Health care providers enter into agreements with vendors on a daily basis. Providers have agreements with suppliers for items and services, such as – durable medical equipment, medical supplies, EKG/Holter monitoring services and pharmaceuticals. Providers also have agreements with ancillary providers, like rehabilitation therapists, audiologists, psychologists, wound care professionals, and others.
Entering into and working with these types of agreements and arrangements can and does become a routine function of any provider. Often when providers treat these agreements as a routine day to day function, important compliance and business related concerns can get overlooked. An important element of the compliance function of any provider organization should include a periodic review of its vendor agreements and arrangements.
A review of vendor agreements should include a review of certain specific areas, such as: compensation/reimbursement, fraud and abuse, CMS and state regulatory issues and any special issues specific to the type of agreement or arrangement. The following is a quick summary of some important areas of review that should be part of a period process.
Depending upon the arrangement, a review of compensation and reimbursement issues should include a review of the financial terms of the agreement and whether or not they continue to meet both the business and compliance goals of the provider organization. Special issues like SNF consolidated billing and “under arrangements” transactions, CMS’ anti-markup rules  and state specific prohibitions on percentage based arrangements may be part of the contract review depending upon the provider type and the nature of the agreement.
Fraud and Abuse
The Federal Anti-kickback Statute  , the Federal physician self-referral prohibitions (the “Stark Law”) , the Civil Monetary Penalties law and state specific fraud and abuse prohibitions can all be implicated in almost any vendor arrangement. As a result, an integral part of any compliance function is to ensure that before the agreement is entered into, it complies with the applicable statutes and regulations. However, business practice and the arrangement overall may change over time. As a result, compliance professionals and management staff should revisit agreements and confirm that the business relationship still conforms to the agreement and the compliance assumptions made at the outset of the arrangement.
Some basic issues to consider when taking a periodic look at fraud and abuse issues in vendor agreements are –
– Does the arrangement involve a physician or referral source? If it involves a physician, the provider will need to consider whether or not the Stark Law is implicated. If it involves some other type of referral source, another look at compliance with the applicable anti-kickback prohibitions is important.
– Does the arrangement involve different compensation structures where the vendor is billing Medicare or Medicaid directly and the provider is doing the billing in other circumstances? In that circumstance, swapping or related concerns may be involved and compliance with the applicable anti-kickback prohibitions is something to evaluate.
– Are there free, low-cost, below cost or discounted items included in the arrangement whether specifically set forth in the agreement or otherwise? Those types of arrangements necessitate a review of compliance with applicable anti-kickback prohibitions.
CMS and State Regulatory Issues
Has the vendor recently been checked to ensure that it is not an excluded entity?  They may have been run through a screening process when the arrangement was entered into, but have they been checked since? Is the provider an institutional provider with regulatory obligations to ensure that independent contractors that are hired have completed health exams and have appropriate vaccinations, licenses, etc ? The agreement may include provisions that require the vendor to ensure that all of these things are addressed. However, as part of the compliance function, a periodic audit or spot check of the vendor should be conducted. The last thing a provider needs is to find out the nurses it has contracted for are not appropriately licensed and they have been working with the provider for years.
To the extent that patient identifiable information is involved, does the agreement address how the parties will protect that information under applicable laws, like HIPAA? Very often HIPAA provisions are treated as boilerplate and providers assume vendors know what they need to do and are doing what they should. Information practices of the provider or vendor may have changed since the original entry into the business relationship. Additionally, enforcement authorities are doing much more with respect to inappropriate information disclosures and enforcement overall is on the rise. Periodically looking at this issue and auditing vendors to ensure compliance should be an important part of any compliance function.
Specific regulatory requirements or a particular type of fraud and abuse concern may come into play with certain types of arrangements. For example, Skilled nursing facility arrangements with dialysis providers are subject to specific CMS regulatory guidance and requirements relating to the arrangement. A periodic review of that type of agreement needs to include those specific or special issues.
Similarly, arrangements between hospitals or assisted living facilities with home health agencies include special issues that need to be considered. In the hospital context, does the arrangement include exclusivity that may violate certain regulatory requirements depending upon how it is structured. In the assisted living context, is the arrangement affected by state specific rules on the nature and types of services that can be provided by an independent third party home health provider on the premises of the assisted living facility?
Making sure that any periodic review includes these arrangement specific issues is important to make the review effective and efficient.
Develop a Periodic Plan of Review
Should the compliance or management staff of a provider be pulling out all vendor agreements monthly and reviewing them again? Probably not. However, having a periodic (maybe quarterly) plan to take a look through the agreements should be an integral part of any provider compliance process, even if there is a strong internal compliance and legal process that is actively involved prior to entering into any arrangement. Arrangements and practices change and issues can get overlooked. Additionally, documenting a periodic process of review and auditing vendor arrangements will be a significant part of proving the effectiveness of a compliance function should a provider organization ever be required to do so.
For more information on developing a plan of periodically reviewing vendor arrangements, understanding any of the substantive areas of inquiry that should be a part of any review or simply understanding the legal and regulatory issues in vendor relationships in general, please contact a member of Benesch’s Health Care Department.
42 CFR § 414.50
 42 U.S.C. §1320a-7b(b)
 42 U.S.C. §1395nn
 42 U.S.C. § 1320a-7a
 For more information on excluded entities, see our Issue Brief here –> Issue Brief: Individuals Excluded from Federal Healthcare Programs or Federal Contracting: Protecting Your Organization