Category Archives: Medicare Administrative Contractor
Post-COVID Medicare and Medicaid Provider Audits Are Here!
My esteemed colleagues with curious minds, today we embark on a journey into the complex world of Medicare and Medicaid provider audits, specifically orchestrated by the enigmatic entities known as Recovery Audit Contractors, or RACs. The dates of service (DOS) during COVID are specifically being targeted, and I’ve seen an uptick. With the plethora of exceptions, you need a specialized attorney.
Picture this: You’re a healthcare provider, diligently navigating the seas of Medicare and Medicaid reimbursement. All of a sudden, a tempest approaches – the Recovery Audit Contractors or RACs. These are the bounty hunters of the healthcare world, commissioned to recoup improper payments and ensure the ship of government healthcare funding stays afloat. And paid by contingency creating a financial incentive that some may call bias. The RACs even have the authority to extrapolate, making alleged overpayments to skyrocket, increasing its profit.
Now, you might wonder, “How do these RACs operate, and what laws govern their actions?” Well, let me shed some light on that. The Medicare RAC program was born out of the Tax Relief and Health Care Act of 2006, a legislative “masterpiece” that empowered RACs to review Medicare and Medicaid payments and, when necessary, claw back funds. It’s like having financial watchdogs on the prowl, ensuring taxpayer dollars are spent wisely.
A hospital client of mine provided outpatient services and billed Medicare for reimbursement during COVID. A RAC, armed with their legal authority, started scrutinizing these claims. Suddenly, the RAC believes that the hospital has been billing for services that don’t meet the necessary criteria. I love how RAC auditors without medical licenses purport to determine medical necessity for physicians. I hope you hear the sarcasm. The RAC alleged “upcoding” – alleging services were billed at a higher complexity than they actually were. The RACs, acting within the confines of the law, swoop in to recover those overpayments, ensuring the taxpayer’s purse strings are untangled.
We all know RACs are not infallible. Hopefully, you know this if you are a longtime reader. RACs mistakenly identify an overpayment or misinterpret complex healthcare regulations. That’s where the appeal process becomes crucial. The Medicare appeals process, defined under the Social Security Act, provides a right for providers to challenge RAC decisions. It’s a legal battleground where the provider can present evidence, argue their case, and seek justice against the RAC’s findings.
Now, let’s consider the Medicaid realm. The Medicaid RAC program, established by the Affordable Care Act in 2010, mirrors its Medicare counterpart. These RACs operate at the state level, conducting audits to identify and recover improper Medicaid payments. It’s like a dual-front war on wasteful spending, both federally and within individual states. Again, DOS during COVID are at issue.
For a concrete example, let’s imagine a nursing home submitting claims to Medicaid for resident services. The state-level Medicaid RAC, acting under the Affordable Care Act’s provisions, reviews these claims. If they discover discrepancies – perhaps services billed without proper documentation or purportedly unsupported by medical necessity – the RAC, wielding its legal mandate, initiates the recovery process.
The RACs, armed with the legislative might of the Tax Relief and Health Care Act and the Affordable Care Act, play a crucial role in safeguarding the integrity of Medicare and Medicaid reimbursements. While their actions may feel like storms to providers, it’s essential to recognize the checks and balances in place, including the appeals process, to ensure fairness and accuracy in the audit battlefield. As we navigate the seas of healthcare reimbursement, may our compass be true, our documentation impeccable, and our understanding of the law unwavering.
RAC Audits Are BOO-Very Scary, and, Sometimes, Are DEAD wrong!
For Monitor Monday, today, October 30, 2023, I dressed up as a RAC auditor. BOO!!! I get a spooky 13.5% commission for overzealous auditing tactics. RAC auditors come in every shape and size, color or gender.
In my experience, RACs are garishly incorrect in their assessments. I will reveal three, real life examples where these audit contractors accused healthcare providers of owing money but were found to be dead wrong:
Example 1 – Medical Necessity quibbles:
In a haunting case involving a hospital, the RAC alleged that certain cardiac procedures were billed inappropriately, citing concerns about the medical necessity of these services. They claimed the hospital should refund a repugnant amount for these procedures. However, upon closer examination and an appeal process, it was revealed that the services were indeed medically necessary and aligned with the standard protocols. The ghastly RAC’s accusation was disproven, and the hospital was not required to return any funds. Spine-tingling!
Example 2 – Improper Coding of Diagnosis:
A healthcare provider, particularly a large physician group, was accused by the RAC of using suspicious, improper diagnostic codes, leading to overbilling for certain services provided to Medicare and Medicaid beneficiaries. After a thorough internal audit, it was determined that the codes used were accurate and supported by the patient’s medical records. The RAC’s allegations were unfounded, and no repayment was required. Suspicious. A haunting reminder to spook audits.
Example 3 – Alleged Duplicate Billing:
In a murderous case involving a nursing facility, the RAC identified what they believed were instances of duplicate billing for certain procedures and services. Upon further review, it was revealed that the billing discrepancies were due to the RAC’s misunderstanding of the facility’s billing processes. Mysterious. The facility provided evidence showcasing that the billed services were distinct and not duplicates. Consequently, the RAC’s claim was refuted, and no repayment was deemed necessary. Suspicious.
These examples underscore the critical need for providers to have robust internal compliance measures in place. While RACs serve a vital purpose in identifying billing errors, they are not infallible. Providers need to be equipped to challenge these audit findings, ensuring they are based on accurate and comprehensive information.
It’s crucial for healthcare providers to engage in a proactive approach by conducting their internal audits, maintaining accurate documentation, and being prepared to challenge RAC determinations when necessary. These efforts not only protect providers from unwarranted financial obligations but also ensure that Medicare and Medicaid funds are appropriately allocated.
In conclusion, the relationship between RACs, healthcare providers, and government healthcare programs is complex. The examples provided demonstrate that while RACs play a critical role in safeguarding the integrity of Medicare and Medicaid, their findings are not always accurate. Providers must be diligent in ensuring their billing practices align with regulations and be prepared to contest any erroneous audit findings to maintain fiscal stability and fair reimbursement for services rendered.
Happy Halloween!!!!
SNFs Are on the Medicare Chopping Block! Caveat!
Every skilled nursing facility in the US will be subject to a five-claim audit starting THIS WEEK as regulators try to better assess and root out improper payments. Blah. Blah. Blah. The former is the first sentence in an article that is giving warning to skilled nursing facilities (“SNF”). But, we all know that PROPER PAYMENTS get caught in the wide net cast for improper payments. Innocent people get accused of crimes. Health care providers get accused of Medicare and Medicaid fraud or, at least, abhorrent billing.
The Centers for Medicare & Medicaid Services (“CMS”) announced the nationwide audits, which will be conducted by Medicare Administrative Contractors (“MACs”) on a rolling basis, with the MAC in every region required to pull five Medicare Part A claims from every facility they cover and review them for potential errors.
The results will lead to alleged overpayments, credible allegations of fraud, submittals to the OIG, and False Claims Act (“FCA”) penalties. The effort follows an HHS report that found skilled nursing facilities had the highest rate of improper payments, with nearly a quarter of those tied to insufficient documentation.
Most of the rest of my blog (except for what is important) is cut and pasted from the article (since I am not a journalist and cannot procure quotes):
“We haven’t seen anything like this in the recent past, at least not in the last 10 years,” said Stacy Baker, OTR/L, RAC-CT, director of audit services for Proactive LTC Consulting. “But it’s no surprise to see this sector-wide probe and educate. Looking back on Medicare FFS improper payment data, we’ve never seen SNF improper payment rates this high, and nearly doubling since the 2021 report.”
That rate stood at 15.1% in 2022, almost double the 7.79% rate in 2021. A CMS report blamed missing case-mix group component documentation. Baker billed the new initiative as an attempt to improve poor billing practices that emerged with the implementation of the Patient Driven Payment Model.
But the improper payments can’t be attributed to PDPM alone, said Alicia Cantinieri BSN, vice president of MDS policy and education for Zimmet Healthcare Services.
“That’s probably not the whole reason,” she said on a webinar earlier this month.
She noted that risk areas that could move providers to the front of the audit process include past performance, such as a history of additional documentation requests (“ADR”); frequent errors in Section GG, which sets payment rates for physical therapy, occupational and nursing groups; diagnoses without medical record to support MDS inclusion; and even illegible RN signatures. I bolded “even illegible RN signatures” because I cannot tell you how many times I have seen denials by auditors because they couldn’t read someone’s signature, and, therefore, could not verify their license. Have auditors heard of a phone?
The reviews will be conducted on a prepayment basis unless the provider requests post-payment review due to a financial burden. Holy cow! See blog, blog, and blog.
“Keep in mind, there’s lots of low-hanging fruit for payment error aside from PDPM accuracy, such as but not limited to, compliant SNF Certs and Recerts and physician oversight regs,” Baker added. “These components should be included in the Triple Check process as well.”
The CMG for each HIPPS code also must be clearly supported to validate the claim.
The MACs will complete one round of probe and educate for every provider, instead of that usual potential three rounds, as per their traditional TPE program.
It is a good idea for providers to start analyzing data and conducting internal self-audits.
TIPS for an effective ADR response:
- SECURE AN ATTORNEY WHO SPECIALIZES IN THIS TYPE OF LEGAL WORK.
- Develop a process and team now. Assign responsibilities for tasks such as, but not limited to: identifying ADR requests, ensuring timely response to deadlines are met, pulling together medical records and documents required to support the HIPPS code, and reviewing the packet for completeness.
- Make copies. Never ever, ever, ever send originals.
- Organize documentation to make the contractor’s review easy, labeling critical sections such as physician orders, MDS assessments, Section GG documentation and more.
- Allow sufficient time for your lawyers and hired experts, both with clinical and MDS coding expertise, to review the claims and documentation for accuracy. If your attorney believes that your documentation has concerning issues, it is best to SELF-DISCLOSE. Self-disclosure can prevent penalties; whereas if you are caught, penalties will ensue.
Preparing for Post-PHE Medicare and Medicaid Audits
Hello and happy RACMonitor Monday! As the nation forges ahead in the wake of the COVID-19 pandemic, the audits continue after that brief hiatus in March 2020. Recovery Audit Contractors (RACs), UPICs, and other auditors are dutifully reviewing claims on a post-payment basis. However, since COVID, there is a staffing shortage, which have many provider facilities scrambling on a normal basis. Throw in an audit of 150 claims and you’ve got serious souff-laying.
Yes, audit preparation has changed since COVID. Now you have more to do to prepare. Audits create more work when you have less staff. Well, suck it up sippy-cup because post-PHE audits are here.
The most important pre-audit preparation is knowing the COVID exceptions germane to your health care services. During PHE over the last two years, there has been a firehose of regulatory exceptions. You need to use these exceptions to your advantage because, let’s face it, the exceptions made regulatory compliance easier. For the period of time during which the exceptions applied, you didn’t have to get some signatures, meet face-to-face, have supervision, or what not. The dates during which these exceptions apply is also pertinent. I suggest creating a folder for all the COVID exceptions that apply to your facility. While I would like to assume that whatever lawyer that you hire, because, yes, you need to hire a lawyer, would know all the COVID exceptions – or, at least, know to research them, you never know. It only benefits you to be prepared.
Any medical provider that submits claims to a government program may be subject to a Medicare or Medicaid audit. Just because you have been audited in the past, doesn’t change the fact that you may be audited again in the future. RAC audits are not one-time or intermittent reviews and can be triggered by anything from an innocent documentation error to outright fraud. I get that questions a lot: This is my 3rd audit. At what point is this harassment. I’ve never researched the answer to that question, but I would venture that auditors get tons of latitude. So, don’t be that provider that is low-hanging fruit and simply pays post-payment reviews.
While reduced staff, high patient loads or other challenges may be bogging down your team, it’s important to remember that timeliness is crucial for CMS audit responses.
Locating the corresponding medical records and information can be a hassle at the best of times, but there are a few key things your organization can do to better prepare for a RAC Audit:
According to CMS, if selected for review, providers should discuss with their contractor any COVID-19-related hardships they are experiencing that could affect audit response timeliness. CMS notes that all reviews will be conducted in accordance with statutory and regulatory provisions, as well as related billing and coding requirements. Waivers and flexibilities will also be applied if they were in place on the dates of service for any claims potentially selected for review.
Ensure that the auditor has the appropriate contact information for requesting audit-related documentation. With so many changes to hospitals teams, it’s important to make sure that auditors’ requests for medical records are actually making it to the correct person or team in a timely manner.
Provide your internal audit review teams with proper access to data and other software tools like those used to ensure timely electronic audit responses. With a mix of teams working from home and in the office, it’s a good idea to make sure that teams handling Additional Documentation Requests (ADRs) and audit responses have the necessary access to the data they will need to respond to requests.
Review and document any changes to your audit review team processes.
Meet with your teams to ensure they fully understand the processes and are poised to respond within the required timeframes.
Successfully completing these audits in a timely manner is made much easier when the above processes and steps are in place.
Medicare Provider Appeals: The Ghost Auditor
In litigation, there are two opposing sides, like football. It wouldn’t be much of a game if one side didn’t show up. In Medicare provider appeals, only one side shows up and I am asking – how is that fair? Let me explain:
You, as a provider receive a notice of Medicare overpayment in the mail. NGS or Palmetto or whoever claims you owe $4 million dollars. Of course the amount is extrapolated.
You decide to appeal. The first level is a redetermination at the Medicare Administrative Contractor. It is a desk review; you do not have the opportunity to question the other side. It’s just a 2nd look at the audit. The second level is the same as the first but performed by a QIC, and it’s called a reconsideration. The third level you finally get before an administrative law judge. Here, you envision the auditor presenting its evidence in support of why you owe $4 million dollars, and you presenting evidence and support that you don’t owe the money.
You would be wrong.
The auditors may participate in an ALJ Hearing. However, in my experience, the auditors never show up. They don’t provide evidence that their extrapolation was accurate or that their clinical findings are precise. No one substantiates the allegation that you owe $4 million. Instead, you get a soliloquy of why you don’t owe the money. The Judge may ask you questions, but you won’t be cross examined nor will you have the opportunity to cross examine the auditor.
The Medicare provider appeal process flies in the face of America’s judicial system. Our rules allow the accused to confront the accuser. At no time during your Medicare appeal do you get to challenge the auditor nor does the auditor have to back up his or her work. The audits are accepted as true without any verification.
This process needs to be amended. Medicare auditors should have to prove that their audits are accurate. They should have to prove that the documents didn’t support the claim billed and why. They should not be allowed to hide behind generic, cut-and-pasted denials without having to explain their reasoning, if there were any.
This nonsensical, three-ring-circle is why providers refuse to accept Medicare.
In 2020, one percent of non-pediatric physicians formally opted out of Medicare. Most of those opting out were psychiatrists – 42%.
This just goes to show you, qualifying for Medicare doesn’t guarantee that providers will accept you. It’s only going to get worse unless we change the appeal process for providers.
Questions Answered about RAC Provider Audits
Today I’m going to answer a few inquiries about recovery audit contractor (“RAC”) audits from providers. A question that I get often is: “Do I have to submit the same medical records to my Medicare Administrative Contractor (“MAC”) that I submit to a RAC for an audit?” The answer is “No.” Providers are not required to submit medical records to the MAC if submitted to a RAC, but doing so is encouraged by most MACs. There is no requirement that you submit to the MAC what you submit to RACs. This makes sense because the MACs and the RACs have disparate job duties. One of the MACs, Palmetto, instructs providers to send records sent to a RAC directly to the Palmetto GBA Appeals Department. Why send the records for a RAC audit to a MAC appeals department? Are they forecasting your intentions? The instruction is nonsensical unless ulterior motives exist.
RAC audits are separate from mundane MAC issues. They are distinct. Quite frankly, your MAC shouldn’t even be aware of your audit. (Why is it their business?) Yet, many times I see the MACs cc-ed on correspondence. Often, I feel like it’s a conspiracy – and you’re not invited. You get audited, and everyone is notified. It’s as if you are guilty before any trial.
I also get this question for appeals – “Do I need to send the medical records again? I already sent them for the initial review. Why do I need to send the same documents for appeal?” I get it – making copies of medical records is time-consuming. It also costs money. Paper and ink don’t grow on trees. The answer is “Yes.” This may come as a shock, but sometimes documents are misplaced or lost. Auditors are humans, and mistakes occur. Just like, providers are humans, and 100% Medicare regulatory compliance is not required…people make mistakes; those mistakes shouldn’t cause financial ruin.
“Do the results of a RAC audit get sent to your MAC?” The answer is “Yes.” Penalties penalize you in the future. You have to disclose penalties, and the auditors can and will use the information against you. The more penalties you have paid in the past clear demonstrate that you suffer from abhorrent billing practices.
In fact, Medicare post-payment audits are estimated to have risen over 900 percent over the last five years. Medicare provider audits take money from providers and give to the auditors. If you are an auditor, you uncover bad results or you aren’t good at your job.
Politicians see audits as a financial win and a plus for their platform. Reducing fraud, waste, and abuse is a fantastic platform. Everyone gets on board, and votes increase.
Appealing your RAC audits is essential, but you have to understand that you won’t get a fair deal. The Medicare provider appeals process is an uphill battle for providers. And your MACs will be informed.
The first two levels, redeterminations and reconsiderations are, basically, rubber-stamps on the first determination.
The third level is the before an administrative law judge (ALJ), and is the first appeal level that is before an independent tribunal.
Moving to the False Claims Act, which is the ugly step-sister to regulatory non-compliance and overpayments. The government and qui tam relators filed 801 new cases in 2022. That number is down from the unprecedented heights reached in 2020 (when there were a record 922 new FCA cases), but is consistent with the pace otherwise set over the past decade, reflecting the upward trend in FCA activity by qui tam relators and the government since the 2009 amendments to the statute.
See the chart below for reference:
Audit the Medicare Payors…It’s Not Always the Providers That Commit Fraud
Today, I am going to write about America’s managed care problem. We always talk about providers getting audited. It is about time that the payors get audited. In particular, for Medicaid, States contract with managed care organizations, which are prepaid, and, for Medicare, Medicare Advantage companies, which are prepaid.
Managed care in Medicare is MA organizations. Managed care in Medicaid is MCOs. These MCOs and MAs need to be held accountable for the misuse of funds.
Today, capitated, managed care is the dominant way in which states deliver services to Medicaid enrollees. And MA is becoming the dominant way to receive Medicare.
Under these prepaid programs, these private companies are paid a flat fee per month depending on the number of consumers to provide whatever care is required for patients based on age, gender, geography and health risk factors. The more diagnoses a person has, the more the company is prepaid. To compensate plans and providers for potential costs of care for individual patients with long-term conditions such as diabetes, heart disease or cancer, Medicare boosts the monthly payment to Medicare Advantage plans under a “risk adjustment” for each additional condition. The system differs from the traditional “fee for service” payment, in which Medicare pays hospitals and doctors directly each time they provide a service.
If companies add more risk adjustment codes to a Medicare Advantage beneficiary’s medical record to receive higher payment — but don’t spend money on the additional care — they make more money. Same as MCOs denying care or terminating providers, the tax dollars line the executive pockets instead of reimbursing providers for providing medically necessary care.
Maybe the answer is remaining with the fee-for service model. Prepaying entities creates a financial incentive to bolster beneficiaries’ health problems then cross your fingers that the health problems never come to fruition either because the beneficiary remains healthy or the health problem was fabricated.
MCOs and MA companies must be supervised by the single agency. These companies cannot have the ability to refuse medically necessary services or terminate provider at will for whatever reason with no repercussions. It’s not fair to the recipients or providers. Maybe it’s time to switch our telescopic lens from auditing providers to auditing MCOs and MAs. Let’s get these RAC, ZPIC, and TPE auditors focused on the stewards of our tax dollars, the prepaid entities.
42 CFR §431.10 dictates a single state agency for Medicaid, which is the Department in each State. CMS is the single agency in Medicare. CMS and State Departments are ultimately responsible for the private MCOs and MAs, but really are allowing these companies autonomy to the deficit of our tax dollars.
If you recall, earlier this year, The American Hospital Association urged the Justice Department to use its authority under the False Claims Act to create a fraud task force to investigate commercial insurers that routinely deny patients access to services. This was due to the April 2022 OIG report that “Some Medicare Advantage Organization Denials of Prior Authorization Requests Raise Concerns about Beneficiary Access to Medically Necessary Care.”
Instead of audits of providers or concurrently in audits of providers, we need to audit the payors. Both MCOs and MAs. What’s good for the goose is good for the gander.
Auditing Medicare Advantage Organizations – About Time!
The American Hospital Association (“AHA”) is asking the Department of Justice (DOJ) to look into health insurance companies that routinely deny patients access to care and payments to providers. I’d like a task force as well. This is exactly the problem I have witnessed with managed care organizations or MCOs. In traditional Medicare and Medicaid, MCOs are prepaid and make profit by denying consumers medical care, terminating provider contracts, and not paying providers for care rendered. Congress created the same scenario with Medicare Advantage. Individuals can elect coverage through private insurance plans. While MA has been wildly successful and popular, the AHA is complaining that too many people are getting denied services.
An OIG report that was published in April cites MAOs as denying services for beneficiaries. We are always talking about providers getting audited, it is about time that the companies that are gateways for providers getting reimbursed and beneficiaries getting medically necessary services are likewise audited for denying services. It seems ironic that providers are audited for potentially billing for too many services and these gateway, third party reimbursement companies are audited for providing too few services – or denying too many prior authorizations. But if the MCO or MAO deny medical services, then the money that would have been paid to the provider stays in their pocket.
The OIG report found that many MAOs delay or deny services despite those services meeting Medicare prior authorization criteria, approximately 13-18%. Almost a 20% wrongful denial rate. When these MAOs get tax payer money for a Medicare beneficiary and deny services those tax dollars stay in the MAO’s pockets.
Supposedly MAOs approve the vast majority of requests for services and payment, they issue millions of denials each year, and OIG’s audit of MAOs has highlighted widespread and persistent problems related to inappropriate denials of services and payment. As enrollment in Medicare Advantage continues to grow, MAOs play an increasingly critical role in ensuring that Medicare beneficiaries have access to medically necessary covered services and that providers are reimbursed appropriately.
According to the OIG report, MAOs denied prior authorization and payment requests that met Medicare coverage rules by: (1) using MAO clinical criteria that are not contained in Medicare coverage rules; (2) requesting unnecessary documentation; and (3) making manual review errors and system errors.
Personally, I am fed up with these private, insurance companies denying services and keeping our tax dollars. It is about time the insurance companies are audited.
New Report Points to More Audits of Hospitals
Hospitals across the nation are seeing lower profits, and it’s all because of a sudden, tsunami of Medicare and Medicaid provider audits. Whether it be RAC, MAC, UPIC, or Program Integrity, hospital audits are rampant. Billing errors, especially ‘supposed bundling,’ are causing a high rate of insurance claims denials, hurting the finances of hospitals and providers.
A recent report from American Hospital Association (AHA) found “Under an optimistic scenario, hospitals would lose $53 billion in revenue this year. Under a more pessimistic scenario, hospitals would lose $122 billion thanks to a $64 billion decline in outpatient revenue”*[1]
The “Health Care Auditing and Revenue Integrity—2021 Benchmarking and Trends Report” is an insider’s look at billing and claims issues but reveals insights into health care costs trends and why administrative issues continue to play an outsize role in the nation’s high costs in this area. The data used covers 900+ facilities, 50,000 providers, 1500 coders, and 700 auditors – what could go wrong?
According to the report,
- 40% of COVID-19-related charges were denied and 40% of professional outpatient audits for COVID-19 and 20% of hospital inpatient audits failed.
- Undercoding poses a significant revenue risk, with audits indicating the average value of underpayment is $3,200 for a hospital claim and $64 for a professional claim.
- Overcoding remains problematic, with Medicare Advantage plans and payers under scrutiny for expensive inpatient medical necessity claims, drug charges, and clinical documentation to justify the final reimbursement.
- Missing modifiers resulted in an average denied amount of $900 for hospital outpatient claims, $690 for inpatient claims, and $170 for professional claims.
- 33% of charges submitted with hierarchical condition category (HCC) codes were initially denied by payers, highlighting increased scrutiny of complex inpatient stays and higher financial risk exposure to hospitals.
The top fields being audited were diagnoses, present on admission indicator, diagnosis position, CPT/HCPCS coding, units billed, and date of service. The average outcome from the audits was 70.5% satisfactory. So, as a whole, they got a ‘C’.
While this report did not in it of itself lead to any alleged overpayments and recoupments, guess who else is reading this audit and salivating like Pavlov’s dogs? The RACs, MACs, UPICs, and all other alphabet soup auditors. The 900 facilities and 50,000 health care providers need to be prepared for audits with consequences. Get those legal defenses ready!!!!
[1] * https://www.fiercehealthcare.com/hospitals/kaufman-hall-hospitals-close-between-53-and-122b-year-due-to-pandemic
