Blog Archives
Laboratories Are Under Scrutiny by OIG and State Medicaid!
Laboratories are under scrutiny by the OIG and State Medicaid Departments. Labs get urine samples from behavioral health care companies, substance abuse companies, hospitals, and primary care facilities, who don’t have their own labs. Owners of labs entrust their lab executives to follow procedure on a federal and/or state level for Medicare or Medicaid. Well, what if they don’t. For example, one client paid a urine collector/courier by the mile. That courier service collected urine from Medicaid consumers in NC, sometimes in excess of 90 times a year, when Medicaid only allows 24 per year. I have about 10-15 laboratory clients at the present.
Another laboratory’s urine collector collected the urine, but never brought the urine back to get tested. To which I ponder, where did all those urine specimens go?
Another laboratory had a standing order for over 6 years to test presumptive and definitive testing on 100% of urine samples.
OIG has smelled fraud within laboratories and is widening its search for fraudsters. Several laboratories are undergoing the most serious audits in existence. Not RAC, MAC, or UPIC audits, but audits of even more importance. They received CIDs or civil investigative demands from their State Medicaid Divisions. These requests, like RAC, MAC, or UPIC audits, request lots of documents. In fact, CIDs are legally allowed to request documents for a much longer period of time than RACs, which can only request 3 years back. Most CIDs are fishing for false claims under the False Claims Act (FCA). Stark and Anti-Kickback violations are also included in these investigations. While civil penalties can result in high monetary penalties, criminal violations result in jail time.
As everyone knows, labs must follow CLIA or be CLIA certified, which is the federal standard for which labs. The Clinical Laboratory Improvement Amendments (CLIA) of 1988 (42 USC 263a) and the associated regulations (42 CFR 493) provide the authority for certification and oversight of clinical laboratories and laboratory testing. Under the CLIA program, clinical laboratories are required to have the appropriate certificate before they can accept human samples for testing. There are different types of CLIA certificates, as well as different regulatory requirements, based on the types and complexity of clinical laboratory tests a laboratory conducts. CLIA, like CMS, has its own set of rules. When entities like CLIA or CMS have their own rules, sometimes those rules juxtapose law, which creates a conundrum for providers. If you own a lab, do you follow CLIA rules or CMS rules or the law? Let me give you an example. According to CLIA, you must maintain documentation regarding samples and testing for two years. So, if CLIA audits a laboratory, the audits requests will only go back for two years. Well, that’s all fine and dandy. Except according to the law, you have to maintain medical documents for 5 or 6 years, depending on the service type.
Recently, one of my labs received a CID for records going back to 2017. That is a 6-year lookback. Had the lab followed CLIA’s rules, the lab would only have documentation going back to 2021. Had the lab followed CLIA’s rules, when OIG knocked on its door, it would have NOT had four years of OIG’s request. Now I do not know, because I have never been in the position that my lab client only retained records for two years…thank goodness. If I were in the position, I would argue that the lab was following CLIA’s rules. But that’s the thing, rules are not laws. When in doubt, follow laws, not rules.
However, that takes me to Medicare provider appeals of RAC, MAC, and UPIC audits. Everything under the umbrella of CMS must follow CMS rules. Remember how I said that rules are not laws? CMS rules, sometimes, contradict law. Yet when a Medicare provider appeals an overpayment or termination, the first four levels of appeal are mandated to follow CMS rules. It is not until the 5th level, which is the federal district court that law prevails. In other words, the RAC, MAC, or UPIC, the 2nd level QIC, the 3rd level ALJ, and the 4th level Medicare Appeal Council, all must follow CMS rules. It is not until you appear before the federal district judge that law prevails.
Receiving a CID does not mean that your investigation will remain civil. Most investigations begin civilly. If the evidence uncovered demonstrates any criminal activity, your civil investigation can quickly turn criminal. I co-defend with a federal criminal attorney if the case has a chance to turn criminal. Believe me, there is a huge difference between federal and state criminal lawyers! Even with the best federal criminal lawyers, you want a Medicare and Medicaid expert lawyer on the team to dispute the regulatory accusations that a criminal attorney may not be as well-versed. I am so thankful that I moved my practice to Nelson Mullins, because we have a huge, yet highly-specialized health care practice. While we have a large number of lawyers, each partner specializes in slightly different aspects of health care. So, when I need a federal criminal attorney to partner-up with me, I just walk down the hall.
Laboratories: Beware! Be ready! Be prepared! Be lawyered up!
Ding Dong! PHE Is Dead!!!
The federal Public Health Emergency (PHE) for COVID-19, declared under Section 319 of the Public Health Service (PHS) Act, is expiring at the end of the day on May 11, 2023, today! This is huge. There have been thousands of exceptions and waivers due to COVID throughout the last 2 1/2 years. But on the end of the day on May 11, 2023…POOF….
Most exceptions or waivers will immediately cease.
The Department claims it has been working closely with partners—including Governors; state, local, Tribal, and territorial agencies; industry; and advocates—to ensure an orderly transition out of the COVID PHE.
Yesterday, HHS released a Fact Sheet. It is quite extensive, as it should be considering the amount of regulatory compliance changes that will happen overnight!
Since January 2021, COVID deaths have declined by 95% and hospitalizations are down nearly 91%.
There are some flexibilities and actions that will not be affected on May 11.
Access to COVID vaccinations and certain treatments, such as Paxlovid and Lagevrio, will generally not be affected.
At the end of the PHE on May 11, Americans will continue to be able to access COVID vaccines at no cost, just as they have during the COVID PHE. People will also continue to be able to access COVID treatments just as they have during the COVID PHE.
At some point, the federal government will no longer purchase or distribute COVID vaccines and treatments, payment, coverage, and access may change.
On April 18, 2023, HHS announced the “HHS Bridge Access Program for COVID-19 Vaccines and Treatments.” to maintain broad access to vaccines and treatments for uninsured Americans after the transition to the traditional health care market. For those with most types of private insurance, COVID vaccines recommended by the Advisory Committee on Immunization Practices (ACIP) are a preventive health service and will be fully covered without a co-pay when provided by an in-network provider. Currently, COVID vaccinations are covered under Medicare Part B without cost sharing, and this will continue. Medicare Advantage plans must also cover COVID vaccinations in-network without cost sharing, and this will continue. Medicaid will continue to cover COVID vaccinations without a co-pay or cost sharing through September 30, 2024, and will generally cover ACIP-recommended vaccines for most beneficiaries thereafter.
After the transition to the traditional health care market, out-of-pocket expenses for certain treatments, such as Paxlovid and Lagevrio, may change, depending on an individual’s health care coverage, similar to costs that one may experience for other covered drugs. Medicaid programs will continue to cover COVID treatments without cost sharing through September 30, 2024. After that, coverage and cost sharing may vary by state.
Major telehealth flexibilities will not be affected. The vast majority of current Medicare telehealth flexibilities that people with Medicare—particularly those in rural areas and others who struggle to find access to care—have come to rely upon throughout the PHE, will remain in place through December 2024. Plus, States already have significant flexibility with respect to covering and paying for Medicaid services delivered via telehealth. This flexibility was available prior to the COVID PHE and will continue to be available after the COVID PHE ends.
What will be affected by the end of the COVID-19 PHE:
Many COVID PHE flexibilities and policies have already been made permanent or otherwise extended for some time, with others expiring after May 11.
Certain Medicare and Medicaid waivers and broad flexibilities for health care providers are no longer necessary and will end. During the COVID PHE, CMS used a combination of emergency authority waivers, regulations, and sub-regulatory guidance to ensure and expand access to care and to give health care providers the flexibilities needed to help keep people safe. States, hospitals, nursing homes, and others are currently operating under hundreds of these waivers that affect care delivery and payment and that are integrated into patient care and provider systems. Many of these waivers and flexibilities were necessary to expand facility capacity for the health care system and to allow the health care system to weather the heightened strain created by COVID-19; given the current state of COVID-19, this excess capacity is no longer necessary.
For Medicaid, some additional COVID PHE waivers and flexibilities will end on May 11, while others will remain in place for six months following the end of the COVID PHE. But many of the Medicaid waivers and flexibilities, including those that support home and community-based services, are available for states to continue beyond the COVID PHE, if they choose to do so. For example, States have used COVID PHE-related flexibilities to increase the number of individuals served under a waiver, expand provider qualifications, and other flexibilities. Many of these options may be extended beyond the PHE.
Coverage for COVID-19 testing will change.
State Medicaid programs must provide coverage without cost sharing for COVID testing until the last day of the first calendar quarter that begins one year after the last day of the PHE. That means with the PHE ending on May 11, 2023, this mandatory coverage will end on September 30, 2024, after which coverage may vary by state.
The requirement for private insurance companies to cover COVID tests without cost sharing, both for OTC and laboratory tests, will end at the expiration of the PHE.
Certain COVID data reporting and surveillance will change. CDC COVID data surveillance has been a cornerstone of our response, and during the PHE, HHS had the authority to require lab test reporting for COVID. At the end of the COVID-19 PHE, HHS will no longer have this express authority to require this data from labs, which will affect the reporting of negative test results and impact the ability to calculate percent positivity for COVID tests in some jurisdictions. Hospital data reporting will continue as required by the CMS conditions of participation through April 30, 2024, but reporting will be reduced from the current daily reporting to weekly.
FDA’s ability to detect shortages of critical devices related to COVID-19 will be more limited. While FDA will still maintain its authority to detect and address other potential medical product shortages, it is seeking congressional authorization to extend the requirement for device manufacturers to notify FDA of interruptions and discontinuances of critical devices outside of a PHE which will strengthen the ability of FDA to help prevent or mitigate device shortages.
Public Readiness and Emergency Preparedness (PREP) Act liability protections will be amended. On April 14, 2023, HHS Secretary Becerra mailed all the governors announcing his intention to amend the PREP Act declaration to extend certain important protections that will continue to facilitate access to convenient and timely COVID vaccines, treatments, and tests for individuals.
More changes are occurring than what I can write in one, little blogpost. Know that auditors will be knocking on your doors, asking for dates of service during the PHE. Be sure to research the policies and exceptions that were pertinent during those DOS. This is imperative for defending yourself against auditors knocking on your doors.
And, as always, lawyer-up fast!
And just like the Wicked With of the West, DING DONG! The PHE is dead.
Preparing for Post-PHE Medicare and Medicaid Audits
Hello and happy RACMonitor Monday! As the nation forges ahead in the wake of the COVID-19 pandemic, the audits continue after that brief hiatus in March 2020. Recovery Audit Contractors (RACs), UPICs, and other auditors are dutifully reviewing claims on a post-payment basis. However, since COVID, there is a staffing shortage, which have many provider facilities scrambling on a normal basis. Throw in an audit of 150 claims and you’ve got serious souff-laying.
Yes, audit preparation has changed since COVID. Now you have more to do to prepare. Audits create more work when you have less staff. Well, suck it up sippy-cup because post-PHE audits are here.
The most important pre-audit preparation is knowing the COVID exceptions germane to your health care services. During PHE over the last two years, there has been a firehose of regulatory exceptions. You need to use these exceptions to your advantage because, let’s face it, the exceptions made regulatory compliance easier. For the period of time during which the exceptions applied, you didn’t have to get some signatures, meet face-to-face, have supervision, or what not. The dates during which these exceptions apply is also pertinent. I suggest creating a folder for all the COVID exceptions that apply to your facility. While I would like to assume that whatever lawyer that you hire, because, yes, you need to hire a lawyer, would know all the COVID exceptions – or, at least, know to research them, you never know. It only benefits you to be prepared.
Any medical provider that submits claims to a government program may be subject to a Medicare or Medicaid audit. Just because you have been audited in the past, doesn’t change the fact that you may be audited again in the future. RAC audits are not one-time or intermittent reviews and can be triggered by anything from an innocent documentation error to outright fraud. I get that questions a lot: This is my 3rd audit. At what point is this harassment. I’ve never researched the answer to that question, but I would venture that auditors get tons of latitude. So, don’t be that provider that is low-hanging fruit and simply pays post-payment reviews.
While reduced staff, high patient loads or other challenges may be bogging down your team, it’s important to remember that timeliness is crucial for CMS audit responses.
Locating the corresponding medical records and information can be a hassle at the best of times, but there are a few key things your organization can do to better prepare for a RAC Audit:
According to CMS, if selected for review, providers should discuss with their contractor any COVID-19-related hardships they are experiencing that could affect audit response timeliness. CMS notes that all reviews will be conducted in accordance with statutory and regulatory provisions, as well as related billing and coding requirements. Waivers and flexibilities will also be applied if they were in place on the dates of service for any claims potentially selected for review.
Ensure that the auditor has the appropriate contact information for requesting audit-related documentation. With so many changes to hospitals teams, it’s important to make sure that auditors’ requests for medical records are actually making it to the correct person or team in a timely manner.
Provide your internal audit review teams with proper access to data and other software tools like those used to ensure timely electronic audit responses. With a mix of teams working from home and in the office, it’s a good idea to make sure that teams handling Additional Documentation Requests (ADRs) and audit responses have the necessary access to the data they will need to respond to requests.
Review and document any changes to your audit review team processes.
Meet with your teams to ensure they fully understand the processes and are poised to respond within the required timeframes.
Successfully completing these audits in a timely manner is made much easier when the above processes and steps are in place.
CMS Published 2023 Medicare/caid Health Care Providers’ Audit Process
THE CENTER FOR MEDICARE AND MEDICAID SERVICES (“CMS”) 2023 Program Audit Process Overview came out recently. The report is published by the Division of Audit Operations. CMS will send engagement letters to initiate routine audits beginning February 2023 through July 2023. Engagement letters for ad hoc audits may be sent at any time throughout the year. The program areas for the 2023 audits include:
- CDAG: Part D Coverage Determinations, Appeals, and Grievances
- CPE: Compliance Program Effectiveness
- FA: Part D Formulary and Benefit Administration
- MMP-SARAG: Medicare-Medicaid Plan Service Authorization Requests, Appeals, and Grievances
- MMPCC: Medicare-Medicaid Plan Care Coordination
- ODAG: Part C Organization Determinations, Appeals, and Grievances
- SNPCC: Special Needs Plans Care Coordination
The Program Audit Process document is only 13 pages. Yet, it is supposed to set forth the rules that the auditors must abide by in 2023. My question is – what if they don’t. What if the auditors fail to follow proper procedure.
For example, similarly to last year, an audit consists of 4 phases.
- Audit engagement and universe submission
- Audit field work
- Audit reporting
- Audit validation and close out
I would like to add another phase. Phase 5 is appeal.
According to the Report, and this is a quote: “the Audit Engagement and Universe Submission (which is the 1st stage) is a six-week period prior to the field work portion of the audit. During this phase, a Sponsoring organization is notified that it has been selected for a program audit and is required to submit the requested data, which is outlined in the respective Program Audit Protocol and Data Request document.” My question is: The sponsoring organization? CMS is referring to the provider who getting audited as a sponsoring organization. And why does CMS call the provider who is getting audited sponsoring? Is it because after the audit the sponsoring organization will be paying in recoupments?
It is interesting that the first phase “Audit Engagement and Universe Submission,” lasts 6 weeks. At this point, I want to know, does the provider know that the facility has been targeted for an audit? As an attorney, I get to see the process in the aftermath. Folks call me in distress because they got the results of an audit and disagree. I have never had the opportunity to be involved from the get go. So, if any of y’all receive a notice of an audit, please call me. I won’t charge you. I just would love the experience of walking through an audit from the get go. I think it would make me better at my job.
In other news, as you know, CMS may issue civil money penalties to providers for alleged noncompliance. Other penalties exist as well, which may or may not be worse that civil penalties. On January 23, 2023, CMS published a correction that Total Longterm Care, Inc. d/b/a InnovAge Colorado PACE (InnovAge CO) corrected its violations. In 2021, CMS had suspended its ability to re-enroll. Another facility was imposed with pre-payment review, which means that the facility must submit claims to an auditor prior to receiving reimbursements. Pre-payment review is probably the worse penalty in existence. A client of mine was told yesterday that pre-payment review is imminent. The only recourse for pre-payment review is a federal or State injunction Staying the suspension of reimbursements. You cannot appeal being placed on pre-payment review. But you do have a chance to Stay the suspension. The suspension makes no sense to me. It’s as if the government is saying that you are guilty before an ability to prove innocence.
Are UTIs Preventable? OIG Says Yes and CMS Will Audit!
I hope everyone had a fantastic Thanksgiving and are now moving toward the Christmas or Hanukkah holiday. As I discussed last week, CMS and its contracted auditors are turning their watchdog eyes toward nursing homes, critical access hospitals (“CAHs”), and acute care hospitals (“ACHs”). You can hear more on this topic on Thursday, December 8th at 1:30 when I present the RACMonitor webinar, “Warning for Acute Care Hospitals: You Are a Target for Overpayment Audits.”
October 2022, OIG published a new audit project entitled, “Potentially Preventable Hospitalizations of Medicare-Eligible Skilled Nursing Facility Residents.”
Residents of nursing homes and long-term care facilities are frequently transferred to an Emergency Department as an inpatient when they need acute medical care. A proportion of these transfers may be considered inappropriate and may be avoidable, says OIG.
OIG identified nursing facilities with high rates of Medicaid resident transfers to hospitals for urinary tract infections (“UTIs”). OIG describes UTIs as being “often preventable and treatable in the nursing facility setting without requiring hospitalization.” A 2019 OIG audit found that nursing facilities often did not provide UTI detection and prevention services in accordance with resident’s individualized plan of care, which increases the chances for infection and hospitalization. Each resident should have their own prevention policy for whatever they are prone to get. My Grandma, for example, is prone to UTIs, so her personal POC should have prevention measures for trying to avoid contracting a UTI, such as drinking cranberry juice and routine cleansing. In addition to UTIs, OIG noted that previous CMS studies found that five conditions were related to 78% of the resident transfers to hospitals: pneumonia, congestive heart failure, UTIs, dehydration, and chronic obstructive pulmonary disease/asthma. OIG added a sixth condition citing that sepsis is considered a preventable condition when the underlying cause of sepsis is preventable. In my humble opinion, the only condition listed as preventable that is actually preventable is dehydration.
OIG’s new audit project involved a review of Medicare and Medicaid claims related to inpatient hospitalizations of nursing home residents with any of the six conditions noted previously. The audit will focus on whether the nursing homes being audited provided services to residents in accordance with the residents’ care plans and related professional standards (or whether the nursing homes caused preventable inpatient admissions due to non-compliance with care plans and professional standards).
What can you do to prepare for these upcoming audits? Review your facilities’ policies, procedures, and practices germane to the identification of the 6 conditions OIG flagged as preventable. Ensure that your policies and procedures lay out definitive steps to prevent or try to prevent these afflictions. Educate and train your staff of detection, prevention, treatment, and care planning related to the six conditions. Collect and analyze data of trends of frequency and cause of inpatient hospitalizations and determine whether these inpatient hospitalizations could have been prevented and how.
In summary, be prepared for audits of inpatient hospitalizations with explanations of attempted prevention. You cannot prevent all afflictions, but you can have policies in place to try. As always, it’s the thought that counts, as long as, it’s written down.
Warning for Acute Care Hospitals: You’re a Target for Overpayment Audits
Today I want to talk about upcoming Medicare audits targeted toward Acute Care Hospitals.
In September 2022, OIG reported that “Medicare Part B Overpaid Critical Access Hospitals and Docs for Same Services.” OIG Reports are blinking signs that flash the future Medicare audits to come. This is a brief blog so be sure to tune in on December 8th for the RACMonitor webinar: Warning for Acute Care Hospitals: You’re a Target for Overpayment Audits. I will be presenting on this topic in much more depth. It is a 60-minute webinar.
For OIG’s report regarding the ACHs, OIG audited 40,026 Medicare Part B claims, with half submitted by critical access hospitals and the rest submitted by health care practitioners for the same services provided to beneficiaries on the same dates of service (“DOS”). OIG studied claims from March 1, 2018, to Feb. 28, 2021, and found almost 100% noncompliance, which constituted almost $1million in overpayments to providers.
According to the OIG Report, CMS didn’t have a system to edit claims to prevent and detect any duplicate claims, as in the services billed by an acute hospital and by a physician elsewhere. Even if the physician reassigned his/her rights to reimbursement to the ACH.
As you know, a critical access hospital cannot bill Part B for any outpatient services delivered by a health care practitioner unless that provider reassigns the claim to the facility, which then bills Part B. However, OIG’s audit found that providers billed and got reimbursed for services they did perform but reassigned their billing rights to the critical access hospital.
The question is – why did the physicians get reimbursed even if they assigned their rights to reimbursement away? At some point, CMS needs to take responsibility as to the lack having a system to catch these alleged overpayments. If the physicians were reimbursed and had no reason to know that they were getting reimbursed for services that they assigned to an ACH, there is an equitable argument that CMS cannot take back money based on its own error and no intent by the physician.
On a different note, I wanted to give a shout out to ASMAC, which is the American Society of Medical Association Counsel; Attorneys Advocating for America’s Physicians. It is comprised of general counsels (GCs) of health care entities and presidents of State Medical Societies. ASMAC’s topics at conferences are cutting-edge in our industry of defending health care providers, interesting, and on-point by experts in the fields. I was to present there last week in Hawaii on extrapolations in Medicare and Medicaid provider audits. Thankfully, all their conferences are not in Hawaii; that is too far of a trip for someone on the East Coast. But you should look into the association, if ASMAC sounds like it would benefit you or you could benefit them, join.
The Ugly Truth about Medicare Provider Appeals
Extrapolated audits are the worst.
These audits under sample and over extrapolate – almost to the point that some audits allege that you owe more than you were paid. How is that fair in our judicial system? I mean, our country was founded on “due process.” That means you have a right to life, liberty, and the pursuit of happiness. If the government attempts to pursue your reimbursements at all, much less a greater amount than what you received, you are required notice and a hearing.
Not to mention that OIG conducted a Report back in 2020 that identified numerous mistakes in the extrapolations. The Report stated: “CMS did not always provide sufficient guidance and oversight to ensure that these reviews were performed in a consistent manner.” I don’t know about you, but that is disconcerting to me. It also stated that “The test was associated with at least $42 million in extrapolated overpayments that were overturned in fiscal years 2017 and 2018. If CMS did not intend that the contractors use this procedure, these extrapolations should not have been overturned. Conversely, if CMS intended that contractors use this procedure, it is possible that other extrapolations should have been overturned but were not.“
I have undergone hundreds of Medicare and Medicaid audits with extrapolations. You defend against these audits twofold: 1) by hiring an expert statistician to debunk the extrapolation; and 2) by using the provider as an expert clinician to discredit the denials. However, I am always dismayed…maybe that’s not the right word…flabbergasted that no one ever shows up on the other side. It is as if CMS via whatever contractor conducted the extrapolated audit believes that their audit needs no one to prove its veracity. As if we attorneys and providers should just accept their findings as truth, and they get the benefit of NOT hiring a lawyer and NOT showing up to ALJ trials.
In the above picture, the side with the money is CMS. The empty side is the provider.
In normal trials, as you know, there are two opposing sides: a Plaintiff and a Defendant, although in administrative law it’s called a Petitioner and a Respondent. Medicaid provider appeals also have two opponents. However, in Medicare provider appeals, there is only one side: YOU. An ALJ will appear, but no auditor to defend the merits of the alleged overpayment that you, as a provider, are accused of owing.
In normal trials, if a party fails to appear, the Judge will almost automatically rule against the non-appearing party. Why isn’t it the same for Medicare provider appeals? If a Medicare provider appears to dispute an alleged audit, the Judge does not rule automatically in favor of the provider. Quite the opposite quite frankly. The CMS Rules, which apply to all venues under the purview of CMS, which includes the ALJ level and the Medicare Appeals Council level, are crafted against providers, it seems. Regardless the Rules create a procedure in which providers, not the auditors, are forced to retain counsel, which costs money, retain a statistician in cases of extrapolations, which costs money, go through years of appeals through 5 levels, all of which the CMS Rules apply. Real law doesn’t apply until the district court level, which is a 6th level – and 8 years later.
Any providers reading, who retain lobbyists, this Medicare appeal process needs to change legislatively.
My Halloween blog from Yesterday: Medicare Dollars Vanish!
Happy Halloween. This year I am dressing as Freddy Krueger and my daughter, who is 17, says, “that’s so 80’s.” I guess some younger kids will just think I’m a spooky lady in a green and red sweater with knives for fingers. In honor of Halloween, I would like to tell you three ghost stories, of Medicare money that has vanished never to be found.
First, a ghoulish report from OIG states that CMS has not done enough to recoup Medicare payments found in 12 hospitals. Nothing like a report saying “CMS isn’t getting enough money” to make CMS “trick or treat” with more audits. According to the OIG report, CMS is short staffed, like almost every employer in America. Apparently, CMS claims to have too many phantoms instead of employees to track down every dollar, which I must say, makes me superstitious. If CMS is claiming to not have enough resources to track down money that has been targeted at 12 hospitals, how is it conducting the other audits nation-wide?
Among the 12 hospitals, supposedly, there is an eerie $82 million allegedly owed to CMS.
OIG recommended recouping all the money, but, according to OIG, CMS has provided insufficient information. Specifically, CMS did not provide information on the status of appeals hospitals levied against OIG’s overpayment findings. CMS didn’t provide information on the reason for the appeal or status of the action. Personally, I am just happy the hospitals appealed.
The second ghost story entails CMS’ continual audit of providers, especially the Medicare Advantage plans, which are nightmares. CMS has agreed to release the audits of 90 MA plans conducted between 2011 and 2013. These records are expected to demonstrate more than $600 million in MA overpayments due to alleged upcoding. Chilling!
Finally, a NC hospital system, Atrium Health, publicly announced that in 2019 it provided $640 million to Medicare patients that were never paid for. You would think this spine chilling unless you knew the tax breaks associated with the charity. But for the same year that Atrium’s website says it recorded the $640 million loss on Medicare, the hospital system claimed $82 million in profits from Medicare and an additional $37.2 million in profits from Medicare Advantage in a federally required financial document. Sleight of hand and hocus pocus!
The Catastrophic Effect of Natural Disasters on Medicare Audits
When natural disasters strike, Medicare and Medicaid audits become less important, and human safety becomes most important. During Hurricane Ian, 16 hospitals were evacuated in Florida alone. Hospitals and long-term care facilities were without water.
Approximately, 8,000 patients were evacuated from 47 nursing homes and 115 assisted living facilities. Seventy-eight nursing homes lost power and all had to implement emergency plans involving generator power. Did the providers continue to bill during this time? If so, could regulations be followed in the midst of a pandemic.
These natural disasters impact future Medicare and Medicaid audits. Obviously, during natural disasters a hospital may not be able to maintain the two-midnight rule or determine whether a patient is in observation status or in-patient. You may be surprised to hear that there are no automatic audit exceptions during a disaster.
The general rule, which has exceptions, is a 30-day extension for records requests. Broadly speaking, Medicare fee-for-service has three sets of potential temporary adjustments that can be made to address an emergency or disaster situation. These include:
- Applying flexibilities that are already available under normal business rules. This is on an individual basis;
- Waiver or modification of policy or procedural norms by CMS; and
- Waiver or modification of certain Medicare requirements pursuant to waiver authority under § 1135 of the Social Security Act. This waiver authority can be invoked by the Secretary of the DHHS in certain circumstances.
These waivers are not automatic.
Section 1135 of the Social Security Act authorizes the Secretary DHHS to waive or modify certain Medicare, Medicaid, CHIP, and HIPAA requirements. Two prerequisites must be met before the Secretary may invoke the § 1135 waiver authority. First, the President must have declared an emergency or disaster, and the Secretary must have declared a Public Health Emergency (PHE).
Waivers authorized by the statute apply to Medicare in the context of the following requirements:
- conditions of participation or other certification requirements applicable to providers;
- licensure requirements applicable to physicians and other health professionals;
- sanctions for violations of certain emergency medical standards under the Emergency Medical Treatment and Labor Act (EMTALA)
- sanctions relating to physician self-referral limitations (Stark)
- performance deadlines and timetables (modifiable only; not waivable); and
- certain payment limitations under the Medicare Advantage program.
Following a disaster, such as Ian, there is no standing authority for CMS to provide special emergency/disaster relief funding following an emergency or disaster in order to compensate providers for lost reimbursement. Congress may appropriate disaster-specific special funding for such; but absent such special appropriation, Medicare does not provide funding for financial losses.
In the context of Medicare audits, providers can obtain extensions to audit requests. Audits will only be suspended on a case-by-case basis, which means it is a subjective standard. Natural disasters are awful, and we probably need more comprehensive audit exceptions.
Always Challenge the Extrapolation in Medicare Provider Audits!
Always challenge the extrapolation! It is my personal opinion that extrapolation is used too loosely. What I mean is that sample sizes are usually too small to constitute a valid representation of the provider’s claims. Say a provider bills 10,000 claims. Is a sample of 50 adequate?
In a 2020 case, Palmetto audited .0051% of claims by Palm Valley, and Palm Valley challenged CMS’ sample and extrapolation method. Palm Valley Health Care, Inc. v. Azar, No. 18-41067, 2020 BL 14097 (5th Cir., Jan. 15, 2020). As an aside, I had 2 back-to-back extrapolation cases recently. The provider, however, did not hire me until the ALJ level – or the 3rd level of Medicare provider appeals. Unfortunately, no one argued that the extrapolation was faulty at the first 2 levels. We had 2 different ALJs, but both ALJs ruled that the provider could not raise new arguments; i.e., that the extrapolation was erroneous, at the 3rd level. They decided that all arguments should be raised from the beginning. This is just a reminder that: (a) raise all defenses immediately; and (b) don’t try the first two levels without an attorney.
Going back to Palm Valley.
The 5th Circuit held that while the statistical sampling methodology may not be the most precise methodology available, CMS’ selection methodology did represent a valid “complex balance of interests.” Principally, the court noted, quoting the Medicare Appeals Council, that CMS’ methodology was justified by the “real world constraints imposed by conflicting demands on limited public funds” and that Congress clearly envisioned extrapolation being applied to calculate overpayments in instances like this. I disagree with this result. I find it infuriating that auditors, like Palmetto, can scrutinize providers’ claims, yet circumvent similar accountability. They are being allowed to conduct a “hack” job at extrapolating to the financial detriment of the provider.
Interestingly, Palm Valley’s 5th Circuit decision was rendered in 2020. The dates of service of the claims Palmetto audited were July 2006-January 2009. It just shows how long the legal battle can be in Medicare audits. Also, Palm Valley’s error rate was 53.7%. Remember, in 2019, CMS revised the extrapolation rules to allow extrapolations in 50% or higher error rates. If you want to read the extrapolations rules, you can find them in Chapter 8 of the Medicare Program Integrity Manuel (“MPIM”).
On RACMonitor, health care attorney, David Glaser, mentioned that there is a difference in arguments versus evidence. While you cannot admit new evidence at the ALJ level, you can make new arguments. He and I agreed, however, even if you can dispute the extrapolation legally, a statistical report would not allowed as new evidence, which are important to submit.
Lastly, 42 CFR 405.1014(a)(3) requires the provider to assert the reasons the provider disagrees with the extrapolation in the request for ALJ hearing.
