Liles Parker PLLC
(202) 298-8750 (800) 475-1906
Washington, DC | Houston, TX
Baton Rouge, LA

We Defend Healthcare Providers Nationwide in Audits & Investigations.

What is a Medicare Suspension of Payment Action?

January 11, 2021 by  
Filed under

Download PDF

Keeping “bad actors” out of the Medicare program in the first place is the most effective way for the Centers for Medicare and Medicaid Services (CMS) to protect the financial integrity of the Medicare Trust Fund.  Once a health care provider or supplier has been enrolled in the Medicare program, there are a number of program integrity measures (such as the administrative suspension of a provider’s payments) that can be used CMS and its contractors to address improper, fraudulent or abusive conduct. Over the last decade, since the passage of the Affordable Care Act (ACA), [1] we have seen a significant increase in the number of suspension actions taken by CMS and Unified Program Integrity Contractors (UPICs) around the country.

I.  Medicare Suspension of Payment Authorities:

Pursuant to 42 C.F.R. §405.371(a)-(c), Medicare payments to participating providers may be suspended, offset or recouped by CMS or one of its authorized contractors as follows:

  • Payments may be suspended, in whole or in part, if: (1) CMS or the Contractor has reliable information an overpayment exists, or (2) Payments to be made may not be correct, although additional information may be needed for a determination; [2]
  • Payments may be suspended, in whole or in part, in cases of suspected fraud if: (1) CMS or the UPIC has consulted with the Office of Inspector General (OIG) and, as appropriate, the Department of Justice (DOJ); and (2) it is determined that a credible allegation of fraud exists against a provider or supplier; unless (3) there is good cause not to suspend payments; [3]
  • Payments may be offset or recouped, in whole or in part if:CMS or the Medicare contractor has determined that the provider or supplier to whom payments are to be made has been overpaid. [4]

II.  Medicare Suspensions of Payment Based on Credible Allegations of Fraud:

The ACA expanded the ability of the government to detect health care fraud and protect the Medicare Trust Fund. One such provision was the expansion of CMS’s suspension authority to permit suspensions based on a “credible allegation of fraud.”

Not surprisingly, the vagueness and potentially broad scope of a standard based on a “credible allegation of fraud” has been an ongoing concern of many providers.  Unfortunately, the definitions of this term with respect to the Medicare program is extraordinarily broad. [5]  With respect to the Medicare program, a credible allegation is broadly defined to include an allegation from any source, such as (1) Fraud hotline complaints; (2) Claims data mining; and (3) Patterns identified through provider audits, civil false claims cases and Law enforcement All allegations are considered to be credible when they have indicia of reliability.

III.  CMS Takes a Broad View of What Constitutes a Credible Allegation of Fraud:

As set out under MPIM Section 8.3.1.1, the suspension of a Medicare provider’s payments based on a credible allegation of fraud are not limited to merely traditional fact patterns associated with fraud.  CMS also considers the following situations to constitute a credible allegation of fraud:

  • The Quality Improvement Organization (QIO) has reviewed inpatient claims and determined that the diagnosis related groups (DRGs) have been
  • The UPIC or MAC may suspect a violation of the physician self-referral ban.
  • Even though services are rendered and may be determined as medically necessary and reasonable by the Medicare contractor, law enforcement has credible allegations of kickback
  • Forged signatures on medical record documentation and/or other misrepresentations on Medicare claims or associated forms to obtain payment that would result in an overpayment.  [6]

IV.  Prior Analysis by the OIG of Medicare Payment Suspension Actions Taken:

On November 1, 2010, the OIG released a report for CMS entitled “The Use of Payment Suspensions to Prevent Inappropriate Medicare Payments.” [7] The goal of this report was to evaluate CMS’s use of suspension actions taken in 2007 and 2008 and assess the agency’s procedures for implementing payment suspension actions. The OIG analyzed 253 payment suspensions made over the course of two years.  The OIG reported that the great majority of suspensions that took place between 2007 and 2008 “exhibited characteristics that suggest fraud.” In fact, payment suspensions taken during this period were almost all used “as a tool to fight fraud.” The OIG based this conclusion on the following information:

99% of suspension notices were sent to the provider on or after the effective suspension date, indicating that fraud was a consideration in the suspension action.

74% of suspended providers had questionable billing patterns, such as spikes in multiple claims submitted for the same beneficiary or extensive services provided within a very short time

63% of suspensions involved complaints or information from beneficiaries raising concerns about services they never received or that were medically unnecessary.

V.   Medicare Suspensions of Payment Based on Overpayments Rather Than a Credible Allegation of Fraud:

Initially, quite a few suspensions were imposed on a credible allegation of fraud.  However, over the past year, payment suspensions have primarily been based on overpayments rather than a credible allegation of fraud.  Suspensions based on reliable information” that an overpayment exists or that payments may not be correct are the most common situations where a suspension action is taken. The Medicare Program Integrity Manual (PIM) states that suspensions of this sort may be implemented include, but are not limited to, the following examples:

  • Where several claimed services in a prepayment or postpayment review were determined to be non-covered or miscoded;
  • It has been determined that there is a pattern of noncompliant billings and it is suspected that there may have been a substantial number of additional non- covered or miscoded claims paid in the past;
  • There was a pattern of noncompliant billings identified in a prior review and the provider failed to change its billing behavior [8]

Payment suspensions based on this section are referred to the CMS Center for Program Integrity (CPI) for approval and can be made by CMS without consultation with law enforcement or any other agency. They can also be imposed without prior notice in order to prevent placing additional Medicare funds at risk and hindering the government’s ability to recover any determined overpayment.  [9]

VI.  Good Cause Exceptions Applicable to Medicare Suspensions of Payment:

Suspension regulations are somewhat limited by what is referred to as the “good cause” exception. Even in cases involving credible allegations of fraud, CMS may continue payments if there exists some good cause for doing so. Examples of what constitutes “good cause” include:

  • The possibility that payment suspension will alert a violator to an investigation or inquiry;
  • The possibility that payment suspension will expose whistleblowers or confidential sources;
  • Where payment suspension may jeopardize beneficiary access to necessary items or services;
  • Where remedies other than payment suspension available to CMS are more expeditious or effective in protecting Medicare funds; or
  • Where payment suspension would “not be in the best interests of the Medicare ” [10]

VII.  Initiation and Investigation of Medicare Suspension Actions:

Medicare payment suspension actions may be initiated in several different ways. However, most suspension or recoupment actions are generated through one of the following sources:

  • Referrals: A number of entities will refer matters for investigation that may lead to a suspension such as CMS, law enforcement and the Medicare Administrative Contractors (MACs). Leads based on beneficiary and provider complaints and hotline tips allegations can also lead to a suspension;
  • Contractor data analysis: Medicare Program Integrity Contractors conduct their own data analyses to identify providers with suspect billing patterns;
  • Fraud Preventive System (FPS) Analysis: [11] The FPS is used to identify providers with suspect billing patterns and prioritizes leads based on provider risk-scores.

VIII.  Medicare Suspension Process and Procedures:

Before sending a suspension notice to a provider, a UPIC must first provide CPI with a draft of the notice to be sent.  In addition to their recommendation regarding the suspension action, a UPIC must also provide any other supportive materials for the consideration of the CPI. A draft suspension notice to a Medicare provider must include the following:

  • The date the payment suspension action will be or has been imposed;
  • How long the suspension is expected to be in effect (NOTE: All payment suspensions shall be established in 180 calendar day increments);
  • The reason for suspending payment. (For fraud suspensions, the UPIC shall include the rationale to justify the action being taken);
  • In most notices, the UPIC shall identify and describe at least five example claims that are associated with the reason for the payment suspension, if available. The claim examples are to be the most current claims available unless otherwise directed by CMS. The notice shall only reference the example claim control number, the amount of payment, and the date of service;
  • The extent of the payment suspension (i.e., 100 percent payment suspension or partial payment suspension, where less than 100 percent of payments are withheld);
  • The payment suspension action is not appealable;
  • CMS/CPI has approved implementation of the payment suspension;
  • Documentation that the provider has been given the opportunity to submit a rebuttal statement within 15 calendar days of notification; and
  • An address for the provider to mail the rebuttal.  [12]

IX.  CMS’s Role in Approving a Medicare Suspension Action:

Once the proposed suspension letter has been drafted, CMS will review it and determine whether or not to approve the proposed action. If approved, CMS must then decide whether the provider should be notified before or after the effective date of the suspension. If a provider is targeted for suspension because of fraud, deliberate misrepresentation, or harm to Medicare trust funds, then the provider is almost always notified of the suspension on or after the effective date. Health care providers who are suspended for all other reasons are typically notified at least 15 days prior to the suspension taking effect. From a practical standpoint, almost all providers are notified of a suspension action after the effective date, not before.

The initial period of suspension can last for up to 180 days from the effective date and it can be extended for an additional 180 days if CMS requires additional time to calculate the overpayment amount. Prior notice of the suspension does not have to be given in order to prevent placing additional Medicare funds at risk and hindering the government’s ability to recover any determined overpayment. See 42 C.F.R. § 405.372(a)(3).

X.  Can You Appeal a Medicare Suspension Action?

Unfortunately, there is not an administrative appeals mechanism available for providers to challenge a Medicare payments suspension action. At most, a provider can submit a “rebuttal” letter to CMS detailing why the proposed suspension action should not take effect or should be lifted. A rebuttal letter must be submitted within 15 days of the suspension notice. CMS contractors will then review the provider’s rebuttal, draft a response and submit the proposed response (along with the provider’s rebuttal) to CMS for approval. It has been our experience that CMS rarely changes its position and cancels the planned suspension action.

XI.  Length of a Medicare Payment Suspension Action:

The length of a payment suspension period is usually 180 days, but this can be extended under certain circumstances. For example, if a contractor is unable to complete an examination of the information submitted by a provider, or if DOJ is investigating criminal charges or civil actions, the suspension may be extended for 180 days. In addition, if OIG is considering administrative action, such as exclusion from participation in Medicare or the assessment of civil monetary penalties, then the s

XII.  Lifting a Medicare Payment Suspension Action:

During the suspension period, CMS contractors will usually initiate a post-payment audit of the provider’s claims and request that the provider submit any medical records and other information in support of the claims identified. A Medicare contractor (most often a UPIC) will then analyze these medical records in order to determine the amount of any improper payments made to the provider, including overpayments. Once the claims have been evaluated, the results of the post-payment audit will be sent to the provider. A provider’s Medicare Administrative Contractor (MAC) will then issue a demand letter to the provider requesting a refund of any overpayment identified. Once the nature and extent of an overpayment has been identified, the suspension action is usually lifted (although it is not unusual for the provider to remain on prepayment review.

Health care providers may continue to submit claims during a suspension period, but payments for these claims will not be made until a UPIC can determine the nature and amount of any overpayment that may be owed by a provider. Any claims found to qualify for coverage and payment are usually used to offset the amount of any overpayment that is later determined by the auditing contractor. Excess funds are then distributed to the provider.

XIII.  Recommendations for Providers:

Medicare payment suspensions can dramatically impact and disrupt a provider’s health care practice in light of their potential length and the lack of meaningful appeal rights. As such, below are some recommendations for responding to suspension actions and/or for avoiding them if the first place:

A.  Engage Experienced Legal Counsel.  In light of both the seriousness and complexity presented, it is strongly recommended that providers facing a payment suspension action immediately engage experienced counsel. Regardless of the stated reason for a suspension action, Medicare contractors, OIG and DOJ are looking for fraud or deliberate misrepresentation whenever a suspension is imposed. Therefore, care should be taken to ensure that the rights of the health care provider and its staff are properly protected.

B.    Submit a Rebuttal. The OIG report noted that only 16% of providers suspended between 2007 and 2008 submitted a rebuttal to the suspension notification. While a rebuttal does not guarantee that CMS will not proceed with the suspension, it does give the provider an opportunity to explain any of the potential mistakes or errors that drew the attention of CMS. Additionally, it is critical to keep in mind that suspension actions are not appealable. Once a suspension is imposed, there is no recourse for the provider. A rebuttal is a provider’s only opportunity to be heard prior to imposition of the suspension.

C.    Timely Provide Medical Records When Requested by CMS.  Once a suspension has been imposed, the contractor will request medical records from the provider in order to evaluate the related claims and the OIG report noted that suspensions were often extended beyond the initial 180-day time period for the provider’s failure to timely submit medical records. It is possible that providers who comply with CMS medical records requests as soon as possible will see their cases resolved more quickly and their suspensions lifted without any extension. Additionally, providers should thoroughly organize medical records for complex cases so that CMS contractors can review the records most efficiently and therefore resolve the suspension action.

D.    Credible Allegations of Fraud Can Originate from Practically Anywhere.  It is important to keep in mind that the information upon which a “credible allegation” is based can come from any source. This includes patients, employees, or other providers. Therefore, it is extremely important for providers to be conscientious so that their conduct does not give rise to any inferences of fraud.

NATIONWIDE REPRESENTATION   Call: 1 (800) 475-1906.

Liles Parker attorneys and staff have extensive experience conducting these assessments.  Our attorneys are both seasoned health care lawyers AND have undergone special training and education so that they could become Certified Professional Coders (CPCs), Certified Medical Reimbursement Specialists (CMRSs) and / or Certified Medical Compliance Officers (CMCOs).  Questions?  For a free consultation, give us a call.  We can be reached at:  1 (800) 475-1906.

[1] Pub. L. No. 111-148, 124 Stat. 119 (2010).

[2] 42 C.F.R. §405.371(a).

[3] 42 C.F.R. §405.371(b).

[4] 42 C.F.R. §405.371(c).

[5] 42 CFR § 405.370(a) is the Medicare definition.

[6] See, Medicare Program Integrity Manual sections 8.3.1.1.

[7] Dep’t of Health & Human Servs., Office of Inspector Gen., Memorandum Report: The Use of Payment Suspensions to Prevent Inappropriate Medicare Payments, Rep. No. OEI-01-09-00180 (Nov. 1, 2010). The OIG hasn’t followed up this report with a more recent assessment of the suspension actions taken.

[8] See, Medicare Program Integrity Manual sections 8.3.1.2 and 8.3.1.3.

[9] 42 C.F.R. § 405.372(a)(3).

[10] 42 CFR § 405.371(b).

[11]  FPS is a data analytic system implemented in 2011 by CMS. FPS compares provider billing patterns and other data against models of potentially fraudulent behavior to identify providers with suspect billing for potential investigation. In developing these leads, FPS is intended to help CMS prevent potentially fraudulent payments by furthering the agency’s ability to more quickly identify and investigate suspect providers and take corrective action.

[12] MPIM Section 8.3.2.2.2.

A Credible Allegation of Fraud Related to Medicare or Medicaid Services Will Result in Your Dental Practice Being Placed on “Suspension” or “Payment Hold.”

December 31, 2012 by  
Filed under Dental Audits & Compliance

Download PDF

(December 31, 2012):  Over the last year, many dentists, orthodontists and oral surgeons around the country who participate in federal health care benefits programs such as Medicare and Medicaid have found themselves accused of a “credible allegation of fraud,” levied by federal / state investigators or agents contracted to audit dental providers on behalf of the government.  As these dental professionals have learned, regulatory compliance is essential. Unlike physicians, hospitals, DME suppliers and other health care providers who are constantly under regulatory scrutiny, the dental community has largely been left alone by the government.  In past years, Medicaid audits have occasionally occurred but the cases pursued have been infrequent and typically appeared to involve egregious improper conduct.  Similarly, Medicare audits and investigations of the few dental services which qualify for coverage and payment have been relatively rare.       As many dental providers are now finding, both law enforcement and government contractors are actively relying on sophisticated data mining and other targeting tools to identify and audit providers who may appear to be outliers, either in their coding, billing or utilization practices.  Now, more than ever before, it is essential that dental providers examine each aspect of their business to better ensure that their actions fully comply with applicable statutory and regulatory requirements.

II. Under the ACA, if a “Credible Allegation of Fraud” is Raised Against a Dental Provider, the Provider’s Participation Status in Medicare May be “Suspended” and its Medicaid Payments May be “Placed on Payment Hold.”

With the passage of the Affordable Care Act (ACA) in March 2011, the Medicare Program (covered in Title XVIII of the Social Security Act (the Act)) was amended in a number of important ways. One of its more significant changes permitted the Secretary, Department of Health and Human Services (HHS) to:

“. . . suspend payments to a provider or supplier pending an investigation of a credible allegation of fraud unless the Secretary determines that there is good cause not to suspend payments.”[1] (emphasis added). 

When exercising this option, the Secretary is first required to consult with the Office of Inspector General (HHS-OIG) to determine whether a “credible allegation of fraud” against a provider or supplier is present.  Importantly, the phrase “credible allegation of fraud,’’ has been expressly defined by HHS-OIG to include:

“. . . an allegation from any source, including but not limited to fraud hotline complaints, claims data mining, patterns identified through provider audits, civil False Claims Act, and law enforcement investigations.” 

Over the past year, a number of Medicare providers have found themselves facing suspension based on an alleged “credible allegation of fraud” arising out of an anonymous complaint.  This complaint may have been filed by a patient, a disgruntled former employee or possibly even a vindictive competitor.  Alternatively, the suspension action may have been generated based on the provider’s billing patterns or the provider’s possible over-utilization of certain services.  Importantly, the decision to suspend a provider from the Medicare program remains discretionary with CMS and HHS-OIG.  In contrast, no such discretion exists in similarly situated Medicaid cases.

III.  If a “Credible Allegation of Fraud” is Present, States Must Suspend Medicaid Payments:     

A payment hold action is a “temporary denial of reimbursement under the Medicaid or other HHS program for items or services furnished” by a dental professional.[2]  Medicaid payment holds are initiated by the Texas Health and Human Services Commission, Office of Inspector General (HHSC-OIG). This type of administrative remedy effectively freezes a dental provider’s cash flow.  Payment hold actions are intended to stay in place until the dispute is resolved between the dental professional and HHSC-OIG.

If a credible allegation of fraud has been levied against a Texas provider of Medicaid dental services, the state must suspend all Medicaid payments to the dental provider.  (See to 42 CFR § 455.23 (2011). In further support of such an action, the Texas Government Code section 531.102(g)(2), allows the state to place a Medicaid provider on payment hold “on receipt of reliable evidence that the circumstances giving rise to the hold on payment involve fraud or willful misrepresentation under the state Medicaid program in accordance with 42 C.F.R. 455.23, as applicable.”  The bottom line is clear – if a credible allegation of fraud has been alleged against a Texas dental provider of Medicaid reimbursed services, the provider will in all likelihood be placed on payment hold – an action that is tantamount to a suspension from the program.

IV.  Exceptions to the Suspension / Credible Allegations of Fraud Rule.

To date, HHSC-OIG has been reluctant to exercise its authority to waive a payment hold / suspension action in cases where a credible allegation of fraud has been alleged against a Texas dental provider of Medicaid services.  Nevertheless, under the Affordable Care Act (ACA), if the state determines that “good cause” exists not to suspend payments, the government may waive its right to place a provider on payment hold and suspend payments. The following reasons have been cited as possibly constituting “good cause”:

“Upon a specific request by a law enforcement agency; (for example, when a suspension might alert a violator at a critical stage of an undercover investigation or compromise the identity of an informant);

If the state determines that another remedy could more effectively protect Medicaid funds (for example, through an injunction or court intervention);

If the state determines that the suspension is not in the best interests of the Medicaid program; and

If the state determines that a suspension will have an adverse effect on beneficiaries’ access to care.”[3]

             Finally, HHSC-OIG may also decide to discontinue a payment hold / suspension action if a law enforcement agency declines to certify that a matter is still under investigation.

V.  Final Remarks:

Unfortunately, very few dental professionals participating in either Medicare or Medicaid have developed and implemented an effective Compliance Plan.  To the extent that portions of a program have been prepared, in most instances these sections have focused almost exclusively on HIPAA privacy and OSHA requirements.  It is imperative that dental professionals examine their current practices and compare those practices with applicable documentation, medical necessity and coverage mandates.  The number of claims audits currently underway by Medicare and Medicaid contractors is significant and is expected to continue to grow.  Now, more than ever, it is essential that you examine your practice, identify and potential deficiencies, promptly pay back any overpayments and implement remedial measures to help ensure that these types of problems do not reoccur.

Healthcare LawyerRobert W. Liles is Managing Partner at the health law firm, Liles Parker, PLLC.  With offices in Washington, DC, Houston, TX, McAllen, TX and Baton Rouge, LA, our attorneys represent dental professionals around the country in connection with Medicare / Medicaid audits, Compliance Plan reviews and state peer review actions.  Should you have any questions, please call us for a free consultation.  Robert can be reached at: 1 (800) 475-1906.   


[1] 5928 Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011.

[2] http://oig.hhsc.state.tx.us/OIGPortal/tabid/86/ShowArticle/mid/25/Default.aspx?TabID=85

[3] https://oig.hhsc.state.tx.us/Reports/CAF_FAQs-2012-09-19.pdf

2011: The Year of Compliance – Medicare Payment Suspension Actions

Download PDF

A Medicare payment suspension action can destroy your practice(January 26, 2011): Medicare payment suspension action can prove disastrous for your practice or home health agency.  How did we get to this point?  The recent debate over healthcare in this country has drawn attention to healthcare costs as well as the relationship between healthcare providers and the Federal government. With healthcare costs steadily on the rise, the government has been searching for ways to contain costs in Federal and State healthcare programs. These cost control efforts have resulted in a substantial focus on reducing healthcare fraud, which the federal government estimates could account for up to 10% of the country’s annual healthcare expenditures (or approximately $226 billion per year).[1] While the government has always possessed the authority to sanction providers for healthcare fraud and related activities, the newly-enacted Health Care Reform legislation (collectively referred to as the “Affordable Care Act” (ACA)) dramatically expands these regulatory powers. One of the most potent anti-fraud tools available to the government- specifically the Center for Medicare and Medicaid Services (CMS)- is the suspension of payments to providers. This article will provide a brief overview of CMS’s Medicare suspension authority and the requisite procedures, discuss the new relevant provisions of the ACA, and then conclude with some advice for providers seeking to avoid suspension actions.

 I.   CMS’ Medicare Payment Suspension Authorities and Procedures:

Historically, CMS has been empowered to suspend payments to Medicare providers in three circumstances:

Fraud or willful misrepresentation;

An overpayment of an undetermined amount has been identified; or

Payments that have been made (or are scheduled to be made) may be incorrect. (42 C.F.R. §405.371(a)(1).

Suspension actions can be initiated several ways.  These include: (1) Suspensions requested by a Medicare contractor (generally recommended by a Zone Program Integrity Contractor (ZPIC) or Program Safeguard Contractor (PSC)), (2) Suspensions initiated by CMS, or (3) Suspensions requested by law enforcement (such as the Office of Inspector General (OIG) or the Department of Justice (DOJ).  Typically, the ZPIC or PSC would then provide CMS with a draft Medicare suspension notice, along with a summary of the information upon which the Medicare suspension action has been based.  The suspension notice to the health care provider must include

 The specific reason for the Medicare suspension;

 The extent of the Medicare suspension (such as all claims, certain types of claims, 100% suspension, or partial suspension);

A statement that the Medicare suspension is not appealable;

A statement that CMS has approved of the Medicare suspension action; 

The date on which the Medicare suspension will begin;

The items and services subject to the Medicare suspension;

The expected duration of the Medicare suspension action;

A statement that the provider may submit a rebuttal within 15 days of the Medicare suspension letter.

Information on where the provider is to mail the rebuttal.  (See generally, CMS, MPIM § 3.9.2.2.2).

 A.        CMS’ Role in Approving a Medicare Suspension Action.

Once a Medicare suspension letter has been drafted, CMS will review it and determine whether the provider should be notified before or after the effective date of the Medicare payment suspension. If a provider is targeted for Medicare payment suspension because of fraud, deliberate misrepresentation, or harm to Medicare trust funds, then the provider will be notified of the Medicare payment suspension on or after the effective date.  Health care providers who are suspended for all other reasons are notified at least 15 days prior to the suspension taking effect.  Notably, the OIG found that only three of the providers suspended during this period were given advance notice.  In other words, it appears that all but three providers were suspended with no advance notice, and were likely suspected of fraud or willful misrepresentation.

 B.        Opportunity to Appeal a Medicare Payment Suspension Action.

Notably, there is not an administrative appeals mechanism available for providers to challenge a suspension action. At most, a provider can submit a “rebuttal” letter to CMS detailing why the proposed Medicare payment suspension should not take effect or should be lifted. A rebuttal letter must be submitted within 15 days of the suspension notice. CMS contractors will then review the provider’s rebuttal, draft a response, and submit the proposed response (along with the provider’s rebuttal) to CMS for approval.  From a practical standpoint, it has been our experience that CMS rarely changes its position and cancels the planned Medicare suspension action.

 C.        Length of Medicare Payment Suspensions.

The length of a Medicare suspension of payments period is usually 180 days, but this can be extended under certain circumstances.

D.       Having a Medicare Payment Suspension Action Lifted.

During the suspension period, CMS contractors will request that the provider submit medical records relevant to any suspect claims being examined by CMS. A Medicare contractor (typically a ZPIC or PSC) will then analyze these medical records in order to determine the amount of any improper payments made to the provider, including overpayments. Once the overpayment has been calculated, a provider’s Medicare Administrative Contractor will issue a demand letter to the provider requesting a refund of the overpayment amount. In some instances, once CMS has ascertained the nature and extent of any overpayment, the suspension action will be lifted.

Health care providers may continue to submit claims during a suspension period, but payment action for these claims will not be taken until the ZPIC / PSC can determine the nature and amount of any overpayment that may be owed. Any claims found to qualify for coverage and payment are usually used to offset the amount of the overpayment determined by the ZPIC / PSC.  Excess funds are then distributed to the provider.

 II.  Recent Analysis of Prior Medicare Payment Suspension Actions Taken: 

On November 1, 2010, the OIG released a report for CMS entitled The Use of Payment Suspensions to Prevent Inappropriate Medicare Payments.[3] The goal of this report was to evaluate CMS’ use of suspension actions taken in 2007 and 2008 and  assess CMS’ procedures for implementing payment suspension actions. OIG analyzed 253 payment suspensions made during these two years.

 A.        General Overview of Medicare Payment Suspension Actions Taken in 2007 and 2008.

The OIG found that 85% of the providers suspended in 2007 and 2008 were  Medicare Part B providers.  Additionally, 79% of these providers were located in four states: Florida, California, Michigan, and Puerto Rico.  They further found that CMS contractors generally complied with the suspension “notice” requirements set forth in CMS rules and regulations, providing all of the required elements in the suspension notice in 96% of the actions examined.  Notably, only 16% of the providers suspended submitted a “rebuttal” to the suspension notice.   Notably, the average length of time before CMS approved a proposed suspension was four calendar days, and more than half of these suspensions were extended. Notably, the report explained that many suspensions are extended because CMS contractors needed additional time to calculate overpayments for reasons ranging from delayed receipt of medical records[4] to the complexity of the analysis required.  As OIG found, the median overpayments assessed in connection with payment suspension actions taken were quite large.  The OIG found the following:

Overpayments Assessed in Connection with Medicare Payment Suspension Actions Taken During 2007 and 2008 

 

Type of Health Care Provider

 

   

 Number of Providers Suspended

 

Median Alleged Overpayment Assessed

 

Part A

 

 

21

 

$1,645,026

 

Part B – DMEPOS

 

 

57

 

$1,237,153

 

Part B –non-DMEPOS

 

 

65

 

$1,072,338

B.        Reasons for Medicare Payment Suspension Actions.

OIG reported that the great majority of suspensions that took place between 2007 and 2008 “exhibited characteristics that suggest fraud.” In fact, payment suspensions taken during this period were almost all used “as a tool to fight fraud.” The OIG based this conclusion on the following:

99% of suspension notices were sent to the provider on or after the effective suspension date, indicating that fraud was a consideration in the suspension action.

74% of suspended providers supplied information suggesting questionable billing patterns, such as spikes in multiple claims submitted for the same beneficiary or extensive services provided within a very short time frame.

63% of suspensions involved complaints or information from beneficiaries raising concerns about services they never received or that were medically unnecessary.

 C.        CMS Guidance on Medicare Payment Suspensions Has Been Inconsistent.

The OIG noted some documents supplied by the CMS to provide guidance on payment suspensions are inconsistent or incomplete. Some information that the OIG identified as needing revision includes:

The CMS Program Integrity Manual (PIM) mandates that contractors requesting suspension submit to CMS a draft of the suspension notice along with “other supportive information” when requesting suspension. However, the manual fails to define or provide examples for the phrase “other supportive information.”

 The model suspension notice contained in the PIM has not been updated since 2000. Accordingly, the notice provides an incorrect summary of the suspension process.

The OIG report concluded that, based on the data reviewed, Medicare payment suspensions were used almost exclusively as a tool to fight fraud in 2007 and 2008. The report did not offer any recommendations, but it did note that the PPACA dramatically expanded CMS’s authority to suspend Medicare payments.

III.  Health Care Reform and Medicare Payment Suspensions:

The Patient Protection and Affordable Care Act, as amended by the Health Care and Education Reconciliation Act of 2010 (collectively referred to as the Affordable Care Act or “ACA”), was signed into law on March 23, 2010.  Among its provision, the ACA further expanded CMS’ ability to take payment suspension actions. In addition to the three suspension criteria discussed above, ACA now permitted CMS to suspend payments based on credible allegations of fraud unless there is good cause not to suspend such payments. The seemingly vague language and potentially broad scope of this rule has many providers concerned about the threat of payment suspensions.

 A.        Proposed Regulations.

The ACA requires the Secretary, HHS to prepare new regulations implementing the provisions of the ACA, including the new payment suspension rules.  On September 23, 2010, HHS issued a proposed regulation which defines a “credible allegation of fraud” as allegations from any source, including:

Fraud hotline complaints.

Claims data mining.

Provider audits.

Civil false claims cases.

Law enforcement investigations.

As set out in the Proposed Rule, an allegation is “credible” when it has an indicia of reliability.” Unfortunately, HHS does not supply any additional guidance as to the meaning of potentially vague terms, such as “source” or “indicia of reliability.” Indeed, HHS even appears to concede the ambiguity of these terms; the proposed regulation states “Many issues related to this definition will need to be determined on a case-by-case basis by looking at all the factors, circumstances, and issues at hand.”

This new regulation contains one important limitation, namely the “good cause” exception. Even in cases involving credible allegations of fraud, CMS may continue payments if there exists some good cause for doing so. In the proposed regulation, HHS gives several examples of what could constitute “good cause’ under this standard:

The possibility that payment suspension will alert a violator to an investigation or inquiry;

The possibility that payment suspension will expose whistleblowers or confidential sources;

Where payment suspension may jeopardize beneficiary access to necessary items or services;

Where remedies other than payment suspension available to CMS are more expeditions or effective in protecting Medicare funds; or

Where payment suspension would “not be in the best interests of the Medicare program.”

Aside from its broad sweep and built-in exception, this new credible allegation of fraud rule is distinct from the other bases for payment suspensions in three critical respects. To begin with, CMS is required to consult with OIG in determining whether a credible allegation of fraud exists. This collaboration is not required before CMS suspends payment on any other basis, and OIG has no formal role in imposing such suspensions. Additionally, as discussed above, the other suspension criteria have 180-day time limits (which, under certain circumstances, can be extended), while the credible allegation of fraud rule does not have any such time restrictions. Suspensions could remain effective indefinitely as OIG conducts its investigation into the fraud allegations. Finally, a payment suspension for a credible allegation of fraud may be lifted upon the resolution of the fraud investigation, which occurs when “a legal action is terminated by settlement, judgment, dismissal, or [dropped for lack of evidence].” Conversely, payment suspensions for other reasons are terminated upon refund of any assessed overpayment to CMS.

IV.  Recommendations for Providers:

Medicare payment suspensions can dramatically impact and disrupt a provider’s healthcare practice. Based on the report published by OIG and in consideration of the new regulations promulgated by HHS, below are some recommendations for avoiding suspension actions.

 A.        Engage Experienced Legal Counsel.

In light of both the seriousness and complexity presented, it is strongly recommended that providers facing a payment suspension action immediately engage experienced counsel.  As you will recall, almost all of the suspension actions pursued by Medicare contractors, OIG and DOJ involve allegations of fraud or deliberate misrepresentation.   Therefore, care should be taken to ensure that the rights of the health care provider and its staff are properly protected.

 B.        Submit a Rebuttal.

The OIG report noted that only 16% of providers suspended between 2007 and 2008 submitted a rebuttal to the suspension notification. While a rebuttal does not guarantee that CMS will not proceed with the suspension, it does give the provider an opportunity to explain any of the potential mistakes or errors that drew the attention of CMS. Additionally, it is critical to keep in mind that suspension actions are not appealable; once a suspension is imposed, there is no recourse for the provider. A rebuttal is a provider’s only opportunity to be heard prior to imposition of the suspension.

 C.        Timely Provide Medical Records When Requested by CMS.

As discussed above, once a suspension has been imposed CMS will request medical records from the provider in order to evaluate the related claims for any potential overpayments. In the OIG report, the authors noted that suspensions were often extended beyond the initial 180-day time period for a variety of reasons, one of which was the provider’s failure to timely submit medical records. It is possible that providers who comply with CMS medical records requests as soon as possible will see their cases resolved more quickly and their suspensions lifted without any extension. Additionally, providers should thoroughly organize medical records for complex cases so that CMS contractors can review the records more efficiently and therefore resolve the suspension action.

 D.        Credible Allegations of Fraud Can Originate from Practically Anywhere.

Because the proposed regulations regarding credible allegations of fraud are exceedingly broad and vague, it is difficult to supply guidance to providers concerned about compliance with this new rule. However, one important principle to keep in mind is that, under the definition proposed by HHS, a credible allegation can come from any source. This includes patients, employees, or other providers. Therefore, it is extremely important for providers to be conscientious so that their conduct does not give rise to any inferences of fraud.iles P

Robert Liles Healthcare LawyerRobert W. Liles and other Liles Parker attorneys have extensive experience representing health care providers in connection with a wide variety of administrative, civil and criminal health care fraud enforcement matters — including Medicare suspension of payment actions. Should you have questions regarding this article, please give us a call.  Initial consultations are free.  Robert can be reached at 1 (800) 475-1906.


[1] Federal Bureau of Investigation, Financial Crimes Report to the Public 2007, available at http://www.fbi.gov/stats-services/publications/fcs_report2007/.

[2] For example, if a government official is unable to complete an examination of information submitted by a suspended provider or the Department of Justice is investigating potential criminal charges or civil actions, then the suspension may be extended for 180 days. If OIG is considering administrative action against the provider- such as exclusion from participation in Medicare or the assessment of civil monetary penalties- then the suspension may be extended indefinitely.

[3] Center for Medicare and Medicaid Services, The Use of Payment Suspensions to Prevent Inappropriate Medicare Payments, Report No. OEI-01-09-00180 (Nov. 2010).

[4] The report states that 55% of suspended providers never provided CMS contractors with any medical records at all.

Home Health Revocation Actions by Medicare are Expanding Around the Country

September 28, 2020 by  
Filed under Home Health & Hospice

Download PDF

Have you received a letter proposing the home health revocation of your agency?(September 28, 2020):  Last September, CMS published a Final Rule titled “Medicare, Medicaid, and Children’s Health Insurance Programs; Program Integrity Enhancements to the Provider Enrollment Process.” [1] Among its many changes, the Final Rule significantly expanded the reasons that may be asserted by the Centers for Medicare and Medicaid Services (CMS) when revoking a health care provider’s enrollment and Medicare billing privileges.  The Final Rule also extended the period that a health care provider can be barred from reenrolling in the Medicare program.  Since the issuance of the Final Rule, the enrollment and Medicare billing privileges of an increasing number of home health agencies nationwide have been revoked.   This article examines several of the primary regulatory bases that have been cited by CMS when pursuing a home health revocation action.  It also examines a number of the issues that a home health agency should consider when faced with a potential revocation action.

I.  Summary Listing of the Reasons a Home Health Agency’s Medicare Enrollment May be Revoked:

With the implementation of the Final Rule, the number of reasons upon which CMS may seek to revoke the enrollment and Medicare billing privileges of a participating provider or supplier grew from 14 to 22. [2]  A summary listing of the expanded list of reasons for revocation is set out below.

Revocation Reason #1. Noncompliance. 42 C.F.R. §424.535(a)(1).

Revocation Reason #2. Provider or supplier conduct. 42 C.F.R. §424.535(a)(2).

Revocation Reason #3. Felonies. 42 C.F.R. §424.535(a)(3).

Revocation Reason #4. False or misleading information. 42 C.F.R. §424.535(a)(4).

Revocation Reason #5. On-site review. 42 C.F.R. §424.535(a)(5).

Revocation Reason #6. Grounds related to provider or supplier screening requirements. 42 C.F.R. §424.535(a)(6).

Revocation Reason #7. Misuse of billing number. 42 C.F.R. §424.535(a)(7).

Revocation Reason #8. Abuse of billing privileges. 42 C.F.R. §424.535(a)(8).

Revocation Reason #9. Failure to report. 42 C.F.R. §424.535(a)(9).

Revocation Reason #10. Failure to document or provide CMS access to documentation. 42 C.F.R. §424.535(a)(10).

Revocation Reason #11. Initial reserve operating funds. 42 C.F.R. §424.535(a)(11).

Revocation Reason #12. Other program termination. 42 C.F.R. §424.535(a)(12).

Revocation Reason #13. Prescribing authority. 42 C.F.R. §424.535(a)(13).

Revocation Reason #14. Improper prescribing practices. 42 C.F.R. §424.535(a)(14).

Revocation Reason #15. Reserved. 42 C.F.R. §424.535(a)(15).

Revocation Reason #16. Reserved. 42 C.F.R. §424.535(a)(16).

Revocation Reason #17. NEW — Debt referred to the United States Department of Treasury. 42 C.F.R. §424.535(a)(17).

Revocation Reason #18. NEW Revoked under different name, numerical identifier or business identity. Under 42 C.F.R. §424.535(a)(18).

Revocation Reason #19. NEW Affiliation that poses an undue risk. 42 C.F.R. §424.535(a)(19).

Revocation Reason #20. NEWBilling from a non-compliant location. 42 C.F.R. §424.535(a)(20),

Revocation Reason #21. NEW — Abusive ordering, certifying, referring, or prescribing of Part A or B services, items or drugs. 42 C.F.R. §424.535(a)(21).

Revocation Reason #22. NEWPatient harm. 42 C.F.R. §424.535(a)(22).

For a detailed discussion of the 22 revocation reasons summarized above, you may wish to review our article titled “42 CFR Sec. 424.535(a) Medicare Revocation Actions — Your Medicare Billing Privileges Can be Revoked for a Host of New Reasons. Are You Facing a Medicare Revocation Action? If so, You Must Act Fast to Preserve Your Appeal Rights.”

II.  Primary Reasons Cited in Home Health Revocation Actions:

In reviewing the 22 reasons that CMS may revoke a home health agency’s enrollment and Medicare billing privileges, it is worth noting that only Revocation Reason #11. Initial reserve operating funds. 42 C.F.R. §424.535(a)(11), specifically targets home health agencies.  Under this provision, CMS can revoke the Medicare billing privileges of a home health agency if the agency fails to provide documentation that CMS can use to verify that the home health agency meets the initial reserve operating funds requirement described in 42 C.F.R. §489.28(a).  Although this particular basis for Medicare revocation is explicitly aimed at home health agencies, to date, it is rarely been cited by CMS as the primary reason for revoking an agency’s enrollment and Medicare billing privileges.

Of the remaining revocation reasons cited above, the reasons CMS has repeatedly relied on a home health revocation action are Revocation Reason #5. On-site review. 42 C.F.R. §424.535(a)(5) and Revocation Reason #8. Abuse of billing privileges. 42 C.F.R. §424.535(a)(8).  Both of these reasons for revocation are discussed in more detail below, along with recent home health Medicare revocation case decisions examining these regulatory violations.

III.On-Site Review” as a Basis for a Home Health Revocation Action:

In recent years, our attorneys have represented numerous home health agencies whose enrollment and Medicare billing privileges have been revoked due to the fact that an unannounced, on-site visit by a CMS-contracted inspector found that the provider was no longer operational to furnish Medicare covered home health services. As 42 C.F.R. §424.535(a)(5) provides:

“(5) On-site review. Upon on-site review or other reliable evidence, CMS determines that the provider or supplier is either of the following:

(i) No longer operational to furnish Medicare-covered items or services.

(ii) Otherwise fails to satisfy any Medicare enrollment requirement.” (emphasis added).

What does this mean?  Simply put, if a CMS-contracted inspector conducts an unannounced site visit of a home health agency’s existing certified location and finds that the agency is no longer “operational” at that location, the home health agency’s enrollment and Medicare billing privileges are subject to revocation.  A home health agency is considered to be operational [3] if it:

“. . . has a qualified physical practice location, is open to the public for the purpose of providing health care related services, is prepared to submit valid Medicare claims, and is properly staffed, equipped, and stocked (as applicable, based on the type of facility or organization, provider or supplier specialty, or the services or items being rendered), to furnish these items or services.”

Many of these revocation cases are the result of a home health agency’s failure to properly notify the appropriate MAC that it intends to move from its surveyed and certified location to a new site (within its current approved geographic area). [4]  Home health agencies must also submit an amended Form CMS-855A, along with any other required documentation within 90 days. [5]  A recent DAB decision affirmed the revocation of a home health agency by CMS on the basis that an on-site review of the provider’s surveyed location found that the agency was not operational.

March 2020.  Texas Home Health Agency. Reason for Revocation – On-Site Review.  In a recent case decided by an Administrative Law Judge (ALJ) of the HHS, Departmental Appeals Board (DAB), the ALJ reviewed a revocation case involving a Texas home health agency that allegedly failed to meet its regulatory requirements under 42 C.F.R. §424.535(a)(5).

The facts in the case are fairly straightforward. In July 2017, a CMS-contractor inspector attempted to conduct an unannounced site visit of a home health agency in Tyler, Texas.  When the inspector arrived at the agency address on file with CMS and the MAC, she found that the building at that location was “[v]acant and locked.”  The inspector also found that no employees were present and there were no signs of customer activity.”

At appeal, the home health agency argued that the regulations require that a provider NOT the provider’s physical practice location was required to be “open to the public” for the purpose of providing health care related services.  The home health agency argued that since its staff delivered home health services in the homes of patients and not in a single practice location, it was, in fact, “open to the public.”  Based on the facts presented, the DAB ruled that since the home health agency was not operational at the address on file with CMS, it was in violation of the requirements under 42 C.F.R. §424.535(a)(5)(i).  The DAB therefore affirmed the revocation action and the two-year enrollment bar that had been imposed.

III. “Abuse of Billing Privileges” as a Basis for a Home Health Revocation Action:

As a review of 2019 and 2020 DAB decisions will confirm, CMS is increasingly citing a home health provider’s abuse of billing privileges when exercising its Medicare revocation authority.  Most of the revocation actions taken during this period alleged that the home health agency “has a pattern or practice of submitting claims that fail to meet requirements.” [6] As 42 C.F.R. §424.535(a)(8) provides:

“(8) Abuse of billing privileges. Abuse of billing privileges includes either of the following:

(i) The provider or supplier submits a claim or claims for services that could not have been furnished to a specific individual on the date of service. These instances include but are not limited to the following situations:

(A) Where the beneficiary is deceased.

(B) The directing physician or beneficiary is not in the state or country when services were furnished.

(C) When the equipment necessary for testing is not present where the testing is said to have occurred.

(ii) CMS determines that the provider or supplier has a pattern or practice of submitting claims that fail to meet Medicare requirements. In making this determination, CMS considers, as appropriate or applicable, the following:

(A) The percentage of submitted claims that were denied.

(B) The reason(s) for the claim denials.

(C) Whether the provider or supplier has any history of final adverse actions (as that term is defined under § 424.502) and the nature of any such actions.

(D) The length of time over which the pattern has continued.

(E) How long the provider or supplier has been enrolled in Medicare.

(F) Any other information regarding the provider or supplier’s specific circumstances that CMS deems relevant to its determination as to whether the provider or supplier has or has not engaged in the pattern or practice described in this paragraph.”  (emphasis added).

What does this mean?  When analyzing this revocation reason, it is worth noting that it is comprised of two parts, paragraphs (i) and (ii).  Under 42 C.F.R. §424.535(a)(8)(i), several straightforward criteria are outlined in sections (i)(A)-(C) that can serve as the basis for revoking a provider’s enrollment and Medicare billing privileges.  In contrast, paragraph (ii) permits CMS to revoke a provider’s enrollment if it determines that the provider “has a pattern or practice of submitting claims that fail to meet Medicare requirements.”   Although sections (ii)(A)-(F) are intended to provide a framework that can be used by CMS to determine if a “pattern or practice” of improper billing conduct is present, in our opinion this reason for revocation is still remarkably broad and subject to the vagaries of the discretion of CMS and its contractors.  An overview of one of the more interesting Medicare revocation cases brought under 42 C.F.R. §424.535(a)(8) is set out below.

May 2020.  Texas Home Health Agency. Reason for Revocation — Abuse of billing privileges:  In this case, an ALJ was faced with a case where a Texas home health agency was alleged to have submitted 38 claims (associated with 13 beneficiaries) to Medicare for services that were allegedly provided without a valid certification of eligibility.

In this case, the 13 home health Medicare beneficiaries at issue listed a Houston physician as the ordering / certifying physician.  Qlarant, the Unified Program Integrity Contractor (UPIC) for Texas, conducted a review of these claims and discussed them with the physician who allegedly ordered the home health services.  The physician attested that he did not order home health services for any of the 13 beneficiaries under review.  Based on Qlarant’s findings, Palmetto (the assigned Medicare Administrative Contractor) revoked the home health agency’s enrollment and Medicare billing privileges, citing violations of 42 C.F.R. § 424.535(a)(8)(ii). In support of its decision, Palmetto noted that the physician denied ordering the home health services.  Palmetto further stated that the physician did not have a prior Part B relationship with the 13 beneficiaries at issue. [7] Therefore, Palmetto took the position that the Physician was not involved in the care, treatment, or monitoring of the 13 beneficiaries whose medical records he reviewed.

On appeal, it was argued that a licensed nurse practitioner working under a valid collaboration agreement with a Houston-based physician properly certified the need for home health services in connection with these 13 beneficiaries.  As the home health agency noted, the supervising physician had signed a letter which stated:

To whom it may concern: This is [to] certify that I [Physician] authorized [Nurse Practitioner] NP of [Pasadena Medical Clinic] to sign all Home Health orders on my behalf as her supervising physician.”

In its arguments, the home health agency conceded that “all related orders were signed and submitted by [Physician] and/or [Nurse Practitioner] of [Pasadena Medical Clinic].”  On appeal, the home health agency acknowledged that the claims were noncompliant because there was an impermissible delegation of his authority to sign home health certification documents” by the nurse practitioner.  Therefore, the DAB found that the claims did not qualify for coverage and payment.  The DAB also ruled that it was appropriate to revoke the home health agency’s enrollment and Medicare billing privileges for violating 42 C.F.R. § 424.535(a)(8), “Abuse of Billing Privileges.”  The ALJ also upheld the three-year enrollment bar that had been imposed by CMS.

As a final point, it is worth noting that during the period at issue (August 2016 through November 2017), Medicare paid for home health services only if a physician certifies the beneficiary’s eligibility for the home health benefit – not a nurse practitioner.[8]

IV.  Length of a Medicare Enrollment or Re-enrollment Bar:

As the case examples above reflect, until recently a health care provider could only be barred from being enrolled in the Medicare program for a period of one to three years.  Under the Final Rule effective November 4, 2019, [9] this period was extended to ten years [10] (under certain circumstances, a provider may be barred from enrolling or re-enrolling in the Medicare program for up to 20 years). [11]

V.  Anticipated Impact of New Medicare Revocation Authorities:

Six of the reasons that may be relied on by CMS when revoking a home health agency’s enrollment and Medicare billing privileges are new and became effective November 4, 2019.  Of the six new reasons, we believe that Revocation Reason #17: Debt referred to the United States Department of Treasury.  42 C.F.R. §424.535(a)(17) may represent the most significant risk to your home health agency.  As 42 C.F.R. §424.535(a)(17) provides:

“(17) Debt referred to the United States Department of Treasury. The provider or supplier has an existing debt that CMS appropriately refers to the United States Department of Treasury. In determining whether a revocation under this paragraph (a)(17) is appropriate, CMS considers the following factors:

(i) The reason(s) for the failure to fully repay the debt (to the extent this can be determined).

(ii) Whether the provider or supplier has attempted to repay the debt (to the extent this can be determined).

(iii) Whether the provider or supplier has responded to CMS’s requests for payment (to the extent this can be determined).

(iv) Whether the provider or supplier has any history of final adverse actions or Medicare or Medicaid payment suspensions.

(v) The amount of the debt.

(vi) Any other evidence that CMS deems relevant to its determination.”

What does this mean?  Many home health agencies around the country have been subjected to postpayment audits by UPICs (or their predecessor contractors, ZPICs).  Alleged overpayments in these cases have been as high as $10 million.  As you are likely aware, the Medicare administrative appeals process used to appeal these alleged debts has been hopelessly overwhelmed by the appeal of alleged debts identified in audits by UPICs, ZPICs and RACs.  From a practical standpoint, if your home health agency files for a hearing before an ALJ, it will be an average of 3.9 years before your case gets adjudicated.

Assuming that you haven’t paid-off the alleged debt, while your administrative appeal is pending, CMS and its contractors will be required under the Debt Collection Improvement Act of 1996 (DCIA) to refer eligible delinquent debt to the Department of Treasury (Treasury) for collection or offset through the Treasury Offset Program (TOP).  Upon receipt of the referral, Treasury or one of its contracted collection agencies will initiate proceedings to satisfy the alleged debt.

We can typically get Treasury to place its collection efforts on hold while an alleged Medicare overpayment is actively being appealed,  Unfortunately, with the implementation of 42 C.F.R. §424.535(a)(17), CMS is now also able to revoke a home health agency’s enrollment and Medicare billing procedures after referring an alleged debt to Treasury for collection.

VI.  Responding to a Proposed Home Health Revocation Action:

We cannot overstate the seriousness of a home health revocation action.  For most home health agencies, traditional Medicare is the largest payor, with Medicaid typically constituting the second-largest payor.  From a practical standpoint, if your home health agency’s Medicare enrollment and billing privileges are revoked, it will be difficult, if not impossible, for your company to remain solvent.

It is therefore crucial that you contact experienced health law counsel to represent you when you first receive notice of a revocation action.  The appeals procedures followed in a revocation case is quite different from that employed in the appeal of a claim denial or an alleged overpayment.  Liles Parker attorneys have extensive experience representing health care providers and suppliers in challenging the imposition of a Medicare revocation action.  Is your home health agency facing revocation?  Give us a call for a free consultation.  1 (800) 475-1906.

Robert W. LilesRobert W. Liles and the health lawyers at Liles Parker, Attorneys & Counselors at Law have extensive experience representing health care providers and suppliers nationwide in Medicare revocation actions.  Has CMS proposed that your enrollment and Medicare billing privileges be revoked?  Give us a call for a free consultation.  We can be reached at:  1 (800) 475-1906.

[1] The Final Rule under 42 C.F.R. §424.535(a), was published in order to implement sections 1866(j)(5) and 1902(kk)(3) of the Social Security Act (as amended by the Affordable Care Act).

[2] Two of the new reasons for revocation have not yet been announced.  Placeholder slots remain open at 42 C.F.R. §424.535(a)(15) and (16).

[3] The definition of “operational” is set out at 42 C.F.R. §424.502.

[4] For additional information, please see CMS guidance titled Home Health Agencies (HHAs): Change of Address Notification of the Medicare Administrative Contractor (MAC).”

[5] See 42 C.F.R. §424.516(e)(2).

[6] The revocation reason “Abuse of Billing Privileges” was added to the existing list of revocation reasons that may be asserted by CMS effective February 3, 2015.  79 Fed. Reg. at 72,513 (adding paragraph (ii) to 42 C.F.R. § 424.535(a)(8)).

[7] While not explicitly stated, we suspect that this means that the so-called ordering physician had not billed Medicare for an Evaluation and Management (E/M) service in the course of caring for these 13 patients.

[8] Prior to the emergence of COVID-19, CMS had identified limited exceptions to this rule.  For example, under Maryland law, a nurse practitioner can provide primary care services.  Effective January 1, 2020, CMS allowed Medicare-enrolled nurse practitioners to certify home health services for Medicare beneficiaries as part of the Maryland Total Cost of Care (TCOC) Model. See MLM Matters Number MM 11330Additionally, as provided Section 3708 of the CARES Act, CMS is temporarily allowing a Medicare-eligible home health patient to be under the care of a nurse practitioner, clinical nurse specialist, or a physician assistant who is working in accordance with State law (for Medicare claims with a “claim through date” on or after March 1, 2020).  For additional information on the temporary regulatory waivers that CMS has implemented in response to COVID-19, see the agency’s guidance entitled “Home Health Agencies: CMS Flexibilities to Fight COVID-19,” issued September 8, 2020.

[9]Medicare, Medicaid, and Children’s Health Insurance Programs; Program Integrity Enhancements to the Provider Enrollment Process”

[10] See 42 C.F.R. §424.535(c)(1)(i).

[11] See 42 C.F.R. §424.535(c)(1)(ii).

Medicare Revocation Actions Related to Telemedicine Rising!

Download PDF

Medicare Revocation Actions are Increasing Around the Country(September 25, 2020):  In recent years, many individuals (especially younger members of our work force) have embraced the chance to supplement their income through short-term engagements in the “gig economy.”  Notably, both professionals and non-professionals alike have found flexible, part-time opportunities online, allowing them to work remotely as independent contractors.  A number of physicians, nurse practitioners and physician assistants have taken advantage of the chance to participate in the gig economy, working virtually and providing telemedicine services for patients.  Unfortunately, many of these licensed professionals have conducted little or no due diligence into the companies engaging them to conduct evaluations by phone, video or asynchronously.  In some cases, the company engaging these licensed professionals to provide telemedicine evaluations has been alleged to have illegally funneled prescriptions issued by these professionals to third-party durable medical equipment (DME) suppliers.  Associated physicians, nurse practitioners and physician assistants (collectively referred to as “Telemedicine Providers”) have then found themselves subject to administrative sanctions, civil liability, and, in some case, criminal prosecution.  This article examines the Medicare revocation actions that have resulted from a Telemedicine Provider’s failure to provide access to documentation related to telemedicine services that are currently being pursued by Medicare Administrative Contractors (MACs) around the country.

I.  Overview of Statutory and Regulatory Concerns When Providing Telemedicine Evaluations:

With the advent of COVID, both governmental and private payors alike have supported the expansion of telehealth / telemedicine services.  Coverage and payment rules have been expanded by most payors and patients have welcomed the opportunity to be evaluated remotely by their caregiver.  Generally, the current wave of telemedicine related enforcement actions has been unrelated to the coverage expansions resulting from the spread of COVID.  The vast majority of Medicare revocation actions associated with improper telemedicine business practices have been related to pre-COVID conduct.   An overview of these improper telemedicine cases is provided below:

  • Intermediary marketing companies.  Over the last few years, licensed providers with prescribing authority have been actively recruited by an intermediary company[1] OR have responded to an online advertisement seeking to hire physicians, nurse practitioners or physician assistants to perform remote telemedicine evaluations. These companies essentially serve as middlemen – they are not typically participating providers or suppliers in the Medicare program.
  • Lists of beneficiaries to be evaluated remotely are assembled by the intermediary marketing companies. Using a variety of patient recruiting and screening methods, representatives of the intermediary marketing company will work to assemble a list of prospective beneficiaries who have expressed an interest in being evaluated for DME.  The intermediary marketing company then provides these beneficiary lists to Telemedicine Providers who have been engaged to conduct remote assessments and evaluations[2] of these individuals. After completing an evaluation, the Telemedicine Provider then decides whether it is medically necessary and appropriate to order DME for the beneficiary. Typically, the licensed providers have been paid a fixed amount of $25 — $30 for each telemedicine evaluation conducted.
  • Beneficiaries have no control of where an order or prescription is referred.  In the cases we have handled, orders for DME have NOT been issued to a supplier, pharmacy or testing laboratory selected by the patient.  Instead, the order has been directed by the intermediary marketing company to a particular supplier, pharmacy or testing laboratory with whom the company has a business relationship.[3]
  • Unified Program Integrity Contractors (UPICs) are using data mining to identify potentially fraudulent telemedicine business relationships.  Through an analysis of billing data, UPICs have noted that some DME suppliers have billed Medicare for items based on orders issued by a physician, nurse practitioner or physician assistant who did NOT bill Medicare for an associated Evaluation and Management (E/M) service, either directly or through an appropriate reassignment relationship.
  • UPIC requests for medical records have often gone unanswered or unfulfilled.  Both UPICs and a variety of state and federal law enforcement agencies around the country have been investigating questionable telemedicine related business relationships.  One of the essential steps in investigating the propriety of these claims has included an assessment of the beneficiary’s medical records, along with the telemedicine evaluation conducted.  These medical records and intake documents are often maintained by the intermediary marketing company and have not been downloaded or maintained by the ordering physician, nurse practitioner or physician assistant. Moreover, the contracts between the parties often prohibit the physician from retaining copies of documents. In several cases we have handled, the licensed provider’s relationship with the intermediary marketing company was terminated long ago and the provider no longer has access to the beneficiary records now being requested.
  • Telemedicine providers are often unaware that a marketing company is engaging in illegal kickback activities.  Licensed providers are not usually privy to the terms of any business relationship between an intermediary marketing company and an associated DME supplier.  Both UPICs and law enforcement agencies around the country are investigating these telemedicine related business relationships.

II. Medicare Revocation Actions Based on a Provider’s Failure to Provide Access to Documents are Being Pursued by CMS Around the Country:

The failure to respond or comply with a UPIC request for records is one of the many bases[4] that CMS may assert to revoke a provider’s enrollment in the Medicare program, along with any corresponding provider agreement. As provided by 42 C.F.R. § 424.535(a)(10):

Ҥ 424.535 РRevocation of enrollment in the Medicare program.

(10) Failure to document or provide CMS access to documentation. (i) The provider or supplier did not comply with the documentation or CMS access requirements specified in § 424.516(f). . .”

As 42 C.F.R. § 424.516(f) provides:

  • 424.516 – Additional provider and supplier requirements for enrolling and maintaining active enrollment status in the Medicare program.

“(f) Maintaining and providing access to documentation. (1)(i) A provider or a supplier that furnishes covered ordered, certified, referred, or prescribed Part A or B services, items or drugs is required to –

(A) Maintain documentation (as described in paragraph (f)(1)(ii) of this section) for 7 years from the date of service; and

(B) Upon the request of CMS or a Medicare contractor, to provide access to that documentation (as described in paragraph (f)(1)(ii) of this section).

(ii) The documentation includes written and electronic documents (including the NPI of the physician or, when permitted, other eligible professional who ordered, certified, referred, or prescribed the Part A or B service, item, or drug) relating to written orders, certifications, referrals, prescriptions, and requests for payments for Part A or B services, items or drugs.

(2)(i) A physician or, when permitted, an eligible professional who orders, certifies, refers, or prescribes Part A or B services, items or drugs is required to

(A) Maintain documentation (as described in paragraph (f)(2)(ii) of this section) for 7 years from the date of the service; and

(B) Upon request of CMS or a Medicare contractor, to provide access to that documentation (as described in paragraph (f)(2)(ii) of this section).

(ii) The documentation includes written and electronic documents (including the NPI of the physician or, when permitted, other eligible professional who ordered, certified, referred, or prescribed the Part A or B service, item, or drug) relating to written orders, certifications, referrals, prescriptions or requests for payments for Part A or B services, items, or drugs.” (emphasis added).

III.  Medicare Revocation Actions for the Failure to Provide Medical Records Have Typically Sought a 10-Year Re-Enrollment Bar.

CMS extended the maximum re-enrollment bar that can be applied after a revocation from three years to ten years through a Final Rule, which was published on September 10, 2019 and became effective November 4, 2019.[5]  Although a 10-year re-enrollment bar is supposed to be reserved for cases involving serious misconduct, CMS has been actively seeking a 10-year re-enrollment bar in cases where the basis for exclusion is the failure to provide access to documentation.[6]

  • What is the impact of a Medicare revocation action?  The imposition of a 10-year re-enrollment bar can effectively destroy a health care provider’s practice.  Moreover, it will likely limit a provider’s employment options.  Additional potential consequences of having your Medicare enrollment revoked are discussed below.
  • Depending on the facts, the role you played in a telemedicine fraud case may result in a referral to the U.S. Department of Justice (DOJ) for investigation and possible prosecution. Since 1994, CMS has participated in an interagency agreement with the DOJ which allows CMS program integrity contractors (in this case, UPICs) to send health care fraud referrals directly to the DOJ without having to first route the referral through the Office of Inspector General (OIG).  Your involvement in a telemedicine related fraud case will be carefully evaluated.  For instance, did you actually conduct evaluations by phone, video or asynchronously OR did you perform an evaluation based solely on the medical information and intake documents provided to you by an intermediary marketing company?
  • You will be likely be barred from enrolling in the Medicare program for a period of 10 years. In light of the cases we have handled since the issuance of the November 4th Final Rule, it appears to be CMS’s policy to seek to impose a 10-year enrollment bar in revocation cases based on a violation of 42 C.F.R. § 424.535(a)(10).
  • You will likely be placed on Medicare’s “Preclusion List.” Individuals and entities that have been revoked from Medicare, are under an active reenrollment bar, AND CMS has determined that the underlying conduct that led to the revocation is detrimental to the best interests of the Medicare program may qualify to be placed on the Medicare Preclusion List.  The Preclusion list is made available to Medicare Advantage and Part D plans.   If placed on the Preclusion List, an individual or entity will not be permitted to enroll in the Medicare Part C or Part D programs.
  • A Medicare revocation action may result in the revocation of your enrollment as a provider in your state’s Medicaid program. Using Texas as an example, Rule § 371.1703(a) of the Texas Administrative Code provides that:

“(a) The OIG may terminate the enrollment or cancel the contract of a person by debarment, suspension, revocation, or other deactivation of participation, as appropriate. The OIG may terminate or cancel a person’s enrollment or contract if it determines that the person committed an act for which a person is subject to administrative actions or sanctions. . . .

(b)(7) a provider that is terminated or revoked for cause, excluded, or debarred under Title XVIII of the Social Security Act or under the Medicaid program or CHIP program of any other state;[7]

  • A Medicare revocation action will result in a report being sent to the National Practitioner Databank (NPDB). As the NPDB Guidebook[8] notes, “formal or official actions such as revocation of suspension of a license, certification agreement, or contract for participation in government health care programs; reprimand; censure; or probation,” is considered to be a final adverse action and must be reported by a Federal agency.
  • A report to the NPDB may result in an investigation by your State Medical Board. A revocation action based on your failure to provide records to a UPIC may generate a collateral investigation by your state licensing board since you are likely required to maintain adequate patient records.  For instance, under Rule § 165.1(a) of the Texas Administrative Code, a licensed physician is required to maintain an “adequate medical record” for each patient that is complete, contemporaneous and legible.  Your failure to maintain a copy of the records you reviewed when making a telemedicine evaluation may constitute a violation of your obligations under the Texas Medical Practice Act. As such, you may be subject to disciplinary action.
  • A Medicare revocation of your billing privileges may result in the termination of your hospital credentialing. Many hospitals require that a physician, nurse practitioner or physician assistant be enrolled in the Medicare program (or at the very least, be eligible to enroll in the Medicare program), in order to be credentialed and granted privileges.  If you have been barred from enrollment in Medicare, you may not be eligible to obtain privileges at a hospital.
  • Termination from commercial payor agreements. Unfortunately, Medicare revocation actions are often used by commercial payors as a basis for terminating a provider from their plan.
  • Loss of employment. The collateral consequences of a Medicare revocation action can greatly limit your ability to work for a practice or entity that treats Medicare and Medicaid patients.   As a result, you may be terminated from employment.

IV.  Responding to a UPIC Request for Records:

We cannot overemphasize the seriousness of a UPIC request for records, especially when those records are related to your telemedicine evaluation of a patient’s DME needs.  Remember – UPICs are tasked with identifying suspected cases of fraud and abuse being committed against the Medicare and Medicaid programs.   Should you fail to provide records requested by a UPIC, the proposed revocation of your Medicare billing privileges may be the least of your problems.  Therefore, it is essential that you engage qualified health law counsel to represent you and guide you through this administrative process.  Liles Parker attorneys have extensive knowledge of the Medicare revocation process and have successfully represented multiple physicians and nurse practitioners in the appeal of a proposed revocation action, including those involving failure to respond to a records request.  For a free consultation, give us a call.  We can be reached at: (202) 298-8750.

Robert W. Liles defends health care providers in Medicare auditsRobert W. Liles serves as Managing Partner at the health law firm, Liles Parker, Attorneys and Counselors at Law.  Liles Parker attorneys represent physicians, NPs and PAs in connection with Medicare revocation actions, administrative audits (UPIC audits / private payor audits), civil False Claims Act cases, and criminal violations of the Federal Anti-Kickback Statute and EKRA.  Are you currently being audited or under investigation?  We can help.  For a free initial consultation regarding your situation, call Robert at: 1 (800) 475-1906.

[1]  Often the companies identify themselves as “locum tenens” agencies, or “telemedicine providers.” Most have a contract the physician signs that (1) doesn’t permit the physician to retain any patient records, and (2) requires the physician to agree not to file any claims or bill the patient.

[2] A variety of telemedicine compliance issues arise at this stage of the agreement.  Many times, the physician does not directly speak with the patient.  The physician’s agreement with the intermediary may say that the physician is supposed to conduct their telemedicine services “in compliance with their state licensing law” but most physicians have no idea what their state law requires.

[3] Licensed providers are not usually privy to the terms of any business relationship between a telemedicine marketing company and an associated DME supplier, compound pharmacy or testing laboratory.

[4] For an overview of the various reasons that a provider’s Medicare enrollment and billing privileges may be revoked, please see our article titled 42 CFR Sec. 424.535(a) Medicare Revocation Actions — Your Medicare Billing Privileges Can be Revoked For a Host of New Reasons. Are You Facing a Medicare Revocation Action? If so, You Must Act Fast to Preserve Your Appeal Rights.(March 9, 2020).

[5] See Medicare, Medicaid, and Children’s Health Insurance Programs; Program Integrity Enhancements to the Provider Enrollment Process, 84 Fed. Reg. 47794 (Sep. 10, 2019).

[6] See 42 C.F.R. § 424.535(a)(10).

[7] Title 1, Part 15, Rule § 371.1703(a) of the Texas Administrative Code, “Termination of Enrollment or Cancellation of Contract.”

[8] NPDB Guidebook (October 2018), (Page E-81).

Coronavirus Update – HHS & CMS Guidance, Directives and Waivers with Respect to Telemedicine, Provider Enrollment Regulations, Claim Appeals, the Suspension of Non-Emergency Survey Inspections, Nursing Homes, Home Health Agencies, Dialysis Facilities and DME Suppliers.

Download PDF

UPDATED (March 17, 2020): CMS just announced a waiver of certain telehealth coverage requirements so that Medicare beneficiaries can receive a wider range of services from their doctors without having to travel to a healthcare facility. The article below has been updated to address these key takeaways.

(March 16, 2020): On March 13, 2020, President Trump declared a National Emergency[1] related to the current Coronavirus / COVID-19 outbreak. The declaration gives Secretary Alex Azar of the US Department of Health & Human Services (HHS) the power to waive certain Federal requirements in Medicare, Medicaid and CHIP in order to address the outbreak. The President’s declaration was preceded by Secretary Azar’s determination on January 31, 2020[2] that a public health emergency exists.  Since these pronouncements, Liles Parker attorneys have received numerous calls asking for clarification on these waivers and other guidance from HHS and the Centers for Medicare and Medicaid Services (CMS).  Our clients have also asked that we provide a listing of useful links and other available resources.

As a result of President Trump’s declaration of a national emergency, HHS now has broad authority to make temporary adjustments including:

  1. Applying flexibilities that are already available under normal business rules;
  2. Waiver or modification of policy or procedural norms by the Administrator of the Center for Medicare and Medicaid Services (CMS) under his or her authority; and
  3. Waiver or modification of certain Medicare requirements pursuant to waiver authority under § 1135 of the Social Security Act.

As of March 16, 2020, CMS has issued the following guidance, directives and waivers, specifically with regard to the coronavirus outbreak. We recommend providers carefully review the HHS, CMS and/or CDC guidance specific to each service, discipline or facility type for complete details.

I.   Impact of the Coronavirus on Telehealth / Telemedicine Regulations:

The Coronavirus Preparedness and Response Supplemental Appropriations Act of 2020[3] signed by President Trump on March 6, 2020 included a specific provision addressing Medicare coverage and telehealth services. HB 6074 grants certain powers to the Secretary of Health and Human Services to waive some of the telehealth coverage requirements under the Medicare program. Unfortunately, the new law requires Secretary Azar to issue a waiver addressing any temporary changes to current Medicare telehealth coverage requirements. As of the publication of this article, a waiver has not been released, although CMS Administrator Seema Verma indicated during her remarks on March 13, 2020,[4] that more information would be forthcoming very soon. H.B. 6074 permits Secretary Azar to relax telehealth coverage requirements for all services CMS has approved to be provided via telemedicine as follows:

  • To relax the originating site requirements to include patient homes;
  • To waive the rural HPSA/non-MSA county geographic location requirement so that patients in any geographic location can receive covered telemedicine services; and,
  • To permit phone only telehealth services so long as the phone used has audio and video capabilities (i.e., most smartphones).

The law imposes certain restrictions, even under a waiver from Secretary Azar. Importantly, the relaxed coverage requirements would only extend to services provided by a physician or practitioner (or another physician or practitioner in that provider’s group practice) to an established patient, meaning an individual the provider has seen during the 3-year period before a telehealth service is furnished. We will update this article when a specific waiver is issued.

UPDATE (3/17/2020): CMS just announced a waiver of certain telehealth coverage requirements so that Medicare beneficiaries can receive a wider range of services from their doctors without having to travel to a healthcare facility. Here are the key takeaways from this important announcement:

  • Effective for services starting March 6, 2020 and for the duration of the COVID-19 Public Health Emergency, Medicare will make payment for Medicare telehealth services furnished to patients in broader circumstances.
  • These visits are considered the same as in-person visits and are paid at the same rate as regular, in-person visits.
  • Starting March 6, 2020 and for the duration of the COVID-19 Public Health Emergency, Medicare will make payment for professional services furnished to beneficiaries in all areas of the country in all settings.
  • While they must generally travel to or be located in certain types of originating sites such as a physician’s office, skilled nursing facility or hospital for the visit, effective for services starting March 6, 2020 and for the duration of the COVID-19 Public Health Emergency, Medicare will make payment for Medicare telehealth services furnished to beneficiaries in any healthcare facility and in their home.
  • The Medicare coinsurance and deductible would generally apply to these services. However, the HHS Office of Inspector General (OIG) is providing flexibility for healthcare providers to reduce or waive cost-sharing for telehealth visits paid by federal healthcare programs.
  • To the extent the 1135 waiver requires an established relationship, HHS will not conduct audits to ensure that such a prior relationship existed for claims submitted during this public health emergency.
  • HHS’ Office of Civil Rights will exercise enforcement discretion and waive penalties for HIPAA violations against health care providers that serve patients in good faith through everyday communications technologies, such as FaceTime or Skype, during the COVID-19 nationwide public health emergency.[18]

Note that the waiver does not restrict coverage to patients with coronavirus or symptoms of coronavirus. Any service that a provider can safely deliver via telemedicine and is on CMS’ list of approved telemedicine services[19] will be permitted under the new waiver. This waiver of Medicare program and HIPAA requirements will last for the duration of the COVID-19 Public Health Emergency. We do recommend that you check with your State licensing board to verify state requirements for telemedicine if you are unfamiliar with what is permitted in your state. Liles Parker has advised numerous clients with regard to telemedicine services.

In the meantime, CMS has reminded providers of the following options to provide covered non-face to face services to Medicare patients:

  • Medicare pays for “virtual check-ins” for patients to connect with their doctors without going to the doctor’s office. These brief, virtual check-in services are for patients with an established relationship with a physician or certain practitioners where the communication is not related to a medical visit within the previous 7 days and does not lead to a medical visit within the next 24 hours (or soonest appointment available). The patient must verbally consent to using virtual check-ins and the consent must be documented in the medical record prior to the patient using the service. The Medicare coinsurance and deductible would apply to these services. Doctors and certain practitioners may bill for these virtual check-in services furnished through several communication technology modalities, such as telephone (HCPCS code G2012) or captured video or image (HCPCS code G2010).
  • Medicare also pays for patients to communicate with their doctors without going to the doctor’s office using online patient portals. The individual communications, like the virtual check ins, must be initiated by the patient; however, practitioners may educate beneficiaries on the availability of this kind of service prior to patient initiation. The communications can occur over a 7-day period. The services may be billed using CPT codes 99421-99423 and HCPCS codes G2061-G206, as applicable. The Medicare coinsurance and deductible would apply to these services.
  • In addition, Medicare beneficiaries living in rural areas may use telehealth technology to have full visits with their physicians. The patient must be present at an approved telehealth originating site and must receive services using a real-time audio and video communication system at the site to communicate with a remotely located doctor or certain other types of practitioners. Medicare pays for many medical visits through this telehealth benefit. The Medicare coinsurance and deductible would apply to these services. For additional information on this benefit, please see CMS’s Telehealth resource page [5] for additional details and requirements.
  • Medicare Advantage Plans were given the authority to expand their telehealth coverage through enhanced benefit packages last year, but coverage still varies from plan to plan. CMS also issued a waiver on March 10, 2020 permitting (but not requiring) Medicare Advantage Plans to expand access to certain telehealth services. We recommend checking with the plans with which you contract for specific details or contact Liles Parker for assistance.
  • Many State Medicaid programs already cover telehealth/telemedicine services provided to patients in their homes. Liles Parker can assist in determining what your State Medicaid program covers.

II.   Impact of the Coronavirus on Medicare Provider Enrollment Regulations:

CMS has issued a blanket waiver related to provider enrollment requirements[6] to do the following:

  • Establish a toll-free hotline for non-certified Part B suppliers, physicians and nonphysician; practitioners to enroll and receive temporary Medicare billing privileges;
  • Waive the following screening requirements:
    • Application Fee – 42 C.F.R § 424.514
    • Criminal background checks associated with FCBC – 42 C.F.R § 424.518
    • Site visits – 42 C.F.R § 424.517
  • Postpone all revalidation actions;
  • Allow licensed providers to render services outside of their state of enrollment; and,
  • Expedite any pending or new applications from providers.

Liles Parker provides assistance to all types of providers seeking to enroll in the Medicare program.

III.   Impact of the Coronavirus on Medicare Claim Appeals:

CMS has issued a blanket waiver applicable to fee-for-service Medicare, Medicare Advantage and Medicare Part D claim appeals.[7]  The blanket waiver provides for the following relief:

  • Extensions to file an appeal
  • Waiving timeliness for requests for additional information to adjudicate the appeal;
  • Processing the appeal even with incomplete Appointment of Representation forms but communicating only to the beneficiary;
  • Processing requests for appeal that don’t meet the required elements using information that is available.
  • Utilizing all flexibilities available in the appeal process as if good cause requirements are satisfied.

IV.   Suspension of Non-Emergency Survey Inspections Due to Coronavirus:

On March 4, 2020, CMS issued a Memorandum[8] advising that it is temporarily suspending non-emergency survey inspections, allowing providers to focus on the most current serious health and safety threats, like infectious diseases and abuse. Specifically, survey activity is limited to the following (in Priority Order):

  • All immediate jeopardy complaints (cases that represents a situation in which entity noncompliance has placed the health and safety of recipients in its care at risk for serious injury, serious harm, serious impairment or death or harm) and allegations of abuse and neglect;
  • Complaints alleging infection control concerns, including facilities with potential COVID-19 or other respiratory illnesses;
  • Statutorily required recertification surveys (Nursing Home, Home Health, Hospice, and ICF/IID facilities);
  • Any re-visits necessary to resolve current enforcement actions;
  • Initial certifications;
  • Surveys of facilities/hospitals that have a history of infection control deficiencies at the immediate jeopardy level in the last three years;
  • Surveys of facilities/hospitals/dialysis centers that have a history of infection control deficiencies at lower levels than immediate jeopardy.

CMS is maintaining a website[9] with consolidated guidance to surveyors related to coronavirus and infection control in hospitals, nursing homes, hospices, home health, and dialysis facilities.

V.   Nursing Homes:

CMS issued a revised Memorandum[10] on March 13, 2020 with specific guidance to nursing homes, including:

  • Directing nursing homes to temporarily restrict all visitors and nonessential personnel with a few exceptions such as end-of-life situations, and to cancel all communal dining and group activities.
  • Screening their staff and outside healthcare providers using CDC guidelines for restricting access to health care workers.
  • Notifying their local health department if a resident is suspected of having COVID-19. Facilities that can follow the infection prevention and control practices recommended by CDC may or may not need to transfer the patient, depending on the severity of the patient’s symptoms. If a resident must be transferred to a hospital, careful coordination with EMS and the receiving facility must be performed, including placing a facemask on the patient during transfer.
  • Accepting patients diagnosed with COVID-19 and still under Transmission-Based Precautions for COVID-19 as long as the facility can follow CDC guidance;
  • Accepting patients who are not diagnosed with COVID-19 from hospitals or other locations where a case of COVID-19 was/is present; and,
  • Obligations to maintain appropriate PPE and alcohol-based hand rub supply levels, while assuring facilities they will not be cited by surveyors so long as they can demonstrate they are having difficulty obtaining the supplies for reasons outside their control. Nursing homes are advised to contact with their local and state public health agency to notify them of any shortage, follow national guidelines for optimizing their current supply, and identify the next best option to care for their residents.

CMS also exercised its authority to waive certain coverage requirements for skilled nursing services on March 13, 2020, including the following:

  • CMS is waiving the 3-day prior hospitalization for coverage of a skilled nursing facility (SNF) stay for those people who need to be transferred as a result of the coronavirus emergency. In addition, for certain beneficiaries who recently exhausted their SNF benefits, it authorizes renewed SNF coverage without first having to start a new benefit period.
  • Second, CMS is waiving 42 CFR 483.20 to provide relief to SNFs on the timeframe requirements for Minimum Data Set assessments and transmission.

VI.   Home Health Agencies:

CMS has issued a blanket waiver[11] to provide relief to home health agencies (HHAs) on the timeframes related to OASIS Transmission. The waiver also allows Medicare Administrative Contractors to extend the auto-cancellation date of Requests for Anticipated Payment (RAPs) during emergencies. Please consult with your home health MAC for specific guidance.

Additionally, on March 10, 2020, CMS issued guidance [12] on addressing potential and confirmed COVID-19 cases and mitigating transmission including screening, treatment, and transfer to higher level care (when appropriate).

VII.   Hospitals:

On March 4, 2020, CMS issued guidance[13] regarding infection control and prevention related to COVID-19 cases.  In addition, CMS has issued blanket waivers applicable to hospitals[14] addressing a number of issues.[17] Some of the most significant include:

  • CMS is waiving the requirements that Critical Access Hospitals limit the number of beds to 25, and that the length of stay be limited to 96 hours.
  • CMS is waiving requirements to allow acute care hospitals to house acute care inpatients in excluded distinct part units, where the distinct part unit’s beds are appropriate for acute care inpatient.
  • CMS is waiving to allow acute care hospitals with excluded distinct part inpatient psychiatric units that, as a result of a disaster or emergency, need to relocate inpatients from the excluded distinct part psychiatric unit to an acute care bed and unit.
  • CMS is waiving requirements to allow acute care hospitals with excluded distinct part inpatient Rehabilitation units that, as a result of a disaster or emergency, need to relocate inpatients from the excluded distinct part rehabilitation unit to an acute care bed and unit.

VIII.   Coronavirus Related Waivers Issued by CMS to DME Suppliers:

A blanket waiver[15] has been issued by CMS as of March 13, 2020 to address lost, destroyed, irreparably damaged or otherwise unusable Durable Medical Equipment (DME).  DME Medicare Administrative Contractors (MACs) will have the flexibility to waive replacement requirements such that the face-to-face requirement, a new physician’s order, and new medical necessity documentation are not required. Suppliers must still include a narrative description on the claim explaining the reason why the equipment must be replaced and are reminded to maintain documentation indicating that the DMEPOS was lost, destroyed, irreparably damaged or otherwise rendered unusable or unavailable as a result of the emergency. Please check your DME MAC website for more information or contact Liles Parker for assistance.

IX.   Dialysis Facilities:

On March 10, 2020, CMS issued guidance[16] addressing potential and confirmed COVID-19 cases and mitigating transmission including screening, treatment, and transfer to higher level care (when appropriate).

X.   Conclusion:

Liles Parker attorneys and staff are closely monitoring HHS, CMS and CDC guidance and will update this article as new information becomes available. Please contact us with questions or for assistance with your response to this unprecedented National Emergency.

Jennifer Papapanagiotou is a Partner at Liles Parker, Attorneys & Clients at Law.  She has decades of experience representing health care providers and suppliers around the country in connection with a wide range of regulatory actions.  Questions regarding the impact of recent coronavirus guidance on your organization?  Call Jennifer for a free consultation.  She can be reached at:  1 (800) 465-1906.

[1] Proclamation on Declaring a National Emergency Concerning the Novel Coronavirus Disease (COVID-19) Outbreak, Issued on March 13, 2020.  A link to the declaration can be found here.

[2] Determination that a Public Health Emergency Exists, issued by Secretary Azar on January 31, 2020.  A link to the determination can be found here.

[3] ‘‘Coronavirus Preparedness and Response Supplemental Appropriations Act, 2020.”  H.B. 6074

[4] Emergency Declaration Press Call Remarks by CMS Administrator Seema Verma, delivered March 13, 2020.  A link to the remarks can be found here.

[1] Medicare Telemedicine Health Care Provider Fact Sheet, dated March 17, 2020, can be found here. Frequently Asked Questions expanding on the fact sheet and giving more details on implementation can be found here.

[2] HHS’s Office of Civil Rights is maintaining a website with more information on this topic here.

[3] You can find CMS’ list of approved telemedicine services here.

[5] CMS’s telehealth resource page can be found here.  

[6] COVID-19 Emergency Declaration Health Care Providers Fact Sheet, dated March 13, 2020, can be found here. Provider enrollment waivers of certain requirements are outlined in the guidance.

[7] Ibid. Waivers to the administrative claims appeals process are outlined on page 3 of the document.

[8] Memorandum titled “Suspension of Survet Activities,” dated March 4, 2020.  A copy of the Memorandum can be found here.

[9] CMS guidance titled “Updates for State Surveyors and Accrediting Organizations” can be found here.  

[10]CMS Memorandum titled Guidance for Infection Control and Prevention of Coronavirus Disease 2019 (COVID-19) in Nursing Homes (REVISED),” can be found here.

[11] COVID-19 Emergency Declaration Health Care Providers Fact Sheet, dated March 13, 2020, can be found here.   Home health agency guidance is on page 3 of the Fact Sheet.

[12] CMS Memorandum titled Guidance for Infection Control and Prevention Concerning Coronavirus Disease 2019 (COVID-19) in Home Health Agencies (HHAs), was issued on March 10, 2020, and can be found here.

[13] CMS Memorandum titled Guidance for Infection Control and Prevention Concerning Coronavirus Disease (COVID-19): FAQs and Considerations for Patient Triage, Placement and Hospital Discharge,” dated March 4, 2020, can be found here.  

[14] COVID-19 Emergency Declaration Health Care Providers Fact Sheet, dated March 13, 2020, can be found here.   Hospital guidance is on pages 1-3 of the Fact Sheet.

[15]COVID-19 Emergency Declaration Health Care Providers Fact Sheet, dated March 13, 2020, can be found here.   DME related guidance is on page 1 of the Fact Sheet.

[16] CMS issued guidance on March 10, 2020

[17]  Medicare Telemedicine Health Care Provider Fact Sheet, dated March 17, 2020, can be found here. Frequently Asked Questions expanding on the fact sheet and giving more details on implementation can be found here. 

[18] HHS’s Office of Civil Rights is maintaining a website with more information on this topic here.

[19] You can find CMS’ list of approved telemedicine services here.

[20]

Responding to a Medicare Revocation Action Effective Prior to November 4, 2019

Download PDF

A Medicare revocation action can be devastating on your medical practice.

(UPDATE:  March 9, 2020):  A Medicare revocation action can destroy the financial viability of your practice.  Moreover, effective November 4, 2019, the reasons for which a health care provider or supplier may have its Medicare billing privileges revoked have greatly expanded. Our article titled “42 CFR Sec. 424.535(a) Medicare Revocation Actions — Your Medicare Billing Privileges Can be Revoked For a Host of New Reasons. Are You Facing a Medicare Revocation Action? If so, You Must Act Fast to Preserve Your Appeal Rights,” discusses these revocation reasons in much more detail).  After reviewing the materials below, we strongly recommend that you also review the updated article linked above. 

The information in this article only applies to a Medicare revocation action with an effective of November 3, 2019 or earlier.  During 2015, more than 1.2 million non-institutional health care providers participated in the Medicare program. [1]  Over the last year, a number of these providers have unexpectedly found themselves in a difficult situation where their Medicare number has been either “deactivated” or “revoked.”  While Medicare deactivation actions remain somewhat rare, over the past year, the number of Medicare revocation actions taken by Medicare Administrative Contractors (MACs) appears to have greatly increased. Both of these actions will effectively suspend a provider’s ability to bill for services rendered to Medicare beneficiaries. In order to receive reimbursement for services rendered to Medicare beneficiaries, a provider must properly enroll in the Medicare program and remain compliant with all of its conditions of enrollment and participation requirements. [2] The purpose of this article is discuss the differences between these two types of adverse actions and possible remedial steps that you can take if your Medicare number is deactivated or revoked.

I.  What is a Medicare Revocation Action?

 When a health care provider’s Medicare number is revoked, its billing privileges are terminated.  Notably, the associated provider agreement is also automatically terminated. There are a wide variety of bases upon which a revocation action can be initiated.  The two primary reasons for revocation we have addressed in recent months have included licensure-based actions and those resulting from a provider’s failure to report an adverse action or change in location.

  • Noncompliance

Unfortunately, if a physician, falls out of compliance with applicable enrollment requirements, his or her Medicare billing privileges may be revoked. Typically, revocation actions associated with this reason result from a determination by a Medicare contractor that a physician or his / her practice no longer meets all of the necessary registration requirements.  When this occurs, the contractor notifies the CMS Provider Enrollment & Oversight Group with the pertinent provider information and its recommendation that a revocation action be authorized.

For instance, Medicare requires that physician services be furnished by a doctor of medicine or osteopathy legally authorized to practice medicine and surgery by the state in which he or she practices. The Medicare Program Integrity Manual (MPIM) further elaborates on this basis for revocation in cases where a physician is not appropriately licensed: “…situations in which § 424.535(a)(1) may be used a revocation reason include [where]…[t]he provider or supplier is not appropriately licensed.” MPIM Ch. 15 § 15.27.2(A)(1)(c).

This basis for revocation is especially pertinent in a large state like Texas, where the Texas Medical Board remains active with respect to disciplinary actions.  At its June 10, 2016 meeting, the Texas Medical Board disciplined 78 licensed physicians and issued one cease and desist order. A significant number of these disciplinary actions resulted in licensure revocation or suspension.  Each of these adverse disciplinary actions would likely result in the revocation of a physician’s billing privileges.

  • Failure to Report.

Should a provider fail to comply with its reporting requirements under 42 C.F.R. 424.516(d)(1)(ii) and (iii), which include “any adverse legal action” and / or “a change in location,” CMS may revoke the provider’s billing privileges.  Additional reasons for revocation we have seen also include:

  • Provider or Supplier Conduct.

 Under this regulatory provision, if a provider (or supplier), or an owner, managing employee, authorized or designated official, medical director, supervising physician or other health care personnel of the provider (or supplier) is excluded from the Medicare, Medicare or other federal health care program, the provider’s Medicare number can be revoked and its billing privileges terminated.  This basis for revocation is especially harsh – it can be imposed based on the fact that a provider has failed to adequately screen out employees, staff and contractors that have been excluded from participation in one or more federal health benefit programs.  Debarment or suspension from federal procurement and nonprocurement programs can also result in revocation.

  • Felonies.

If a provider (or supplier) or any owner or managing partner of the provider (or supplier) has been convicted of a federal or state felony within the past 10 years and CMS determines that the offense is detrimental to the best interest of the Medicare program, the agency may revoke the provider’s Medicare number.

  • False or Misleading Information.

If a provider or supplier has certified as “true” false or misleading information on an enrollment application, its Medicare number may be revoked.  Importantly, such an action may also constitute a violation of criminal law due to the submission of a “false statement” to the government.

  • On-Site Review.

If a program integrity contractor (such as a Unified Program Integrity Contractor (UPIC)) visits your office and makes a determination that your practice or agency is no longer operational or fails to meet another Medicare enrollment requirement, the UPIC will recommend to CMS that your Medicare billing privileges be revoked.  This often occurs when a provider moves offices and either fails to notify Medicare of the move in a timely fashion OR a Medicare contractor claims that it never received notice of the change in location.  Importantly, it isn’t merely enough for a provider to be able to show that notice of the change in location was actually sent – you need to be able to prove that the Medicare contractor RECEIVED the notice.

  • Misuse of Billing Number

If a provider knowingly sells its billing number or allows another individual or entity to use its billing number, CMS can revoke the provider’s billing privileges.  Exceptions are permitted for a valid reassignment of benefits or a change of ownership.

  • Abuse of Billing Privileges.

Should CMS determine that a provider has engaged in abusive billing practices, it can revoke the provider’s billing privileges.  Examples cited in the regulation include:

Billing for services provided to a Medicare beneficiary that is deceased.

Billing for services when either the physician or the beneficiary is not in the state or the country when the service was supposedly rendered.

Billing for services that require certain testing equipment when that equipment was not available at the location where the services were allegedly rendered.

CMS may also revoke a provider’s billing privileges if it determines there is a pattern or practice of submitting claims that fail to meet Medicare’s requirements.  When considering this basis for revocation, CMS considers:

The percentage of claims that were denied.

The reasons for claims denials.

Whether or not the provider has a history of previous final adverse actions.

The length of time over which a pattern or practice or improper billing has taken place.

How long the provider has been enrolled in the Medicare program.

Any other information that CMS feels is relevant in its determination of whether a pattern or practice of improper billing has occurred.

II.  What is the Effect of the Revocation of a Provider’s Billing Privileges?

The revocation of a provider’s billing privileges can destroy the provider’s practice.  A provider will be barred from participating in the Medicare program for a minimum of one to three years, depending on the basis for revocation and the facts in a particular case.  Once this period has expired, a provider will be required to submit a new enrollment application to CMS for its review and consideration.

III.  Responding to Medicare Revocation Action:

What actions should you take if your Medicare billing privileges have been revoked?  While a provider may choose to represent themselves in the appeal of a revocation action, we recommend that you engage experienced legal counsel to assist you with this process. A well written letter telling your side of the story is unlikely to persuade a reviewer at reconsideration that your billing privileges should be restored.  Successful defenses of revocation actions typically require a careful analysis of both the facts and the law.  Liles Parker attorneys have represented a wide variety of health care providers and suppliers in Medicare revocation actions.  Please give me a call for a free consultation on your case.

Medicare revocationRobert W. Liles, M.B.A., M.S., J.D., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law. Liles Parker is a boutique health law firm, with offices in Washington DC, Houston TX, and Baton Rouge LA. Robert represents physicians and other health care providers around the country in connection with Medicare revocation actions. Our firm also represents health care providers in connection with federal and state regulatory reviews and investigations. For a free consultation, call Robert at: 1 (800) 475-1906.

[1] https://www.cms.gov/fastfacts/

[2]     42 C.F.R. § 424.505; MPIM Ch. 15 § 15.1.

42 CFR Sec. 424.535(a) Medicare Revocation Actions — Your Medicare Billing Privileges Can be Revoked For a Host of New Reasons. Are You Facing a Medicare Revocation Action? If so, You Must Act Fast to Preserve Your Appeal Rights.

Download PDF

Have Your Medicare Billing Privileges Been Revoked Under 42 CFR Sec. 424.535(a)?

(March 9, 2020):   Last September, the Centers for Medicare and Medicaid Services (CMS) published a Final Rule titled “Medicare, Medicaid, and Children’s Health Insurance Programs; Program Integrity Enhancements to the Provider Enrollment Process.”  The Final Rule under 42 CFR Sec. 424.535(a) was published in order to implement sections 1866(j)(5) and 1902(kk)(3) of the Social Security Act (as amended by the Affordable Care Act).

As we discussed in earlier articles[1], the Final Rule is quite expansive. It implements a wide range of new enrollment, affiliation, revocation and denial authorities.  As a reminder, here’s an overview of the timeline we are concerned with:

  • November 4, 2019: Purported effective date of the expanded revocation bases outlined in the Final Rule. 

  • September 10, 2019: CMS published the Final Rule titled Medicare, Medicaid, and Children’s Health Insurance Programs; Program Integrity Enhancements to the Provider Enrollment Process.” in the Federal Register. [2]  The Final Rule sets out the expanded reasons for revocation or denial of a provider’s or supplier’s billing authority.  

  • March 1, 2016: CMS published a Proposed Rule titled “Medicare, Medicaid, and Children’s Health Insurance Programs; Program Integrity Enhancements to the Provider Enrollment Process.”[3] This Proposed Rule set out the enrollment revocation and denial changes CMS planned to implement in an effort to address long-standing program integrity risks that have previously been exploited in the past.

Within hours of the purported[4] effective date of the Final Rule, CMS Medicare Administrative Contractors (MACs) began issuing revocation letters to participating Medicare providers and suppliers who had been identified as slated to have their Medicare billing privileges revoked (based on one or more of the expanded revocation letters set out in the Final Rule).  This updated article focuses on one aspect of the Final Rule – the expanded Medicare billing privilege revocation authorities now exercised by CMS.

I.   Implementation of Medicare’s Expanded Billing Privilege Revocation Authorities Under 42 CFR Sec. 424.535(a):

Prior to the issuance of the Final Rule, under 42 CFR Sec. 424.535(a), CMS exercised the authority to revoke the Medicare billing privileges of a currently-enrolled provider or supplier (along with any related provider or supplier agreement) based on fourteen reasons.  Under the Final Rule, the number of reasons upon which revocation could be based grew to 22.[5]  Moreover, the scope of several of the original fourteen reasons for revocation was expanded under the Final Rule, primarily due to implementation of new requirements with respect to “Affiliations,” “Disclosable Events,” and “Uncollected Debts.”  Over the last few months, since the expanded bases for revocation have been implemented, we have seen a significant increase in the number of revocation actions being pursued by Medicare MACs around the country. Moreover, as discussed in Section III below, CMS is now typically imposing a 10-year reenrollment bar (rather than the previous 3-year reenrollment bar) when pursuing a revocation action. An overview of the expanded list of reasons upon which a provider’s Medicare billing privileges can be revoked is provided below:

1. Noncompliance. Under 42 CFR Sec. 424.535(a) (1), CMS can revoke Medicare billing privileges if it has determined that a provider or supplier is not in compliance with its enrollment requirements (as set out in the appropriate enrollment application) AND has not submitted an appropriate plan of correction, CMS may revoke the Medicare billing privileges.

2. Provider or supplier conduct. Under 42 CFR Sec. 424.535(a) (2), CMS can revoke Medicare billing privileges if a provider, supplier or any owner, managing employee, delegated official, medical director, supervising physician or other health care personnel of the provider or supplier has been excluded from participation in a Federal health care program OR has been disbarred, suspended, otherwise excluded from participating in any other Federal procurement program. 

3. Felonies.  Under 42 CFR Sec. 424.535(a) (3), CMS can revoke Medicare billing privileges if a provider, supplier or any owner or managing employee was convicted of a Federal or State felony (within the preceding 10 years) that CMS determines is detrimental to the best interests of the Medicare program and its beneficiaries. 

4. False or misleading information. Under 42 CFR Sec. 424.535(a) (4), CMS can revoke Medicare billing privileges if a provider or supplier certified as “true” information on the enrollment application that is misleading or false. As the regulation is quick to point out, the false certification action can also lead to fines and imprisonment. 

5. On-site review. Under 42 CFR Sec. 424.535(a) (5), CMS can revoke Medicare billing privileges if when conducting an “on-site review” at the purported address of the provider or supplier, it finds that the site is no longer operational OR the on-site review shows that the provider has moved and did not update their address appropriately. In recent years, this revocation reason is typically cited when a Unified Program Integrity Contractor (UPIC) conducts an unannounced, on-site visit of a practice, home health agency, hospice or other provider, based on the location listed in PECOS.  If a provider has moved offices and has failed to update CMS Form 855B and the Provider Enrollment, Chain, and Ownership System (PECOS), the CMS contractor will recommend that a provider’s billing privileges be revoked. 

6. Grounds related to provider or supplier screening requirements. Under 42 CFR Sec. 424.535(a) (6),  CMS can revoke the Medicare billing privileges of an institutional provider[6] that fails to submit an application fee or hardship exception request with their Medicare revalidation application.

7. Misuse of billing number.  Under 42 CFR Sec. 424.535(a) (7), CMS can revoke Medicare billing privileges if a provider or supplier knowingly sells to or allows another individual or entity to use its billing number (other than in the case of a valid reassignment of benefits). 

8. Abuse of billing privileges. Under 42 CFR Sec. 424.535(a) (8), CMS can revoke the Medicare billing privileges of a provider or supplier: 

    • Submits a claim for services that have not been furnished to a specific individual on the date of service. Examples provided under 42 CFR scc. 424.535(a) (8) include situations where beneficiary is deceased, situations where the directly physician or beneficiary is not in the state or country when the serves were allegedly furnished, OR when the equipment necessary for testing is not present when the testing is said to have taken place.
    • Has a pattern or practice of submitting claims that fail to meet Medicare requirements.[7]

9. Failure to report[8]. Under 42 CFR Sec. 424.535(a) (9), can revoke the Medicare billing privileges if a provider or supplier: 

    • Failed to comply with its reporting requirements under 42 CFR Se. 516(d), such as changes in ownership or control, any other changes in enrollment within 90 days, any revocation or suspension of a Federal or State license within 30 days; OR
    • Failed to comply with its reporting requirements under 42 CFR Sec. 33(g)(2), such as changes in ownership, changes of location, changes in general supervision, and adverse legal actions must be reported to the Medicare fee-for-service contractor on the Medicare enrollment application within 30 calendar days of the change. All other changes to the enrollment application must be reported within 90 days. As a recent letter to a provider from CMS contractor Novitas Solutions stated:

 An undeliverable records request sent to the provider’s Medicare 855 correspondence address constitutes a failure to provide CMS access to documentation in violation of 42 U.S. Code Sec. 424.516(1).”  

            OR

    •  Failed to comply with its reporting requirements under 42 CFR Sec. 424.57(c)(2), such as changes in information on a provider’s application for billing privileges within 30 days of the change. 

10. Failure to document or provide CMS access to documentation. Under 42 CFR Sec. 424.535(a) (10), CMS can revoke the Medicare billing privileges if a provider or supplier has failed to comply with the documentation or CMS access requirements. Under 42 CFR Sec. 516(f), a provider or supplier is required to maintain documentation for 7 years from the date of services, AND upon the request of CMS or Medicare contractors, provide access to that documentation. 

11. Initial reserve operating funds. Under 42 CFR Sec. 424.535(a) (11), CMS can revoke the Medicare billing privileges of a home health agency if within 30 days of CMS or a Medicare contractor request, the home health agency cannot furnish supporting documentation verifying that the home health agency  meets the initial reserve operating funds requirement found in 42 CFR Sec. 489.28(a). 

12. Other program termination. Under 42 CFR Sec. 424.535(a) (12), CMS can revoke Medicare billing privileges if a provider or supplier is terminated, revoked or otherwise barred from participation in a State Medicaid program or any other Federal health care program. This represents a significant change.

13. Prescribing authority. Under 42 CFR Sec. 424.535(a) (13), CMS can revoke Medicare billing privileges if a physician or other eligible professional’s Drug Enforcement Administration (DEA) Certificate of Registration is revoked or suspended; OR a State licensing body suspends or revokes the ability of a physician or other eligible professional to prescribe drugs.

14. Improper prescribing practices. Under 42 CFR Sec. 424.535(a) (14), CMS can revoke Medicare billing privileges of a physician or other eligible professional if it determines that there has been a pattern or practice of prescribing Part B or Part D drugs that is:

    • Abusive or represents a threat to the health and safety of Medicare beneficiaries or both; OR
    • Fails to meet Medicare requirements.

15. Reserved.

16. Reserved.

17. NEW — Debt referred to the United States Department of Treasury. Under 42 CFR Sec. 424.535(a) (17), CMS can revoke Medicare billing privileges if a provider or supplier has an existing debt that CMS appropriately refers to the United States Department of Treasury.[9]

18. NEW — Revoked under different name, numerical identifier or business identity. Under 42 CFR Sec. 424.535(a) (18) CMS can revoke the Medicare billing privileges if a provider or supplier is currently revoked under a different name, numerical identifier, or business identity, and the applicable reenrollment bar period has not expired. [10]

19. NEW Affiliation that poses an undue risk. Under 42 CFR Sec. 424.535(a) (19), CMS may revoke the Medicare billing privileges if it determines that the provider or supplier has or has had an affiliation under 42 CFR Sec. 424.519 that poses an undue risk of fraud, waste, or abuse to the Medicare program.

20. NEW — Billing from a non-compliant location. Under 42 CFR Sec. 424.535(a) (20), CMS may revoke the Medicare billing privileges of a provider or supplier, even if all of the practice locations associated with a particular enrollment comply with Medicare enrollment requirements, if the provider or supplier billed for services performed at or items furnished from a location that it knew or should have known did not comply with Medicare enrollment requirements.[11]

21. NEW Abusive ordering, certifying, referring, or prescribing of Part A or B services, items or drugs. Under 42 CFR Sec. 424.535(a) (21), CMS may revoke the Medicare billing privileges if it determines that a physician or eligible professional has a pattern or practice of ordering, certifying, referring, or prescribing Medicare Part A or B services, items, or drugs that are abusive, represents a threat to the health and safety of Medicare beneficiaries, or otherwise fails to meet Medicare requirements.[12]

22. NEW — Patient Harm. Under 42 CFR Sec. 424.535(a) (22), CMS may revoke the Medicare billing privileges if it determines that a physician or eligible professional has been subject to prior action from a State oversight board, Federal or State health care program, Independent Review Organization (IRO) determination(s), or any other equivalent governmental body or program that oversees, regulates, or administers the provision of health care with underlying facts reflecting improper physician or other eligible professional conduct that led to patient harm.[13]

As the above expanded list of revocation authorities reflects, CMS now has the express ability to revoke the Medicare billing privileges of a health care provider or supplier for serious violations of law (such as conviction of a felony or patient abuse).  However, it also has the authority to revoke Medicare billing privileges for conduct that may only amounts to an administrative error or mistake by a provider or supplier.  Perhaps even more troubling is the fact that the past or current “affiliations” of a provider or supplier may lead to a revocation action if CMS determines that the affiliation represents an undue risk to the Medicare program or its beneficiaries.

A hundred years ago, the U.S. Supreme Court stated in the case Rock Island Arkansas & Louisiana R. Co v. United States[14]:

Men must turn square corners when they deal with the government

That statement still rings true in today’s world.  Health care providers and suppliers are permitted to apply to participate in the Medicare and Medicaid programs.  Participation isn’t a “right.”  It is a privilege.  When you complete your enrollment paperwork, you expressly agree to comply with the terms of the Form 855 Enrollment Application.  Should you fail to comply with each of the obligations set out in that agreement, CMS reserves the right to revoke your Medicare billing privileges. Now, more than ever, it is essential that you have an effective Compliance Program in place and that you periodically review your practices to ensure that you and your staff are fully complying with applicable Medicare regulatory, statutory and legal requirements.

II.   Length of Time a Provider’s Medicare Billing Privileges May be Revoked Under 42 CFR Sec. 424.535(c):

The Final Rule significantly modified 42 CFR Sec. 424.535(c). This regulatory provision sets out the potential reenrollment bar time limits that may imposed by CMS when initiating a Medicare revocation action.  If this is the first time that a provider’s Medicare billing privileges are being revoked, the minimum reenrollment bar is 1 year, and the maximum reenrollment bar is 10 years.[15]  If CMS determines that a provider attempted to circumvent its existing reenrollment bar by enrolling in Medicare under a different name, numerical identifier or business identity,” the agency can further tack on up to 3 additional years onto the reenrollment bar it has imposed.[16] As a final point in this regard, Moreover, under if a provider or supplier is being revoked from Medicare a second time, CMS may choose to impose a reenrollment bar of up to 20 years.[17]

III.   Responding to a Medicare Revocation Action:

If you receive notice that CMS is intending to revoke your Medicare billing privileges, it is essential that you engage experienced health law counsel to represent you in the appeal process.  This is especially critical given the fact that recent revocation actions initiated by CMS have all sought to impose of reenrollment bar of 10 years, rather than the 3-year bar that was typically imposed prior to November 4, 2019.  Unfortunately, a Medicare revocation action can trigger a number of other secondary adverse actions by law enforcement, private payors and a provider’s State Medical Board. If your Medicare billing privileges are being revoked, please feel free to give us a call for a free consultation.  Liles Parker attorneys have extensive experience representing health care providers around the country in Medicare revocation actions.  We can be reached at:  1 (800) 475-1906.

42 CFR scc. 424.535(a)Robert W. Liles is a former Federal prosecutor and has more than 25 years of health law experience.  Mr. Liles and the other attorneys at Liles Parker have extensive experience representing providers and suppliers in the appeal of proposed Medicare revocation actions. Questions?  Give Robert Liles a call.  For a free consultation, he can be reached at:  1 (800) 475-1906.

[1] September 2019 article titled Medicare, Medicaid and CHIP Enrollment Revocation and Denial Authorities Have Expanded.  What Steps are You Taking to Reduce Your Level of Risk?”

and our December 2017 article titled Revocation of Your Medicare Billing Privileges.”

[2] 84 FT 47794 (September 10, 2019). https://www.govinfo.gov/content/pkg/FR-2019-09-10/pdf/2019-19208.pdf

[3] 81 FR 10720.

[4] We are in currently in the process of challenging the purported effective date of November 4, 2019.  CMS failed to provide the proper notice requirements mandated under the Congressional Review Act.  This failure thereby delays the effective date of the expanded revocation authorities.

[5] Slots have been placed in reserve for revocation reasons number 15 and 16 which would likely be assigned by CMS in the future and would presumably go through the rulemaking process.

[6] Under 42 CFR Sec. 424.502, the term “Institutional Provider” means any provider or supplier that submits a paper Medicare enrollment application using the CMS-855A, CMS-855B (not including physician and nonphysician practitioner organizations), CMS-855S, CMS-20134, or an associated Internet-based PECOS enrollment application.

[7] Under 42 CFR Sec. 424.535(a) (8), when making this determination, CMS considers:

  • The percentage of submitted claims that were denied;
  • The reasons for the denials; whether the provider has a history of final adverse actions (and the nature of these actions;
  • The length of time over which the pattern has continued; how long the provider has been enrolled in Medicare; and
  • Any other information that CMS deems relevant to its determination of whether the provider or supplier has or has not engaged in the pattern or practice identified.

[8] Under 42 CFR Sec. 424.535(a)) (9), when determining whether a revocation under this paragraph is appropriate, CMS considers the following factors:

(i) Whether the data in question was reported.

(ii) If the data was reported, how belatedly.

(iii) The materiality of the data in question.

(iv) Any other information that CMS deems relevant to its determination.

[9] Under 42 CFR Sec. 424.535(a) (17), when determining whether a revocation under this paragraph is appropriate, CMS is supposed to consider:

  • The reason(s) for the failure to fully repay the debt (to the extent this can be determined).
  • Whether the provider or supplier has attempted to repay the debt (to the extent this can be determined).
  • Whether the provider or supplier has responded to CMS’ requests for payment (to the extent this can be determined).
  • Whether the provider or supplier has any history of final adverse actions or Medicare or Medicaid payment suspensions.
  • The amount of the debt. (vi) Any other evidence that CMS deems relevant to its determination.

[10] Under 42 CFR Sec. 424.535(a) (18), when determining whether a provider or supplier is a currently revoked provider or supplier under a different name, numerical identifier, or business identity, CMS investigates the degree of commonality by considering the following factors:

  • Owning and managing employees and organizations (regardless of whether they have been disclosed on the Form CMS–855 application).
  • Geographic location.
  • Provider or supplier type.
  • Business structure.
  • Any evidence indicating that the two parties are similar or that the provider or supplier was created to circumvent the revocation or reenrollment bar.

[11]  Under 42 CFR Sec. 424.535(a) (20), when determining whether and how many of the provider’s or supplier’s enrollments, involving the non-compliant location or other locations, should be revoked, CMS considers the following factors:

  • The reason(s) for and the specific facts behind the location’s noncompliance.
  • The number of additional locations involved.
  • Whether the provider or supplier has any history of final adverse actions or Medicare or Medicaid payment suspensions.
  • The degree of risk that the location’s continuance poses to the Medicare Trust Funds.
  • The length of time that the noncompliant location was non-compliant.
  • The amount that was billed for services performed at or items furnished from the non-compliant location.
  • Any other evidence that CMS deems relevant to its determination.

[12] Under 42 CFR Sec. 424.535(a) (21), when making its determination as to whether such a pattern or practice exists, CMS considers the following factors:

(i) Whether the physician’s or eligible professional’s diagnoses support the orders, certifications, referrals or prescriptions in question.

(ii) Whether there are instances where the necessary evaluation of the patient for whom the service, item or drug was ordered, certified, referred, or prescribed could not have occurred (for example, the patient  was deceased or out of state at the time of the alleged office visit).

(iii) The number and type(s) of disciplinary actions taken against the physician or eligible professional by the licensing body or medical board for the state or states in which he or she practices, and the reason(s) for the action(s).

(iv) Whether the physician or eligible professional has any history of final adverse action (as that term is defined in Sec. 424.502).

(v) The length of time over which the pattern or practice has continued.

(vi) How long the physician or eligible professional has been enrolled in Medicare.

(vii) The number and type(s) of malpractice suits that have been filed against the physician or eligible professional related to ordering, certifying, referring or prescribing that have resulted in a final judgment against the physician or eligible professional or in which the physician or eligible professional has paid a settlement to the plaintiff(s) (to the extent this can be determined).

(viii) Whether any State Medicaid program or any other public or private health insurance program has restricted, suspended, revoked, or terminated the physician’s or eligible professional’s ability to practice medicine, and the reason(s) for any such restriction, suspension, revocation, or termination.

[13] Under 42 CFR Sec. 424.535(a) (21), when determining whether a revocation is appropriate, CMS considers the following factors:

(A) The nature of the patient harm.

(B) The nature of the physician’s or other eligible professional’s conduct.

(C) The number and type(s) of sanctions or disciplinary actions that have been imposed against the physician or other eligible professional by the State oversight board, IRO, Federal or State health care program, or any other equivalent governmental body or program that oversees, regulates, or administers the provision of health care. Such actions include, but are not limited to in scope or degree:

(1) License restriction(s) pertaining to certain procedures or practices.

(2) Required compliance appearances before State medical board members.

(3) License restriction(s) regarding the ability to treat certain types of patients (for example, cannot be alone with members of a different gender after a sexual offense charge).

(4) Administrative or monetary penalties.

(5) Formal reprimand(s).

(D) If applicable, the nature of the IRO determination(s).

(E) The number of patients impacted by the physician’s or other eligible professional’s conduct and the degree of harm thereto or impact upon.

[14] 254 U.S. 141, 143 (1920).

[15] 42 CFR Sec. 424.535(c)(1)(i).

[16] 42 CFR Sec. 424.535(c)(2)(i).

[17] 42 CFR Sec. 424.535(c)(3),

Medicare, Medicaid and CHIP Enrollment Revocation and Denial Authorities Have Expanded.  What Steps are You Taking to Reduce Your Level of Risk?

Download PDF
Medicare Enrollment

Big Changes to CMS Form 855 are on the Horizon

(September 18, 2019):  On September 10, 2019, the Department of Health and Human Services (HHS) and Centers for Medicare and Medicaid Services (CMS) published a Final Rule in the Federal Register entitled, “Medicare, Medicaid, and Children’s Health Insurance Programs; Program Integrity Enhancements to the Provider Enrollment Process.” Issuance of the Final Rule is necessary in order to implement sections 1866(j)(5) and 1902(kk)(3) of the Social Security Act (as amended by the Affordable Care Act), which require that providers and suppliers fully disclose information related to affiliations, uncollected debts and certain adverse actions that may impact the program integrity of the affected government health plan.  As discussed below, the impact of the Final Rule on the Medicare enrollment disclosure requirements of providers and suppliers has been significantly enhanced.  Moreover, the authority of CMS to revoke or deny the enrollment of a participating provider or supplier has been greatly expanded.  Under the Final Rule, the reporting obligations of Medicare, Medicaid, and CHIP providers and suppliers will dramatically increase when they file a new enrollment application, revalidate their enrollment, need to file a change of information, or need to notify the agency of a change in ownership .[1]  This article is intended to take a “first look” at the impact of the Final Rule on the obligations  faced by providers and suppliers. Additionally this article reviews CMS’ new revocation and denial authority, and it explores a number of the challenges that you or other providers may face, as a result.

I.  Background – Medicare Enrollment and Revalidation Program Integrity Measures:

Approximately, 54 million individuals are enrolled in the Medicare program.[2]  In order to qualify to provide care and treatment services to these beneficiaries, a health care provider or supplier must meet a number of administrative, regulatory, and statutory requirements that are meant to protect both the patient and the financial integrity of the Medicare program.  The Medicare enrollment process effectively serves as one of the agency’s primary ways to protect patients and the Medicare Trust Fund from the actions of providers and suppliers whose participation would represent a significant risk of fraud or abuse.

When enrolling in the Medicare program, an applicant provider or supplier must complete and submit an appropriate enrollment application (i.e., a Form CMS-855) to their assigned Medicare contractor.  The enrollment application can be submitted by paper or electronically through the agency’s Provider Enrollment, Chain, and Ownership System (PECOS).  Several of the previous rules promulgated by CMS to strengthen the overall effectiveness and program integrity of the enrollment process have included:

  • April 21, 2006: CMS published a Final Rule entitled “Medicare Program; Requirements for Providers and Suppliers to Establish and Maintain Medicare Enrollment.”[3] This Final Rule laid out a number of requirements that must be met by providers and suppliers in order to maintain their Medicare billing privileges.
  • February 2, 2011: CMS published a Final Rule entitled “Medicare, Medicaid, and Children’s Health Insurance Programs; Additional Screening Requirements, Application Fees, Temporary Enrollment Moratoria, Payment Suspensions and Compliance Plans for Providers and Suppliers.”[4]  This Final Rule established a number of new provider enrollment screening requirements.
  • March 1, 2016: CMS published a Proposed Rule entitled “Medicare, Medicaid, and Children’s Health Insurance Programs; Program Integrity Enhancements to the Provider Enrollment Process.” This Proposed Rule set out the enrollment revocation and denial changes CMS planned to implement in an effort to address long-standing program integrity risks that have previously been exploited in the past.[5]

A little more than three years after the issuance of the March 2016 Proposed Rule, CMS has now issued its much-anticipated Final Rule entitled, “Medicare, Medicaid, and Children’s Health Insurance Programs; Program Integrity Enhancements to the Provider Enrollment Process.” [6]  With the implementation of this Final Rule,  CMS will now have expanded authority to deny the enrollment and / or revalidation of a provider or supplier if it determines that an “affiliation” presents an undue risk of fraud risk or abuse.  The Final Rule will also make it much easier to revoke the enrollment of existing providers and suppliers whose continued participation in the Medicare, Medicaid, or CHIP programs is determined to represent a program integrity risk.

II.  Why Has CMS Tightened Up the Medicare Enrollment and Revalidation Process?

Despite past efforts to strengthen the Medicare provider enrollment process, existing Medicare, Medicaid, and CHIP systems haven’t been fully effective in identifying direct owners, managing employees, and close affiliates of provider and supplier applicants with a history of certain adverse  events.  As representatives of the Office of Inspector General (OIG) have testified before Congress, health care providers and suppliers engaging in wrongful billing practices have often been found to have relied on networks of affiliations with other fraudulent providers and suppliers. For example, in south Florida, law enforcement has previously found that some Medicare providers and suppliers have taken steps to hide their ownership through the use of straw owners.  The real owners (who are likely prohibited from participating or likely to be denied participation in Federal health care programs) are then free to engage in improper billing practices.[7]

The issuance of the new Final Rule requires that as part of the enrollment and revalidation process, providers and suppliers must disclose any business affiliations that may pose an undue risk of fraud, waste and / or abuse to the Medicare, Medicaid and CHIP programs. CMS will be phasing the new affiliation reporting requirements in over a period of years. First, the agency will update and issue new provider enrollment Form CMS-855 applications, and then it will require reporting of certain affiliations “upon request.”[8] At least initially, only those providers or suppliers who are asked to report affiliations on the new enrollment forms will be required to do so. CMS states in the new Final Rule that it will publish further rulemaking to expand this reporting requirement after assessing the progress of its initial phased-in approach.

Notably, CMS estimates that the new disclosure requirements and revocation authorities implemented by the Final Rule will result in approximately 2,600 new revocations each year and will save the affected government health programs an estimated $4.16 billion over the next 10 years.

III.  Reporting Affiliations:

Under the Final Rule, the “affiliations” that a provider or supplier may have to disclose upon request by CMS include the following:

The term “affiliation” is defined under 42 CFR §424.519 as meaning any of the following:

  • A 5 percent or greater direct or indirect ownership interest that an individual or entity has in another organization.
  • A general or limited partnership interest (regardless of the percentage) that an individual or entity has in another organization.
  • A 5 percent or greater direct or indirect ownership interest that an individual or entity has in another organization.
  • An interest in which an individual or entity exercises operational or managerial control over, or directly or indirectly conducts, the day-to-day operations of another organization (including, for purposes of § 424.519 only, sole proprietorships), either under contract or through some other arrangement, regardless of whether or not the managing individual or entity is a W–2 employee of the organization.
  • An interest in which an individual is acting as an officer or director of a corporation.
  • Any reassignment relationship under 42 CFR § 424.80.”

The new affiliation provisions are intended to identify individuals and entities that have an ownership interest or exercise managerial control in multiple Medicare program providers or suppliers. Both OIG and CMS have repeatedly identified situations where providers and suppliers whose Medicare billing privileges have been revoked for fraud and / or other improper conduct have managed to surreptitiously re-enter the program using a nominee owner to disguise their true ownership or through other deceptive means.  As the agency has noted, the broad definition of affiliation that has been adopted, is needed so that providers and suppliers fully disclose any prior or current relationships that could pose risks of fraud, waste or abuse to the Medicare program.  CMS has estimated that if the new affiliation provisions had been in place over the previous five years, it could have prevented $51.9 billion from being paid to 2,097 entities with affiliations with a previously-revoked individual or entity.

IV.  Disclosable Events Under 42 CFR § 424.519:

When initially enrolling or revalidating with the Medicare program, the new regulations will require that a provider or supplier disclose whether it or any of its owning or managing employees or organizations (consistent with the terms ‘‘owner’’ and ‘‘managing employee’’ as defined in 42 CFR § 424.502) has or, within the previous 5 years, has had an affiliation with a currently or formerly enrolled Medicare, Medicaid, or CHIP provider or supplier that has had any “disclosable events.”[9] Importantly, the term, “disclosable event“ is defined in the new regulation as an affiliation with a currently or formerly enrolled Medicare, Medicaid or CHIP provider or supplier that:

“(1) Currently has an uncollected debt to Medicare, Medicaid, or CHIP, regardless of – (i) The amount of the debt; (ii) Whether the debt is currently being repaid (for example, as part of a repayment plan); or (iii) Whether the debt is currently being appealed;

(2) Has been or is subject to a payment suspension under a federal health care program (as that latter term is defined in section 1128B(f) of the Act), regardless of when the payment suspension occurred or was imposed;

(3) Has been or is excluded by the OIG from participation in Medicare, Medicaid, or CHIP, regardless of whether the exclusion is currently being appealed or when the exclusion occurred or was imposed; or

(4) Has had its Medicare, Medicaid, or CHIP enrollment denied, revoked, or terminated, regardless of— (i) The reason for the denial, revocation, or termination; (ii) Whether the denial, revocation, or termination is currently being appealed; or (iii) When the denial, revocation, or termination occurred or was imposed.”

Responding to comments submitted in connection with the Proposed Rule, CMS clarified who must be reported as an owner or managing employee of a provider or supplier, and likewise, who the organization must collect information from to identify all “affiliations” and “disclosable events.” CMS commented that the following situations would (1) require disclosure of a person or organization as an owner or managing employee, and (2) require disclosure of those persons or organizations “affiliations” if there has been a disclosable event:

      • Does a “Physician Director” or “Director of Nursing” have to be reported as part of the enrollment process? Yes, if the Physician Director or the Director of Nursing fall within the definition of “managing employee”[10] under 42 CFR § 424.502, he or she would have to be reported [on the Form CMS-855 application as a managing employee]. Moreover, if the Physician Director or the Director of Nursing was previously a managing employee of another provider or supplier with a “disclosable event,” the Physician Director or Director of Nursing would have to be reported.
      • Do the members of the Board of Trustees of a tax-exempt entity have to be reported as part of the enrollment process? Yes, as set out in CMS Publication 100-08, Program Integrity Manual (PIM), Chapter 15, Section 15.5.5 (Owning and Managing Organizations) members of a Board of Trustees are considered to be Corporate Directors and must be reported on CMS Form 855.  As an aside, CMS takes the position that non-profit entities and offices would fall under the affiliation definition to the same extent as for-profit entities and officials.
      • Does an entity with a 5% or greater mortgage or security interest have to be reportedConsistent with the PIM, Chapter 15, Section 15.5.5:  “All entities with at least a 5 percent mortgage, deed of trust or other security interest in the provider must be reported in section 5. This frequently will include banks, other financial institutions, and investment firms.”
      • Does a billing agency or a collection agency have to be reported? Yes, if the billing agency or collection agency meets the definition of a managing employee (as it applied to organizations), then they would have to be reported on the CMS Form 855.
      • Does a public company that owns 5% of more of an enrolling or reenrolling company have to be reported?   CMS takes the position that public companies fall within the purview of 42 CFR §424.519.
      • Does an affiliated managing individual have to be reported in CMS Form 855 even if he or she has no responsibilities concerning payment for services? The definition of managing employee under 42 CFR §?424.502 includes all persons who directly or indirectly conduct a provider’s or supplier’s day-to-day operations. There is no requirement that these individuals must have responsibilities related to payment for services.

In short, the above individuals must be disclosed in the owner and managing employee sections of the Form CMS-855 applications (or their counterpart in PECOS), and if those owners or managing employees have affiliations that have disclosable events, then those must be reported as well. As we stated earlier, in response to the many comments and concerns submitted by providers and suppliers, for now, CMS is not requiring that providers and suppliers disclose affiliations with disclosable events under 42 CFR §?424.519 unless CMS specifically requests that they do so.[11]  Moreover, CMS does not intend to request these disclosures until it has updated CMS Form-855.  However, as CMS further noted:

“Although we will initially be implementing a more targeted approach to the disclosure requirement, we recognize that section 1866(j)(5) of the Act requires every provider and supplier (regardless of the relative risk they may pose) to disclose affiliations upon initial enrollment and revalidation. While section 1866(j)(5) of the Act does give the Secretary some discretion in applying this provision in terms of form, manner, and timing, it does not permanently exempt any provider or supplier from its applicability . . . Consequently, CMS must eventually secure affiliation data from all initially enrolling and revalidating providers.” (emphasis added).

Therefore, at this time, providers and suppliers are not required to report disclosable affiliations until CMS has an opportunity to update its Form CMS-855 applications so that this data can be collected.  Furthermore, CMS will be issuing additional sub-regulatory guidance regarding the affiliation disclosure process.  This sub-regulatory guidance is expected to set out the agency’s expectations with respect to the level of effort that is required of a provider or supplier to research and secure an owner or managing employees relevant affiliation information.

V.  When Will a Disclosed Affiliation be Found to “Pose an Undue Risk of Fraud, Waste or Abuse”?

The Final Rule makes it clear that just because an affiliation must be disclosed, does not necessarily mean that CMS will determine that an affiliation will “pose an undue risk of fraud, waste, or abuse.”[12] Before making a determination, CMS intends to carefully examine the specifics of each situation prior to deciding whether to exercise its discretion to deny an application for enrollment OR to revoke the participation of a currently enrolled provider.  When deciding whether a disclosed affiliation represents an undue risk, CMS will consider:

(1) The duration of the affiliation.
(2) Whether the affiliation still exists and, if not, how long ago it ended.
(3) The degree and extent of the affiliation.
(4) If applicable, the reason for the termination of the affiliation.
(5) Regarding the affiliated provider’s or supplier’s disclosable event, CMS will consider:

(i) The type of disclosable event.
(ii) When the disclosable event occurred or was imposed.
(iii) Whether the affiliation existed when the disclosable event occurred or was imposed.
(iv) If the disclosable event is an uncollected debt:

(A) The amount of the debt.
(B) Whether the affiliated provider or supplier is repaying the debt.
(C) To whom the debt is owed.

(v) If a denial, revocation, termination, exclusion, or payment suspension is involved, the reason for the disclosable event.

(6) Any other evidence that CMS deems relevant to its determination.

Depending on the particulars of each case, CMS may find that a disclosed affiliation does, in fact, pose an undue risk of fraud, waste, or abuse. Should this occur, CMS will deny a provider’s or supplier’s initial enrollment application under 42 CFR § 424.530(a)(13) OR revoke a currently participating provider’s or supplier’s Medicare enrollment under 42 CFR § 424.535(a)(19).

VI.  What Can Happen if a Provider or Supplier Fails to Report a Disclosable Affiliation?

When asked to do so by CMS, it will be essential that a provider or supplier ensure that any and all disclosable affiliations and other general business information is fully and completely reported.  If a provider or supplier fails to report a disclosable affiliation and “knew or should have known”[13] of the omitted information, CMS may choose to deny an applicant’s initial enrollment application (under 42 CFR § 424.530(a)(1) and, if applicable, 42 CFR § 424.530(a)(4)). Alternatively, if a currently participating provider or supplier fails to report a disclosable affiliation, CMS may choose to revoke the entity’s Medicare enrollment (under 42 CFR § 424.535(a)(1) and, if applicable, 42 CFR § 424.535(a)(4)).

VII.  What is an “Uncollected Debt”?

As set out under 42 CFR §?424.519(a)(1), if an applicant, or an applicant’s owner or managing employee is affiliated with another provider or supplier that has an “uncollected debt,” that is a disclosable event under 42 CFR §?424.502.  As previously discussed, an uncollected debt is only intended to include:

“(i) Medicare, Medicaid, or CHIP overpayments for which CMS or the state has sent notice of the debt to the affiliated provider or supplier.
(ii) Civil money penalties imposed under this title.
(iii) Assessments imposed under this title.”

(emphasis added).

Importantly, the phrase notice of the debt to the affiliated provider or supplier” does not include audit requests or routine denial letters where refunds are made through remittance advices or claims corrections.  In its response to comments from stakeholders, CMS expressly notes that “notice of the debt” would include something like a demand letter or other formal request for payment.

CMS has not established a minimum amount that would require the reporting of an uncollected debt.  Regardless of whether an alleged uncollected debt is $500 or $5 million, it would qualify as a reportable disclosable event under the Final Rule.  As CMS noted, “there could be isolated cases where a particular debt, though of a de minimis amount, presents an undue risk when all of the applicable factors are considered.”   CMS further states that even though a provider or supplier may currently be in the process of repaying a debt, the debt would still be a reportable disclosable event.

VIII.  Impact of Filing an Appeal in an Uncollected Debt or Enrollment-Related Action:

Throughout the Final Rule, multiple commenters urged CMS to view alleged debts and enrollment-related actions that are being appealed by a provider or supplier differently than those where no appeal has been filed.  After considering the points raised, CMS consistently declined to adopt such a position and has decided that even if an alleged debt is currently under appeal, the debt would still qualify as a disclosable event.  As CMS wrote:

“consistent with our obligation to protect the Medicare program and the Trust Funds, as well as with our authority under section 1866(j)(5) of the Act, we believe we should have the ability to determine whether the debt and the associated affiliation pose an undue risk regardless of whether the debt is being appealed.” (emphasis added).

Similarly, CMS held that under 42 CFR § 424.519, enrollment denial, revocation, and termination actions will still qualify as disclosable events even if they are under appeal.

IX.  Modification to the Enrollment Denial Reasons Under 42 CFR § 424.530:

As set out under 42 CFR § 424.530(a), CMS is authorized to deny a provider’s or supplier’s enrollment in the Medicare program for a number of reasons. Prior to the issuance of the Final Rule, the authorized reasons for denying enrollment in Medicare fell within the following broad categories:

(1) Noncompliance

(2) Provider or supplier conduct.

(3) Felonies

(4) False or misleading information.

(5) On-site review.

(6) Medicare debt.

(7) Payment suspension.

(8) Initial reserve operating funds.

(9) Application fee / hardship exception.

(10) Temporary moratorium.

(11) Prescribing authority.

Under the Final Rule, enrollment denials based on “Payment Suspension” (42 CFR § 424.530(a)(7)) have been expanded and may now be based on the following:

“(i) The provider or supplier, or any owning or managing employee or organization of the provider or supplier, is currently under a Medicare or Medicaid payment suspension as defined in §§ 405.370 through 405.372 or in § 455.23 of this chapter.

(ii) CMS may apply the provision in this paragraph (a)(7) to the provider or supplier under any of the provider’s, supplier’s, or owning or managing employee’s or organization’s current or former names, numerical identifiers, or business identities or to any of its existing enrollments.

(iii) In determining whether a denial is appropriate, CMS considers the following factors:

(A) The specific behavior in question.
(B) Whether the provider or supplier is the subject of other similar investigations.
(C) Any other information that CMS deems relevant to its determination.”

Prior to this expansion, the Payment Suspension basis for denying a provider’s or supplier’s Medicare enrollment was limited to situations where the current owner, physician, or non-physician practitioner had been placed on Medicare suspension.  CMS believed this did not allow them to deny enrollment to any provider or supplier type based on a payment suspension by the Medicare program, and did not encompass scenarios where a provider or supplier’s payments had been suspended by a state Medicaid payment but the Medicare program. Under the revised Final Rule, now all provider and supplier types can be denied enrollment if that provider or supplier is subject to a Medicare OR Medicaid payment suspension, or if the provider’s or supplier’s owners or managing employees or organizations are subject to such a suspension. Importantly, CMS will look at a provider’s or supplier’s owners and managing employee’s or organization’s current and former names, business identities and related numerical identifiers to identify any payment suspensions.

Additionally, the Final Rule has added several additional bases that may be relied on by CMS when deciding to deny a provider’s or supplier’s Medicare enrollment.  These new reasons for denial include:

(12) Revoked under different name, numerical identifier or business identity and the applicable re-enrollment bar has not expired.[14]
(13) Affiliation that poses undue risk.
(14) Other program termination or suspension.

Each of the fourteen reasons that may be relied on by CMS when denying a provider’s or supplier’s Medicare enrollment have specific requirements which must be met.  If you or your practice are denied Medicare enrollment, you should work with your legal counsel to determine whether the denial reason cited by CMS is accurate and consistent with the facts in your case.

X.  Introduction of a New “Reapplication Bar” Rule Under 42 CFR § 424.530(f):

As revised, the Medicare enrollment denial regulations now include a new “Reapplication Bar” rule.  As 42 CFR § 424.530(f) sets out, if a provider or supplier submitted false or misleading information on (or with) their Medicare enrollment application, CMS can choose to prohibit the prospective provider or supplier from enrolling in the Medicare program for up to three years.  Importantly, the scope of the reapplication bar rule set out under 42 CFR § 424.530(f)(1) and (f)(2) is quite broad:

“(1) The reapplication bar applies to the prospective provider or supplier under any of its current, former, or future names, numerical identifiers or business identities.

(2) CMS determines the bar’s length by considering the following factors:

(i) The materiality of the information in question.
(ii) Whether there is evidence to suggest that the provider or supplier purposely furnished false or misleading information or deliberately withheld information.
(iii) Whether the provider or supplier has any history of final adverse actions or Medicare or Medicaid payment suspensions.
(iv) Any other information that CMS deems relevant to its determination.

XI.  Modifications to the Medicare Enrollment Revocation Regulations Under 42 CFR § 424.535:

Prior to the issuance of the Final Rule, under 42 CFR § 424.535(a), CMS has long exercised the authority to revoke a currently-enrolled provider’s or supplier’s Medicare billing privileges (along with any related provider or supplier agreement).  Reasons for revocation have included:

  1. Noncompliance
  2. Provider or supplier conduct.
  3. Felonies
  4. False or misleading information.
  5. On-site review;
  6. Grounds related to provider or supplier screening requirements.
  7. Misuse of billing number.
  8. Abuse of billing privileges.
  9. Failure to report.
  10. Failure to document or provide CMS access to documentation.
  11. Initial reserve operating funds.
  12. Medicaid termination.
  13. Prescribing authority.
  14. Improper prescribing practices.

Under the Final Rule, the reasons for revocation under 42 CFR § 424.535(a)(9) and (a)(12) have been revised.  The revocation reason set out under 42 CFR § 424.535(a)(9) Failure to report, has been changed.  The basis for revocation has now been expanded to cover the following:

(9) Failure to report. The provider or supplier did not comply with the reporting requirements specified in § 424.516(d) or (e), § 410.33(g)(2) of this chapter, or § 424.57(c)(2). In determining whether a revocation under this paragraph (a)(9) is appropriate, CMS considers the following factors:

         (i) Whether the data in question was reported.
         (ii) If the data was reported, how belatedly.
         (iii) The materiality of the data in question.
        (iv) Any other information that CMS deems relevant to its determination.”

Similarly, the Final Rule expands the revocation basis set out under 42 CFR § 424.535(a)(12).  Rather than focus exclusively on the termination of a provider’s or supplier’s Medicaid billing privileges, under the Final Rule 42 CFR § 424.535(a)(12) the basis for revocation has been expanded to include not merely Medicaid but also adverse actions taken by any other Federal health care program.  As the regulation now reads:

“(12) Other program termination.

(i) The provider or supplier is terminated, revoked or otherwise barred from participation in a State Medicaid program or any other federal health care program. In determining whether a revocation under this paragraph (a)(12) is appropriate, CMS considers the following factors:

(A) The reason(s) for the termination or revocation.
(B) Whether the provider or supplier is currently terminated, revoked or otherwise barred from more than one program (for example, more than one State’s Medicaid program) or has been subject to any other sanctions during its participation in other programs.
(C) Any other information that CMS deems relevant to its determination.

 (ii) Medicare may not revoke unless and until a provider or supplier has exhausted all applicable appeal rights.
 (iii) CMS may apply paragraph (a)(12)(i) of this section to the provider or supplier under any of its current or former names, numerical identifiers or business identities.”

 The Final Rule has set aside slots for future bases for revocation at 42 CFR § 424.535(a)(15) and (a)(16).

Notably, a number of new bases for Medicare enrollment revocation have now been established under the Final Rule and are set out under 42 CFR § 424.535(a)(17) through (a)(20).  These new reasons for revocation include the following:

(17) Debt referred to the United States Department of Treasury. The provider or supplier has an existing debt that CMS appropriately refers to the United States Department of Treasury. In determining whether a revocation under this paragraph (a)(17) is appropriate, CMS considers the following factors:

(i) The reason(s) for the failure to fully repay the debt (to the extent this can be determined).
(ii) Whether the provider or supplier has attempted to repay the debt (to the extent this can be determined).
(iii) Whether the provider or supplier has responded to CMS’ requests for payment (to the extent this can be determined).
(iv) Whether the provider or supplier has any history of final adverse actions or Medicare or Medicaid payment suspensions.
(v) The amount of the debt. (vi) Any other evidence that CMS deems relevant to its determination.

(18) Revoked under different name, numerical identifier or business identity. The provider or supplier is currently revoked under a different name, numerical identifier, or business identity, and the applicable reenrollment bar period has not expired. In determining whether a provider or supplier is a currently revoked provider or supplier under a different name, numerical identifier, or business identity, CMS investigates the degree of commonality by considering the following factors:

(i) Owning and managing employees and organizations (regardless of whether they have been disclosed on the Form CMS–855 application).
(ii) Geographic location.
(iii) Provider or supplier type.
(iv) Business structure.
(v) Any evidence indicating that the two parties are similar or that the provider or supplier was created to circumvent the revocation or reenrollment bar

(19) Affiliation that poses an undue risk. CMS determines that the provider or supplier has or has had an affiliation under § 424.519 that poses an undue risk of fraud, waste, or abuse to the Medicare program.

(20) Billing from non-compliant location. CMS may revoke a provider’s or supplier’s Medicare enrollment or enrollments, even if all of the practice locations associated with a particular enrollment comply with Medicare enrollment requirements, if the provider or supplier billed for services performed at or items furnished from a location that it knew or should have known did not comply with Medicare enrollment requirements. In determining whether and how many of the provider’s or supplier’s enrollments, involving the non-compliant location or other locations, should be revoked, CMS considers the following factors:

(i) The reason(s) for and the specific facts behind the location’s noncompliance.
(ii) The number of additional locations involved.
(iii) Whether the provider or supplier has any history of final adverse actions or Medicare or Medicaid payment suspensions.
(iv) The degree of risk that the location’s continuance poses to the Medicare Trust Funds.
(v) The length of time that the noncompliant location was non-compliant.
(vi) The amount that was billed for services performed at or items furnished from the non-compliant location.
(vii) Any other evidence that CMS deems relevant to its determination.  

(21) Abusive ordering, certifying, referring, or prescribing of Part A or B services, items or drugs. The physician or eligible professional has a pattern or practice of ordering, certifying, referring, or prescribing Medicare Part A or B services, items, or drugs that are abusive, represents a threat to the health and safety of Medicare beneficiaries, or otherwise fails to meet Medicare requirements. In making its determination as to whether such a pattern or practice exists, CMS considers the following factors:

(i) Whether the physician’s or eligible professional’s diagnoses support the orders, certifications, referrals or prescriptions in question.
(ii) Whether there are instances where the necessary evaluation of the patient for whom the service, item or drug was ordered, certified, referred, or prescribed could not have occurred (for example, the patient was deceased or out of state at the time of the alleged office visit).
(iii) The number and type(s) of disciplinary actions taken against the physician or eligible professional by the licensing body or medical board for the state or states in which he or she practices, and the reason(s) for the action(s).
(iv) Whether the physician or eligible professional has any history of final adverse actions (as that term is defined in § 424.502).
(v) The length of time over which the pattern or practice has continued.
(vi) How long the physician or eligible professional has been enrolled in Medicare.
(vii) The number and type(s) of malpractice suits that have been filed against the physician or eligible professional related to ordering, certifying, referring or prescribing that have resulted in a final judgment against the physician or eligible professional or in which the physician or eligible professional has paid a settlement to the plaintiff(s) (to the extent this can be determined).
(viii) Whether any State Medicaid program or any other public or private health insurance program has restricted, suspended, revoked, or terminated the physician’s or eligible professional’s ability to practice medicine, and the reason(s) for any such restriction, suspension, revocation, or termination.
(ix) Any other information that CMS deems relevant to its determination.

Notably, under the Final Rule, 42 CFR § 424.535(c), the regulations setting out the rules for reapplying after a provider’s or supplier’s Medicare enrollment has been revoked, have been revised and enhanced. First, the maximum reenrollment bar for a first-time revocation has been extended to 10 years. 42 CFR § 424.535(c)(1)(i). Second, if a provider or supplier attempts to “circumvent its existing reenrollment bar by enrolling in Medicare under a different name, numerical identifier or business identity,” CMS can extend that provider’s or supplier’s existing reenrollment bar by 3 additional years.   See 42 CFR § 424.535(c)(2)(i).

Moreover, under 42 CFR § 424.535(c)(3), if a provider or supplier is being revoked from Medicare a second time, CMS may choose to impose a reenrollment bar of up to 20 years.  The factors to be considered by CMS when determining the proper length of a reenrollment bar are set out under 42 CFR § 424.535(c)(3), subsections (i) through (iii).

In an effort to further prevent improper attempts to reenroll in the Medicare program, 42 CFR § 424.535(c)(4) provides a reenrollment bar applies to a provider or supplier under any of its current, former or future names, numerical identifiers or business identities.”

XII.  Impact of the Final Rule on State Medicaid and CHIP Enrollment and Disclosure Practices:

Section 1902(kk)(3) of the Act,1 as amended by section 6401(b) of the Affordable Care Act, which mandates that states require providers and suppliers to comply with the same disclosure requirements established by the Secretary under section 1866(j)(5) of the Act. In other words, the increased disclosure requirements apply to providers and suppliers enrolling or revalidating in the Medicare or Medicaid programs. It also applies to changes of information that must be reported under the Final Rule.

As the Final Rule further notes, as long as they continue to work within the broad Federal framework, States have been delegated considerable flexibility in how they administer their Medicaid and CHIP programs.  Ultimately, the enrollment requirements established by a State must be consistent with section 1902(a)(23) of the Act and implementing regulations at 42 CFR § 431.51. As the Final Rule reflects, as long as a State meets its obligations under 42 CFR § 431.51, it is free to:

“. . . [S]et reasonable standards relating to the qualifications of providers but may not restrict the right of beneficiaries to obtain services from any person or entity that is both qualified and willing to furnish such services.”

XIII. Due Diligence and Credentialing Risks When Enrolling, Revalidating or Submitting a Change of Information:

The affiliation disclosure requirements set out in the Final Rule are anticipated to be gradually implemented by CMS over the next three years.  The agency contends that such an approach will better enable the provider and supplier communities to meet their affiliation, uncollected debt and adverse event reporting obligations. Unfortunately, the Final Rule imposes yet another unfunded obligation on participating providers and suppliers.  From a practical standpoint, the implementation of the Final Rule will have an enormous impact on the credentialing process.  Federal and State payors have historically used the credentialing process as their first line of defense with respect to program integrity. The disclosure obligations set out in the Final Rule are quite comprehensive. Third-party billing companies and credentialing companies handling these submissions on behalf of their provider and supplier clients will need to diligently work to better ensure that each submission is both accurate and complete before submitting the credentialing package to a Federal or State payor.  On the payor side of the credentialing equation, professional credentialing companies, (such as CredSimple), will likely see an exponential increase in the demand for their verification and screening services.  Moreover, we fully expect to see private payors, medical centers and hospital systems adopt program integrity safeguards similar to those outlined in the Final Rule as they take steps to protect their organizations from fraud, waste, and abuse.

XIV.  Final Thoughts:

As the Final Rule details, the Affordable Care Act imposed a number of enrollment and reenrollment disclosure obligations on Medicare, Medicaid, and CHIP providers and suppliers.  These revised reporting obligations are intended to prevent bad actors from circumventing the existing safeguards that had been implemented to guard against fraud, waste, and abuse.  CMS estimates that it will take at least several years for the agency to revise the various versions of its CMS Form 855 enrollment applications and fully implement the new reporting obligations.  The true enormity of these new obligations has yet to be realized.  Affiliations, disclosable events and uncollected debts will be carefully evaluated by CMS and weighed as the agency decides whether to deny an application for enrollment or revalidation or revoke an existing provider’s or supplier’s Medicare billing privileges.

Healthcare Attorney

Jennifer Papapanagiotou,
Click here for bio

Robert W. Liles Healthcare Attorney

Robert W. Liles,
Click here for bio

Now, more than ever before, it is important for providers and suppliers to effectively conduct due diligence before hiring managerial staff, purchasing or selling an entity, appealing an alleged overpayment and / or seeking relief in bankruptcy.  As the enrollment disclosure and reporting process moves towards full implementation, it will be essential for you to fully understand your obligations under the law.  The attorneys at Liles Parker have extensive experience representing providers and suppliers in the provider enrollment, revalidation, change of information and change of ownership process.  Our team has represented healthcare providers and suppliers around the country in the appeal of Medicare termination actions, enrollment denials, and the revocation of an entity’s billing privilegesQuestions?  Give Robert Liles or Jennifer Papapanagiotou a call.  For a free consultation, we can be reached at:  1 (800) 475-1906.

[1] 42 CFR § 424.516.

[2] CMS is the single largest health care insurance payor in the country.  Approximately 90 million individuals are currently covered by Medicare, Medicaid and / or the Children’s Health Insurance Program (CHIP) programs.

[3] 71 FR 20754.

[4] 76 FR 5861.

[5] 81 FR 10720.

[6] The Final Rule is effective on November 4, 2019.

[7] 84 FR 47794, 47797.

[8] 84 FR 47794, 47803.

[9] 84 FR47794, 47802.

[10] Under 42 CFR § 424.502, the term “managing employee” means:

a general manager, business manager, administrator, director, or other individual that exercises operational or managerial control over, or who directly or indirectly conducts, the day-to-day operation of the provider or supplier, either under contract or through some other arrangement, whether or not the individual is a W-2 employee of the provider or supplier.”

[11] 84 FR 47794, 47803, 47805.  In light of the concerns raised, CMS will be adopting a “phased-in” approach to complying with the requirements under 42 CFR §?424.519(b).  Under this phased-in approach, CMS will first be revised Form CMS-855 to cover the various disclosures required under the Final Rule.  Initially, providers and suppliers will not be required to disclose affiliations under 42 CFR §?424.519(b) unless CMS asks for this information.  While this approach will initially relieve providers and suppliers of the disclosure burden, CMS notes that this is not meant to be a permanent exemption.  Ultimately, providers and suppliers will be required to report any affiliations with one or more disclosable events.

[12] 84 FR 47794, 47807.

[13] CMS acknowledges in its response to comments in the Final Rule that the additional sub-regulatory guidance is needed to further clarify the “knew or should have known” standard.  See 84 FR 47794,47811.

[14] This is similar to CMS’ new expanded authority to deny enrollment if an owner or managing employee of a provider or supplier is under a payment suspension by Medicare or a state Medicaid program. Under this new denial authority, CMS will examine the degree of commonality between the applicant and other revoked providers and suppliers, looking specifically at the owning and managing employees and organizations of the applicant and a revoked provider or supplier, the applicant and revoked provider’s or supplier’s geographic location, provider or supplier type, business structures, and “any evidence indicating the two parties are similar or that the provider or supplier was created to circumvent the revocation or reenrollment bar.” 84 FR 47794, 47823.

UPIC Dental Audits (Such as Qlarant Dental Audits) Have Been Initiated. Is Your Practice Ready for its Medicare Dental Claims or Medicaid Dental Claims to be Audited?

Download PDF

UPIC Dental Audits Such as Qlarant Dental Audits are Currently Taking Place

(July 3, 2018):  While a number of Medicare Advantage Plans now offer supplemental coverage for preventive, basic, and major dental services, only a narrow category of dental services qualify for coverage and payment under standard Medicare Part A (pursuant to Section 1862(a)(12) of the Social Security Act).  Presently, only qualifying Medicaid beneficiaries are likely to have dental services coverage.  With this in mind, last week’s Press Release by the Centers for Medicare and Medicaid Services (CMS) is especially pertinent.  As CMS announced, the agency is implementing “new and enhanced initiatives designed to improve Medicaid program integrity through greater transparency and accountability, strengthened data, and innovative and robust analytic tools.”  What does this mean for dentists and dental practices participating in the Medicaid program? Simply put, it means more dental audits and a much closer scrutiny of your assessment of medical necessity, documentation of the dental services provided, utilization practices and any business arrangements in which you participate.  This will become especially apparent as Unified Program Integrity Contractors (UPICs) transition into their new roles as program integrity contractors of both Medicare and Medicaid claims.  Over the last few months, we have noted that dentists and dental practices around the country are increasingly being targeted by UPICs in connection with government-paid claims. This article examines the history and direction of the CMS’s Fraud Prevention efforts and provides a thorough discussion of UPICs, highlighting their purpose, jurisdiction, and functions.

I.  What is a UPIC?

Although UPICs are free to audit both Medicare and Medicaid dental claims in their jurisdiction, this article is primarily focused on the UPIC’s targeting of Medicaid dental claims.  As set out in Section 1.2 of the CMS Medicaid Program Integrity Manual:

Unified Program Integrity Contractors (UPICs) are contracted entities with CMS that conduct investigations and audits related to activities in an effort to reduce fraud, waste, and abuse in both the Medicare and Medicaid programs. The UPICs operate in geographic areas or “jurisdictions” defined by individual Task Orders.  The UPICs Perform numerous functions to detect, prevent, and deter specific risks and broader vulnerabilities to the integrity of the Medicare and Medicaid programs including, but not limited to:

  • Proactively identify incidents of potential fraud, waste, and abuse that exist within its service area and take appropriate action on each case;
  • Investigate allegations of fraud made by beneficiaries, providers/suppliers, CMS, Health & Human Services Office of Inspector General (OIG), and other sources;
  • Explore all available sources of fraud leads, including the state Medicaid agency (SMA) and the Medicaid Fraud Control Unit (MFCU);
  • Refer and/or recommend appropriate Medicaid administrative actions to state Medicaid agencies where there is reliable evidence of fraud, including, but not limited to, overpayments, payment suspensions and terminations;
  • Refer cases to the OIG/Office of Investigations (OI) for consideration of civil and criminal prosecution and/or application of administrative sanctions;
  • Partner with state Medicaid Program Integrity Units to perform the above activities for the Medi-Medi program and Medicaid-only investigations; and
  • Work closely with CMS on joint projects, investigations and other proactive, anti-fraud activities. The UPICs utilize a variety of techniques to address any potentially fraudulent, wasteful, or abusive billing practices based on the various leads they receive. The UPICs Integrate the program integrity functions for audits and investigations across Medicare and Medicaid, and assure that CMS’s National priorities for both Medicare and Medicaid are executed and supported at the state level or within the UPIC jurisdiction.”  (emphasis added).

II.  Purpose of the UPIC Program:

The purpose of the UPIC program has been to consolidate the work currently being performed by various Medicare and Medicaid program integrity contractors under a single private sector contractor.  Each UPIC is responsible for handling federal level program integrity audits for both Medicare and Medicaid within a defined geographic area (typically comprised of multiple states).  The following private sector contractors have been awarded UPIC contracts:

  • Qlarant (Previously known as “Health Integrity, LLC”) (Western Jurisdiction)
  • AdvanceMed Corporation (Midwestern Jurisdiction)
  • IntegriGuard, LLC, dba HMS Federal (Indefinite Delivery, Indefinite Quantity[1])
  • Noridian Healthcare Solutions, LLC (Indefinite Delivery, Indefinite Quantity)
  • Safeguard Services LLC (North Eastern Jurisdiction)
  • StrategicHealthSolutions, LLC (Indefinite Delivery, Indefinite Quantity)
  • TriCenturion, Inc. (Indefinite Delivery, Indefinite Quantity)

Recognize a few familiar names?  You should.  Virtually all of these private sector companies have previously been awarded one or more prior CMS audit contracts.  In any event, it has taken a while for CMS to wind-down existing program integrity contracts with Zone Program Integrity Contractors (ZPICs), responsible for auditing Medicare claims and Medicaid Integrity Contracts (MICs), responsible for auditing Medicaid claims.  Those efforts are still ongoing in several areas of the country. 

III.  UPIC Dental Audits:

A number of dentists and dental practices around the country are currently receiving audit letters from Qlarant[2], the UPIC responsible for conducting both Medicare and Medicaid program integrity audits in the Western Jurisdiction.  While dental audits are nothing new, the initiation of UPIC audits of Medicaid, and in some cases, Medicare dental audits, has significantly raised the level of risk faced by participating dental providers.  Like their ZPIC predecessors, UPICs are actively looking for evidence of fraud and will not hesitate to make a referral to federal and / or state prosecutors if potentially criminal conduct is identified.[3]

Over the last few months, a number of Medicaid dental providers have called our office and asked, “Why on earth is my dental practice being targeted by a UPIC.” Simply speaking, as occurrences of dental claims fraud and improper billing practices have increased over the course of the last few years, so has the likelihood of potential dental claims audits. CMS’s reasoning becomes more apparent when you consider the fact that Medicaid spending has increased from $456 billion in 2013 to an estimated $576 billion in 2016.  In consideration of these factors, CMS has determined that there are significant Medicaid dental program integrity risks that must be addressed.  Not surprisingly, UPICs such as Qlarant are now actively auditing Medicaid dental claims.  When auditing Medicaid dental claims, UPIC auditors will undoubtedly address the following factors:

  • Whether the Medicaid dental services billed were actually rendered;[4]
  • Whether the Medicaid dental services rendered were medically necessary;[5]
  • Assuming that the Medicaid dental services were, in fact, medically necessary, do they qualify for coverage under the payor’s contract?[6]
  • Whether the documentation maintained meets applicable State Dental Practice Act requirements AND any required documentation requirements mandated under your State Medicaid Provider Agreement, AND (if applicable to a particular claim), any other requirements that may be set out under your contract with a Medicaid Advantage Plan.[7]
  • Whether one or more other statutes (such as the Anti-Kickback Statute) were violated which effectively renders one or more Medicaid dental claims non-payable;[8]
  • Whether the dental services rendered were properly coded[9]; and
  • Whether the dental services rendered were properly billed.[10]

IV.  What you can Expect in UPIC Dental Audit of Your Medicare Dental Services or Medicaid Dental Services?

Although UPIC dental claims audits can be generated in a wide variety of ways, most are the result of claims data mining assessments, complaints by patients (or in some cases, competitors), or referrals from another government contractor.[12]  Through data mining, UPIC auditors can tell with a high degree of accuracy how long it should take for you to perform all of the dental services you billed in a single day. They will also compare your dental claims billing patterns to those of other dental providers.  If any of your billing practices or patterns appear to be irregular, they will initiate an audit of your dental claims.  Regardless of the reason your dental claims have been targeted, if a UPIC initiates an audit of your dental practice you can expect several things. For instance, if your Medicare / Medicaid dental claims are audited by Qlarant or another UPIC, you will likely be asked to provide the following documentation for each date of service under review:

  • Hospital history and physical;
  • Hospital records;
  • Medical diagnosis;
  • Medical imaging, laboratory studies, radiology studies;
  • Dental exam with dental chart;
  • Health history
  • Referrals
  • Consultations
  • Consents for treatment and anesthesia
  • Proposed treatment plan or plan of care
  • Complete dental record and treatment plan including ADA CPT procedure codes, tooth number and surface for each tooth that received treatment
  • Pre-operative exam notes
  • Dental imaging, radiology, panoramic x-rays (pre and post procedure)
  • Comorbidities
  • Progress notes
  • Operative/procedure notes
  • Anesthesia record
  • Post-operative status
  • Complications
  • Post-operative call record
  • Medications and/or anesthesia administered
  • Medications ordered
  • Discharge instructions
  • Follow up appointments
  • Dental claim form
  • Appointment history report
  • Itemized ledger report
  • Statement of billing
  • Remittance advice
  • Any other documentation to support the billed claim

You may also be subjected to an “unannounced visit” by a UPIC auditor.  These unexpected face-to-face visits have become quite common.  If this occurs, the UPIC auditor will typically provide you with a list of claims to be reviewed but will also want to obtain a sample of the associated medical records before they leave the practice.  As part of the site visit, the UPIC auditor may also request to interview your personnel.  This is where it can get quite complicated.  As a participating provider, you have an affirmative obligation to cooperate with the UPIC’s requests.  Unfortunately, the interview of you and your staff could possibly lead to admissions against interest.  Call your attorney if a UPIC pays an unexpected visit your practice.  We can usually negotiate a time with the auditor so that you (and members of your staff) can be represented by legal counsel.

Often, your first notice of an audit will be the receipt of a letter outlining a UPIC’s dental records request. As a participating provider in the Medicare and / or Medicaid programs, you are required to furnish and submit sufficient information to justify payment as a basic condition of our participation.  UPIC audit letter typically require that you submit the appropriate records and information within 30 calendars days (from your date of receipt of the UPIC’s letter).  Should you fail to comply with a request for dental records, the UPIC may:

  • Issue a determination that an overpayment has been made.
  • Allege that the claims request was a Statistically Valid Random Sample (this depends on the size and nature of the initial claims audit). If eligible, the UPIC may then project your error rate to the universe of claims processed during the particular time frame of your audit.
  • Request that CMS suspend your Medicaid payments.
  • Recommend to the HHS, Office of the Inspector General (OIG) that you and / or your dental practice be excluded from participation in federal and state health benefit programs (including, but not limited to Medicaid) in accordance with § 1128(b)(11) of the Social Security Act.

 V.  UPIC Dental Audits – Worst Case Scenario:

It is important to keep in mind that UPICs view themselves as an arm of law enforcement. Whether you agree with the UPIC’s view of their role or not, the fact remains that UPICs are always on the lookout for evidence of wrongdoing, improper conduct or fraudulent acts that go beyond what is typically associated with a mere overpayment. When potentially-fraudulent conduct is identified, referrals to federal or state law enforcement and / or licensure agencies may be made.  In addition to facing administrative sanctions such as revocation, suspension and / or exclusion, these referrals may also lead to one or more of the following actions:

  • Revocation of a dentist’s DEA permit.
  • Referral to the State Dental Board for investigation and possible disciplinary action.
  • The assessment of Civil Monetary Penalties (CMPs) by OIG.
  • Referral to the U.S. Department of Justice (DOJ) for possible civil prosecution of False Claims Act violations.
  • Referral to the DOJ for criminal prosecution. These cases have typically involved violations of the Anti-Kickback Statute, Health Care Fraud and / or other criminal laws.  Examples of conduct that has led to criminal prosecution include billing Medicaid for unnecessary procedures and / or billing Medicaid for procedures that were never performed.
    • In one case, a single dentist and his former employer were unable to produce medical records to support 335 claims totaling $26,657 that were sampled at his practice.
    • In another case, a dentist was audited because it was virtually impossible for him to complete all of the services he billed for in a single day. When asked about the billings, he reportedly stated that he could complete a filling procedure in 30 seconds.  As you can imagine, the government didn’t believe the dentist.
    • One government audit found that two dentists billed for four or more fillings on one tooth or for two types of fillings on the same surface of the same tooth.
  • Billing Medicaid for substandard work.
  • Submitting claims for reimbursement under another dentist’s Medicaid provider number.
  • Too many or too few X-rays. In some cases, the x-rays have been taken incorrectly, taken by employees not licensed to operate the x-ray machine, and/or unreadable or even blank.

VI.  Preparing for a Dental Claims Audit:

Dental providers must realize that they are responsible for any and all claims submitted by their practice, whether or not they even have direct knowledge of the claim.  You are liable for all of the information recorded on the Dental Claim Form.

  • Do you have an effective Compliance Program in place? It is required under the Affordable Care Act.  Moreover, most state Medicaid programs require that a such a plan be in place.  Finally, all Medicaid Advantage plans require that participating dental providers have a Compliance Program.
  • Have you and your staff reviewed necessary information regarding specific codes for billing Medicaid dental claims? Have you paid special attention to federal / state regulatory requirements, State Dental Practice obligations, and your contractual mandates?
  • When was the last time you conducted an internal dental claims audit and examined whether the services you are providing fully reflect medical necessity requirements, are documented to meet the requirements of the payor, and are properly coded and billed?
  • When was the last time you conducted an audit of your dental business practices? Are your practices free of any possible violations of the False Claims Act or Anti-Kickback Statutes?
  • Have you fully implemented each of your obligations under HIPAA and HITECH?
  • Do you have an effective anonymous compliance reporting mechanism in place? Have you advised and trained your dental practice staff on their obligations to report improper billings or conduct to your practice’s Compliance Officer?
  • Are you screening your dental practice employees, contractors, vendors and contractors through all Federal and State exclusion databases?

Being able to answer these questions can significantly reduce your exposure to outside audits and can help you in setting up (if you have not already done so), and maintaining an effective Compliance Program. It is our recommendation that you engage a suitable, qualified entity to help you. In this regard, Liles Parker can provide you with the advice and counsel you need. Our attorneys represent dental practices in both Medicaid and private payor dental audits. Moreover, we can assist you in assessing your current level of compliance so that you will be better prepared if your practice faces a UPIC audit in the future.

Robert Liles Healthcare AttorneyRobert W. Liles, J.D., M.B.A., M.S., serves as Managing Partner at the law firm Liles Parker, Attorneys & Counselors at Law.  Liles Parker attorneys represent dentists and dental practices around the country in connection with Medicaid claims audits and audits by private payors.  For a free initial consultation about UPIC dental audit, give us a call at: 1 (800) 475-1906.

[1] What does it mean if a contractor has been awarded a UPIC contract but it is designated as “Indefinite Delivery, Indefinite Quantity?”  This is a term that is used by the General Services Administration (GSA) when the agency is not yet in a position to determine, above a specified minimum, the precise quantities of supplies or services that the government will require during a contract period. Essentially, it means that the ZPIC contracts in the remaining jurisdictions remain in place and are winding down.  As those contracts terminate, the new UPIC contracts will be implemented.

[2] Qlarant was formally known as “Health Integrity, LLC” when it operated as a ZPIC for Zone 4.

[3] In contrast to their ZPIC predecessors (which are only responsible for auditing Medicare claims), UPICs are responsible for conducting program integrity audits of both Medicare AND Medicaid claims.

[4] For example, in 2017, the U.S. Attorney’s Office for the District of Nebraska unsealed an Indictment against a Nebraska-licensed dentist alleging that the dentist submitted approximately 129 claims to the Nebraska Medicaid program for dental services that the government alleges were never performed.  The defendant dentist has been charged with violations of Health Care Fraud, 18 U.S.C. §1347.

[5] In its earlier incarnation as a ZPIC, it was our experience that Health Integrity auditors sometimes conflated “medical necessity” with “coverage.”  This often resulted in audit findings proclaiming that one or more services rendered were allegedly not medically necessary, when in fact the services were medically necessary, they just didn’t qualify for coverage under the payor’s contract.

[6] See Footnote #5.

[7] In our review of dental claims, the lack of adequate documentation has been identified as the primary reason cited by auditors when denying payment.  Dentists and dental professionals MUST review federal and state regulatory requirements, along with applicable contractual obligations to ensure that their documentation practices are fully compliant with coverage and payment rules.

[8] For example, in November 2017, the U.S. Attorney’s Office for the Southern District of New York unsealed a Complaint against a New York licensed dentist and a non-licensed individual performing unauthorized dental services.  As the Complaint reflects, some of the Medicaid claims billed were associated with patients who had been recruited to the dental practice and paid kickbacks of $25 to undergo minimal dental procedures.

[9] Improper coding practices can take a wide variety of forms.  While “upcoding” and “billing for services not rendered” are perhaps the most common violations cited by dental claims auditors.  We have also seen instances where dentists or dental practices have rendered non-covered services but have miscoded the services so that they would qualify for coverage and payment.

[10] While every dental practice is different, a common billing error that we have identified in our compliance reviews has been that dental practices often fail to credential new dentists with one or more payors in a timely fashion.  Instead, the practices improperly bills for the dental services rendered by a non-credentialed provider under the number of a credentialed provider.  We have found this problem when auditing both Medicaid and private payor dental claims.  This improper practice can lead to the repayment of overpayments, referral to one’s State Dental Board, liability under the civil False Claims Act, and, in more serious cases, in criminal prosecution.

[11] https://www.medicaid.gov/medicaid/cost-sharing/out-of-pocket-costs/index.html

[12] For a more detailed discussion of how UPIC audits are generated, please see: Medicare Program Integrity Manual, Chapter 2, §2.3.  The sources utilized by UPICs are the same as those relied on by ZPICs.

Next Page »