programs in physician practices will go a long way toward achieving this goal.

In an effort to address what it believes is a widespread misunderstanding in the physician community with regard to the Government's enforcement activities, the OIG emphasizes that innocent and negligent errors will not subject physicians to civil or criminal penalties and that it is "very mindful of the difference between innocent errors ("erroneous claims") on one hand, and reckless or intentional conduct ("fraudulent claims") on the other."2 It is important to note, however, that despite the OIG's assurances, the physician community's concerns will likely remain in light of the subjective manner in which the applicable statutes may be interpreted by prosecutors and other law enforcement authorities around the country. Moreover, in some cases, private individuals may proceed under the Qui Tam provisions of the Civil False Claims Act without intervention by the government for those cases in which the government itself does not believe a health care provider's actions rise to the level of civil fraud.

The purpose of the Draft Guidance is to assist solo and small physician practices3 in the development and implementation of compliance controls and procedures that promote adherence to applicable laws, regulations and third party payor requirements. While the Draft Guidance does not include a model compliance plan and does not contain an exhaustive list of all potential risk areas, the OIG does provide detailed information regarding its view-point on specific physician risk areas as well as detailed appendices setting forth risk areas, examples of suspect activity, and applicable civil and criminal laws for consideration in developing a physician compliance program.

Similar to the compliance program guidance's previously issued for other health care entities, the Physician Guidance contains seven key elements that the OIG believes are fundamental to an effective compliance program. According to the OIG, every effective compliance program should begin with a commitment by the physician practice to address the following key elements: (1) the development and implementation of written standards of conduct and policies and procedures; (2) the assignment of compliance responsibility to a designated compliance officer or compliance contact; (3) the implementation of effective training and education; (4) internal monitoring and auditing focusing on high-risk billing and coding issues through performance of periodic audits; (5) the development of accessible lines of communication, such as discussions at staff meetings and community bulletin boards to keep staff updated regarding compliance activities; (6) the enforcement of compliance through well-publicized disciplinary guidelines; and (7) responding appropriately to detected violations. In a departure from previous guidances directed at larger entities, the Physician Guidance takes into account the limited resources of solo and small practices by acknowledging that "full implementation of all elements may not be feasible for all physician practices" and that "smaller practices should consider addressing each of the elements in a manner that best suits the practice."

Through the Draft Guidance, the OIG also encourages physicians to participate in compliance programs of other entities, such as hospital programs, in order to provide a means to promote compliance activities without imposing undue burdens on solo and small practices. Health care legal counsel advising physician practices with regard to compliance should play an important role in evaluating whether or not certain collaborative compliance efforts will work effectively for the practice. For instance, a hospital's compliance program may not adequately address billing and related requirements specific to the practice's field of specialty.

Written Policies and Procedures General

According to the OIG, the development and implementation of written policies and procedures are "essential to all physician practices, regardless of size and capability." The OIG notes that in order for physician practices to develop compliance policies and procedures, the practice should determine which areas need to be addressed based on the specific needs of the practice. In addressing this area, the OIG suggests that one cost-effective approach is the creation of a resource manual from publicly available information. For example, the OIG suggests that physician practices can create a binder which contains Medicare Carrier bulletins, Fraud Alerts, HCFA directives and other similar public documents pertinent to the practice. For more technical information, the binder could contain summaries of the information with the source documents available upon request. Given the nature of the health care legal environment, all physicians, even those with limited budgets, are well advised to create readily accessible resource binders. Once created, these resource binders should be reviewed by all relevant employees. The OIG also notes that practices may, in part, meet the goal of developing policies by periodically updating clinical forms and records. These revisions may go a long way in facilitating appropriate documentation and thereby enhancing the practice's documentation, coding and billing compliance.

Specific Risk Areas

Of particular interest to health care legal professionals that are assisting physician practices in implementing compliance programs, are the specific risk areas identified in the Draft Guidance as areas of vulnerability for physicians. Moreover, the OIG advises physicians to utilize other resources such as Special Fraud Alerts, Advisory Opinions, and OIG Work Plans in identifying and addressing risk areas and provides a listing of internet resources to assist physicians in this process. The OIG sets forth a number of different areas of concern for physicians within the main body of its Draft Guidance. The OIG's annotated footnotes and appendices also provide a comprehensive, although not exhaustive, look at the risk areas and provide a valuable framework for physicians interested in implementing voluntary compliance activities. The Appendices also summarize the applicable civil and criminal health care laws that may be implicated and, by way of example, provide insight into the OIG's views with regard to activities which the OIG believes violate these laws.

The physician risk areas identified within the main body of the Physician Guidance include the following general categories: (1) Coding and Billing; (2) Reasonable and Necessary Services; (3) Documentation; and (4) Kickbacks, Inducements, and Self-Referrals. The additional risk areas identified by the OIG within Appendix A of the Draft Guidance include: (1) Local Medical Review Policies; (2) Advanced Beneficiary Notices; (3) Physician Liability for Certifications in the Provision of Medical Equipment and Supplies and Home Health Services; (4) Billing for Non-Covered Services as if Covered; (5) The Physician Role in The Patient Anti-Dumping Statute; (6) Teaching Physicians; (7) Gainsharing Arrangements and Civil Monetary Penalties for Hospital Payments to Physicians to Reduce or Limit Services to Beneficiaries; (8) Third-Party Billing Services; (9) Billing Practices by Non-Participating Physicians; (10) Professional Courtesy; (11) Rental of Space in Physician Offices by Persons or Entities to Which Physicians Refer; and (12) Unlawful Advertising.

Billing and Related Risk Areas

With the Civil False Claims Act being the Government's primary enforcement tool, it is no surprise that coding and billing tops the OIG's list. The OIG notes that the identification of coding and billing risks "should be a major part of any physician practice's compliance program." Within the general category of coding and billing, the OIG includes the following areas which have been the most frequent subject of government investigation and audits:

• Billing for items and services not rendered as claimed;
• Submitting claims for equipment, medical supplies and services that are not reasonable and necessary;
• Double billing;
• Billing for non-covered services as covered;
• Knowing misuse of provider identification number;
• Billing for unbundled services;
• Failure to properly use coding modifiers; and
• Upcoding

While some of the identified risk areas involve rather obvious problematic activities (e.g., billing for items and services not rendered and billing for non-covered services as covered), the OIG's list also includes areas that are subject to varying interpretations. For example, a government auditor's view that a service is not medically necessary in hindsight may differ from the physician's determination that a service is medically necessary for a particular patient at the time of service. When services are denied by the Medicare Carrier on post-payment audit for lack of medical necessity, depending on the circumstances, the physician may prevail during the administrative appeals process utilizing legal theories including the treating physician rule and the waiver of liability defense.

Documentation is another major risk area identified by the OIG. Specifically, the OIG notes that "timely, accurate and complete documentation is critical to nearly every aspect of a physician practice" and thus "one of the most important physician practice compliance issues is the appropriate documentation of diagnosis and treatment." With regard to the medical record, the OIG states that documentation, at a minimum, should comply with the following principles:

• The record should be complete and legible;
• Each encounter should include the reason, relevant history, exam findings, prior test results, assessment, clinical impression or diagnosis, plan of care, date and identity of observer;
• If not documented, the rationale for ordering of tests/services should be easily inferred and past and present diagnoses should be accessible; and
• Appropriate identification of health risk factors as well as documentation of patient's progress, response, changes in treatment, and any revision to the diagnosis.

Given the focus on documentation from a potential fraud and abuse perspective, as well as with regard to third party payor audit activity, physician practices should take steps to implement consistent and practical documentation guidelines. The OIG also suggests that physicians obtain additional information on appropriate documentation by referencing the HCFA and AMA Documentation Guidelines for Evaluation and Management Services which are avail- able at www.hcfa.gov/medicare/mcarpti.htm.

Kickback/Improper Inducement Related Risk Areas

In addition to the billing related risk areas, the OIG also states that physician practices should have policies and procedures in place to ensure their relationships are in compliance with the anti-kickback and Stark laws. Areas of particular concern for the OIG are physician arrangements with hospitals, hospices, nursing facilities, home health agencies, and durable medical equipment suppliers. Within the Draft Guidance, the OIG advises physicians to have all business arrangements that involve referrals reviewed by legal counsel familiar with the anti-kickback and Stark laws. The OIG also notes that HCFA is expected to issue final Stark II regulations later this summer. Upon issuance of the final clarifying regulations, physician relationships should be carefully reviewed for compliance with the Stark laws.

With the issuance of the final regulations, the health care community may see increased enforcement of Stark law violations which can carry civil monetary penalties of up to $15,000 for each improper claim submitted as well as other penalties.

In addition to addressing fraud and abuse risks implicated with health care provider and supplier referral sources, the OIG also states that physicians should implement policies to avoid risks involving inappropriate inducements to patients such as the routine waiver of co-payments and deductibles and failing to make reasonable collection efforts. Appropriate handling of co-payments and deductibles continues to be an area of focus for the OIG and has been identified in previously issued OIG guidances (e.g., third-party billing companies, hospitals, and DME suppliers). Accordingly, physician practices are well advised to carefully review their practice of collecting copayments and deductibles.

Appendix A Medical Necessity Related Risk Areas

Within Appendix A of the Draft Guidance, the OIG further addresses issues regarding the medical necessity of services, emphasizing the importance of the local Medicare Carrier medical review policies and physician awareness as to applicable policies. HCFA's web site containing local medical review policies for each Medicare Carrier can be accessed at www.lmrp.net.4 The importance of physician awareness of the applicable rules and regulations, including local medical review policies, is illustrated by the OIG's example of activity that it views as falling within the deliberate ignorance intent standard of the Civil False Claims Act.

Specifically, the OIG states: "[a]n example of a provider who submits a false claim with deliberate ignorance would be a physician who ignores provider update bulletins and thus does not inform his/her staff of changes in the Medicare billing guidelines or update his/her billing system in accordance with changes to Medicare billing practices. When claims for non-reimbursable services are submitted as a result, the False Claims Act has been violated."

Appendix A also addresses physician liability in connection with DME and home health certifications, a risk area which has also been the subject of a January 1999 Special Fraud Alert. The OIG emphasizes that physicians who sign certificates of medical necessity should be fully aware of the representations they make by signing such forms. The OIG advises that activities that can subject the physician to civil, criminal or administrative sanctions include:

• signing blank certificates;
• signing certificates without seeing the patient to verify the necessity; and
• signing a certificate for a service the physician knows is not reasonable and necessary.

In connection with the submission of claims for non-covered services, the OIG addresses a common question: "If the medical services provided are not covered under Medicare, but the secondary or supplemental insurer requires a Medicare rejection in order to cover the services, then would the original submission of the claim to Medicare be considered fraudulent?" According to the OIG, "[u]nder the applicable regulations, the OIG would not consider such submissions to be fraudulent." It is important to note, however, that the OIG states that the physician should indicate on the claim that it is being submitted for purposes of obtaining a denial and, that in those instances in which the Medicare Carrier erroneously pays the claim, the physician has the responsibility to refund the amount erroneously paid.

Appendix A Physician Relationship with Hospital Risk Areas

Given the continued government focus on teaching physician requirements as reflected in the Draft Guidance, physicians practicing in a teaching capacity should, in addition to the other risk areas noted, carefully review the teaching regulations as well as any hospital policy relative to such services. In a footnote, the OIG emphasizes that its limited discussion addressing teaching physician issues is not intended to be a complete reference and that it strongly recommends that physicians in a teaching setting consult their respective hospitals for additional guidance.

Appendix A Billing Practices
Risk Areas

The OIG also addresses physician billing practice risk areas within Appendix A including physician relationships with third party billing services, billing practices by non-participating physicians and professional courtesy issues. Of particular importance to those physician practices that use third-party billing services is the OIG's statements that "[p]hysicians should remember that they remain responsible to the Medicare program for bills sent in the physician's name or containing the physician's signature, even if the physician had no actual knowledge of a billing impropriety." The OIG also raises issues with regard to physician practices contracting with billing services on a percentage basis and notes that although such arrangements are not illegal per se, the OIG has a longstanding concern regarding the potential for intentional upcoding and similar abusive practices. The OIG, citing the relevant reassignment provisions, notes that a physician may contract with a billing company on a percentage basis, however, in such circumstances, the billing company cannot "directly" receive Medicare payments to the physician.5

Professional courtesy is another area of risk identified by the OIG and, given the OIG's continued focus on this area, should be addressed by all physician practices, regardless of the size. Within the Draft Guidance, the OIG addresses the practice of waiving all, or a part, of the physician fee provided to other physicians and their family members, as well as the practice of "insurance only billing" to such indi- viduals. According to the OIG, whether a professional courtesy arrangement runs afoul of the fraud and abuse laws is determined by (1) how the courtesy recipients are selected and (2) how the courtesy is extended. The OIG notes that if courtesy recipients are selected in a manner that takes into account their ability to affect past or future referrals, the kickback law may be implicated. Moreover, if the courtesy is given by the physician in the form of a waiver of co-payment, other laws may be implicated including the prohibition of inducements to beneficiaries.6 Furthermore, the OIG notes that claims submitted under either scenario may implicate the Civil False Claims Act. It is important for physician practices to understand that the legality of extending a professional courtesy in any case will depend upon the particular facts and, with regard to kickback implications, the intent of the parties involved in the arrangement.

Appendix A Other Risk Areas

The Draft Guidance, referencing a February 2000 Fraud Alert on the topic, also addresses potentially illegal practices concerning the rental of office space in physician offices by persons or entities to which the physician refers. According to the Draft Guidance, the OIG is concerned that rental payments in such arrangements may be disguised kickbacks to the physician for purposes of inducing referrals from the physician landlord. In order to avoid potentially fraudulent arrangements, the OIG recommends that the rental agreement comply with the provisions of the space rental safe harbor to the kickback law. Physicians who are currently in, or contemplating, rental agreements in this area are well advised to have health care legal counsel review the arrangement for compliance with the applicable fraud and abuse laws.

Appendix B and C Information

In addition to the specific risk areas identified by the OIG, the OIG also sets forth a summary of applicable criminal, civil and administrative statutes along with hypothetical illustrations of circumstances which, according to the OIG, violate these statutes within Appendices B and C of the Draft Guidance. In furtherance of compliance education, physician practices should carefully review these appendices as they provide useful insight with regard to the government's viewpoint.

Compliance Responsibility

In order to take into account the limited resources in small physician practices, the OIG Draft Guidance provides flexibility with regard to assigning overall compliance responsibility and suggests that some practices may consider designating compliance contacts in lieu of a designated compliance officer. For example, one employee/compliance contact could be charged with preparing policies while another employee/compliance contact could be responsible for auditing functions.

With regard to those practices desiring to designate a compliance officer, the OIG states that such person could be "the office manager or the primary biller" if that person is "sufficiently independent in his or her position so as to protect against any conflicts of interest that may arise from performing assigned duties and compliance duties." A practice contemplating the designation of a primary biller or manager as the compliance officer of the practice ought to carefully consider the potential conflicts inherent in such designation. Moreover, in making such an important delegation, physicians should keep in mind the OIG's statements that "they remain responsible to the Medicare program for bills sent in the physician's name or containing the physician's signature, even if the physician had no actual knowledge of a billing impropriety."

Within the Draft Guidance, the OIG also notes that in certain circumstances (e.g., limited staffing resources) a practice may consider outsourcing the compliance officer function to a third party. According to the OIG, this third party could be a consultant, billing company, MSG, or professional association. The OIG advises, however, that physician practices should carefully consider the limitations of outsourcing this role prior to making such a critical decision.

Training and Education

As expected and consistent with previously issued guidances, the OIG believes that both specific and general compliance training and education will play a key role in effective compliance for physician practices. According to the OIG, physician practices may accomplish training through a variety of methods including: in-service and outside seminar training sessions, distribution of newsletters, and the use of office bulletin boards. Of particular interest, the OIG also advises physician practices that they may receive free online training in areas, including but not limited to, general fraud and abuse through HCFA's web site at www.medicaretraining.com.

With regard to compliance training,7 the OIG recommends that new employees receive training within 60 days of their start date and refresher training on an annual basis, or as appropriate. Moreover, those employees involved in the billing or coding function should receive extensive education which may include topics covering the coding requirements, claims submission, marketing practices, appropriate use of signatures, proper documentation, altering of medical records, reporting misconduct, appropriate billing standards, legal sanctions for deliberately false or reckless billing, kickback issues, and incident to rules. Notably, the OIG recommends at least annual coding and billing related training for those involved in the coding and billing aspects of the practice and mentoring by an experienced employee for employees new to coding and billing. For those physician practices looking for further guidance, the OIG states that when monitoring corporate integrity agreements, it usually requires a minimum of one (1) hour annually for basic compliance training with additional training required for specialty areas such as claims development and billing.

The importance of proper employee training is highlighted in connection with the discussion of what constitutes reckless disregard for purposes of imposition of sanctions under the False Claims Act. The OIG provides as an example of reckless disregard "a physician who assigns the billing function to an untrained office person without inquiring whether the employee has the requisite knowledge and training to accurately file such claims."

Communication

The OIG believes that an open line of communication is an essential component of a compliance program. However, unlike the previously issued guidances, the Physician Guidance provides more flexibility for physicians with regard to maintaining formal lines of communication. Specifically, the OIG states that "the nature of a small physician practice dictates that such communication and information exchanges need to be conducted through a less formalized process than that which has been envisioned by prior OIG guidance." For example, the OIG suggests that a physician practice can meet the communication element of a compliance program by implementing an "open door" policy between the physicians and compliance personnel and employees of the practice. The OIG also recommends using other informal communication techniques such as a compliance bulletin board. Although informal communication techniques will necessarily play an important role in physician practice compliance programs, physician practices must exercise caution in using such means of communication when addressing sensitive issues which could lead to potential civil or criminal exposure for the practice. Moreover, although the Draft Guidance encourages physician practices to prominently display the government reporting hotline, by implementing compliance measures, it would seem that physician practices would rather encourage employees to internally report problems through the internal reporting system.

Auditing and Monitoring

Keeping in line with its previously issued compliance program guidances, the OIG believes that ongoing auditing and monitoring of the compliance program as well as the claims submission process is necessary to a successful physician practice compliance program. The OIG recommends that physician practices conduct self-audits of claims and medical records to determine whether:

• the claims are accurately coded and reflect the services provided;
• the services are reasonable and necessary;
• any incentives for unnecessary services exist; and
• medical records contain sufficient documentation.

The OIG states that each practice must decide for itself whether to conduct retrospective or concurrent reviews. The OIG also recommends that a practice conducts a benchmarking or baseline audit of claims submitted during the initial three months after implementation of compliance education and training so as to give the practice a benchmark against which to measure the effectiveness of the compliance program on future audits. Following this benchmarking, the OIG suggests that a practice conduct periodic audits at least annually to ensure that the practice is following the compliance program. According to the OIG, the periodic audits could include reviewing a valid sample of the practice's top ten (10) denials or top ten (10) services, confirmation that all orders were written and signed by a physician, and medical necessity verification. Per the Draft Guidance, a basic guide for record review is two (2) to five (5) records per third party payor, or five (5) to ten (10) records per physician in the practice.

Due to the sensitive nature of assessment and auditing activities (including evaluating potential return of funds and self-disclosure issues), physician practices undertaking auditing activities as part of their compliance programs are well advised to seek legal counsel from experienced health care specialists when engaging in such activity. Health care attorneys who work with physicians to develop compliance programs may be in the best position to assist them in fulfilling compliance obligations while also minimizing the risk of potential adverse actions. For example, providers may consider the advantages of utilizing both the attorney/client privilege and pre-submission auditing techniques to reduce risks inherent in auditing and monitoring.

Well-Publicized Disciplinary Guidelines

According to the OIG, "[e]nforcement and disciplinary provisions are necessary to put teeth into a compliance program." The OIG notes, however, that a practice's enforcement and disciplinary procedures should be "flexible enough to account for mitigating or aggravating circumstances." Possible disciplinary actions for noncompliance could include: oral warnings, written reprimands, probation, demotion, temporary discharge, termination, restitution, 18 - and referral for criminal prosecution. The Physician Guidance also states that physician practices should check the OIG List of Excluded Individuals/Entities [www.dhhs.gov/progorg/oig] to ensure that current and potential employees are not excluded from participation with Federal health care programs. Notably, physician practices should be aware that they face potential civil monetary penalty and other civil and/or criminal exposure for working with excluded individuals and thus should take efforts to implement procedures for undertaking appropriate background checks.

Responding and Taking Corrective Action

Upon receipt of reports of reasonable indications of wrongdoing or otherwise learning of problems, the OIG expects the physician practice to investigate the problem and, if appropriate, take corrective action. Per the OIG, the corrective action may include a corrective action plan, return of over-payments, a report to the Government and/or a referral to law enforcement. Moreover, according to the OIG, "[a] knowing and willful failure to disclose overpayments within a reasonable period of time could be interpreted as an attempt to conceal the overpayment from the Government, thereby establishing an independent basis for a criminal violation with respect to the physician practice, as well as any individual who may have been involved." Due to the difficult issues inherent in addressing investigations and evaluating potential return of funds and self-disclosure, physician practices should seek legal counsel from experienced health care counsel when addressing such sensitive issues.

Experienced legal counsel can assist the practice in fulfilling compliance obligations while also minimizing the risk of potential adverse actions to the practice resulting from investigation and disclosure issues.

Conclusion

Given the current health care enforcement environment and the OIG's continuing focus on compliance, physician practices, regardless of their size, should strongly consider undertaking certain voluntary compliance activities. Although full compliance with the Draft Guidance is not mandatory, physician practices, with assistance from health care legal counsel, can use this guidance as a valuable tool in developing and implementing practical and cost-effective compliance mechanisms into their practices. In using the Draft Guidance to assist physician clients, the health care legal community should be mindful that the Draft Guidance is written from the OIG's perspective. Health care legal counsel should use their experience and independent judgment when addressing compliance issues and implementation. The Federal Register publication includes a 45-day comment period which may result in further insight and clarification of certain issues for the physician and health care legal community.

The OIG suggests that a practice conduct periodic audits at least annually to ensure that the practice is following the compliance program. According to the OIG, the periodic audits could include reviewing a valid sample of the practice's top ten (10) denials or top ten (10) services, confirmation that all orders were written and signed by a physician, and medical necessity verification. Per the Draft Guidance, a basic guide for record review is two (2) to five (5) records per third party payor, or five (5) to ten (10) records per physician in the practice.

Andrew B. Wachler is a principal of Wachler & Associates, P.C. He graduated Cum Laude from the University of Michigan in 1974 and Cum Laude from Wayne State University Law School in 1978. Mr. Wachler is a member of the State Bar of Michigan, Health Care Law Section (Health Providers Subcommittee) American Bar Association, Health Care Law Section Council of the State Bar of Michigan, American Health Lawyers Association, and the Michigan Society of Healthcare Attorneys.

Endnotes

¹ To ensure consideration, comments must be delivered to Office of Inspector General, Department of Health and Human Services, Attention, OIG-7P-CPG, Room 5246, Cohen Building, 330 Independence Avenue S.W., Washington D.C. 20201, by no later than 5:00 P.M. on July 27, 2000.

² The OIG reminds that innocent or negligent errors resulting in overpayments to physicians still require repayment.

³ Note that the Draft Guidance applies to the following individuals: (1) a doctor of medicine or osteopathy, (2) a doctor of dental surgery or dental medicine; (3) a podiatrist; (4) an optometrist; or (5) a chiropractor. Per the OIG, the Draft Guidance may also be useful to other independent practitioners such as physical therapists, occupational therapists, speech language pathologists and psychologists.

⁴ According to footnote 52 of the Draft Guidance, the web site will not be fully complete until the end of the year 2000. Although at present it may not have all of the contractors' policies available, it is currently accessible. 5 Per the Medicare Carriers Manual, a payment is considered to be made directly if the billing company can convert the payment to its own use and control without payment first passing through the control of the physician. 6 Note that this prohibition would be implicated only if the patient for whom the co-payment is waived is a Federal health care program beneficiary and does not fall within the financial hardship category. 7 This includes training with respect to the compliance program and its operation as well as applicable health care statutes and regulations.