Apria is a leading provider of medical equipment and home healthcare services. It supports patients undergoing oxygen therapy, inhalation therapy, sleep apnea treatment, and negative pressure wound therapy. The company has 290 locations throughout the continental United States and Canada. It was the first healthcare company of its type to be accredited by The Joint Commission, which has been continuing for over two decades. The company’s high quality standards have led to numerous awards, including the prestigious Gold Seal of Approval.
Co-pay waivers offered by Apria’s branches
Apria’s branches provide co-pay waivers to patients in need of respiratory and oxygen equipment. To offer this program, Apria has entered into a Corporate Integrity Agreement with the HHS-OIG. In exchange for this agreement, Apria is required to comply with various standards of conduct, including independent reviews of claims. The aim is to safeguard federal health programs. Despite these measures, Apria continues to offer co-pay waivers to NIV patients.
Apria Healthcare Group submitted fraudulent claims to Medicaid and Medicare. The company lied to obtain payment for expensive non-invasive ventilators. These payments were not based on an individualized assessment of financial need. Instead, the company submitted fraudulent claims to obtain millions of dollars from the government health programs. The company has agreed to pay a settlement amount to the whistleblowers. This settlement is a victory for patients and taxpayers.
If Apria’s branches continue to offer co-pay waivers, the provider should implement policies and procedures for compliance with federal and state laws. Employees should be regularly trained to comply with these policies. The policy should also take into account the plan agreements with which the provider works. For example, Apria’s branches should conduct ongoing training and compliance education to ensure that all employees understand it. Especially important are the employees who are involved in marketing, business development, and accounting.
Apria’s respiratory therapists were responsible for monitoring patients’ NIV usage. Despite that fact, the RTs were not always available for the patients, failing to monitor their NIV use. By December 2016, Apria failed to complete more than half of the required visits. Further, the RTs were not required to follow up with patients who stopped using NIVs.
While the government regards co-pays and deductibles as important components of Medicare, routinely waiving them for patients could violate the Anti-Kickback Statute. Not only would such practices violate federal law, but they could also be illegal and result in fines and exclusion from government health insurance programs. The anti-kickback law prohibits any form of exchange of value for referrals of Government Health patients. By denying this service, healthcare providers are breaking the law.
Failure to conduct regular in-home visits
Apria failed to conduct regular in-home visits for patients who needed a NIV. Moreover, a review of its internal documents showed that nearly half of the RTs at various branches failed to complete their scheduled visits in December. Moreover, despite failing to perform their duty, Apria continued to seek reimbursement from federal health programs for NIV rentals. The investigation revealed that the RTs failed to assess whether the NIV rentals were still medically necessary. Ultimately, the company entered into a Corporate Integrity Agreement with HHS and implemented steps to protect federal health care programs.
Despite these deficiencies, the company continued to seek reimbursement from federal health programs despite failing to make regular in-home visits. In December 2016, over 50% of its respiratory therapists failed to conduct in-home visits for patients. In addition, the respiratory therapists failed to ensure that the patients were still using their NIVs. Ultimately, Apria failed to stop seeking reimbursement from federal health programs and to monitor whether these patients were still using the equipment.
False claims submitted to federal health programs
In order to protect yourself from being sued for submitting false claims, it is essential to implement a standard health care compliance program. Using a standard health care compliance program will not only help you maintain regulatory compliance, but it will help you reduce the risk of fraud, abuse, and waste. False claims to federal health programs are not only costly to your organization, but can also damage its credibility. If you are considering initiating an investigation into a potential fraud or waste, a health care compliance program is the perfect place to start.
The Federal False Claims Act is a federal law that prohibits certain types of fraudulent claims. It states that healthcare practices cannot bill the government for services they did not provide, bill for the same service more than once, or make false statements in order to receive payment. Violations of the False Claims Act can result in significant financial penalties for the violator. In addition to criminal penalties, a person can be excluded from participation in federal health programs.
If you suspect someone is making false claims to obtain government benefits, contact the Department of Justice or your state’s Attorney General. False claims may be punishable by fines of up to $11,000 and disqualification from federal health programs. If you are convicted, you may face a prison term of up to 5 years and fines up to three times your damages. You may also be required to pay back some or all of the money. If you are suspected of fraud, you can report the incident to the Federal False Claims Act.
If you have received any government benefits through a health care program, you may be held responsible for making false claims. These laws include penalties ranging from $5,000 to $11,000 for each false claim. In addition, these penalties are tripled in case the false claims resulted in substantial financial damage. They also prohibit upcoding, which is the practice of billing for higher payments than intended. You may also be responsible for any expenses incurred by the state for pursuing the action.
Lack of endpoint security for remote devices
One of the main problems with Apria Healthcare’s existing endpoint security solution is that it doesn’t protect all of its devices. It’s important to protect every single device, whether it’s a laptop, tablet, or smartphone. Apria is not alone in this regard. According to the company’s website, it is one of the largest health care organizations in the world, protecting over 8,000 devices with Absolute Resilience. The company has also been adding more integrations, including VMware Carbon Black.
Moreover, Apria Healthcare is missing a critical piece of the cybersecurity puzzle: endpoint security for remote devices. The solution must provide tamper-proof endpoint security on operating system-level devices. Additionally, endpoint security must provide IT visibility and the ability to modify protections. It should also provide an endpoint control platform and self-healing connection. This will help the company secure all devices and reduce the risk of data loss.
While many organizations have already adopted a work-at-home culture, others have opted for remote working. Organizations that do employ remote workers have policies that dictate how they should access company data while on the road. Without such policies, companies run a higher risk of cyberattacks than their peers. In addition to implementing a policy, Apria Healthcare must also review its communication channels. Employees need to communicate effectively to keep company data secure. Therefore, the communication apps used by staff members should be up to standard. For example, end-to-end encryption should be used to protect data in emails, text messages, and other digital messages.
Apria Healthcare’s failure to provide endpoint security for remote devices has many implications for its reputation and future. With over 500 common vulnerabilities in the top 20 client applications, the security posture of this healthcare organization is very vulnerable to hackers. Despite these risks, the company should reconsider its current policy and invest in a solution that addresses the problem. With a little bit of investment, Apria Healthcare can be successful in improving its image and reputation and keeping patients secure.
