UPIC / ZPIC Referrals of MDs and NPs to State Boards!

(June 9, 2017):  You aren’t paranoid, your utilization, coding and billing practices are, in fact, being watched.   The Centers for Medicare and Medicaid Services (CMS) currently transitioning over to using a Unified Program Integrity Contractor (UPIC) in your jurisdiction to serve as program integrity contractors.  During this transition period, you may also be audited by the outgoing Zone Program Integrity Contractor (ZPIC) responsible for auditing your part of the country.  Although you may have never been audited, been contacted by, or even heard of a UPIC or a ZPIC, that doesn’t mean that they aren’t monitoring your business practices on an ongoing basis.  In fact, as Section 2.6.4 of the “Uniform Statement of Work” (SOW) published by CMS states that contractors serving as a UPIC:

” . . . will integrate the program integrity functions for audits and investigations across Medicare and Medicaid, and ensure that CMS’s national priorities for both Medicare and Medicaid are executed and supported locally.”

Similarly, ZPICs are required to engage in comprehensive data analysis activities as part of their contractual obligations with the government.  As Section 1.3.1 of the most recent ZPIC Statement of Work requires:

“The ZPIC shall review and analyze a variety of data in order to focus its program integrity efforts by identifying vulnerabilities and/or specific providers for review and investigation within its zone, referral of potential fraud, waste and abuse cases to law enforcement, and pursuance of administrative actions. Further, the ZPIC shall be proactive and aggressive in pursuing many different sources and techniques for analyzing data in order to reduce any of its risks within this [Statement of Work].”

As the ZPIC Statement of Work further notes in Section 4.2:

The ZPIC shall provide a variety of data analysis, statistical analysis, and trending activities to enhance the detection and prevention of Medicare and Medicaid potential fraud, waste and abuse in the participating state(s). The ZPIC shall use appropriate CMS Medicare data, as well as data from other sources such as Medicaid data, to reach this end. 

Successful accomplishment shall require a significant amount of cooperation with the participating state(s), law enforcement, and other task orders within the ZPIC zone. It may also require significant cooperation with other ZPICs

ZPICs have used sophisticated data mining techniques to identify physicians and other health care providers whose utilization, coding and / or billing behavior is different from that of the provider’s peers.  Once an outlier is identified, the ZPIC has a number of actions it can take.   For instance, in recent months, we have seen a noticeable increase in the number of referrals that have been made by a ZPIC to a particular provider’s state licensure board.  In this article, we examine these referral actions in more detail.

I.   UPIC / ZPIC Targets in 2017:

The government’s efforts to consolidate their Medicare and Medicaid program integrity efforts under a single contract are well underway.  As a result, some health care providers are already receiving requests for records and / or notice of an audit from a Unified Program Integrity Contractor (UPIC) rather than from their former ZPIC. In large part, this is a distinction without a difference since the CMS contractor awarded the UPIC contract most likely previously served as ZPIC for the same jurisdiction.   Once fully implemented, the UPIC program will combine integrate the Medicare and Medicaid program integrity functions that have previously been performed by ZPICs, Program Safeguard Contractors (PSCs) and Medicaid Integrity Contractors (MICs).  Importantly, the Chapter 4 of the Medicare Program Integrity Manual expressly notes that the program integrity duties and responsibilities currently outlined in the chapter as applicable to ZPICs also fully apply to UPICs.  In any event, many providers are continuing to receive requests for records and notice of an audit from ZPICs rather than the UPIC covering their jurisdiction.  Provider types primarily targeted in 2017 have included:

• Home health agencies.
• Hospice organizations.
• Physician practices.
• Pain management practices and pain management physicians.
• Nurse practitioners.
• Chiropractic practices.
• Multidisciplinary practices owned by a chiropractor.
• Independent clinical laboratories.
• Physical therapy / occupational therapy / speech therapy services.
• Independent diagnostic testing facilities.
• Ambulance service providers.

Is your organizational type listed above?  If not, that still doesn’t mean that you won’t be audited by a ZPIC, or possibly even a UPIC.  If your organization is engaging in utilization, coding or billing practices that appear to be out-of-sync with those of its peers, there is a good chance that you will soon be audited by the a ZPIC, UPIC or a specialty program integrity working for CMS.

II.   UPIC / ZPIC Referrals to State Licensure Boards and Professional Societies:

The UPIC / ZPIC responsible for conducting Medicare program integrity activities in your ZPICs part of the country is constantly on the lookout for aberrant provider practices.  For instance, in a case our law firm handled, a ZPIC program integrity contractor conducted an audit of Evaluation & Management (E/M) claims billed by a Nurse Practitioner.  In this particular case, the ZPIC auditor concluded that the provider lacked the requisite level of physician supervision to conduct the E/M services at issue.  To be clear, this case did not involve the billing of “incident to” claims.  Rather, it hinged on the fact that some states prohibit a Nurse Practitioner from independently diagnosing and treating a patient unless a requisite level of physician oversight or supervision is in place.  In this particular case, the ZPIC auditor alleged that there was no evidence that the required level of physician supervision had been met.  As a result, the ZPIC denied the audited claims and alleged that the provider had submitted non-payable claims to the Medicare program for payment.  Notably, the ZPIC didn’t stop there – it also filed a complaint against the Nurse Practitioner with the state Board of Nursing, alleging that the nurse’s actions were a violation of the state Nurse Practice Act.  Unfortunately, UPIC / ZPIC referrals to state licensing boards appear to growing each year.

III.   What is the Regulatory Basis for a UPIC / ZPIC to Make a Referral to a State Licensure Board?

As set out in Chapter 4 of the Medicare Program Integrity Manual, ZPICs are required to make a referral to a provider’s state licensure board if it finds that the provider “engaged in unethical or improper practices.”  As Section 4.18.2 of the MPIM provides:

The ZPIC shall refer instances of apparent unethical or improper practices or unprofessional conduct to state licensing authorities, medical boards, the QIO, or professional societies for review and possible disciplinary action. . . (emphasis added).

While the mandates set out in a specific state’s Nurse Practice Act, Medical Practice Act, or other licensed professional’s Practice Act may vary, one thing is for certain – virtually every State Practice Act includes broad provisions which ban conduct that is considered to be unprofessional or unethical.  These provisions are typically so general that a ZPIC could easily conclude that a referral is required in wide variety of situations.  These include, but are not limited to:

• Physician: Failure to exercise proper level of supervision over a Nurse Practitioner, Physician Assistant and / or any other member of his staff.
• Physician: Failure to properly document the services provided.
• Physician: Providing services that are medically unnecessary.
• Physician: Billing for services that were not provided.
• Nurse Practitioner: Performing certain patient care services without the requisite level of physician supervision in place.
• Nurse Practitioner: Inappropriately prescribing controlled substances to one or more patients.
• Nurse Practitioner: Failure to order a urine drug screen before prescribing controlled substances in a case where the patient has exhibited non-compliant behavior.

As the regulatory language further reflects in Section 4.18.2 further requires, if the ZPIC concludes that a licensee has engaged in unethical or improper conduct, the contractor is also supposed to make a referral to professional societies to which a licensed health care provider belongs.

Prior to making a referral to the state licensing board, it is worth noting that the ZPIC is required to confer with the appropriate Medicare Administrative Contractor (MAC) so that duplicate referrals are not by both contractors.  As this portion of Section 4.18.2 states:

The ZPIC’s and the MAC’s MR staffs shall confer before such referrals, to avoid duplicate referrals. The ZPIC shall gather available information and leave any further investigation, review, and disciplinary action to the appropriate professional society or State board. Consultation and agreement between the ZPIC’s and the MAC’s MR staffs shall precede any referral to these agencies.

While not stated in Section 4.18.2, these coordinative efforts may also lead to a provider being placed on prepayment review and / or subjected to a number of other administrative sanctions.

IV.   And the “Hits” Just Keep on Coming – Additional Referrals Made by a UPIC / ZPIC:

Chapter 4, Section 4.18.3 of the MPIM requires that ZPICs also make a referral to the Medicare Quality Improvement Organization (QIO) if a situation involving potential patient harm is identified.  As the regulations state, in part:

If potential patient harm is discovered during the course of screening a lead or through the investigation process, the ZPIC shall refer those instances to the QIO, state medical board, or state licensing agency. In addition to making the appropriate referrals, the ZPIC shall notify the COR and IAG BFL within two (2) business days once the potential patient harm issue is discovered.

If the ZPIC refers a provider to the State licensing agency or medical society (i.e., those referrals that need immediate response from the State licensing agency), the ZPIC shall also send a copy of the referral to the QIO.

As program integrity contractors, ZPICs have been granted access to the government’s Fraud Investigative Database (FID).  They are required to enter and update Medicare fraud, waste and abuse investigations that they have initiated into the database.  ZPICs are also required to input updates on cases, payment suspensions and requests for information that they have performed at the request of law enforcement or CMS.  Health care providers need to keep in mind that a wide range of federal and state law enforcement agencies maintain access to the ID.  As discussion in Chapter 4, Section 4.11.1 of the MPIM, these include, but are not limited to:

• All ZPICs.
• National Benefit Integrity Medicare Drug Integrity Contractor (NBIMEDIC).
• MAC provider enrollment units.
• CMS.
• FBI.
• DOJ.
• HHS/OIG.
• Medicaid Program Integrity Directors, State Utilization Review (SUR) officials, and Provider Enrollment units.
• Medicaid Fraud Control Units (MFCUs).
• Other federal and state partners seeking to address program integrity concerns in judicial or state health care programs.

As further described in Chapter 4, Section 4.11.1.1 of the MPIM, not all ZPIC audit findings are reported on the FID.  Cases that are not captured by ZPICs on the FID include:

• Individual complaints (statements alleging improper entitlement);
• Simple overpayment recoveries (not involving potential fraud), complaints that are returned to the AC or MAC second-level screening staff (or PSC or ZPIC, if applicable); and
• Medical review abuses.

V.   UPIC / ZPIC Referrals to State Licensure Boards Based Solely on Data Mining are Increasing:

UPIC / ZPIC referrals to state licensure boards are not limited to only situations where a claim-by claim audit has been conducted.  We are currently seeing referrals based solely on conclusions reached through data mining, where no actual audit of the provider’s medical records has yet been conducted.  Examples of these situations include:

• Nurse Practitioner: The provider’s prescription practices with respect to controlled practices are seen as excessive when compared to those of the Nurse Practitioner’s peers.
• Physician: Based on the level of E/M services billed, the ZPIC believes that the physician is treating more patients than can be seen in a typical workday.

VI.   Protecting Your License. 

A wide range of physicians, nurse practitioners and other licensed health care providers participating in the Medicare program are subject to audit by a UPIC or a ZPIC.  It is therefore imperative that you take steps NOW to better ensure that your medical necessity, documentation, billing and coding practices fully comply with state and federal statutory and regulatory requirements.  The development and implementation of an effective Compliance Program is an essential first step if you want to reduce your level of regulatory and licensure risk.  To the extent that you already have a Compliance Program in place, you need to periodically conduct internal auditing and monitoring activities to better ensure your continued adherence with applicable rules and regulations.

As described, a ZPIC may make a referral to your state licensing board based solely on their analysis of a provider’s utilization, coding and billing practices, even though the UPIC / ZPIC has never contacted you or reviewed a single medical record.  Nevertheless, most UPIC / ZPIC referral cases are, in fact, precluded by a UPIC / ZPIC audit of your medical records.  In such cases, there is a high likelihood that your practice will soon be faced with an administrative overpayment and that you may be required to respond to a complaint the UPIC / ZPIC has filed with your state licensure board.

We recommend that you immediately contact qualified health care legal counsel at the first sign that a UPIC / ZPIC audit or review may be underway.  There are steps you can take early in the process that can help you avoid both a sizeable overpayment finding and a possible referral to the state licensure board.  Should you fail to affirmatively respond to a UPIC / ZPIC audit until an overpayment determination has been made, your chances of prevailing in the administrative appeals process may be significantly diminished.  Please feel free to give me a call if you have received a ZPIC request for records or have been assessed an alleged overpayment by a UPIC or ZPIC.

Robert W. Liles, J.D., M.B.A., M.S., serves as Managing Partner at Liles Parker, Attorneys and Counselors at Law.  He has extensive experience representing health care providers in UPIC / ZPIC audits and in the Medicare appeals process.  He also regularly represents a wide range of health care providers in connection with complaints filed with state licensing boards.  For a complimentary consultation, please give Robert a call.  He can be reached at:  1 (800) 475-1906.

ZPIC Audit: Will Your Case be Referred to DOJ or HHS-OIG for Fraud?

(March 10, 2016): Has your practice, home health or hospice received an audit letter from a Zone Program Integrity Contractor (ZPIC)?  If so, one of the first questions you are likely to ask is how did this ZPIC audit get started? Why is our practice being targeted in a ZPIC audit? As a review of the administrative enforcement landscape will show, there are a myriad of tools at the disposal of the government (and its contractors) to identify and target a health care physician provider or supplier for ZPIC audit or investigation. In this article, we will provide an overview of the primary targeting tools utilized by the government and its various Medicare contractors.

I. Primary Source of Information Used to Target a Medicare ZPIC Audit.

As Chapter 2, Sec. 2.4.C of the Medicare Program Integrity Manual (MPIM) reflects:

“Claims data is the primary source of information used to identify and target fraudulent, wasteful or abusive activities.”

ZPICs around the country have been given ready access to a wide variety of claims coding, billing and utilization databases and are expected to perform complex data analysis with this data in an effort to ferret out health care providers and suppliers whose billing history appears to suggest that improper coding and / or billing practices may be taking place. Frankly, that’s the problem with ZPIC targeting methods. If a health care provider’s claims utilization and billing practices are outside of the norm (making the provider an “outlier”), that provider is likely to be audited or investigated by a ZPIC or another contractor working for the Centers for Medicare and Medicaid Services (CMS).

II. Secondary Sources of Data Used by ZPICs to Identify and Target Fraud and Abuse.

As set out in the MPIM, Sec. 2.4.D, CMS has directed ZPICs to consider the following additional sources of data when determining whether further analysis against a health care provider or a specified set of claims is needed. These additional sources of data include, but are not limited to:

• OIG and Government Accountability Office (GAO) reports;
• Fraud Alerts;
• Beneficiary, physician and provider complaints;
• Appeals data from QICs, including appeals overturn rate for a particular type of claim;
• Referrals from the QIO, other contractors, CMS components, Medicaid fraud control units, Office of the U.S. Attorney, or other federal programs;
• Suggestions provided directly or implicit in various reports and other materials produced in the course of evaluation and audit activities, (e.g., contractor evaluations, State assessment, CMS-directed studies, contractor or State audits of providers);
• Referrals from medical licensing boards;
• Referrals from the CAC;
• Peer Review Reports such as the First look Analysis Tool for Hospital Outlier Monitoring (FATHOM) and Program to Evaluate Payment Patterns Electronic Report (PEPPER), and Comparative Billing Reports;
• Information on new technologies and new or clarified benefits;
• Provider cost reports;
• Provider Statistical and Reimbursement (PS&R) System data;
• Enrollment data;
• Overpayment data;
• Pricing, data analysis, and coding (PDAC) data;
• Referrals from other internal and/or external sources (e.g., MAC audit staff, audit staff or, MAC quality assurance (QA) staff);
• Medicare Learning Network–which includes MedLearn Matters articles and Quarterly Provider Compliance Newsletters;
• IBM Cognos support for the Part D and Drug Data Processing System (DDPS) using the Teradata data repository;
• CMS prepared data, such as a listing of distinct providers or suppliers and/or bills that require medical review; and
• CMS Chronic Conditions Data Warehouse (CCW).

III. When Facing a ZPIC Audit, the “Fix” is In – Guilty Until Proven Innocent.

Rather than reviewing a provider’s claims with no preconceptions in place, we believe that once a provider is identified as an outlier, there is a presumption on the part of ZPIC auditors and claims reviewers to find that the provider has engaged in improper billing activities. As the former General Counsel for one the ZPIC’s once stated:

“All of the claims audits we conduct are in connection with either a fraud case or a POTENTIAL fraud case.” (paraphrased).

Frankly, this statement says it all. ZPICs view themselves as an extension of law enforcement, despite the fact that they a merely a federal contractor working under the direction of CMS. This can place health care providers in a no-win situation. On the one hand, as a participating provider in the Medicare program, a health care provider has an obligation to cooperate with a ZPIC conducting a claims audit. Unfortunately, ZPIC investigators often request to interview physicians and other clinical staff. Since the ZPIC investigator is not technically a law enforcement official, witnesses are not advised of their rights against self-incrimination and may inadvertently make one or more statements that are not in their interests. This is especially important when you consider the fact that one of the factors currently being used as an evaluation metric when assessing the performance of ZPICs by CMS is whether the contractor has been making suspected fraud referrals to the Department of Health and Human Services, Office of Inspector General (HHS-OIG) and / or the U.S. Department of Justice (DOJ) for law enforcement review and prosecution. In fact, as HHS-OIG’s 2016 Work Plan states:

We will review the level of benefit integrity activity performed by Medicare benefit integrity contractors in CYs 2012 and 2013. This review will highlight trends in integrity activities and allow for a quick comparison of program results across years, across contractors, and across the parts of the Medicare program. CMS contracts with entities to carry out benefit integrity activities to safeguard Medicare against fraud, waste, and abuse. Activities that these contractors perform include analyzing data to identify aberrant billing patterns, conducting fraud investigations, responding to requests for information from law enforcement, and referring suspected cases of fraud to law enforcement for prosecution. (Emphasis added)

Regardless of whether the ZPIC investigator seeks to conduct interviews of your staff in an audit, after reviewing your medical documentation, the ZPIC may decide that its findings warrant referring the case to HHS-OIG or to DOJ for civil and / or criminal review and enforcement. In most cases, the ZPIC will likely find conclude that although an overpayment has been identified, the provider’s conduct does not warrant referring the case outside of the administrative appeals process. The ZPIC will then choose to treat the improper billing practices identified as an overpayment rather than as fraud.

IV. Responding to a ZPIC Audit.

In responding to a ZPIC audit, it is important to remember that although they may not technically be “bounty hunters,” it is to their benefit to find that an overpayment has occurred. These overpayments are often based on overlapping technical (such as an incorrect place of service code) and substantive (such as lack of medical necessity) reasons for denial.

Immediately upon learning of a ZPIC audit, regardless of whether the audit is a probe sample or appears to be an expanded sample of claims, we recommend that you contact legal counsel experienced in handling ZPIC audits and investigations. There are preemptive steps you may be able to take that can reduce the likelihood of a large overpayment. Addressing problematic claims on the front end may even held you avoid a situation where a ZPIC seeks to place your practice on prepayment review or recommend to CMS that you be suspended from the Medicare program. It may also stop the ZPIC from making a fraud referral to HHS-OIG or DOJ for review, assessment and possible prosecution.

Robert W. Liles, M.B.A., M.S., J.D., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law. Liles Parker is a boutique health law firm, with offices in Washington DC, Houston TX, San Antonio TX, McAllen TX and Baton Rouge LA. Robert represents health care providers and suppliers around the country in connection with Medicare audits by ZPICs, SMERCs, RACs and other CMS-engaged specialty contractors. Our firm also represents health care providers in HIPAA Omnibus Rule risk assessments, privacy breach matters, State Medical Board inquiries and regulatory compliance reviews. For a free consultation, call Robert at: 1 (800) 475-1906.

ZPIC Update: The Impact of Being Placed on Medicare Prepayment Review.

(March 9, 2016): Why have the number of prepayment reviews by Medicare contractors increased dramatically in recent years? Approximately seven years, Congress passed, and the President signed into law the Affordable Care Act. Since that time, the Centers for Medicare and Medicaid Services (CMS) and its contractors have accelerated their move away from “Pay and Chase” enforcement approaches. Today, Zone Program integrity Contractors (ZPICs), such as AdvanceMed and Health Integrity, AND Supplemental Medical Review Contractors (SMERCs), such as Strategic Health Solutions are rapidly moving towards preventative audit strategies. The purpose of this article is to briefly discuss the types of administrative enforcement actions, such as prepayment reviews, that we are currently seeing around the country.

I. Additional Documentation Requests (ADRs).

Providers should not confuse receiving an “Additional Document Request” (ADR), also sometimes referred to as an “Additional Development Request,” with being placed on prepayment review.

ADRs are often initiated by a provider’s Medicare Administrative Contractor (MAC).
ADRs typically relate to a particular probe or edit conducted by the MAC.
ADRs may be focused on specific services, length of stay, a specific provider or a specific diagnosis.

At some point in time, practically every health care provider and supplier participating in the Medicare program will receive Additional Documentation Requests (ADRs), asking that the provider or supplier submit all associated supporting documentation for review before the contractor will be able to make a coverage and payment determination with respect to that particular claim. ADRs are not uncommon. Nevertheless, it is important to keep in mind that ADRs serve a purpose. If the supporting documentation submitted to the Medicare contractor in response to an ADR fails to support coverage and payment requirements, the contractor may choose to place provider or supplier on 100% prepayment review.

II. Medicare Prepayment Reviews.

In most instances, a health care provider will not receive advance notice that it has been placed on prepayment review. Notably, this is directly contrary to Medicare’s regulations. Chapter 3 of the Medicare Program Integrity Manual (PIM) mandates notice to the provider prior to the initiation of provider-specific prepayment review:

“The Zone Program Integrity Contractors shall notify selected providers prior to beginning a provider-specific review by sending an individual written notice. ZPICs shall indicate whether the review will occur on a prepayment or postpayment basis. ZPICs shall maintain a copy of the letter and the date it was mailed. This notification shall be mailed the same day that the edit request is forwarded to the MAC. Refer to Exhibit 45 for the letter to be sent.”
See § 3.2.2 – Provider Notice, § A. Notice of Provider-Specific Review.

III. Direct Impact of Being Placed on Medicare Prepayment Review.

At first blush, being placed on prepayment review appears reasonable. It’s difficult to think of any other industry that gets paid practically “on demand” while presenting a payor with little or no proof that a covered service was actually rendered. Unfortunately, unless this administrative condition is promptly handled, prepayment review can ultimately lead to insolvency and / or bankruptcy, depending on the specific payor mix at issue.

How can occur? Most small health care providers assume that Medicare payments will always be timely. As a result, emergency / contingency funds and rainy-day savings accounts are often a thing of the past. Many small providers keep only enough funds in their business accounts to cover the practice’s overhead for 1 – 2 months. If your payor mix is 70% Medicare and 30% private payor and self-pay, being placed on prepayment review will effectively cut off most of your income for as long as the prepayment review requirement stays in place.

IV. Having a Medicare Prepayment Review Action Lifted.

We have successfully worked with numerous providers and suppliers in recent years in an effort to have the prepayment review requirement lifted. There is no “silver bullet” when it comes to having a provider taken off of prepayment review. It can’t be done overnight but it can be accomplished within a relatively short period of time. The key is not to wait – you must take action to address the prepayment review. Failure to do so can result in your practice, home health agency or clinic remaining on prepayment review for up to a year.
As a final point, it is important to keep in mind that being placed on prepayment review is a symptom. It is not the underlying problem. Is a suspension or revocation action around the next corner? Has a qui tam been filed?

V. Possible Follow-up Enforcement Actions.

If your practice, home health agency or clinic is placed on prepayment review, it is essential that you proactively deal, not ignore the problem. Hoping that the prepayment review will just “go away” is wishful thinking. In fact, should you fail to address the problem, you should keep in mind that a poor showing in connection with a prepayment audit, can lead to:

• Postpayment audit.
• Referral to CMS for possible suspension action.
• Referral to CMS for possible revocation from the Medicare program.
• Referral to HHS-OIG for possible CMP action.
• Referral to DOJ for possible False Claims Act or criminal review.

VI. Conclusion.

Left unaddressed, something as mundane as an ADR can lead to a provider or supplier being placed on prepayment review, and ultimately possibly result in even more severe administrative enforcement action. We therefore recommend that you carefully review each ADR you receive and review your submissions of supporting documentation for accuracy and completeness prior to sending it in to the contractor. Prepayment reviews, postpayment audits, suspension actions, revocation actions and referrals to law enforcement are all possible outcomes if your documentation and / or business practices fail to fully comply with applicable regulatory requirements. How can you avoid these adverse events? A huge first step would be for you to develop, implement and adhere to the provisions of an effective Compliance Program.

Robert W. Liles, M.B.A., M.S., J.D., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law. Liles Parker is a boutique health law firm, with offices in Washington DC, Houston TX, San Antonio TX, McAllen TX and Baton Rouge LA. Robert represents health care providers and suppliers around the country in connection with Medicare audits by ZPICs, SMERCs, RACs and other CMS-engaged specialty contractors. Our firm also represents health care providers in HIPAA Omnibus Rule risk assessments, privacy breach matters, State Medical Board inquiries and regulatory compliance reviews. For a free consultation, call Robert at: 1 (800) 475-1906.

Medical Director Agreements: Compensation Arrangements are Under the Microscope by HHS-OIG

(June 11, 2015): After a hiatus of almost a year, the Department of Health and Human Services, Office of Inspector General (HHS-OIG) has published a new “Fraud Alert” entitled “Fraud Alert: Physician Compensation Arrangements May Result in Significant Liability.“ As this alert makes crystal clear, physicians who serve as Medical Directors for home health agencies, hospices and other organizations must exercise care to ensure that the business relationship does not violate the federal Anti-Kickback Statute.

This article briefly discusses the potential criminal, civil and administrative liability you may suffer if your Medical Director arrangement does not fully comply with the law.

I.  The Role of the Physician in the Care and Treatment of Home Health Patients:

In June 1995, HHS-OIG published its report, “The Physicians Role in Home Health Care.” As set out in HHS-OIG’s report, prior to 1995, Medicare covered home visits by a physician, but did not cover the services of physicians for managing the home health care of their patients. On December 8, 1994, the Health Care Financing Administration (HCFA), now known as the Centers for Medicare and Medicaid Services (CMS), published new regulations in the Federal Register which provided for separate payment to physicians for care plan oversight services.. As HHS-OIG’s 1995 report further details, the agency had little data to rely on when assessing the full nature of physician involvement in home health care. Nevertheless, there were a number of concerns (based on audits conducted and anecdotal evidence provided) that physicians were not appropriately involved in the planning and coordination of home health services.

II.  HHS-OIG’s Recent Fraud Alert on Physician Compensation Arrangements:

While the role of the physician in the care and treatment of beneficiaries referred for home health may have been unclear a decade ago, there is little doubt that HHS-OIG’s view of this relationship has now crystallized.

Earlier this week, HHS-OIG published its latest Special Fraud Alert, entitled “Fraud Alert: Physician Compensation Arrangements May Result in Significant Liability.” As this report reflects, HHS-OIG is very concerned that the relationships between physicians and home health agencies (or hospices) to whom they refer patients may violate the federal Anti-Kickback Statute. The federal Anti-Kickback Statute is a criminal statute, violations of which can result in fines of up to $25,000 and up to five years imprisonment. As you will recall, under the federal Anti-Kickback Statute (42 U.S.C. §1320a-7b(b)(1)(A):

“Whoever knowingly and willfully solicits or receives any remuneration (including any kickback, bribe or rebate) directly or indirectly, overtly or covertly, in cash or in kind – in return for referring an individual to a person for the furnishing or arranging for the furnishing of any item or service for which payment may be made in whole or in part under a federal health care program.” (emphasis added).

Unfortunately, HHS-OIG has good reason to be concerned. In recent years, a number of the so-called “Medical Director” relationships established between a referring physician and a home health agency have been shown to be sham agreements, the purpose of which has been to illegally compensate a physician for the number of referrals made to a given home health agency. As HHS-OIG’s fraud alert discusses, it is essential that both parties entering  into a compensation arrangement ensure that the arrangement fully complies with applicable laws and regulations. A key component to be considered is whether the physician’s compensation is reflective of the “fair market value” of the bona fide services he or she is required to provide (and does, in fact, provide) under the agreement. While both CMS and HHS-OIG expressly recognize the importance of a physician’s involvement in the plan of care and ongoing assessment of patients receiving home health care services, they are also very cognizant of the fact that some of these relationships have been little more than a disguised kickback. As HHS-OIG’s alert reiterates:

“if even one purpose of the arrangement is to compensate a physician for his or her past or future referrals of [f]ederal health care program business. [HHS-OIG] encourages physicians to carefully consider the terms and conditions of medical directorships and other compensation arrangements before entering into them.”

HHS-OIG’s fraud alert further notes that the agency recently reached settlements with “12 individual physicians who entered into questionable medical directorship and office staff arrangements.” Arrangements that take into account physician’s volume or value of referrals, are not for a least a year, and are not based on a flat fee are particularly suspect.

III. Impact of the Patient Protection and Affordable Care Act:

Under the Patient Protection and Affordable Care Act (Affordable Care Act), Public Law 111-148, a number of important revisions to the federal Anti-Kickback Statute were enacted, one of which expanded a health care provider’s potential liability for a Medicare or Medicaid-related kickback violation. As 42 U.S.C. § 1320(a)-7b(g) now provides:

“(f) HEALTH CARE FRAUD.—

(1) KICKBACKS.—Section 1128B of the Social Security Act

(42 U.S.C. 1320a–7b) is amended by adding at the end the following new subsection:

‘‘(g) In addition to the penalties provided for in this section or section 1128A, a claim that includes items or services resulting from a violation of this section constitutes a false or fraudulent claim for purposes of subchapter III of chapter 37 of title 31, United States Code.’’.

In other words, a violation of the federal Anti-Kickback Statute may now give rise to liability under the Civil False Claims Act. As you will recall,

As a result of this legislation, federal prosecutors (and possibly whistleblowers) could have also pursued this case under the civil False Claims Act. As you will recall, a violation of the False Claims Act can result in penalties of between $5,500 to $11,000, plus treble damages, per false claim. We are now seeing False Claims Act cases brought by both the government and by private parties (Relators / Whistleblowers) involving allegations of illegal kickbacks. This is especially the case in situations where the government for whatever reasons chooses to pursue this type of conduct civilly – whether or not the government chooses to also pursue a criminal cases varies from case-to-case, and often depends on the egregiousness of the conduct and the amount of the fraud. In any event, it is important for physicians and organizations to whom they make referrals keep in mind that violations of the Anti-Kickback Statute can lead to significant civil liability.

IV.  Liability Under the Civil Monetary Penalties Law:

While violations of the federal Anti-Kickback Statute can lead to both criminal and civil liability, HHS-OIG’s fraud alert also notes that physicians and other parties to an illegal compensation agreement are also subject to liability under the Civil Monetary Penalties (CMP) Law. The administrative sanctions that HHS-OIG may pursue under CMP laws can be nearly as severe as those that may be imposed under the civil False Claims Act.

V.  Role of ZPIC Auditors in Identifying Fraudulent Compensation Agreements:

While most questionable Medical Directorships and other compensation arrangements are identified by other means, it is important to keep in mind that Zone Program Integrity Contractors (ZPICs) are actively involved in the identification and referral of potentially fraudulent provider conduct to both CMS and HHS-OIG. In fact, most ZPIC audit letters for information now include two separate “silos” (our word, not theirs) of requests. The first silo of information sought is generally concerned with specific claims information (e.g. copies of medical records, test results, billing records, physician notes, treatment and care plans, etc.). In contrast, the second silo of requests is almost exclusively focused on a health care provider’s business-related records and business relationships. Typical requests falling into this category would include lists of current and former employees, receipts for supplies purchased, copies of any Medical Directorships, copies of marketing materials, copies of any equipment / space leases, employee salary information and copies of Accounts Payable records. When reviewing the materials produced in response to the second silo of questions, if it appears to a ZPIC that a health care provider is engaged in impropriety (such as paying a referring physician for the referral of patients), they will refer the matter to CMS and / or law enforcement for further investigation and action.

VI.  What Should You Do?

Move carefully before entering into any Medical Directorship or compensation arrangement. Prior to executing any compensation agreement, both a physician and the organization to whom he or she may send referrals should have the agreement carefully reviewed by a qualified health lawyer so that any potential violations of the federal Anti-Kickback Statute can be fully addressed. Depending on the facts, the health lawyer may be able to structure the arrangement so that is fails within a Safe Harbor. To be clear, it isn’t enough that an agreement appear to be legal on its face, the actual conduct between the parties is what will ultimately be examined by law enforcement.

Robert W. Liles, JD, MS, MBA serves as Managing Partner at Liles Parker, Attorneys and Counselors at Law. Robert represents home health agencies of all sizes around the country in connection with a full range of ZPIC prepayment reviews, postpayment audits and suspension actions. He also handles home health False Claims Act cases. For a complimentary consultation, please call Robert at: 1 (800) 475-1906.

New Medicare Penalties with Quality and Safety Incentive Programs

(April 30, 2015): Starting this year, the Centers for Medicare and Medicaid Services (CMS) will have three Medicare quality and safety incentive programs go into effect. As a result, more than three dozen hospitals across the U.S. will be penalized more than 3% on most of their CMS reimbursements. Medicare penalties may be a real risk for your organization.

 I.  Medicare Quality and Safety Incentive Programs Now in Effect:

The three Medicare quality and safety incentive programs, established under the Affordable Care Act (ACA) that will take effect this year are the Hospital Value-Based Purchasing (VBP) Program, the Hospital Readmissions Reductions Program, and the Hospital-Acquired Condition (HAC) Reduction Program.

• Hospital Readmissions Reductions Program: Hospitals can be penalized up to 3% of revenue for excessive 30-day readmissions. This is the highest amount allowed under the ACA, and is a significant increase from the readmission penalty in 2014, which was 35%.
• VBP program: CMS will withhold 1.5% of payments for all hospitals and distribute incentive payments based on performance. This program establishes bonuses and penalties that will be based on different quality indicators.

• HAC Reduction Program: There will be a 1% penalty to any hospital that falls into the bottom 25% nationally for hospital-acquired conditions, such as urinary catheter or bloodstream infections and other issues related to patient safety.

II.  Impact of Increased Medicare Penalties:

To show the effect these increased Medicare penalties will have on certain hospitals, Modern Healthcare did an analysis of CMS data and found that when the Medicare penalties associated with these three programs are combined, two hospitals in particular will have considerable Medicare payments docked over 4%. The 180-bed Palisades Medical Center in North Bergen, N.J., will face a reduction of 4.44% in reimbursements, and the 455-bed Pennsylvania Hospital in Philadelphia will face a reduction of 4.21% reduction.

The escalating penalties are receiving a lot of criticism from advocates for teaching hospitals and critical-access hospitals, which make up the biggest number of worst-performing hospitals. According to these advocates, CMS programs need to be refined to ensure they are not creating additional hardships. Members of the American Association of Medical Colleges (AAMC) say that AAMC hospitals are disproportionately affected by these penalties because by their very nature they take on more complex cases and are more likely to report bad outcomes. Therefore, their stance is that they should not be compared to and held to the same standards as hospitals with different types of patients and different types of procedures.

Modern Healthcare also found that academic medical centers were among the more heavily penalized hospitals in the nation:

• The University of Colorado Hospital faces a 2.18% reduction from its Medicare reimbursements;

• Peter’s University Hospital faces a 2.5% reduction from its Medicare reimbursements; and

• Thomas Jefferson University Hospital faces a 3.01% reduction from its Medicare reimbursements.

Forty-two hospitals will face a combined penalty of 3% or higher on their 2015 Medicare revenue.

III. Improved Performance as a Result of New Programs

While some healthcare providers will surely struggle as a result of increased penalties, many facilities have already improved their performance from year to year and face low penalty rates. In fact, about 800 of the nation’s hospitals face either no penalties or will be earning rewards based on their performance in the value-based purchasing program.

For example, Bucks County Specialty Hospital in Pennsylvania earned the nation’s highest reward in the value-based purchasing program and will see a fiscal 2015 reimbursement boost of 2.09%. The acute-care hospital has not seen a 30-day readmission fine in the past three years, it will not face a HAC penalty in 2015, and it increased its VBP Program reward.

IV.  Conclusion:

There has been no suggestion from CMS that new rules or exceptions will be made for critical-access or academic medical centers who are disproportionately affected by increased penalties. Penalties are expected to increase over the years, having a large combined financial impact. By 2017, the combined penalties for HAC 30-day readmissions and value-based purchasing will put as much as 5.5% of inpatient Medicare payments at risk. CMS is constantly updating penalties for providers that don’t meet their arbitrary requirements, and these penalties are getting more expensive. If you have questions about these new penalties or any other pre-existing Medicare payment penalties that you may be at risk for violating, please give us a call, toll-free, at 1-800-475-1906.

Liles Parker attorneys represent health care suppliers and providers around the country in connection with regulatory compliance reviews, Medicare audits, HIPAA Omnibus Rule risk assessments, privacy breach matters, and State Medical Board inquiries. Robert W. Liles, Esq., is a Managing Partner at Liles Parker, Attorneys & Counselors at Law.  Call Robert for a free consultation at (800) 475-1906.

Understanding Prepayment Review in 2015

The Centers for Medicare & Medicaid (CMS) has instituted several methods to help combat the increase in waste, fraud, and abuse in the federal and state health care programs. One of the most recent trends involves pre-payment review of claims. In this process, government contractors will review a claim for problems before the claim may be paid. Unlike the traditional postpayment review process, if a health care provider is placed under prepayment review, there is very little you can do other try to identify the nature of deficiencies noted so that remedial action can be taken. Moreover, health care providers in prepayment review face expensive complications, including possible exclusion from Federal healthcare programs, if the problems which caused them to be subject to prepayment review go uncorrected. The key is to truly understand the prepayment review process and what you can do to minimize any potential problems.

I.  The Prepayment Review Process Comes to Life

In 2012, CMS introduced the Recovery Audit Prepayment Review Demonstration, which allows Recovery Auditors (RACs) to conduct prepayment reviews on certain types of claims that historically result in high rates of improper Medicare payments. The demonstration focused on eleven states: California, Florida, Illinois, Louisiana, Michigan, Missouri, New York, North Carolina, Ohio, Pennsylvania, and Texas. Prepayment Claim Review Programs apply to the National Correct Coding Initiative (NCCI), Medically Unlikely Edits (MUEs), and Medical Review (MR).

NCCI Edits are performed by Medicare Audit Contractors (MACs). CMS developed the NCCI to promote national correct coding methods and to control improper coding that leads to inappropriate payment in Medicare Part B claims. NCCI edits prevent improper payments when incorrect code combinations are reported. NCCI edits are updated quarterly.

MACs also perform MUEs, which were created to reduce the paid claim error rate for Medicare claims. MUEs and NCCIs are automated prepayment edits. MACs analyze whether the procedure on the submitted claim complies with MUE policy.

MRs are performed by MACs, Zone Program Integrity Contractors (ZPICs), and Supplemental Medical Review Contractors (SMRCs). These contractors identify suspected billing problems through error rates produced by the Comprehensive Error Rate Testing (CERT) Program, vulnerabilities identified through the Recovery Audit Program, analysis of claims data, and evaluation of other information, such as complaints. CMS, MACs, and other claim review contractors target MR activities at identified problem areas appropriate for the severity of the problem. A MAC can place a provider with identified problems submitting correct claims on prepayment review. If this happens, a percentage of the provider’s claims undergo MR before the MAC authorizes payment. Once providers re-establish the practice of billing correctly, prepayment review ends at the discretion of the contractor.

II.  Prepayment Review

A Medicare contractor will place a provider on prepayment review if they suspect the provider is billing the Medicare program inappropriately. Rather than paying these providers upon the submission of claims, the contractors require the providers to submit medical records and other documentation to support the claims. The records and documentation are then manually reviewed by nurses and other licensed practitioners. The submitted claims are then either approved or denied based on the manual review. Providers generally remain on prepayment review until their average rate of claims approval reaches a sufficiently high percentage, which is usually 80%.

CMS has directed its contractors to consider excluding physicians and other providers from Medicare and Medicaid if they have been on prepayment review for extended periods of time without correcting their “inappropriate behavior.” Exclusion from participation in Federal healthcare programs typically leads to other adverse consequences, such as loss of hospital privileges and being dropped from managed care networks.

Providers must make exhaustive efforts to avoid ending up on prepayment review and potentially facing exclusion. To do so, providers need to understand what contractors have the authority to put a provider on prepayment review, and what the contractors are looking for.

III.  Providers and Prepayment Review – A Real Concern

Unfortunately, even the mere allegation of fraud leads to prepayment review. This, in turn, can harm even the most innocent provider. Last year in New Mexico, fifteen behavioral health care providers were put on prepayment review based on “credible allegations of fraud.” Because their Medicaid reimbursements were suspended, the providers could not afford to pay their staff, rent, or other bills. The providers tried suing the state and sought an injunction that would restore funding. The providers argued that they had been denied due process by not being told what the precise charges were against them, and that at the end of the day those suffering the most were their patients. However, they were denied the injunction.

As a result, the fifteen providers ended up filing for bankruptcy. Because the behavioral health care providers served 87% of New Mexico’s Medicaid recipients, the state of New Mexico had to bring in providers from Arizona to service residents. This caused state infighting, as New Mexico’s Legislative Finance Committee objected to the New Mexico Human Services Department moving $10 million from its budget to pay Arizona agencies to take over New Mexico providers. The deal with the Arizona providers eventually went through, and 2 of the fifteen New Mexico providers were ordered to make repayments to Medicaid.

IV.  What Can Providers Do?

Unfortunately, health care providers may not be able to ignore the fact that being placed on prepayment review has become an inevitability. So what is a practitioner to do faced with this ordeal? Well, the best way for a provider to avoid a tragic situation that befell the providers in New Mexico is to have an ironclad and effective compliance plan that is followed by all provider employees and affiliates. It is best to prepare for the worst and have solid documentation of accuracy to show auditors than to lose one’s livelihood over false allegations of fraud. Have you implemented your effective compliance plan?   If not, you increase the risk that your claims may not be paid for the services you have provided. Even if you do have a compliance plan in place, the plan may no longer be up to date or may simply be ineffective. It is imperative that you take action now to reduce the risks that come along with the prepayment review process. Give us a call today and we would be more than happy to assist you with the prepayment review process as well as implementing an effective compliance plan for your organization.

Robert Liles, Esq., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law.  Liles Parker attorneys represent a variety of health care providers around the country in connection with both regulatory and transactional legal projects. For a free consultation, call Robert at (800) 475-1906.

CMS Guidance on the Role of the Medical Director

Long term care facilities are required[1] to employ a physician to serve as its medical director. Medical directors are responsible for overseeing the medical care as well as implementing resident care policies. The Centers for Medicare and Medicaid Services (CMS) has promulgated guidance for that position that outlines the specific roles and duties. Long term care facilities that accept Medicare should pay particular attention to the CMS guidance during the medical director hiring process. Furthermore, this guidance gives providers an idea of how to avoid an Office of the Inspector General (OIG) enforcement action against them for alleged questionable medical directorship arrangements with physicians.

I.  The Role of the Medical Director

Medical directors act as important leaders for long term care facilities and help them provide quality care. CMS requires all long term facilities to designate a physician to serve in this role in order to receive Medicare payments for services provided. That practitioner must be currently licensed in the State(s) in which the facility(ies) s/he serves is (are) located.

CMS guidance states that the Medical Director has two primary responsibilities:

1. Implement resident care policies; and
2. Coordinate medical care in the facility.

Moreover, the medical director’s roles and responsibilities require the practitioner serving in this capacity to be knowledgeable about current standards of practice in caring for long term care residents. That individual must be educated about how to coordinate and oversee related practitioners serving under his leadership. The medical director’s input promotes a facility’s goal of optimal resident outcomes, which may also be influenced by many other factors, such as resident characteristics and preferences, individual attending physician actions, and facility support.

II.  Implementation of Resident Care Policies and Procedures

Long term care facilities must obtain the medical director’s ongoing guidance in developing and implementing resident care policies, including review and revision of existing policies. While medical directors are the ultimate force behind resident care policies, they are not required to single-handedly put the policies into practice or monitor implementation. Instead, the medical director should collaborate and consult with facility leadership, staff, other licensed practitioners, nurse practitioners, physician assistants, and other registered health care professionals to help develop, implement, and evaluate the resident care policies and procedures.

The policies and procedures that are put into place must also reflect the current standard of practice. Moreover, although CMS guidance and regulations do not require the medical director to sign the policies or procedures, the facility must have documented evidence that its development, review, and approval of resident care policies included the medical director’s input.

III.  Coordination of Medical Care

The other critical role of the medical director is the coordination of medical care. In this sense, coordinating medical care includes organizing, directing, and managing care from appropriate health care providers to meet the health care and psychosocial needs of residents. The coordination of care must also meet current standards of practice and help the long term care facility meet its regulatory requirements.

The medical director is an important link between the facility, attending physicians, and other providers. That physician is tasked with promoting a common understanding of the “big picture” for individual residents. S/he should use the valuable information identified through the facility’s quality assessment and assurance committee and quality assurance program to address any issues related to the coordination of care.

IV.  What the CMS Guidance Provides to Long Term Care Facilities

To reduce the risk of non-compliance with CMS guidelines, facility boards should implement certain policies and procedures specifically dealing with medical directors that reflect the CMS guideline policies. For one thing, medical directorships should be reflected in the facility’s written policies and procedures manual and satisfy the requirements of all other relevant laws, including the Stark law and Anti-Kickback law. An electronic database – as well as a physical hard copy – of all these agreements should be maintained and should include a reliable tracking system to ensure that each agreement is reviewed periodically. Such monitoring on an annual basis of all medical director agreements can ensure that in each case the medical director is actually providing the services required and is being paid the compensation set forth in his agreement.

To prove that the medical director is implementing resident care policies, facility boards should check to make sure medical directorship services are legitimate and important in order for the facility to carry out its clinical functions. To prove their role in coordinating medical care in the facility, medical directors should complete a daily written log specifying each task performed and the amount of time spent performing the task.

V.  Conclusion

CMS’s guidance pertaining to the regulation on medical directors is a useful tool for all providers and medical directors. It shows what OIG will review to determine whether a legitimate, bona fide medical directorships exists at the long term care facility. If a medical director has real duties and responsibilities that are actually performed and documented, this will differentiate that physician from a sham medical directorship arrangement which is designed to reward referrals and pay kickbacks. This is especially important as the government continues to aggressively enforce efforts against providers who engage in illegal kickback practices and violations of the Stark law. As a long term care facility, it is important that you document all of the evidence related to the roles and responsibilities for, as well as the actions taken by, your medical director. These should be included in your facility’s compliance plan. Do you need assistance drafting policies and procedures related to an effective compliance plan? We would be more than happy to help you remain compliant with all CMS rules and regulations. Give us a call today.

Robert W. Liles, Esq., is a Managing Partner at Liles Parker, Attorneys & Counselors at Law.  He Liles focuses his practice on internal audits/investigations, fraud defense, and compliance and regulatory matters. The attorneys at Liles Parker represent a wide variety of health care providers and suppliers in administrative and civil proceedings. For a free consultation, call Mr. Liles at (800) 475-1906.

[1] 42 C.F.R. § 483.75(i).

Prepayment Review and the ADRs

Zone Program Integrity Contractors (ZPICs) and Medicare Administrative Contractors (MACs) have continued to focus on prepayment review. Unlike with post-payment audits, there is very little a provider placed on prepayment review can do to identify and remedy noted deficiencies. Prepayment audits have grave consequences for healthcare providers, as we’ve written previously . Often times, the result of a prepayment audit is that a provider will be placed on prepayment review for up to a year with little or no notice and no concrete way of getting out of the review.

Notice of Prepayment Review

A peril of prepayment review is that MACs and ZPICs do not typically inform providers before they are placed on prepayment audit.  In rare cases, we have seen providers get a letter from the MAC, which informs the provider they are on prepayment review and that they should anticipate Additional Documentation Requests (ADR) soon.  Most of the time, a provider finds out it has been placed on prepayment review only after receiving the ADR. A provider may be subject to an unannounced visit from the MAC or ZPIC, who will be looking for additional documentation.  This lack of notice often takes providers by surprise.  Unfortunately, sometimes the mere allegation of fraud leads to prepayment review, which sometimes harms innocent providers. Last year in New Mexico, fifteen behavioral health care providers were put on prepayment review based on “credible allegations of fraud.”  Below is an interactive presentation outlining the ADR process (note: the outline focuses on CGS ADRs, but the information is useful for all other MACs)

Cost of Prepayment Review

Prepayment review is expensive for providers because claim determinations are made after the provider has already performed services, but before any claim payment is made.  Once an Additional Documentation Request (ADR) is received for a particular claim, providers are tasked with compiling information and justifying that specific treatment date.  CMS requires all pertinent records on that specific patient, not just the date under review, to not only justify the claim as billed, but also demonstrate medical necessity in general. Once receiving the ADR documentation, the MAC has 30 days to review the materials and make a decision on the status of the claim (60 days if the ADR is for third party Liability).[1]  Only once the claim has been reviewed will the provider receive an Explanation of Benefits (EOB) from its ZPIC or MAC.   As explained in detail in the above presentation, the claim is either allowed, partially allowed, denied, or marked as having illegible/absent signatures.  The previously referenced New Mexico Behavioral Health providers had their Medicaid reimbursements suspended during prepayment review and could not afford to pay their staff, rent, or other bills. They tried suing the state, seeking an injunction that would restore funding. The providers argued that they had been denied due process by not being told what the precise charges were against them, and that at the end of the day those suffering the most were their patients. They were denied the injunction

The Prepayment Review Solution

Upon receiving notice of prepayment review, providers often scramble for a solution, but there is no escaping the tedious process required to be released from prepayment review.  Once every ADR is received and responded to, it is incumbent on the provider to seize this opportunity to improve their business.  Prepayment reviews and ADRs are not randomly assigned, there are complex formulas and red flags that determine whether a provider is at risk for being placed under review.  We recommend an on-site gap analysis performed by experts, a thorough review of the entire practice, and a complete compliance plan tailored to your practice’s exact requirements.  While performing these tasks after receiving ADRs can go a long way to prevent further action, taking these crucial steps before an audit greatly improves your chances of quickly escaping prepayment review.  Call us toll-free at 1-800-475-1906 to discuss any aspects of prepayment review and MAC/ZPIC

 

Robert W. Liles, Esq., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law.  Liles Parker attorneys represent health care providers around the country in connection with both regulatory and transactional legal projects. For a free consultation, call Robert at (800) 475-1906.

 

 

[1] http://www.cms.gov/Regulations-and-Guidance/Guidance/Manuals/downloads/pim83c03.pdf

Medicare Overpayment Demands: The Financial Timeline and Options

The process of Medicare contractors – such as Zone Program Integrity Contractors (ZPIC) and Recovery Audit Contractors (RAC) – issuing adverse medical review findings and Medicare Administrative Contractors (MAC) subsequently demanding repayment of alleged overpayments can be very daunting for providers. This is particularly true when Medicare contractors employ statistical sampling methodologies which expand overpayment sums to a designated universe of claims beyond just the actual claims reviewed. A few thousand dollars worth of claims suddenly becomes tens or even hundreds of thousands of dollars. In many instances, providers will choose to appeal adverse determinations, ready to defend the good faith provision of services based on the medical needs of its patients. Understanding the financial implications and timeline of an overpayment assessment is hugely important. Should the provider pay the overpayment up front? If the provider can’t pay the overpayment sum immediately, how can it work with Medicare to repay the sum in a financially feasible manner? What if the provider doesn’t want to repay the overpayment – what steps will Medicare take?  These questions are best addressed in reverse order.

I.  Recoupment: Short-term Strategies for Delaying

Medicare expects providers to repay any overpayment as quickly as possible. If Medicare does not receive payment within 40 calendar days from the date of the MAC’s first demand letter, Medicare will recoup the full overpayment amount beginning on day 41, meaning the overpayment will be recovered from current payments due or from future claims submitted. There are multiple ways to delay recoupment, including by submitting a rebuttal to your MAC within 15 days of the initial demand letter (no guarantee) and filing appeal requests for the first two levels of appeal within specified time frames. Specifically, a provider must file the first level appeal – called the redetermination level – within 30 days of the initial demand letter to prevent recoupment through the time that a redetermination decision issues. If the redetermination decision is unfavorable, the provider must file the second level appeal – called the reconsideration level – within 60 days of the redetermination decision. If the reconsideration decision is also unfavorable, Medicare will initiate recoupment 30 days after the reconsideration decision is issued. If the reconsideration is partially favorable, and the overpayment sum requires recalculation, recoupment will begin 30 days after the recalculated demand.

It is important for providers to understand that even while recoupment is stalled, interest accrues starting with the date of the initial demand letter and is assessed every 30 days thereafter. While capitalization does not occur, the interest rate is quite high, at 10.50% as of January 21, 2015. Even if a provider is successful at postponing recoupment, the reality is that if a provider is at all unsuccessful through the first two levels of the Medicare administrative appeals process, recoupment will begin if the provider does not repay the overpayment and the provider likely must wait years to have a hearing scheduled before an Administrative Law Judge. Given that interest accrues and recoupment delay measures are really a short-term strategy, providers should use these tactics to buy time for serious financial planning. If a provider can repay some or all of the overpayment upon demand, the provider can lower or prevent the interest penalty, not to mention control the repayment process.

II.  Extended Repayment Schedule or Cede to Recoupment?

A provider can set up an Extended Repayment Schedule (ERS) at any time once the first demand is made. If an unfavorable reconsideration decision is issued and the provider has not repaid the overpayment or established an ERS, the provider has two choices: allow Medicare to recoup or request an ERS. As long as a provider continues to appeal, Medicare cannot refer the debt to the Department of Treasury. Interest continues to accrue during recoupment and recoupment can be devastating to a provider whose payer mix is heavily weighted toward Medicare, effectively halting income. If an ERS is put into place, interest accrual ceases. Medicare also takes into consideration the financial hardship that an overpayment debt obligation imposes on a provider, and depending on whether the debt imposes a “hardship” or an “extreme hardship” on a provider, the ERS can be as long as 60 months. For a provider who is not a sole proprietor, the ERS application process can be tedious. The list of documents needed to support financial hardship is extensive, including balance sheets, income statements, cash flow statements, and lists of restricted cash funds, investments, and notes and mortgages payable. If a provider cannot establish genuine hardship, an ERS will be rejected or modified to reflect what Medicare believes is an appropriate repayment schedule based on the provider’s financials. Any repayments made under an ERS do not accrue interest in favor of the provider, if the provider is successful at reducing or eliminating the overpayment upon appeal; likewise, interest does not accrue in favor of Medicare either.

III.  Controlling the Overpayment: Paying the Overpayment Upon Demand

If a provider is able to repay some or all of the overpayment upon demand, the provider has better control over the repayment process during the administrative appeals process, even if the provider adamantly disagrees with the overpayment assessment. The provider can avoid or limit recoupment and interest accrual. The provider will get its money back if it wins on appeal, though not with interest. Of course, if the provider does not win, Medicare keeps the money.

It is important for providers to understand the financial landscape of an overpayment demand. A provider familiar with the recoupment timeline and repayment options can immediately assess its finances and determine the best strategy for addressing the alleged overpayment during the administrative appeals process.

Do you have the policies and procedures in place to effectively deal with a Medicare Recoupment?  Have you received correspondence from a ZPIC or RAC auditor and have delayed responding?

CONTACT US for a free consultation on these ZPIC issues.

Lorraine Ater, Esq. is a health law attorney with the boutique firm, Liles Parker, Attorneys & Counselors at Law.  Liles Parker has offices in Washington DC, Houston TX, McAllen TX and Baton Rouge LA.  Our attorneys represent health care professionals around the country in connection with government audits of Medicaid and Medicare claims, licensure matters and transactional projects.  Need assistance?  For a free consultation, please call: 1 (800) 475-1906.

 

Top Ten Health Care Compliance Risks for 2011.

(December 31, 2010):  In case you missed it, Congress, President Obama and the healthcare regulators had a banner year with respect to regulatory activism in 2010.  Over the next several weeks we will be releasing a series of articles on our website addressing these dramatic changes and the compliance risks they present for your practice, clinic or health care business in 2011:

Compliance Risk Number 1:  Increased “HEAT” Activity and Enforcement:  Perhaps the greatest risk to consider in 2011 is the increase in targeted health care fraud enforcement efforts by the government’s Health Care Fraud Prevention and Enforcement Action Team (HEAT).  These teams are comprised of top level law enforcement and professional staff from the U.S. Department of Justice (DOJ), the Department of Health and Human Services (HHS), and their various operating divisions.  HEAT team initiatives have been extraordinarily successful in coordinating multi-agency efforts to both prevent health care fraud and enforce current anti-fraud initiatives.

As DOJ noted in September 2010, over the previous Fiscal Year, DOJ (including its 94 U.S. Attorneys’ Offices), HHS’ Office of Inspector General (HHS-OIG), and the Centers for Medicare and Medicaid Services (CMS), jointly accomplished the following:

• Filed charges against more than 800 defendants.
• Obtained 583 criminal convictions.
• Opened 886 new civil health care fraud matters.
• Obtained 337 civil administrative actions against parties committing health care fraud.
• Through these efforts, more than $2.5 billion was recovered as a result of the criminal, civil and administrative actions handled by these joint agencies. 

President Obama’s FY 2011 budget request includes an additional $60.2 million in funding for the HEAT program.These funds will be used to establish additional teams and further fund existing investigations. Now, more than ever, it is imperative that you ensure that your Compliance Plan is both up-to-date and fully implemented.  Medicare providers are obligated to adhere to statutory and regulatory requirements and the government’s HEAT teams are aggressively investigating providers who fail to comply with the law.

Compliance Risk Number 2:  Zone Program Integrity Contractor (ZPIC) / Program SafeGuard Contractor (PSC) / Recovery Audit Contractor (RAC) Audits of Medicare Claims:  As you already know, private contractor reviews of Medicare claims are big business – one ZPIC was awarded a five-year contract worth over $100 million.  In 2011, we  should expect to see:

• The number of ZPIC / PSC / RAC audits of Physician Practices, Home Health Agencies, Hospice Companies, DME Suppliers and Chiropractic Clinics will greatly increase in 2011.
• The reliance of both contractors and the government on data mining will continue to grow.  Providers targeted will likely be based on utilization rates, prescribing practices and billing / coding profiles.
• An increase in the number of Administrative Law Judge (ALJ) hearings in where ZPIC representatives choose to attend the hearing as a “participant.”  In these hearings, the ZPIC representative will likely aggressively oppose any arguments in support of payment that you present.

Are you ready for an unannounced / unanticipated site visit or audit?  When is the last time that you have conducted an internal review of your billing / coding practices?  Are you aware of the hidden dangers when conducting these reviews?  In 2011, your Compliance Officer may very well be your most important non-clinical staff member.  Physicians and other providers should work with their Compliance Officer to better prepare for the unexpected audit or investigation.

Compliance Risk Number 3: Electronic Medical Records: Unfortunately, some early adopters of Electronic Medical Records (EMR) software are now having to respond to “cloning” and / or “carry over” concerns raised by ZPICs and Program SafeGuard Contractors (PSCs).  In a number of cases, these audits appear to be the result (at least in part) of inadequately designed software programs which generate progress notes and other types of medical records that do not adequately require the provider to document individualized observations.  Instead, the information gathered is often sparse and similar for each of the patients treated.  Take care before converting your practice or clinic to an EMR system.  Include your Compliance Officer in the selection and review process.

Compliance Risk Number 4:  Physician Quality Reporting Initiative (PQRI) Issues:  Under the Health Care Reform legislation passed last March. PQRI was changed from a voluntary “bonus” program to one in which penalties will be assessed if a provider does not properly participate.  As of 2015, the penalty will be 1.5% and will increase to 2.0% in 2016 and subsequent years. Additionally, questions about the use of PQRI date in “Program Integrity” targeting remain unanswered.  Once again, it is essential that your Compliance Officer provide guidance to your staff regarding this program and its potential impact.

Compliance Risk Number 5:  Medicaid Integrity Contractors (MICs)  and Medicaid Recovery Audit Contractors (MDRACs):  In recent months, we have seen a marked increase in the number of MIC inquiries and audits initiated in southern States.  Notably, the information and documentation requested has often been substantial.  Medicaid providers must now also contend with MDRACs.  As a result of health care reform, MDRACs are now mandatory in every State and are may initiate reviews and audits as soon as March 2011.   Compliance Officers should review their current risk areas and ensure that Medicaid coding and billing activities are actively monitored to better ensure statutory / regulatory adhereance.

Compliance Risk Number 6:  HIPAA / HITECH Privacy Violations:  Failure to comply with HIPAA can result in civil and / or criminal penalties. (42 USC § 1320d-5).

• Civil Penalties – A large retail drug store company was recently fined $2.25 million for failure to properly dispose of protected information.
• Criminal Penalties – Earlier this year, a physician in Los Angeles, CA, was sentenced to four months in prison after admitting he improperly accessed individual health information.

As of mid-2010, there had been 93 breaches affecting 500 or more individuals.  The total number of individuals whose information was disclosed as a result of these breaches was estimated at over 2.5 million.  Out of the 93 breaches, 87 involved breach of hard copy or electronic protected health information (about 1/4 involved paper records and 3/4 involved electronic records. The vast majority of the 93 breaches involved theft or loss of the records.  Many of these thefts could have been avoided with appropriate security.  The government is serious about privacy and your practice, and in 2011 you will likely see increased HIPAA / HITECH enforcement.  Your clinic or health care business must take appropriate steps to prevent improper disclosures of health information.

Compliance Risk Number 7:  Increased Number of Qui Tams Based on Overpayments:  Section 6402 of the recent Health Care Reform legislation requires that all Medicare providers, (a) return and report any Medicare overpayment, and (b) explain, in writing, the reason for the overpayment.

This law creates a minefield for physicians and other Medicare providers.  First, providers have only 60 days to comply with the reporting and refund requirement from the date on which the overpayment was identified or, if applicable, the date any corresponding cost report is due, whichever is later.  Of course, the legislation does not actually explain what it means to “identify” an overpayment.

From a “risk” standpoint, this change is enormous.  Disgruntled employees try to file a Qui Tam         (“whistleblower”) lawsuit based on a provider’s failure to return one or more Medicare overpayments to the program in a timely fashion.  While the government may ultimately choose not to intervene in a False Claims Act case based on such allegations, a provider could spend a significant amount defending the case.  Providers should ensure that billing personnel understand the importance of returning any overpayments identified as quickly as possible.

Compliance Risk Number 8:  Third-Party Payor Actions:  Third-party (non-Federal)  payors are participating in Health Care Fraud Working Group meetings with DOJ and other Federal agents.  Over the last year, we have seen an increase in the number of “copycat” audits initiated by third-party payor “Special Investigative Units” (SIUs).  Once the government has announced the results of a significant audit, the third-party payor considers the services at issue and reviews whether it may have also been wrongly billed for such services.  If so, their SIU opens a new investigation against the provider.

Compliance Risk Number 9:  Employee Screening:  With the expansion of the permissive exclusion authorities, more and more individuals will ultimately be excluded from Medicare.  As we have seen, HHS-OIG is actively reviewing whether Medicare providers have employed individuals who have been excluded.  In one recent case, HHS-OIG announced that it had assessed significant civil monetary penalties against a health care provider that employed seven individuals who the provider “knew or should have known” had been excluded from participation in Federal health care programs. These individuals were alleged to have furnished items and services for which the provider was paid by Federal health care programs.  All providers should periodically screen their staff against the HHS-OIG and GSA databases to ensure that their employees have not been excluded from participation in Federal Health Benefits Programs.

Compliance Risk Number 10:  Payment Suspension Actions:  Last, but not least, we expect the number of payment suspension actions to increase in 2011.  In late 2010, Medicare contractors recommended to CMS that this extraordinary step be taken against providers in connection with a wide variety of alleged infractions.  Reasons given for suspending a provider’s Medicare number included, but were not limited to: (1) the provider failed to properly notify Medicare of a change in location, (2) the provider allegedly engaged in improper billing practices, and (3) the provider failed to fully cooperate during a site visit.

As each of these compliance risks reflect, health care providers are expected to fully comply with a wide myriad of Medicare and Medicaid statutory and regulatory requirements.  Moreover, the failure to meet these obligations can subject a provider to penalties ranging from suspension from the program to criminal prosecution.  Providers must take compliance seriously if they hope to thrive in 2011.

Liles Parker attorneys provide health law guidance and advice to health care providers around the country.  Our attorneys have extensive experience working on compliance related matters and defending providers in connection with Medicare audits and investigations.  Should you have questions regarding these and other issues, give us a call for a free consultation.  We can be reached at 1 (800) 475-1906.

Next Page »