ZPIC Audit: Will Your Case be Referred to DOJ or HHS-OIG for Fraud?

(March 10, 2016): Has your practice, home health or hospice received an audit letter from a Zone Program Integrity Contractor (ZPIC)?  If so, one of the first questions you are likely to ask is how did this ZPIC audit get started? Why is our practice being targeted in a ZPIC audit? As a review of the administrative enforcement landscape will show, there are a myriad of tools at the disposal of the government (and its contractors) to identify and target a health care physician provider or supplier for ZPIC audit or investigation. In this article, we will provide an overview of the primary targeting tools utilized by the government and its various Medicare contractors.

I. Primary Source of Information Used to Target a Medicare ZPIC Audit.

As Chapter 2, Sec. 2.4.C of the Medicare Program Integrity Manual (MPIM) reflects:

“Claims data is the primary source of information used to identify and target fraudulent, wasteful or abusive activities.”

ZPICs around the country have been given ready access to a wide variety of claims coding, billing and utilization databases and are expected to perform complex data analysis with this data in an effort to ferret out health care providers and suppliers whose billing history appears to suggest that improper coding and / or billing practices may be taking place. Frankly, that’s the problem with ZPIC targeting methods. If a health care provider’s claims utilization and billing practices are outside of the norm (making the provider an “outlier”), that provider is likely to be audited or investigated by a ZPIC or another contractor working for the Centers for Medicare and Medicaid Services (CMS).

II. Secondary Sources of Data Used by ZPICs to Identify and Target Fraud and Abuse.

As set out in the MPIM, Sec. 2.4.D, CMS has directed ZPICs to consider the following additional sources of data when determining whether further analysis against a health care provider or a specified set of claims is needed. These additional sources of data include, but are not limited to:

• OIG and Government Accountability Office (GAO) reports;
• Fraud Alerts;
• Beneficiary, physician and provider complaints;
• Appeals data from QICs, including appeals overturn rate for a particular type of claim;
• Referrals from the QIO, other contractors, CMS components, Medicaid fraud control units, Office of the U.S. Attorney, or other federal programs;
• Suggestions provided directly or implicit in various reports and other materials produced in the course of evaluation and audit activities, (e.g., contractor evaluations, State assessment, CMS-directed studies, contractor or State audits of providers);
• Referrals from medical licensing boards;
• Referrals from the CAC;
• Peer Review Reports such as the First look Analysis Tool for Hospital Outlier Monitoring (FATHOM) and Program to Evaluate Payment Patterns Electronic Report (PEPPER), and Comparative Billing Reports;
• Information on new technologies and new or clarified benefits;
• Provider cost reports;
• Provider Statistical and Reimbursement (PS&R) System data;
• Enrollment data;
• Overpayment data;
• Pricing, data analysis, and coding (PDAC) data;
• Referrals from other internal and/or external sources (e.g., MAC audit staff, audit staff or, MAC quality assurance (QA) staff);
• Medicare Learning Network–which includes MedLearn Matters articles and Quarterly Provider Compliance Newsletters;
• IBM Cognos support for the Part D and Drug Data Processing System (DDPS) using the Teradata data repository;
• CMS prepared data, such as a listing of distinct providers or suppliers and/or bills that require medical review; and
• CMS Chronic Conditions Data Warehouse (CCW).

III. When Facing a ZPIC Audit, the “Fix” is In – Guilty Until Proven Innocent.

Rather than reviewing a provider’s claims with no preconceptions in place, we believe that once a provider is identified as an outlier, there is a presumption on the part of ZPIC auditors and claims reviewers to find that the provider has engaged in improper billing activities. As the former General Counsel for one the ZPIC’s once stated:

“All of the claims audits we conduct are in connection with either a fraud case or a POTENTIAL fraud case.” (paraphrased).

Frankly, this statement says it all. ZPICs view themselves as an extension of law enforcement, despite the fact that they a merely a federal contractor working under the direction of CMS. This can place health care providers in a no-win situation. On the one hand, as a participating provider in the Medicare program, a health care provider has an obligation to cooperate with a ZPIC conducting a claims audit. Unfortunately, ZPIC investigators often request to interview physicians and other clinical staff. Since the ZPIC investigator is not technically a law enforcement official, witnesses are not advised of their rights against self-incrimination and may inadvertently make one or more statements that are not in their interests. This is especially important when you consider the fact that one of the factors currently being used as an evaluation metric when assessing the performance of ZPICs by CMS is whether the contractor has been making suspected fraud referrals to the Department of Health and Human Services, Office of Inspector General (HHS-OIG) and / or the U.S. Department of Justice (DOJ) for law enforcement review and prosecution. In fact, as HHS-OIG’s 2016 Work Plan states:

We will review the level of benefit integrity activity performed by Medicare benefit integrity contractors in CYs 2012 and 2013. This review will highlight trends in integrity activities and allow for a quick comparison of program results across years, across contractors, and across the parts of the Medicare program. CMS contracts with entities to carry out benefit integrity activities to safeguard Medicare against fraud, waste, and abuse. Activities that these contractors perform include analyzing data to identify aberrant billing patterns, conducting fraud investigations, responding to requests for information from law enforcement, and referring suspected cases of fraud to law enforcement for prosecution. (Emphasis added)

Regardless of whether the ZPIC investigator seeks to conduct interviews of your staff in an audit, after reviewing your medical documentation, the ZPIC may decide that its findings warrant referring the case to HHS-OIG or to DOJ for civil and / or criminal review and enforcement. In most cases, the ZPIC will likely find conclude that although an overpayment has been identified, the provider’s conduct does not warrant referring the case outside of the administrative appeals process. The ZPIC will then choose to treat the improper billing practices identified as an overpayment rather than as fraud.

IV. Responding to a ZPIC Audit.

In responding to a ZPIC audit, it is important to remember that although they may not technically be “bounty hunters,” it is to their benefit to find that an overpayment has occurred. These overpayments are often based on overlapping technical (such as an incorrect place of service code) and substantive (such as lack of medical necessity) reasons for denial.

Immediately upon learning of a ZPIC audit, regardless of whether the audit is a probe sample or appears to be an expanded sample of claims, we recommend that you contact legal counsel experienced in handling ZPIC audits and investigations. There are preemptive steps you may be able to take that can reduce the likelihood of a large overpayment. Addressing problematic claims on the front end may even held you avoid a situation where a ZPIC seeks to place your practice on prepayment review or recommend to CMS that you be suspended from the Medicare program. It may also stop the ZPIC from making a fraud referral to HHS-OIG or DOJ for review, assessment and possible prosecution.

Robert W. Liles, M.B.A., M.S., J.D., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law. Liles Parker is a boutique health law firm, with offices in Washington DC, Houston TX, San Antonio TX, McAllen TX and Baton Rouge LA. Robert represents health care providers and suppliers around the country in connection with Medicare audits by ZPICs, SMERCs, RACs and other CMS-engaged specialty contractors. Our firm also represents health care providers in HIPAA Omnibus Rule risk assessments, privacy breach matters, State Medical Board inquiries and regulatory compliance reviews. For a free consultation, call Robert at: 1 (800) 475-1906.

DOJ/HHS Regional Health Care Fraud Summits are Here — Data Mining is Being Used for Targeting

(August 31, 2010):

I.     Introduction — Regional Health Care Fraud Summits:

Last week, department heads of the U.S. Department of Justice (DOJ) and the Department of Health and Human Services (HHS), met in Los Angeles, CA and conducted the second of a planned series of “Regional Health Care Fraud Prevention Summits.”  Following-up on a similar conference held in Miami, DOJ Attorney General Eric Holder HHS Secretary Kathleen Sebelius discussed a number of ongoing concerns and remedial steps that are being taken to identify, investigate and prosecute instances of Medicare fraud.  In addition to these agency heads, participants learned of current and additional planned fraud enforcement initiatives from Federal and State law enforcement officials.

II.     Health Care Fraud Issues Discussed at the Summit:

As Attorney General Holder discussed, the administration’s current enforcement actions were having a significant impact on health care fraud.  In fact, additional funding has been allocated to expand the HEAT program to additional cities:

 “. . . Last year brought an historic step forward in this fight.   In May 2009, the Departments of Justice and Health and Human Services launched the Health Care Fraud Prevention and Enforcement Action Team, or “HEAT.”   Through HEAT, we’ve fostered unprecedented collaboration between our agencies and our law enforcement partners.   We’ve ensured that the fight against criminal and civil health care fraud is a Cabinet-level priority.   And we’ve strengthened our capacity to fight health care fraud through the enhanced use of our joint Medicare Strike Forces.”    

 This approach is working.  

In fact, HEAT’s impact has been recognized by President Obama, whose FY2011 budget request includes an additional $60 million to expand our network of Strike Forces to additional cities.   With these new resources, and our continued commitment to collaboration, I have no doubt we’ll be able to extend HEAT’s record of achievement.   And this record is extraordinary.

 In just the last fiscal year, we’ve won or negotiated more than $1.6 billion in judgments and settlements, returned more than $2.5 billion to the Medicare Trust Fund, opened thousands of new criminal and civil health care fraud investigations, reached an all-time high in the number of health care fraud defendants charged, and stopped numerous large-scale fraud schemes in their tracks.

 We can all be encouraged, in particular, by what’s been accomplished in L.A.   Criminals we’ve brought to justice here – in the last year alone – include the owners of the City of Angels Hospital, who   pleaded guilty to paying illegal kickbacks to homeless shelters as part of a scheme to defraud Medicare and Medi-Cal; a physician in Torrance who defrauded insurance companies by misrepresenting cosmetic procedures as “medically necessary”; an Orange County oncologist who pleaded guilty to fraudulently billing Medicare and other health insurance companies up to $1 million for cancer medications that weren’t provided; a Santa Ana doctor who pleaded guilty to health care fraud for giving AIDS and HIV patients diluted medications; and a ring of criminals who defrauded Medi-Cal out of more than $4.5 million by using unlicensed individuals to provide in-home care to scores of disabled patients, many of them children.“ (emphasis added).

As HHS Secretary Sebelius further noted:

“In March, we gave him some help when Congress passed and the president signed the Affordable Care Act — one of the strongest health care anti-fraud bills in American history. Under the new law we’ve begun to strengthen the screenings for health care providers who want to participate in Medicaid or Medicare.  And I am proud to announce that CMS is issuing a final rule strengthening enrollment standards for suppliers of durable medical equipment, prosthetics, orthotics, and supplies (DMEPOS).

This rule and others coming soon mean that only appropriately qualified suppliers will be enrolled in the program. The days when you could just hang a shingle over a desk and start submitting claims are over. No more power-driven wheelchairs for marathon runners.  Under the new law, we’re also making it easier for law enforcement officials to see health care claims data from around the country in one place, combining all Medicare-paid claims into a single, searchable database. And we’re getting smarter about analyzing those claims in real time to flag potential scams.  It is what credit card companies have been doing for decades:  If 10 flat screen TV’s are suddenly charged to my card in one day, they know something’s not quite right. So they put a hold on payment and call me right away. 

We should be able to take the same approach when one provider submits ten times as many claims for oxygen equipment as a similar operation just down the road.  It’s about spotting fraud early before it escalates and the cost grows.  As we step up our efforts to stamp out fraud, we’re holding ourselves accountable. The President has made a commitment to cut improper Medicare payments in half by 2012.”

While DOJ Attorney General Holder’s and HHS Secretary Sebelius’ presentations provided an overview of law enforcement’s current and future efforts, the comments of DOJ Assistant Attorney General for the Criminal Division, Lanny A. Breuer, were especially enlightening in terms of how providers are being identified and targeted for investigation.   As Mr. Breuer discussed:

“In 2007, the Criminal Division of the Justice Department refocused our approach to investigating and prosecuting health care fraud cases. Our investigative approach is now data driven: put simply, our analysts and agents review Medicare billing data from across the country; identify patterns of unusual billing conduct; and then deploy our “Strike Force” teams of investigators and prosecutors to those hotspots to investigate, make arrests, and prosecute. And as criminals become more creative and sophisticated, we intend to use our most aggressive investigative techniques to be right at their heels. Whenever possible, we actively use undercover operations, court-authorized wiretaps and room bugs, and confidential informants to stop these schemes in their tracks.” (emphasis added).

As Mr. Breuer’s comments further confirm, health care providers are being identified based on their billing patterns.  Through the use of data-mining, providers who coding and billing practices identify them as “outliers,” are finding themselves subjected to  administrative, civil and even criminal investigation.

III.     Commentary:

As counsel for a wide variety of health care providers around the country, we are especially concerned that honest, hard-working health care providers are finding themselves and their practices / clinics under investigation merely because:  (1) their productivity is higher than that of their peers, or (2) their focus is specialized and often treats a higher percentage of seriously sick patients which ultimately requires a more detailed or comprehensive examination than one might normally find.  Ultimately, through our representation of health care providers who have been targeted through data-mining, we believe that it is fundamentally unfair to investigate a provider merely on the basis of statistical data which can be manipulated in a thousand different ways in order to justify going after a specific provider or a type of practice.

On the administrative side, when data-mining is used as a targeting tool, providers are being audited and pursued by ZPICs, PSCs and RACs – each of is incentivized (either because they receive a percentage of any overpayment OR they are under contract with CMS to find overpayments and wrongful billings) to find fault with the provider.

IV.     Continuing Health Care Fraud Concerns:

Under the current system, providers targeted through data-mining are likely to be saddled with extrapolated damages which can easily run into the millions of dollars, regardless of the fact that a large percentage of these providers are eventually exonerated (either fully or partially) when the case is heard by an Administrative Law Judge.

Health care providers subjected to an administrative audit (by a ZPIC, PSC or RAC), civil investigation (such as a review by the DOJ for possible False Claims Act liability), or criminal investigation (by DOJ or a State Medicaid Fraud Control Unit) should immediately contact your counsel.  Extreme care should be taken when making statements to Federal or State investigators.  Should the provider make a statement that is false or misleading, such comments could be used as the basis for bringing a separate cause of action.  Your legal counsel may choose to handle all contacts with the government.

Robert W. Liles serves as Managing Partner at Liles Parker.  Should you need assistance in connection with Medicare matters and cases.  Should you have questions regarding these issues, give us a call for a free consultation.   Call us at: 1 (800) 475-1906.

Medicare Fraud Strike Force Operation Leads to Charges against 94 Defendants, including 4 in South Texas

(July 17, 2010): Yesterday, the Department of Justice (DOJ) announced charges against 94 physicians, medical assistants, and health care company owners and executives in connection with alleged false Medicare claims amounting to more than $251 million.  24 defendants from Miami account for approximately $103 million of that amount.  Four defendants were charged in Houston for their alleged roles in a $3 million scheme to submit fraudulent claims for durable medical equipment (DME).   Other arrests were made in Baton Rouge, Brooklyn, and Detroit.   

The offenses charged include conspiracy to defraud the Medicare program, criminal false claims, violations of the anti-kickback statutes, and money laundering.  The charges are based on a variety of fraud schemes, including physical therapy and occupational therapy schemes, home health care schemes, HIV infusion fraud schemes and durable medical equipment (DME) schemes.

Announcing the arrests, Attorney General Eric Holder said, “With today’s arrests, we’re putting would-be criminals on notice: Health care fraud is no longer a safe bet.  It’s no longer easy money.  If you choose to engage in health care fraud, you will be found; you will be stopped; and you will be brought to justice.”

The operation was conducted by the joint DOJ-HHS Medicare Fraud Strike Force, multi-agency teams of federal, state, and local investigators designed to combat Medicare fraud through the use of Medicare data analysis techniques and an increased focus on community policing.  Strike Force teams are operating in seven cities in the United States: the five aforementioned cities, Los Angeles, and Tampa.  AG Holder noted that the ongoing Strike Force initiative in South Florida has resulted in the indictments of 810 organizations and individuals since March 2007 and uncovered $1.85 billion in improperly billed claims.

The Strike Forces are a part of Health Care Fraud Prevention and Enforcement Action Team (HEAT), which is made up of top level law enforcement and professional staff from the DOJ and HHS and their operating divisions.  HEAT is dedicated to joint efforts across government to both prevent fraud and enforce current anti-fraud laws around the country.

Should you have any questions regarding these issues, don’t hesitate to contact us.  For a complementary consultation, you may call Robert W. Liles or one of our other attorneys at 1 (800) 475-1906.

Texas Psychiatrist Indicted and Arrested

(July 9, 2010):  On June 14, 2010 the U.S. Attorney’s Office for the Western District of Texas announced that a Federal Grand Jury had returned a 99-count indictment against a pain management physician who operated clinics in San Antonio and El Paso.  The physician was charged with 21 counts of health care fraud, 20 counts of false statements relating to health care fraud matters, 21 counts of mail fraud, 16 counts of wire fraud, 4 counts of unlawful distribution of a controlled substances and 16 counts of money laundering.  The indictment alleges that the physician “caused to be submitted claims for reimbursement of peripheral nerve injections, facet injection procedures and Level Four office visits–typically involving 25 minutes of face-to-face time between patient and physician–which never were performed.”  Instead, the U.S. Attorney’s Office alleges that the physician performed “prolotherapy” on his patients — a procedure that Federal health care benefit programs do not reimburse.

Notably, an indictment is merely a charge and is not considered to be evidence of guilt. In issuing this indictment, the Texas HEAT task force, comprised of Federal prosecutors and investigative agencies,  have continued to ramp up efforts to investigate and prosecute allegations of health care fraud.  Notably, the use of “prolotherapy,” a relatively new therapeutic approach, has been supported by some of the best known clinics and physicians in the country.

While this case has yet to fully develop, it again points out that health care providers must take care when utilizing new approaches, despite the fact the therapeutic technique may be considered to be state-of-the-art.  Unfortunately, Medicare may take years to recognize and cover some techniques.  In the mean time, it is essential that providers take care when coding and billing for procedures that may not clearly qualify for coverage under applicable Medicare and / or contractor guidance.

Should you have any questions regarding these issues, don’t hesitate to contact us.  For a complementary consultation, you may call Robert W. Liles or one of our other attorneys at 1 (800) 475-1906.

President Obama Appoints New Head of CMS