Blog Archives
Post-COVID Medicare and Medicaid Provider Audits Are Here!
My esteemed colleagues with curious minds, today we embark on a journey into the complex world of Medicare and Medicaid provider audits, specifically orchestrated by the enigmatic entities known as Recovery Audit Contractors, or RACs. The dates of service (DOS) during COVID are specifically being targeted, and I’ve seen an uptick. With the plethora of exceptions, you need a specialized attorney.
Picture this: You’re a healthcare provider, diligently navigating the seas of Medicare and Medicaid reimbursement. All of a sudden, a tempest approaches – the Recovery Audit Contractors or RACs. These are the bounty hunters of the healthcare world, commissioned to recoup improper payments and ensure the ship of government healthcare funding stays afloat. And paid by contingency creating a financial incentive that some may call bias. The RACs even have the authority to extrapolate, making alleged overpayments to skyrocket, increasing its profit.
Now, you might wonder, “How do these RACs operate, and what laws govern their actions?” Well, let me shed some light on that. The Medicare RAC program was born out of the Tax Relief and Health Care Act of 2006, a legislative “masterpiece” that empowered RACs to review Medicare and Medicaid payments and, when necessary, claw back funds. It’s like having financial watchdogs on the prowl, ensuring taxpayer dollars are spent wisely.
A hospital client of mine provided outpatient services and billed Medicare for reimbursement during COVID. A RAC, armed with their legal authority, started scrutinizing these claims. Suddenly, the RAC believes that the hospital has been billing for services that don’t meet the necessary criteria. I love how RAC auditors without medical licenses purport to determine medical necessity for physicians. I hope you hear the sarcasm. The RAC alleged “upcoding” – alleging services were billed at a higher complexity than they actually were. The RACs, acting within the confines of the law, swoop in to recover those overpayments, ensuring the taxpayer’s purse strings are untangled.
We all know RACs are not infallible. Hopefully, you know this if you are a longtime reader. RACs mistakenly identify an overpayment or misinterpret complex healthcare regulations. That’s where the appeal process becomes crucial. The Medicare appeals process, defined under the Social Security Act, provides a right for providers to challenge RAC decisions. It’s a legal battleground where the provider can present evidence, argue their case, and seek justice against the RAC’s findings.
Now, let’s consider the Medicaid realm. The Medicaid RAC program, established by the Affordable Care Act in 2010, mirrors its Medicare counterpart. These RACs operate at the state level, conducting audits to identify and recover improper Medicaid payments. It’s like a dual-front war on wasteful spending, both federally and within individual states. Again, DOS during COVID are at issue.
For a concrete example, let’s imagine a nursing home submitting claims to Medicaid for resident services. The state-level Medicaid RAC, acting under the Affordable Care Act’s provisions, reviews these claims. If they discover discrepancies – perhaps services billed without proper documentation or purportedly unsupported by medical necessity – the RAC, wielding its legal mandate, initiates the recovery process.
The RACs, armed with the legislative might of the Tax Relief and Health Care Act and the Affordable Care Act, play a crucial role in safeguarding the integrity of Medicare and Medicaid reimbursements. While their actions may feel like storms to providers, it’s essential to recognize the checks and balances in place, including the appeals process, to ensure fairness and accuracy in the audit battlefield. As we navigate the seas of healthcare reimbursement, may our compass be true, our documentation impeccable, and our understanding of the law unwavering.
Can Medicare/caid Auditors Double-Dip?
The issue today is whether health care auditors can double-dip. In other words, if a provider has two concurrent audits, can the audits overlap? Can two audits scrutinize one date of service (“DOS”) for the same consumer. It certainly doesn’t seem fair. Five years ago, CMS first compiled a list of services that the newly implemented RAC program was to audit. It’s been 5 years with the RAC program. What is it about the RAC program that stands out from the other auditor abbreviations?
We’re talking about Cotiviti and Performant Recovery; you know the players. The Recovery Audit Program’s mission is to reduce Medicare improper payments through the efficient detection and collection of overpayments, the identification of underpayments and the implementation of actions that will prevent future improper payments.
RACs review claims on a post-payment basis. The RACs detect and correct past improper payments so that CMS and Carriers, and MACs can implement actions that will prevent future improper payments.
RACs are also held to different regulations than the other audit abbreviations. 42 CFR Subpart F dictates the Medicaid RACs. Whereas the Medicare program is run by 42 CFR Subchapter B.
The auditors themselves are usually certified coders or LPNs.
As most of you know, I present on RACMonitor every week with a distinguished panel of experts. Last week, a listener asked whether 2 separate auditors could audit the same record. Dr. Ronald Hirsh’s response was: yes, a CERT can audit a chart that another reviewer is auditing if it is part of a random sample. I agree with Dr. Hirsh. When a random sample is taken, then the auditors, by definition, have no idea what claims will be pulled, nor would the CERT have any knowledge of other contemporaneous and overlapping audits. But what about multiple RAC audits? I do believe that the RACs should not overlap its own audits. Personally, I don’t like the idea of one claim being audited more than once. What if the two auditing companies make differing determinations? What if CERT calls a claim compliant and the RAC denies the claim? The provider surely should not pay back a claim twice.
I believe Ed Roche presented on this issue a few weeks ago, and he called it double-dipping.
This doesn’t seem fair. What Dr. Hirsh did not address in his response to the listener was that, even if a CERT is allowed to double-dip via the rules or policies, there could be case law saying otherwise.
I did a quick search on Westlaw to see if there were any cases where the auditor was accused of double-dipping. It was not a comprehensive search by any means, but I did not see any cases where auditors were accused of double-dipping. I did see a few cases where hospitals were accused of double-dipping by collecting DSH payments to cover costs that had already been reimbursed, which seems like a topic for another day.
More Covered Health Care Services and More Policing under the Biden Administration!
Happy 55th Medicare! Pres. Biden’s health care policies differ starkly from former Pres. Trump’s. I will discuss some of the key differences. The newest $1.9 trillion COVID bill passed February 27th. President Biden is sending a clear message for health care providers: His agenda includes expanding government-run, health insurance and increase oversight on it. In 2021, Medicare is celebrating its 55th year of providing health insurance. The program was first signed into law in 1965 and began offering coverage in 1966. That first year, 19 million Americans enrolled in Medicare for their health care coverage. As of 2019, more than 61 million Americans were enrolled in the program.
Along with multiple Executive Orders, Pres. Biden is clearly broadening the Affordable Care Act (“ACA”), Medicaid and Medicare programs. Indicating an emphasis on oversight, President Biden chose former California Attorney General Xavier Becerra to lead HHS. Becerra was a prosecutor and plans to bring his prosecutorial efforts to the nation’s health care. President Biden used executive action to reopen enrollment in ACA marketplaces, a step in his broader agenda to bolster the Act with a new optional government health plan.
For example, one of my personal, favorite issues that Pres. Biden will address is parity for Medicare coverage for medically necessary, oral health care. In fact, Medicare coverage extends to the treatment of all microbial infections except for those originating from the teeth or periodontium. There is simply no medical justification for this exclusion, especially in light of the broad agreement among health care providers that such care is integral to the medical management of numerous diseases and medical conditions.
The Biden administration has taken steps to roll back a controversial Trump-era rule that requires Medicaid beneficiaries to work in order to receive coverage. Two weeks ago, CMS sent letters to several states that received approval for a Section 1115 waiver – for Medicaid. CMS said it was beginning a process to determine whether to withdraw the approval. States that received a letter include Arizona, Arkansas, Georgia, Indiana, Nebraska, Ohio, South Carolina, Utah, and Wisconsin. The work requirement waivers that HHS approved at the end of the previous administration’s term may not survive the new presidency.
Post Payment Reviews—Recovery Audit Contractor (“RAC”) audits will increase during the Biden administration. The RAC program was created by the Medicare Prescription Drug, Improvement, and Modernization Act of 2003. As we all know, the RACs are responsible for identifying Medicare overpayments and underpayments and for highlighting common billing errors, trends, and other Medicare payment issues. In addition to collecting overpayments, the data generated from RAC audits allows CMS to make changes to prevent improper payments in the future. The RACs are paid on a contingency fee basis and, therefore, only receive payment when recovery is made. This creates overzealous auditors and, many times, inaccurate findings. In 2010, the Obama administration directed federal agencies to increase the use of auditing programs such as the RACs to help protect the integrity of the Medicare program. The RAC program is relatively low cost and high value for CMS. It is likely that the health care industry will see growth in this area under the Biden administration. To that end, the expansion of audits will not only be RAC auditors, but will include increased oversight by MACs, CERTs, UPICs, etc.
Telehealth audits will be a focus for Pres. Biden. With increased use of telehealth due to COVID, comes increased telehealth fraud, allegedly. On September 30, 2020, the inter-agency National Health Care Take Down Initiative announced that it charged hundreds of defendants ostensibly responsible for—among other things—$4.5 billion in false and fraudulent claims relating to telehealth advertisements and services. Unfortunately for telehealth, bad actors are prevalent and will spur on more and more oversight.
Both government-initiated litigation and qui tam suits appear set for continued growth in 2021. Health care fraud and abuse dominated 2020 federal False Claims Act (“FCA”) recoveries, with almost 85 percent of FCA proceeds derived from HHS. The increase of health care enforcement payouts reflects how important government paid health insurance is in America. Becerra’s incoming team is, in any case, expected to generally ramp up law enforcement activities—both to punish health care fraud and abuse and as an exercise of HHS’s policy-making authorities.
With more than $1 billion of FCA payouts in 2020 derived from federal Anti-Kickback Statute (“AKS”) settlements alone, HHS’s heavy reliance on the FCA because it is a strong statute with “big teeth,” i.e., penalties are harsh. For these same reasons, prosecutors and qui tam relators will likely continue to focus their efforts on AKS enforcement in the Biden administration, despite the recent regulatory carveouts from the AKS and an emerging legal challenge from drug manufacturers.
The individual mandate is back in. The last administration got rid of the individual mandate when former Pres. Trump signed the GOP tax bill into law in 2017. Pres. Biden will bring back the penalty for not being covered under health insurance under his plan. Since the individual mandate currently is not federal law, a Biden campaign official said that he would use a combination of Executive Orders to undo the changes.
In an effort to lower the skyrocketing costs of prescription drugs, Pres. Biden’s plan would repeal existing law that currently bans Medicare from negotiating lower prices with drug manufacturers. He would also limit price increases for all brand, biotech and generic drugs and launch prices for drugs that do not have competition.
Consumers would also be able to buy cheaper priced prescription drugs from other countries, which could help mobilize competition. And Biden would terminate their advertising tax break in an effort to also help lower costs.
In all, the Biden administration is expected to expand health care, medical, oral, and telehealth, while simultaneously policing health care providers for aberrant billing practices. My advice for providers: Be cognizant of your billing practices. You have an opportunity with this administration to increase revenue from government-paid services but do so compliantly.
RAC Report: PET Scans, Helicopter Transportation, and Hospice, Oh My!
The RACs are on attack! The “COVID Pause Button” on RAC audits has been lifted. The COVID Pause Button has been lifted since August 2020. But never have I ever seen CMS spew out so many new RAC topics in one month of a new year. Happy 2021.
Recovery audit contractors (“RACs”) will soon be auditing positron emission tomography (PET) scans for initial treatment strategy in oncologic conditions for compliance with medical necessity and documentation requirements.
Positron emission tomography (“PET”) scans detect early signs of cancer, heart disease and brain disorders. An injectable radioactive tracer detects diseased cells. A combination PET-CT scan produces 3D images for a more accurate diagnosis.
According to CMS’ RAC audit topics, “(PET) for Initial Treatment Strategy in Oncologic Conditions: Medical Necessity and Documentation Requirements,” will be reviewed as of January 5, 2021. The PET scan audits will be for outpatient hospital and professional service reviews. CMS added additional 2021 audit targets to the approved list:
- Air Ambulance: Medical Necessity and Documentation Requirements,[1]. This complex review will be examining rotatory wing (helicopter) aircraft claims to determine if air ambulance transport was reasonable and medically necessary as well as whether or not documentation requirements have been met.
- Hospice Continuous Home Care: Medical Necessity and Documentation Requirements,[2] and
- Ambulance Transport Subject to SNF Consolidated Billing.[3]
Upcoming HHS secretary Xavier Becerra plans to get his new tenure underway quickly.
In False Claims Act (“FCA”) news, Medicare audits of P-Stim have ramped up across the country. A Spinal Clinic in Texas agreed to pay $330,898 to settle FCA allegations for allegedly billing Medicare improperly for electro-acupuncture device neurostimulators. CMS claims that “Medicare does not reimburse for acupuncture or for acupuncture devices such as P-Stim, nor does Medicare reimburse for P-Stim as a neurostimulator or as implantation of neurostimulator electrodes.”
Finally, is your staff getting medical records to consumers requesting their records quickly enough? Right to access to health records is yet another potential risk for all providers, especially hospitals due to their size. A hospital system agreed to pay $200,000 to settle potential violations of the HIPAA Privacy Rule’s right of access standard. This is HHS Office for Civil Rights’ 14th settlement under its Right of Access Initiative. The first person alleged that she requested medical records in December 2017 and did not receive them until May 2018. In the second complaint, the person asked for an electronic copy of his records in September 2019, and they were not sent until February 2020.
Beware of slow document production as slow document production can lead to penalties. And be on the lookout for the next RAC Report.
Remember, never accept the results of a Medicare or Medicaid audit. It is always too high. Believe me, after 21 years of my legal practice, I have yet to agree with the findings if a Tentative notice of Overpayment by any governmental contracted auditor, whether it is PCG, NGS, the MACs, MCOs, or Program Integrity – in any of our 50 States. That is quite a statement about the general, quality of work of auditors. Remember Teambuilders? How did $12 million become $896.35? See blog.
1 CMS, “0200-Air Ambulance: Medical Necessity and Documentation Requirements,” proposed RAC topic, January 5, 2021, http://go.cms.gov/35Jx1co.
2 CMS, “0201-Hospice Continuous Home Care: Medical Necessity and Documentation Requirements,” proposed RAC topic, January 5, 2021, http://go.cms.gov/3oRUyiY.
3 CMS, “0202- Ambulance Transport Subject to SNF Consolidated Billing,” proposed RAC topic, January 5, 2021, http://go.cms.gov/2LOMEbw.
Provider Relief Funds: The Hottest RAC Audit Subject
Reporting the use of PRFs will be an ongoing issue due to the fraud and abuse implications of misusing PRFs.
The federal Provider Relief Fund (PRF) was created under the provisions of the Coronavirus Aid, Relief, and Economic Security (CARES) Act, which was passed to address the economic harm suffered by healthcare providers that have incurred (or will incur) additional expenses and have lost (or will lose) significant revenue as a result of the COVID-19 pandemic. PRF payments have been made from either the “general distribution” tranche or via various “targeted distributions.” PRF payment amounts and whether the providers complied with the terms and conditions will be a hotly contested topic in Recovery Audit Contractor (RAC) and Medicare Administrative Contractor (MAC) audits for years to come. If Centers for Medicare & Medicaid Services (CMS) auditors put out a monthly magazine, like Time, PRF would be on the cover. This will be the hot topic of RAC audits, come Jan. 1, 2021.
The U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) will audit Medicare payments made to hospitals for COVID-19 discharges that qualified for the 20-percent add-on payment under the CARES Act, according to a new item on the agency’s work plan.
To use the PRF funding from either the general or targeted distributions, providers must attest to receiving the funds and agree to all terms and conditions. However, what constitutes a “healthcare-related expense” or how to calculate “lost revenue” is not clearly defined. Similarly, how you net healthcare-related expenses toward lost revenue is also vague and undefined. On Nov. 2, HHS issued a clarification to post-payment reporting guidance for PRF funds.
The current guidance, issued Oct. 22, includes a two-step process for providers to report their use of PRF payments. The guidance specifically cites:
- Healthcare-related expenses attributable to COVID that another source has not reimbursed and is not obligated to reimburse, which may include general and administrative (G&A) or “healthcare-related operating expenses;” and
- PRF payment amounts not fully expended on healthcare-related expenses attributable to coronavirus are then applied to lost revenues associated with patient care, net of the healthcare-related expenses attributable to coronavirus calculated under the first step. Recipients may apply PRF payments toward lost revenue, up to the amount of the difference between their 2019 and 2020 actual patient care revenue.
HHS’s newest clarification came from its response to a FAQ, in which it said that healthcare-related expenses are no longer netted against the patient care lost revenue amount cited in the second portion. HHS indicated that a revised notice would be posted to remove the “net of the healthcare-related expenses” language in the guidance. Of course, as of now, we have no guidance regarding when this clarification is to be put into place officially. Yet another moving target for auditors.
Anticipate audits of the use of your PRF payments. CMS is choosing a sample of hospitals across the country that have received PRF payments to verify that such expenditures were for healthcare-related expenses. For each audit, OIG will obtain data and interview HHS/PRF program officials to understand how PRF payments were calculated, and then review actual PRF payments for compliance with CARES Act requirements. OIG will also review whether HHS’s controls over PRF payments ensured that payments were calculated correctly and disbursed to eligible providers.
Audits will also focus on how providers initially applied to receive PRFs, including calculations utilized and how COVID-19 patients are defined. When each hospital ceased netting expenses against lost revenue will now be another hot topic.
Balance billing is another area of interest. The terms and conditions require providers that accept the PRFs not to collect out-of-pocket payments from patients for all care for a presumptive or actual case of COVID-19 that exceeded what they would pay an in-network provider.
More havoc may ensue with any purchases or sales transactions that occur in the next year or so. Providers will need to know how to navigate compliance risks associated with any accepted or transferred PRFs. Tracking and reporting use of the PRFs will also be an ongoing issue due to the fraud and abuse implications of misusing PRFs, and there is limited guidance regarding how use will be audited. Many questions remain unanswered. Many terms remain undefined.
Programming Note: Knicole Emanuel, Esq. is a permanent panelist on Monitor Mondays. Listen to her RAC Report every Monday at 10 a.m. EST.
The Undefined, Definition of “Medical Necessity”
While the Coronavirus pandemic is horrible and seems to be getting worse. COVID has forced slight, positive changes in the telehealth arena and, perhaps, in the widening of the ambiguous definition of “medical necessity” or, as I call it – the undefined, definition of “medical necessity.” Medical necessity is the backbone of rendering health care services. Without it, services should not be provided. Yet, medical necessity is the most litigated topic in all of audits.
On September 1, 2020, the Centers for Medicare & Medicaid Services (“CMS”) published a proposed rule that will codify a definition of “medical necessity” for Medicare purposes. So far, the definition of medical necessity varies, depending on the source. The MACs have been given long rein in defining the term on an individual and separate basis, creating disparity in definitions and criteria. The proposed rule’s comment period ended November 2, 2020.
All this to say medical necessity is in the eye of the beholder. Much like beauty. Why then, can RAC and MAC auditors who are not doctors, not firsthand, treating providers, not nurses or LCASs, decide that medical necessity does or does not exist for a patient that they have never seen?
Black’s Law Dictionary (the most prominent legal dictionary) has a super, unhelpful definition of medical necessity: “If not carried out the patient’s situation could worsen. For a patient’s treatment found to be necessary is this specific type of procedure or treatment.”
The American Medical Association (“AMA”), on the other hand, has a more detailed definition, probably unintended to make it all the more confusing:
“Our AMA defines medical necessity as: Health care services or products that a prudent physician would provide to a patient for the purpose of preventing, diagnosing or treating an illness, injury, disease or its symptoms in a manner that is: (a) in accordance with generally accepted standards of medical practice; (b) clinically appropriate in terms of type, frequency, extent, site, and duration; and (c) not primarily for the economic benefit of the health plans and purchasers or for the convenience of the patient, treating physician, or other health care provider.”
CMS’ proposed rule codifies a definition of what makes an item or service medically “reasonable and necessary” under the Social Security Act 1861(a)(1)(A). The rule, if finalized, would codify in regulations a definition of “reasonable and necessary” items and services based on a definition currently used by Medicare Administrative Contractors (MACs), with an additional element that potentially would include coverage determinations by commercial insurers as a factor in making Medicare coverage determinations.
The Proposed Definition (To be Codified in 42 CFR 405.201)
“We are proposing to codify the longstanding Program Integrity Manual definition of “reasonable and necessary” into our regulations at 42 CFR 405.201(b), with modification. Under the current definition, an item or service is considered “reasonable and necessary” if it is (1) safe and effective; (2) not experimental or investigational; and (3) appropriate, including the duration and frequency that is considered appropriate for the item or service, in terms of whether it is—
- Furnished in accordance with accepted standards of medical practice for the diagnosis or treatment of the patient’s condition or to improve the function of a malformed body member;
- Furnished in a setting appropriate to the patient’s medical needs and condition;
- Ordered and furnished by qualified personnel;
- One that meets, but does not exceed, the patient’s medical need; and
- At least as beneficial as an existing and available medically appropriate alternative.” See Proposed Rule.
In addition, CMS adds that it will also utilize commercial payor standards or have an objective panel determine medical necessity if criteria #1 and #2 were met, but not #3. This additional commentary is another example of how subjective and fact-specific determining medical necessity can be. The LCDs will also be consulted.
If adopted, these proposals would arguably lead to the most wide-ranging changes in Medicare’s coverage standards and procedures in decades. The proposal to codify the definition of “reasonable and necessary” applies to all items and services. The inclusion of commercial payor standards may be a wild card.
The definition of medical necessity has not been officially revised – yet. One could imagine that, in the midst of a RAC or MAC audit, auditors and providers will disagree as to the true definition of medical necessity.
Going forward, when you get audited, immediately look and see whether your claim denials were denied due to “lack of medical necessity.” Ask yourself, “Really? Is there no medical necessity in this case…even in the era of COVID?” Because the auditors may be wrong.
Secondly, ensure that the RAC and MAC entity is CMS-certified to review those certain CPT codes for medical necessity. CMS limits audits on medical necessity because of the vagueness of the definition. When auditors find no medical necessity, then providers must push back. And you should push back, legally, of course!
Update on Medicare/Medicaid Audits in the Wake of COVID-19
Published in Today’s Wound Clinic:
When I was asked to draft an article for Today’s Wound Clinic, it was approximately two weeks ago. I was asked to write about the current state of Medicare and Medicaid audits. Specifically, I was asked to provide a legal analysis about CMS suspending audits un-related to COVID-19. In the month of April, we have seen the spike of COVID-19, which has overturned our everyday world. We have been instructed by President Trump to “stay home” and “social distance” to decrease the spread of the virus. This “stay at home” instruction is unprecedented and has uprooted many of our most reliable and commonplace businesses, such as hairdressers, bowling alleys, and tattoo parlors.
Here is the answer: The current state of Medicare/Medicaid audits, at the moment, is dictated by COVID-19.
We can divide the post-COVID-19 audit rules into 3 categories:
- Those exceptions published by CMS to apply to all health care providers
- Those special, verbal exceptions given directly to an individual provider that were not published by CMS
- Effective immediately, new guidelines that CMS will follow until CMS believes it no longer needs to follow (by its own choice, of course).
An example of an “effective immediately” guideline is our current state of Medicare/Medicaid audits in the wake of COVID-19. CMS has not suspended all Medicare/Medicaid regulatory audits. But CMS has suspended most audits.
Effective immediately, survey activity is limited to the following (in Priority Order):
- All immediate jeopardy complaints (cases that represents a situation in which entity noncompliance has placed the health and safety of recipients in its care at risk for serious injury, serious harm, serious impairment or death or harm) and allegations of abuse and neglect;
- Complaints alleging infection control concerns, including facilities with potential COVID-19 or other respiratory illnesses;
- Statutorily required recertification surveys (Nursing Home, Home Health, Hospice, and ICF/IID facilities);
- Any re-visits necessary to resolve current enforcement actions;
- Initial certifications;
- Surveys of facilities/hospitals that have a history of infection control deficiencies at the immediate jeopardy level in the last three years;
- Surveys of facilities/hospitals/dialysis centers that have a history of infection control deficiencies at lower levels than immediate jeopardy.
See CMS QSO-20-12-ALL. You can see that these “effective immediately” guidelines are usually published on CMS letterhead. The “effective immediately” guidelines explain why CMS is taking the stated action, the stated action, and that the action is temporary and due to COVID-19.
Here are a few recent “effective immediately” guidelines due to COVID-19:
- On April 27, 2020, CMS said it would no longer expedite Medicare payments to doctors and be more stringent about accelerating the payments to hospitals as Congressional relief aimed at providers reaches $175 billion.
- The agency is not accepting any new applications for the loans from Part B suppliers, including doctors, non-physician practitioners and durable medical equipment suppliers. CMS will continue to process pending and new requests from Part A providers, including hospitals, but be stricter with application approvals.
- CMS expanded the Accelerated and Advance Payment Programs in late March as the pandemic continued to gain strength in the U.S. Since then, the agency has approved over 21,000 applications making up $59.6 billion in accelerated payments to Part A providers and almost 24,000 applications making up $40.4 billion in payments for Part B suppliers.
The $2.2 trillion Coronavirus Aid, Relief, and Economic Security stimulus package passed by Congress in March benchmarked $100 billion in funds for hospitals. On Friday, President Donald Trump signed legislation with a second round of emergency funding, called the Paycheck Protection Program and Health Care Enhancement Act, that allocates another $75 billion for providers — roughly three-quarters of what major provider trade associations requested.
An initial $30 billion from the fund was distributed between April 10 and April 17 based on Medicare fee-for-service revenue, sparking criticism that put facilities with a smaller proportion of Medicare business, such as children’s and disproportionate share hospitals, at a disadvantage. HHS on Friday began releasing an additional $20 billion in CARES payments to providers based on their 2018 net patient revenue, with more funding to roll out “soon,” the agency said, including $10 billion for hard-hit areas like New York.
How RAC/MAC auditors are compensated dictates their actions and/or aggressiveness.
RAC Auditors are paid by contingency. They are usually compensated approximately 13%, depending on the State. Imagine what 13% is of 1 million. It is $130,000 – more than most people make in a year. If you do not believe that 13% contingency is enough to incentivize a company, which, in turn, incentivize the employees, then you are sorely mistaken.
RACs were established through a demonstration program under the Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (“MMA”), piloted between 2005 and 2008, and were later made permanent under the Tax Relief and Health Care Act of 2006, which required CMS to establish Recovery Auditors for all states before 2010.
MACs are not compensated by contingency, per se. CMS decided to structure the MAC contracts with 1-year base performance periods and four, optional, 1-year performance periods at the time. The MMA required that these contracts be recompeted at least once every 5 years. The recent enactment of the Medicare Access and CHIP Reauthorization Act of 2015 amended this requirement to authorize a maximum 10-year performance period before MAC contracts must be recompeted. The amendment, which applies to MAC contracts in effect at the time of enactment or entered into on or after enactment, would permit CMS to modify existing MAC contracts or enter into future MAC contracts for 1-year base performance periods and nine optional 1-year performance periods. See Pub. L. No. 114-10, § 509(a)- (b) (April 16, 2015). Therefore, while MACs are not compensated on contingency, MACs are compensated on performance. The less a MAC spends, the more services a MAC allows, the strict oversight a MCA ensues on its providers…all these “performance-based” measures may not be a contingency compensation relationship, but it’s pretty close. Saved money becomes profit for MACs.
Medicare and Medicaid auditors love rules. Even if the rules that auditors are instructed to follow really are not required by actual law. It goes without saying that auditors are not lawyers. Auditors are not trained to decipher whether statutes, regulations or policy are superseded by federal statutes and regulations. The fact is that, more times than one would hope, the auditors are wrong in their assessments that a claim should be denied, not out of malice, but because of a basic misunderstanding of what the law actually requires.
I have all kinds of stories about auditors claiming money is owed, when, really it was not owed because the RAC/MAC auditor failed to follow the actual, correct procedure or misconstrued a regulation. For example, I had a durable medical equipment provider, DME ABC, who was informed by the NSC Supplier Audit and Compliance Unit of Palmetto GBA that it owed $1,075,548.64. Palmetto is one of the MACs for Medicare – durable medical equipment. There was no demand letter. The alleged overpayment amount came to fruition in a telephone conference between the CEO of the company and an employee of Palmetto. Let’s call her Nancy. Nancy told CEO that company owed $1,075,548.64 based on an alleged violation of 42 C.F.R. § 424.58,
Even more disconcerting, was the fact that Palmetto claimed that its alleged, oral overpayment against DME ABC arose from a normal, reoccurring validation process pursuant to 42 C.F.R. §424.57, approved by CMS and in accordance with the requirements of 42 C.F.R. §424.58. No formal letter was necessary was Palmetto’s retort. Not correct; a formal demand letter is always required.
In this case, Palmetto began to backtrack once we pointed out that Palmetto nor Nancy ever sent a formal demand letter with any reconsideration review appeal rights or administrative appeal rights. We knew this was procedurally incorrect because federal law dictates that you receive a formal demand letter with appeal rights and notice of how many days you have to appeal. But out of fear of retribution, DME ABC was willing to write a check without pushing back. Obviously, we did not do so.
I tell this story as an example of how intimidating, scary, and overwhelming auditors can be. If someone off the street asked you for a million dollars, you would laugh them off your doorstep, right? After you tell them to don a mask and maintain social distancing.
But in the new-age world of COVID-19, rules have been broken. This behavior would not be acceptable pre-COVID-19. But this provider honestly was going to pay.
The Trump Administration is issuing an unprecedented array of temporary regulatory waivers and new rules to equip the American healthcare system with maximum flexibility to respond to the 2019 Novel Coronavirus (COVID-19) pandemic.
Pre-COVID-19 if you were to state “paperwork over patients,” everyone in the industry would agree. There would be snickers and eyes rolling, because no one wanted paperwork to be over patients. But it was. Now the mantra has flipped upside down – now the mantra is: Patients over Paperwork.
Post-COVID-19, if documents are lost or misplaced, or otherwise unusable, DME MACs have the flexibility to waive replacements requirements under Medicare such that the face-to-face requirement, a new physician’s order, and new medical necessity documentation are not required. Suppliers must still include a narrative description on the claim explaining the reason why the equipment must be replaced and are reminded to maintain documentation indicating that the DMEPOS was lost, destroyed, irreparably damaged or otherwise rendered unusable or unavailable as a result of the emergency.
Post-COVID-19, CMS is pausing the national Medicare Prior Authorization program for certain DMEPOS items. CMS is not requiring accreditation for newly enrolling DMEPOS and extending any expiring supplier accreditation for a 90-day time period. CMS is waiving signature and proof of delivery requirements for Part B drugs and Durable Medical Equipment when a signature cannot be obtained because of the inability to collect signatures. Suppliers should document in the medical record the appropriate date of delivery and that a signature was not able to be obtained because of COVID-19.
Post-COVID-19, in order to increase cash flow to providers impacted by COVID-19, CMS has expanded the current Accelerated and Advance Payment Program. An accelerated/advance payment is a payment intended to provide necessary funds when there is a disruption in claims submission and/or claims processing. CMS may provide accelerated or advance payments during the period of the public health emergency to any two Medicare providers/suppliers who submits a request to the appropriate MAC and meets the required qualifications. The process of obtaining the funds is a MAC-by-MAC process. Each MAC will work to review requests and issue payments within seven calendar days of receiving the request. Traditionally repayment of these advance/accelerated payments begins at 90 days, however for the purposes of the COVID-19 pandemic, CMS has extended the repayment of these accelerated/advance payments to begin 120 days after the date of issuance of the payment. Providers can get more information on this process here: www.cms.gov/files/document/Accelerated-and-Advanced-Payments-Fact-Sheet.pdf
The Future of Medicare/Medicaid Audits
The beauty of predicting the future is that no one can ever tell you that you are wrong. These are my predictions:
Auditors will deny claims for not having prior authorizations. Auditors will deny claims because the supplier accreditation expired after the 90-day time period. Auditors will deny claims because the percentage of face-to-face time was not met as described per CPT codes.
Obviously, these would be erroneous denials if the denials are within the dates that the COVID-19 pandemic occurred. The problem will be that the auditors will not be able to keep up with all the exceptions, not because the auditors are acting out of malice or dislikes providers. They will be simply trying to do their job. They will simply not be able to take into consideration all the exceptions that were given during the virus. Because, while we do have many written exceptions, if you call CMS with a personal and individualized problem, CMS will, most likely, grant you a needed exception. As long as the exception has the best interest of the consumer at heart. However, this personalized exception will not be written on CMS’s website. In five years, when you undergo a MAC or RAC audit, you better have proof that you received that exception. It will not be enough proof for you to state that you were given the exception over the phone.
So how can you protect yourself from future, erroneous audits?
Write everything down. When you speak to CMS, document concurrently the date, time, name of the person to whom you are speaking, the summary of your conversation, the COVID-19 regulatory exception, sign it and date it.
It is a hearsay exception. Writing down everything does not magically transform your note into the truth. However, writing down everything concurrently does magically allow that note that you wrote to be allowed in a court of law as an exhibit. Had you not written the note contemporaneously with the conversation that you had with CMS, then the attorney on the other side of the case would move to exclude your handwritten or typed note as hearsay.
Hearsay is defined as a statement that (1) the declarant does not make while testifying at the current trial or hearing; and (2) a party offers in evidence to prove the truth of the matter asserted in a statement. There are too many hearsay exceptions to name in this article.
Just know, for purposes of this article, that any health care provider who is relying on an exception to a normally required regulatory mandate – regardless what it is – either be able to: (1) cite the written exception that was published by CMS to the public; or (2) produce the written or typed contemporaneously written note that you wrote to memorialize the conversation.
Why Auditors Can’t be Unbiased
Last week on Monitor Mondays, Knicole Emanuel, Esq. reported on the case of Commonwealth v. Pediatric Specialist, PLLC, wherein the Recovery Audit Contractors’ (RACs’) experts were prohibited from testifying because they were paid on contingency. This means that the auditor (or the company for which they work) is paid some percentage of the overpayment findings it reports.
In this case, as in most nowadays, the overpayment estimate was based upon extrapolation, which means that the auditor extended the overpayment amount found in the sample to that of all claims within the universe from which the sample was drawn. I have written about this process before, but basically, it can turn a $1,500 overpayment on the sample into a $1.5 million overpayment demand.
The key to an effective extrapolation is that the statistical process is appropriate, proper, and accurate. In many audits, this is not the case, and so what happens is, if the provider believes that the extrapolation is not appropriate, they may choose to challenge the results in their appeal. Many times, this is when they will hire a statistician, like me, to review the statistical sampling and overpayment estimate (SSOE), including data and documentation to assist with the appeal. I have worked on hundreds of these post-audit extrapolation mitigation appeals over the years, and even though I am employed by the provider, I maintain a position as an independent fact-finder. My reports are based on facts and figures, and my opinion is based on those findings. Period.
So, what is it that allows me to remain independent? To perform my job without undue influence or bias? Is it my incredibly high ethical standards? Check! My commitment to upholding the standards of my industry? Check! Maybe my good looks? Well, not check! It is the fact that my fees are fixed, and are not contingent on the outcome. I mean, it would be great if I could do what the RACs do and cash in on the outcomes of a case, but alas, no such luck.
In one large class-action case in which I was the statistical expert, the defendant settled for $122 million. The law firm got something like a quarter or a third of that, and the class members all received some remuneration as well. Me? I got my hourly rate, and after the case was done, a bottle of Maker’s Mark whiskey as a thank you. And I’m not even sure that was appropriate, so I sent it back. I would love to be paid a percentage of what I am able to save a client in this type of appeal. I worked on a case a couple of years ago for which we were able to get the extrapolation thrown out, which reduced the payment demand from $5.9 million to $3,300. Imagine if I got paid even 2 percent of that; it would be nearly $120,000. But that can’t happen, because the moment my work product is tied to the results, I am no longer independent, nor unbiased. I don’t care how honest or ethical you are, contingency deals change the landscape – and that is as true for me, as an expert, as it is for the auditor.
In the pediatric case referenced above, the RAC that performed the audit is paid on a contingency, although I like to refer to it as a “bounty.” As such, the judge ruled, as Ms. Emanuel reported, that their experts could not testify on behalf of the RAC. Why not? Because the judge, unlike the RAC, is an independent arbiter, and having no skin in the game, is unbiased in their adjudication. But you can’t say that about the RAC. If they are being paid a “bounty” (something like 10 percent), then how in the world could they be considered independent and unbiased?
The short answer is, they can’t. And this isn’t just based on standards of statistical practice; it is steeped in common sense. Look at the appeal statistics; some 50 percent of all RAC findings are eventually reversed in favor of the provider. If that isn’t evidence of an overzealous, biased, bounty-hunting process, I don’t know what is. Basically, as Knicole reported, having their experts prohibited from testifying, the RAC was unable to contest the provider’s arguments, and the judge ruled in favor of the provider.
But, in my opinion, it should not stop here. This is one of those cases that exemplifies the “fruit of the poisonous tree” defense, meaning that if this case passes muster, then every other case for which the RAC did testify and the extrapolation held should be challenged and overturned. Heck, I wouldn’t be surprised if there was a class-action lawsuit filed on behalf of all of those affected by RAC extrapolated audits. And if there is one, I would love to be the statistical expert – but for a flat fee, of course, and not contingent upon the outcome.
And that’s the world according to Frank.
Frank Cohen is a frequent panelist with me on RACMonitor. I love his perspective on expert statistician witnesses. He drafted based off a Monitor Monday report of mine. Do not miss both Frank and me on RACMonitor, every Monday.
CMS Revises and Details Extrapolation Rules
Effective Jan. 2, 2019, the Centers for Medicare & Medicaid Services (CMS) radically changed its guidance on the use of extrapolation in audits by Recovery Audit Contractors (RACs), Medicare Administrative Contractors (MACs), Unified Program Integrity Contractors (UPICs), and the Supplemental Medical Review Contractor (SMRC).
Extrapolation is a veritable tsunami in Medicare/Medicaid audits. The auditor collects a small sample of claims to review for compliance, then determines the “error rate” of the sample. For example, if 500 claims are reviewed and one is found to be noncompliant for a total of $100, then the error rate is set at 20 percent. That error rate is applied to the universe, which is generally a three-year time period. It is assumed that the random sample is indicative of all your billings, regardless of whether you changed your billing system during that time period or maybe hired a different biller. In order to extrapolate an error rate, contractors must use a “statistically valid random sample” and then apply that error rate on a broader universe of claims, using “statistically valid methods.”
With extrapolated results, auditors allege millions of dollars of overpayments against healthcare providers – sometimes a sum of more than the provider even made during the relevant time period. It is an overwhelming impact that can put a provider and its company out of business.
Prior to this recent change to extrapolation procedure, the Program Integrity Manual (PIM) offered little guidance regarding the proper method for extrapolation.
Prior to 2019, CMS offered broad strokes with few details. Its guidance was limited to generally identifying the steps contractors should take: “a) selecting the provider or supplier; b) selecting the period to be reviewed; c) defining the universe, the sampling unit, and the sampling frame; d) designing the sampling plan and selecting the sample; e) reviewing each of the sampling units and determining if there was an overpayment or an underpayment; and, as applicable, f) estimating the overpayment.”
Well, Change Request 10067 overhauled extrapolation in a huge way.
The first modification to the extrapolation rules is that the PIM now dictates when extrapolation should be used.
Under the new guidance, a contractor “shall use statistical sampling when it has been determined that a sustained or high level of payment error exists. The use of statistical sampling may be used after a documented educational intervention has failed to correct the payment error.” This guidance now creates a three-tier structure:
- Extrapolation shall be used when a sustained or high level of payment error exists.
- Extrapolation may be used after documented educational intervention (such as in the Targeted Probe-and-Educate (TPE) program).
- It follows that extrapolation should not be used if there is not a sustained or high level of payment error or evidence that documented educational intervention has failed.
“High level of payment error” is defined as 50 percent or greater. The PIM also states that the contractor may review the provider’s past noncompliance for the same or similar billing issues or a historical pattern of noncompliant billing practice. This is critical because so many times providers simply pay the alleged overpayment amount if the amount is low or moderate in order to avoid costly litigation. Now, those past times that you simply paid the alleged amounts will be held against you.
Another monumental modification to RAC audits is that the RAC auditor now must receive authorization from CMS to go forward in recovering from the provider if the alleged overpayment exceeds $500,000 or is an amount that is greater than 25 percent of the provider’s Medicare revenue received within the previous 12 months.
The identification of the claims universe was also redefined. Even CMS admitted in the change request that, on occasion, “the universe may include items that are not utilized in the construction of the sample frame. This can happen for a number of reasons, including, but not limited to: a) some claims/claim lines are discovered to have been subject to a prior review; b) the definitions of the sample unit necessitate eliminating some claims/claim lines; or c) some claims/claim lines are attributed to sample units for which there was no payment.”
How many of you have been involved in an alleged overpayment in which the auditor misplaced or lost documents? I know I have. The new rule also states that the auditors must be able to recreate the sample and maintain all documentation pertinent to the calculation of an alleged overpayment.
High-volume providers should face a lower risk of extrapolation if their audited error rate is less than 50 percent and they do not have a history of noncompliance for the same or similar billing issues, or a historical pattern of noncompliant billing practice.
RAC Audits Will Be Targeting Telehealth
Consults by telephone are becoming more and more prevalent. It only makes sense. In an age in which the population has surged, the ratio of physicians to patients has grown more disparate, and the aging and disabled community continues to increase, telehealth is a viable, logical, and convenient resource. I can tell you that when I have to go to a doctor appointment, my whole day is off-kilter. You have to get dressed, drive there, sit in the waiting room, wait for the doctor in the patient room, talk to your doctor, check-out, drive back to work/home and, usually, have a hour-long telephone call with your insurance company. Doctor visits can take up a whole day.
Enter telehealth.
Telehealth allows a patient who needs to see a health care provider to present to a health care provider over the telephone. No getting dressed, driving, or waiting.
According to a FAIR Health White Paper report, “the use of non-hospital-based provider-to-patient telehealth increased 1,393% from 2014 to 2018, from 0.007% to 0.104% of all medical claim lines. There was a 624% increase in claim lines related to any type of telehealth, from 0.0192% to 0.1394% of all medical claim lines. Non-hospital-based provider-to-patient telehealth accounted for 84% of all telehealth claim lines in 2018.”
According to the numbers in the report, the use of telehealth increased in urban areas, rather than rural areas, at a much greater percentage, which, personally, I found surprising, at first. But when you consider the number of people living in urban areas rather than rural areas, the disparate percentages make sense.
Not surprising, 82% of telehealth claims were associated with individuals aged 51+.
Private insurances are jumping on the band wagon, but, more importantly, government insurers are already on the wagon. And the wagon is gaining a wagon train; CMS is expanding the use of telehealth even as you read this.
On April 5, 2019, the Centers for Medicare & Medicaid Services (CMS) finalized policies that increased plan choices and benefits, including allowing Medicare Advantage plans to include additional telehealth benefits. Before this year, Medicare recipients could only receive certain telehealth services if they live in rural areas. Now Medicare will pay for telehealth across the country…all from your house.
On July 29, 2019, CMS took the first steps toward welcoming opioid treatment programs (OTPs) into the Medicare program and expanding Medicare coverage of opioid use disorder (OUD) treatment services provided by both OTPs and physician practices. CMS is proposing the use of telehealth for opioid services. More specifically, CMS is proposing telehealth substance abuse counseling, telehealth individual/group therapy.
Enter RAC, ZPIC, UPIC, TPE, MAC, and MFCU audits.
Where there is Medicare money to be made or fraud to be had there are the auditors. The alphabet soup.
In April 2019, one of the largest healthcare fraud rings in U.S. history, involving telemedicine companies was busted. At an alleged amount of $1.2 billion. Durable medical equipments (DME) were also targeted, but this blog focuses on telehealth.
Allegedly, the telehealth companies would inform Medicare beneficiaries that they, for example, qualified for a brace. Using telehealth, the physicians wrote prescriptions for braces. DME would file the claim and pay the telehealth provider and the physician.
The government argued that you have to be seen in-person to determine your need for a brace.
It is important to note that the above-referenced scheme was performed prior to the most recent expansion of telehealth.
With this most recent expansion of telehealth, expect the auditors to be drooling.
