Category Archives: Medicare Audits
Consults by telephone are becoming more and more prevalent. It only makes sense. In an age in which the population has surged, the ratio of physicians to patients has grown more disparate, and the aging and disabled community continues to increase, telehealth is a viable, logical, and convenient resource. I can tell you that when I have to go to a doctor appointment, my whole day is off-kilter. You have to get dressed, drive there, sit in the waiting room, wait for the doctor in the patient room, talk to your doctor, check-out, drive back to work/home and, usually, have a hour-long telephone call with your insurance company. Doctor visits can take up a whole day.
Telehealth allows a patient who needs to see a health care provider to present to a health care provider over the telephone. No getting dressed, driving, or waiting.
According to a FAIR Health White Paper report, “the use of non-hospital-based provider-to-patient telehealth increased 1,393% from 2014 to 2018, from 0.007% to 0.104% of all medical claim lines. There was a 624% increase in claim lines related to any type of telehealth, from 0.0192% to 0.1394% of all medical claim lines. Non-hospital-based provider-to-patient telehealth accounted for 84% of all telehealth claim lines in 2018.”
According to the numbers in the report, the use of telehealth increased in urban areas, rather than rural areas, at a much greater percentage, which, personally, I found surprising, at first. But when you consider the number of people living in urban areas rather than rural areas, the disparate percentages make sense.
Not surprising, 82% of telehealth claims were associated with individuals aged 51+.
Private insurances are jumping on the band wagon, but, more importantly, government insurers are already on the wagon. And the wagon is gaining a wagon train; CMS is expanding the use of telehealth even as you read this.
On April 5, 2019, the Centers for Medicare & Medicaid Services (CMS) finalized policies that increased plan choices and benefits, including allowing Medicare Advantage plans to include additional telehealth benefits. Before this year, Medicare recipients could only receive certain telehealth services if they live in rural areas. Now Medicare will pay for telehealth across the country…all from your house.
On July 29, 2019, CMS took the first steps toward welcoming opioid treatment programs (OTPs) into the Medicare program and expanding Medicare coverage of opioid use disorder (OUD) treatment services provided by both OTPs and physician practices. CMS is proposing the use of telehealth for opioid services. More specifically, CMS is proposing telehealth substance abuse counseling, telehealth individual/group therapy.
Enter RAC, ZPIC, UPIC, TPE, MAC, and MFCU audits.
Where there is Medicare money to be made or fraud to be had there are the auditors. The alphabet soup.
In April 2019, one of the largest healthcare fraud rings in U.S. history, involving telemedicine companies was busted. At an alleged amount of $1.2 billion. Durable medical equipments (DME) were also targeted, but this blog focuses on telehealth.
Allegedly, the telehealth companies would inform Medicare beneficiaries that they, for example, qualified for a brace. Using telehealth, the physicians wrote prescriptions for braces. DME would file the claim and pay the telehealth provider and the physician.
The government argued that you have to be seen in-person to determine your need for a brace.
It is important to note that the above-referenced scheme was performed prior to the most recent expansion of telehealth.
With this most recent expansion of telehealth, expect the auditors to be drooling.
Oct. 1, 2019 marks the beginning of a new era of billing for skilled nursing facilities (SNFs).
Say goodbye to RUG-IV, and hello to the Patient-Driven Payment Model (PDPM).
This is a daunting task, not for the faint of heart. Under PDPM, reimbursement for Medicare Part A patients in SNFs will be driven by patient condition, rather than by therapy minutes provided. Documentation is crucial to a successful Recovery Audit Contractor (RAC) audit.
In the past, therapy documentation has been the focus of RAC audits. Now, nursing documentation is front and center. Do not try to maximize case mix index (CMI). But remember, certain documentation can easily lead to higher reimbursement. For example, if you document when a patient is morbidly obese, suffering from diabetes, and taking intravenous medication, this can lead to three times the reimbursement over the first three days. This article will explore the intricacies of RAC audits and how to maximize reimbursement while successfully maneuvering through the process.
Here is the million-dollar question: how will PDPM affect your business?
The answer is four-fold, for the purposes of this article, although this list is not exhaustive.
- Managing care: Unlike RUG-IV, which incentivizes ultra-high volumes of therapy to capture maximum payment, PDPM requires you to carefully manage how you deliver services in order to provide the right level of care for each patient. This begs the question of whether you’re getting paid to over-deliver services (or practice “defensive medicine”), or you’re getting audits and recoupments for under-delivering due to poor patient outcomes. For this reason, it can seem like you are getting pulled in two directions.
- Financial: PDPM is designed to be budget-neutral. Your reimbursements will decrease. SNFs will be able to offset the loss in therapy reimbursement with higher reimbursement for services already being provided.
- Staffing: There is less demand for therapists in a SNF setting. But you will be able to retain the best therapy sources.
- Billing: Under PDPM, you will bill using the Health Insurance Prospective Payment System (HIPPS) code that is generated from assessments with ARD. You will still be using a five-digit code, as you did with RUG-IV. But the characters signify different things. For example, under RUG-IV, the first three characters represented the patient’s RUG classification, and the last two were an assessment indicator. With PDPM, the first character represents the patient’s physical therapy (PT) and occupational therapy (OT) component. The second is the patient’s speech language therapy (SLP) component. The third is the nursing component classification. The fourth is the NTA component classification, while the fifth is an AI code.
The upshot to this is that different clinical categories can result in significant reimbursement differences. For example, consider the major joint replacement or spinal surgery clinical category. That clinical category is a major medical service, which can translate to a $42-a-day increase in reimbursement. For a 20-day stay, that clinical category would increase reimbursement by $840. You want to pick up on this type of surgery.
I received a question after a recent program segment asking whether swing beds will be affected by PDPM. In most hospitals, the answer is yes. The exception is critical access hospitals (CAHs), which will remain cost-based for their swing beds.
Final Rule: “Accordingly, all non-CAH swing-bed rural hospitals have now come under the SNF PPS. Therefore, all rates and wage indexes outlined in earlier sections of this final rule for the SNF PPS also apply to all non-CAH swing- bed rural hospitals.”
The latest changes in the MDS for swing-bed rural hospitals appear on the SNF PPS website at: http://www.cms.gov/Medicare/Medicare-Fee-for-Service-Payment/SNFPPS/index.html
Listen to healthcare attorney Knicole Emanuel every Monday on Monitor Monday, 10-10:30 a.m. EST.
“Medicare for All” is the talk of the town. People are either strong proponents or avid naysayers. Most of the articles that I have seen that have discussed Medicare for All writes about it as if it is a medical diagnosis and “cure-all” for the health care disease debilitating our country. Others articles discuss the amount Medicare for All will cost the taxpayers.
I want to look at Medicare for All from a different perspective. I want to discuss Medicare for All from the health care providers’ perspectives – those who already accept Medicare and those who, currently, do not accept Medicare, but may be forced to accept Medicare under the proposed Medicare for All and the legality or illegality of it.
I want to explore the implementation of Medicare for All by using my personal dentist as an example. When I went to my dentist, Dr. L, today, who doesn’t accept Medicare or Medicaid, he was surprised to hear from the patient (me) in whom he was inserting a crown (after placing a long needle in my mouth to numb my mouth, causing great distress and pain) that he may be forced to accept Medicare in the near future. “I made the decision a long time ago to not accept Medicare or Medicaid,” he said. “Plus, Medicare doesn’t even cover dental services, does it?”
While Medicare doesn’t cover most dental care, dental procedures, or supplies, like cleanings, fillings, tooth extractions, dentures, dental plates, or other dental devices, Medicare Part A (Hospital Insurance) will pay for certain dental services that you get when you’re in a hospital. Part A can pay for inpatient hospital care if you need to have emergency or complicated dental procedures, even though the dental care isn’t covered. However, some Medicare Advantage Plans (Part C) offer extra benefits that original Medicare doesn’t cover – like vision, hearing, or dental. Theoretically, Medicare for All will cover dental services since Part C covers dental, although, there is a question as to how exactly Medicare for All will/would work. Who knows whether dental services would be included in Medicare for All – this is just an example. Insert any type of medical service in lieu of dental, if you wish.
Dr. L had made the decision not accept Medicaid or Medicare. He only accepts private pay or cash pay. If Medicare for All is implemented, Dr. L’s decision to not accept Medicare will no longer be his decision; it would be the government’s decision. The rates that Dr. L charges now and receives for reimbursements now could be slashed in half without Dr. L’s consent or business plan.
In a 2019 RAND study, researchers examined payment and claims data from 2015 to 2017 representing $13 billion in healthcare spending across 25 states at about 1,600 hospitals. The study showed that private insurers pay 235% of Medicare in 2015 to 241% of Medicare in 2017. The statistics differ state to state. In some states private pay reimbursed as low as 150% of Medicare, while in others private pay reimbursed up to 400% of Medicare.
To show how many providers are adverse to accepting Medicare: In 2000, nearly 80% of health care providers were taking new Medicare patients. By 2012, that number dropped to less than 60%. Currently, less than 40% of the health-care system are government run and nearly 33% of doctors won’t see new Medicaid patients. Medicare patients frequently have difficulty finding a new primary-care doctor.
My question is –
Is it legal for the government to force health care providers to accept Medicare rates by issuing a Medicare for All system?
An analogy would be that the government forced all attorneys to charge under $100/hour, or all airplane flights to be $100, or all restaurants to charge a flat fee that is determined by the government. Is this what our country has transformed into? A country in which the government determines the prices of services and products?
Let me be clear and and rebut what some readers will automatically think. This is not simply an anti-Medicare for All blog. Shoot, I’d love to get health care services for free. Instead, I am reviewing Medicare for All from a legal and constitutional perspective to discuss whether government implemented reimbursement rates will/would be legal. Or would government implemented reimbursement rates violate due process, the right to contract, the right to pursue a career, the right to life, liberty, and the pursuit of happiness, and/or our country’s history of capitalism.
The consequences of accepting Medicare can be monumental. Going back to Dr. L, due to the massive decrease of reimbursement rates under Medicare, he may be forced to downsize his staff, stop investing in high tech devices to advance the practice of dentistry, take less of a salary, and, perhaps, work more to offset the reimbursement rate reduction.
Not to mention the immense regulatory oversight, including audits, documentation productions, possible suspensions of Medicare contracts or accusations of credible allegations of fraud that comes hand in hand with accepting Medicare.
I don’t think there is one particular law that would allow or prohibit Medicare for All requiring health care providers to accept Medicare reimbursements, even against their will. Although I do think there is potential for a class action lawsuit on behalf of health care providers who have decided to not accept Medicare if they are forced to accept Medicare in the future.
I do not believe that Medicare for All will ever be implemented. Just think of a world in which there is no need for private insurance companies…a utopia, right? But the private health care insurance companies have enough money and enough sway to keep Medicare for All at bay. Hospitals and the Hospital Association will also have some input regardless the implementation of Medicare for All. Most hospitals claim that, under Medicare for All, they would close.
Regardless the conversation is here and will, most likely, be a highly contested issue in our next election.
Understanding why there’s a need for auditing the auditors.
I frequently encounter complaints by healthcare providers that when they are undergoing Recovery Audit Contractor (RAC), Medicare Administrative Contractor (MAC), and, more recently, the Targeted Probe-and-Educate (TPE) audits, the auditors are getting it wrong. That’s as in, during a RAC audit, the auditor finds claims noncompliant, for example, for not having medical necessity – but the provider knows unequivocally that the determination is dead wrong. So the question that I get from the providers is whether they have any legal recourse against the RAC or MAC finding noncompliance, besides going through the tedious administrative action, which we all know can take upwards of 5-7 years before reaching the third administrative level.
To which, now, upon a recent discovery in one of my cases, I would have responded that the only other option for relief would be obtaining a preliminary injunction in federal court. To prove a preliminary injunction in federal court, you must prove: a) a likelihood of success on the merits; and b) that irreparable harm would be incurred without the injunction; i.e., that your company would be financially devastated, or even threatened with extinction.
The conundrum of being on the brink of financial ruin is that you cannot afford a legal defense if you are about to lose everything.
This past month, I had a completely different legal strategy, with a different result. I am not saying that this result would be reached by all healthcare providers that disagree with the results of their RAC or MAC or TPE audit, but I now believe that in certain extreme circumstances, this alternative route could work, as it did in my case.
When this particular client hired me, I quickly realized that the impact of the MAC’s decision to rescind the client’s Medicare contract was going to do more than the average catastrophic outcomes resulting from a rescission of a Medicare contract. First, this provider was the only provider in the area with the ability to perform certain surgeries. Secondly, his practice consisted of 90 percent of Medicare. An immediate suspension of Medicare would have been devastating to his practice. Thirdly, the consequence of these Medicaid patients not undergoing this particular and highly specialized surgery was dire. This trifecta sparked a situation in which, I believed, that even a Centers for Medicare & Medicaid Services (CMS) employee (who probably truly believed that the negative findings cited by the RAC or MAC were accurate) may be swayed by the exigent circumstances.
I contacted opposing counsel, who was the attorney for CMS. Prior to this situation, I had automatically assumed that non-litigious strategies would never work. Opposing counsel listened to the facts. She asked that I draft a detailed explanation as to the circumstances. Now, concurrently, I also drafted this provider’s Medicare appeal, because we did not want to lose the right to appeal. The letter was definitely detailed and took a lot of time to create.
In the end, CMS surprised me and we got the Medicare contract termination overturned within months, not years, and without expensive litigation.
(Originally published on RACMonitor)
Let’s talk targeted probe-and-educate (TPE) audits. See on RACMonitor as well.
TPE audits have turned out to be “wolf audits” in sheep’s clothing. The Centers for Medicare & Medicaid Services (CMS) asserted that the intent of TPE audits is to reduce provider burden and appeals by combining medical review with provider education.
But the “education” portion is getting overlooked. Instead, the Medicare Administrative Contractors (MACs) resort to referring healthcare providers to other agencies or contractors for “other possible action,” including audit by a Recovery Audit Contractor (RAC), which can include extrapolation or referral to the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) for investigation of fraud. A TPE audit involves up to three rounds of review, conducted by a MAC. Once Congress was instructed that RAC audits are not fair, and providers complained that RAC auditors did not help with education, CMS came up with TPE audits – which, supposedly, had more of an educational aspect, and a more fair approach. But in reality, the TPE audits have created an expensive, burdensome, cyclical pattern that, again, can result in RAC audits. The implementation of TPE audits has been just as draconian and subjective as RAC audits. The penalties can be actually worse than those resulting from RAC audits, including termination from the Medicare program. In this article, I want to discuss the appeal process and why it is important to appeal at the first level of audit.
Chapter Three, Section 3.2.5 of the Medicare Program Integrity Manual (MPIM) outlines the requirements for the TPE process, which leaves much of the details within the discretion of the MAC conducting the review. The MACs are afforded too much discretion. Often, they make erroneous decisions, but providers are not pushing back. A recent one-time notification transmittal provides additional instructions to MACs on the TPE process: CMS Transmittal 2239 (Jan. 24, 2019).
Providers are selected for TPE audit based on data analysis, with CMS instructing MACs to target providers with high denial rates or claim activity that the contractor deems unusual, in comparison to peers. These audits are generally performed as a prepayment review of claims for a specific item or service, though relevant CMS instructions also allow for post-payment TPE audits.
A TPE round typically involves a review of a probe sample of between 20 and 40 claims. Providers first receive notice that they have been targeted by their MAC, followed by additional documentation requests (ADRs) for the specific claims included in the audit.
The MACs have sole discretion as to which providers to target, whether claims meet coverage requirements, what error rate is considered compliant, and when a provider should be removed from TPE. Health care providers can be exposed to future audits and penalties based merely on the MAC’s resolve, and before the provider has received due process through their right to challenge claim denials in an independent appeals process. In this way, the MACs’ misinterpretation of the rules and misapplication of coverage requirements can lead to further audits or disciplinary actions, based on an erroneous determination that is later overturned. Similarly, while the educational activities are supposedly meant to assist providers in achieving compliance, in reality, this “education” can force providers to appear to acknowledge error findings with which they may disagree – and which may ultimately be determined to be wrong. Often times, the MACs – for “educational purposes” – require the provider to sign documentation that admits alleged wrongdoing, and the provider signs these documents without legal counsel, and without the understanding that these documents can adversely affect any appeal or future audits.
The MACs have the power, based on CMS directive, to revoke billing privileges based on a determination that “the provider or supplier has a pattern or practice of submitting claims that fail to meet Medicare requirements.” 42 C.F.R. § 424.535(a)(8)(ii). This language shows that TPE audit findings can be used as a basis for a finding of abuse of billing privileges, warranting removal from participation in the Medicare program. CMS guidance also gives the MACs authority to refer providers for potential fraud investigation, based on TPE review findings. It is therefore vital that providers submit documentation in a timely fashion and build a clear record to support their claims and compliance with Medicare requirements.
TPE audits promise further education and training for an unsuccessful audit (unsuccessful according to the MAC, which may constitute a flawed opinion), but most of the training is broad in nature and offered remotely – either over the phone, via web conference, or through the mail, with documentation shared on Google Docs. Only on atypical occasions is there an on-site visit.
Why appeal? It’s expensive, tedious, time-consuming, and emotionally draining. Not only that, but many providers are complaining that the MACs inform them that the TPE audit results are not appealable (TPE audits ARE appealable).
TPE reviews and TPE audit overpayment determinations may be appealed through the Medicare appeals process. The first stage of appeal will be to request a redetermination of the overpayment by the MAC. If the redetermination decision is unfavorable, Medicare providers and suppliers may request an independent review by filing a request for reconsideration with the applicable Qualified Independent Contractor (QIC). If the reconsideration decision is unfavorable, Medicare providers and suppliers are granted the opportunity to present their case in a hearing before an administrative law judge (ALJ). While providers or suppliers who disagree with an ALJ decision may appeal to the Medicare Appeals Council and then seek judicial review in federal district court, it is crucial to obtain experienced healthcare counsel to overturn the overpayment determination during the first three levels of review.
Appealing unfavorable TPE audits results sends a message. Right now, the MACs hold the metaphoric conch shell. The Medicare appeals process allows the provider or supplier to overturn the TPE audit overpayment, and reduces the likelihood of future TPE reviews, other Medicare audits, and disciplinary actions such as suspension of Medicare payments, revocation of Medicare billing privileges, or exclusion from the Medicare program. In instances when a TPE audit identifies potential civil or criminal fraud, it is essential that the Medicare provider or supplier engage experienced healthcare counsel to appeal the Medicare overpayment as the first step in defending its billing practices, and thus mitigating the likelihood of fraud allegations (e.g., False Claims Act actions).
CMS and the MACs maintain that TPEs are in the providers’ best interest because education is included. In actuality, TPEs are wolves in sheep’s clothing, masking true repercussions in a cloak of “education.” The Medicare appeal process is a provider’s best weapon.
HIPAA mandates the privacy of private health care records. HIPAA is a serious issue, both financially and in the risk-management aspect, for health care providers. Providers need to delegate annual funds to the defense of regulatory audits proactively – before the actual adverse action occurs. Because it’s not an “if;” it’s a “when,” when you accept Medicare/caid. In the Medicare/caid world, HIPAA violations can catastrophically render a company dead for an infraction. In the current days of technical, daily advances and allegations of cybersecurity breaches, health care providers must be cognizant of cyber criminals, their intent, their modus operandi, and what personal/company information is valuable to such criminals. The HIPAA statutes are vague and lack detailed explanations as to penalties.
In 2018, the Office for Civil Rights (OCR) issued a record-breaking $28 million in fines for HIPAA violations. The number of health care providers currently under investigation by HHS, in 2019, will be another record-breaking number.
As more and more data is maintained on computer systems, the more and more accessible the information becomes to potential scammers. In 2017, the number of cyber attacks increased exponentially to 5,207. There is actually an itemization as to how many of the attacks were germane to health care; health care breaches accounted for 8.5% of all breaches. 2.3 billion health care records have been exposed. This isn’t new. In 2015, the most healthcare records ever were breached. 113 million healthcare records were exposed that year. Now, in 2019, we may witness an all-time-high.
Human error is the number 1 reason for HIPAA violations. Employees gossiping and disclosing private health care information among each other is another culprit, along with social media and lack of training.
The largest individual HIPAA settlement was reached in October 2018, when OCR fined health insurer Anthem $16 million.
The oxymoron is that the government (Medicare/caid) and private payors are pushing for collaborative health care and the sharing of health care records amongst varying providers. Yet the possible HIPAA breaches increase with collaboration.
In April 2019, HHS randomly selected 9 HIPAA-covered entities—a mix of health plans and clearinghouses—for Compliance Reviews. The CMS Division of National Standards, on behalf of HHS, has launched a volunteer Provider Pilot Program to test the compliance review process.
The Trump administration has interpreted HIPAA penalties differently than the Obama administration did. Now HHS will apply a different cumulative annual CMP limit for the four penalties tiers in the Health Information Technology for Economic and Clinical Health (HITECH) Act.
There are four tiers of HIPAA violation severity outlined in the HITECH Act, based on the violator’s level of culpability:
Under the Obama administration, the annual limit for each tier was $1.5 million.
HIPAA penalties are appealable and with the disparate amount of penalties, it is well worth the time and expense to appeal.
Biggest RACs Changes Are Here: Learn to Avoid Denied Claims
Part II continues to explain the nuances in the changes made by CMS to its statistical sampling methodology. Originally published on RACMonitor.
The Centers for Medicare & Medicaid Services (CMS) recently made significant changes in its statistical sampling methodology for overpayment estimation. Effective Jan. 2, 2019, CMS radically changed its guidance on the use of extrapolation in audits by Recovery Audit Contractors (RACs), Medicare Administrative Contractors (MACs), Unified Program Integrity Contractors (UPICs), and the Supplemental Medical Review Contractor (SMRC).
The RAC program was created through the Medicare Modernization Act of 2003 (MMA) to identify and recover improper Medicare payments paid to healthcare providers under fee-for-service (FFS) Medicare plans. The RAC auditors review a small sample of claims, usually 150, and determine an error rate. That error rate is attributed to the universe, which is normally three years, and extrapolated to that universe. Extrapolation is similar to political polls – in that a Gallup poll will ask the opinions of 1-2 percent of the U.S. population, yet will extrapolate those opinions to the entire country.
First, I would like to address a listener’s question regarding the dollar amount’s factor in extrapolation cases. I recently wrote, “for example, if 500 claims are reviewed and one is found to be noncompliant for a total of $100, then the error rate is set at 20 percent.”
I need to explain that the math here is not “straight math.” The dollar amount of the alleged noncompliant claims factors into the extrapolation amount. If the dollar amount did not factor into the extrapolation, then a review of 500 claims with one non-compliant claim is 0.2 percent. The fact that, in my hypothetical, the one claim’s dollar amount equals $100 changes the error rate from 0.2 percent to 20 percent.
Secondly, the new rule includes provisions implementing the additional Medicare Advantage telehealth benefit added by the Bipartisan Budget Act of 2018. Prior to the new rule, audits were limited in the telehealth services they could include in their basic benefit packages because they could only cover the telehealth services available under the FFS Medicare program. Under the new rule, telehealth becomes more prominent in basic services. Telehealth is now able to be included in the basic benefit packages for any Part B benefit that the plan identifies as “clinically appropriate,” to be furnished electronically by a remote physician or practitioner.
The pre-Jan. 2, 2019 approach to extrapolation employed by RACs was inconsistent, and often statistically invalid. This often resulted in drastically overstated overpayment findings that could bankrupt a physician practice. The method of extrapolation is often a major issue in appeals, and the, new rules address many providers’ frustrations and complaints about the extrapolation process. This is not to say that the post-Jan. 2, 2019 extrapolation approach is perfect…far from it. But the more detailed guidance by CMS just provides more ways to defend against an extrapolation if the RAC auditor veers from instruction.
Thirdly, hiring an expert is a key component in debunking an extrapolation. Your attorney should have a relationship with a statistical expert. Keep in mind the following factors when choosing an expert:
- Price (more expensive is not always better, but expect the hourly rate to increase for trial testimony).
- Intelligence (his/her CV should tout a prestigious educational background).
- Report (even though he/she drafts a report, the report is not a substitute for testimony).
- Clusters (watch out for a sample that has a significant number of higher reimbursed claims. For example, if you generally use three CPT codes at an equal rate and the sample has an abnormal amount of the higher reimbursed claim, then you have an argument that the sample is an invalid example of your claims.
- Sample (the sample must be random and must not contain claims not paid by Medicaid).
- Oral skills (can he/she make statistics understandable to the average person?)
Fourthly, the new revised rule redefines the universe. In the past, suppliers have argued that some of the claims (or claim lines) included in the universe were improperly used for purposes of extrapolation. However, the pre-Jan. 2, 2019 Medicare Manual provided little to no additional guidance regarding the inclusion or exclusion of claims when conducting the statistical analysis. By contrast, the revised Medicare Manual specifically states:
“The universe includes all claim lines that meet the selection criteria. The sampling frame is the listing of sample units, derived from the universe, from which the sample is selected. However, in some cases, the universe may include items that are not utilized in the construction of the sample frame. This can happen for a number of reasons, including but not limited to:
- Some claims/claim lines are discovered to have been subject to a prior review;
- The definitions of the sample unit necessitate eliminating some claims/claim lines; or
- Some claims/claim lines are attributed to sample units for which there was no payment.”
By providing detailed criteria with which contractors should exclude certain claims from the universe or sample frame, the revised Medicare Manual will also provide suppliers another means to argue against the validity of the extrapolation.
Lastly, the revised rules explicitly instruct the auditors to retain an expert statistician when changes occur due to appeals and legal arguments.
As a challenge to an extrapolated overpayment determination works its way through the administrative appeals process, often, a certain number of claims may be reversed from the initial claim determination. When this happens, the statistical extrapolation must be revised, and the extrapolated overpayment amount must be adjusted. This requirement remains unchanged in the revised PIM; however, the Medicare contractors will now be required to consult with a statistical expert in reviewing the methodology and adjusting the extrapolated overpayment amount.
Between my first article on extrapolation, “CMS Revises and Details Extrapolation Rules,” and this follow-up, you should have a decent understanding of the revised extrapolation rules that became effective Jan. 2, 2019. But my two articles are not exhaustive. Please, click here for Change Request 10067 for the full and comprehensive revisions.
There are a lot of concerns related to “incident-to“ billing. However, for physician practices, “incident-to” billing is a money maker, which, in the world, of sub-par Medicare reimbursement rates is a minute ray of sunshine in an otherwise eclipsed land. Auditors argue that there are fraud and abuse concerns because practices ignore or are confused about the rules and bill everything “incident-to“regardless of the conditions being met. This can result in a nasty audit, as well as substantial fines, penalties, and attorneys’ fees. If you bill “incident-to,” just follow the rules…unless those rules are eliminated. Until possible elimination, keep up with the rules, which can differ depending on the auditor in the region.
Recently, people have been pushing for Medicare reform to include disallowing nurse practitioners (NPs) and physician assistants (PAs) from billing “incident-to.” Proponents of the suggested amendment claims that the recommendation would save the Medicare program money — approximately $50 to $250 million annually and just under $1 billion over 5 years.
The number of NPs who bill Medicare has more than doubled, from 52,000 to 130,000 from 2010 to 2017
What is “incident-to” billing?
In colloquialism, “incident-to” billing allows non-physician providers (NPPs) to report services “as if” they were performed by a physician. The NPP stands in the shoes of the physician. The advantage is that, under Medicare rules, covered services provided by NPPs typically are reimbursed at 85% of the fee schedule amount; whereas, services properly reported “incident-to” are reimbursed at the full fee schedule value.
In legalize, “incident-to” services under §1861(s)(2)(A) of the Social Security Act are provided by NPPs as a part of the services provided directly by the physician, but billed as if they were in fact performed by the physician. Several, legal, threshold requirements must be satisfied before billing eligibility for these services is established.
Billing using “incident-to” can be a huge money-maker for providers. If billed incorrectly, it can also be a provider’s financial downfall.
“Incident-to” billing can only apply to established patients. Not new patients. Not consults. The other non-negotiable factor is that the physician who is supervising must be on-site. Not a phone call away. Not grabbing a burger at a local eatery. On-site. Although with hospitals, the cafeteria is a viable option. I foresee, in the future, telehealth and Skype may change this on-site requirement. The incident-to rules also require that the services be part of a patient’s normal course of treatment. The rules require that the physician remains actively involved in the patient’s course of treatment. There must be direct supervision. Direct supervision = on-site. The following services cannot be billed as “incident-to:”
- new patient visits
- visits in which an established patient is seen for a new problem
- visits in which the treatment provided or prescribed is not a part of the treatment plan established by a physician
- services provided in the hospital or ambulatory surgery center.
Do not confuse “incident-to” with Medicare patients versus Medicaid patients. MediCAID’s regulations for the coverage of MD services vary significantly than Medicare’s rules and requires direct contact with the patient with exceptions.
Here is a question that I often get: “When billing “incident-to,” do you bill “incident to” the physician who is physically on-site that day or the physician who is overseeing that patient’s care? Both physicians are in the same group and it is billed under the Group NPI, but not sure which physician to reference for “incident-to.”
Answer: Bill under the MD who is on-site. This was addressed by the Center for Medicare and Medicaid Services (CMS) in the 2016 Physician Fee Schedule Final Rule.
The Medicare Benefit Policy Manual addresses the “incident-to” rules for each provider type and in any scenario:
- Section 60 contains policies for services furnished incident to physicians’ services in the physician’s office.
- Chapter 6, section 20.5 enumerates the policies for therapeutic services furnished “incident-to” physicians’ services in the hospital outpatient setting.
- Section 80 states the policies for diagnostic tests in the physician’s office
- Chapter 6, section 20.4 lists the policies for diagnostic tests furnished in the hospital outpatient setting.
Drug Administration under “incident-to”
“The Medicare program provides limited benefits for outpatient prescription drugs. The program covers drugs that are furnished “incident to” a physician’s service provided that the drugs are not usually self-administered by the patients who take them.” Medicare Benefit Policy Manual, 50.2. Injectable drugs, including intravenously administered drugs, are typically eligible for inclusion under the “incident-to” benefit.
The Medicare Administrative Contracts (MACs) (or – auditors) must fully explain the process they will use to determine whether a drug is usually self-administered and thus does not meet the “incident-to” benefit category. The MACs must publish a list of the injectable drugs that are subject to the self-administered exclusion. If there is discrepancy amongst the MACs, a lawsuit could help.
In order to meet all the general requirements for coverage under the “incident-to” provision, an FDA approved drug or biological must:
- Be of a form that is not usually self-administered;
- Must be furnished by a physician; and
- Must be administered by the physician, or by auxiliary personnel employed by the physician and under the physician’s personal supervision
The charge, if any, for the drug or biological must be included in the physician’s bill, and the cost of the drug or biological must represent an expense to the physician.
“Incident-to” billing is subject to elimination. The difference in billing “incident-to” is a 100% reimbursement rate versus an 85% reimbursement rate. That 15% difference cannot be passed onto the Medicare recipients.
While “incident-to” billing continues to be allowed, it is imperative to keep up with the ever changing rules.
The ADR rule went into effect Jan. 1, 2019. Original blog post published March 6, 2019, on RACMonitor.
The Centers for Medicare & Medicaid Services (CMS) has updated its criteria for additional document requests (ADRs). If your ADR “cycle” is less than 1, CMS will round it up to 1.
What is an ADR cycle?
When a claim is selected for medical review, an ADR is generated requesting medical documentation be submitted to ensure payment is appropriate. Documentation must be received by CGS (A Celerian Group Company) within 45 calendar days for review and payment determination. Any selected and submitted claim can create an ADR. In other words, a provider is asked to prove that the service was rendered and that the billing was compliant.
It is imperative to understand that you, as the provider, check the Fiscal Intermediary Standard System (FISS) status/location S B6001. Providers are encouraged to use FISS Option 12 (Claim Inquiry) to check for ADRs at least once per week. You will not receive any other form of notification for an ADR.
To make matters even more confusing, there are two different types of ADRs: medical review (reason code 39700) and non-medical review (reason code 39701).
An ADR may be sent by CGS, Zone Program Integrity Contractors (ZPICs), Recovery Audit Contractors (RACs), Supplemental Medical Review Contractors (SMRCs), the Comprehensive Error Rate Testing (CERT) contractor, etc. When a claim is selected for review or when additional documentation is needed to complete the claim, an ADR letter is generated requesting that documentation and/or medical records be submitted.
The ADR process is essentially a type of prepayment review.
A baseline annual ADR limit is established for each provider based on the number of Medicare claims paid in the previous 12-month period that are associated with the provider’s six-digit CMS Certification Number (CCN) and the provider’s National Provider Identifier (NPI) number. Using the baseline annual ADR limit, an ADR cycle limit is also established.
After three 45-day ADR cycles, CMS will calculate (or recalculate) a provider’s denial rate, which will then be used to identify a provider’s corresponding “adjusted” ADR limit. Auditors may choose to either conduct reviews of a provider based on their adjusted ADR limit (with a shorter lookback period) or their baseline annual ADR limit (with a longer lookback period).
The baseline, annual ADR limit is one-half of one percent of the provider’s total number of paid Medicare service types for which the provider had reimbursed Medicare claims.
Effective Jan. 1, 2019, providers whose ADR cycle limit is less than 1, even though their annual ADR limit is greater than 1, will have their ADR cycle limit round up to 1 additional documentation request per 45 days, until their annual ADR limit has been reached.
For example, say Provider ABC billed and was paid for 400 Medicare claims in a previous 12-month period. The provider’s baseline annual ADR limit would be 400 multiplied by 0.005, which is two. The ADR cycle limit would be 2/8, which is less than one. Therefore, Provider ABC’s ADR cycle limit will be set at one additional documentation request per 45 days, until their annual ADR limit, which in this example is two, has been reached. In other words, Provider ABC can receive one additional documentation request for two of the eight ADR cycles, per year.
ADR letters are sent on a 45-day cycle. The baseline annual ADR limit is divided by eight to establish the ADR cycle limit, which is the maximum number of claims that can be included in a single 45-day period. Although auditors may go more than 45 days between record requests, in no case shall they make requests more frequently than every 45 days.
And that is the update on ADRs. Remember, the rule changed Jan. 1, 2019.
So many memos, so little time. Federal prosecutors receive guidance on how to prosecute. Maybe “guidance” is too loose a term. There is a manual to follow, and memos are just guidance until the memos are incorporated into what is known as the Justice Manual. Memos are not as binding as the Justice Manual, but memos are persuasive. For the last 22 years, the Justice Manual has not been revised to reflect the many, many memos that have been drafted to direct prosecutors on how to proceed. Until recently…
Justice Manual Revised
The Justice Manual, which is the manual that instructs federal prosecutors how to proceed in cases of Medicare and Medicaid fraud, has been revised for the first time since 1997. The Justice Manual provides internal Department of Justice (DOJ) rules.
The DOJ has new policies for detecting Medicare and Medicaid fraud and abuse. Some of these policies are just addendums to old policies. Or formal acceptance to old memos. Remember the Yates Memo? The Yates Memo directed prosecutors to indict executives, individually, of fraudulent companies instead of just going after the company.
The Yates Memo has now been codified into the Justice Manual.
Then came the Granston Memo – In a January 10, 2018, memo (the “Granston Memo”), the DOJ directed its prosecutors to more seriously consider dismissing meritless False Claims Act (“FCA”) cases brought by whistleblowers. It lists 7 (non-exhaustive) criteria for determining whether the DOJ should dismiss a qui tam lawsuit. The reasoning behind the Granston Memo is that whistleblower lawsuits have risen over 600 cases per year, but the government’s involvement has not mirrored the raise. This may indicate that many of the whistleblower lawsuits are frivolous and filed for the purpose of financial gain, even if the money is not warranted. Remember qui tam relators (people who bring lawsuits against those who mishandle tax dollars, are rewarded monetarily for their efforts…and, usually, the reward is not a de minimus amount. In turn, people are incentivized to identify fraud and abuse against the government. At least, according to the Granston Memo, the financial incentive works too well and frivolous lawsuits are too prevalent.
The Granston Memo has also been codified into the Justice Manual.
Talk about an oxymoron…the Yates Memo instructs prosecutors to pursue claims against more people, especially those in the executive positions for acts of the company. The Granston Memo instructs prosecutors to more readily dismiss frivolous FCA allegations. “You’re a wigwam. You’re a teepee. Calm down, you’re just two tents (too tense).” – a horrible joke that my husband often quips. But this horrible quote is apropos to describe the mixed messages from DOJ regarding Medicare and Medicaid fraud and abuse.
The Brand Memo, yet another memo that we saw come out of CMS, instructs prosecutors not to use noncompliance as subject to future DOJ enforcement actions. In other words, agency guidance does not cannot create binding legal requirements. Going forward, the DOJ will not enforce recommendations found in agency guidance documents in civil actions. Relatedly, DOJ will not use noncompliance with agency guidance to “presumptively or conclusively” establish violations of applicable law or regulations in affirmative civil enforcement cases.
The Brand Memo was not incorporated into the Justice Manual. It also was not repudiated.
Medicare/caid Audit Targets Broadened
Going forward, traditional health care providers will not be the only targets – Medicare Advantage plan, EHR companies, and private equity owners – will all be audited and reviewed for fraud and abuse. Expect more audits with wider nets to catch non-provider targets to increase now that the Yates Memo was codified into the Justice Manual.
Anti-Kickback Statute, Stark Law, and HIPAA Narrowed
The Stark Law (42 U.S.C. 1395nn) and the Anti-Kickback Statute (42 U.S.C. §1320a‑7b(b)) exist to minimize unneeded or over-utilization of health-care services payable by the federal government. Stark Law and the Anti-Kickback regulations criminalize, impose civil monetary penalties, or impose other legal sanctions (such as termination from Medicare) against health care providers and other individuals who violate these laws. These laws are esoteric (which is one reason that I have a job) and require careful navigation by specialized legal counsel. Accidental missteps, even minute documentation errors, can lead to harsh and expensive results.
In a health care world in which collaboration among providers is being pushed and recommended, the Anti-Kickback, Stark, and HIPAA laws are antiquated and fail to recognize the current world. Existing federal health-care fraud and abuse laws create a “silo effect” that requires mapping and separating financial interests of health-care providers in order to ensure that patient referrals cannot be tainted by self-interest. Under Stark, a strict liability law, physicians cannot make a referral for the provision of “designated health services” to an entity with which they have a financial relationship (unless one of approximately 30 exceptions applies). In other words, for example, a hospital cannot refer patients to the home health care company that the hospital owns.
Going forward – and this has not happened yet – regulators and the Department will begin to claw back some of the more strict requirements of the Stark, Anti-Kickback, and HIPAA regulations to decrease the “silo effect” and allow providers to collaborate more on an individual’s whole health method. I had an example of this changing of the tide recently with my broken leg debacle. See blog. After an emergency surgery on my leg by an orthopedic surgeon because of a contracted infection in my wound, my primary care physician (PCP) called to check on me. My PCP had nothing to do with my leg surgery, or, to my knowledge, was never informed of it. But because of new technology that allows patient’s records to be accessed by multiple providers in various health care systems or practices, my PCP was informed of my surgery and added it to my chart. This never could have happened 20 years ago. But this sharing of medical records with other providers could have serious HIPAA implications if some restrictions of HIPAA are not removed.
In sum, if you haven’t had the pleasure of reading the Justice Manual in a while, now would be an appropriate time to do so since it has been revised for the first time in 22 years. This blog does not enumerate all the revisions to the Justice Manual. So it is important that you are familiar with the changes…or know someone who is.