RACs, PSCs, ZPICs, HIPAA Auditors, State MFCUs, MICs, Medicaid RACs, HHS-OIG, DOJ, FBI, and Now. . . Patients?

(January 20, 2012):

I.   Background

Predictive Modeling: The Latest Advances in Sophisticated Data Mining Techniques are Enabling ZPICs and Law Enforcement to Identify Fraud Sooner and Prevent it from Continuing

(April 15, 2011):  Over the last decade, the Centers for Medicare and Medicaid Services (CMS) and its contractors (Zone Program Integrity Contractors (ZPICs), Program Safeguard Contractors (PSCs) and Recovery Audit Contractors (RACs)),  have steadily assembled an extensive database of the coding and billing practices of Medicare providers around the country.  Analyzing this data, contractors have been able to identify the profile of a ”typical” provider for each specialty.  With this information, Medicare contractors are better able to identify changes in the coding and / or billing habits of a particular provider.   Providers whose billing practices are significantly different from those of their peers may also be easily identified.  The purpose of this article is to provide an overview of the government’s current use of  “data mining”  and “predictive modeling”  techniques.

I.         Introduction:

            CMS’ computerized database of claims and services billed to the Medicare program covers a comprehensive record of the bills submitted by health care providers for payment.  Over the years, Medicare contractors and law enforcement have steadily refined their ability to analyze this enormous amount of quantitative data.  In addition to assisting with the government’s efforts to estimate future growth in the size of the Medicare program, this database has enabled  Medicare contractors and law enforcement to employ highly sophisticated data mining techniques, thereby identifying (1) health care providers whose current coding and billing actions appear to have deviated from their prior practices, and (2)  Medicare providers whose coding and / or billing actions are significantly different from those of their peers.  Typical factors considered when using data mining techniques for targeting purposes have included, but are not limited to:

• A Medicare provider’s specific area of practice.
• A Medicare provider’s practice location.
• The types and frequency of health care services or supplies billed to Medicare.
• The relative size of a provider’s practice, clinic or health care related organization (based on the number of Medicare billing providers employed).  

            Through an examination of these factors or data elements, Medicare contractors and law enforcement have been able to identify health care providers whose coding and / or billing practices make them “outliers” when their actions are compared to similarly-situated Medicare providers.  Once a health care provider has been identified as an “outlier,” further action may be taken. 

       Typical “data mining” actions taken by ZPICs, PSCs,, RACs and / or law enforcement have historically included:

• An unannounced site visit by the ZPIC or PSC to the Medicare provider’s practice location.
• Sending a request for supporting documentation related to a limited number of claims (often less than 10, this type of review is generally referred to as a “Probe Audit”).
• Sending a request for supporting documentation related to 30 claims or more (these claims are often then used by the ZPIC or PSC as a “sample” in order to calculate an alleged overpayment based on extrapolated damages).    
• Sending a demand letter for an alleged overpayment based on an “automated” review of the data conducted by a RAC or ZPIC.
• Using “data mining” to identify outlier’s whose billing practices warrant to initiation of an investigation by law enforcement. 

II.         The Use of “Data Mining” to Identify Post-Payment Improper Practices:

            While Medicare contractors such as RACs, PSCs and ZPICs long utilized post-payment data mining to identify providers who appear (based on their assessment of the data) to have likely engaged in improper billing activities, the regular use of data mining by the Department of Justice to identify criminal targets is a fairly recent practice.  As Lanny A. Breuer, Assistant Attorney General of the Department of Justice’s (DOJ’s) Criminal Division indicated last August:

“In 2007, the Criminal Division of the Justice Department refocused our approach to investigating and prosecuting health care fraud cases. Our investigative approach is now data driven: put simply, our analysts and agents review Medicare billing data from across the country; identify patterns of unusual billing conduct; and then deploy our “Strike Force” teams of investigators and prosecutors to those hotspots to investigate, make arrests, and prosecute. And as criminals become more creative and sophisticated, we intend to use our most aggressive investigative techniques to be right at their heels.” (emphasis added).

            As law enforcement has readily acknowledged, post-payment billing data is being effectively utilized to “identify patterns of unusual billing conduct.”   Using data mining as a targeting tool, the government is able to quickly focus its investigative and audit resources on specific providers whose coding / billing practices fall outside the scope of what would normally be expected.    

III.        The Use of Predictive Modeling to Minimize Wrongdoing:

            While identifying improper billing practices after-the-fact has proven enormously helpful, law enforcement has also taken  steps to identify problem providers much sooner in the process, thereby minimizing the amount of improper billing that may be submitted to Medicare for payment.  As HHS Secretary Kathleen Sebelius stated on March 15, 2011, during the joint HHS / DOJ “Detroit Fraud Prevention Summit,” HHS is moving away from the “old pay and chase model.”  According to Secretary Sebelius:

“. . . Instead of the old ‘pay and chase’ model, we’re getting proactive.

Late last year we issued a solicitation for state-of-the-art analytic tools to help predict and identify fraudulent claims as soon as they are submitted, so we can stop payment before it goes out the door.

These are the same type of predictive modeling tools that banks and insurance companies use to identify potential fraud before it occurs. They are how your credit card company can raise the alarm if they see a dozen flat-screen televisions charged to your card in one day. . ..” (emphasis added).

            While post-payment claims data analyses will likely play a role in identifying overpayments, the government is serious about stopping health care fraud as soon possible in the process.  While the government cannot “predict” wrongdoing before it happens, based on a complex analysis of various factors, it can effectively identify wrongdoers so quickly that the amount of improper claims paid by the government can be dramatically reduced. 

IV:       Provider Concerns:  

            Many providers are concerned that the government’s heavy reliance on predictive measures such as data mining to identify targets may subject a provider to an unjustified audit or investigation.  Moreover, there is a concern that data mining might create an unwarranted presumption that a Medicare provider has engaged in improper billing practices.  Unfortunately, even if ultimately shown to be incorrect, a provider can spend an enormous amount of money defending itself in connection with a post-payment claims audit.  Providers placed on pre-payment review as a result of data mining can be especially hard-hit.  It is not at all unusaul for providers to remain on pre-payment review for six to twelve months (or even longer).  During this time period, cash-flow is interrupted and many providers find it almost impossible to remain in business.

V.        How to Avoid Being a Target: 

            In today’s environment of sophisticated data mining, it is essential that Medicare providers have a clear picture of how their coding and billing practices compare to those of their peers.  To be clear, both Medicare contractors and law enforcement recognize that a provider’s practices may differ in one aspect or another from those of their peers.  Moreover, those differences can result in billing practices which might make a provider appear to be an “outlier.”   There are a number of companies who publish benchmarking charts which make it relatively easy for a physician or other provider to compare their billing practices to that of their peers. 

            To be clear, just because a provider’s coding and billing practices differ from those of their peers (in the same specialty area), does not necessarily mean that a provider’s practices are improper. In recent years, we have seen providers who were targeted by a PSC or ZPIC precisely because their utilization rates of certain codes exceeded those of their peers.   In at least one case, we found that a provider was recognized as an “expert” by his peers and often received highly-complex referrals by other Medicare providers. As a result, the number of highly complex Evaluation and Management (E/M) reviews conducted exceeded those of similarly-situated providers.  Having said that, if a provider were to find that its billing practices did not match of its peers, it could conceivably find that its understanding of the coding requirements was incorrect and that remedial training was immediately needed.

         In either case, the bottom line is clear – all providers have an obligation to try and ensure that services billed to Medicare meet applicable statutory and regulatory requirements governing coverage and medical necessity.  If your organization is subjected to an audit, it is essential that you determine whether your billing practices fully comply with the rules.  If so, you must be prepared to explain to Medicare contractors or law enforcement why the anomalies identified through data mining or predictive modeling are not evidence of fraud or overpayment.  Providers facing this situation should work with experienced legal counsel to ensure that the arguments to be presented fully address the government’s concerns.  Failure to do so may result in an expansion of the government’s audit.

Liles Parker attorneys and staff have extensive experience representing health care providers in connection with Medicare contractor audits and / or investigations.  Should you find that your organization is facing a ZPIC, PSC or RAC audit, please give us a call for a complimentary consultation regarding your case.  You may contact us at: 1 (800) 475-1906.         

 

South Texas Health Care Providers Remain Under Considerable Scrutiny by HEAT Prosecutors and Investigators – Compliance Isn’t Optional – It’s Essential in 2011.

(January 6, 2011):  Three Houston-area residents, one of whom is a physician, were sentenced to prison on January 4^th for their roles in a multi-million dollar durable medical equipment (DME) Medicare fraud scheme.  Each of the three defendants were also ordered to pay restitution to the Federal government, in amounts ranging from $29,052 to $1.4 million.

According to DOJ, a Houston-area DME company improperly billed Medicare for power wheelchairs and orthotic devices, beginning in 2003 and continuing until late 2009.  In addition to the three co-conspirators sentenced today, a total of eight other individuals were convicted for their participation in the fraudulent scheme.  One of the eight included the owner of the DME company.

At trial, Federal prosecutors were able to show that a variety of fraudulent actions had been taken by members of the group, ranging from the payment of illegal kickbacks to the prescription of medically unnecessary devices.

Notably, this was just the latest case investigated by members of the DOJ / HHS-OIG / MFCU Health Care Fraud Prevention and Enforcement Action Team (HEAT).  This strike force is responsible for investigating and prosecuting cases throughout South Texas.  As DOJ noted:

“Since their inception in March 2007, Strike Force operations in seven districts have obtained indictments of more than 850 individuals who collectively have falsely billed the Medicare program for more than $2.1 billion. In addition, HHS’s Centers for Medicare and Medicaid Services, working in conjunction with the HHS-OIG, are taking steps to increase accountability and decrease the presence of fraudulent providers.”

Both Federal and State investigators are aggressively targeting non-compliant providers.  South Texas providers who take the time to review and update their current Compliance Plan should also conduct a gap analysis to better ensure that their operational and billing practices fully comply with applicable statutory and regulatory requirements. 

Liles Parker attorneys have extensive experience representing health care providers in alleged Medicare overpayment and fraud cases.  Should you have questions about our services, give us a call for a free consultation.  We can be reached at 1 (800) 475-1906.

Top Ten Health Care Compliance Risks for 2011.

(December 31, 2010):  In case you missed it, Congress, President Obama and the healthcare regulators had a banner year with respect to regulatory activism in 2010.  Over the next several weeks we will be releasing a series of articles on our website addressing these dramatic changes and the compliance risks they present for your practice, clinic or health care business in 2011:

Compliance Risk Number 1:  Increased “HEAT” Activity and Enforcement:  Perhaps the greatest risk to consider in 2011 is the increase in targeted health care fraud enforcement efforts by the government’s Health Care Fraud Prevention and Enforcement Action Team (HEAT).  These teams are comprised of top level law enforcement and professional staff from the U.S. Department of Justice (DOJ), the Department of Health and Human Services (HHS), and their various operating divisions.  HEAT team initiatives have been extraordinarily successful in coordinating multi-agency efforts to both prevent health care fraud and enforce current anti-fraud initiatives.

As DOJ noted in September 2010, over the previous Fiscal Year, DOJ (including its 94 U.S. Attorneys’ Offices), HHS’ Office of Inspector General (HHS-OIG), and the Centers for Medicare and Medicaid Services (CMS), jointly accomplished the following:

• Filed charges against more than 800 defendants.
• Obtained 583 criminal convictions.
• Opened 886 new civil health care fraud matters.
• Obtained 337 civil administrative actions against parties committing health care fraud.
• Through these efforts, more than $2.5 billion was recovered as a result of the criminal, civil and administrative actions handled by these joint agencies. 

President Obama’s FY 2011 budget request includes an additional $60.2 million in funding for the HEAT program. These funds will be used to establish additional teams and further fund existing investigations. Now, more than ever, it is imperative that you ensure that your Compliance Plan is both up-to-date and fully implemented.  Medicare providers are obligated to adhere to statutory and regulatory requirements and the government’s HEAT teams are aggressively investigating providers who fail to comply with the law.

Compliance Risk Number 2:  Zone Program Integrity Contractor (ZPIC) / Program SafeGuard Contractor (PSC) / Recovery Audit Contractor (RAC) Audits of Medicare Claims:  As you already know, private contractor reviews of Medicare claims are big business – one ZPIC was awarded a five-year contract worth over $100 million.  In 2011, we  should expect to see:

• The number of ZPIC / PSC / RAC audits of Physician Practices, Home Health Agencies, Hospice Companies, DME Suppliers and Chiropractic Clinics will greatly increase in 2011.
• The reliance of both contractors and the government on data mining will continue to grow.  Providers targeted will likely be based on utilization rates, prescribing practices and billing / coding profiles.
• An increase in the number of Administrative Law Judge (ALJ) hearings in where ZPIC representatives choose to attend the hearing as a “participant.”  In these hearings, the ZPIC representative will likely aggressively oppose any arguments in support of payment that you present.

Are you ready for an unannounced / unanticipated site visit or audit?  When is the last time that you have conducted an internal review of your billing / coding practices?  Are you aware of the hidden dangers when conducting these reviews?  In 2011, your Compliance Officer may very well be your most important non-clinical staff member.  Physicians and other providers should work with their Compliance Officer to better prepare for the unexpected audit or investigation.

Compliance Risk Number 3: Electronic Medical Records: Unfortunately, some early adopters of Electronic Medical Records (EMR) software are now having to respond to “cloning” and / or “carry over” concerns raised by ZPICs and Program SafeGuard Contractors (PSCs).  In a number of cases, these audits appear to be the result (at least in part) of inadequately designed software programs which generate progress notes and other types of medical records that do not adequately require the provider to document individualized observations.  Instead, the information gathered is often sparse and similar for each of the patients treated.  Take care before converting your practice or clinic to an EMR system.  Include your Compliance Officer in the selection and review process.

Compliance Risk Number 4:  Physician Quality Reporting Initiative (PQRI) Issues:  Under the Health Care Reform legislation passed last March. PQRI was changed from a voluntary “bonus” program to one in which penalties will be assessed if a provider does not properly participate.  As of 2015, the penalty will be 1.5% and will increase to 2.0% in 2016 and subsequent years. Additionally, questions about the use of PQRI date in “Program Integrity” targeting remain unanswered.  Once again, it is essential that your Compliance Officer provide guidance to your staff regarding this program and its potential impact.

Compliance Risk Number 5:  Medicaid Integrity Contractors (MICs)  and Medicaid Recovery Audit Contractors (MDRACs):  In recent months, we have seen a marked increase in the number of MIC inquiries and audits initiated in southern States.  Notably, the information and documentation requested has often been substantial.  Medicaid providers must now also contend with MDRACs.  As a result of health care reform, MDRACs are now mandatory in every State and are may initiate reviews and audits as soon as March 2011.   Compliance Officers should review their current risk areas and ensure that Medicaid coding and billing activities are actively monitored to better ensure statutory / regulatory adhereance.

Compliance Risk Number 6:  HIPAA / HITECH Privacy Violations:  Failure to comply with HIPAA can result in civil and / or criminal penalties. (42 USC § 1320d-5).

• Civil Penalties – A large retail drug store company was recently fined $2.25 million for failure to properly dispose of protected information.
• Criminal Penalties – Earlier this year, a physician in Los Angeles, CA, was sentenced to four months in prison after admitting he improperly accessed individual health information.

As of mid-2010, there had been 93 breaches affecting 500 or more individuals.  The total number of individuals whose information was disclosed as a result of these breaches was estimated at over 2.5 million.  Out of the 93 breaches, 87 involved breach of hard copy or electronic protected health information (about 1/4 involved paper records and 3/4 involved electronic records. The vast majority of the 93 breaches involved theft or loss of the records.  Many of these thefts could have been avoided with appropriate security.  The government is serious about privacy and your practice, and in 2011 you will likely see increased HIPAA / HITECH enforcement.  Your clinic or health care business must take appropriate steps to prevent improper disclosures of health information. 

Compliance Risk Number 7:  Increased Number of Qui Tams Based on Overpayments:  Section 6402 of the recent Health Care Reform legislation requires that all Medicare providers, (a) return and report any Medicare overpayment, and (b) explain, in writing, the reason for the overpayment.

This law creates a minefield for physicians and other Medicare providers.  First, providers have only 60 days to comply with the reporting and refund requirement from the date on which the overpayment was identified or, if applicable, the date any corresponding cost report is due, whichever is later.  Of course, the legislation does not actually explain what it means to “identify” an overpayment.

From a “risk” standpoint, this change is enormous.  Disgruntled employees try to file a Qui Tam         (“whistleblower”) lawsuit based on a provider’s failure to return one or more Medicare overpayments to the program in a timely fashion.  While the government may ultimately choose not to intervene in a False Claims Act case based on such allegations, a provider could spend a significant amount defending the case.  Providers should ensure that billing personnel understand the importance of returning any overpayments identified as quickly as possible.   

Compliance Risk Number 8:  Third-Party Payor Actions:  Third-party (non-Federal)  payors are participating in Health Care Fraud Working Group meetings with DOJ and other Federal agents.  Over the last year, we have seen an increase in the number of “copycat” audits initiated by third-party payor “Special Investigative Units” (SIUs).  Once the government has announced the results of a significant audit, the third-party payor considers the services at issue and reviews whether it may have also been wrongly billed for such services.  If so, their SIU opens a new investigation against the provider.

Compliance Risk Number 9:  Employee Screening:  With the expansion of the permissive exclusion authorities, more and more individuals will ultimately be excluded from Medicare.  As we have seen, HHS-OIG is actively reviewing whether Medicare providers have employed individuals who have been excluded.  In one recent case, HHS-OIG announced that it had assessed significant civil monetary penalties against a health care provider that employed seven individuals who the provider “knew or should have known” had been excluded from participation in Federal health care programs. These individuals were alleged to have furnished items and services for which the provider was paid by Federal health care programs.  All providers should periodically screen their staff against the HHS-OIG and GSA databases to ensure that their employees have not been excluded from participation in Federal Health Benefits Programs.

Compliance Risk Number 10:  Payment Suspension Actions:  Last, but not least, we expect the number of payment suspension actions to increase in 2011.  In late 2010, Medicare contractors recommended to CMS that this extraordinary step be taken against providers in connection with a wide variety of alleged infractions.  Reasons given for suspending a provider’s Medicare number included, but were not limited to: (1) the provider failed to properly notify Medicare of a change in location, (2) the provider allegedly engaged in improper billing practices, and (3) the provider failed to fully cooperate during a site visit.

As each of these compliance risks reflect, health care providers are expected to fully comply with a wide myriad of Medicare and Medicaid statutory and regulatory requirements.  Moreover, the failure to meet these obligations can subject a provider to penalties ranging from suspension from the program to criminal prosecution.  Providers must take compliance seriously if they hope to thrive in 2011.

Liles Parker attorneys provide health law guidance and advice to health care providers around the country.  Our attorneys have extensive experience working on compliance related matters and defending providers in connection with Medicare audits and investigations.  Should you have questions regarding these and other issues, give us a call for a free consultation.  We can be reached at 1 (800) 475-1906.

 

Health Care Fraud Enforcement Takes an International Turn

(October 17, 2010):  The FBI has announced the arrest of 73 defendants, a number of which are allegedly members of an international organized crime organization, as part of one of the largest criminal health care fraud cases ever brought.  It is estimated that these individuals are responsible for the illegal submission of over $163 million in fraudulent Medicare claims.  As  the FBI’s Press Release reflects:

 “. . .the defendants allegedly stole the identities of doctors and thousands of Medicare beneficiaries and operated at least 118 different phony clinics in 25 states for the purposes of submitting Medicare reimbursements.

 As the FBI noted, the schemes employed by this group included the submission of fraudulent claims for medically unnecessary treatments and services to the Medicare program for payment by these “phantom clinics.”  Indictments covering these defendants were issued in five states, California, Georgia, New Mexico, New York, and Ohio. Commenting on the multi-agency cooperation involved, the Press Release notes that:

“Today’s arrests are an example of the FBI’s ability to conduct cross-program, multi-divisional investigations targeting a national level threat. In recent years, the department has undertaken a series of steps to modernize its organized crime program and enable federal law enforcement to take a unified approach to combating international organized crime. The Attorney General’s Organized Crime Council brings together the leadership of the FBI and eight other federal law enforcement agencies or offices with the department’s prosecutors, focusing high-level attention on these issues. The IOC-2 provides support in the form of information and intelligence to the member agencies that enhance efforts to identify, penetrate and dismantle the most dangerous organized crime groups through investigations and prosecutions. The creation of the International Organized Crime Targeting Committee and the Top International Criminal Organizations Target (TICOT) List, directs investigators and prosecutors to concentrate their limited resources on those international organized crime groups that pose the greatest threat to the United States. The department’s Criminal Division, through the Health Care Fraud Unit, Organized Crime and Racketeering Section, and the Asset Forfeiture and Money Laundering Section, has created new training programs to educate investigators and prosecutors on the intricacies of international organized crime and financial investigations.” (emphasis added).

Commentary: As this case reflects, the ease and extraordinary profits which can be generated from health care fraud is more than enough incentive for international organized crime syndicates to move into this area.  With the uncovering of this scheme, we should fully expect that DOJ, HHS-OIG and other law enforcement agencies will continue to investigate these relationships.

 Liles Parker attorneys represent health care providers around the country in administrative, civil and criminal health law related matters and cases.  Please call us at 1 (800) 475-1906 for a free consultation.

Additional Cities will have HEAT Teams in 2011

(August 27, 2010): Yesterday, Attorney General Eric Holder and U. S. Department of Health and Human Services (HHS) Secretary Kathleen Sebelius conducted the second of a planned series of “Regional Health Care Fraud Prevention Summits.”

In addition to these agency heads, participants learned of current and additional planned initiatives from a number of Federal and State law enforcement officials. The first summit was recently conducted in Miami, Florida.  This summit was held in Los Angeles, California.

Describing the progress made in the last fiscal year, Attorney General Holder noted that:

 “In just the last fiscal year, we’ve won or negotiated more than $1.6 billion in judgments and settlements, returned more than $2.5 billion to the Medicare Trust Fund, opened thousands of new criminal and civil health care fraud investigations, reached an all-time high in the number of health care fraud defendants charged, and stopped numerous large-scale fraud schemes in their tracks.”

Notably, Attorney General Holder also made it clear that the government’s joint Health Care Fraud Prevention and Enforcement Action Team (HEAT) program is slated for further expansion over the next year.  As he noted:

“HEAT’s impact has been recognized by President Obama, whose FY 2011 budget request includes an additional $60 million to expand our network of Strike Forces to additional cities. With these new resources, and our continued commitment to collaboration, I have no doubt we’ll be able to extend HEAT’s record of achievement. And this record is extraordinary. (emphasis added).

These funds will be to supplement, not supplant, existing health care fraud enforcement efforts currently underway. While the additional cities slated for HEAT expansion were not announced at this event, all health care providers, regardless of location, should be especially vigilant in their efforts to ensure that Medicare coding and billing practices regulating the items and services they are providing must comply with applicable statutory and agency requirements.

Should you have questions regarding a health care fraud issue, you may call Robert W. Liles or another of our attorneys. Call 1 (800) 475-1906 for a free consultation.

 

What is Causing the Spike in Partial Hospitalization Overpayment Actions?

(June 30, 2010): Are Partial Hospitalization Programs (PHPs) and Community Mental Health Centers (CMHCs) being unfairly targeted in the Administration’s push to identify and recover allegedly improper Medicare payments?

In May 2010, the Office of the Inspector General of the HHS (HHS-OIG) published an assessment of the Program Safeguard Contractors (PSCs) overpayment collections that identified only 2 overpayment referrals for partial hospitalization claims in 2007. These referrals accounted for only $403,935 of approximately $835 million in overpayment referrals — less than 0.1% of the total.  Yet, we are aware of far more overpayment cases involving CMHCs (many of which are in the Southern region) making their way through the administrative appeals process right now.

After carefully reviewing the data, it is our belief that CMS has taken action to address HHS-OIG’s unimplemented recommendations regarding the agency’s concerns about partial hospitalization claims.   Dating as far back as 1998, HHS-OIG has pushed for stronger oversight of these programs.  For at least the last three years (2007, 2008, and 2009), HHS-OIG’s compendium of unimplemented recommendations has included dramatic findings as to the scope of supposed partial hospitalization program billings and the potential savings that could be derived from focusing on this area.  For instance, in 2007 and 2008, the agency reported:

“’Partial hospitalization’ services, which may be provided by both hospitals and community mental health centers, have been particularly troublesome…. We estimated that payment error rates for partial hospitalization in community mental health centers were as high as 92 percent.” (Emphasis added).

HHS-OIG estimated that ensuring the appropriateness of Medicare payments for mental health services would yield $725 million in savings in 2007.  This figure increased to $1.44 billion in 2008 and 2009.

Again in 2009, HHS reiterated its findings, saying,

“We believe that CMS still needs to monitor partial hospitalization services provided by community mental health centers, which we consider particularly vulnerable. We will continue to monitor CMS’s efforts to ensure that mental health services are medically necessary and reasonable and are accurately billed.” (Emphasis added).

While neither CMS nor HHS-OIG have commented on the “spike” in cases brought against CMHCs, it appears clear that partial hospitalization claims are currently being reviewed by contractors around the country for possible overpayments.

To be clear, we take exception with these findings.  After representing many CMHCs around the country, it has become apparent that many of the reviewers conducting reviews of partial hospitalization claims have little or no experience assessing these specialized services.  As a result, we are quite concerned that CMHCs are now being targeted.  We strongly recommend that CMHCs conduct periodic reviews of both applicable LCD provisions and their billing practices to ensure that partial hospitalization services are being appropriately ordered, documented and billed.

Should you have any questions regarding these issues, don’t hesitate to contact us.  For a complementary consultation, you may call Robert W. Liles or one of our other attorneys at 1 (800) 475-1906.

GAO Testimony Recommends CMS Improve Enrollment, Payment, and Oversight Procedures to Prevent Medicare Fraud, Abuse, and Waste

(June 23, 2010): Yesterday we told you about recent Congressional testimony regarding the impact of health care reform on HHS enforcement efforts.   On the same day, GAO Health Care Director Kathleen M. King offered Congress testimony that made clear that the Centers for Medicare & Medicaid Services (CMS) continue to face substantial challenges to preventing Medicare and Medicaid fraud, waste, and abuse.  The GAO’s recommendations signal that home health agencies (HHAs) and suppliers of durable medical equipment (DMEs) are likely targets of future audits and that contractors require improved oversight.

King critiqued the enrollment process for prospective HHAs, saying, “We found that the screening process was not thorough.  This may have contributed to a rapid increase in the number of HHAs that billed Medicare in certain states with unusually high rates of billing patterns indicative of fraud and abuse.” (emphasis added).   Similarly, GAO found that the DME enrollment process contains persistent weaknesses.   King assessed that the effectiveness of new enrollment screening authorities provided in the Patient Protection and Affordable Care Act (PPACA) and the Health Care and Education Reconciliation Act (HCERA) “is unknown and will depend on CMS’ implementation.”

HHAs and DMEs are also identified as vulnerable services that do not receive adequate post-payment review by recovery audit contractors (RACs).  “Because RACs are paid on a contingent fee based on the dollar value of the improper payments identified, during the demonstration RACs focused on claims from inpatient hospital stays, which are generally more costly services.”  Recall that RACs are bounty hunters, explaining their limited focus on classes of high-value claims.  GAO recommends CMS direct other contractors to focus on high vulnerability items and services that RACs are known to overlook.

Next, targeting drug plan sponsors, King reminded Congress of a 2008 GAO study showing that the sponsors covering one-third of all Medicare prescription drug plan enrollees had not completely implemented CMS’ required compliance plan elements and fraud prevention measures.  Although CMS published a final rule to address this failing in April 2010, GAO continues to identify the improved oversight of drug plan sponsors and other contractors as a major need.

Ultimately, GAO offered recommendations to CMS regarding improvement of (1) enrollment screening processes, (2) pre-payment claims review, (3) post-payment claims review, (4) contractor oversight, and (5) the process for addressing identified vulnerabilities.  Regular observers will notice, however, that several of GAO’s June 2010 recommendations are virtually identical to recommendations that date back as far as September 2005 and that are not yet implemented.

Should you have any questions regarding these issues, don’t hesitate to contact us.  For a complementary consultation, you may call Robert W. Liles or one of our other attorneys at 1 (800) 475-1906.

 

HHS-OIG Reports that Four Types of Errors Accounted For 95% of the Net Improper Medicaid Overpayments

(April 20, 2010): The Department of Health and Human Services, Office of Inspector General (HHS-OIG) recently released its report “HHS-Analysis of Improper Payments Identified During the Payment Error Rate Measurement Program Reviews in 2006 and 2007 (A-06-09-00079).” As set out in the report, four types of medical review errors accounted for 95% of the net improper Medicaid overpayments during 2006 and 2007.  A breakdown of the findings set out in the report is detailed below.  HHS-OIG examined a total of 1,356 medical review errors and 202 data processing errors.

I.      Medical Review Errors:

Of the medical review errors analyzed by HHS-OIG, the agency found that four types accounted for 78% of the errors and 95% of the net improper Medicaid overpayments. The four error types included:

Top Four Types of Medical Review Errors:

• Insufficient documentation (37.4%),
• No documentation (25%),
• Services that violated State policies  (12.9%), and
• Medically unnecessary services (2.4%).

The 1,356 medical review errors included 23 service categories, six of which accounted for 67 percent of the errors and 95 percent of the net improper Medicaid overpayments. The six service categories included:

Top Six Types of Service Categories Involved

• Nursing facilities,
• Inpatient hospitals,
• Home and Community-Based Services waivers,
• Intermediate care facilities for the mentally retarded,
• Prescribed drugs, and
• Physician.

II.     Data Processing Errors:

Of the 202 data processing errors HHS-OIG analyzed, four types accounted for 78 percent of the errors and 64 percent of the net improper Medicaid overpayments. The four error types included:

• Pricing errors,
• Non-covered services errors,
• Rate cell errors for managed care claims, and
• Errors in the logic edits of claim processing systems.

The 202 data processing errors represented 18 service categories, six of which accounted for nearly 73 percent of the errors and 79 percent of the net improper Medicaid overpayments. The six service categories included:

• Inpatient hospitals
• Nursing facilities,
• Capitated care,
• Prescribed drugs,
• Physicians, and
• Outpatient hospital.

III.     Estimated Financial Impact (Federal Only):

For 2006, CMS estimated that the Federal share of the improper payments paid was $6.6 billion.  This increased considerably, to $18.6 billion in 2007 (Federal share only).  HHS-OIG has recommended that CMS provide States with similar analytical data to help them address these improper payments.

Liles Parker Commentary:  With the passage of the recent Health Care Reform Bill, CMS has been authorized to expand the RAC program to Medicaid.  Now, more than ever before, it is essential that providers carefully analyze their operations, coding and billing practices in order to ensure that Medicaid billings meet applicable regulatory and statutory requirements.

Several of our attorneys have extensive experience working on Medicaid cases.  Should your practice or clinic find itself facing a Medicaid audit or investigation, give us a call for a complementary consultation.  We can reached at: 1 (800) 475-1906.