It’s been a long road. If you are now at the point of selecting an Independent Review Organization (IRO), more than likely you have already had to work through the arduous and costly process of responding to an underlying False Claims Act case or other government investigation. After working through the government’s concerns, you have finally arrived at the settlement stage of the resolution process. As part of your overall settlement with the government, the Department of Health and Human Services (HHS), Office of Inspector General (OIG) has agreed that if you (individually) and / or your health care organization enters into an administrative, contractual agreement with the agency, the OIG will not exercise its permissive exclusion authority. A Corporate Integrity Agreement (CIA) is typically required by the OIG when the settling party is a health care corporate entity. In contract, when dealing with an individual or small practice, the OIG will often put an Integrity Agreement (IA) in place. Under the terms of most CIAs and IAs, a health care provider must engage an outside, independent organization to perform the annual claims audits and / or reviews of business arrangements. Findings made by an IRO are reported to the OIG so that the agency can verify that the health care provider is complying with the claims portion of the CIA or IA.  This article examines a number of the issues you should consider when selecting an IRO in connection with your CIA or IA.
I. Why is it Important that the OIG Waive its Permissive Exclusion Authority?
The OIG is responsible for excluding certain individuals and / or entities from participation in Federal health care programs.  In some instances, the OIG is mandated by law to exclude a party. Situations where a mandatory exclusion is required typically involve a program-related conviction, a conviction related to patient abuse or neglect, or involve a felony controlled substances conviction. There are a wide variety of situations where the OIG may exercise its discretion when deciding whether or not to exclude an individual or entity. When the conduct is subject to a permissive exclusion action, the OIG may agree to waive an exclusion if an individual or entity agrees to enter into a CIA (when an organization is involved) or an IA (when an individual is involved). If you or your health care organization were to be excluded from participation, you would effectively be prohibited from participating in all Federal health care programs. As a result, not only would you not be able to participate in the Medicare program, you could not work for any participating provider or supplier. From a practical standpoint, “exclusion” is the nuclear bomb of administrative sanctions. The OIG’s waiver of its permissive exclusion authority is therefore essential.
II. Selecting an Independent Review Organization (IRO):
Among its many terms, a CIA / IA often requires that annual audits of the services and claims you bill to Medicare must be conducted by a qualified, outside third-party, known as an IRO. The OIG does not maintain a “list” of organizations that it has found to be acceptable. Nor will the OIG provide you with recommendations for you to consider. The choice is yours to make.Once you identify an IRO, the OIG will typically require that the IRO prepare an overview of its knowledge, skills and experience conducting audits and reviews of the type required under under your CIA / IA. After reviewing the proposed IRO qualifications, the OIG will advise you within 30 days if it does not find your choice to be acceptable.
Most IROs fall within three categories: (1) Accounting Firms, (2) Law Firms, and (3) Consultants. Each of these categories have their own advantages and disadvantages. As a health law firm, we believe that we are your best choice when choosing an IRO. Unlike most accounting firms, our business is health law. Our attorneys aren’t merely experienced health lawyers. The attorneys conducting your audits are Certified Professional Coders (CPCs), Certified Medical Reimbursement Specialists (CMRSs), and maintain additional certifications.
III. Annual Audits by an IRO are Typically Required in Claims-Based CIAs and IAs:
Almost every CIA also relies on an IRO to conduct periodic (typically annual) reviews of the types of claims that gave rise to the need for a CIA in the first place. While the IRO is responsible for assessing a sample of claims, the results of the audit are reported to the OIG. As a first step in the claims review process, an IRO must first pull a statistically-relevant sample of claims out of the universe of claims. To accomplish this, the IRO must have the knowledge, skills and ability to conduct statistical sampling, review the claims to see of the services meet Medicare’s medical necessity, documentation, coding and billing requirements.If an IRO finds that the error rate for the claims reviewed exceeds what is permissible under the terms of the agreement, the IRO may be required to expand the scope of the audit.
IV. An IRO Must be Independent and Conduct Reviews in an Objective Fashion:
Regardless of which IRO you choose, the government will insist that the reviewer is both independent and objective in the performance of its claims review. OIG has issued guidance clarifying how an IRO fulfills these requirements of independence and objectivity. This guidance substantially adopts the standards published by the Government Accounting Office known as the Yellow Book and applies them to circumstances where an IRO might engage in activities that impair its core review functions under the CIA. IRO objectivity requires “independence of mind and appearance,” while the IRO’s relationship with the provider cannot include conflicts of interest or other activities that interfere with the IRO’s functions spelled out in the CIA. OIG guidance also applies Yellow Book principles to situations where the auditor, which in this context encompasses an IRO, provides additional non-audit services that impede audit functions. Citing the Yellow Book , OIG guidance addresses two primary threats. First, where the auditor performs non-audit services that interfere with the effectiveness of its audit functions (referred to as the “self-review threat”) and second, where the auditor engages in management activities for the entity subject to the audit (referred to as the “management participation threat”).
A central question therefore concerns what non-audit services an IRO can perform without obstructing its responsibilities under the CIA. OIG guidance has further laid out a series of scenarios distinguishing permissible from impermissible non-audit services.
Permissible non-audit IRO services include:
(1) General compliance training.
(2) Routine activities involving the provider’s confidential disclosure program.
(3) Assessing strengths and vulnerabilities of the provider’s internal control system without the IRO taking corrective or other managerial actions in response to its assessments.
Impermissible non-audit IRO services include:
(1) The IRO allowing the provider to use its billing system or other software while also performing CIA-related reviews for the provider.
(2) Training specifically related to the CIA.
(3) Developing internal control systems or other policies for the provider.
(4) Managerial decision-making over the confidential disclosure program.
(5) Taking over the provider’s internal audit responsibilities.
V. Selecting an Appropriate IRO:
When a health care provider enters a CIA with the government, it faces a critical decision over which Independent Review Organization (IRO) to select for its claims review and related verification. While the OIG will not assist a provider in choosing an IRO, it does have the power to reject an IRO that it deems unqualified. An appendix attached to the CIA will often specify the qualifications of an IRO. A major burden nonetheless falls on providers when selecting an IRO, and providers must consider a wide range of factors in determining whether an IRO is appropriate for their needs. An unqualified IRO rejected by OIG will only delay a provider’s ability to finalize the CIA and ensure its participation in federal health care programs.
VI. Liles Parker is Experienced in Serving as an IRO:
Liles Parker, Attorneys and Counselors at Law is comprised of knowledgeable, experienced health lawyers, many of whom served in management and line Federal prosecutor slots in U.S. Attorney Offices around the country for the Department of Justice. Nevertheless, it is important to keep in mind that when serving as an IRO, there is no attorney-client privilege between our firm (in its capacity as an IRO) and the health care provider subject to the CIA. Benefits of engaging our firm to serve as the IRO on your CIA include:
Certified Coders. Our attorneys aren’t merely experienced health care lawyers, many are also Certified Coders who hold nationally recognized coding credentials through the American Academy of Professional Coders (AAPC).
Certified Billers. A number of our attorneys are Certified Medical Reimbursement Specialists who hold nationally recognized coding credentials through the American Medical Billing Association (AMBA). Additionally, one of our attorneys serves as outside legal counsel to AMBA.
Certified Compliance Officers. Our team understands compliance. In addition to the other certifications discussed above, several of our attorneys served as Assistant U.S. Attorneys and have extensive experience working on False Claims Act matters and cases, from both the perspective of a prosecutor and as defense counsel. Notably, Liles Parker is the only law firm in the country who employs TWO former prosecutors who both served as “National Health Care Fraud Coordinator” for the Executive Office for U.S. Attorneys. As such, our team has extensive experience working with government audits, investigations, and the primary statutes at issue in these cases (such as the False Claims Act, Stark, the Anti-Kickback Statute, etc.).
Licensed Physicians and Dentists. Liles Parker attorneys also include licensed professionals who are dual-licensed as both a lawyer and either a licensed physician or a licensed dentist. Both of these attorney / medical professionals are experienced in medical necessity, documentation, coding and billing issues.
NATIONWIDE Independent Review Organization (IRO) Services — 1 (800) 475-1906
Robert W. Liles serves as Managing Partner at the health law firm, Liles Parker, Attorneys and Counselors at Law. Mr. Liles and other Liles Parker attorneys are experienced in serving as a CIA related Independent Review Organization (IRO). Are you currently looking for a qualified IRO? If so, we can help. For a free initial consultation regarding your situation, call Robert at: 1 (800) 475-1906.
 For an overview of the CIA and IA process, see our summary at this link.
 The authority to exclude was granted to the Secretary of the Department of Health and Human services in the Civil Money Penalties Law (Public Law 97-35, 1981 (as codified at section 1128A of the SSA). The Secretary delegated it to its Office of Inspector General in 1988 (53 Fed. Reg. 12,993 (April 20, 1988)).
 The Generally Accepted Government Auditing Standards, also known as the Yellow Book, provides a framework for conducting high-quality audits with competence, integrity, objectivity, and independence.