Predictive Modeling: ZPICs Using Data Mining to Identify Medicare Fraud

ZPICs Are Using Predictive Modeling and Data Mining to Target Medicare Providers

(April 15, 2011): Over the last decade, the Centers for Medicare and Medicaid Services (CMS) and its contractors (Zone Program Integrity Contractors (ZPICs), Program Safeguard Contractors (PSCs) and Recovery Audit Contractors (RACs)), have steadily assembled an extensive database of the coding and billing practices of Medicare providers around the country. Analyzing this data, contractors have been able to identify the profile of a "typical" provider for each specialty. With this information, Medicare contractors are better able to identify changes in the coding and / or billing habits of a particular provider. Providers whose billing practices are significantly different from those of their peers may also be easily identified. The purpose of this article is to provide an overview of the government's current use of "data mining" and "predictive modeling" techniques.

I. Introduction:

CMS's computerized database of claims and services billed to the Medicare program covers a comprehensive record of the bills submitted by health care providers for payment. Over the years, Medicare contractors and law enforcement have steadily refined their ability to analyze this enormous amount of quantitative data. In addition to assisting with the government's efforts to estimate future growth in the size of the Medicare program, this database has enabled Medicare contractors and law enforcement to employ highly sophisticated data mining techniques, thereby identifying (1) health care providers whose current coding and billing actions appear to have deviated from their prior practices, and (2) Medicare providers whose coding and / or billing actions are significantly different from those of their peers. Typical factors considered when using data mining techniques for targeting purposes have included, but are not limited to:

A Medicare provider’s specific area of practice.

A Medicare provider’s practice location.

The types and frequency of health care services or supplies billed to Medicare.

The relative size of a provider’s practice, clinic or health care related organization (based on the number of Medicare billing providers employed).

Through an examination of these factors or data elements, Medicare contractors and law enforcement have been able to identify health care providers whose coding and / or billing practices make them "outliers" when their actions are compared to similarly-situated Medicare providers. Once a health care provider has been identified as an "outlier," further action may be taken. Typical "data mining" actions taken by ZPICs, PSCs,, RACs and / or law enforcement have historically included:

  • An unannounced site visit by the ZPIC or PSC to the Medicare provider's practice location.
  • Sending a request for supporting documentation related to a limited number of claims (often less than 10, this type of review is generally referred to as a "Probe Audit").
  • Sending a request for supporting documentation related to 30 claims or more (these claims are often then used by the ZPIC or PSC as a "sample" in order to calculate an alleged overpayment based on extrapolated damages).
  • Sending a demand letter for an alleged overpayment based on an "automated" review of the data conducted by a RAC or ZPIC.
  • Using "data mining" to identify outlier's whose billing practices warrant to initiation of an investigation by law enforcement.

II. The Use of "Data Mining" to Identify Post-Payment Improper Practices:

While Medicare contractors such as RACs, PSCs and ZPICs long utilized post-payment data mining to identify providers who appear (based on their assessment of the data) to have likely engaged in improper billing activities, the regular use of data mining by the Department of Justice to identify criminal targets is a fairly recent practice. As Lanny A. Breuer, Assistant Attorney General of the Department of Justice's (DOJ’s) Criminal Division indicated last August:

"In 2007, the Criminal Division of the Justice Department refocused our approach to investigating and prosecuting health care fraud cases. Our investigative approach is now data driven: put simply, our analysts and agents review Medicare billing data from across the country; identify patterns of unusual billing conduct; and then deploy our "Strike Force" teams of investigators and prosecutors to those hotspots to investigate, make arrests, and prosecute. And as criminals become more creative and sophisticated, we intend to use our most aggressive investigative techniques to be right at their heels." (emphasis added).

As law enforcement has readily acknowledged, postpayment billing data is being effectively utilized to "identify patterns of unusual billing conduct." Using data mining as a targeting tool, the government is able to quickly focus its investigative and audit resources on specific providers whose coding / billing practices fall outside the scope of what would normally be expected.

III. The Use of Predictive Modeling to Minimize Wrongdoing:

While identifying improper billing practices after-the-fact has proven enormously helpful, law enforcement has also taken steps to identify problem providers much sooner in the process, thereby minimizing the amount of improper billing that may be submitted to Medicare for payment. As HHS Secretary Kathleen Sebelius stated on March 15, 2011, during the joint HHS / DOJ "Detroit Fraud Prevention Summit," HHS is moving away from the "old pay and chase model." According to Secretary Sebelius:

". . . Instead of the old ‘pay and chase’ model, we’re getting proactive.

Late last year we issued a solicitation for state-of-the-art analytic tools to help predict and identify fraudulent claims as soon as they are submitted, so we can stop payment before it goes out the door.

These are the same type of predictive modeling tools that banks and insurance companies use to identify potential fraud before it occurs. They are how your credit card company can raise the alarm if they see a dozen flat-screen televisions charged to your card in one day. . .." (emphasis added).

While post-payment claims data analyses will likely play a role in identifying overpayments, the government is serious about stopping health care fraud as soon possible in the process. While the government cannot "predict" wrongdoing before it happens, based on a complex analysis of various factors, it can effectively identify wrongdoers so quickly that the amount of improper claims paid by the government can be dramatically reduced.

IV. Provider Concerns:

Many providers are concerned that the government’s heavy reliance on predictive measures such as data mining to identify targets may subject a provider to an unjustified audit or investigation. Moreover, there is a concern that data mining might create an unwarranted presumption that a Medicare provider has engaged in improper billing practices. Unfortunately, even if ultimately shown to be incorrect, a provider can spend an enormous amount of money defending itself in connection with a post-payment claims audit. Providers placed on pre-payment review as a result of data mining can be especially hard-hit. It is not at all unusual for providers to remain on pre-payment review for six to twelve months (or even longer). During this time period, cash-flow is interrupted and many providers find it almost impossible to remain in business.

V. How to Avoid Being a Target:

In today's environment of sophisticated data mining, it is essential that Medicare providers have a clear picture of how their coding and billing practices compare to those of their peers. To be clear, both Medicare contractors and law enforcement recognize that a provider's practices may differ in one aspect or another from those of their peers. Moreover, those differences can result in billing practices which might make a provider appear to be an "outlier." There are a number of companies who publish benchmarking charts which make it relatively easy for a physician or other provider to compare their billing practices to that of their peers.

To be clear, just because a provider’s coding and billing practices differ from those of their peers (in the same specialty area), does not necessarily mean that a provider’s practices are improper. In recent years, we have seen providers who were targeted by a PSC or ZPIC precisely because their utilization rates of certain codes exceeded those of their peers. In at least one case, we found that a provider was recognized as an "expert" by his peers and often received highly-complex referrals by other Medicare providers. As a result, the number of highly complex Evaluation and Management (E/M) reviews conducted exceeded those of similarly situated providers. Having said that, if a provider were to find that its billing practices did not match of its peers, it could conceivably find that its understanding of the coding requirements was incorrect and that remedial training was immediately needed.

In either case, the bottom line is clear – all providers have an obligation to try and ensure that services billed to Medicare meet applicable statutory and regulatory requirements governing coverage and medical necessity. If your organization is subjected to an audit, it is essential that you determine whether your billing practices fully comply with the rules. If so, you must be prepared to explain to Medicare contractors or law enforcement why the anomalies identified through data mining or predictive modeling are not evidence of fraud or overpayment. Providers facing this situation should work with experienced legal counsel to ensure that the arguments to be presented fully address the government's concerns. Failure to do so may result in an expansion of the government's audit.

Robert W. Liles, J.D., M.B.A., M.S., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law. Liles Parker attorneys and staff have extensive experience representing health care providers in connection with Medicare contractor audits and / or investigations. Should you find that your organization is facing a ZPIC, PSC or RAC audit, please give us a call for a complimentary consultation regarding your case. Call us at: 1 (800) 475-1906.