How to Ensure Ethical Business Practice
The tools for detecting problems before the bubble up
by Miriam Lieber

Employees want to work for a company whose executives are people with a moral compass.

Employees typically emulate the behaviors of their leaders, both positive and negative. For example, when a boss asks an employee to do something that defies third-party payer rules, it presents the employee with a moral dilemma, but they often don’t challenge the owner because they are afraid of the repercussions.

Ethical Behavior

While it is understandable that the business must generate referrals and orders for sustainability, it is also critically important to ensure that business policies are developed with an eye toward compliance. For example, I’ve noticed on several occasions that all manual wheelchair users receive a package of items including but not limited to seat belts and anti-tippers to prevent falls. These items are typically not necessary pursuant to insurance guidelines. Regardless, there are HCPCS (procedure) codes for these items, and they are billed to the insurance company to build revenue. Knowing these are not covered, they can be built into the software with a reminder that these codes are not typically covered by insurance. This is one way for the HME business to train staff to do the right thing, based on their knowledge of requirements.

It is easy to create an environment where employees can access requirements from their computer screens. Conversely, staff members are at risk for noncompliance and unethical behavior when they are taught to perform tasks that are unethical. Moreover, employees at certain levels of the company or with limited experience would potentially have no way of knowing that their practices involve unethical behavior. To solve this problem, use the compliance officer or someone of equal stature to periodically visit with team leaders and/or staff to review their practices.

Create an audit tool to detect such matters using, for example, the Medicare documentation checklist. Afterward, if a particular practice is still in doubt, always defer to an attorney. Alternatively, if you can obtain the solution in writing from the payer, this is also helpful. Finally, regular internal audits bode well when a payer scours your records and finds erroneous or problematic files.

As I always suggest to HME employees, if it seems wrong, it probably is wrong. Tread carefully. I also recommend that the owner meet regularly with the person in the organization responsible for ethics, compliance, etc.

HIPAA Privacy

The technological advancements and efficiencies that businesses encounter today may also create HIPAA privacy risks. Using text messaging and email for communication with patients is one such example.

While it is significantly more efficient to email or text a patient for their CPAP appointment or replenishment of supplies, the message must be encrypted and protected for privacy. With constant security breaches in Fortune 500 companies and similar, HME companies are certainly at risk. Therefore, before adding a new software solution to improve patient communication, make sure it adheres to HIPAA privacy requirements. If you are not 100 percent certain, do not contract with the software company.

Also, ensure that patients sign waivers/disclaimers as necessary. Again, contact your attorney as a precautionary measure if you are not sure of the company’s ability to protect the patient’s privacy. With the right counsel, you should be able to seize opportunities to improve communication with your patients, regardless of the method, which can range from instruction on proper use of a device to completing their own intake sheets and qualifying for their devices on your website.

Push Back and Finesse

Equally complicated as HIPAA privacy, knowing when to push back on Medicare or other third-party payers takes a person with experience who is articulate and self-assured when it comes to the rules and regulations around which the HME industry is governed. Although the theme of this article has been to err on the side of caution, if you are sure of a written regulation that the payer is attempting to erroneously modify, stand steadfast and persist in your conviction about what is right from what is wrong.

One such rule that was noted recently in a discussion with Medicare and the HME provider community: Medicare declared that you have to perform a physical assessment of the patient’s home for a manual wheelchair, which is currently not necessary, according to Medicare’s own guidelines. That said, Medicare has recently been denying claims when it is not provided proof that a physical home assessment was done on a manual wheelchair patient prior to delivery. Their own written policies (local coverage determinations/policy articles) note the following:

“For manual wheelchairs, the home assessment may be done directly by visiting the beneficiary’s home or indirectly based upon information provided by the beneficiary or their designee. When the home assessment is based upon indirectly obtained information, the supplier must, at the time of delivery, verify that the item delivered meets the requirements specified in criterion C. Issues such as the physical layout of the home, surfaces to be traversed, and obstacles must be addressed by and documented in the home assessment. Information from the beneficiary’s medical record and the supplier’s records must be available upon request.”

It’s been stated that a verbal assessment is sufficient for compliance with the manual wheelchair home assessment requirement—a prime example of when to push back on rules that you know are not being followed by the payer. In addition, connect with your state and national organizations ( and to work together to correct the error.

While it is easier to see a glaring issue from the outside, it is incumbent upon the HME company to find and solve these potentially dangerous matters before they become threats to the company.

Questions to Review with Staff

  • If you feel like you are put in a compromising ethical position at our company, what should you do?
  • If you feel like you are being forced to change a company practice or policy because the insurance company erroneously dictated a change in its requirements, what do you do?
  • If a patient provides you with their credit card number and verbally tells you to use it to charge their monthly supplies, what should you do?
  • If you find a software solution that would make the company more efficient and requires you to text and/or email the patient, what is the protocol to follow at your HME company? Is it written?
  • Where do you go if you see something that seems unethical, such as providing a product without proper documentation?