Liles Parker PLLC
(202) 298-8750 (800) 475-1906
Washington, DC | Houston, TX
San Antonio, TX | Baton Rouge, LA

We Defend Healthcare Providers Nationwide in Audits & Investigations

Healthcare Data Mining Audits: Impact on Medicare Providers and Suppliers

(June 27, 2012):  Healthcare data mining has become quite routine.  For instance, in a recent case involving a Missouri psychologist, the provider was indicted and arrested on two counts of healthcare fraud and forgery. At the heart of this case was the fact that the psychologist allegedly submitted claims to Medicare and Medicaid that were virtually impossible for a single individual to perform. In fact, the indictment stated that the physician worked every day except for Christmas from mid-2008 to early 2012, when he was arrested. In other words, he worked three and a half years straight, seven days a week, with only four Christmases away from the practice. Obviously, this data raised a few red flags for Medicare fraud fighters. As both interest and concern in the provision of national health care has risen, the current administration has aggressively pursued fraudsters who have improperly billed Medicare, Medicaid and private health plan payors. Not surprisingly, additional funding has accompanied these increased investigative and prosecutorial efforts.

As the government has increased its pressure on fraudulent providers, both law enforcement organizations such as the Department of Health and Human Services, Office of Inspector General (HHS-OIG) and contractors of the Centers for Medicare & Medicaid Services (CMS) have become increasingly adept at identifying and pursuing fraudulent and / or potentially fraudulent billing activities by abusive health care providers.

I.     How is the Government Using Healthcare Data Mining Audits?

Generally, the two primary targeting tools used by CMS contractors and law enforcement to identify wrongdoing are:  (1) Data Mining, and (2) Complaints.  This article focuses on the first targeting tool, the use of healthcare data mining. We will address “complaints” in detail in a later article.

At the outset, it is important to keep in mind that the government has been accumulating utilization, coding and billing data since the passage of the Medicare and Medicaid programs in 1965 as part of Title XVIII of the Social Security Act.  Over the past 40 years, the government has carefully studied this data, identifying trends and noting irregularities. Both HHS-OIG and CMS contractors (including, but not limited to Zone Program Integrity Contractors (ZPICs), Recovery Audit Contractors (RACs), and Medicaid Integrity Contractors (MICs)) are able to effectively use data mining to analyze various aspects of the coding and billing data submitted by billing health care providers. These entities employ experts in database management and use  sophisticated techniques to “slice and dice” the Medicare and Medicaid billing and coding data.  In doing so, they are able to compare providers by practice area, geography, time, and a practically endless number of other factors. They can then effectively identify any “outliers” which may be present when their billing patterns are compared to those of their peers.

For instance, in the case described above, healthcare data mining has become quite common.  It was clearly used to review the psychologist’s claims history and determine that what he was billing was likely both impossible and fraudulent.  Nevertheless, it is important to always keep in mind that although data mining may strongly suggest that a provider is engaging in improper conduct, at the end of the day, an outlier is merely a provider whose billing patterns differ from those of his / her peers.  A review of the documentation must still be conducted to ascertain whether, in fact, fraudulent conduct has occurred.  While ZPICs and MICs handle the majority of the data mining work being conducted, when the data appears to suggest that fraudulent conduct is taking place, providers should expect HHS-OIG and possibly the Department of Justice or the Federal Bureau of Investigations to step into investigation.  Unfortunately, while data mining can detect aberrant patterns in billing data, it can’t explain them, and often times, this leaves well-intentioned providers facing scrutiny if their billing history appears aberrant for an otherwise innocent reason.  For instance, a specialist who is renowned in his area of practice may be referred serious, highly complex patients by his peers. This could result in his billing patterns appearing to be different from those of similarly-situated physicians.  Despite the fact that there is an innocent explanation for the specialist’s billing patterns, the data alone may appear to suggest that fraud is taking place.  Health care providers should take affirmative steps to determine whether their coding and billing patterns are “normal” or whether their practices are irregular when compared to other providers.

To be clear, just because your coding and billing practices differ from those of your peers does not necessarily mean that you are engaging in improper conduct.  Nevertheless, if you are an outlier, we strongly recommend that you carefully analyze your internal practices in an effort to identify why your utilization history differs from those of your peers.  Perhaps you are, in fact, improperly coding or billing for services rendered.  If so, you will need to determine the scope of any overpayment and work with your legal counsel to promptly reimburse the government.  As we have repeatedly advised our clients, “If it isn’t yours, give it back.” Upon review, if your coding and billing practices appear skewed, you need to be ready to explain why your utilization rate is different if audited by a CMS contractor or investigated by law enforcement.

II.    Helpful Tools When Conducted an Internal Assessment:

If you are a Compliance Officer, part of your responsibilities includes the identification and repayment of any improper billings. While you can’t completely eliminate the risk of an audit, there are several tools that can help your organization determine how your utilization rates compare to those of your peers.  Among these tools is one of our personal favorites – DecisionHealth’s “E/M Bell Curve Data Book,” which gives a visual overview of the Center for Medicare and Medicaid Services’ (CMS’) Evaluation and Management (E/M) data rates for 59 different specialties. For instance, a general practitioner can look at his established patient office visits (CPT© codes 99211 – 99215) and compare his utilization rates to the national average for the same CPT© codes. This data can be extremely useful in assessing an office’s billing practices and patterns and give confidence to a provider whose rates are similar to the national average.

Another effective tool, especially for non-E/M practices, such as home health agencies and hospices, is the “The Dartmouth Atlas of Health Care,” which provides a variety of data tools to evaluate Medicare spending by county. Not only does this interactive website have average-spending-per-Medicare-beneficiary maps, it also has a tool which allows providers to examine national and state benchmarks for a variety of statistics. These include Medicare reimbursements, hospice, skilled nursing facility, and home health agency utilization rates, surgical procedures and more. Applied correctly, this data can be instrumental in a practice’s self-evaluation and gives providers significant insight into their own billing patterns.

III.     How Should You Respond to Healthcare Data Mining Audits?

Staying fully compliant with all of Medicare’s and / or Medicaid’s rules and regulations can be a quite a challenge.  Nevertheless, as a participating provider, you have affirmatively agreed to meet that obligation.  As providers are constantly reminded, serving as a participating provider is a privilege, not a right.  Unfortunately, even with the best tools, physicians, group practices, clinics, home health agencies and other providers may still find themselves subject to Medicare post-payment and / or prepayment audits by a ZPIC (and now by a RAC). Reviewers and auditors employed by Medicare contractors are highly experienced, knowledgeable and skilled in assessing the propriety of a claim.  They have years of experience handling audits and are quite good at identifying deficiencies in your documentation, regardless of how minor you may believe those  deficiencies might be.  While it is essential to understand your obligations as a Medicare participant, it is equally important to understand how and why practices get audited.  As discussed in earlier articles, while you may not be able to avoid an audit, you can do your very best to help ensure that upon review, a CMS contractor will find that your practices fully meet Medicare rules and regulations.  The development, implementation and adherence to an effective Compliance Plan is the single best step you can take to avoid regulatory problems.

Robert LilesRobert Liles is the managing member of Liles Parker PLLC. Robert represents providers in Medicare providers around the country in postpayment audits and appeals, and similar appeals under Medicaid. In addition, Robert counsels clients on regulatory compliance issues, performs gap analyses and internal reviews, and trains healthcare professionals on various legal issues. For a free consultation, call Robert today at: 1 (800) 475-1906.

Data Mining is Being Used for ZPICs Targeting Purposes

ZPIC Targeting

(November 16, 2011):  Many providers believe that their practice is a normal one – average billings, average patient load, costs of care which are consistent with industry standards – and that they need not be concerned with undergoing a Medicare post payment audit for being a “statistical outlier.” As you may know, Medicare and Medicaid contractors rely heavily on “data mining” to identify potential audit targets. With data mining, Zone Program Integrity Contractors (ZPICs) and other program integrity contractors working for the Centers for Medicare and Medicaid Services (CMS) can look at historical billing data, as well as billing date from regional and local peers of a particular provider, and determine if that particular provider’s billings appear suspect.

I.  What Role Does Data Mining Play in ZPIC Targeting?

While a provider might think its billing is in line with or below that of its peers, it is very important to remember that the Medicare post payment auditors are experts in “slicing and dicing” the data in so many ways that virtually every provider could show up as an outlier. For instance, perhaps the cost per patient, cost per procedure or cost per service plotted high, or maybe the total number of services per patient was high. For length-of-stay (LOS) providers, perhaps the total number of days of service on average was high or the billings per day ended up being high.

II.  Are Your Coding Utilization Ratios Different Than Those of Your Peers?

Moreover, even if a provider thinks they run a “tight ship,” a lot of Medicare claim reimbursement is dictated by the medical necessity of the services provided to each patient. For instance, a provider may have a string of highly complex, highly demanding patients, who need more in-depth care. These same providers may have gained a local reputation for handling high complexity cases, thereby resulting in higher-than-average billing practices.  When a program integrity conducts data mining, outliers will quickly be identified and targeted for audit. Today, ZPICs and other Medicare auditors are actively looking out for providers with aberrant billing practices and have many ways of interpreting the relevant information to justify their audit decisions.

Robert W. Liles, J.D., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law.  Mr. Liles has extensive experience handling Medicare prepayment and postpayment audits and appeals. For more information or to speak to Mr. Liles, please call 1 (800) 475-1906 today for a free consultation.

Predictive Modeling: ZPICs Using Data Mining to Identify Medicare Fraud

ZPICs Are Using Predictive Modeling and Data Mining to Target Medicare Providers(April 15, 2011): Over the last decade, the Centers for Medicare and Medicaid Services (CMS) and its contractors (Zone Program Integrity Contractors (ZPICs), Program Safeguard Contractors (PSCs) and Recovery Audit Contractors (RACs)),  have steadily assembled an extensive database of the coding and billing practices of Medicare providers around the country.  Analyzing this data, contractors have been able to identify the profile of a “typical” provider for each specialty.  With this information, Medicare contractors are better able to identify changes in the coding and / or billing habits of a particular provider.   Providers whose billing practices are significantly different from those of their peers may also be easily identified.  The purpose of this article is to provide an overview of the government’s current use of  “data mining”  and “predictive modeling”  techniques.

I. Introduction:

CMS’s computerized database of claims and services billed to the Medicare program covers a comprehensive record of the bills submitted by health care providers for payment.  Over the years, Medicare contractors and law enforcement have steadily refined their ability to analyze this enormous amount of quantitative data.  In addition to assisting with the government’s efforts to estimate future growth in the size of the Medicare program, this database has enabled  Medicare contractors and law enforcement to employ highly sophisticated data mining techniques, thereby identifying (1) health care providers whose current coding and billing actions appear to have deviated from their prior practices, and (2)  Medicare providers whose coding and / or billing actions are significantly different from those of their peers.  Typical factors considered when using data mining techniques for targeting purposes have included, but are not limited to:

A Medicare provider’s specific area of practice.

A Medicare provider’s practice location.

The types and frequency of health care services or supplies billed to Medicare.

The relative size of a provider’s practice, clinic or health care related organization (based on the number of Medicare billing providers employed).

Through an examination of these factors or data elements, Medicare contractors and law enforcement have been able to identify health care providers whose coding and / or billing practices make them “outliers” when their actions are compared to similarly-situated Medicare providers.  Once a health care provider has been identified as an “outlier,” further action may be taken. Typical “data mining” actions taken by ZPICs, PSCs,, RACs and / or law enforcement have historically included:

  • An unannounced site visit by the ZPIC or PSC to the Medicare provider’s practice location.
  • Sending a request for supporting documentation related to a limited number of claims (often less than 10, this type of review is generally referred to as a “Probe Audit”).
  • Sending a request for supporting documentation related to 30 claims or more (these claims are often then used by the ZPIC or PSC as a “sample” in order to calculate an alleged overpayment based on extrapolated damages).
  • Sending a demand letter for an alleged overpayment based on an “automated” review of the data conducted by a RAC or ZPIC.
  • Using “data mining” to identify outlier’s whose billing practices warrant to initiation of an investigation by law enforcement.

II. The Use of “Data Mining” to Identify Post-Payment Improper Practices:

While Medicare contractors such as RACs, PSCs and ZPICs long utilized post-payment data mining to identify providers who appear (based on their assessment of the data) to have likely engaged in improper billing activities, the regular use of data mining by the Department of Justice to identify criminal targets is a fairly recent practice.  As Lanny A. Breuer, Assistant Attorney General of the Department of Justice’s (DOJ’s) Criminal Division indicated last August:

“In 2007, the Criminal Division of the Justice Department refocused our approach to investigating and prosecuting health care fraud cases. Our investigative approach is now data driven: put simply, our analysts and agents review Medicare billing data from across the country; identify patterns of unusual billing conduct; and then deploy our “Strike Force” teams of investigators and prosecutors to those hotspots to investigate, make arrests, and prosecute. And as criminals become more creative and sophisticated, we intend to use our most aggressive investigative techniques to be right at their heels.” (emphasis added).

As law enforcement has readily acknowledged, postpayment billing data is being effectively utilized to “identify patterns of unusual billing conduct.”   Using data mining as a targeting tool, the government is able to quickly focus its investigative and audit resources on specific providers whose coding / billing practices fall outside the scope of what would normally be expected.

III.  The Use of Predictive Modeling to Minimize Wrongdoing:

While identifying improper billing practices after-the-fact has proven enormously helpful, law enforcement has also taken  steps to identify problem providers much sooner in the process, thereby minimizing the amount of improper billing that may be submitted to Medicare for payment.  As HHS Secretary Kathleen Sebelius stated on March 15, 2011, during the joint HHS / DOJ “Detroit Fraud Prevention Summit,” HHS is moving away from the “old pay and chase model.”  According to Secretary Sebelius:

“. . . Instead of the old ‘pay and chase’ model, we’re getting proactive.

Late last year we issued a solicitation for state-of-the-art analytic tools to help predict and identify fraudulent claims as soon as they are submitted, so we can stop payment before it goes out the door.

These are the same type of predictive modeling tools that banks and insurance companies use to identify potential fraud before it occurs. They are how your credit card company can raise the alarm if they see a dozen flat-screen televisions charged to your card in one day. . ..” (emphasis added).

While post-payment claims data analyses will likely play a role in identifying overpayments, the government is serious about stopping health care fraud as soon possible in the process.  While the government cannot “predict” wrongdoing before it happens, based on a complex analysis of various factors, it can effectively identify wrongdoers so quickly that the amount of improper claims paid by the government can be dramatically reduced.

IV.  Provider Concerns:

Many providers are concerned that the government’s heavy reliance on predictive measures such as data mining to identify targets may subject a provider to an unjustified audit or investigation.  Moreover, there is a concern that data mining might create an unwarranted presumption that a Medicare provider has engaged in improper billing practices.  Unfortunately, even if ultimately shown to be incorrect, a provider can spend an enormous amount of money defending itself in connection with a post-payment claims audit.  Providers placed on pre-payment review as a result of data mining can be especially hard-hit.  It is not at all unusual for providers to remain on pre-payment review for six to twelve months (or even longer).  During this time period, cash-flow is interrupted and many providers find it almost impossible to remain in business.

V.  How to Avoid Being a Target: 

In today’s environment of sophisticated data mining, it is essential that Medicare providers have a clear picture of how their coding and billing practices compare to those of their peers.  To be clear, both Medicare contractors and law enforcement recognize that a provider’s practices may differ in one aspect or another from those of their peers.  Moreover, those differences can result in billing practices which might make a provider appear to be an “outlier.”   There are a number of companies who publish benchmarking charts which make it relatively easy for a physician or other provider to compare their billing practices to that of their peers.

To be clear, just because a provider’s coding and billing practices differ from those of their peers (in the same specialty area), does not necessarily mean that a provider’s practices are improper. In recent years, we have seen providers who were targeted by a PSC or ZPIC precisely because their utilization rates of certain codes exceeded those of their peers.   In at least one case, we found that a provider was recognized as an “expert” by his peers and often received highly-complex referrals by other Medicare providers. As a result, the number of highly complex Evaluation and Management (E/M) reviews conducted exceeded those of similarly situated providers.  Having said that, if a provider were to find that its billing practices did not match of its peers, it could conceivably find that its understanding of the coding requirements was incorrect and that remedial training was immediately needed.

In either case, the bottom line is clear – all providers have an obligation to try and ensure that services billed to Medicare meet applicable statutory and regulatory requirements governing coverage and medical necessity.  If your organization is subjected to an audit, it is essential that you determine whether your billing practices fully comply with the rules.  If so, you must be prepared to explain to Medicare contractors or law enforcement why the anomalies identified through data mining or predictive modeling are not evidence of fraud or overpayment.  Providers facing this situation should work with experienced legal counsel to ensure that the arguments to be presented fully address the government’s concerns.  Failure to do so may result in an expansion of the government’s audit.

Robert W. Liles defends health care providers in Medicare auditsRobert W. Liles, J.D., M.B.A., M.S., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law. Liles Parker attorneys and staff have extensive experience representing health care providers in connection with Medicare contractor audits and / or investigations.  Should you find that your organization is facing a ZPIC, PSC or RAC audit, please give us a call for a complimentary consultation regarding your case.  Call us at: 1 (800) 475-1906.       

NCI-Owned AdvanceMed Will Remain the ZPIC Responsible for Zones 2 and 5.

NCI-owned AdvanceMed is Expected to Remain Actively Auditing Medicare Providers.(April 10, 2011):  Last week, it was announced that NCI, Inc., one of the nation’s most successful information technology companies had acquired the outstanding capital stock of AdvanceMed Corporation (AdvanceMed), an affiliate of CSC.  While the acquisition went largely unnoticed by the health care provider community, the transaction may, in fact, be quite significant.  With this acquisition by NCI, a recognized powerhouse in information technology, Medicare and Medicaid providers should expect AdvanceMed’s expertise in data mining and investigations to continue to grow.  Medicare and Medicaid providers have an affirmative obligation to ensure that operations, coding and billing activities fully comply with applicable statutory and regulatory requirements.  As NCI-owned AdvanceMed continues to fine-tune its data mining efforts and further expands its ability to conduct “Predictive Modeling,” providers will likely find their actions under the microscope like never before.  It is therefore imperative that all health care providers immediately implement an effective Compliance Plan (if they have not already done so) or further enhance their current compliance efforts. The purpose of this article is to briefly report on NCI-owned AdvanceMed and discuss the changes, if any, that Medicare providers and suppliers should expect.  An overview of the current ZPIC environment is also provided.

I.  Background of NCI’s Acquisition of AdvanceMed:

NCI first announced its plans to acquire AdvanceMed last February.  As NCI’s February 25th News Release noted (in part):

“The Obama Administration has emphasized reducing fraud, waste, and abuse in Federal entitlements. AdvanceMed is ideally positioned to support the program integrity initiatives of CMS and other Federal Government agencies. . . We are extremely pleased to have AdvanceMed join NCI and believe that this acquisition will provide NCI an outstanding platform to address this rapidly growing market opportunity.”  (A complete account of NCI’s announcement can be found at the above link). 

In recent years, AdvanceMed has positioned itself to where it now has multiple contracts with the Federal government.  In addition to serving as a Zone Program Integrity Contractor (ZPIC) for Zone 2 and Zone 5, the contractor also serves as Program Safeguard Contractor (PSC) in areas not yet converted to the ZPIC system of contractor review.  Additionally, the contractor also serves as a Comprehensive Error Rate Testing (CERT) contractor.  On the Medicaid side, AdvanceMed also serves as a Medicaid Integrity Contractor (MIC).  While a host of other contractors have been awarded contracts covering other zones and program areas, AdvanceMed’s growth has been undeniably impressive.  As NCI announced as part of April 4th “News Release” covering the acquisition:

“AdvanceMed is a premier provider of healthcare program integrity services focused on the detection and prevention of fraud, waste, and abuse in healthcare programs, providing investigative services to the Centers for Medicare and Medicaid Services (CMS). Serving CMS since 1999, AdvanceMed has grown rapidly, demonstrating the value and return on investment of the Federal Government’s integrity program activities.

AdvanceMed employs a strong and experienced professional staff, which leverages sophisticated information technology, data mining, and data analytical tools, to provide a full range of investigative services directed to the identification and recovery of inappropriate Medicare and Medicaid funds. AdvanceMed supports healthcare programs in 38 states with a staff of more than 450 professionals, including information specialists, nurses, physicians, statisticians, investigators, and other healthcare professionals.

AdvanceMed has multiple contracts with CMS under the Zone Program Integrity (ZPIC), Program Safeguard (PSC), Comprehensive Error Rate Testing (CERT), and Medicaid Integrity (MIC) programs. All of these programs are executed under cost plus contract vehicles. The largest contracts-ZPIC Zone 5 and ZPIC Zone 2-were awarded in late 2009 and 2010 and have five-year periods of performance.

The acquisition price was $62 million. Included within the price is a recently completed, state-of-the-art data center to support the ZPIC Zone 5 and ZPIC Zone 2 contracts. Additionally, NCI will make a 338(h)(10) election, enabling a tax deduction, which is expected to result in a tax benefit with an estimated net present value of approximately $6 million to $8 million. NCI expects the transaction to be slightly accretive to 2011 earnings.

As of the end of March 2011, AdvanceMed has a revenue backlog of approximately $300 million with approximately $51 million of that amount being currently funded. Revenue for the trailing 12 months ending March 31, 2011, is estimated to be approximately $51 million, all of which was generated from Federal Government contracts, and 99% of the work performed as a prime contractor. NCI’s AdvanceMed 2011 revenue, covering the nine-month period of April 2, 2011, to December 31, 2011, is estimated to be in the range of $43 million to $47 million (the equivalent of $57 million to $63 million on a full 12-month basis), with the midpoint reflecting a full-year growth of approximately 16%. . . “   (A complete account of NCI’s statement can be found at the link indicated above).

II.  Overview of the ZPIC Program:

The following comments are intended to provide an overview of the ZPIC program and is not focused on any ZPIC in particular.  Under the Medicare Prescription Drug, Improvement and Modernization Act of 2003 (MMA), CMS was required to take a number of steps intended to streamline the claims processing and review process:

Using competitive measures, CMS was required to replace the current Medicare Fiscal Intermediaries (Part A) and Carriers (Part B) contractors with Medicare Administrative Contractors (MACs).

After setting up the new MAC regions, CMS created new entities, called Zone Program Integrity Contractors (ZPICs)

These actions were intended to consolidate the existing program integrity efforts.  Over the last 2 — 3 years, ZPICs have been taking over PSC audit and enforcement activities around the country.

At the time of transition, there were twelve PSCs that had been awarded umbrella contracts by CMS. As these contracts have expired, CMS has transferred the PSCs’ fraud detection and deterrence functions over to ZPICs.   Of the seven ZPIC zones established in the MMA, CMS has awarded contracts for a number of the zones. CMS is still working to issue awards for the final ZPIC zones.  The seven ZPIC zones include the following states and / or territories:

  • Zone 1 – CA, NV, American Samoa, Guam, HI and the Mariana Islands.
  • Zone 2 – AdvanceMed: AK, WA, OR, MT, ID, WY, UT, AZ, ND, SD, NE, KS, IA, MO.
  • Zone 3 – MN, WI, IL, IN, MI, OH and KY.
  • Zone 4 – Health Integrity: CO, NM, OK, TX. 
  • Zone 5 – AdvanceMed: AL, AR, GA, LA, MS, NC, SC, TN, VA and WV.
  • Zone 6 – PA, NY, MD, DC, DE and ME, MA, NJ, CT, RI, NH and VT.
  • Zone 7 – SafeGuard Services: FL, PR and VI.

In many instances, these changes have been more of a “name change” rather than a substantive change in the way claims will be audited. ZPIC responsibilities are generally the same as those currently exercised by PSCs. While ZPIC overpayment review duties have not appreciably changed, the number of civil and criminal referrals appear to be increasing. In our opinion, ZPICs clearly view their role differently than that of their PSC predecessors.  ZPICs clearly view themselves as an integral part of the law enforcement team, despite the fact that they are for-profit contractors.  In consideration of their ability to recommend to CMS that a provider be suspended or have their Medicare number revoked, and / or refer a provider to law enforcement for civil and / or criminal investigation, providers should take these contractors quite seriously.

Both ZPICs and PSCs have traditionally asserted that unlike their RAC counterparts, they are not “bounty hunters.”  ZPICs are not paid contingency fees like RACs but instead directly by CMS on a contractual basis.  Nevertheless, common sense tells us that if ZPICs aren’t successful at identifying alleged overpayments, the chances of a ZPIC’s contract with CMS being renewed are likely diminished.  Additionally, experience has shown us that despite the fact that ZPICs are expected to adhere to applicable Medicare coverage guidelines, a ZPIC’s interpretation and application of these coverage requirements may greatly differ from your understanding of the same provisions.  In recent years, ZPICs have been aggressively pursuing a wide variety of actions, including but not limited to:

  • Prepayment Audit.  After conducting a probe audit of a provider’s Medicare claims, the ZPIC may place a provider on “Pre-payment Audit” (also commonly referred to as Prepayment Review).  Unlike a postpayment audit, there is no administrative appeals process that may be utilized by a provider for relief.  Having said that, there are strategies that may be utilized by a provider which may assist in keeping the time period on prepayment review at a minimum.
  • Postpayment AuditAudits conducted by ZPICs primarily involve Medicare claims that have already been paid by the government.  After reviewing these claims, it is not uncommon for a ZPIC to find that the audited provider has been overpaid.  Having said that, the ZPICs we have dealt with appear to apply a strict application of the coverage requirements, regardless of whether a provider’s deviation from the rules is “de minimus” in nature.  In doing so, it is not unusual to find that a provider has failed to fully comply with each and every requirement.  Depending on the nature of the initial sample drawn, a ZPIC may extrapolate the damages in a case, significantly increasing the alleged overpayment.  In doing so, the ZPIC is effectively claiming that the “sample” of claims audited are representative of the universe of claims at issue in an audit.
  • Suspension.  While the number of suspension actions taken by ZPICs has steadily increased in recent years,  Medicare providers should expect to see this number continue to grow.  Under the Affordable Care Act (often informally referred to as the “Health Care Reform” Act), CMS’ suspension authority has greatly expanded.   
  • Revocation.  As with suspensions, we have seen a sharp increase in the number of Medicare revocation actions taken over the last year. The reasons for revocation have varied but have typically been associated with alleged violations of their participation agreement. In some cases, the ZPIC contractors found that the provider has moved addresses and did not properly notified Medicare. In other cases, a provider was alleged to have been uncooperative during a site visit. Finally, there were a number of instances where the provider allegedly did not meet the “core” requirements necessary for their facility to remain certified.
  • Referrals for Civil and Criminal Enforcement.  ZPICs are actively referring providers to the OIG (which can in turn refer the case to the U.S. Department of Justice for possible civil and / or criminal enforcement) when a case appears to entail more that a mere overpayment. However, just because a referral is made doesn’t mean that it will prosecuted. In many instances, OIG (and / or DOJ) will decline to open a case due to a variety of reasons, such as lack of evidence, insufficient damages, etc.).

 III.  Steps Providers Can Take Now, Before They are Subjected to a ZPIC Audit:

In responding to a ZPIC audit, it is important to remember that although they may not technically be “bounty hunters,” it is arguably to their benefit to find that an overpayment has occurred. These overpayments are often based on overlapping “technical” (such as an incorrect place of service code) and “substantive” (such as lack of medical necessity) reasons for denial. In recent years, the level of expertise exercised by ZPICs is often quite high — noting multiple reasons for denial and concern.

Unfortunately, the reality is that most (if not all) Medicare providers will find themselves the subject of a ZPIC, CERT, RAC or other type of claims audit at some point in the future.  In our opinion, the single most effective step you can take to prepare for a contractor audit is to ensure that your organization has implemented and is adhering to an effective Compliance Plan.  A comprehensive assessment of an organization’s coding and billing practices is one element of an effective plan.  Several general points to consider also include:

Keep in mind your experiences with PSCs and other contractors.  The lessons you have learned responding to PSC, CERT and RAC audits can be invaluable when appealing ZPIC overpayments.  As you will recall, the appeals rules to be followed are virtually the same.

Monitor OIG’s Work Plan.  While often cryptic, it can be invaluable in identifying areas of government concern.  Are any of the services or procedures your organization currently provides a focus of HHS-OIG’s audit or investigative?

Keep an eye on RAC activities.  Review the service-specific findings set out in annual RAC reports.  Review targeted areas carefully to ascertain whether claims meet Medicare’s coding and medical necessity policies.

You never realize how bad your documentation is until your facility is audited. While many providers start out “over-documenting” services (to the extent that there is such a thing), a provider’s documentation practices often become more relaxed as time goes on – especially when the provider has not been audited for an extended period of time.  In such situations, both physicians and their staff may fail to fully document the services provided.  Moreover, the care taken to ensure that all supporting documentation has been properly secured may have also lapsed over the years.

Review your documentation.  Imagine you are an outside third-party reviewer.  Can an outsider fully appreciate the patient’s clinical status and the medical necessity of treatment?  Are the notes legible and written is a clear fashion?  Compare your E/M services to the 1995 or 1997 Evaluation and Management (E/M) Guidelines – have you fully and completely documented the services you provided?  If dealing with skilled services, have you fully listed and discussed both the need for skilled services and the specific skilled services provided?

IV. Closing Thoughts on NCI-Owned AdvanceMed:

Imagine a ZPIC hands you a claims analysis rife with alleged errors, an indecipherable list of statistical formulas, and an extrapolated recovery demand that will cripple your practice or clinic. What steps should you take to analyze their work? Based on our experience, providers can and should carefully assess the contractor’s actions, particularly the use of formulas and application of the RAT-STATS program when selecting a statistical sample and extrapolating the alleged damages based on the sample.  To be clear, not all statistical extrapolations will be flawed.  Depending on the steps taken by the ZPIC’s statistician,  to the Over the years, we have challenged the extrapolation of damages conducted by Medicare contractors around the country, including tens of thousands of claims. Regardless of whether you are a Skilled Nursing Facility providing skilled nursing and skilled therapy services, an M.D. or D.O. providing E/M services, a Home Health company or a Durable Medical Equipment (DME) company, it is imperative that you work with experienced legal counsel and statistical experts to analyze the actions take by a ZPIC.

Robert W. Liles defends health care providers in Medicare auditsLiles Parker attorneys and staff have extensive experience representing a wide range of Medicare providers in audits by ZPICs and other CMS program integrity contractors.  Should you have questions regarding an inquiry from a ZPIC or RAC that you have received, please feel free to give us a call for a complimentary consultation.  We can be reached at:  1 (800) 475-1906.