Category Archives: Medicaid Audits

Update on Medicare/Medicaid Audits in the Wake of COVID-19

Published in Today’s Wound Clinic:

When I was asked to draft an article for Today’s Wound Clinic, it was approximately two weeks ago. I was asked to write about the current state of Medicare and Medicaid audits. Specifically, I was asked to provide a legal analysis about CMS suspending audits un-related to COVID-19. In the month of April, we have seen the spike of COVID-19, which has overturned our everyday world. We have been instructed by President Trump to “stay home” and “social distance” to decrease the spread of the virus. This “stay at home” instruction is unprecedented and has uprooted many of our most reliable and commonplace businesses, such as hairdressers, bowling alleys, and tattoo parlors.

Here is the answer: The current state of Medicare/Medicaid audits, at the moment, is dictated by COVID-19.

We can divide the post-COVID-19 audit rules into 3 categories:

  1. Those exceptions published by CMS to apply to all health care providers
  2. Those special, verbal exceptions given directly to an individual provider that were not published by CMS
  3. Effective immediately, new guidelines that CMS will follow until CMS believes it no longer needs to follow (by its own choice, of course).

An example of an “effective immediately” guideline is our current state of Medicare/Medicaid audits in the wake of COVID-19. CMS has not suspended all Medicare/Medicaid regulatory audits. But CMS has suspended most audits.

Effective immediately, survey activity is limited to the following (in Priority Order):

  • All immediate jeopardy complaints (cases that represents a situation in which entity noncompliance has placed the health and safety of recipients in its care at risk for serious injury, serious harm, serious impairment or death or harm) and allegations of abuse and neglect;
  • Complaints alleging infection control concerns, including facilities with potential COVID-19 or other respiratory illnesses;
  • Statutorily required recertification surveys (Nursing Home, Home Health, Hospice, and ICF/IID facilities);
  • Any re-visits necessary to resolve current enforcement actions;
  • Initial certifications;
  • Surveys of facilities/hospitals that have a history of infection control deficiencies at the immediate jeopardy level in the last three years;
  • Surveys of facilities/hospitals/dialysis centers that have a history of infection control deficiencies at lower levels than immediate jeopardy.

See CMS QSO-20-12-ALL. You can see that these “effective immediately” guidelines are usually published on CMS letterhead. The “effective immediately” guidelines explain why CMS is taking the stated action, the stated action, and that the action is temporary and due to COVID-19.

Here are a few recent “effective immediately” guidelines due to COVID-19:

  • On April 27, 2020, CMS said it would no longer expedite Medicare payments to doctors and be more stringent about accelerating the payments to hospitals as Congressional relief aimed at providers reaches $175 billion.
  • The agency is not accepting any new applications for the loans from Part B suppliers, including doctors, non-physician practitioners and durable medical equipment suppliers. CMS will continue to process pending and new requests from Part A providers, including hospitals, but be stricter with application approvals.
  • CMS expanded the Accelerated and Advance Payment Programs in late March as the pandemic continued to gain strength in the U.S. Since then, the agency has approved over 21,000 applications making up $59.6 billion in accelerated payments to Part A providers and almost 24,000 applications making up $40.4 billion in payments for Part B suppliers.

The $2.2 trillion Coronavirus Aid, Relief, and Economic Security stimulus package passed by Congress in March benchmarked $100 billion in funds for hospitals. On Friday, President Donald Trump signed legislation with a second round of emergency funding, called the Paycheck Protection Program and Health Care Enhancement Act, that allocates another $75 billion for providers — roughly three-quarters of what major provider trade associations requested.

An initial $30 billion from the fund was distributed between April 10 and April 17 based on Medicare fee-for-service revenue, sparking criticism that put facilities with a smaller proportion of Medicare business, such as children’s and disproportionate share hospitals, at a disadvantage. HHS on Friday began releasing an additional $20 billion in CARES payments to providers based on their 2018 net patient revenue, with more funding to roll out “soon,” the agency said, including $10 billion for hard-hit areas like New York.

How RAC/MAC auditors are compensated dictates their actions and/or aggressiveness.

RAC Auditors are paid by contingency. They are usually compensated approximately 13%, depending on the State. Imagine what 13% is of 1 million. It is $130,000 – more than most people make in a year. If you do not believe that 13% contingency is enough to incentivize a company, which, in turn, incentivize the employees, then you are sorely mistaken.

RACs were established through a demonstration program under the Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (“MMA”), piloted between 2005 and 2008, and were later made permanent under the Tax Relief and Health Care Act of 2006, which required CMS to establish Recovery Auditors for all states before 2010.

MACs are not compensated by contingency, per se. CMS decided to structure the MAC contracts with 1-year base performance periods and four, optional, 1-year performance periods at the time. The MMA required that these contracts be recompeted at least once every 5 years. The recent enactment of the Medicare Access and CHIP Reauthorization Act of 2015 amended this requirement to authorize a maximum 10-year performance period before MAC contracts must be recompeted. The amendment, which applies to MAC contracts in effect at the time of enactment or entered into on or after enactment, would permit CMS to modify existing MAC contracts or enter into future MAC contracts for 1-year base performance periods and nine optional 1-year performance periods. See Pub. L. No. 114-10, § 509(a)- (b) (April 16, 2015). Therefore, while MACs are not compensated on contingency, MACs are compensated on performance. The less a MAC spends, the more services a MAC allows, the strict oversight a MCA ensues on its providers…all these “performance-based” measures may not be a contingency compensation relationship, but it’s pretty close. Saved money becomes profit for MACs.

Medicare and Medicaid auditors love rules. Even if the rules that auditors are instructed to follow really are not required by actual law. It goes without saying that auditors are not lawyers. Auditors are not trained to decipher whether statutes, regulations or policy are superseded by federal statutes and regulations. The fact is that, more times than one would hope, the auditors are wrong in their assessments that a claim should be denied, not out of malice, but because of a basic misunderstanding of what the law actually requires.

I have all kinds of stories about auditors claiming money is owed, when, really it was not owed because the RAC/MAC auditor failed to follow the actual, correct procedure or misconstrued a regulation. For example, I had a durable medical equipment provider, DME ABC, who was informed by the NSC Supplier Audit and Compliance Unit of Palmetto GBA that it owed $1,075,548.64. Palmetto is one of the MACs for Medicare – durable medical equipment. There was no demand letter. The alleged overpayment amount came to fruition in a telephone conference between the CEO of the company and an employee of Palmetto. Let’s call her Nancy. Nancy told CEO that company owed $1,075,548.64 based on an alleged violation of 42 C.F.R. § 424.58,

Even more disconcerting, was the fact that Palmetto claimed that its alleged, oral overpayment against DME ABC arose from a normal, reoccurring validation process pursuant to 42 C.F.R. §424.57, approved by CMS and in accordance with the requirements of 42 C.F.R. §424.58. No formal letter was necessary was Palmetto’s retort. Not correct; a formal demand letter is always required.

In this case, Palmetto began to backtrack once we pointed out that Palmetto nor Nancy ever sent a formal demand letter with any reconsideration review appeal rights or administrative appeal rights. We knew this was procedurally incorrect because federal law dictates that you receive a formal demand letter with appeal rights and notice of how many days you have to appeal. But out of fear of retribution, DME ABC was willing to write a check without pushing back. Obviously, we did not do so.

I tell this story as an example of how intimidating, scary, and overwhelming auditors can be. If someone off the street asked you for a million dollars, you would laugh them off your doorstep, right? After you tell them to don a mask and maintain social distancing.

But in the new-age world of COVID-19, rules have been broken. This behavior would not be acceptable pre-COVID-19. But this provider honestly was going to pay.

The Trump Administration is issuing an unprecedented array of temporary regulatory waivers and new rules to equip the American healthcare system with maximum flexibility to respond to the 2019 Novel Coronavirus (COVID-19) pandemic.

Pre-COVID-19 if you were to state “paperwork over patients,” everyone in the industry would agree. There would be snickers and eyes rolling, because no one wanted paperwork to be over patients. But it was. Now the mantra has flipped upside down – now the mantra is: Patients over Paperwork.

Post-COVID-19, if documents are lost or misplaced, or otherwise unusable, DME MACs have the flexibility to waive replacements requirements under Medicare such that the face-to-face requirement, a new physician’s order, and new medical necessity documentation are not required. Suppliers must still include a narrative description on the claim explaining the reason why the equipment must be replaced and are reminded to maintain documentation indicating that the DMEPOS was lost, destroyed, irreparably damaged or otherwise rendered unusable or unavailable as a result of the emergency.

Post-COVID-19, CMS is pausing the national Medicare Prior Authorization program for certain DMEPOS items. CMS is not requiring accreditation for newly enrolling DMEPOS and extending any expiring supplier accreditation for a 90-day time period. CMS is waiving signature and proof of delivery requirements for Part B drugs and Durable Medical Equipment when a signature cannot be obtained because of the inability to collect signatures. Suppliers should document in the medical record the appropriate date of delivery and that a signature was not able to be obtained because of COVID-19.

Post-COVID-19, in order to increase cash flow to providers impacted by COVID-19, CMS has expanded the current Accelerated and Advance Payment Program. An accelerated/advance payment is a payment intended to provide necessary funds when there is a disruption in claims submission and/or claims processing. CMS may provide accelerated or advance payments during the period of the public health emergency to any two Medicare providers/suppliers who submits a request to the appropriate MAC and meets the required qualifications. The process of obtaining the funds is a MAC-by-MAC process. Each MAC will work to review requests and issue payments within seven calendar days of receiving the request. Traditionally repayment of these advance/accelerated payments begins at 90 days, however for the purposes of the COVID-19 pandemic, CMS has extended the repayment of these accelerated/advance payments to begin 120 days after the date of issuance of the payment. Providers can get more information on this process here: www.cms.gov/files/document/Accelerated-and-Advanced-Payments-Fact-Sheet.pdf

The Future of Medicare/Medicaid Audits

The beauty of predicting the future is that no one can ever tell you that you are wrong. These are my predictions:

Auditors will deny claims for not having prior authorizations. Auditors will deny claims because the supplier accreditation expired after the 90-day time period. Auditors will deny claims because the percentage of face-to-face time was not met as described per CPT codes.

Obviously, these would be erroneous denials if the denials are within the dates that the COVID-19 pandemic occurred. The problem will be that the auditors will not be able to keep up with all the exceptions, not because the auditors are acting out of malice or dislikes providers. They will be simply trying to do their job. They will simply not be able to take into consideration all the exceptions that were given during the virus. Because, while we do have many written exceptions, if you call CMS with a personal and individualized problem, CMS will, most likely, grant you a needed exception. As long as the exception has the best interest of the consumer at heart. However, this personalized exception will not be written on CMS’s website. In five years, when you undergo a MAC or RAC audit, you better have proof that you received that exception. It will not be enough proof for you to state that you were given the exception over the phone.

So how can you protect yourself from future, erroneous audits?

Write everything down. When you speak to CMS, document concurrently the date, time, name of the person to whom you are speaking, the summary of your conversation, the COVID-19 regulatory exception, sign it and date it.

It is a hearsay exception. Writing down everything does not magically transform your note into the truth. However, writing down everything concurrently does magically allow that note that you wrote to be allowed in a court of law as an exhibit. Had you not written the note contemporaneously with the conversation that you had with CMS, then the attorney on the other side of the case would move to exclude your handwritten or typed note as hearsay.

Hearsay is defined as a statement that (1) the declarant does not make while testifying at the current trial or hearing; and (2) a party offers in evidence to prove the truth of the matter asserted in a statement. There are too many hearsay exceptions to name in this article.

Just know, for purposes of this article, that any health care provider who is relying on an exception to a normally required regulatory mandate – regardless what it is – either be able to: (1) cite the written exception that was published by CMS to the public; or (2) produce the written or typed contemporaneously written note that you wrote to memorialize the conversation.

Knicole Emanuel Appears on the Hospital Finance Podcast – Suspension of Audits

D83B4E86-D9CA-462F-8C54-EDBC90DA00E8

To listen, please click here.

Highlights of this episode include:

  • Background on why CMS will forego all audits unrelated to the coronavirus.
  • What types of audits will CMS continue during the coronavirus pandemic?
  • What providers need to know about complying with current audits, such as TPE audits.
  • How providers can protect themselves by documenting exceptions such as two-day admissions.
  • And more…

Mike Passanante: Hi, this is Mike Passanante and welcome back to the award-winning Hospital Finance Podcast®.

As a result of the COVID-19 crisis, the government has suspended most auditing activities for providers. To sort out what that means for hospitals, I’m joined by Knicole Emanuel. Knicole is an attorney at Potomac Law Group in Raleigh, North Carolina, where she concentrates on Medicare and Medicaid regulatory compliance litigation. Knicole, welcome to the show.

Knicole Emanuel: Thank you and thank you for having me.

Mike: Knicole, the government announced that it is suspending survey activities. Practically what does that mean for providers?

Knicole: Well, so right now because of the Coronavirus, CMS has decided to forego audits that are unrelated to the coronavirus. So actually effective April 3, 2020. The only audits that will be conducted will be those audits that are germane to all immediate Jeopardy complaints. Those kind of cases that represent a situation in which an entities non-compliance has placed the health and safety of recipients in its care at risk for serious injury. So we’re talking about potential serious injury or serious harm.

Another audit that’s going to continue would be complaints alleging infection control concerns because that would obviously be impacted by the coronavirus. Any sort of statutorily required recertification surveys are going to be conducted. I would assume that they’re going to be conducted telephonically. They’re not going to be going on-site and revisits necessary to resolve current enforcement actions. That’s important because when this Coronavirus all came about, there were hundreds and hundreds and hundreds, perhaps thousands upon thousands of healthcare providers already in the middle of TPE audits or RAC audits or MAC audit. And they’d already had on-site visits, they’d already had maybe perhaps a lower accuracy rating. And they’re going to be stuck in this cycle of being stuck in the audit until they can get a resurvey because with this coronavirus the penalties that they’re enduring, whether it’s a suspension of admission, or whether it’s a monetary penalty. These penalties are being administered even if they cannot have a secondary or a revisit of the audit to get them off of the penalty that they’re currently on. So it’s really important that people who are in the middle of audit and when all this came down to get them off of the audit cycle so they can go back to providing care.

Mike: So essentially, there are a number of activities that are suspended. But it’s important for providers to know that there is a subset of activities that will continue even during this period.

Knicole: Correct. But they’re all going to be activities that are of the utmost importance. The items that take lower priority are going to be pushed down.

Mike: Okay, and you mentioned the TPE audits a second ago. So that’s the targeted probe and education. Are they going to continue during this time period as far as you know?

Knicole: Well, so as far as I know, they are not going to continue as in they’re not going to start new TPE audit. Now the question then becomes, “Well, I received a document request a month ago for a TPE audit. Do I need to comply now?” And the conservative safe answer is to go ahead and keep complying with these document requests. Although the deadlines for these document requests, those are going to be extended. I’m sure you’ll be able to get extensions for trying to comply with those. And in reality, if you contact the people who are conducting the audit, you may find that the entire audit in general is put on pause. But don’t assume it’s put on pause. Try to make sure you comply, unless you find out it’s on pause. And if you get something over the email or over a phone that says that your TPE audit is paused currently, follow up with an email and get it in writing. Because future audit, they’re not going to remember that your particular audit was with pause during the coronavirus.

Mike: That’s great advice, Knicole. Do you have any other recommendations for providers as they’re navigating through this time?

Knicole: Yes, I do. There are a number of providers right now that are asking for exceptions, and I can give examples. So for example, in the hospital setting, there are hospitals that are asking for waivers for the inpatient admission standards or the two-day admission, or the moon rules. All those kind of things are asking for exceptions, and a lot of the hospital, A lot of the providers are getting the exceptions they need to allow people to have to stay longer in their hospitals because they have nowhere to discharge them. They can’t go back to their nursing homes where the coronavirus may or may not be. And so, because they’re getting all these exceptions, five years from now when you’re undergoing an audit, no one is going to remember that you had this exception that this particular consumer can stay in my hospital for two extra days or five extra days. And five years from now, you may get audited and say, “Well, you got to recoup all this money because you let them stay in for too long of a time.” When in reality, you are given an exception, write all the exceptions down. Keep one place, keep a computer program, keep a hard copy, whatever you want to do, and notebook, if that you want to get down to not having any technology involved. But keep track of all of these exceptions that you get as little as they may be because if you’re getting an exception for one person, and that one person can stay longer than the two-day allowance for the outpatient stays, and you multiply that by, okay, well, now you’ve got to take that exception and extrapolate it again, 200 people over the course of a year, that’s a lot of money we’re talking about. So you need to make sure you keep track of all the exceptions, no matter how small. And keep track of them somewhere that you’re not going to lose them. If your attrition rate is high with executives, you need to make sure that the next people in line had that knowledge so that in future audit, you can explain that you did not abide by the regulations for good reason. You had an exception, but no one’s keeping track of all these exceptions.

Mike: And so, it’s great advice, Knicole. And I know you’ve got a great blog of your own that people can follow. If people wanted to read more about what’s going on here on that blog or get in touch with you, how can they do that?

Knicole: Well, you’re more than welcome to go onto my blog, which is Medicare and Medicaid law. It is at medicaidlawnc.com. You can also contact me at any time. I’m at Potomac Law Group. I help providers across the country and not only in North Carolina, but in 33 states. And so, I am pretty well versed on all the exceptions that I’m seeing. It’s really fast-paced right now. It’s scary. It’s surreal. But it is really important to make sure that everything is written down because in the future– I mean, that old saying that old adage for nurses, if it’s not written, it doesn’t exist, is really going to matter in the future years.

Mike: Knicole, thanks for adding some clarity around this very complex issue. We appreciate you coming back to the show today.

Knicole: Absolutely. Thank you.

Suspension of Audits During the Coronavirus?

49B70E0C-5089-4D23-925D-54A09DC51563

Effective immediately, survey activity is limited to the following (in Priority Order):

  • All immediate jeopardy complaints (cases that represents a situation in which entity noncompliance has placed the health and safety of recipients in its care at risk for serious injury, serious harm, serious impairment or death or harm) and allegations of abuse and neglect;
  • Complaints alleging infection control concerns, including facilities with potential COVID-19 or other respiratory illnesses;
  • Statutorily required recertification surveys (Nursing Home, Home Health, Hospice, and ICF/IID facilities);
  • Any re-visits necessary to resolve current enforcement actions;
  • Initial certifications;
  • Surveys of facilities/hospitals that have a history of infection control deficiencies at the immediate jeopardy level in the last three years;
  • Surveys of facilities/hospitals/dialysis centers that have a history of infection control deficiencies at lower levels than immediate jeopardy.

See CMS QSO-20-12-ALL.

Obviously, there are so many questions. Providers across the country are asking whether they need to comply with document requests. Are TPE audits continuing? Do they need to comply with ongoing ADRs?

Every bulletin that CMS publishes instigates more detailed and complex questions. With all these relaxed guidelines, won’t RACs, etc. have a field day when this is all over? Of course they will.

General Recommendations:

  • Be proactive.
  • Document everything.
  • Deadlines will be extended.
  • Exceptions will be made.
  • Keep all email correspondence.
  • Maintain copies of everything that you submit. (Do not rely on electronic computer software programs).
  • Keep track of CMS updates.

Email me questions, and I will try to respond.

Also, feel free to reach out to the government: QSOG_EmergencyPrep@cms.hhs.gov.

Effective date: 30 days from the memo, which equals April 3, 2020.

 

 

Inconsequential Medicare Audits Could Morph into a Whopper of a Whale

Emergency room physicians or health care providers are a discrete breed – whales in a sea of fish. Emergency room doctors have – for the most part – been overlooked by the RAC auditors or TPE, ZPIC, or MAC auditors. Maybe it’s because, even RAC auditors have children or spouses that need ER services from time to time. Maybe it’s because ER doctors use so many different billers. Normally, an ER doctor doesn’t know which of his or her patients are Medicaid or Medicare. When someone is suffering from a a broken leg or heart attack, the ER doctor is not going to stop care to inquire whether the patient is insured and by whom. But should they? Should ER doctors have to ask patients their insurer? If the answer includes any sort of explanation that care differs depending on whether someone is covered by Medicare or Medicaid or has private insurance, then, sadly, the answer may be yes.

ER doctors travel to separate emergency rooms, which are owned by various and distinct entities, and rely on individual billing companies. They do not normally work at only one hospital. Thus, they do not always have the same billers. We all know that not all billers are created equal. Some are endowed with a higher understanding of billing idiosyncrasies than others.

For example, for CPT codes 99281-99285 – Hospital emergency department services are not payable for the same calendar date as critical care services when provided by the same physician or physician group with the same specialty to the same patient. 

We all know that all hospitals do not hire and implement the same billing computer software programs. The old adage – “you get what you pay for” – may be more true than we think. Recent articles purport that “the move to electronic health records may be contributing to billions of dollars in higher costs for Medicare, private insurers and patients by making it easier for hospitals and physicians to bill more for their services, whether or not they provide additional care.” – Think a comment like that would red-flag ER doctors services by RAC, MAC and ZPIC auditors? The white whale may as well shoot a water spray 30 feet into the air.

Will auditing entities begin to watch ER billing more closely? And what are the consequences? When non-emergency health care providers are terminated by Medicare, Medicaid, or a MAC or MCO’s network, there is no emergency – by definition. Juxtapose, the need for ER health care providers. ER rooms cannot function with a shortage of  physicians and health care providers. Even more disturbing is if the termination is unwarranted and seemingly inconsequential – only affecting under 4 surgeries per month – but acts as the catalyst for termination of Medicare, Medicaid, and private payors across the board.

I have a client named Dr. Ishmael. His big fish became the MAC Palmetto – very suddenly. Like many ER docs, he rotates ERs. He provides services for Medicare, Medicaid, private pay, uninsured – it doesn’t matter to him, he is an ER doctor. He gets a letter from one MAC. In this case, it was Palmetto. Interestingly enough, Palmetto is his smallest insurance payor. Maybe 2 surgeries a month are covered by Palmetto. 90% of his services are provided to Medicaid patients. Not by his choice, but by demographics and circumstance. The letter from Palmetto states that he is being excluded from Palmetto’s Medicare network, effective in 10 days. He will also be placed on the CMS preclusion list in 4 months.

We appeal through Palmetto, as required. But, in the meantime, four other MACs, State Medicaid and BCBS terminate Dr. Ishmael’s billing privileges for Medicare and Medicaid based on Palmetto’s decision. Remember, we are appealing Palmetto’s decision as we believe it is erroneous. But because of Palmetto’s possibly incorrect decision to terminate Dr. Ishmael’s Medicare billing privileges, all of a sudden, 100% of Dr. Ishmael’s services are nonbillable and nonreimburseable…without Dr. Ishmael or the hospital ever getting the opportunity to review and defend against the otherwise innocuous termination decision.

Here, the hospital executives, along with legal counsel, schedule meetings with Dr. Ishmael. “They need him,” they say. “He is important,” they say. But he is not on the next month’s rotation. Or the next.

They say: “Come and see if ye can swerve me. Swerve me? ye cannot swerve me, else ye swerve yourselves! man has ye there. Swerve me?”

Billing audits on ER docs for Medicare/caid compliance are distinctive processes, separate from other providers’ audits. Most providers know the insurance of the patient to whom they are rendering services. Most providers use one biller and practice at one site. ER docs have no control over the choice of their billers. Not to mention, the questions arises, who gets to appeal on behalf the ER provider? Doesn’t the hospital reap the benefit of the reimbursements?

But one seemingly paltry, almost, minnow-like, audit by a cameo auditor can disrupt an entire career for an ER doc. It is imperative to act fast to appeal in the case of an ER doc.  But balance speed of the appeal with the importance of preparing all legal arguments. Most MACs or other auditing entities inform other payors quickly of your exclusion or termination but require you to put forth all arguments in your appeal or you could waive those defenses. I argue against that, but the allegations can exist nonetheless.

The moral of the story is ER docs need to appeal and appeal fast when billing privileges are restricted, even if the particular payor only constitutes 4 surgeries a month. As Herman Melville said: “I know not all that may be coming, but be it what it will, I’ll go to it laughing.” 

Sometimes, however, it is not a laughing matter. It is an appealable matter.

State Agencies Must Follow the State Medicare Plan! Or Else!

Accused of an alleged overpayment? Scrutinize the Department’s procedure to determine that alleged overpayment. One step out of line (in violation of any pertinent rule) by the Department and the overpayment is dismissed.

Ask yourself: Did the State follow Medicare State Plan Agreement? (The Plan germane in your State).

In a Mississippi Supreme Court case, the Mississippi Department of Medicaid (“DOM”) alleged that a hospital owed $1.2226 million in overpayments. However, the Court found that DOM failed to follow proper procedure in assessing the alleged overpayment. Since the DOM failed to follow the rules, the $1.2226 million alleged overpayment was thrown out.

The Court determined that the DOM, the single state agency charged with managing Medicare and Medicaid, must follow all pertinent rules otherwise an alleged overpayment will be thrown out.

Two cases premised on the notion that the DOM must follow all pertinent rules were decided in MS – with polar opposite endings.

  • Crossgates River Oaks Hosp. v. Mississippi Div. of Medicaid, 240 So. 3d 385, 388 (Miss. 2018); and
  • Cent. Mississippi Med. Ctr. v. Mississippi Div. of Medicaid, No. 2018-SA-01410-SCT, 2020 WL 728806, at *2–3 (Miss. Feb. 13, 2020).

In Crossgates, the hospitals prevailed because the DOM had failed to adhere to the Medicare State Plan Agreement. Applying the same legal principles in Cent. MS Med. Ctr, the DOM prevailed because the DOM adhered to the Medicaid State Plan.

It is as simple as the childhood game, “Simon Says.” Do what Simon (State Plan) says or you will be eliminated.

Crossgates

In the 2018 MS Supreme Court case, the Court found that the MS Department failed to follow the Medicare State Plan Agreement in determining an overpayment for a provider, which meant that the overpayment alleged was arbitrary. The thinking is as follows: had the Department followed the rules, then there may not be an overpayment or the alleged overpayment would be a different amount. Since the Department messed up procedurally, the provider got the whole alleged overpayment dismissed from Court. It is the “fruit of the poisonous tree” theory. See Crossgates River Oaks Hosp. v. Miss. Div. of Medicaid, 240 So. 3d 385 (Miss. 2018).

While Courts generally afford great deference to an agency’s interpretation of its regulations, once the agency violates a procedural rule, it is not entitled to that deference. The Court found that the DOM’s interpretation of Attachment 4.19–B of the State Plan was inconsistent with the relevant regulation. Crossgates River Oaks Hosp. v. Mississippi Div. of Medicaid, 240 So. 3d 385, 388 (Miss. 2018).

Throughout these proceedings, the DOM never articulated an explanation for its failure to exclude the radiology and laboratory charges or for its use of a blended rate in place of actual costs, absent altering or amending the State Plan. The clear language of the State Plan establishes that DOM’s choice to reduce payments to the Hospitals was arbitrary, capricious, and not supported by substantial evidence.

Central MS Medical Center

Juxtapose the Central Mississippi Medical Center case, which, by the way has not been released for publication. Atop the header for the case is the following warning:

“NOTICE: THIS OPINION HAS NOT BEEN RELEASED FOR PUBLICATION IN THE PERMANENT LAW REPORTS. UNTIL RELEASED, IT IS SUBJECT TO REVISION OR WITHDRAWAL.”

With that caveat, the MS Supreme Court held that Medicaid State Plans that are accepted by CMS reign supreme and must be followed. In this case, the MS State Plan required the DOM to use the Medicare Notice of Program Reimbursement (NPR) to establish the final reimbursement.

According to the Supreme Court, the agency followed the rules. Thus, the agency’s adverse determination was upheld. It does not matter what the adverse determination was – you can insert any adverse determination into the equation. But the equation remains stedfast. The State must follow the State Plan in order to validate any adverse decision.

Inconsequential Medicare Audits Could Morph into a Whopper of a Whale

Emergency room physicians or health care providers are a discrete breed – whales in a sea of fish. Emergency room doctors have – for the most part – been overlooked by the RAC auditors or TPE, ZPIC, or MAC auditors. Maybe it’s because, even RAC auditors have children or spouses that need ER services from time to time. Maybe it’s because ER doctors use so many different billers. Normally, an ER doctor doesn’t know which of his or her patients are Medicaid or Medicare. When someone is suffering from a a broken leg or heart attack, the ER doctor is not going to stop care to inquire whether the patient is insured and by whom. But should they? Should ER doctors have to ask patients their insurer? If the answer includes any sort of explanation that care differs depending on whether someone is covered by Medicare or Medicaid or has private insurance, then, sadly, the answer may be yes.

ER doctors travel to separate emergency rooms, which are owned by various and distinct entities, and rely on individual billing companies. They do not normally work at only one hospital. Thus, they do not always have the same billers. We all know that not all billers are created equal. Some are endowed with a higher understanding of billing idiosyncrasies than others.

For example, for CPT codes 99281-99285 – Hospital emergency department services are not payable for the same calendar date as critical care services when provided by the same physician or physician group with the same specialty to the same patient. 

We all know that all hospitals do not hire and implement the same billing computer software programs. The old adage – “you get what you pay for” – may be more true than we think. Recent articles purport that “the move to electronic health records may be contributing to billions of dollars in higher costs for Medicare, private insurers and patients by making it easier for hospitals and physicians to bill more for their services, whether or not they provide additional care.” – Think a comment like that would red-flag ER doctors services by RAC, MAC and ZPIC auditors? The white whale may as well shoot a water spray 30 feet into the air.

Will auditing entities begin to watch ER billing more closely? And what are the consequences? When non-emergency health care providers are terminated by Medicare, Medicaid, or a MAC or MCO’s network, there is no emergency – by definition. Juxtapose, the need for ER health care providers. ER rooms cannot function with a shortage of  physicians and health care providers. Even more disturbing is if the termination is unwarranted and seemingly inconsequential – only affecting under 4 surgeries per month – but acts as the catalyst for termination of Medicare, Medicaid, and private payors across the board.

I have a client named Dr. Ishmael. His big fish became the MAC Palmetto – very suddenly. Like many ER docs, he rotates ERs. He provides services for Medicare, Medicaid, private pay, uninsured – it doesn’t matter to him, he is an ER doctor. He gets a letter from one MAC. In this case, it was Palmetto. Interestingly enough, Palmetto is his smallest insurance payor. Maybe 2 surgeries a month are covered by Palmetto. 90% of his services are provided to Medicaid patients. Not by his choice, but by demographics and circumstance. The letter from Palmetto states that he is being excluded from Palmetto’s Medicare network, effective in 10 days. He will also be placed on the CMS preclusion list in 4 months.

We appeal through Palmetto, as required. But, in the meantime, four other MACs, State Medicaid and BCBS terminate Dr. Ishmael’s billing privileges for Medicare and Medicaid based on Palmetto’s decision. Remember, we are appealing Palmetto’s decision as we believe it is erroneous. But because of Palmetto’s possibly incorrect decision to terminate Dr. Ishmael’s Medicare billing privileges, all of a sudden, 100% of Dr. Ishmael’s services are nonbillable and nonreimburseable…without Dr. Ishmael or the hospital ever getting the opportunity to review and defend against the otherwise innocuous termination decision.

Here, the hospital executives, along with legal counsel, schedule meetings with Dr. Ishmael. “They need him,” they say. “He is important,” they say. But he is not on the next month’s rotation. Or the next.

They say: “Come and see if ye can swerve me. Swerve me? ye cannot swerve me, else ye swerve yourselves! man has ye there. Swerve me?”

Billing audits on ER docs for Medicare/caid compliance are distinctive processes, separate from other providers’ audits. Most providers know the insurance of the patient to whom they are rendering services. Most providers use one biller and practice at one site. ER docs have no control over the choice of their billers. Not to mention, the questions arises, who gets to appeal on behalf the ER provider? Doesn’t the hospital reap the benefit of the reimbursements?

But one seemingly paltry, almost, minnow-like, audit by a cameo auditor can disrupt an entire career for an ER doc. It is imperative to act fast to appeal in the case of an ER doc.  But balance speed of the appeal with the importance of preparing all legal arguments. Most MACs or other auditing entities inform other payors quickly of your exclusion or termination but require you to put forth all arguments in your appeal or you could waive those defenses. I argue against that, but the allegations can exist nonetheless.

The moral of the story is ER docs need to appeal and appeal fast when billing privileges are restricted, even if the particular payor only constitutes 4 surgeries a month. As Herman Melville said: “I know not all that may be coming, but be it what it will, I’ll go to it laughing.” 

Sometimes, however, it is not a laughing matter. It is an appealable matter.

HIPAA Penalties on the Rise and New HIPAA Penalties Reduced

HIPAA mandates the privacy of private health care records. HIPAA is a serious issue, both financially and in the risk-management aspect, for health care providers. Providers need to delegate annual funds to the defense of regulatory audits proactively – before the actual adverse action occurs. Because it’s not an “if;” it’s a “when,” when you accept Medicare/caid. In the Medicare/caid world, HIPAA violations can catastrophically render a company dead for an infraction. In the current days of technical, daily advances and allegations of cybersecurity breaches, health care providers must be cognizant of cyber criminals, their intent, their modus operandi, and what personal/company information is valuable to such criminals. The HIPAA statutes are vague and lack detailed explanations as to penalties.

In 2018, the Office for Civil Rights (OCR) issued a record-breaking $28 million in fines for HIPAA violations. The number of health care providers currently under investigation by HHS, in 2019, will be another record-breaking number.

As more and more data is maintained on computer systems, the more and more accessible the information becomes to potential scammers. In 2017, the number of cyber attacks increased exponentially to 5,207. There is actually an itemization as to how many of the attacks were germane to health care; health care breaches accounted for 8.5% of all breaches. 2.3 billion health care records have been exposed. This isn’t new. In 2015, the most healthcare records ever were breached. 113 million healthcare records were exposed that year. Now, in 2019, we may witness an all-time-high.

2019-05-01 -- IMG 2009-2018-healthcare-data-breaches-1

Human error is the number 1 reason for HIPAA violations. Employees gossiping and disclosing private health care information among each other is another culprit, along with social media and lack of training.

The largest individual HIPAA settlement was reached in October 2018, when OCR fined health insurer Anthem $16 million.

The oxymoron is that the government (Medicare/caid) and private payors are pushing for collaborative health care and the sharing of health care records amongst varying providers. Yet the possible HIPAA breaches increase with collaboration.

In April 2019, HHS randomly selected 9 HIPAA-covered entities—a mix of health plans and clearinghouses—for Compliance Reviews. The CMS Division of National Standards, on behalf of HHS, has launched a volunteer Provider Pilot Program to test the compliance review process.

The Trump administration has interpreted HIPAA penalties differently than the Obama administration did. Now HHS will apply a different cumulative annual CMP limit for the four penalties tiers in the Health Information Technology for Economic and Clinical Health (HITECH) Act.

There are four tiers of HIPAA violation severity outlined in the HITECH Act, based on the violator’s level of culpability:

Screen Shot 2019-05-02 at 11.41.11 AM

Under the Obama administration, the annual limit for each tier was $1.5 million.

HIPAA penalties are appealable and with the disparate amount of penalties, it is well worth the time and expense to appeal.

 

New Mexico Leads the Nation in Ground-Breaking Legislation in Support of Medicaid Providers

“Gov. Michelle Lujan Grisham signed into law this week a bill (SB41) that ensures service providers accused of overbilling or defrauding Medicaid can review and respond to allegations of wrongdoing before state action is taken.” – Tripp Jennings, New Mexico In Depth.

For those of you who don’t know, in 2013, the State of New Mexico, suspended the Medicaid reimbursements of 15 behavioral health care providers based on “credible allegations of fraud.” 42 CFR 455.23. The Attorney General eventually determined that no fraud existed as to ANY of the 15 behavioral health care providers. These providers constituted 87.5% of the behavioral health care providers in New Mexico, which is predominantly Medicaid and has the highest suicide rate of any state, if you consider the Native American population.

There was no due process. The providers were informed of the immediate Medicaid suspension in a group meeting without ever being told what exactly the “fraud” was that they allegedly committed. They were informed by, then assistant Attorney General, Larry Hyeck, that fraud existed and because of the ongoing investigation nothing could be divulged to those accused. Supposedly, the evidence for such “fraud” was based on an independent audit performed by Public Consulting Group (PCG). However, according to testimony from an employee of PCG at the administrative hearing of The Counseling Center (one of the 15 accused behavioral health care providers), PCG was not allowed by the Human Services Department of NM (HSD) to complete its audit. According to this employee’s testimony, it is PCG’s common practice to return to the providers which are the subject of the audit a 2nd or even 3rd time to ensure that all the relevant documents were collected and reviewed. Human error and the sheer amount of medical records involved in behavioral health care suggest that a piece of paper or two can be overlooked, especially because this audit occurred in 2013, before most of the providers had adopted electronic medical record systems. Add in the fact that PCG’s scanners were less than stellar and that the former Governor Susan Martinez, Optum’s CEO, and the HSD Secretary -at the time- had already vetted 5 Arizona companies to overtake the 15 NM behavioral health care companies – even prior to PCG’s determination – and the sum equals a pre-determined accusation of fraud. PCG’s initial report stated that no credible allegations of fraud existed. However, PCG was instructed to remove that sentence.

Almost all the providers were forced out of business. The staff were terminated or told to be employed by the new 5 AZ companies. The Medicaid recipients lost their mental health services. One company remained in business because they paid the State for fraud that they never committed. Another company held on by a very thin thread because of its developmental disability services. But the former-CEO became taxed and stepped down and many more left or were let go. The 13 other providers were financially ruined, including the largest behavioral health care provider in NM, which serviced over 700 Medicaid recipients and employed hundreds of clinical staff. It had been servicing NM’s poor and those in need of mental health services for over 30 years. Another company had been in business over 40 years (with the same CEO). The careers and live’s work were crumbled in one day and by one accusation that was eventually proven to be wrong.

No one ever foresaw this amount of abuse of discretion to occur by government agents.

Now, today, in 2019, the new Governor of NM, Gov. Michelle Lujan Grisham, signed a law introduced by Senator Mary Kay Papen, a long proponent and advocate that the 15 behavioral health care providers were unjustly accused and forced out of business, that will protect Medicaid providers in NM from ever being subjected to the unjust and arbitrary suspension of Medicaid funds and unfounded allegations of Medicaid fraud.

Even though 42 C.F.R. 455.23 requires a state to suspend Medicaid funding upon “credible allegations of fraud,” NM has taken the first step toward instituting a safeguard for Medicaid providers. Already too few health care providers accept Medicaid – and who can blame them? The low reimbursement rates are nothing compared to the regulatory scrutiny that they undergo merely for accepting Medicaid.

NM SB41 contradicts the harsh language of 42 CFR 455.23, which mandates that a State “must” suspend payments upon a credible allegation of fraud. NM SB41 provides due process for Medicaid providers accused of fraud. Which begs the question – why hasn’t anyone brought a declaratory action to determine that 42 CFR 455.23 violates due process, which happens to be a constitutional right?

Part of the due process enacted by New Mexico is that a suspension of Medicaid reimbursements should be released upon a post of a surety bond and that the posting of a surety bond shall be deemed good cause to not suspend payments during the investigation. Although the new law also states that the Medicaid reimbursement suspension must be released within 10 days of the posting of the surety bond “in the amount of the suspended payment.” After 4 administrative hearings in New Mexico, I can assure you that the provider and HSD will have two disparate views of the “amount of the suspended payment.” And by disparate, I mean REALLY disparate.

Regardless, I view this new law as a giant leap in the direction of the Constitution, which was actually enacted in 1789. So is it apropos that 230 years later NM is forced to enact a law that upholds a legal right that was written and enacted into law 230 years ago?

Thank you, Gov. Michelle Lujan Grisham, Senator Papen, Patsy Romero, and Shawn Mathis for your amazing effort on getting this legislation passed.

And – look forward to my webcast on RACMonitor on Monday, April 8, 2019, detailing how courts across the country are revising their views and granting federal injunctions stopping premature recoupments when a Medicare/caid provider is accused of an overpayment. Due process is on a come-back.

United Behavioral Health SLAMMED by Judge for Improperly Denying Behavioral Health Care Services

We have had parity laws between mental and physical health care services on the books for years. Regardless of the black letter law, mental health health care services have been treated with stigma, embarrassment, and of lesser importance than physical health care services. A broken leg is easily proven by an X-Ray; whereas a broken mind is less obvious.

In an unprecedented Decision ripe with scathing remarks against Optum/United Behavioral Health’s (UBH) actions, a Court recently ruled that UBH improperly denied mental health services to insureds and that those improper denials were financially-driven. A slap-on-the-wrist, this Decision was not. More of a public whipping.

In a 106-page opinion, the US District Court, Northern District of California, slammed UBH in a blistering decision finding that UBH purposely and improperly denied behavioral health care benefits to thousands of mentally ill insureds by utilizing overly restrictive guidelines. This is a HUGE win for the mental health community, which often does not receive the parity of services (of physical health) that it is legally is entitled. U.S. Chief Magistrate Judge Joseph Spero spared no political correctness in his mordacious written opinion, which is rarity in today’s vitriolic world.

2019- Spero

The Plaintiffs filed a lawsuit under the Employee Retirement Income Security Act of 1974 (ERISA), saying the insurer denied benefits in violation of the terms of their insurance plans and state law. The Plaintiffs consisted of participants in UBH health care plans and who were denied mental health care services.

Judge Spero found United Behavioral’s guidelines were influenced by financial incentives concerning fully-funded and self-funded ERISA plans:

“While the incentives related to fully insured and self-funded plans are not identical, with respect to both types of plan UBH has a financial interest in keeping benefit expense down … [A]ny resulting shortcomings in its Guideline development process taints its decision-making as to both categories of plan because UBH maintains a uniform set of Guidelines for fully insured and self-funded plans … Instead of insulating its Guideline developers from these financial pressures, UBH has placed representatives of its Finance and Affordability Departments in key roles in the Guidelines development process throughout the class period.”

Surprisingly, this decision came out of California, which is notoriously socially-driven. Attorneys generally avert their eyes when opinions come from the 9th District.

Judge Spero found that UBH violated “generally accepted standards of care” to administer requests for benefits.

The Court found that “many mental health and substance use disorders are long-term and chronic.” It also found that, in questionable instances, the insurance company should err on the caution of placing the patient in a higher level of care. The Court basically cited the old adage – “Better safe than sorry,” which seems a pretty darn good idea when you are talking about mental health. Just ask Ted Bundy.

Even though the Wit Decision involved private pay insurance, the Court repeatedly cited to the Center for Medicare and Medicaid Services’ (CMS) Manual. For example, the Court stated that “the CMS Manual explains, [f]or many . . . psychiatric patients, particularly those with long-term, chronic conditions, control of symptoms and maintenance of a functional level to avoid further deterioration or hospitalization is an acceptable expectation of improvement.” It also quoted ASAM criteria as generally accepted standards, as well as LOCUS, which tells me that the law interprets the CMS Manual, ASAM criteria, and LOCUS as “generally accepted standards,” and not UBH’s or any other private pay insurance’s arbitrary standards. In fact, the Court actually stated that its decision was influenced by the fact that UBH’s adopted many portions of CMS’ Manual, but drafted the language in a more narrow way to ensure more denials of mental health benefits.

The Court emphasized the importance of ongoing care instead of acute care that ceases upon the end of the acute crisis. The denial of ongoing care was categorized as a financial decision. The Court found that UBH’s health care policy “drove members to lower levels of care even when treatment of the member’s overall and/or co-occurring conditions would have been more effective at the higher level of care.”

The Wit decision will impact us in so many ways. For one, if a State Medicaid program limits mental health services beyond what the CMS Manual, ASAM criteria, or LOCUS determines, then providers (and beneficiaries) have a strong legal argument that the State Medicaid criteria do not meet generally accepted standards. Even more importantly, if the State Medicaid policies do NOT limit mental health care services beyond what the CMS Manual, ASAM criteria, and LOCUS defines, but an agent of the State Medicaid Division; i.e, a managed care organization (MCO) deny mental health care services that would be considered appropriate under the generally accepted standards, then, again, both providers and beneficiaries would have strong legal arguments overturning those denials.

I, for one, hope this is a slippery slope…in the right direction.

 

New Revisions to the Additional Documentation Request (ADR) Process

The ADR rule went into effect Jan. 1, 2019. Original blog post published March 6, 2019, on RACMonitor.

The Centers for Medicare & Medicaid Services (CMS) has updated its criteria for additional document requests (ADRs). If your ADR “cycle” is less than 1, CMS will round it up to 1.

What is an ADR cycle?

When a claim is selected for medical review, an ADR is generated requesting medical documentation be submitted to ensure payment is appropriate. Documentation must be received by CGS (A Celerian Group Company)  within 45 calendar days for review and payment determination. Any selected and submitted claim can create an ADR. In other words, a provider is asked to prove that the service was rendered and that the billing was compliant.

It is imperative to understand that you, as the provider, check the Fiscal Intermediary Standard System (FISS) status/location S B6001. Providers are encouraged to use FISS Option 12 (Claim Inquiry) to check for ADRs at least once per week. You will not receive any other form of notification for an ADR.

To make matters even more confusing, there are two different types of ADRs: medical review (reason code 39700) and non-medical review (reason code 39701).

An ADR may be sent by CGS, Zone Program Integrity Contractors (ZPICs), Recovery Audit Contractors (RACs), Supplemental Medical Review Contractors (SMRCs), the Comprehensive Error Rate Testing (CERT) contractor, etc. When a claim is selected for review or when additional documentation is needed to complete the claim, an ADR letter is generated requesting that documentation and/or medical records be submitted.

The ADR process is essentially a type of prepayment review.

A baseline annual ADR limit is established for each provider based on the number of Medicare claims paid in the previous 12-month period that are associated with the provider’s six-digit CMS Certification Number (CCN) and the provider’s National Provider Identifier (NPI) number. Using the baseline annual ADR limit, an ADR cycle limit is also established.

After three 45-day ADR cycles, CMS will calculate (or recalculate) a provider’s denial rate, which will then be used to identify a provider’s corresponding “adjusted” ADR limit. Auditors may choose to either conduct reviews of a provider based on their adjusted ADR limit (with a shorter lookback period) or their baseline annual ADR limit (with a longer lookback period).

The baseline, annual ADR limit is one-half of one percent of the provider’s total number of paid Medicare service types for which the provider had reimbursed Medicare claims.

Effective Jan. 1, 2019, providers whose ADR cycle limit is less than 1, even though their annual ADR limit is greater than 1, will have their ADR cycle limit round up to 1 additional documentation request per 45 days, until their annual ADR limit has been reached.

For example, say Provider ABC billed and was paid for 400 Medicare claims in a previous 12-month period. The provider’s baseline annual ADR limit would be 400 multiplied by 0.005, which is two. The ADR cycle limit would be 2/8, which is less than one. Therefore, Provider ABC’s ADR cycle limit will be set at one additional documentation request per 45 days, until their annual ADR limit, which in this example is two, has been reached. In other words, Provider ABC can receive one additional documentation request for two of the eight ADR cycles, per year.

ADR letters are sent on a 45-day cycle. The baseline annual ADR limit is divided by eight to establish the ADR cycle limit, which is the maximum number of claims that can be included in a single 45-day period. Although auditors may go more than 45 days between record requests, in no case shall they make requests more frequently than every 45 days.

And that is the update on ADRs. Remember, the rule changed Jan. 1, 2019.