Blog Archives

The Reality of Prepayment Review and What To Do If You Are Tagged – You’re It!

Prepayment review is a drastic tool (more like a guillotine) that the federal and state governments via hired contractors review the documentation supporting services for Medicare and Medicaid prior to the provider receiving reimbursement. The providers who are placed on prepayment review are expected to continue to render services, even if the provider is not compensated. Prepayment review is a death sentence for most providers.

The required accuracy rating varies state to state, but, generally, a provider must meet 75% accuracy for three consecutive months.

In the governments’ defense, theoretically, prepayment review does not sound as Draconian as it is. Government officials must think, “Well, if the provider submits the correct documentation and complies with all applicable rules and regulations, it should be easy for the provider to meet the requirements and be removed from prepayment review.” However, this false reasoning only exists in a fantasy world with rainbows and gummy bears. Real life prepayment review is vastly disparate from the rainbow and gummy bears prepayment review.

In real life prepayment review:

  • The auditors may use incorrect, inapplicable, subjective, and arbitrary standards.

I had a case in which the auditors were denying 100% ACTT services, which are 24-hour mental health services for those 10% of people who suffer from extreme mental illness. The reason that the auditor was denying 100% of the claims was because “lower level services were not tried and ruled out.” In this instance, we have a behavioral health care provider employing staff to render ACTT services (expensive), actually rendering the ACTT services (expensive), and getting paid zero…zilch…nada…for a reason that is not required! There is no requirement that a person receiving ACTT services try a lower level of service first. If the person qualifies for ACTT, the person should receive ACTT services. Because of this auditor’s misunderstanding of ACTT, this provider was almost put out of business.

Another example: A provider of home health was placed on prepayment review. Again, 90 – 100% of the claims were denied. In home health, program eligibility is determined by an independent assessment conducted by the Division of Medical Assistance (DMA) via Liberty, which creates an individualized plan of care. The provider submitted claims for Patient Sally, who, according to her plan, needs help dressing. The service notes demonstrated that the in-home aide helped Sally dress with a shirt and pants. But the auditor denies every claim the provider bills for Sally (which is 7 days a week) because, according to the service note, the in-home aide failed to check the box to show she/he helped put on Sally’s shoes. The auditor fails to understand that Sally is a double amputee – she has no feet.

Quis custodiet ipsos custodes – Who watches the watchmen???

  • The administrative burden placed on providers undergoing prepayment review is staggering.

In many cases, a provider on prepayment review is forced to hire contract workers just to keep up with the number of document requests coming from the entity that is conducting the prepayment review. After initial document requests, there are supplemental document requests. Then every claim that is denied needs to be re-submitted or appealed. The amount of paperwork involved in prepayment review would cause an environmentalist to scream and crumple into the fetal position like “The Crying Game.”

  • The accuracy ratings are inaccurate.

Because of the mistakes the auditors make in erroneously denying claims, the purported “accuracy ratings” are inaccurate. My daughter received an 86 on a test. Given that she is a straight ‘A’ student, this was odd. I asked her what she got wrong, and she had no idea. I told her to ask her teacher the next day why she received an 86. Oops. Her teacher had accidentally given my daughter an 86; the 86 was the grade of another child in the class with the same first name. In prepayment review, the accuracy ratings are the only method to be removed from prepayment, so the accuracy of the accuracy ratings is important. One mistaken, erroneously denied claim damages the ratings, and we’ve already discussed that mistakes/errors occur. You think, if a mistake is found, call up the auditing entity…talk it out. See below.

  • The communication between provider and auditor do not exist.

Years ago my mom and I went to visit relatives in Switzerland. (Not dissimilar to National Lampoon’s European Vacation). They spoke German; we did not. We communicated with pictures and hand gestures. To this day, I have no idea their names. This is the relationship between the provider and the auditor.

Assuming that the provider reaches a live person on the telephone:

“Can you please explain to me why claims 1-100 failed?”

“Don’t you know the service definitions and the policies? That is your responsibility.”

“Yes, but I believe that we follow the policies. We don’t understand why these claims are denied. That’s what I’m asking.”

“Read the policy.”

“Not helpful.”

  • The financial burden on the provider is devastating.

If a provider’s reimbursements are 80 – 100% reliant on Medicaid/care and those funds are frozen, the provider cannot meet payroll. Yet the provider is expected to continue to render services. A few years ago, I requested from NC DMA a list of providers on prepayment review and the details surrounding them. I was shocked at the number of providers that were placed on prepayment review and within a couple months ceased submitting claims. In reality, what happened was that those providers were forced to close their doors. They couldn’t financially support their company without getting paid.

Ok, now we know that prepayment review can be a death sentence for a health care provider. How can we prepare for prepayment review and what do we do if we are placed on prepayment review?

  1. Create a separate “what if” savings account to pay for attorneys’ fees. The best defense is a good offense. You cannot prevent yourself from being placed on prepayment review – there is no rhyme or reason for such placement. If you believe that you will never get placed on prepayment review, then you should meet one of my partners. He got hit by lightning – twice! (And lived). So start saving! Legal help is a must. Have your attorney on speed dial.
  2. Self-audit. Be proactive, not reactive. Check your documents. If you use an electronic records system, review the notes that it is creating. If it appears that all the notes look the same except for the name of the recipient, fix your system. Cutting and pasting (or appearing to cut and paste) is a pitfall in audits. Review the notes of the highest reimbursement code. Most likely, the more the reimbursement rate, the more likely to get flagged.
  3. Implement an in-house policy about opening the mail and responding to document requests. This sounds self evident, but you will be surprised how many providers have multiple people getting and opening the mail. The employees see a document request and they want to be good employees – so they respond and send the documents. They make a mistake and BOOM – you are on prepayment review. Know who reviews the mail and have a policy for notifying you if a document request is received.
  4. Buck up. Prepayment review is a b*^%$. Cry, pray, meditate, exercise, get therapy, go to the spa, medicate…whatever you need to do to alleviate stress – do it.
  5. Do not think you can get off prepayment review alone and without help. You will need help. You will need bodies to stand at the copy machine. You will need legal help. Do not make the mistake of allowing the first three months pass before you contact an attorney. Contact your attorney immediately.

Appealing Adverse Decisions: Should We Reconsider the Medicaid Provider Reconsideration Review?

What if you had to appeal traffic citations through the police officer who pulled you over before you could defend yourself before an impartial judge? That would be silly and a waste of time. I could not fathom a time in which the officer would overturn his/her own decision.

“No, officer, I know you claim that I was speeding, but the speed limit on Hwy 1 had just increased to 65. You were wrong when you said the speed limit was 55.”

“Good catch, citizen. You’re right; I’m wrong. Let’s just rip up this speeding ticket.”

Not going to happen.

The same is true when it comes to decisions by the Department of Health and Human Service (DHHS) to sanction or penalize a Medicaid provider based on alleged provider abuse (otherwise known as documentation errors). If DHHS determines that you owe $800,000 because your service notes are noncompliant, I am willing to bet that, upon its own reconsideration, the decision will be upheld. Asking for reconsideration review from the very same entity that decided the sanction or penalty is akin to doing something over and over and expecting different results (definition of insanity?).

But – are informal reconsideration reviews required by law to fight an adverse decision before you may appear before an administrative law judge?

The reason that you should care whether the reconsideration reviews are required by law is because the process is time consuming, and, often, the adverse determination is in effect during the process. If you hire an attorney, it is an expensive process, but one that you will not (likely) win. Generally, I am adverse to spending time and money on something that will yield nothing.

Before delving into whether reconsideration reviews are required by law, here is my caveat: This issue has not been decided by our courts. In fact, our administrative court has rendered conflicting decisions. I believe that my interpretation of the laws is correct (obviously), but until the issue is resolved legally, cover your donkey (CYA), listen to your attorney, and act conservatively.

Different laws relate to whether the adverse decision is rendered by the DHHS or whether the adverse decision is rendered by a managed care organization (MCO). Thus, I will divide this blog into two sections: (1) reconsiderations to DHHS; and (2) reconsiderations to an MCO.

Appealing DHHS Adverse Determinations

When you receive an adverse decision from DHHS, you will know that it is from DHHS because it will be on DHHS letterhead (master of the obvious).

DHHS letterhead

10A NCAC 22F .0402 states that “(a) Upon notification of a tentative decision the provider will be offered, in writing, by certified mail, the opportunity for a reconsideration of the tentative decision and the reasons therefor. (b) The provider will be instructed to submit to the Division in writing his request for a Reconsideration Review within fifteen working days from the date of receipt of the notice. Failure to request a Reconsideration Review in the specified time shall result in the implementation of the tentative decision as the Division’s final decision.”

As seen above, our administrative code recommends that a Medicaid provider undergo the informal reconsideration review process through DHHS to defend a sanction or penalty before presenting before an impartial judge at the Office of Administrative Hearings (OAH). I will tell you, having gone through hundreds upon hundreds of reconsideration reviews, DHHS does not overturn itself. The Hearing Officers know who pay their salaries (DHHS). The reconsideration review ends up being a waste of time and money for the provider, who must jump through the “reconsideration review hoop” prior to filing a petition for contested case.

Historically, attorneys recommend that provider undergo the reconsideration review for fear that an Administrative Law Judge (ALJ) at OAH would dismiss the case based on failure to exhaust administrative remedies. But upon a plain reading of 10A NCAC 22F .0402, is it really required? Look at the language again. “Will be offered” and “the opportunity for.” And what is the penalty for not requesting a reconsideration review? That the tentative decision becomes final – so you can petition to OAH the final decision.

My interpretation of 10A NCAC 22F .0402 is that the informal reconsideration review is an option, not a requirement.

Now, N.C. Gen. Stat. 150B-22 states that “[i]t is the policy of this State that any dispute between an agency and another person that involves the person’s rights, duties, or privileges, including licensing or the levy of a monetary penalty, should be settled through informal procedures. In trying to reach a settlement through informal procedures, the agency may not conduct a proceeding at which sworn testimony is taken and witnesses may be cross-examined. If the agency and the other person do not agree to a resolution of the dispute through informal procedures, either the agency or the person may commence an administrative proceeding to determine the person’s rights, duties, or privileges, at which time the dispute becomes a “contested case.””

It is clear that our State’s policy is that a person who has a grievance against an agency; i.e., DHHS, attempts informal resolution prior to filing an appeal at OAH. Notice that N.C. Gen. Stat. 150B-22 is applicable to any dispute between “an agency and another person.” “Agency” is defined as “an agency or an officer in the executive branch of the government of this State and includes the Council of State, the Governor’s Office, a board, a commission, a department, a division, a council, and any other unit of government in the executive branch. A local unit of government is not an agency.”

Clearly, DHHS is an “agency,” as defined. But an MCO is not a department; or a board; or a commission; or a division; or a unit of government in the executive branch; or a council. Since the policy of exhausting administrative remedies applies to DHHS, are you required to undergo an MCO’s reconsideration review process?

Appealing an MCO Adverse Determination

When you receive an adverse decision from an MCO, you will know that it is from an MCO because it will be on the MCO’s letterhead (master of the obvious).

For example:

trillium

There is a reason that I am emphasizing the letterhead. It is because DHHS contracts with a number of vendors. For example, DHHS contracts with Public Consulting Group (PCG), The Carolina Center for Medical Excellence (CCME), HMS, Liberty, etc. You could get a letter from any one of DHHS’ contracted entities – a letter on their letterhead. For example, you could receive a Tentative Notice of Overpayment on PCG  letterhead. In that case, PCG is acting on behalf of DHHS. So the informal reconsideration rules would be the same. For MCOs, on the other hand, we obtained a Waiver from the Center for Medicare and Medicaid Services (CMS) to “waive” certain rules and to create the MCOs. Different regulations apply to MCOs than DHHS. In fact, there is an argument that N.C. Gen. Stat. 150B-22 does not apply to the MCOs because the MCOs are not an “agency.” Confusing, right? I call that job security.

Are you required to undergo the MCO’s internal reconsideration review process prior to filing a petition for contested case at OAH?

Your contract with the MCO certainly states that you must appeal through the MCO’s internal process. The MCO contracts with providers have language in them like this:

Dispute Resolution and Appeals: “The CONTRACTOR may file a complaint and/or appeals as outlined in the LME/PIHP Provider Manual promulgated by LME/PIHP pursuant to N.C. Gen. Stat. 122C-151.3 and as provided by N.C. Gen. Stat. Chapter 108C.”

I find numerous, fatal flaws in the above section. Whoever drafted this section of the contract evidently had never read N.C. Gen. Stat. 122C-151.3, which plainly states in subsection (b) “This section does not apply to LME/MCOs.” Also, the LME/PIHP does not have the legal authority to promulgate – that is a rule-making procedure for State agencies, such as DHHS. The third fatal flaw in the above section is that the LME/MCO Provider Manual is not promulgated and certainly was not promulgated not pursuant to N.C. Gen. Stat. 122C-151.3, does not apply to LME/MCOs.

Just because it is written, does not make it right.

If N.C. Gen. Stat. 150B-22 does not apply to MCOs, because MCOs are not an agency, then the State policy of attempting to resolve disputes through informal methods before going to OAH does not apply.

There is no other statute or rule that requires a provider to exhaust an MCO’s internal review process prior to filing a petition for contested case.

What does that mean IN ENGLISH??

What it means is that the MCOs contract and provider manual that create an informal one or two-step reconsideration process is not required by law or rule. You do not have to waste your time and money arguing to the MCO that it should overturn its own decision, even though the reconsideration review process may be outlined in the provider manual or your procurement contract.

OAH has agreed…and disagreed.

In Person-Centered Partnerships, Inc. v. NC DHHS and MeckLINK, No. 13 DHR 18655, the court found that “[n]either the contractual provisions in Article II, Section 5.b of the Medicaid Contract nor MeckLINK’s “Procedures for implementation of policy # P0-09 Local Reconsideration Policy” states that reconsideration review is mandatory and a prerequisite to filing a contested case.”

In another case, OAH has held that, “[c]ontract provisions cannot override or negate the protections provided under North Carolina law, specifically the appeal rights set forth in N.C. Gen. Stat. Chapter 108C. Giesel, Corbin on Contracts § 88.7, at 595 (2011) (When the law confers upon an individual a right, privilege, or defense, the assumption is that the right, privilege or defense is conferred because it is in the public interest. Thus, in many cases, it is contrary to the public interest to permit the holder of the right, privilege, or defense to waive or to bargain it away. In these situations, the attempted waiver or bargain is unenforceable.”)” Essential Supportive Services, LLC v. DHHS and its Agent Alliance Behavioral Healthcare, No. 13 DHR 20386 (NCOAH) (quoting Yelverton’s Enrichment Services, Inc., v. PBH, as legally authorized contractor of and agent for N.C. Department of Health and Human Services, 13-CVS-11337, (7 March 2014)).

However, most recently, OAH ruled in the opposite way. A provider was terminated from an MCO’s catchment area, and we immediately filed a preliminary injunction to cease the termination. As you can see from the above-mentioned cases, OAH had not considered the reconsideration review mandatory. But, this time, the Judge found that the “contractual provision in [the MCO’s] contract with Petitioner, which provides for a local reconsideration review, is a valid and binding provision within the contract.”

So, again, the law is as clear as two and two adding up to five.

For now, when you are disputing an adverse determination by an MCO requesting a reconsideration review before going to OAH is a good CYA.

Going back to the traffic example at the  beginning of the blog, my husband was pulled for speeding a few weeks ago. I was surprised because, generally, he does not speed. He is a usually conscientious and careful driver. When the officer came to his window, he was genuinely confused as to the reason for the stop. In his mind, he was driving 73 mph, only 3 miles over the speed limit. In fact, he had the car on cruise control. Turns out he confused the sign for HWY 70, as a speed limit sign. The speed limit was actually 55 mph.

We did not appeal the decision.

EHR: What’s In YOUR Contract? Legal Issues You Need to Know.

Electronic health records or EHR have metamorphosed health care. Choosing a vendor can be daunting and the prices fluctuate greatly. As a provider, you probably determine your EHR platform on which vendor’s program creates the best service notes… or which creates the most foolproof way of tracking time… or which program is the cheapest.

But…what’s in YOUR contract can be legally deadly.

Regardless how you choose your EHR vendor, you need to keep the following legal issues in mind when it comes to EHR and the law:

Regulatory and Clinical Coverage Policy Compliance

Most likely, your EHR vendor does not have a legal degree. Yet, you are buying a product and assuming that the EHR program complies with applicable regulations, rules, and clinical coverage policies – whichever are applicable to your type of service. Well, guess what? These regulations, rules, and clinical coverage policies are not stagnant. They are amended, revised, and re-written more than my chickens lay eggs, but a little less often, because my chickens lay eggs every day.

Think about it – The Division of Medical Assistance (DMA) publishes a monthly Medicaid Bulletin. Every month DMA provides more insight, more explanations, more rules that providers will be held accountable to follow.

Does your EHR program update every month?

You need to review your contract and determine whether the vendor is responsible for regulatory compliance or whether you are. If you are, should you put so much faith in the EHR program?

Document Accessibility

You are required to maintain your records (depending on your type of service) anywhere from 5-10 years. Let’s say that you sign a four year contract with EHR Vendor X. The four years expires, and you hire a new EHR vendor. You are audited. But Vendor X does not allow you access to the records because you no longer have a contract with them – not their problem!

You need to ensure that your EHR contract allows you access to your documents (because they are your documents) even in the event of the contract expiring or getting terminated. The excuse that “I don’t have access to that” does not equal a legal defense.

Indemnification

This is otherwise known as the “Blame Game.” If there is a problem with regulatory compliance, as in, the EHR records do not follow the regulations, then you need to know whether the EHR vendor will take responsibility and pay, or help pay, for attorneys’ fees to defend yourself.

Like it or not, the EHR vendor does not undergo audits by the state and federal government. The EHR vendor does not undergo post and pre-payment reviews for regulatory compliance. You do. It is your NPI number that is held accountable for regulatory compliance.

You need to check whether there is an indemnification clause in the EHR contract. In other words, if you are accused of an overpayment because of a mistake on the part of the vendor, will the vendor cover your defense? My guess is that there is no indemnification clause.

HIPAA Compliance

HIPAA laws require that you minimize the access to private health information (PHI) and prevent dissemination. With hard copies, this was easy. You could just lock up the documents. With EHR, it becomes trickier. Obviously, you have access to the PHI as the provider. But who can access your EHR on the vendor-side? Assuming that the vendor has an IT team in case of computer issues, you have to consider to what exactly does that team have access.

I recently attended a legal continuing education class on data breach and HIPAA compliance for health care. One of the speakers was a Special Agent with the FBI. This gentleman prosecutes data breaches for a living. He said that hackers will pay over $500 per private medical document. Health care companies experienced a 72% increase in cyberattacks between 2013 and 2014. Stolen health care information is 10 times more valuable than your credit card information.

Zombie Apocalypse

Obviously, I am exaggerating here. I do not believe that The Walking Dead is real and in our future. But here is my point – You are held accountable for maintaining your medical records, even in the face of an act of God or terrorism.

Example: It was 1996. Provider Dentist did not have EHR; he had hard copies. Hurricane Fran flooded Provider Dentist’s office, ruining all medical records. When Provider Dentist was audited, the government did not accept the whole “there was a hurricane” excuse. Dentist was liable for sever penalties and recoupments.

Fast forward to 2017 and EHR – Think a mass computer shutdown won’t happen? Just ask Delta about its August 2016 computer shutdown that took four days and cancelled over 2000 flights. Or Medstar Health, which operates 10 hospitals and more than 250 outpatient facilities, when in March 2016, a computer virus shut down its emails and…you guessed it…its EHR database.

So, what’s in YOUR contract?

Self Disclosure Protocol: What Is It? And Do I Have To?

You are a provider, and you accept Medicare and Medicaid. You find out that the person with whom you contracted to provide extraction services for your dental patients has been upcoding for the last few months. -or- You discover that the supervisory visits over the past year have been less than…well, nonexistent. -or- Or your licensed therapist forgot to mention that her license was revoked. What do you do?

What do you do when you unearth a potential, past overpayment to you from Medicare or Medicaid?

Number One: You do NOT hide your head!

man with head in sand

Do not be an ostrich. First, being an ostrich will have a direct correlation with harsher penalties. Second, you may miss mandatory disclosure deadlines, which will lead to a more in-depth, concentrated, and targeted audits by the government, which will lead to harsher penalties.

As for the first (harsher penalties), not only will your potential, monetary penalties leap skyward, but knowledge (actual or should have had) could put you at risk for criminal liability or false claims liability. As for increased, monetary penalties, recent Office of Inspector General (OIG) information regarding the self disclosure protocol indicates that self disclosure could reduce the minimum multiplier to only 1.5 times the single damages versus 2-10 times the damages without self disclosure.

As for the second (missing deadlines), your penalties will be exorbitantly higher if you had or should have had actual knowledge of the overpayments and failed to act timely. Should the government, despite your lack of self disclosure, decide to audit your billings, you can count on increased scrutiny and a much more concentrated, in-depth audit. Much of the target of the audit will be what you knew (or should have) and when you knew (or should have). Do not ever think: “I will not ever get audited. I am a small fish. There are so many other providers, who are really de-frauding the system. They won’t come after me.” If you do, you will not be prepared when the audit comes a’knocking on your door – and that is just foolish. In addition, never underestimate the breadth and scope of government audits. Remember, our tax dollars provide almost unlimited resources to fund thousands of audits at a time. Being audited is not like winning the lottery, Your chances are not one in two hundred million. If you accept Medicare and/or Medicaid, your chances of an audit are almost 100%. Some providers undergo audits multiple times a year.

Knowing that the definition of “knowing” may not be Merriam Webster’s definition is also key. The legal definition of “knowing” is more broad that you would think. Section 1128J(d)(4)(A) of the Act defines “knowing” and “knowingly” as those terms are defined in 31 U.S.C. 3729(b). In that statute the terms “knowing” and “knowingly” mean that a person with respect to information—(i) has actual knowledge of the information; (ii) acts in deliberate ignorance of the truth or falsity of the information; or (iii) acts in reckless disregard of the truth or falsity of the information. 31 U.S.C. 3729(b) also states that knowing and knowingly do not require proof of specific intent to defraud.

Number Two: Contact your attorney.

It is essential that you have legal counsel throughout the self disclosure process. There are simply too many ways to botch a well-intended, self disclosure into a casus belli for the government. For example, OIG allows three options for self disclosure; however, one option requires prior approval from OIG. Your counsel needs to maintain your self disclosure between the allowable, navigational beacons.

Number Three: Act timely.

You have 60-days to report and pay. Section 1128J(d)(2) of the Social Security Act requires that a Medicare or Medicaid overpayment be reported and returned by the later of (1) the date that is 60 days after the date on which the overpayment was identified or (2) the date any corresponding cost report is due, if applicable. See blog.

________________________________________________________

If you have a Medicare issue, please continue to Number Four. If your issue is Medicaid only, please skip Number Four and go to Number Five. If your issue concerns both Medicare and Medicaid, continue with Number Four and Five (skip nothing).

_________________________________________________________

Number Four: Review the OIG Self Disclosure Protocol (for Medicare).

OIG publishes a Self Disclosure Protocol. Read it. Print it. Frame it. Wear it. Memorize it.

Since 2008, OIG has resolved 235 self disclosure provider cases through settlements. In all but one of these cases, OIG released the disclosing parties from permissive exclusion without requiring any integrity measures. What that means is that, even if you self disclose, OIG has the authority to exclude you from the Medicare system. However, if you self disclose, may the odds be ever in your favor!

Number Five: Review your state’s self disclosure protocol.

While every state differs slightly in self disclosure protocol, it is surprising how similar the protocol is state-to-state. In order to find your state’s self disclosure protocol, simply Google: “[insert your state] Medicaid provider self disclosure protocol.” In most cases, you will find that your state’s protocol is less burdensome than OIG’s.

On the state-side, you will also find that the benefits of self disclosure, generally, are even better than the benefits from the federal government. In most states, self disclosure results in no penalties (as long as you follow the correct protocol and do not hide anything).

Number Six: Draft your self disclosure report.

Your self disclosure report must contain certain criteria. Review the Federal Registrar for everything that needs to be included.

It is important to remember that you are only responsible for self disclosures going back six years (on the federal side).

Mail the report to:

DHHS/OIG/OCIG
Grantee Self-Disclosures
330 Independence Avenue, Room 5527
Washington, DC 20201

Or you can self disclose online at this link.

Look into My Crystal Ball: Who Is Going to Be Audited by the Government in 2017?

Happy New Year, readers!!! A whole new year means a whole new investigation plan for the government…

The Department of Health and Human Services (HHS) Office of Inspector General (OIG) publishes what is called a “Work Plan” every year, usually around November of each year. 2017 was no different. These Work Plans offer rare insight into the upcoming plans of Medicare investigations, which is important to all health care providers who accept Medicare and Medicaid.

For those of you who do not know, OIG is an agency of the federal government that is charged with protecting the integrity of HHS, basically, investigating Medicare and Medicaid fraud, waste, and abuse.

So let me look into my crystal ball and let you know which health care professionals may be audited by the federal government…

crystal-ball

The 2017 Work Plan contains a multitude of new and revised topics related to durable medical equipment (DME), hospitals, nursing homes, hospice, laboratories.

For providers who accept Medicare Parts A and B, the following are areas of interest for 2017:

  • Hyperbaric oxygen therapy services: provider reimbursement
  • Inpatient psychiatric facilities: outlier payments
  • Skilled nursing facilities: reimbursements
  • Inpatient rehabilitation hospital patients not suited for intensive therapy
  • Skilled nursing facilities: adverse event planning
  • Skilled nursing facilities: unreported incidents of abuse and neglect
  • Hospice: Medicare compliance
  • DME at nursing facilities
  • Hospice home care: frequency of on-site nurse visits to assess quality of care and services
  • Clinical Diagnostic Laboratories: Medicare payments
  • Chronic pain management: Medicare payments
  • Ambulance services: Compliance with Medicare

For providers who accept Medicare Parts C and D, the following are areas of interest for 2017:

  • Medicare Part C payments for individuals after the date of death
  • Denied care in Medicare Advantage
  • Compounded topical drugs: questionable billing
  • Rebates related to drugs dispensed by 340B pharmacies

For providers who accept Medicaid, the following are areas of interest for 2017:

  • States’ MCO Medicaid drug claims
  • Personal Care Services: compliance with Medicaid
  • Medicaid managed care organizations (MCO): compliance with hold harmless requirement
  • Hospice: compliance with Medicaid
  • Medicaid overpayment reporting and collections: all providers
  • Medicaid-only provider types: states’ risk assignments
  • Accountable care

Caveat: The above-referenced areas of interest represent the published list. Do not think that if your service type is not included on the list that you are safe from government audits. If we have learned nothing else over the past years, we do know that the government can audit anyone anytime.

If you are audited, contact an attorney as soon as you receive notice of the audit. Because regardless the outcome of an audit – you have appeal rights!!! And remember, government auditors are more wrong than right (in my experience).

Knicole Emanuel Interviewed on Recent Success: Behavioral Health Care Service Still Locked in Overbilling Dispute with State

Last Thursday, I was interviewed by a reporter from New Mexico regarding our Teambuilders win, in which an administrative judge has found that Teambuilders owes only $896 for billing errors. Here is a copy of an article published in the Santa Fe New Mexican, written by Justin Horwath:

Source: Behavioral health care service still locked in overbilling dispute with state

The true tragedy is that these companies, including Teambuilders, should not have been put out of business based on false allegations of fraud. Not only was Teambuilders cleared of fraud, but, even the ALJ agreed with us that Teambuilders does not owe $12 million – but a small, nominal amount ($896.35). Instead of having the opportunity to pay the $896.35 and without due process of law, Teambuilders was destroyed – because of allegations.

Medicaid Auditors, Nitpicky Nonsense, and Journalistic Mistakes

In my experience with regulatory audits of health care providers, which is substantial, the auditors have zero incentive to perform audits conservatively…or even properly, if I am being completely honest. The audit companies themselves are for-profit entities with Boards of Directors, sometimes with shareholders, and definitely with executives who are concerned with the corporate bottom lines. The actual auditors are salaried employees (or contractors) who are given an audit checklist, which may or may not be correct) and instructions as to which companies to audit.

Think about it – you are hired as an auditor…what happens if you come back to your boss, saying, “Nope. I found no documentation errors.”I liken it to me hiring a housekeeper and that housekeeper showing up at my house and saying, “Your house is so clean. There is nothing for me to clean.” First of all, for those who know me, you know that no housekeeper would ever say that my house did not to be cleaned, but that is neither here nor there. The analogy remains. No employee or hired contractor will tell you that you do not need to hire him or her because he or she is not needed. It is only human nature and logic. Will a dog trainer tell you that your dog is fully trained? Will a personal trainer tell you are perfectly fit? Will a rug maker tell you that you don’t need a rug? Will an auditor tell you that your documents are perfect? If so, they would render themselves obsolete.

Disagree with my opinions on this blog all you want, but if you disagree with the principle that an employee will not argue himself or herself out of a job, then you are living in a fantasy land made up of rainbows and gummy bears.

So let’s begin with the basic logical principles: 2+2=4 and auditors have incentives to find errors.

Now, knowing the basic, underlying fact that auditors have incentives to locate documentation errors, an article was recently published entitled, “Audit says home health care companies overbilled Mass. Medicaid by $23m.” While I am not in a position to critique a journalist’s writing, I disagree with the broad, overreaching statements found in this article. While the article claims that 9 home health companies owe the State of Massachusetts $23 million, my guess is that (if the companies hire a competent attorney) the companies do not owe such a large amount. In my experience, there are many legal defenses to safeguard against allegations in an audit.

The follow-up article may be entitled, “Audit of Home Health Agencies Found to Be Erroneous.”

Here is the first paragraph of that article claiming home care agencies overbilled Medicaid for $23 million:

“The state’s Medicaid program was routinely billed for home health care services that were never provided or were not medically necessary. Providers submitted documents with missing dates and signatures. Sometimes basic information like a patient’s medical history was nowhere to be found.”

Let’s dissect.

First sentence: “The state’s Medicaid program was routinely billed for home health care services that were never provided or were not medically necessary.”

I call bull feces on this one. First, the audit, which is the topic of this article, only audited 9 home health agencies. Unless only 10 home health agencies exist in Massachusetts, an audit of 9 agencies can hardly be considered “routinely billing” Medicaid.

Second, who is making these determinations that the home health services are not medically necessary??? Considering that, in order to render home health services, the provider must obtain prior authorization that the services are medically necessary, I find it a hard pill to swallow that the rendered services are not medically necessary. These are prior authorized services!!

Third, providing home health services is anything but routine. Life happens. The assertion that home health care services were never provided fails to take into consideration – life. For example, a home health aide could present at the client’s home at the regularly scheduled time, but the consumer’s son is present. The son brought McDonald’s, in which case, the aide may render all services, but does not prepare a meal for the client. Or, perhaps, the consumer’s plan states that the aide must bathe the consumer. But the consumer recently had surgery and cannot take a bath or shower for a certain amount of time. In the above examples, services were not rendered, that is true, but did some sort of aberrant billing or fraud occur? I would argue, no.

Second sentence: “Providers submitted documents with missing dates and signatures.”

This sentence is also troubling. Let’s say that a consumer requires home health services and receives prior authorization. The home health aide renders the services. In the subsequent documentation, the home health aide forgets to date the service note. There is no question that the home health services were needed. There is no question that the services were rendered. There is only a missing date written on the service note. Does this circumstance warrant a 100% recoupment for a minor documentation error? If you answer, yes, you may have a fulfilling career as a Medicaid auditor in your future. You also may believe that a documentation error as egregious as a missing date should warrant tearing up the provider’s Medicaid contract and burning it. You may also hate puppy dogs and ice cream.

My answer is no. There are less drastic measures to be implemented other than a 100% recoupment – for example, a plan of correction could be required.

Third sentence: “Sometimes basic information like a patient’s medical history was nowhere to be found.”

I have major issues with this sentence. Ever hear of the saying, “You only get what you ask for?” All health care providers, including home health care providers, maintain massive amounts of documentation, whether it be electronic or paper. Furthermore, one client file could have years and years of documentation. When an auditor comes to an agency, the auditor normally presents with a list of consumer names and dates of service.

For example, the auditor wants to review the documentation for Barack Obama, date of service 11/8/12. The provider hands over the service note, the plan of care, the prior authorization, etc. Information not found on the documents provided to the auditor: place of birth, past drug use, including, marijuana and cocaine, smoking history, exercise regimen, marital status, immunizations, list of surgical procedures…you get the picture.

The article goes on to state, “Executives at all of the companies reached by the Globe said they are appealing the audit findings and chalked up most of the violations to minor paperwork issues that were overblown by state auditors.”

“There’s mistakes here, I understand that,” said Debra Walsh, administrator at Able Home Care. “[But] how did a missing address escalate to a sanction? That doesn’t make any sense.”

She’s right. It doesn’t make logical, reasonable, human sense. But it does make sense when you remember that the auditors are sent to the agencies with an audit checklist and a list of consumers with dates of service. If the checklist requires an address of the provider and the consumer to be present on the service note, regardless whether the regulations, rules or law require an address to be present on a service note, and there is no address present on the service note, then the auditor will find noncompliance. Strict adherence to the “Stepford Auditors’ Handbook” is required, not strict adherence to the law.

Looking at the sunny side – Most audit findings are easy-greasy to defend with legal arguments. Have you seen the TV show, “What Not To Wear?” The first, initial meeting of the targeted person on “What Not To Wear” is the original audit results “before a good legal defense.” It’s exaggerated, ugly, and quite shocking.

Then Stacy and Clinton come to the rescue and teach the scraggly, poorly-dressed individual fashion tips and the former frumpy individual is transformed into a fashionable chichi – or a much more palatable overpayment amount.

(In this analogy, my team and I are Stacy and Clinton. I will be Stacy).

One of my favorite examples of a “before” and “after” audit results is the following:

Before (frumpy individual):

""before2
After (fashionable chichi):
photo (3)
""

Next time you see an article claiming that a health care provider overbilled the government for Medicare or Medicaid reimbursements, check and see whether the determination was appealed by the provider(s).

The appeal may demonstrate an entirely new perspective on such alleged overpayments than the original audit, because, remember, an auditor would not maintain a job if he or she found compliance.

Medicare Audits: DRG Downcoding in Hospitals: Algorithms Substituting for Medical Judgment, Part 1

This article is written by our good friend, Ed Roche. He is the founder of Barraclough NY, LLC, which is a litigation support firm that helps us fight against extrapolations.

e-roche

The number of Medicare audits is increasing. In the last five years, audits have grown by 936 percent. As reported previously in RACmonitor, this increase is overwhelming the appeals system. Less than 3 percent of appeal decisions are being rendered on time, within the statutory framework.

It is peculiar that the number of audits has grown rapidly, but without a corresponding growth in the number of employees for Recovery Audit Contractors (RACs). How can this be? Have the RAC workers become more than 900 percent more efficient? Well, in a way, they have. They have learned to harness the power of big data.

Since 1986, the ability to store digital data has grown from 0.02 exabytes to 500 exabytes. An exabyte is one quintillion bytes. Every day, the equivalent 30,000 Library of Congresses is put into storage. That’s lots of data.

Auditing by RACs has morphed into using computerized techniques to pick targets for audits. An entire industry has emerged that specializes in processing Medicare claims data and finding “sweet spots” on which the RACs can focus their attention. In a recent audit, the provider was told that a “focused provider analysis report” had been obtained from a subcontractor. Based on that report, the auditor was able to target the provider.

A number of hospitals have been hit with a slew of diagnosis-related group (DRG) downgrades from internal hospital RAC teams camping out in their offices, continually combing through their claims data. The DRG system constitutes a framework that classifies any inpatient stay into groups for purposes of payment.

The question then becomes: how is this work done? How is so much data analyzed? Obviously, these audits are not being performed manually. They are cyber audits. But again, how?

An examination of patent data sheds light on the answer. For example, Optum, Inc. of Minnesota (associated with UnitedHealthcare) has applied for a patent on “computer-implemented systems and methods of healthcare claim analysis.” These are complex processes, but what they do is analyze claims based on DRGs.

The information system envisaged in this patent appears to be specifically designed to downgrade codes. It works by running a simulation that switches out billed codes with cheaper codes, then measures if the resulting code configuration is within the statistical range averaged from other claims.

If it is, then the DRG can be downcoded so that the revenue for the hospital is reduced correspondingly. This same algorithm can be applied to hundreds of thousands of claims in only minutes. And the same algorithm can be adjusted to work with different DRGs. This is only one of many patents in this area.

When this happens, the hospital may face many thousands of downgraded claims. If it doesn’t like it, then it must appeal.

Here there is a severe danger for any hospital. The problem is that the cost the RAC incurs running the audit is thousands of time less expensive that what the hospital must spend to refute the DRG coding downgrade.

This is the nature of asymmetric warfare. In military terms, the cost of your enemy’s offense is always much smaller than the cost of your defense. That is why guerrilla warfare is successful against nation states. That is why the Soviet Union and United States decided to stop building anti-ballistic missile (ABM) systems — the cost of defense was disproportionately greater than the cost of offense.

Hospitals face the same problem. Their claims data files are a giant forest in which these big data algorithms can wander around downcoding and picking up substantial revenue streams.

By using artificial intelligence (advanced statistical) methods of reviewing Medicare claims, the RACs can bombard hospitals with so many DRG downgrades (or other claim rejections) that it quickly will overwhelm their defenses.

We should note that the use of these algorithms is not really an “audit.” It is a statistical analysis, but not done by any doctor or healthcare professional. The algorithm could just as well be counting how many bags of potato chips are sold with cans of beer.

If the patient is not an average patient, and the disease is not an average disease, and the treatment is not an average treatment, and if everything else is not “average,” then the algorithm will try to throw out the claim for the hospital to defend. This has everything to do with statistics and correlation of variables and very little to do with understanding whether the patient was treated properly.

And that is the essence of the problem with big data audits. They are not what they say they are, because they substitute mathematical algorithms for medical judgment.

EDITOR’ NOTE: In Part II of this series, Edward Roche will examine the changing appeals landscape and what big data will mean for defense against these audits. In Part III, he will look at future scenarios for the auditing industry and the corresponding public policy agenda that will involve lawmakers.

 

Another Win for the Good Guys! RAC Auditors Cannot Look Back Over 3 Years!!! (BTW: We Already Knew This -Shhhhh!)

I love being right – just ask my husband.

I have argued for years that government auditors cannot go back over three years when conducting a Medicaid/Care audit of a health care provider’s records, unless there are credible allegations of fraud. See blog.

42 CFR 455.508 states that “[a]n entity that wishes to perform the functions of a Medicaid RAC must enter into a contract with a State to carry out any of the activities described in § 455.506 under the following conditions:…(f) The entity must not review clams that are older than 3 years from the date of the claim, unless it receives approval from the State.”

Medicaid RAC is defined as “Medicaid RAC program means a recovery audit contractor program administered by a State to identify overpayments and underpayments and recoup overpayments.” 42 CFR 455. 504.

From the definition of a Medicaid RAC (Medicare RAC is similarly defined), albeit vague, entities hired by the state to identify over and underpayments are RACs. And RACs are prohibited from auditing claims that are older than 3 years from the date of the claim.

In one of our recent cases, our client, Edmond Dantes, received a Tentative Notice of Overpayment from Public Consulting Group (PCG) on May 13, 2015. In a Motion for Summary Judgment, we argued that PCG was disallowed to review claims prior to May 13, 2012. Of the 8 claims reviewed, 7 claims were older than May 13, 2012 – one even went back to 2009!

The Administrative Law Judge (ALJ) at the Office of Administrative Hearings (OAH) agreed. In the Order Granting Partial Summary Judgment, the ALJ opined that “[s]tatutes of limitation serve an important purpose: to afford security against stale demands.”

Accordingly, the ALJ threw out 7 of the 8 claims for violating the statute of limitation. With one claim left, the amount in controversy was nominal.

A note as to the precedential value of this ruling:

Generally, an ALJ decision is not binding on other ALJs. The decisions are persuasive. Had DHHS appealed the decision and the decision was upheld by Superior Court, then the case would have been precedent; it would have been law.

Regardless, this is a fantastic ruling , which only bolsters my argument that Medicaid/care auditors cannot review claims over 3 years old from the date of the claim.

So when you receive a Tentative Notice of Overpayment, after contacting an attorney, look at the reviewed claims. Are those reviewed claims over 3 years old? If so, you too may win on summary judgment.

Medicaid/care Fraud: You Are Guilty Until Proven Innocent!

Don’t we have due process in America? Isn’t due process something that our founding fathers thought important, essential even? Due process is in our Constitution.

The Fourteenth (governing state governments) and the Fifth Amendment (governing federal government) state that no person shall be “deprived of life, liberty, or property without due process of law.”

Yet, apparently, if you accept Medicaid or Medicare, due process is thrown out the window. Bye, Felicia!

How is it possible that criminals (burglars, murderers, rapists) are afforded due process but a health care provider who accepts Medicaid/care does not?

Surely, that is not true! Let’s look at some examples.

In Tulsa, a 61-year-old man was arrested for killing his Lebanese neighbor. He pled not guilty. In news articles, the word “allegedly” is rampant. He allegedly killed his neighbor. Authorities believe that he may have killed his neighbor.

And prior to getting his liberty usurped and getting thrown in jail, a trial ensues. Because before we take a person’s liberty away, we want a fair trial. Doesn’t the same go for life and property?

Example A: I recently received a phone call from a health care provider in New Jersey. She ran a pediatric medical daycare. In 2012, it closed its doors when the State of New Jersey accused it of an overpayment of over $12 million and suspended its funds. With its funds suspended, it could no longer pay staff or render services to its clients.

Now, in 2016, MORE THAN FOUR YEARS LATER, she calls to ask advice on a closing statement for an administrative hearing. This tells me (from my amazing Murdoch Mysteries (my daughter’s favorite show) sense of intuition): (1) she was not provided a trial for FOUR YEARS; (2) the state has withheld her money, kept it, and gained interest on it for over FOUR YEARS; (3) in the beginning, she did have an attorney to file an injunction and a declaratory judgment; and (4) in the end, she could not afford such representation (she was filing her closing argument pro se).

Examples B-P: 15 New Mexico behavioral health care agencies. On June 23, 2013, the State of New Mexico accuses 15 behavioral health care agencies of Medicaid fraud, which comprised 87.5% of the behavioral health care in New Mexico. The state immediately suspends all reimbursements and puts most of the companies out of business. Now, MORE THAN THREE YEARS LATER, 11 of the agencies still have not undergone a “Fair Hearing.” Could you imagine the outrage if an alleged criminal were held in jail for THREE YEARS before a trial?

Example Q: Child psychiatrist in rural area is accused of Medicaid fraud. In reality, he is not guilty. The person he hired as his biller is guilty. But the state immediately suspends all reimbursements. This Example has a happy ending. Child psychiatrist hired us and we obtained an injunction, which lifted the suspension. He did not go out of business.

Example R: A man runs a company that provides non-emergency medical transportation (NEMT). One day, the government comes and seizes all his property and freezes all his bank accounts with no notice. They even seize his fiance’s wedding ring. More than TWO YEARS LATER – He has not stood trial. He has not been able to defend himself. He still has no assets. He cannot pay for a legal defense, much less groceries.

Apparently the right to speedy trial and due process only applies to alleged burglars, rapists, and murderers, not physicians and health care providers who render medically necessary services to our most fragile and vulnerable population. Due process??? Bye, Felicia!

What can you, as a health care provider, do if you are accused of fraud and your reimbursements are immediately suspended?

  1. Prepare. If you accept Medicare/caid, open an account and contribute to it generously. This is your CYA account. It is for your legal defense. And do not be stupid. If you accept Medicaid/care, it is not a matter of if; it is a matter of when.
  2. Have your attorney on speed dial. And I am not talking about your brother’s best friend from college who practices general trial law and defends DUIs. I am talking about a Medicaid/care litigation expert.
  3. File an injunction. Suspension of your reimbursements is a death sentence. The two prongs for an injunction are (a) likelihood of success on the merits; and (b) irreparable harm. Losing your company is irreparable harm. Likelihood of success on the merits is on you. If your documents are good – you are good.