Category Archives: Medicare Audits

Can Medicare/caid Auditors Double-Dip?

The issue today is whether health care auditors can double-dip. In other words, if a provider has two concurrent audits, can the audits overlap? Can two audits scrutinize one date of service (“DOS”) for the same consumer. It certainly doesn’t seem fair. Five years ago, CMS first compiled a list of services that the newly implemented RAC program was to audit. It’s been 5 years with the RAC program. What is it about the RAC program that stands out from the other auditor abbreviations?

We’re talking about Cotiviti and Performant Recovery; you know the players. The Recovery Audit Program’s mission is to reduce Medicare improper payments through the efficient detection and collection of overpayments, the identification of underpayments and the implementation of actions that will prevent future improper payments.

RACs review claims on a post-payment basis. The RACs detect and correct past improper payments so that CMS and Carriers, and MACs can implement actions that will prevent future improper payments.

RACs are also held to different regulations than the other audit abbreviations. 42 CFR Subpart F dictates the Medicaid RACs. Whereas the Medicare program is run by 42 CFR Subchapter B.

The auditors themselves are usually certified coders or LPNs.

As most of you know, I present on RACMonitor every week with a distinguished panel of experts. Last week, a listener asked whether 2 separate auditors could audit the same record. Dr. Ronald Hirsh’s response was: yes, a CERT can audit a chart that another reviewer is auditing if it is part of a random sample. I agree with Dr. Hirsh. When a random sample is taken, then the auditors, by definition, have no idea what claims will be pulled, nor would the CERT have any knowledge of other contemporaneous and overlapping audits. But what about multiple RAC audits? I do believe that the RACs should not overlap its own audits. Personally, I don’t like the idea of one claim being audited more than once. What if the two auditing companies make differing determinations? What if CERT calls a claim compliant and the RAC denies the claim? The provider surely should not pay back a claim twice.

I believe Ed Roche presented on this issue a few weeks ago, and he called it double-dipping.

This doesn’t seem fair. What Dr. Hirsh did not address in his response to the listener was that, even if a CERT is allowed to double-dip via the rules or policies, there could be case law saying otherwise.

I did a quick search on Westlaw to see if there were any cases where the auditor was accused of double-dipping. It was not a comprehensive search by any means, but I did not see any cases where auditors were accused of double-dipping. I did see a few cases where hospitals were accused of double-dipping by collecting DSH payments to cover costs that had already been reimbursed, which seems like a topic for another day.

Post-COVID Medicare/caid Rules Matter!

How many times have we panelists talked about COVID and COVID exceptions to the regulatory rules? How many times have we warned providers that the exceptions will expire at the end of public health emergency (“PHE”)? Well, it’s coming. The COVID PHE is still in effect for America, but some States have lifted their PHE status. NC’s state of emergency expired August 15, 2022. In Montana, the state of emergency ended June 30, 2021.

What does that mean? When America’s PHE expires, so does also all the exceptions. When your particular State’s PHE ends, so do the PHE exceptions your particular State allowed. This is imperative to ALL Medicare and Medicaid audits by whatever alphabet soup is knocking on your door. As well you know, auditors don’t always get it right. Add in confusion due to COVID exceptions…which apply in which State and which expired?

 Last week, CMS released fact sheets summarizing the current status of Medicare and Medicaid COVID waivers and exceptions by provider type. The fact sheets include information about which waivers and flexibilities have already been terminated, have been made permanent or will end at the end of the COVID-19 public health emergency. Unless specifically stated, all exceptions expire at the end of PHE, which is in the process of winding down.

 I decided to review a fact sheet to determine how useful it was. I chose for provider type – hospitals. The fact sheet is entitled, “Hospitals and CAH (including swing beds, DPUs), ASCs and CMHCs.” It is 28 pages. The fact sheets are must reads for all providers. When you play chess the rules matter. When you accept Medicare and/or Medicaid, the rules matter. And these fact sheets are the rules.

The fact sheets cover telehealth and reimbursement rates. The hospital fact sheet covers hospitals without walls, off-site patient screening, paperwork requirements, physical environment requirements, which waivers will or will not expire at the end of PHE, and much more. I would say these fact sheets, for whichever type of provider you are – are mandatory reads. The fact sheets may not be absolutely encompassing, but they are summaries for you, all in one spot, organized for ease of reading. Thank you, CMS, for gathering this info and putting it all in one spot.

The Importance of the Differences in SMRCs, RACs, and QIOs

The Centers for Medicare & Medicaid Services (“CMS”) has modified the additional documentation request (“ADR”) limits for the Medicare Fee-for-Service Recovery Audit Contractor (“RAC”) program for suppliers. Yet, one of our listeners informed me that CMS has found a “work around” from the RAC ADR limits. She said, “There is the nationwide Supplemental Medical Review Contractor (“SMRC”) audits and now nationwide Quality Improvement Organizations (“QIO”) contract audits. These contracts came about after the Congressional limits on number of audits by the RAC.” Dr. Hirsh retorted, “But SMRC and QIO are not paid contingency fee. So, they are “different” audits. RACs are evil; SMRC and QIO have a few redeeming qualities.” I completely agree with Dr. Hirsh. But her point is well taken – SMRCs and QIOs follow different rules than RACs, so of course the SMRCs and QIOs have distinct ADR limits.

This is similar to the lookback periods. The lookback period varies depending on the acronym: RAC, MAC, or UPIC. RACs’ lookback period is 3 years, yet other acronyms get longer periods. I think what Dr. Hirsh is saying is right, because RACs are paid by contingency instead of a contracted rate, we have to limit the RACs authority because they are already incentivized the find problems., plus they are allowed to extrapolate. The RACs already have too much leash.

So, what are the RAC ADR limits?

Well, interestingly they just changed in April 2022. These limits will be set by CMS on a regular basis to establish the maximum number of medical records that may be requested by a RAC, per 45-day period. Each limit will be based on a given supplier’s volume of Medicare claims paid within a previous 12-month period, in a particular Healthcare Common Procedure Coding System (HCPCS) policy group. The policy groups are available on the pricing, coding analysis, and coding (PDAC), website. Limits will be based on the supplier’s Tax Identification Number (TIN). Limits will be set at 10% of all paid claims, by policy group, paid within a previous 12-month period, divided into eight periods (45 days). Although a RAC may go more than 45 days between record requests, in no case shall a RAC make requests more frequently than every 45 days. Limits are based on paid claims, irrespective of individual lines, although credit/replacement pairs shall be considered a single claim.

I wanted to go into the SMRCs and QIOs’ ADR limits to see whether they are are following THEIR rules, but I’m out of time for today. I’ll research the SMRCs and QIOs ADR limits for next week and I will have an answer for you.

OIG Audited CMS, and CMS Failed!

Apparently, CMS also must undergo audits and it did, but I am not sure I believe the results. But that would be par for the course; I generally don’t find any audit results to be accurate. OIG audited CMS. OIG tried to verify that CMS actually collected all the funds from alleged Medicare overpayments. According to the audit, OIG was able to verify that verify that CMS had collected $120 million of the $498 million in overpayments. CMS told auditors that it has collected $272 million but auditors said the agency failed to properly document the recovery of $152 million.

            Without question, when there is a Medicare alleged overpayment and the provider appeals, you have 5 levels of appeal. The first two levels, redetermination and reconsideration, are basically rubber stamp approval of the original decision. But after the 2nd level, rubber stamp and before you go to the third level, recoupment begins of the alleged amount owed, even though you haven’t completed litigation AND you may receive a decision at the third level that the money is not owed. Nonetheless, the recoupment begins.

            In my experience, I have never had an instance that CMS forgot to prematurely recoup. I’m sure if there were instances of CMS forgetting to prematurely recoup the provider were ecstatic. Elated. But they were also probably nervous as heck, because we all know that, eventually, the government gets its money.

            In fact, one of the recommendations from CMS’ audit, was that OIG suggested that CMS revise 42 CFR §405.980, which is the federal regulation that allows for reopening initial determinations, redeterminations, reconsiderations, decisions, and reviews. The regulation already allows QICs, ALJs, the contractor – anyone who makes decisions about Medicare audits – the ability to reopen a decision already made. There are time frames for doing so.

            For example, “A party may request that a contractor reopen its initial determination or redetermination within 1 year from the date of the initial determination or redetermination for any reason.” 42 CFR 405.980(c)(1). Although I’ve never understood this section. Why would a party request its audit to be reopened instead of just appealing to the next level? I doubt reopening an initial determination would yield better results. But really the purpose of §405.980 is that the government can choose to reopen a decision and, later on, after you think you won your case and owe nothing, this regulation allows them to change their mind.

            This just goes to show you, the laws are written in favor of the government. It truly is a David and Goliath battle.

Medicare Provider Appeals: The Ghost Auditor

In litigation, there are two opposing sides, like football. It wouldn’t be much of a game if one side didn’t show up. In Medicare provider appeals, only one side shows up and I am asking – how is that fair? Let me explain:

You, as a provider receive a notice of Medicare overpayment in the mail. NGS or Palmetto or whoever claims you owe $4 million dollars. Of course the amount is extrapolated.

You decide to appeal. The first level is a redetermination at the Medicare Administrative Contractor. It is a desk review; you do not have the opportunity to question the other side. It’s just a 2nd look at the audit. The second level is the same as the first but performed by a QIC, and it’s called a reconsideration. The third level you finally get before an administrative law judge. Here, you envision the auditor presenting its evidence in support of why you owe $4 million dollars, and you presenting evidence and support that you don’t owe the money.

You would be wrong.

The auditors may participate in an ALJ Hearing. However, in my experience, the auditors never show up. They don’t provide evidence that their extrapolation was accurate or that their clinical findings are precise. No one substantiates the allegation that you owe $4 million. Instead, you get a soliloquy of why you don’t owe the money. The Judge may ask you questions, but you won’t be cross examined nor will you have the opportunity to cross examine the auditor.

The Medicare provider appeal process flies in the face of America’s judicial system. Our rules allow the accused to confront the accuser. At no time during your Medicare appeal do you get to challenge the auditor nor does the auditor have to back up his or her work. The audits are accepted as true without any verification.

This process needs to be amended. Medicare auditors should have to prove that their audits are accurate. They should have to prove that the documents didn’t support the claim billed and why. They should not be allowed to hide behind generic, cut-and-pasted denials without having to explain their reasoning, if there were any.

This nonsensical, three-ring-circle is why providers refuse to accept Medicare.

In 2020, one percent of non-pediatric physicians formally opted out of Medicare. Most of those opting out were psychiatrists – 42%.

This just goes to show you, qualifying for Medicare doesn’t guarantee that providers will accept you. It’s only going to get worse unless we change the appeal process for providers.

Questions Answered about RAC Provider Audits

Today I’m going to answer a few inquiries about recovery audit contractor (“RAC”) audits from providers. A question that I get often is: “Do I have to submit the same medical records to my Medicare Administrative Contractor (“MAC”) that I submit to a RAC for an audit?” The answer is “No.” Providers are not required to submit medical records to the MAC if submitted to a RAC, but doing so is encouraged by most MACs. There is no requirement that you submit to the MAC what you submit to RACs. This makes sense because the MACs and the RACs have disparate job duties. One of the MACs, Palmetto, instructs providers to send records sent to a RAC directly to the Palmetto GBA Appeals Department. Why send the records for a RAC audit to a MAC appeals department? Are they forecasting your intentions? The instruction is nonsensical unless ulterior motives exist.

RAC audits are separate from mundane MAC issues. They are distinct. Quite frankly, your MAC shouldn’t even be aware of your audit. (Why is it their business?) Yet, many times I see the MACs cc-ed on correspondence. Often, I feel like it’s a conspiracy –  and you’re not invited. You get audited, and everyone is notified. It’s as if you are guilty before any trial.

I also get this question for appeals – “Do I need to send the medical records again? I already sent them for the initial review. Why do I need to send the same documents for appeal?” I get it – making copies of medical records is time-consuming. It also costs money. Paper and ink don’t grow on trees. The answer is “Yes.” This may come as a shock, but sometimes documents are misplaced or lost. Auditors are humans, and mistakes occur. Just like, providers are humans, and 100% Medicare regulatory compliance is not required…people make mistakes; those mistakes shouldn’t cause financial ruin.

“Do the results of a RAC audit get sent to your MAC?” The answer is “Yes.” Penalties penalize you in the future. You have to disclose penalties, and the auditors can and will use the information against you. The more penalties you have paid in the past clear demonstrate that you suffer from abhorrent billing practices.

In fact, Medicare post-payment audits are estimated to have risen over 900 percent over the last five years. Medicare provider audits take money from providers and give to the auditors. If you are an auditor, you uncover bad results or you aren’t good at your job.

Politicians see audits as a financial win and a plus for their platform. Reducing fraud, waste, and abuse is a fantastic platform. Everyone gets on board, and votes increase.

Appealing your RAC audits is essential, but you have to understand that you won’t get a fair deal. The Medicare provider appeals process is an uphill battle for providers. And your MACs will be informed.

The first two levels, redeterminations and reconsiderations are, basically, rubber-stamps on the first determination.

The third level is the before an administrative law judge (ALJ), and is the first appeal level that is before an independent tribunal.

Moving to the False Claims Act, which is the ugly step-sister to regulatory non-compliance and overpayments. The government and qui tam relators filed 801 new cases in 2022.  That number is down from the unprecedented heights reached in 2020 (when there were a record 922 new FCA cases), but is consistent with the pace otherwise set over the past decade, reflecting the upward trend in FCA activity by qui tam relators and the government since the 2009 amendments to the statute.

See the chart below for reference:

CMS Rulings Are Not Law; Yet Followed By ALJs

Lack of medical necessity is one of the leading reasons for denials during RAC, MAC, TPE, and UPIC audits. However, case law dictates that the treating physician should be allowed deference with the decision that medical necessity exists because the Medicare and/or Medicaid auditor never had the privilege to see the recipient.

However, recent ALJ decisions have gone against case law. How is that possible? CMS creates “Rules” – I say that in air quotes – these Rules are not promulgated, but are binding on anyone under CMS’ umbrella. Guess what? That includes the ALJs for Medicare appeals. As an example, the “treating physician” Rule is law based on case law. Juxtapose, CMS’ Ruling 93-l. It states that no presumptive weight should be assigned to a treating physician’s medical opinion in determining the medical necessity of inpatient hospital and skilled nursing facility services. The Ruling adds parenthetically that the Ruling does not “by omission or implication” endorse the application of the treating physician rule to services not addressed in the Ruling. So, we get a decision from an ALJ that dismisses the treating physician rule.

The ALJ decision actually said: Accordingly, I find that the treating physician rule, standing alone, provides no basis for coverage.

This ALJ went against the law but followed CMS Rulings.

CMS Rulings, however, are not binding. CMS Rulings aren’t even law. Yet the CMS Rulings, according to CMS, are binding onto the entities that are under the CMS umbrella. This means that the Medicare appeals process, which include the redeterminations, the reconsiderations, the ALJ decisions, and the Medicare Appeals Councils’ decisions are all dictated by these non-law, CMS Rulings, which fly in the face of actual law. ALJs uphold extrapolations based on CMS Rulings because they have to. But once you get to a federal district court judge, who are not bound by CMS, non-law, rulings, you get a real Judge’s decision, and most extrapolations are thrown out if the error rate is under 50%.

Basically, if you are a Medicare provider, you have to jump through the hoops of 4 levels of appeals that is not dictated by law, but by an administration that is rewarded for taking money from providers on the pretense of FWA. Most providers do not have the financial means to make it to the 5th level of appeal. So, CMS wins by default.

Folks, create a legal fund for your provider entity. You have got to appeal and be able to afford it. That is the only way that we can change the disproportionately unfair Medicare appeal process that providers must endure now.

CMS Rulings Can Devastate a Provider, But Should It?

If you could light a torch to a Molotov Cocktail and a bunch of newspapers, you could not make a bigger explosion in my head than a recent Decision from a Medicare administrative law judge (“ALJ”). The extrapolation was upheld, despite an expert statistician citing its shortcomings, based on a CMS Ruling, which is neither law nor precedent. The Decision reminded me of the new Firestarter movie because everything is up in flames. Drew Barrymore would be proud.

I find it very lazy of the government to rely on sampling and extrapolations, especially in light that no witness testifies to its accuracy.

Because this ALJ relied so heavily on CMS Rulings, I wanted to do a little detective work as to whether CMS Rulings are binding or even law. First, I logged onto Westlaw to search for “CMS Ruling” in any case in any jurisdiction in America. Nothing. Not one case ever mentioned “CMS Ruling.” Ever. (Nor did my law school).

What Is a CMS Ruling?

A CMS Ruling is defined as, “decisions of the Administrator that serve as precedent final opinions and orders and statements of policy and interpretation. They provide clarification and interpretation of complex or ambiguous provisions of the law or regulations relating to Medicare, Medicaid, Utilization and Quality Control Peer Review, private health insurance, and related matters.”

But Are CMS Rulings Law?

No. CMS Rulings are not law. CMS Rulings are not binding on district court judges because district court judges are not part of HHS or CMS. However, the Medicare ALJs are considered part of HHS and CMS; thus the CMS Rulings are binding on Medicare ALJs.

This creates a dichotomy between the “real law” and agency rules. When you read CMS Ruling 86-1, it reads as if there two parties with oppositive views, both presented their arguments, and the Administrator makes a ruling. But the Administrator is not a Judge, but the Ruling reads like a court case. CMS Rulings are not binding on:

  1. The Supreme Court
  2. Appellate Courts
  3. The real world outside of CMS
  4. District Courts
  5. The Department of Transportation
  6. Civil Jurisprudence
  7. The Department of Education
  8. Etc. – You get the point.

So why are Medicare providers held subject to penalties based on CMS Rulings, when after the providers appeal their case to district court, that “rule” that was subjected against them (saying they owe $7 million) is rendered moot? Can we say – not fair, equitable, Constitutional, and flies in the face of due process?

The future does not look bright for providers going forward in defending overzealous, erroneous, and misplaced audits. These audits aren’t even backed up by witnesses – seriously, at the ALJ Medicare appeals, there is no statistician testifying to verify the results. Yet some of the ALJs are still upholding these audits.

In the “court case,” which resulted in CMS Ruling 86-1, the provider argued that:

  1. There is no legal authority in the Medicare statute or regulations for HCFA or its intermediaries to determine overpayments by projecting the findings of a sample of specific claims onto a universe of unspecified beneficiaries and claims.
  2. Section 1879 of the Social Security Act, 42 U.S.C. 1395pp, contemplates that medical necessity and custodial care coverage determinations will be made only by means of a case-by-case review.
  3. When sampling is used, providers are not able to bill individual beneficiaries not in the sample group for the services determined to be noncovered.
  4. Use of a sampling procedure violates the rights of providers to appeal adverse determinations.
  5. The use of sampling and extrapolation to determine overpayments deprives the provider of due process.

The CMS Ruling 86-1 was decided by Mr. Henry R. Desmarais, Acting Administrator, Health Care Financing Administration in 1986.

Think it should be upheld?

Absent Auditors in Medicare Provider Appeals

(On a personal note, I apologize for how long since it has been my last blog. I was in an accident and spent 3 days in the ICU.)

I’d like to write today about the sheer absurdity about how these RAC, ZPIC, MAC, and other types of audits are being held against health care providers. When an auditor requests documents from a provider and opines that the provider owes a million dollars in alleged overpayments, I would expect that the auditor will show up before an independent tribunal to defend its findings. However, for so many of these Medicare provider appeals, the auditor doesn’t appear to defend its findings.

In my opinion, if the entity claiming that you owe money back to the government does not appear at the hearing, the provider should automatically prevail. A basic legal concept is that the accused should be able to confront its accuser.

I had depositions the last two weeks for a case that involved an opiate treatment program. The two main accusers were Optum and ID Medicaid. When Optum was deposed, they testified that Optum did not conduct the audit of the facility. When ID Medicaid was deposed, it contended that Optum did conduct the audit at issue.

When not one person can vouch for the veracity of an audit, it is ludicrous to force the provider to pay back anything. Auditors cannot hide behind smoke and mirrors. Auditors need to testify to the veracity of their audits.

To poke holes in Medicare audits, you need to know the rules. You wouldn’t play chess without knowing the rules. Various auditor have disparate look-back period, which is the time frame the auditor is allowed to look back and review a claim. For example, RACs may only look back 3 years. Whereas ZPICs have no specific look back period, although I would argue that the older the claim, the less likely it is to be recouped. There is also the federal 48-month limit to look backs absent accusations of fraud.

When appealing the outcome of a MAC or RAC audit, it is necessary for providers to have a specific reason for challenging the auditors’ determinations. Simply being dissatisfied or having generalized complaints about the process is not enough. Some examples of potential grounds for challenging a MAC or RAC determination on appeal include: 

  • Application if inapplicable Medicare billing rules 
  • Misinterpretation of applicable Medicare billing rules 
  • Reliance on unsound auditing methodologies
  • Failure to seek an expert opinion 
  • Ignoring relevant information disclosed by the provider 
  • Exceeding the MAC’s or RAC’s scope of authority 

It is imperative that you arm yourself in defending a Medicare audit, but if the auditor fails to appear at any stage in litigation, then you should call foul and win on a “absent” technicality.

Despite State Statute – Perhaps You Can Appeal Medicaid Prepayment Review!

It’s hard enough to be one of the providers to accept Medicare and Medicaid. The regulatory oversight is burdensome. You are always getting metaphorically yelled at for upcoding or bundling. See blog, thanking providers.

One of the absolute, most-Draconian penalty against a Medicare or Medicaid provider is prepayment review.

Prepayment review is exactly as it sounds. Before you receive payment – for services rendered – an auditor reviews your claims to determine whether you should be reimbursed. Prepayment review is the epitome of being guilty until proven innocent. It flies in the face of American due process. However, no one has legally fought its Constitutionality. Yet many provider-companies have been put out of business by it.

Generally, to get off prepayment review, you have to achieve a 75% or 80% success rate for three consecutive months. It doesn’t sound hard until your auditors – or graders – fail to do their job correctly and fail you erroneously.

Usually, when a provider is placed on prepayment review, I say, “Well, you cannot appeal being placed on prepayment review, but we can get a preliminary injunction to Stay the withhold of reimbursements during the process.” It tends to work.

Most State statutes have language like this:

“(f) The decision to place or maintain a provider on prepayment claims review does not constitute a contested case under Chapter 150B of the General Statutes. A provider may not appeal or otherwise contest a decision of the Department to place a provider on prepayment review.”

However, in a recent case, Halikierra Community Services, LLC v. NCDHHS, the provider disputed being placed on prepayment review and accused NCDHHS of a malicious campaign against it.

Halikierra was the largest, in-home, Medicaid health care provider and it alleged that 2 specific, individuals at DHHS “personally detested” Halikierra because of its size. As an aside, I hear this all the time. I hear that the auditors or government have personal vendettas against certain providers. Good for Halikierra for calling them out!

According to the opinion, these 2 DHHS employees schemed to get Halikierra on prepayment review by accusing it of employing felons, which is not illegal. (Just ask Dave’s Killer Bread). Halikierra sued based on substantive due process and equal protection rights, but not before being forced to terminate its 600 employees and closing its doors because of being placed on prepayment review. It also asserted a claim of conspiracy in restraint of trade under NCG.S. §75-1 against the individual DHHS employees.

The Court held that “[t]he mere fact that an agency action is nonreviewable under the Administrative Procedure Act does not shield it from judicial review.” The upshot? Even if a statute states that you cannot appeal being placed on prepayment review, you can sue for that very determination.

FYI – This case was filed in the Industrial Commission, which has jurisdiction for negligence conducted by the state agencies. Exhaustion of administrative remedies was not necessary because, per the state statute, being placed on prepayment review does not constitute a contested case in administrative court.