Group items tagged

Overview: New changes modifying the HIPAA Privacy and Security Regulations are going into place to meet the privacy and security mandates within the HITECH Act in the American Recovery and Reinvestment Act of 2009. The changes include establishing new rights for individuals as well as changes to the limitations on uses and disclosures. New requirements for patient access to records and requirements to notify individuals in the event of a breach are only two of the many areas affected in the new law, including new requirements for restriction and accounting of disclosures and increased enforcement activity. Covered entities that use electronic health records (EHRs) will need to meet new access and disclosure rules and all kinds of business associates and their subcontractors will need to establish compliance programs. And if you are required to have a HIPAA Notice of Privacy Practices, you will need to update that to show all the new rights that patients will have, such as electronic copies, new rights to restrict disclosures, and much more. Business associates are now directly covered by the HIPAA privacy and security regulations and are liable for fines and penalties if they do not comply. If a business associate supplies services that interact with the new changes to the rules, the BA will need to be aware of the new requirements. We will explain what a Business Associate needs to do differently under the new regulations. Electronic records have new demands placed on them, in both providing access and in accounting for all disclosures of health information - the electronic age in health care brings new obligations to serve individuals as well as manage health information for healthcare professionals. We will discuss how disclosures must be tracked in an EHR and review the various ways patient records can be supplied electronically. The new regulations will be reviewed and their effects on usual practices will be discussed, as will what policies need to be chang

Overview: Today's diverse, fast-changing, multidisciplinary mental health care environment involves many mental health care professionals who work together for the common goal of the patient. This includes physicians/psychiatrists, psychiatric nurses, psychologists, and others. Nothing in health care is more fractured than in mental health among a multitude of mental health practitioners. Like physicians/psychiatrists and psychiatric nurses, psychologists as health care practitioners obtained an education, passed applicable examinations, completed professional training, and hold a license to practice their chosen profession of psychology, often by being educated and trained at the doctoral level. The license to practice is issued by the state agency which has exclusive jurisdiction over this health care practitioner. Thereafter, the state's authority and power over the psychologist often presents challenges to that professional that are not easy to navigate. Their governing state agency routinely handles, investigates, and dismisses- or prosecutes - alleged violations of law that can be career ending for the psychologist if pursued. But that process takes time with many steps necessary for due process of law. One of the ultimate actions the state may take is to issue a suspension or revocation of the psychologist's professional license. Yet many state actions fall short of such drastic outcomes, but still have serious, permanent consequences for the psychologist as a licensed health care professional. Learn to identify the legal authority for state agencies to regulate the practice of psychology. Seek to understand and defend against state actions which may result in ruinous practice and career consequences for the health care professional. This program offers an objective, thorough review of the ethical and legal violations committed by psychologists. This program also reviews defenses with practice tips to defend successfully those common violations. Otherwis

Overview: Participants will learn how to conduct an investigation of allegations of patient privacy violations using a privacy "risk analysis" tool and steps that should be taken when a breach has been determined. Why should you Attend: You must conduct a prompt and thorough investigation of all allegations of privacy violations. A violation of a patient's privacy may result in monetary penalties, harm to your reputation and especially harm to a patient. You need to make certain your organization has the expertise to conduct a thorough privacy investigation, analyze the results and take all necessary action to mitigate and report violations when required. Areas Covered in the Session: Best practices for conducting a privacy investigation Use of the risk analysis tool Interpretation of your results Reporting requirements if necessary Recommendations of continued privacy monitoring Workforce training Who Will Benefit: Healthcare providers Compliance and Internal Audit professionals or office staff responsible for ensuring patient privacy Healthcare Administrators Business Associates and all HIPAA Covered Entities Speaker Profile : Gail Madison Brown is a registered nurse and an attorney with over 25 years of experience in health care. For the last 15 years she has focused on health care compliance and revenue cycle management operations. Gail's experience ranges from starting new compliance programs and making improvements to existing programs for physician practices to large health care organizations. Gail also has provided numerous lectures to healthcare providers, executives and professional colleagues. Gail Madison Brown will develop, implement, and oversee processes, systems, educational programs, and other activities necessary to support and grow clinical trials activities at the UT Health Science Center. The Chief Clinical Trails Officer (CCTO) provides overall strategic leadership in this area including planning, goal setting, and monitoring organ

Overview: Become knowledgeable and understand the False Claims Act, Anti-Kickback Statute, Physician Self-Referral Law, Excluded Individuals and additional criminal/civil laws that may worsen the punishment if these laws are violated. Understand the criteria of each law, exceptions and how to identify an issue that requires mitigation. Why should you Attend: Are you able to distinguish with certainty an agreement, contract or activity that is permissible versus one that is not under our current healthcare laws and regulations? Do you have a contract organization system where reviews are done regularly and retained centrally? Do you conduct auditing and monitoring of potential high risk compliance areas related to fraud, waste and abuse? If you are uncertain or need additional guidance on recognizing potential violations of healthcare fraud, waste and abuse regulations and how to audit and monitor for non-compliance, this training is for you. Areas Covered in the Session: Define and describe elements of the Anti-kickback Statute, False Claims Act, Exclusionary Rule, Physician Self-Referral Law and potential penalties for violations Discuss exceptions and related criteria to the Physician Self-Referral Law and the Anti-Kickback Statute Identify common potential issues that may result in violations and how to avoid or mitigate them Provide examples on how to comply with the regulations Describe areas to audit, monitor and implement policies/procedures for compliance Who Will Benefit: Health care providers Revenue cycle management employees Coders, Billers Compliance officers Contract management Compliance and Internal Audit professionals Healthcare administrators Speaker Profile Gail Madison Brown is a registered nurse and an attorney with over 25 years of experience in health care. For the last 15 years she has focused on health care compliance and revenue cycle management operations. Gail's experience ranges from starting new compliance programs and making impr

Overview: Discussions, presentation, and webinars regarding HIPAA regulations are usually addressed from the perspective of what the regulations entail, the necessity of compliance with the regulations, and the consequences of willful neglect or non-compliance. This presentation addresses HIPAA regulations from a different perspective - from a personal perspective - from the perspective of the person in charge of moving an organization or facility toward full compliance with HIPAA. The by-product of this presentation will be both an understanding of, and a detailed job description for, a position mandated in the regulations - the HIPAA Security/Privacy Officer. Why should you attend: The HIPAA regulations are numerous, complicated, often vague, and affect every person working in a healthcare facility. Compliance with HIPAA will require a unique individual to lead the charge - an individual whose education, background, experience, and demonstrated skill sets offer the opportunity for that person to succeed in achieving the goals of that position. This is a new position to most healthcare facilities. So understanding who this person should be, what is required of the person with this job title, and with whom this person will interface is vital to every healthcare organization with the goal of achieving full compliance with HIPAA. Areas Covered in the Session: Position goals Position requirements (education, experience, skill sets, etc.) Position responsibilities Stay abreast of regulations Initiate compliance with HIPAA (according to regulations) Ensure continuous progress toward full compliance Develop appropriate security/privacy policies & procedures Oversee and deliver appropriate training programs to all employees Track compliance with HIPAA regulations at the facility & individual levels Track access to PHI Investigate and resolve HIPAA violations Apply sanctions to HIPAA violators Manage any information security personnel Prepare a department

HIPAA Breach Notification Rules and its new version : Let us begin at the beginning: What is breach notification? The term is pretty simple to understand. It means notifying the authorities whenever there is a breach of Protected Health Information (PHI). Covered Entities (CE's) and Business Associates (BA's), who are closely associated with PHI, and individuals whose PHI data are breached, are required to bring such data breaches to the notice of the authorities, whenever there is one. A breach notification is a mechanism that is aimed at ensuring that BA's and CE's meet requirements in the HITECH Act in the American Recovery and Reinvestment Act of 2009 (ARRA). To whom should the affected individuals and CE's and BA's complain? Whenever there is a breach of PHI by a CE or a BA, or if there is violation of the Privacy, Security, or Breach Notification Rules, the affected individual can complain to the Office for Civil Rights (OCR), which will initiate investigation into these complaints. Whenever a CE or a BA detects a breach, it can complain to the Secretary of Health and Human Services (HHS). In addition, the HIPAA breach notification rules have clear guidelines on how to report breaches in the following classifications: HIPAA's definition of a breach A breach of PHI is said to have taken place when any unpermitted use or disclosure that compromises the security of the data in the PHI takes place. Any such action, resulting in the breach of any kind of data contained in a PHI, big or small, is considered a breach, unless the CE or BA can explain that the data that got breached into was not serious enough, from its risk assessment point of view, to warrant immediate intervention. The new HIPAA breach notification rules The HHS embarked on a new HIPAA breach notification program, the HIPAA Privacy, Security, and Breach Notification Audit Program, with which it seeks to bring a few changes into the existing HIPAA breach notification rules. This new Audit Pr

Overview: This webinar will cover everything that you need to know about how to handle HIPAA security incidents, breaches, and complaints and the Department of Health and Human Resources Investigations thereof. Not all security incidents are breaches, but all breaches of confidentiality are within the broad ambit of security incidents. Privacy rule violations, such as failing to give a patient a copy of his or her medical records, may also constitute a breach as the $4.2 million fine assessed against Cignet Healthcare of Prince George's County, Maryland, dramatically proved. Handling an investigation properly is key to determining not only how to handle it to mitigate any harm and to take action to prevent it from happening again but also to determine whether it is reportable to affected individuals and to DHHS. HIPAA requires a complaint procedure (policy). The webinar will suggest what such a document should contain as it also will for the required report procedure (what is reportable, who reports, to whom, and required/suggested contents of the report) and the required response procedure (what do the responsible officials do after receiving the report or the complaint). Investigating a possible security incident is key. The webinar will cover how to conduct a thorough investigation of HIPAA security incidents, breaches, and patient complaints. Finally, the second largest HIPAA civil money penalty or settlement, $4.2 million, was in large part due to the offender's failure to cooperate with the DHHS investigation. The presenter has successfully defended his clients in seven such investigations and knows how to respond to them to avoid or minimize liability. Think of a gap analysis as an examination of: What you currently have in place for HIPAA compliance. Is that adequate? Can it be done better? Is it enough? And what am I missing? Asking these questions will help establish the direction and next steps to take. It lays the ground work for a good Risk Analys

Overview: This webinar will cover everything that you need to know about how to handle HIPAA security incidents, breaches, and complaints and the Department of Health and Human Resources Investigations thereof. Not all security incidents are breaches, but all breaches of confidentiality are within the broad ambit of security incidents. Privacy rule violations, such as failing to give a patient a copy of his or her medical records, may also constitute a breach as the $4.2 million fine assessed against Cignet Healthcare of Prince George's County, Maryland, dramatically proved. Handling an investigation properly is key to determining not only how to handle it to mitigate any harm and to take action to prevent it from happening again but also to determine whether it is reportable to affected individuals and to DHHS. HIPAA requires a complaint procedure (policy). The webinar will suggest what such a document should contain as it also will for the required report procedure (what is reportable, who reports, to whom, and required/suggested contents of the report) and the required response procedure (what do the responsible officials do after receiving the report or the complaint). Investigating a possible security incident is key. The webinar will cover how to conduct a thorough investigation of HIPAA security incidents, breaches, and patient complaints. Finally, the second largest HIPAA civil money penalty or settlement, $4.2 million, was in large part due to the offender's failure to cooperate with the DHHS investigation. The presenter has successfully defended his clients in seven such investigations and knows how to respond to them to avoid or minimize liability. Think of a gap analysis as an examination of: What you currently have in place for HIPAA compliance. Is that adequate? Can it be done better? Is it enough? And what am I missing? Asking these questions will help establish the direction and next steps to take. It lays the ground work for a good Risk Analy

Overview: Mental health care practitioners work in today's diverse, fast-changing, multidisciplinary health care environment. Nowhere but in mental health is there such diversity of clinicians who provide the same or similar services of counseling and therapy. A potential client has a wide choice of mental health providers from whom to choose. Yet each individual mental health profession has a unique education, training, and experience requirement for practice. While similarities exist, requirements differ from state to state and even from profession to profession with a single state. What are these requirements and how do they apply? The state's authority and power over mental health practitioners often presents challenges to these mental health professionals that are not easy to navigate. Differing sources of legal and ethical authority govern each respective health care practitioner in ways that are similar but not the same. Ethics and law are similar, but not the same. All mental health practitioners must adhere to standards of state law which govern their professional practices, including the very core of the doctor-patient relationship. Codes of ethics and state law may both apply to govern the conduct of this clinician. Even some state laws are referred to as ethical codes. Complaints as to alleged misconduct or ethical failings are received and investigated by a state agency and leave the mental health practitioner with an uncertain process to handle and to defend the state action against them. With this background, this seminar empowers the full understanding and application of ethics and laws for mental health practitioners. Learn to identify and understand an ethical framework for a sound mental health practice. An ethical framework is essential to having the right perspective to examine mental health dilemmas. Compare and contrast regulatory laws and codes of ethics to understand their differing applicability. Know the difference between laws and ethics,

Overview: Discussions, presentation, and webinars regarding HIPAA regulations are usually addressed from the perspective of what the regulations entail, the necessity of compliance with the regulations, and the consequences of willful neglect or non-compliance. This presentation addresses HIPAA regulations from a different perspective - from a personal perspective - from the perspective of the person in charge of moving an organization or facility toward full compliance with HIPAA. The by-product of this presentation will be both an understanding of, and a detailed job description for, a position mandated in the regulations - the HIPAA Security/Privacy Officer. Why should you attend: The HIPAA regulations are numerous, complicated, often vague, and affect every person working in a healthcare facility. Compliance with HIPAA will require a unique individual to lead the charge - an individual whose education, background, experience, and demonstrated skill sets offer the opportunity for that person to succeed in achieving the goals of that position. This is a new position to most healthcare facilities. So understanding who this person should be, what is required of the person with this job title, and with whom this person will interface is vital to every healthcare organization with the goal of achieving full compliance with HIPAA. Areas Covered in the Session: Position goals Position requirements (education, experience, skill sets, etc.) Position responsibilities Stay abreast of regulations Initiate compliance with HIPAA (according to regulations) Ensure continuous progress toward full compliance Develop appropriate security/privacy policies & procedures Oversee and deliver appropriate training programs to all employees Track compliance with HIPAA regulations at the facility & individual levels Track access to PHI Investigate and resolve HIPAA violations Apply sanctions to HIPAA violators Manage any information security personnel Prepare a department budget Hold Bu

Overview: In this session we will discuss the HIPAA audit and enforcement programs and how they work, and discuss the areas that caused the most issues in prior audits. We will explore what kind of issues and what kind of entities had the most problems, and show where entities need to improve their compliance the most. We will also explore the typical risk issues that lead to breaches of health information and see how those issues may be a target for auditors in the new 2016 audits. We will review the contents of the HIPAA Audit Protocol used in 2012 to show what documentation needs to be on hand should your organization be selected for an audit in the new round. We will present methods for using the contents of the HIPAA Audit Protocol to build your own compliance plan by extracting and updating the contents and relating your compliance activities directly to the questions that might be asked. In this session we will discuss the HIPAA audit and enforcement regulations and processes, and how they apply to HIPAA covered entities and business associates. We will explain the enforcement regulations and the new, increased fines and new penalty levels, including new penalties for willful neglect of compliance that begin at $10,000. We will discuss what information and documentation must be prepared in advance so that you can be ready for an audit at any time, including sample information request forms and questions asked at prior audits. The session will also cover how to know if you may become the subject of an audit or enforcement action, and what you can do to help limit your exposure. We will discuss how most enforcement actions come about and what can be done to prevent incidents that lead to enforcement activity. The HIPAA Privacy, Security, and Breach Notification regulations (and the recent changes to them) and how they will be audited will be explained. Documentation requirements for compliance will be explored and a framework of security policies necessary

Overview: The webinar will concentrate on topics that HHS has announced will be the focus of the first round of "desk audits". They reflect significant areas of non-compliance revealed in the 2012 pilot audits and HHS HIPAA violation investigations concluded by Resolution Agreements and Corrective Action Plans. They include: HIPAA Risk Analysis Risk Management based on Risk Analysis Breach Notification Notice of Privacy Practices (for Covered Entities) Minimum Necessary Standard Access of Individuals to their PHI Authorizations Workforce Training This webinar is vital because, in focusing on preparation for a HIPAA Compliance Audit, Covered Entities and Business Associates may review, prioritize and structure their HIPAA Compliance programs. If you have HIPAA Compliance documentation ready to submit on two weeks notice to HHS you are implementing an effective HIPAA Compliance program. In addition, every Covered Entity or Business Associate may face an HHS HIPAA Compliance investigation at any time due to a complaint or a Breach. If you are "audit ready" you will be ready for an investigation - and better able to avoid complaints and prevent breaches. Why should you attend: Every Covered Entity and Business Associate is liable - without prior notice - to be audited for HIPAA Compliance by HHS You will have only 2 weeks after receiving your HIPAA Compliance Audit notification and data request to upload all requested documents to an HHS HIPAA Compliance Audit Portal The HIPAA Compliance Audit data request you receive will specify content and file organization, file names and any other document submission requirements Auditors will not contact an audited entity for clarifications or ask for additional information - it is essential that submitted documents are current, accurately reflect the entity's HIPAA Compliance program and demonstrate HIPAA Compliance Only data submitted on time will be assessed Failure to respond on time may be referred to the HHS regional

A HIPAA violation fine can be very harming, not only to a healthcare facility's finances but also to its reputation. The best way to avoid these fines is by not committing these violations.

Course "Marketing Products without Getting Hammered by FDA" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: With this seminar you will learn how to navigate FDA's legal requirements and its interpretations for enforcement purposes. The agency now applies the principles of cognitive psychology to aid in its determination of what a message really conveys. This becomes a new factor in trying to stay within FDA's legal corral. This conference will provide insight on how to manage your marketing activity and gauge what regulatory risks your business is willing to accept. You will learn how corporate management requires cooperation between marketing, regulatory affairs, legal counsel, manufacturing, engineering and finance departments. You will understand that a weak link in any department leaves the entire corporation vulnerable to FDA enforcement. Most importantly, you will understand the boundaries that FDA uses and how easy it is to cross them. With information from this course, you can step back and rationally evaluate your firm's regulatory profile for advertising and promotion. Why should you attend: If you go "off label" with advertising and promotion, you become embroiled in FDA's advertising and promotion requirements. For devices, the law is weak and lacks legal clarity. For drugs, FDA's law and regulations are extensive and have violated Constitutional protections. Depending on your point of FDA's promotion and advertising requirements can help you or hurt you? There is an inherent conflict in interests. In any case, you need to identify practical criteria to make marketing decisions. That begs the question of whether or not marketing managers and regulatory affairs managers will even try to agree on an issue. FDA's Center for Devices and Radiological Health (CDRH) has never issued a comprehensive guidance on advertising and promotion. You are on your own. CDER has esta

HIPAA Enforcement trends : Health Insurance Portability and Accountability Act (HIPAA) is a legislation of the American Congress. HIPAA enforcement consists of taking steps to confirm that rules set out in HIPAA are being complied with by the requisite entities. Primarily passed with the intention of ensuring that employees do not lose their health insurance benefits when they change or leave their current jobs; this 1996 law also has the protection and security of Protected Health Information (PHI) as one of its chief aims. The Office of Civil Rights (OCR), which enforces actions relating to HIPAA, imposes harsh penalties on healthcare organizations and Business Associates and Covered Entities that are proven to be in noncompliance of HIPAA requirements. What are HIPAA enforcement actions? The actions that the OCR takes to ensure implementation of HIPAA provisions constitute the essence of HIPAA enforcement actions. There are a good number of areas which the OCR can cite as constituting cases of HIPAA violations or noncompliance. A look at recent HIPAA enforcement actions point to a trend. These trends serve as an indicator of what to expect from HIPAA enforcement actions, which will help entities get some idea of what they should implement and what they should not and thus prevent being cited by the OCR. Security risk assessments are the foremost element of HIPAA enforcement actions: A look at recent trends suggests that HIPAA enforcement actions mainly target security risk assessments. This leads to harsh penalties, as happened in the case of New York-Presbyterian Hospital (NYP). The hefty $ 4.8 million penalty slapped in 2014 on this hospital was for data breach caused by insufficient security risk assessment. While this is the biggest sum fined; the OCR issued at least three other hospitals for putting in place inadequate security risk assessments in 2014. Risk management comes a close second: If inadequate security risk assessments come first in te

Course "Key Factors to Write an Effective Standard Operating Procedure (SOP) and Work Instructions (WIs)" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Writing SOPs or procedural documents can be challenging at times. However, writing SOPs is overall a straightforward process. However, enforcing what you already created and implemented in the pipeline is another story. The term SOP is very obvious. We have seen "clearly written description of how specific tasks are to be done." Another satisfactory definition would be "detailed written instructions that achieve the uniformity of the performance of a specific function." Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? If you are medical device or a pharmaceutical manufacturer, these definitions come as no surprise because when it comes to FDA regulations and guidance documents "establish" means to define, to document (in writing or electronically) and to implement. The goal and emphasis with FDA is simple. Proof of "Establish" is the foundation. Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? Are the procedures being followed and enforced by company personnel? SOPs are needed in regulated industries to give step-by-step instructions for performing a particular job or task. This session will provide a step-by-step overview and a snapshot of the procedure description, the process and format. The subject matter of a SOP may range from how to operate a piece of machinery to how to log into a particular software program. SOPs ensure consistency and reliability because they require training of all affected parties. This session will address recent enforcement actions for SOP related violations but no surprise. Most of our enforcement actions are documentation related, i.e., SOP or other procedural documents. We will review examples from

Overview: Mental health care practitioners work in today's diverse, fast-changing, multidisciplinary health care environment. Nowhere but in mental health is there such diversity of clinicians who provide the same or similar services of counseling and therapy. Yet each individual mental health profession has a unique education, training, and experience requirement for practice. The state's authority and power over mental health practitioners often presents challenges to mental health professionals that are not easy to navigate. All mental health practitioners must adhere to standards of state law which govern their professional practices, including the doctor-patient relationship. Codes of ethics and state law may both apply to govern the conduct of this clinician. Complaints that are received and investigated by a state agency leave the mental health practitioner with an uncertain process to handle the state action against them. Learn to identify and understand an ethical framework for a sound mental health practice. Describe the inherent risks in mental health practice. Review the three most common violations of law against mental health clinicians. Compare and contrast regulatory laws and codes of ethics. Learn practical tips about how to avoid liability and manage risk in clinical settings. This allows the mental health care practitioner to avoid sanctions and to defend against legal actions which may result in ruinous practice and career consequences for the mental health practitioner. This program offers an objective, thorough review of ethics and law for mental health practitioners. Price : $139.00 Contact Info: MentorHealth Phone No: 1-800-385-1607 FaX: 302-288-6884 support@mentorhealth.com Event Link: http://bit.ly/Ethics-and-Law-for-MentalHealth-Professionals http://www.mentorhealth.com/ LinkedIn Follow us - https://www.linkedin.com/company/mentorhealth Twitter Follow us - https://twitter.com/MentorHealth1 Facebook Like us- https://

Basics of the Anti-Kickback Statute : The Anti-Kickback Statute is aimed at curbing abuse and fraud in the Medicare and Medicaid systems by professionals who offer services and benefit in direct or indirect ways. In order to protect Medicare and Medicaid patients, as well as federal health care programs from abuse and fraud; the Anti-Kickback Statute was enacted. The core act that the Anti-Kickback Statute considered as fraud and abuse is the unlawful acceptance or diversion of money into influencing medical decision-making. The Anti-Kickback Statute is very clear on this. It states that anyone in the healthcare industry, who consciously and deliberately accepts a fee or remuneration of any kind or offers the same with the intention of manipulating the course of a medical decision-making, is liable to punishment. What acts attract penalties? Acts of various kinds attract penalties under the Anti-Kickback Statute. Some of these include: Carrying out advertising or marketing activities for promoting the brand of health care providers Participating in affiliate programs or pay per click commissions Working out promotion agreements with multiple companies Taking part in sponsorships Working out strategic alliances with healthcare providers Licensing content or technology Selling a healthcare provider's brands of products or services Taking a cut in the advertising revenue The nature of penalties under the Anti-Kickback Statute The Anti-Kickback Statute states major penalties for acts it prohibits. The Anti-Kickback Statute prescribes these major penalties: Up to five years in prison This has the potential to attract additional monetary fines of up to $25,000 Administrative civil money penalties that can go up to $50,000 In addition, the Office of Inspector General (OIG) could initiate administrative proceedings and take steps aimed at prohibiting anyone convicted of an Anti-Kickback violation from participating in State and federal programs. The OIG could also impose