AMARILLO, TX – The term “subcontract” is a fairly simple term. A subcontract arises when one company (“ABC, Inc.”) pays another company (“XYZ, Inc.”) to perform services. This is the classic 1099 independent contractor arrangement. For example, if Vivian’s Nursing Home contracts with DEF Lawn Mowing Service to mow the grounds of Vivian’s, then DEF becomes a subcontractor of Vivian’s. More to the point, if a DME supplier hires a billing company to submit claims for the supplier, then the billing company becomes a subcontractor of the DME supplier.
Let us look at subcontracting in the context of Medicare Advantage (“MA”) and Medicaid Managed Care (“MMC”) contracts. I will collectively refer to these contracts as third-party payor (“TPP”) contracts. Approximately 50% of Medicare beneficiaries are covered by MA and approximately 70% of Medicaid patients are covered by MMC. This means that most DME suppliers must enter into multiple TPP contracts in order for the suppliers to have access to their customers.
It is important for the DME supplier to review its TPP contracts to determine what the contracts say about subcontracting.
- A TPP contract may say nothing about subcontracting…in which case the DME supplier is free to enter into subcontracts.
- A TPP contract may say that the DME supplier can enter into subcontract agreements on condition that the supplier gives advanced notice to the TPP.
- A TPP contract may say that the DME supplier can enter into subcontract agreements on condition that the TPP approved the subcontractors in advance.
- A TPP contract may say that the DME supplier can enter into subcontract agreements on condition that not more than e.g., 20% of the supplier’s customers may be served by subcontractors.
- And a TPP contract may prohibit the DME supplier from entering into subcontracts.
The reason that the DME supplier needs to comply with the subcontracting provisions of the supplier’s TPP contracts is because the supplier wants to avoid the scenario in which it has submitted multiple claims to the TPP (and been paid by the TPP for the claims) in violation of the contract. The DME supplier also needs to be aware that its TPP contracts likely incorporate “by reference” the TPP’s policies, procedures, claims manuals, etc. These will not be contained in the contract itself – but rather – will have to be accessed elsewhere.
Now let us narrow our focus to “offshore subcontractors.” Instead of the subcontractor being located in e.g., Des Moines, IA, the subcontractor will be located in e.g., Mumbai (India) or Manila (Philippines). Many U.S. businesses (health care related and non-health care related) contract with offshore subcontractors for BPO (business, process, outsource) services. BPO services are sometimes referred to as “back office” services. The motivation for doing so is to reduce costs.
As will be discussed, below, it is permissible for DME suppliers to utilize offshore subcontractors…but as is often the case, the “devel is in the details.”
Federal Guidelines
There are no federal laws that prohibit the use of offshore subcontractors. During enrollment and revalidation, or when there is a change in such an arrangement, the DME supplier may have to disclose the existence of offshore subcontractors.
In 2007 and 2008, CMS issued several memoranda to Part C sponsors concerning the use of offshore subcontractors. According to the memoranda:
- Sponsors are to report specific offshore subcontractor information and complete attestations regarding protection of PHI.
- Sponsors may, in turn, pass these requirements onto network providers and suppliers.
State Guidelines
On December 30, 2010, CMS issued a memorandum to State Medicaid Directors that prohibits State health plans from providing payments (for items and services) to a financial entity located offshore. This does not prohibit payment to outsourcing facilities located offshore that provide plan administration or call centers for enrollment or claims adjudication. On the other hand, this does prohibit a State plan from making payments to a provider’s/supplier’s bank that is located offshore. This also prohibits the State plan from paying offshore telemedicine companies and pharmacies.
On April 11, 2014, the Office of Inspector General (“OIG”) issued a Memorandum Report to CMS regarding the use of offshore subcontractors. The OIG issued a questionnaire to all State Medicaid programs regarding the use of offshore subcontractors. The questionnaire focused on protections the State Medicaid programs had in place for protection of PHI when using offshore subcontractors. Based on the Memorandum, several State Medicaid programs prohibit the use of offshore subcontractors.
TPPs
It is important for the DME supplier to review (i) its contracts with TPPs, (ii) the provider manuals of the TPPs the supplier works with, and (iii) the payor policies of the TPPs the supplier works with. As discussed above, TPPs may (i) require the supplier to give advanced notice before contracting with an offshore subcontractor, (ii) require the supplier to obtain the permission of the TPP to contract with an offshore subcontractor, (iii) prohibit the use of subcontractors, or (iv) have no policy at all regarding offshore subcontractors.
Privacy Laws of Other Countries
In addition to understanding the requirements of the federal government, State Medicaid programs, and TPPs, it is important that the DME supplier expect its offshore subcontractor to comply with its own country’s privacy laws. A number of countries have privacy laws that are similar to HIPAA. Following is a brief discussion of the privacy laws of the Philippines and India.
Philippines
The Data Privacy Act of 2012 was implemented in 2012. It is the first comprehensive law covering data privacy in the Philippines. The National Privacy Commission (“NPC”) was established in 2016. It issued implementing regulations pertaining to the Act. The regulations provide, in detail, the requirements that persons/entities must follow when processing personal data. The NPC can also levy sanctions.
The NPC requires entities to submit an Annual Security Incident Report that summarizes all security incidents and personal data breaches. The NPC also issues decisions in response to complaints of privacy violations.
India
The Digital Personal Data Protection Act of 2023 is the governing law on personal data protection. At present, there are no implementing regulations. Guidance from the government is expected regarding (i) notice obligations, (ii) consent managers’ duties, (iii) data breach reporting, (iv) collection of verifiable parental consent, and (v) the constitution of the Data Protection Board of India. The Board will (i) respond to complaints, (ii) direct responses in the event of a personal data breach, (iii) conduct inquires, (iv) issue directives, and (v) impose penalties.
Conclusion
Generally, there are no federal prohibitions on the use of offshore subcontractors with respect to Medicare programs. Medicare requires disclosure of subcontractors by certain providers during the enrollment process and at various times, such as revalidation and when there are changes to those arrangements. Conversely, federal law implemented restrictions on State Medicaid programs that prohibit the payment of offshore subcontractors or agents in certain circumstances, notably including telemedicine providers and pharmacies and payment to providers’ accounts if they are located offshore. Additionally, State Medicaid programs may contain some limitations and restrictions on the use of offshore subcontractors. These limitations vary by state.
TPPs may have their own rules and requirements pertaining to the use of offshore subcontractors. Those requirements are often contained in the payor/network agreement, provider manual, and/or payor policies. TPPs that administer MA and MMC plans likely will also have requirements to comport with governmental requirements and restrictions on offshore subcontractors for those specific plans.
Jeffrey S. Baird, JD, is chairman of the Health Care Group at Brown & Fortunato, PC, a law firm based in Texas with a national health care practice. He represents pharmacies, infusion companies, HME companies, manufacturers, and other health care providers throughout the United States. Mr. Baird is Board Certified in Health Law by the Texas Board of Legal Specialization and can be reached at (806) 345-6320 or [email protected].
AAHOMECARE’S EDUCATIONAL WEBINAR
Copayment Collection and Patient Assistance Programs
Presented by: Jeffrey S. Baird, Esq., Brown & Fortunato & Matthew D. Earl, Esq., Brown & Fortunato
Tuesday, February 13, 2024
1:30-2:30 p.m. CENTRAL TIME
Federal law is clear: a DME supplier must make a reasonable effort to collect copayments. All (or virtually all) commercial insurers, including Medicare Advantage Plan, impose the same requirement. If a DME supplier routinely waives or reduces copayments, it can be held liable under the federal anti-kickback statute, federal beneficiary inducement statute, and federal False Claims Act. In fact, many federal criminal and civil cases brough against DME suppliers (often at the instigation of a whistleblower) are based, in whole or in part, on the failure to make a reasonable effort to collect copayments. In the same vein, insurers will terminate agreements with suppliers on the basis of not making a reasonable effort to collect copayments. This program will (i) discuss what it means to “make a reasonable effort” to collect copayments; (ii) discuss how a supplier can implement a financial hardship policy that allows the supplier to waive/reduce a copayment on a patient-by-patient basis; (iii) point out that the existence of such a financial hardship policy cannot be advertised; (iv) discuss how a DME supplier can implement a patient assistance program; and (v) discuss how a supplier can access charities that may be in the position to assist patients in paying their copayments.
Register for Copayment Collection and Patient Assistance Programs on Tuesday, February 13, 2024, 1:30-2:30 p.m. CT, with Jeffrey S. Baird, Esq., and Matthew D. Earl, Esq., of Brown & Fortunato.
Members: $99
Non-Members: $129
AAHOMECARE’S EDUCATIONAL WEBINAR
Cash-Only Retail: How to Succeed
Presented by: Jeffrey S. Baird, Esq., Brown & Fortunato
Tuesday, April 16, 2024
1:30-2:30 p.m. CENTRAL TIME
The DME industry primarily serves the elderly. This means that most DME suppliers are dependent on traditional Medicare and Medicare Advantage for most of their revenue. But as DME suppliers know from experience, it can be challenging to be so tied to Medicare. This is where retail comes in. There are 78 million Baby Boomers who are retiring at the rate of 10,000 per day. Many Boomers are willing to pay cash for “Cadillac” items rather than being limited to the “Cavalier” items paid for by Medicare. This program will present the legal parameters within which DME suppliers can move into the retail space. The issues to be presented will include the following:
- Whether the retail business should be (i) under the supplier’s existing Tax ID # or (ii) operated by a separate legal entity.
- State DME licensure.
- Selling Medicare-covered items at a discount off the Medicare allowable.
- Obtaining physician prescriptions.
- Collection and payment of sales tax.
- Qualification as a “foreign” corporation.
- Required notification to a Medicare beneficiary even though the supplier does not have a PTAN.
Registration coming soon for Cash-Only Retail: How to Succeed on Tuesday, April 16, 2024, 1:30-2:30 p.m. CT, with Jeffrey S. Baird, Esq., Brown & Fortunato.
Members: $99
Non-Members: $129