(July 3, 2018): While a number of Medicare Advantage Plans now offer supplemental coverage for preventive, basic, and major dental services, only a narrow category of dental services qualify for coverage and payment under standard Medicare Part A (pursuant to Section 1862(a)(12) of the Social Security Act). Presently, only qualifying Medicaid beneficiaries are likely to have dental services coverage. With this in mind, last week's Press Release by the Centers for Medicare and Medicaid Services (CMS) is especially pertinent. As CMS announced, the agency is implementing “new and enhanced initiatives designed to improve Medicaid program integrity through greater transparency and accountability, strengthened data, and innovative and robust analytic tools.” What does this mean for dentists and dental practices participating in the Medicaid program? Simply put, it means more dental audits and a much closer scrutiny of your assessment of medical necessity, documentation of the dental services provided, utilization practices and any business arrangements in which you participate. This will become especially apparent as Unified Program Integrity Contractors (UPICs) transition into their new roles as program integrity contractors of both Medicare and Medicaid claims. Over the last few months, we have noted that dentists and dental practices around the country are increasingly being targeted by UPICs in connection with government-paid claims. This article examines the history and direction of the CMS’s Fraud Prevention efforts and provides a thorough discussion of UPICs, highlighting their purpose, jurisdiction, and functions.
I. What is a UPIC?
Although UPICs are free to audit both Medicare and Medicaid dental claims in their jurisdiction, this article is primarily focused on the UPIC's targeting of Medicaid dental claims. As set out in Section 1.2 of the CMS Medicaid Program Integrity Manual:
“Unified Program Integrity Contractors (UPICs) are contracted entities with CMS that conduct investigations and audits related to activities in an effort to reduce fraud, waste, and abuse in both the Medicare and Medicaid programs. The UPICs operate in geographic areas or “jurisdictions” defined by individual Task Orders. The UPICs Perform numerous functions to detect, prevent, and deter specific risks and broader vulnerabilities to the integrity of the Medicare and Medicaid programs including, but not limited to:
- Proactively identify incidents of potential fraud, waste, and abuse that exist within its service area and take appropriate action on each case;
- Investigate allegations of fraud made by beneficiaries, providers/suppliers, CMS, Health & Human Services Office of Inspector General (OIG), and other sources;
- Explore all available sources of fraud leads, including the state Medicaid agency (SMA) and the Medicaid Fraud Control Unit (MFCU);
- Refer and/or recommend appropriate Medicaid administrative actions to state Medicaid agencies where there is reliable evidence of fraud, including, but not limited to, overpayments, payment suspensions and terminations;
- Refer cases to the OIG/Office of Investigations (OI) for consideration of civil and criminal prosecution and/or application of administrative sanctions;
- Partner with state Medicaid Program Integrity Units to perform the above activities for the Medi-Medi program and Medicaid-only investigations; and
- Work closely with CMS on joint projects, investigations and other proactive, anti-fraud activities. The UPICs utilize a variety of techniques to address any potentially fraudulent, wasteful, or abusive billing practices based on the various leads they receive. The UPICs Integrate the program integrity functions for audits and investigations across Medicare and Medicaid, and assure that CMS’s National priorities for both Medicare and Medicaid are executed and supported at the state level or within the UPIC jurisdiction.” (emphasis added).
II. Purpose of the UPIC Program:
The purpose of the UPIC program has been to consolidate the work currently being performed by various Medicare and Medicaid program integrity contractors under a single private sector contractor. Each UPIC is responsible for handling federal level program integrity audits for both Medicare and Medicaid within a defined geographic area (typically comprised of multiple states). The following private sector contractors have been awarded UPIC contracts:
- Qlarant (Previously known as “Health Integrity, LLC”) (Western Jurisdiction)
- AdvanceMed Corporation (Midwestern Jurisdiction)
- IntegriGuard, LLC, dba HMS Federal (Indefinite Delivery, Indefinite Quantity)
- Noridian Healthcare Solutions, LLC (Indefinite Delivery, Indefinite Quantity)
- Safeguard Services LLC (North Eastern Jurisdiction)
- StrategicHealthSolutions, LLC (Indefinite Delivery, Indefinite Quantity)
- TriCenturion, Inc. (Indefinite Delivery, Indefinite Quantity)
Recognize a few familiar names? You should. Virtually all of these private sector companies have previously been awarded one or more prior CMS audit contracts. In any event, it has taken a while for CMS to wind-down existing program integrity contracts with Zone Program Integrity Contractors (ZPICs), responsible for auditing Medicare claims and Medicaid Integrity Contracts (MICs), responsible for auditing Medicaid claims. Those efforts are still ongoing in several areas of the country.
III. UPIC Dental Audits:
A number of dentists and dental practices around the country are currently receiving audit letters from Qlarant, the UPIC responsible for conducting both Medicare and Medicaid program integrity audits in the Western Jurisdiction. While dental audits are nothing new, the initiation of UPIC audits of Medicaid, and in some cases, Medicare dental audits, has significantly raised the level of risk faced by participating dental providers. Like their ZPIC predecessors, UPICs are actively looking for evidence of fraud and will not hesitate to make a referral to federal and / or state prosecutors if potentially criminal conduct is identified.
Over the last few months, a number of Medicaid dental providers have called our office and asked, “Why on earth is my dental practice being targeted by a UPIC.” Simply speaking, as occurrences of dental claims fraud and improper billing practices have increased over the course of the last few years, so has the likelihood of potential dental claims audits. CMS’s reasoning becomes more apparent when you consider the fact that Medicaid spending has increased from $456 billion in 2013 to an estimated $576 billion in 2016. In consideration of these factors, CMS has determined that there are significant Medicaid dental program integrity risks that must be addressed. Not surprisingly, UPICs such as Qlarant are now actively auditing Medicaid dental claims. When auditing Medicaid dental claims, UPIC auditors will undoubtedly address the following factors:
- Whether the Medicaid dental services billed were actually rendered;
- Whether the Medicaid dental services rendered were medically necessary;
- Assuming that the Medicaid dental services were, in fact, medically necessary, do they qualify for coverage under the payor’s contract?
- Whether the documentation maintained meets applicable State Dental Practice Act requirements AND any required documentation requirements mandated under your State Medicaid Provider Agreement, AND (if applicable to a particular claim), any other requirements that may be set out under your contract with a Medicaid Advantage Plan.
- Whether one or more other statutes (such as the Anti-Kickback Statute) were violated which effectively renders one or more Medicaid dental claims non-payable;
- Whether the dental services rendered were properly coded; and
- Whether the dental services rendered were properly billed.
IV. What you can Expect in UPIC Dental Audit of Your Medicare Dental Services or Medicaid Dental Services?
Although UPIC dental claims audits can be generated in a wide variety of ways, most are the result of claims data mining assessments, complaints by patients (or in some cases, competitors), or referrals from another government contractor. Through data mining, UPIC auditors can tell with a high degree of accuracy how long it should take for you to perform all of the dental services you billed in a single day. They will also compare your dental claims billing patterns to those of other dental providers. If any of your billing practices or patterns appear to be irregular, they will initiate an audit of your dental claims. Regardless of the reason your dental claims have been targeted, if a UPIC initiates an audit of your dental practice you can expect several things. For instance, if your Medicare / Medicaid dental claims are audited by Qlarant or another UPIC, you will likely be asked to provide the following documentation for each date of service under review:
- Hospital history and physical;
- Hospital records;
- Medical diagnosis;
- Medical imaging, laboratory studies, radiology studies;
- Dental exam with dental chart;
- Health history
- Consents for treatment and anesthesia
- Proposed treatment plan or plan of care
- Complete dental record and treatment plan including ADA CPT procedure codes, tooth number and surface for each tooth that received treatment
- Pre-operative exam notes
- Dental imaging, radiology, panoramic x-rays (pre and post procedure)
- Progress notes
- Operative/procedure notes
- Anesthesia record
- Post-operative status
- Post-operative call record
- Medications and/or anesthesia administered
- Medications ordered
- Discharge instructions
- Follow up appointments
- Dental claim form
- Appointment history report
- Itemized ledger report
- Statement of billing
- Remittance advice
- Any other documentation to support the billed claim
You may also be subjected to an “unannounced visit” by a UPIC auditor. These unexpected face-to-face visits have become quite common. If this occurs, the UPIC auditor will typically provide you with a list of claims to be reviewed but will also want to obtain a sample of the associated medical records before they leave the practice. As part of the site visit, the UPIC auditor may also request to interview your personnel. This is where it can get quite complicated. As a participating provider, you have an affirmative obligation to cooperate with the UPIC’s requests. Unfortunately, the interview of you and your staff could possibly lead to admissions against interest. Call your attorney if a UPIC pays an unexpected visit your practice. We can usually negotiate a time with the auditor so that you (and members of your staff) can be represented by legal counsel.
Often, your first notice of an audit will be the receipt of a letter outlining a UPIC’s dental records request. As a participating provider in the Medicare and / or Medicaid programs, you are required to furnish and submit sufficient information to justify payment as a basic condition of our participation. UPIC audit letter typically require that you submit the appropriate records and information within 30 calendars days (from your date of receipt of the UPIC’s letter). Should you fail to comply with a request for dental records, the UPIC may:
- Issue a determination that an overpayment has been made.
- Allege that the claims request was a Statistically Valid Random Sample (this depends on the size and nature of the initial claims audit). If eligible, the UPIC may then project your error rate to the universe of claims processed during the particular time frame of your audit.
- Request that CMS suspend your Medicaid payments.
- Recommend to the HHS, Office of the Inspector General (OIG) that you and / or your dental practice be excluded from participation in federal and state health benefit programs (including, but not limited to Medicaid) in accordance with § 1128(b)(11) of the Social Security Act.
V. UPIC Dental Audits – Worst Case Scenario:
It is important to keep in mind that UPICs view themselves as an arm of law enforcement. Whether you agree with the UPIC’s view of their role or not, the fact remains that UPICs are always on the lookout for evidence of wrongdoing, improper conduct or fraudulent acts that go beyond what is typically associated with a mere overpayment. When potentially-fraudulent conduct is identified, referrals to federal or state law enforcement and / or licensure agencies may be made. In addition to facing administrative sanctions such as revocation, suspension and / or exclusion, these referrals may also lead to one or more of the following actions:
- Revocation of a dentist’s DEA permit.
- Referral to the State Dental Board for investigation and possible disciplinary action.
- The assessment of Civil Monetary Penalties (CMPs) by OIG.
- Referral to the U.S. Department of Justice (DOJ) for possible civil prosecution of False Claims Act violations.
- Referral to the DOJ for criminal prosecution. These cases have typically involved violations of the Anti-Kickback Statute, Health Care Fraud and / or other criminal laws. Examples of conduct that has led to criminal prosecution include billing Medicaid for unnecessary procedures and / or billing Medicaid for procedures that were never performed.
- In one case, a single dentist and his former employer were unable to produce medical records to support 335 claims totaling $26,657 that were sampled at his practice.
- In another case, a dentist was audited because it was virtually impossible for him to complete all of the services he billed for in a single day. When asked about the billings, he reportedly stated that he could complete a filling procedure in 30 seconds. As you can imagine, the government didn’t believe the dentist.
- One government audit found that two dentists billed for four or more fillings on one tooth or for two types of fillings on the same surface of the same tooth.
- Billing Medicaid for substandard work.
- Submitting claims for reimbursement under another dentist’s Medicaid provider number.
- Too many or too few X-rays. In some cases, the x-rays have been taken incorrectly, taken by employees not licensed to operate the x-ray machine, and/or unreadable or even blank.
VI. Preparing for a Dental Claims Audit:
Dental providers must realize that they are responsible for any and all claims submitted by their practice, whether or not they even have direct knowledge of the claim. You are liable for all of the information recorded on the Dental Claim Form.
- Do you have an effective Compliance Program in place? It is required under the Affordable Care Act. Moreover, most state Medicaid programs require that a such a plan be in place. Finally, all Medicaid Advantage plans require that participating dental providers have a Compliance Program.
- Have you and your staff reviewed necessary information regarding specific codes for billing Medicaid dental claims? Have you paid special attention to federal / state regulatory requirements, State Dental Practice obligations, and your contractual mandates?
- When was the last time you conducted an internal dental claims audit and examined whether the services you are providing fully reflect medical necessity requirements, are documented to meet the requirements of the payor, and are properly coded and billed?
- When was the last time you conducted an audit of your dental business practices? Are your practices free of any possible violations of the False Claims Act or Anti-Kickback Statutes?
- Have you fully implemented each of your obligations under HIPAA and HITECH?
- Do you have an effective anonymous compliance reporting mechanism in place? Have you advised and trained your dental practice staff on their obligations to report improper billings or conduct to your practice’s Compliance Officer?
- Are you screening your dental practice employees, contractors, vendors and contractors through all Federal and State exclusion databases?
Being able to answer these questions can significantly reduce your exposure to outside audits and can help you in setting up (if you have not already done so), and maintaining an effective Compliance Program. It is our recommendation that you engage a suitable, qualified entity to help you. In this regard, Liles Parker can provide you with the advice and counsel you need. Our attorneys represent dental practices in both Medicaid and private payor dental audits. Moreover, we can assist you in assessing your current level of compliance so that you will be better prepared if your practice faces a UPIC audit in the future.
Robert W. Liles, J.D., M.B.A., M.S., serves as Managing Partner at the law firm Liles Parker, Attorneys & Counselors at Law. Liles Parker attorneys represent dentists and dental practices around the country in connection with Medicaid claims audits and audits by private payors. For a free initial consultation about UPIC dental audit, give us a call at: 1 (800) 475-1906.
 What does it mean if a contractor has been awarded a UPIC contract but it is designated as “Indefinite Delivery, Indefinite Quantity?” This is a term that is used by the General Services Administration (GSA) when the agency is not yet in a position to determine, above a specified minimum, the precise quantities of supplies or services that the government will require during a contract period. Essentially, it means that the ZPIC contracts in the remaining jurisdictions remain in place and are winding down. As those contracts terminate, the new UPIC contracts will be implemented.
 Qlarant was formally known as “Health Integrity, LLC” when it operated as a ZPIC for Zone 4.
 In contrast to their ZPIC predecessors (which are only responsible for auditing Medicare claims), UPICs are responsible for conducting program integrity audits of both Medicare AND Medicaid claims.
 For example, in 2017, the U.S. Attorney’s Office for the District of Nebraska unsealed an Indictment against a Nebraska-licensed dentist alleging that the dentist submitted approximately 129 claims to the Nebraska Medicaid program for dental services that the government alleges were never performed. The defendant dentist has been charged with violations of Health Care Fraud, 18 U.S.C. §1347.
 In its earlier incarnation as a ZPIC, it was our experience that Health Integrity auditors sometimes conflated “medical necessity” with “coverage.” This often resulted in audit findings proclaiming that one or more services rendered were allegedly not medically necessary, when in fact the services were medically necessary, they just didn’t qualify for coverage under the payor’s contract.
 See Footnote #5.
 In our review of dental claims, the lack of adequate documentation has been identified as the primary reason cited by auditors when denying payment. Dentists and dental professionals MUST review federal and state regulatory requirements, along with applicable contractual obligations to ensure that their documentation practices are fully compliant with coverage and payment rules.
 For example, in November 2017, the U.S. Attorney’s Office for the Southern District of New York unsealed a Complaint against a New York licensed dentist and a non-licensed individual performing unauthorized dental services. As the Complaint reflects, some of the Medicaid claims billed were associated with patients who had been recruited to the dental practice and paid kickbacks of $25 to undergo minimal dental procedures.
 Improper coding practices can take a wide variety of forms. While “upcoding” and “billing for services not rendered” are perhaps the most common violations cited by dental claims auditors. We have also seen instances where dentists or dental practices have rendered non-covered services but have miscoded the services so that they would qualify for coverage and payment.
 While every dental practice is different, a common billing error that we have identified in our compliance reviews has been that dental practices often fail to credential new dentists with one or more payors in a timely fashion. Instead, the practices improperly bills for the dental services rendered by a non-credentialed provider under the number of a credentialed provider. We have found this problem when auditing both Medicaid and private payor dental claims. This improper practice can lead to the repayment of overpayments, referral to one’s State Dental Board, liability under the civil False Claims Act, and, in more serious cases, in criminal prosecution.
 For a more detailed discussion of how UPIC audits are generated, please see: Medicare Program Integrity Manual, Chapter 2, §2.3. The sources utilized by UPICs are the same as those relied on by ZPICs.