Category Archives: Alleged Overpayment

Can Medicare/caid Auditors Double-Dip?

The issue today is whether health care auditors can double-dip. In other words, if a provider has two concurrent audits, can the audits overlap? Can two audits scrutinize one date of service (“DOS”) for the same consumer. It certainly doesn’t seem fair. Five years ago, CMS first compiled a list of services that the newly implemented RAC program was to audit. It’s been 5 years with the RAC program. What is it about the RAC program that stands out from the other auditor abbreviations?

We’re talking about Cotiviti and Performant Recovery; you know the players. The Recovery Audit Program’s mission is to reduce Medicare improper payments through the efficient detection and collection of overpayments, the identification of underpayments and the implementation of actions that will prevent future improper payments.

RACs review claims on a post-payment basis. The RACs detect and correct past improper payments so that CMS and Carriers, and MACs can implement actions that will prevent future improper payments.

RACs are also held to different regulations than the other audit abbreviations. 42 CFR Subpart F dictates the Medicaid RACs. Whereas the Medicare program is run by 42 CFR Subchapter B.

The auditors themselves are usually certified coders or LPNs.

As most of you know, I present on RACMonitor every week with a distinguished panel of experts. Last week, a listener asked whether 2 separate auditors could audit the same record. Dr. Ronald Hirsh’s response was: yes, a CERT can audit a chart that another reviewer is auditing if it is part of a random sample. I agree with Dr. Hirsh. When a random sample is taken, then the auditors, by definition, have no idea what claims will be pulled, nor would the CERT have any knowledge of other contemporaneous and overlapping audits. But what about multiple RAC audits? I do believe that the RACs should not overlap its own audits. Personally, I don’t like the idea of one claim being audited more than once. What if the two auditing companies make differing determinations? What if CERT calls a claim compliant and the RAC denies the claim? The provider surely should not pay back a claim twice.

I believe Ed Roche presented on this issue a few weeks ago, and he called it double-dipping.

This doesn’t seem fair. What Dr. Hirsh did not address in his response to the listener was that, even if a CERT is allowed to double-dip via the rules or policies, there could be case law saying otherwise.

I did a quick search on Westlaw to see if there were any cases where the auditor was accused of double-dipping. It was not a comprehensive search by any means, but I did not see any cases where auditors were accused of double-dipping. I did see a few cases where hospitals were accused of double-dipping by collecting DSH payments to cover costs that had already been reimbursed, which seems like a topic for another day.

The Importance of the Differences in SMRCs, RACs, and QIOs

The Centers for Medicare & Medicaid Services (“CMS”) has modified the additional documentation request (“ADR”) limits for the Medicare Fee-for-Service Recovery Audit Contractor (“RAC”) program for suppliers. Yet, one of our listeners informed me that CMS has found a “work around” from the RAC ADR limits. She said, “There is the nationwide Supplemental Medical Review Contractor (“SMRC”) audits and now nationwide Quality Improvement Organizations (“QIO”) contract audits. These contracts came about after the Congressional limits on number of audits by the RAC.” Dr. Hirsh retorted, “But SMRC and QIO are not paid contingency fee. So, they are “different” audits. RACs are evil; SMRC and QIO have a few redeeming qualities.” I completely agree with Dr. Hirsh. But her point is well taken – SMRCs and QIOs follow different rules than RACs, so of course the SMRCs and QIOs have distinct ADR limits.

This is similar to the lookback periods. The lookback period varies depending on the acronym: RAC, MAC, or UPIC. RACs’ lookback period is 3 years, yet other acronyms get longer periods. I think what Dr. Hirsh is saying is right, because RACs are paid by contingency instead of a contracted rate, we have to limit the RACs authority because they are already incentivized the find problems., plus they are allowed to extrapolate. The RACs already have too much leash.

So, what are the RAC ADR limits?

Well, interestingly they just changed in April 2022. These limits will be set by CMS on a regular basis to establish the maximum number of medical records that may be requested by a RAC, per 45-day period. Each limit will be based on a given supplier’s volume of Medicare claims paid within a previous 12-month period, in a particular Healthcare Common Procedure Coding System (HCPCS) policy group. The policy groups are available on the pricing, coding analysis, and coding (PDAC), website. Limits will be based on the supplier’s Tax Identification Number (TIN). Limits will be set at 10% of all paid claims, by policy group, paid within a previous 12-month period, divided into eight periods (45 days). Although a RAC may go more than 45 days between record requests, in no case shall a RAC make requests more frequently than every 45 days. Limits are based on paid claims, irrespective of individual lines, although credit/replacement pairs shall be considered a single claim.

I wanted to go into the SMRCs and QIOs’ ADR limits to see whether they are are following THEIR rules, but I’m out of time for today. I’ll research the SMRCs and QIOs ADR limits for next week and I will have an answer for you.

OIG Audited CMS, and CMS Failed!

Apparently, CMS also must undergo audits and it did, but I am not sure I believe the results. But that would be par for the course; I generally don’t find any audit results to be accurate. OIG audited CMS. OIG tried to verify that CMS actually collected all the funds from alleged Medicare overpayments. According to the audit, OIG was able to verify that verify that CMS had collected $120 million of the $498 million in overpayments. CMS told auditors that it has collected $272 million but auditors said the agency failed to properly document the recovery of $152 million.

            Without question, when there is a Medicare alleged overpayment and the provider appeals, you have 5 levels of appeal. The first two levels, redetermination and reconsideration, are basically rubber stamp approval of the original decision. But after the 2nd level, rubber stamp and before you go to the third level, recoupment begins of the alleged amount owed, even though you haven’t completed litigation AND you may receive a decision at the third level that the money is not owed. Nonetheless, the recoupment begins.

            In my experience, I have never had an instance that CMS forgot to prematurely recoup. I’m sure if there were instances of CMS forgetting to prematurely recoup the provider were ecstatic. Elated. But they were also probably nervous as heck, because we all know that, eventually, the government gets its money.

            In fact, one of the recommendations from CMS’ audit, was that OIG suggested that CMS revise 42 CFR §405.980, which is the federal regulation that allows for reopening initial determinations, redeterminations, reconsiderations, decisions, and reviews. The regulation already allows QICs, ALJs, the contractor – anyone who makes decisions about Medicare audits – the ability to reopen a decision already made. There are time frames for doing so.

            For example, “A party may request that a contractor reopen its initial determination or redetermination within 1 year from the date of the initial determination or redetermination for any reason.” 42 CFR 405.980(c)(1). Although I’ve never understood this section. Why would a party request its audit to be reopened instead of just appealing to the next level? I doubt reopening an initial determination would yield better results. But really the purpose of §405.980 is that the government can choose to reopen a decision and, later on, after you think you won your case and owe nothing, this regulation allows them to change their mind.

            This just goes to show you, the laws are written in favor of the government. It truly is a David and Goliath battle.

Medicare Provider Appeals: The Ghost Auditor

In litigation, there are two opposing sides, like football. It wouldn’t be much of a game if one side didn’t show up. In Medicare provider appeals, only one side shows up and I am asking – how is that fair? Let me explain:

You, as a provider receive a notice of Medicare overpayment in the mail. NGS or Palmetto or whoever claims you owe $4 million dollars. Of course the amount is extrapolated.

You decide to appeal. The first level is a redetermination at the Medicare Administrative Contractor. It is a desk review; you do not have the opportunity to question the other side. It’s just a 2nd look at the audit. The second level is the same as the first but performed by a QIC, and it’s called a reconsideration. The third level you finally get before an administrative law judge. Here, you envision the auditor presenting its evidence in support of why you owe $4 million dollars, and you presenting evidence and support that you don’t owe the money.

You would be wrong.

The auditors may participate in an ALJ Hearing. However, in my experience, the auditors never show up. They don’t provide evidence that their extrapolation was accurate or that their clinical findings are precise. No one substantiates the allegation that you owe $4 million. Instead, you get a soliloquy of why you don’t owe the money. The Judge may ask you questions, but you won’t be cross examined nor will you have the opportunity to cross examine the auditor.

The Medicare provider appeal process flies in the face of America’s judicial system. Our rules allow the accused to confront the accuser. At no time during your Medicare appeal do you get to challenge the auditor nor does the auditor have to back up his or her work. The audits are accepted as true without any verification.

This process needs to be amended. Medicare auditors should have to prove that their audits are accurate. They should have to prove that the documents didn’t support the claim billed and why. They should not be allowed to hide behind generic, cut-and-pasted denials without having to explain their reasoning, if there were any.

This nonsensical, three-ring-circle is why providers refuse to accept Medicare.

In 2020, one percent of non-pediatric physicians formally opted out of Medicare. Most of those opting out were psychiatrists – 42%.

This just goes to show you, qualifying for Medicare doesn’t guarantee that providers will accept you. It’s only going to get worse unless we change the appeal process for providers.

Auditing Medicare Advantage Organizations – About Time!

The American Hospital Association (“AHA”) is asking the Department of Justice (DOJ) to look into health insurance companies that routinely deny patients access to care and payments to providers. I’d like a task force as well. This is exactly the problem I have witnessed with managed care organizations or MCOs. In traditional Medicare and Medicaid, MCOs are prepaid and make profit by denying consumers medical care, terminating provider contracts, and not paying providers for care rendered. Congress created the same scenario with Medicare Advantage. Individuals can elect coverage through private insurance plans. While MA has been wildly successful and popular, the AHA is complaining that too many people are getting denied services.

            An OIG report that was published in April cites MAOs as denying services for beneficiaries. We are always talking about providers getting audited, it is about time that the companies that are gateways for providers getting reimbursed and beneficiaries getting medically necessary services are likewise audited for denying services. It seems ironic that providers are audited for potentially billing for too many services and these gateway, third party reimbursement companies are audited for providing too few services – or denying too many prior authorizations. But if the MCO or MAO deny medical services, then the money that would have been paid to the provider stays in their pocket.

            The OIG report found that many MAOs delay or deny services despite those services meeting Medicare prior authorization criteria, approximately 13-18%. Almost a 20% wrongful denial rate. When these MAOs get tax payer money for a Medicare beneficiary and deny services those tax dollars stay in the MAO’s pockets.

            Supposedly MAOs approve the vast majority of requests for services and payment, they issue millions of denials each year, and OIG’s audit of MAOs has highlighted widespread and persistent problems related to inappropriate denials of services and payment. As enrollment in Medicare Advantage continues to grow, MAOs play an increasingly critical role in ensuring that Medicare beneficiaries have access to medically necessary covered services and that providers are reimbursed appropriately.

            According to the OIG report, MAOs denied prior authorization and payment requests that met Medicare coverage rules by: (1) using MAO clinical criteria that are not contained in Medicare coverage rules; (2) requesting unnecessary documentation; and (3) making manual review errors and system errors.

            Personally, I am fed up with these private, insurance companies denying services and keeping our tax dollars. It is about time the insurance companies are audited.

Absent Auditors in Medicare Provider Appeals

(On a personal note, I apologize for how long since it has been my last blog. I was in an accident and spent 3 days in the ICU.)

I’d like to write today about the sheer absurdity about how these RAC, ZPIC, MAC, and other types of audits are being held against health care providers. When an auditor requests documents from a provider and opines that the provider owes a million dollars in alleged overpayments, I would expect that the auditor will show up before an independent tribunal to defend its findings. However, for so many of these Medicare provider appeals, the auditor doesn’t appear to defend its findings.

In my opinion, if the entity claiming that you owe money back to the government does not appear at the hearing, the provider should automatically prevail. A basic legal concept is that the accused should be able to confront its accuser.

I had depositions the last two weeks for a case that involved an opiate treatment program. The two main accusers were Optum and ID Medicaid. When Optum was deposed, they testified that Optum did not conduct the audit of the facility. When ID Medicaid was deposed, it contended that Optum did conduct the audit at issue.

When not one person can vouch for the veracity of an audit, it is ludicrous to force the provider to pay back anything. Auditors cannot hide behind smoke and mirrors. Auditors need to testify to the veracity of their audits.

To poke holes in Medicare audits, you need to know the rules. You wouldn’t play chess without knowing the rules. Various auditor have disparate look-back period, which is the time frame the auditor is allowed to look back and review a claim. For example, RACs may only look back 3 years. Whereas ZPICs have no specific look back period, although I would argue that the older the claim, the less likely it is to be recouped. There is also the federal 48-month limit to look backs absent accusations of fraud.

When appealing the outcome of a MAC or RAC audit, it is necessary for providers to have a specific reason for challenging the auditors’ determinations. Simply being dissatisfied or having generalized complaints about the process is not enough. Some examples of potential grounds for challenging a MAC or RAC determination on appeal include: 

  • Application if inapplicable Medicare billing rules 
  • Misinterpretation of applicable Medicare billing rules 
  • Reliance on unsound auditing methodologies
  • Failure to seek an expert opinion 
  • Ignoring relevant information disclosed by the provider 
  • Exceeding the MAC’s or RAC’s scope of authority 

It is imperative that you arm yourself in defending a Medicare audit, but if the auditor fails to appear at any stage in litigation, then you should call foul and win on a “absent” technicality.

The Medicare Provider Appeals Backlog and LCDs May Not Be As Important as One Would Think!

It’s a miracle! HHS has reduced the Medicare appeals backlog at the Administrative Law Judge (“ALJ”) level[1] by 75 %, which puts the department on track to clear the backlog by the end of the 2022 fiscal year. The department had 426,594 appeals bottlenecked on backlog. An audit from 2016 could get heard by an ALJ in 2021. However, movement has occurred.

According to the latest status report, HHS has 86,063 pending appeals remaining at the Office of Medicare Hearing and Appeals (“OMHA”).

In 2018, a federal Judge ruled in favor of the American Hospital Association (“AHA”) and its hospital Plaintiffs and Ordered HHS to eliminate the backlog of appeals by the end of FY 2022 and provided the department with a number of goals. According to the ruling, HHS had to reduce the backlog by 19 percent by the end of FY 2019, 49 percent by the end of FY 2020, and 75 percent by the end of FY 2021. Originally, the Order scheduled the timeframe for disseminating the backlog much shorter, but CMS claimed impossibility.

On another note, lately, I’ve seen a lot of supposed audit results based on local coverage determinations (“LCDs”) or policy manuals. This is unacceptable. In a January 4, 2022, decision from the NC Court of Appeals, the Court held that when a State agency implements an unpromulgated rule, the rule may not be enforced. Hendrixson v. Div. of Soc. Servs., 2022-NCCOA-10, ¶ 9. The Hendrixson case piggybacks the Supreme Court, which held that LCDs are unenforceable against providers. Azar v. Allina Health Services, 139 S. Ct. 1804, 204 L. Ed. 2d 139 (2019).

In Hendrixson v. Division of Social Services, the Court held that people eligible for Medicare Part B must apply and enroll and that if the applicant fails to enroll, Medicaid pays no portion of the costs for medical services that would have been covered by Medicare Part B, as you know Medicare Part B provides coverage for certain hospital outpatient services, physician services, and services not covered by Part A. See Bruton, 134 N.C. App. at 42, 516 S.E.2d at 635; 42 U.S.C. § 1395k (2019); 42 C.F.R. § 407.2 (2020). Enrollment in Medicare Part B is generally not automatic, see 42 C.F.R. §§ 407.4-407.40 (2020), and requires the patient to pay insurance premiums to enroll, after which the federal government pays most of the reasonable costs, with patients paying the remaining cost and an annual deductible. See Bruton, 134 N.C. App. at 42, 516 S.E.2d at 635; 42 U.S.C. §§ 1395l, 1395r-1395s (2019); 42 C.F.R. § 407.2 (2020). “Together, the part B premiums, deductibles and coinsurance are generally referred to as ‘Part B cost-sharing.’” Bruton, 134 N.C. App. at 42, 516 S.E.2d at 635. At your hospital or health care entity, do you have someone dedicated to properly enrolling consumers into Medicare Part B? If not, you may want to consider as a financial investment. Additionally, while you do not want to ignore the LCDs, the LCDs or Manuals cannot be a basis for any alleged recoupment or other sanction. As a general canon, any unpromulgated rule cannot be the basis of any penalty.


[1] The ALJ level is the third level in Medicare provider audits, but the first time that providers are allowed to present evidence to an independent tribunal.

Defenses Against Medicare/caid Audits: Arm Yourself!

Auditors are overzealous. I am not telling you anything you don’t know. Auditors cast wide nets to catch a few minnows. Occasionally, they catch a bass. But, for the most part, innocent, health care providers get caught in the overzealous, metaphoric net. What auditors and judges and basically the human population doesn’t understand is that accusing providers of “credible allegations of fraud” and alleged overpayments, when unfounded, has a profound and negative impact. First, the providers are forced to hire legal counsel at an extremely high cost. Their reputations and names get dragged through the mud because providers are guilty until they are proved innocent. Then, once they prove that there is no fraud or noncompliant documents, the wrongly accused providers are left with no recourse.

            The audits generally result in similar reasoning for denials. For instance,

  1. Lacks medical necessity. Defense: The treating physician rule. Deference must be given to the treating physician, not the desk reviewer who has never seen the patient.
  2. Canned notes: Defense: While canned notes are not desirable, it is not against the law. There is no statute, regulation, or rule against canned notes. Canned notes are just not best practices. But, in reality, when you serve a certain population, the notes are going to be similar.
  3. X-rays tend to be denied for the sole reason that there are no identifying notes on the X-ray. Or the printed copy of the X-ray you submit to the auditors is unreadable. Defense/Proactive measure: When you submit an X-ray, include a brief note as to the DOS and consumer.
  4. Signature illegible; therefore, no proof of provider being properly trained and qualified. Defense: This one is easy; you just show proof of trainings, but to head off the issue, print your name under your signature or have it embedded into your EHR.
  5. Documentation nitpicking. The time, date, or other small omissions result in many a denial. Defense: There is no requirement for documents to be perfect. The SSA provides defenses for providers, such as “waiver of liability” and “providers without fault.” The “waiver of liability” defense provides that even if payment for claims is deemed not reasonable and necessary, payment may be rendered if the provider did not know and could not have been reasonably expected to know that payment would not be made.

Whenever a client tells me – let’s concede these claims because he/she believes the auditors to be right, I say, let me review it. With so many defenses, I rarely concede any claims. See blog for more details.

Medicare Appeals: When It Comes To Appealing, Beneficiaries May Be Key!

Today I want to discuss the Medicare appeal process and its faults. Upon undergoing a Medicare audit by Safeguard or whichever auditor contracted by CMS, a provider usually receives a notice of overpayment. The 5-level appeal process is flawed as the first two levels rubber-stamp the findings. After the second level of appeal – the QIC level to the ALJ – recoupment occurs unless the provider set up an extended repayment schedule (ERS) or files for an injunction in federal court based on a taking of a property right; i.e., the right to reimbursement for services rendered.

Everyone deserves to be paid for medically necessary services rendered. The conundrum here is that the circuit courts are split as to the protections a provider deserves.

Whenever a federal injunction is filed, the Defendant auditor files a Motion to Dismiss based on (1) failure to exhaust administrative remedies and that the Medicare Act requires the administrative process; therefore, the federal court has no jurisdiction. The provider will argue that the federal action is ancillary to the substantive issue of whether the overpayment was in error and that its protected property right is being taken without due process.

A new case rendered October 1, 2021, Integrity Social Work Services, LCSW, LLC. V. Azar, 2021 WL 4502620 (E.D.N.Y 2021) straddles the fence on the issues. The EDNY falls within the 2nd circuit, which is undecidedly split. The 5th Circuit is, as well, split. District courts across the country are split on whether Medicare providers have a protected property interest in Medicare payments subject to recoupment. Several courts have found that the Medicare Act does create such a property right, including NC, 4th Circuit, Texas, Florida, Ohio, and Illinois, to name a few.

This provider was accused of an alleged overpayment of about 1 million. It argued that because it will not receive a prompt ALJ hearing that it will be driven out of business. This is a harsh and unacceptable outcome that readily occurs in about half the states. Providers should be aware of which State in which it resides and whether that State upholds a providers’ property interest in reimbursements for services rendered.

The Integrity Social Work Court found that, yes, jurisdiction in federal court was proper because the claims were ancillary to the substantive claims that would be heard by the ALJ. The provider was asking for a temporary stay of the recoupments until an ALJ hearing was concluded. As you read the case, you get false hope on the ruling. In the end, Judge Peggy Kuo found “Nor is the process to contest an overpayment or a recoupment decision arbitrary, outrageous, or even inadequate.”

Respectfully, I disagree. As does half the other courts. See, e.g.Accident, Injury & Rehab., PC v. Azar, No. 4:18-CV-2173 (DCC), 2018 WL 4625791, at *7 (D.S.C. Sept. 27, 2018); Adams EMS, Inc. v. Azar, No. H-18-1443, 2018 WL 3377787, at *4 (S.D. Tex. July 11, 2018); Family Rehab., Inc. v. Azar, No. 3:17-CV-3008-K, 2018 WL 3155911, at *4-5 (N.D. Tex. June 28, 2018). Juxtapose other courts have found that no such property interest exists. See, e.g.Alpha Home Health Solutions, LLC v. Sec’y of United States Dep’t of Health & Human Servs., 340 F. Supp. 3d 1291, 1303 (M.D. Fla. 2018); Sahara Health Care, Inc. v. Azar, 349 F. Supp. 3d 555, 572 (S.D. Tex. 2018); PHHC, LLC v. Azar, No. 1:18-CV-1824, 2018 WL 5754393, at *10 (N.D. Ohio Nov. 2, 2018); In Touch Home Health Agency, Inc. v. Azar, 414 F. Supp. 3d 1177, 1189-90 (N.D. Ill. 2019).

Providers – If you bring a claim to cease the recoupment, also sue on behalf of your Medicare beneficiaries’ property rights to freedom of choice of provider and access to care. Their rights are even stronger than the providers’ rights. I did this in Bader in Indiana and won based on the recipients’ rights.

New Report Points to More Audits of Hospitals

Hospitals across the nation are seeing lower profits, and it’s all because of a sudden, tsunami of Medicare and Medicaid provider audits. Whether it be RAC, MAC, UPIC, or Program Integrity, hospital audits are rampant. Billing errors, especially ‘supposed bundling,’ are causing a high rate of insurance claims denials, hurting the finances of hospitals and providers.

A recent report from American Hospital Association (AHA) found “Under an optimistic scenario, hospitals would lose $53 billion in revenue this year. Under a more pessimistic scenario, hospitals would lose $122 billion thanks to a $64 billion decline in outpatient revenue”*[1]

The “Health Care Auditing and Revenue Integrity—2021 Benchmarking and Trends Report” is an insider’s look at billing and claims issues but reveals insights into health care costs trends and why administrative issues continue to play an outsize role in the nation’s high costs in this area. The data used covers 900+ facilities, 50,000 providers, 1500 coders, and 700 auditors – what could go wrong?

According to the report,

  • 40% of COVID-19-related charges were denied and 40% of professional outpatient audits for COVID-19 and 20% of hospital inpatient audits failed.
  • Undercoding poses a significant revenue risk, with audits indicating the average value of underpayment is $3,200 for a hospital claim and $64 for a professional claim.
  • Overcoding remains problematic, with Medicare Advantage plans and payers under scrutiny for expensive inpatient medical necessity claims, drug charges, and clinical documentation to justify the final reimbursement.
  • Missing modifiers resulted in an average denied amount of $900 for hospital outpatient claims, $690 for inpatient claims, and $170 for professional claims.
  • 33% of charges submitted with hierarchical condition category (HCC) codes were initially denied by payers, highlighting increased scrutiny of complex inpatient stays and higher financial risk exposure to hospitals.

The top fields being audited were diagnoses, present on admission indicator, diagnosis position, CPT/HCPCS coding, units billed, and date of service. The average outcome from the audits was 70.5% satisfactory. So, as a whole, they got a ‘C’.

While this report did not in it of itself lead to any alleged overpayments and recoupments, guess who else is reading this audit and salivating like Pavlov’s dogs? The RACs, MACs, UPICs, and all other alphabet soup auditors. The 900 facilities and 50,000 health care providers need to be prepared for audits with consequences. Get those legal defenses ready!!!!


[1] * https://www.fiercehealthcare.com/hospitals/kaufman-hall-hospitals-close-between-53-and-122b-year-due-to-pandemic