Category Archives: Coronavirus
Lately, I have been inundated with Medicare and Medicaid health care providers getting audited for E/M codes. I know Dr. Hirsh has spoken often about the perils of e/m codes. The thing about e/m codes is that everyone uses them. Hospitals, family physicians, urgent care centers, specialists, like cardiologists. Obviously, for a specialist, like cardiology, the higher level codes will be more common. A 99214 will be common compared to a generalist like a primary care physician, where a 99213 may be more common.
Here’s a little secret: the difference between a 99214 and 99213 is subjective. It’s so subjective that I have seen auditors who are hired by private companies to audit on behalf of CMS and are financially incentivized to find fault find 100% error rates. Who finds a 100% error rate? Not one claim out of 150 was compliant. Then, I come in and hire the best independent auditors or coders. There are generally two companies that I always use. The independent auditors are so good. Most importantly, they come in and find a much more probable error rate of almost zero.
Hiring an independent, expert coder to ensure that the RAC, MAC, UPIC, or TPE audits accurately is always part of my defense.
Recently, I learned what I should have known a long time ago, but is essential for our listeners to know. If your medical malpractice is with The Doctors Company, for free, you get $25k of – what TDC calls – Medi-Guard or regulatory compliance protection. In other words, you get audited by a UPIC and are informed that you owe an alleged $5 million, extrapolated, of course, you get $25k to pay an attorney for defense. Sadly, $25k will not come close to paying your whole defense, but it’s a start. No one scoffs at “free” money.
When accused of an alleged overpayment, placed on prepayment review, or accused of a credible allegation of fraud, your reimbursements could be in imminent danger of being suspended or recouped. It is imperative for the health care provider to stay apprised of what penalties they are facing. You want to know: “best case scenario and worst case scenario.”
And, providers, be cognizant of the gravity of your situation. Infringement of the false claims act can result in high penalties or jail, depending on the circumstances and the provider’s attorney. I had a client, who is an M.D. psychiatrist. She asked me what is the worst penalty possible. I am blunt and honest, apparently to a fault. I didn’t miss a beat. “Jail,” I said. She was horrified, called her insurance company, and requested a new attorney. TDC refused to fire me, so the doctor said that she will draft the self-disclosure herself. She also said that she submitted the falsified documents to the UPIC, so she was confident that the UPIC would not notice, but see below, time stamps are a bitch.
When I told the doctor that we needed to self-disclose to OIG because she had some Medicare claims, she screamed, “No! No! NO!” It was a video call and my sound wasn’t up loud, and I just watch her on the screen with her face all contorted and her mouth getting really big, then contract, then get really big, then contract, then get really big and then even bigger. The expert certified coder was present for the call, and he called me afterward asking me: “What was that?” And his wife, who overheard, said, “OMG. I would have lashed out.” I kept my cool. Honestly, I just felt bad for her because I can see the writing on the wall.
Obviously, a new attorney is not going to change the outcome. She falsified 17 dates of service because she wanted the service notes to be “perfect.” Well, providers, there is no such thing as perfect and changing diagnoses and CPT codes and adding details to the notes that, supposedly, you remember from a month ago is not ok.
I did feel bad for her for leaving me. I could have gotten her off without any penalties.
You see, English is not her first language. She misinterpreted an email from the UPIC and thought it said that you can fix any errors before submitting the documents. She fabricated 17 claims before I was hired instructed her to stop. I had a solid defense prepared. I was going to hire an independent auditor to audit her 147 claims with the 17 falsified claims. I would have hoped for a low error rate. Then, I would have conducted a self-audit and self-disclosed the fabrications to the UPIC with the explanation that it was a nonintentional harmless error that we are admitting. Self-disclosure can, sometimes, save you from penalties! However, if she doesn’t self-disclose, she will be caught. Unbeknownst to her, on page 6 of the service notes, it is time and date stamped. It revealed on what day she changed the data and what data she changed. Those of you who would also terminate your attorney because you think you can get by with the fraud without anyone noticing, think hard about whether you would like to suffer the worst penalty – jail – or have your attorney be honest and upfront and get you off without penalties by following the rules and self-disclosing any problems uncovered.
I have no idea what will happen to the doctor, but had she stayed with me, she would have escaped without penalty. When not to fire your attorney!
The federal Public Health Emergency (PHE) for COVID-19, declared under Section 319 of the Public Health Service (PHS) Act, is expiring at the end of the day on May 11, 2023, today! This is huge. There have been thousands of exceptions and waivers due to COVID throughout the last 2 1/2 years. But on the end of the day on May 11, 2023…POOF….
Most exceptions or waivers will immediately cease.
The Department claims it has been working closely with partners—including Governors; state, local, Tribal, and territorial agencies; industry; and advocates—to ensure an orderly transition out of the COVID PHE.
Yesterday, HHS released a Fact Sheet. It is quite extensive, as it should be considering the amount of regulatory compliance changes that will happen overnight!
Since January 2021, COVID deaths have declined by 95% and hospitalizations are down nearly 91%.
There are some flexibilities and actions that will not be affected on May 11.
Access to COVID vaccinations and certain treatments, such as Paxlovid and Lagevrio, will generally not be affected.
At the end of the PHE on May 11, Americans will continue to be able to access COVID vaccines at no cost, just as they have during the COVID PHE. People will also continue to be able to access COVID treatments just as they have during the COVID PHE.
At some point, the federal government will no longer purchase or distribute COVID vaccines and treatments, payment, coverage, and access may change.
On April 18, 2023, HHS announced the “HHS Bridge Access Program for COVID-19 Vaccines and Treatments.” to maintain broad access to vaccines and treatments for uninsured Americans after the transition to the traditional health care market. For those with most types of private insurance, COVID vaccines recommended by the Advisory Committee on Immunization Practices (ACIP) are a preventive health service and will be fully covered without a co-pay when provided by an in-network provider. Currently, COVID vaccinations are covered under Medicare Part B without cost sharing, and this will continue. Medicare Advantage plans must also cover COVID vaccinations in-network without cost sharing, and this will continue. Medicaid will continue to cover COVID vaccinations without a co-pay or cost sharing through September 30, 2024, and will generally cover ACIP-recommended vaccines for most beneficiaries thereafter.
After the transition to the traditional health care market, out-of-pocket expenses for certain treatments, such as Paxlovid and Lagevrio, may change, depending on an individual’s health care coverage, similar to costs that one may experience for other covered drugs. Medicaid programs will continue to cover COVID treatments without cost sharing through September 30, 2024. After that, coverage and cost sharing may vary by state.
Major telehealth flexibilities will not be affected. The vast majority of current Medicare telehealth flexibilities that people with Medicare—particularly those in rural areas and others who struggle to find access to care—have come to rely upon throughout the PHE, will remain in place through December 2024. Plus, States already have significant flexibility with respect to covering and paying for Medicaid services delivered via telehealth. This flexibility was available prior to the COVID PHE and will continue to be available after the COVID PHE ends.
What will be affected by the end of the COVID-19 PHE:
Many COVID PHE flexibilities and policies have already been made permanent or otherwise extended for some time, with others expiring after May 11.
Certain Medicare and Medicaid waivers and broad flexibilities for health care providers are no longer necessary and will end. During the COVID PHE, CMS used a combination of emergency authority waivers, regulations, and sub-regulatory guidance to ensure and expand access to care and to give health care providers the flexibilities needed to help keep people safe. States, hospitals, nursing homes, and others are currently operating under hundreds of these waivers that affect care delivery and payment and that are integrated into patient care and provider systems. Many of these waivers and flexibilities were necessary to expand facility capacity for the health care system and to allow the health care system to weather the heightened strain created by COVID-19; given the current state of COVID-19, this excess capacity is no longer necessary.
For Medicaid, some additional COVID PHE waivers and flexibilities will end on May 11, while others will remain in place for six months following the end of the COVID PHE. But many of the Medicaid waivers and flexibilities, including those that support home and community-based services, are available for states to continue beyond the COVID PHE, if they choose to do so. For example, States have used COVID PHE-related flexibilities to increase the number of individuals served under a waiver, expand provider qualifications, and other flexibilities. Many of these options may be extended beyond the PHE.
Coverage for COVID-19 testing will change.
State Medicaid programs must provide coverage without cost sharing for COVID testing until the last day of the first calendar quarter that begins one year after the last day of the PHE. That means with the PHE ending on May 11, 2023, this mandatory coverage will end on September 30, 2024, after which coverage may vary by state.
The requirement for private insurance companies to cover COVID tests without cost sharing, both for OTC and laboratory tests, will end at the expiration of the PHE.
Certain COVID data reporting and surveillance will change. CDC COVID data surveillance has been a cornerstone of our response, and during the PHE, HHS had the authority to require lab test reporting for COVID. At the end of the COVID-19 PHE, HHS will no longer have this express authority to require this data from labs, which will affect the reporting of negative test results and impact the ability to calculate percent positivity for COVID tests in some jurisdictions. Hospital data reporting will continue as required by the CMS conditions of participation through April 30, 2024, but reporting will be reduced from the current daily reporting to weekly.
FDA’s ability to detect shortages of critical devices related to COVID-19 will be more limited. While FDA will still maintain its authority to detect and address other potential medical product shortages, it is seeking congressional authorization to extend the requirement for device manufacturers to notify FDA of interruptions and discontinuances of critical devices outside of a PHE which will strengthen the ability of FDA to help prevent or mitigate device shortages.
Public Readiness and Emergency Preparedness (PREP) Act liability protections will be amended. On April 14, 2023, HHS Secretary Becerra mailed all the governors announcing his intention to amend the PREP Act declaration to extend certain important protections that will continue to facilitate access to convenient and timely COVID vaccines, treatments, and tests for individuals.
More changes are occurring than what I can write in one, little blogpost. Know that auditors will be knocking on your doors, asking for dates of service during the PHE. Be sure to research the policies and exceptions that were pertinent during those DOS. This is imperative for defending yourself against auditors knocking on your doors.
And, as always, lawyer-up fast!
And just like the Wicked With of the West, DING DONG! The PHE is dead.
Hello, my blog readers. Over the last two weeks, I have joined Nelson Mullins in the Raleigh office, attended Nelson Mullins’ healthcare retreat in Charlotte, and attended the Long Term and Post-Acute Care Law and Compliance conference in New Orleans, LA. It has been quite a whirlwind! I also appeared on RACMonitor, as I do every Monitor Monday.
Joining Nelson Mullins has been fantastic. There is a deep bench of health care attorneys, so now I am able to offer my clients all legal services they may need.
Today I am writing about provider relief funds (“PRF”) audits because, folks, PRF audits are HERE. If providers failed to report their PRF or used the funds for non-allowable items having nothing to do with COVID, HHS and OIG may recoup the funds.
An allowable expense under the PRF must be used to prevent, prepare for, and respond to coronavirus. PRF recipients must follow their basis of accounting (e.g., cash, accrual, or modified accrual) to determine expenses. The cited expenses, as well as losses, must not have been reimbursed from other sources and other sources must not be obligated to reimburse them.
Many providers were recipients of provider relief funds or PRF during the COVID pandemic. If providers received these funds there were reporting requirements and use requirements. Now audits are being conducted to ensure the funds’ proper use and reporting. Audits are being rolled out on two different fronts: (1) HHS; and (2) HRSA – or Health Resources Services Administration.
On Feb. 25, 2022, the American Institute of Certified Public Accountants’ (AICPA) Government Audit Quality Center (GAQC) provided long-awaited guidance to for-profit healthcare organizations that are subject to the Provider Relief Fund (PRF) audit requirements. The guidance came in the form of a practice aid entitled HHS Audit Requirements for For-Profit Entities with Awards from the Provider Relief Fund Program and Other HHS Programs. Its goal is to provide clarity to for-profit healthcare entities that expend $750,000 or more in federal awards in a given reporting period, which includes the PRF and other federal awards included in the Assistance Listing but excludes Paycheck Protection Program funds. Based on the practice aid, here is a summary of audit options available to for-profit entities to meet the audit compliance requirements of the U.S. DHHS.
- Uniform Guidance Audits
- Single Audit – A single audit requires an audit of both the financial statements under Generally Accepted Government Auditing Standards (GAGAS) and a compliance audit under Uniform Guidance. The compliance audit requires testing compliance with any major program(s) as defined by Uniform Guidance as well as obtaining an understanding of internal control over compliance and testing the internal control over compliance for each major program identified. The results are two auditor’s reports: one on the financial statements and one on compliance and internal controls over compliance. This option is necessary if federal regulations require a financial statement audit. This option is available to entities with funding from multiple programs from any federal agency.
- Program-Specific Audit – The program-specific audit is similar to the single audit except that it removes the financial statement audit requirement. Therefore, tests of compliance, an understanding of internal control over compliance, and testing internal control over compliance are required for this engagement. A schedule of a specific element of a financial statement would be prepared. The results are two auditor’s reports: one on the schedule of a specific element of a financial statement (the PRF funding) and one on compliance and internal controls over compliance. This option is only available if the entity has funding under one HHS program, such as the PRF.
- Financial-Related Audit Under GAGAS – A financial-related audit under GAGAS requires an audit to be conducted on only one schedule of a specific element of the financial statements. This option is only available if all federal funds expended during the period were from HHS programs. The schedule (the HHS Schedule) would include all federal awards from HHS, including the PRF. It does not require an audit of the financial statements or any testing of internal controls over compliance. It does require compliance testing, but no opinion on compliance is issued. The result is an auditor’s report only on the HHS Schedule.
There are 4 reporting periods per year that will be audited. Reporting for the 2023 4th period is going on now. Providers who received a PRF (General or Targeted) exceeding $10,000 in the aggregate, from July 1, 2021, to December 31, 2021, are required to report on their use of funds during RP4. The deadline to submit a report is March 31, 2023.
There is an appeal process if you receive a Final Repayment Notice. Once you receive a Final Repayment Notice, you have 60 days to either pay or appeal.
- Providers who do not take one of these actions within 60 days of HRSA’s Final Repayment Notice may be referred by HRSA to the HHS Program Support Center (PSC) for the initiation of debt collection activities.
- PSC, in coordination with the U.S. Department of Treasury, will issue formal debt collection letters to all providers that HRSA refers for debt collection. At this point, PSC and Treasury will take over all debt collection communications with referred providers. Debt collection activities may include accrual of interest, penalties, and recovery of funds by offsetting other Federal payments allocated to the entity.
HRSA cannot establish payment plans for outstanding debts. Once the repayment amount has been referred to PSC and becomes official debt, providers can apply for repayment plans directly with PSC.
Everyone knows about audits of health care providers. But what about the billing companies? Or a data-analytics company? In a complaint filed last week, a New York data-mining company DxID is accused of allegedly helping a Medicare Advantage program game federal billing regulations in a way that enabled the plan to overcharge for patient treatment. As you know, Medicare Advantage plans are paid more for sicker patients. Supposedly, DxID combed medical records for “missed” diagnoses. For example, adding major depression to an otherwise happy consumer. A few years ago, I won an injunction for a provider who 100% relied on the billing company to bill. Because this company aggressively upcoded, we used the victims’ rights statutes in the SSA to defend the provider. And it worked. Providers often forget about the safety net found in the victims’ rights statutes if they wholly rely on a billing company.
This DXID complaint cites medical conditions that it says either were exaggerated or weren’t supported by the medical records, such as billing for treating allegedly unsupported claims for renal failure, the most severe form of chronic kidney disease. The Justice Department is seeking treble damages in the False Claims Act suit, plus an unspecified civil penalty for each violation of the law.
Medicare Advantage has been the target of multiple government investigations, Justice Department and whistleblower lawsuits and Medicare audits. One 2020 report estimated improper payments to the plans topped $16 billion the previous year. In July, the Justice Department consolidated six such cases against Kaiser Permanente health plans. In August, California-based Sutter Health agreed to pay $90 million to settle a similar fraud case. Previous settlements have totaled more than $300 million.
Breaking news: Targeted Probe and Educate audits (TPE) resumed September 1, 2021. Due to COVID, TPE audits had been suspended. Unlike recovery audits, the stated goal of TPE audits is to help providers reduce claim denials and appeals with one-on-one education focused on the documentation and coding of the services they provide. TPE audits are conducted by MACs. While originally limited in scope to hospital inpatient admissions and home health claims, CMS expanded the program to allow MACs to perform TPE audits of all Medicare providers for all items and services billed to Medicare. Beware the TPE audits; they are not as friendly as they purport. A TPE audit can result in a 100 percent prepay review, extrapolation, referral to a Recovery Auditor, or other action, so a carefully crafted response to a TPE audit is critical.
The TPE audit process begins when a provider receives a “Notice of Review” letter from the MAC which states the reasons the provider has been selected for review and requests 20-40 records be produced. Once the records are produced, the MAC will review the 20-40 claims against the supporting medical records and send the provider a letter detailing the results of their review. If the claims are found to be compliant, the TPE audit ends and the provider cannot be selected for review again for a year unless the MAC detects significant changes in provider billing. However, if the claims are found not to be compliant, the MAC will invite the provider to a one-on-one education session specific to the provider’s documentation and coding practices. The provider is then given 45 days to make changes and a second round of 20-40 records will be requested with dates of service no earlier than 45 days after the one-on-one education.
The provider will be given three rounds of TPE to pass. Do not use all three rounds; get it right the first time. If the provider fails pass after three rounds, they will be referred to CMS for further action. With MA, TPE, and audits of data-analytics companies ramping up, 2022 is going to be an audit frenzy.
Every time a regulation is revised, Medicare and Medicaid audits are altered…sometimes in the providers’ favor, most times not. Since COVID, payment parity has created a large discrepancy in reimbursement rates for Medicare across the country.
Payment parity is a State-specific, Governor decision depending on whether your State is red or blue.
Payment parity laws require that health care providers are reimbursed the same amount for telehealth visits as in-person visits. During the ongoing, pandemic, or PHE, many states implemented temporary payment parity through the end of the PHE. Now, many States are implementing payment parity on a permanent basis. As portrayed in the below picture. As of August 2021, 18 States have implemented policies requiring payment parity, 5 States have payment parity in place with caveats, and 27 States have no payment parity.
On the federal level, H.R. 4748: Helping Every American Link To Healthcare Act of 2021 was introduced July 28, 2021. HR 4748 allows providers to furnish telehealth services using any non-public facing audio or video communication product during the 7-year period beginning the last day of the public health emergency. Yay. But that doesn’t help parity payments.
For example, NY is one of the states that has passed no parity regulation, temporary or permanent. However, the Governor signed an Executive Order mandating parity between telehealth and physical services. Much to the chagrin of the providers, the managed long-term care organizations reduced the Medicare and Medicaid reimbursements for social adult day care centers drastically claiming that the overhead cost of rendering virtual services is so much lower., which is really not even accurate. You have to ensure that your consumers all have access to technology. About four-in-ten adults with lower incomes do not have home broadband services (43%) or a desktop or laptop computer (41%). And a majority of Americans with lower incomes are not tablet owners.
Amidst all this confusion on reimbursement rates, last week, HHS released $25.5 billion on provider relief funds and promised increased audits. Smaller providers will be reimbursed at a higher rate than larger ones, the department said. Which leads me tov think: and perhaps be audited disproportionately more.
The first deadline for providers to report how they used grants they have already received is coming up at the end of September, but HHS on Friday announced a two-month grace period. HHS has hired several firms to conduct audits on the program.
Remember on June 3, 2021, CMS announced that MACs could begin conducting post-payment reviews for dates of service on or after March 1, 2020. Essentially, auditors can review any DOS with or without PHE exceptions applicable, but the PHE exceptions (i.e., waivers and flexibilities) continue, as the PHE was extended another 90 days and likely will be again through the end of this year.
I’m currently defending an audit spanning a 4-month period of June 2020 – September 2020. Interestingly, even during the short, 4 month, period, some exceptions apply to half the claims. While other apply to all the claims. It can get tricky fast. Now imagine the auditors feebly trying to remain up to speed with the latest policy changes or COVID exceptions.
Here, in NC, there was a short period of time during which physician signatures may not even be required for many services.
In addition to the MAC and SMRC audits, the RAC has shown an increase in audit activities, as have the UPICs and most state Medicaid plans. Commercial plan audits have also been on the rise, though they were under no directive to cease or slow audit functions at any time during the PHE.
Lastly, audit contractors have increasingly hinted to the use of six-year, lookback audits as a means for providers that have received improper payments to refund overpayments due. This 6- year lookback is the maximum lookback period unless fraud is alleged. It is important to note that the recoupments are not allowed once you appeal, so appeal!
Today I want to discuss EHR – electronic health records and RAC audits. We all remember the government pushing providers into purchasing EHR. It’s known as the meaningful use (MU) program, which is now known as the Promoting Interoperability Programs. CMS initially provided 10 incentives to accelerate the adoption of EHRs to meet program requirements. Now, physicians who fail to participate in MU will receive a penalty in the form of reduced Medicare reimbursements, at a minimum. Multiple audits at a maximum. Physicians must use certified electronic health records technology (CEHRT) and demonstrate meaningful use through an attestation process at the end of each MU reporting period to avoid the penalty.
Audits for MU can equal tens of thousands of dollars. The monetary amount is not as high as other RAC audits for medical records. One of my clients is a pediatric facility in Georgia. His facility received an alleged overpayment of $34,000 for two of his physicians not meeting the meaningful use criteria 8 and 9. We were going to fight it, but the two physicians who were dinged had quit and would not testify positively on behalf of my client. Plus, attorneys’ fees would surpass the penalty. Criteria 8 and 9 constitute proving your consumer have email and actually open their emails to check their health care internet folders, which are ridiculous criteria.
On September 2, 2020, CMS published the Fiscal Year (FY) 2021 Medicare Hospital Inpatient Prospective Payment System (IPPS) for Acute Care Hospitals and Long-Term Care Hospital (LTCH) Prospective Payment System (PPS) Final Rule which included program requirements for calendar year (CY) 2021. In this final rule, CMS continued its advancement of EHR utilization, focusing on burden reduction, and improving interoperability, and patient access to health information.
Meaningful use’s not anticipated consequence is ramping up RAC audits. Many RAC auditors are using EHR to claim “copy and paste.” Obviously, the point of EHR is to morph all service notes into a certain standard-looking note. But standard-looking notes scream copy and paste to RAC auditors. Maybe RAC auditors haven’t digested meaningful use yet.
On August 2, 2021 CMS released the Fiscal Year (FY) 2022 Medicare Hospital Inpatient Prospective Payment System for Acute Care Hospitals and Long-term Care Hospital Prospective Payment System Final Rule. For more information on the proposed changes, visit the Federal Register.
COVID affected EHR audits too.
The deadline for eligible hospitals and critical access to submit a hardship exception application is September 1, 2021.
Today I pose a very important question for you. Do your participation contracts that you sign with Medicare/caid, MCOs, MACs – do they even matter? Are these boilerplate contracts worth the ink and the paper? The answer is yes and no. To the extent that the contracts are written aligned with the federal and State regulations, the contracts are enforceable. To the extent that the contracts violate the federal regulations, those clauses are unenforceable. The contract can even, at times, be more stringent or contain more limitations than the federal regulations. One thing is for sure, these contracts can be your worst enemy or your savior, depending on the clauses.
An Idaho client-provider of mine has been the victim of Optum-“black-hole-ism.” In this case, the “black-hole-ism” will save my client from paying $500k it does not owe. My client is the leading substance abuse (SA) provider in Idaho. Optum is managing Medicaid dollars, which makes it the Agent of the “single State agency,” the Department of Health of Idaho. 42 C.F.R. 431.10. See blog.
The Optum provider contract states that – “It is agreed that the parties knowingly and voluntarily waive any right to a Dispute if arbitration is not initiated within one year after the Dispute Date.” What a great clause. If only all contracts had this limiting clause.
In our dispute, Optum avers we owe $500k. The first demand we received was dated December 2018 for DOS 2016-2017. Notice Optum was timely back in 2018. That was when the client hired my team, and we submitted a rebuttal and initiated the informal appeal to Optum. Here’s where Optum gets sloppy. Months pass. A year passes. I hear crickets in the background. A year and a half passes. Who knows why Optum took a year and a half to respond? COVID happened. Black-hole-ism? Bureaucracy and red tape? Apathy? Ineptness?
Finally, we get a response in September 2020. We respond in October 2020. Our new response included a novel argument that was not included in the 2018 rebuttal. Our argument went something like: “Na Na Na Boo Boo, you’re too late per 7.1 Optum contract.” If we could have included a raspberry, we would done so.
Remember the clause? “It is agreed that the parties knowingly and voluntarily waive any right to a Dispute if arbitration is not initiated within one year after the Dispute Date.”
Well, 2020 is 3-4 years after the initial DOS at issue: 2016-2017. This time, the boilerplate contract is our friend.
Since there is also an arbitration clause, which is not your friend, we will be wholly dependent on an arbitrator to interpret the one-year, limiting clause as a logical, reasonable person. But I will be shocked if even an arbitrator doesn’t throw out this case with prejudice.
2020 was an odd year for recovery audit contractor (“RAC”) and Medicare Administrative Contractors (“MAC”) audits. Well, it was an odd year for everyone. After trying five virtual trials, each one with up to 23 witnesses, it seems that, slowly but surely, we are getting back to normalcy. A tell-tale sign of fresh normalcy is an in-person defense of health care regulatory audits. I am defending a RAC audit of pediatric facility in Georgia in a couple weeks and the clerk of court said – “The hearing is in person.” Well, that’s new. Even when we specifically requested a virtual trial, we were denied with the explanation that GA is open now. The virtual trials are cheaper and more convenient; clients don’t have to pay for hotels and airlines.
In-person hearings are back – at least in most states. We have similar players and new restrictions.
On March 16, 2021, CMS announced that it will temporarily restrict audits to March 1, 2020, and before. Medicare audits are not yet dipping its metaphoric toes into the shark infested waters of auditing claims with dates of service (“DOS”) March 1 – today. This leaves a year and half time period untouched. Once the temporary hold is lifted, audits of 2020 DOS will be abound. March 26, 2021, CMS awarded Performant Recovery, Inc., the incumbent, the new RAC Region 1 contract.
RAC’s review claims on a post-payment and/or pre-payment basis. (FYI – You would rather a post payment review rather than a pre – I promise).
The RACs were created to detect fraud, waste, and abuse (“FWA”) by reviewing medical records. Any health care provider – not matter how big or small – are subject to audits at the whim of the government. CMS, RACs, MCOs, MACs, TPEs, UPICs, and every other auditing company can implement actions that will prevent future improper payments, as well. As we all know, RACs are paid on a contingency basis. Approximately, 13%. When the RACs were first created, the RACs were compensated based on accusations of overpayments, not the amounts that were truly owed after an independent tribunal. As any human could surmise, the contingency payment creates an overzealousness that can only be demonstrated by my favorite case in my 21 years – in New Mexico against Public Consulting Group (“PCG”). A behavioral health care (“BH”) provider was accused of over $12 million overpayment. After we presented before the administrative law judge (“ALJ”) in NM Administrative Court, the ALJ determined that we owed $896.35. The 99.23% reduction was because of the following:
- Faulty Extrapolation: NM HSD’s contractor PCG reviewed approximately 150 claims out of 15,000 claims between 2009 and 2013. Once the error rate was defined as high as 92%, the base error equaled $9,812.08; however the extrapolated amount equaled over $12 million. Our expert statistician rebutted the error rate being so high. Once the extrapolation is thrown out, we are now dealing with much more reasonable amounts – only $9k
- Attack the Clinical Denials: The underlying, alleged overpayment of $9,812.08 was based on 150 claims. We walked through the 150 claims that PCG claimed were denials and proved PCG wrong. Examples of their errors include denials based on lack of staff credentialing, when in reality, the auditor could not read the signature. Other denials were erroneously denied based the application of the wrong policy year.
The upshot is that we convinced the judge that PCG was wrong in almost every denial PCG made. In the end, the Judge found we owed $896.35, not $12 million. Little bit of a difference! We appealed.
I have good news and bad news today. I have chosen to begin with the good news. The ALJ backlog will soon be no more. Yes, the 4-6 years waiting period between the second and third level will, by sometime in 2021, be back to 90 days, with is the statutory requirement. What precipitated this drastic improvement? Money. This past year, CMS’ budget increased exponentially, mostly due to the Medicare appeals backlog. OMHA was given enough dough to hire 70 additional ALJs and to open six additional locations. That brings the number of ALJs ruling over provider Medicare appeals to over 100. OMHA now has the capability to hear and render decisions for approximately 300,000 appeals per year. This number is drastically higher than the number of Medicare appeals being filed. The backlog will soon be nonexistent. This is fantastic for all providers because, while CMS will continue to recoup the alleged overpayment after the 2nd level, the providers will be able to have its case adjudicated by an ALJ much speedier.
Now the bad news. Remember when the RAC program was first implemented and the RACs were zealously auditing, which is the reason that the backlog exists in the first place. RACs were given free rein to audit whichever types of service providers they chose to target. Once the backlog was out of hand, CMS restricted the RACs. They only allowed a 3 year lookback period when other auditors can go back 6 years, like the SMRC audits. CMS also mandated that the RACs slow down their number of audits and put other restrictions on RACs. Now that OMHA has the capacity to adjudicate 300,000 Medicare appeals per year, expect that those reins that have been holding the RACs back will by 2021 or 2022 be fully loosened for a full gallop.
Switching gears: Two of the lesser known audits that are exclusive to the CMS are the Supplemental Medical Review Contractor (“SMRC”) and the Targeted Probe and Educate (“TPE”) audits. Exclusivity to CMS just means that Medicare claims are reviewed, not Medicaid.
The SMRCs, in particular, create confusion. We have seen DME SMRC audits on ventilator claims, which are extremely document intensive. You can imagine the high amounts of money at issue because, for ventilators, many people require them for long periods of time. Sometimes there can 3000 claim lines for a ventilator claim. These SMRC audits are not extrapolated, but the amount in controversy is still high. SMRCs normally request the documents for 20-40 claims. It is a one-time review. It’s a post payment review audit. It doesn’t sound that bad until you receive the request for documents of 20-40 claims, all of which contain 3000 claim lines and you have 45 days to comply.
Lastly, in a rare act, CMS has inquired as whether provider prefer TPE audits or continue with post payment review audits for the remainder of the pandemic. If you have a strong opinion one way or the other, be sure to contact CMS.
Medicaid Fraud Control Units Performed Poorly During the Pandemic: Expect MFCU Oversight to Increase
OIG just published its annual survey of how well or poor MFCUs across the country performed in 2020, during the ongoing COVID pandemic. Each State has its own Medicaid Fraud Control Unit (“MFCU”) to prosecute criminal and civil fraud in its respective State. I promise you, you do not want MFCU to be calling or subpoena-ing you unexpectedly. The MFCUs reported that the pandemic created significant challenges for staff, operations, and court proceedings, which led to lower case outcomes in FY 2020. But during this past “lower than expected” recovery year, the MFCUs still recovered over $1 billion from health care providers. It was a 48% drop.
As MFCUs initially moved to a telework environment, some staff reported experiencing challenges conducting work because of limitations with computer equipment and network infrastructure. Field work was also limited. To help protect staff and members of the public from the pandemic, MFCUs reported curtailing some in-person field work, such as interviews of witnesses and suspects. These activities were further limited because of an initial lack of personal protective equipment that was needed in order to conduct similar activities in nursing homes and other facilities. Basically, COVID made for a bad recovery year by the MFCUs. Courts were closed for a while as well, slowing the prosecutorial process.
The report further demonstrated how lucrative the MFCU agencies are, despite the pandemic. For every $1 dollar spent on the administration of a MFCU, the MFCUs rake in $3.36. In 2020, the MFCUs excluded 928 individuals or entities. There were 786 civil settlements and judgments; the vast majority of judgments were pharmaceutical manufacturers. Convictions decreased drastically from 1,564 in 2019 to 1,017 convictions in 2020. Interestingly, looking at the types of providers convicted or penalized, the vast majority were personal care services attendants and agencies. Five times higher than the next highest provider type – nurses: LPN, RNs, NPs, and PAs.
And the award goes to Maine’s MFCU – The Maine MFCU received the Inspector General’s Award for Excellence in Fighting Fraud, Waste, and Abuse for its high number of case outcomes across a mix of case types.
OIG also established the desired performance indicators for 2021. OIG expects the MFCUs to maintain an indictment rate of 19% and a conviction rate of 89.1%.
The OIG Report Foreshadows 2021 MFCU Actions:
- Hospice: Expect audits. $0 was recovered in 2020.
- Fraud convictions increased for cardiologists and emergency medicine. Expect these areas to be more highly scrutinized, especially given all the COVID exceptions and rule amendments last year.
- Expect a MFCU rally. The pandemic may not be over, but with increased vaccines and after a down year, MFCUs will be bulls in the upcoming year as opposed to last year’s forced, lamb-like actions due to the pandemic.
While Medicare is strictly a federal program, Medicaid is funded with federal and State tax dollars. Therefore, each State’s regulations germane to Medicaid can vary. Medicaid fraud can be prosecuted as a federal or a State crime.