Code of Conduct Distribution
As part of our Compliance & Ethics program, UnitedHealth Group has adopted an enterprisewide Code of Conduct detailing the organization’s commitment to acting ethically and with integrity. The UnitedHealth Group Code of Conduct can be used by delegates as a resource detailing key compliance policies and procedures.
Delegates must distribute written policies, procedures or standards of conduct within 90 days of hire and annually thereafter, or when the Code of Conduct is updated.
Beginning in 2016, delegates who provide Medicare Parts C & D services are required to use CMS Parts C and D Fraud, Waste & Abuse (FWA)* and General Compliance training.
*Important note: Providers deemed to have met FWA training requirements through certification for Medicare Parts A and B or through accreditation as a Durable Medical Equipment, Prosthetics, Orthotics and Supplies (DMEPOS) provider are still required to complete CMS General Compliance training.
Delegates must provide training on FWA and general compliance and it must be completed within 90 days of hire and annually thereafter.
U.S. Department of Health & Human Services – Office of the Inspector General, and the U.S. General Services Administration, and State Exclusion Checks
Regulators prohibit our organization from hiring, employing or making payments to any person or business excluded or debarred from federal or state health care programs.
Medicare & Medicaid
All delegates working with our Medicare Advantage Parts C and D or Medicaid programs must review the federal exclusion lists maintained by the U.S. Department of Health & Human Services – Office of the Inspector General (HHS-OIG) and the U.S. General Services Administration (GSA). These exclusion lists name individuals or organizations that are suspended or otherwise excluded from participation in Medicare and Medicaid programs.
Delegates must review all employees and subcontractors that support Medicare Advantage Parts C and D and/or Medicaid plans and membership against OIG and GSA federal exclusion lists prior to hiring or contracting with them, and on a monthly basis thereafter.
Federal Exclusion Checks
State Exclusion Checks
Many states maintain state-based sanction/exclusion databases that are in addition to, but do not replace, the OIG and GSA federal exclusion databases. A provider may not participate in the network of a specific state if the provider is listed on that state’s exclusion list, even if the provider is not listed on a federal exclusion list.
UnitedHealth Group and its businesses are not affiliated with the above independent websites.
Delegates must maintain records for 10 years to demonstrate compliance with regulatory requirements, including standards of conduct education, Fraud, Waste & Abuse (FWA) and general compliance training, Office of the Inspector General (OIG)/U.S. General Services Administration (GSA) exclusion checks, and supporting policies and procedures. A delegate may be called upon by our organization, or a regulatory agency to provide documentation upon request. Failure to comply may result in any of a series of regulatory enforcement actions and our remediation activities.
Downstream Oversight Requirements
Delegates who subcontract the administrative or health benefit services performed for our organization to a subcontractor, or downstream entity, have an obligation to ensure the downstream entity complies with all same applicable federal and state laws, regulations and requirements through contract language, compliance oversight, monitoring and auditing activities. Records of such activities must be maintained for a minimum of 10 years and be available for review by CMS, state regulators or our organization upon request. (See Document Retention section above.)
Monitoring and/or Auditing of Subcontracted Delegates
Monitoring activities are reviews performed as part of normal operations to confirm ongoing compliance and to help ensure corrective actions happen and are effective. An audit is a formal review of compliance with a particular set of standards (e.g., policies and procedures, laws and regulations) used as base measures. CMS and state regulators require our organization to monitor and/or audit to confirm delegates’ compliance with the following: