Liles Parker PLLC
(202) 298-8750 (800) 475-1906
Washington, DC | Houston, TX
San Antonio, TX | Baton Rouge, LA

We Defend Healthcare Providers Nationwide in Audits & Investigations

The CMS Fraud Prevention System is Proving to be an Invaluable Targeting Tool for ZPIC Audits.

Under the Fraud Prevention System, ZPICs are using data mining tools such as predictive modeling.

(February 14, 2013): With the passage of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Department of Justice (DOJ) and the Department of Health & Human Services, Office of Inspector General (OIG) were allocated dedicated funding to be devoted to the identification, prevention and prosecution of health care fraud.  These law enforcement agencies were given sufficient funding to significantly ramp-up the number of investigations and prosecutions for violations of civil and criminal fraud violations.  Over the last 15 years, various additional statutes have been passed (such as the Affordable Care Act (ACA)) which have provided both new investigation and prosecution efforts with even more funds and tools to facilitate the identification and review of improper claims.

 I.   Predicting Modeling is Being Used to Fight Fraud:

 While both the DOJ and OIG have remained at the forefront of innovation when it comes to identifying and prosecuting post-payment cases involving alleged fraud, it is important to keep in mind that the Centers for Medicare & Medicaid Services (CMS) launched an ambitious national project of its own in 2010 which was designed not merely to collect overpayments from improper providers, but also to “obstruct” wrongdoers from committing fraud in the first place.  Essentially, CMS has adopted a number of the predictive modeling tools that have been used for many years by credit card companies to thwart thieves.  For instance, if you live in Houston Texas, rarely travel and never purchase alcoholic beverages, a credit card issuer will find it odd that your credit card is now being used in New York City to purchase expensive champagne.  Practically all credit card issuers carefully track their card members’ buying habits and the locations where purchases are made.  When a vendor tries to run such a charge, the credit care issuer may place the transaction on hold, ask to speak to the card holder, or call the card holder to verify that their card has not been stolen.  While the identification strategies may differ, CMS is essentially employing these same tools to identify potentially fraudulent individuals and entities who are seeking to be admitted to the Medicare program.  Moreover, CMS contractors now use these modeling tools to identify specific claims which appear to be improper, thereby blocking their payment in the first place so that the government is not later forced into another “Pay and Chase” situation.

Ultimately, CMS has made it clear that the agency’s old method of “Pay and Chase” is becoming more and more obsolete with each passing day.  As sad as it is, CMS cannot risk the integrity of the Medicare Trust Fund by continuing to employ a pay and chase strategy.  Instead, CMS is now focusing its efforts on keeping bad actors out of the Medicare program in the first place.  A key part of their new strategy involves the effective use of a relatively new (it is now one year old) Fraud Prevention System to identify potential instances of health care fraud prior to the payment of such claims.  CMS’ use of the Fraud Prevention System can greatly reduce the likelihood of wrongdoers being able to enroll in the Medicare system.

What is the Fraud Prevention System?  Essentially, CMS’ Fraud Prevention System initiative allows CMS (and its contractors such as Zone Program Integrity Contractors (ZPICs) and Recovery Audit Contractors (RACs) to conduct state-of-the-art predictive modeling and data analytics of Medicare claims in an effort to ferret out possible fraud.  Notably, CMS now systematically applies this and similar tools to Medicare claims on a nationwide basis.

II.   First Year Results of Fraud Prevention System:

Over the course of its first year in operation, CMS has reported the following accomplishments as a result of their use of Fraud Prevention System:

  • Met and exceeded legislative requirements and timeline.
  • Implemented the Fraud Prevention System nationwide, better coordinating fraud-fighting efforts across program integrity contractors’ jurisdictions.

  • Developed complex and sophisticated Fraud Prevention System models as a result of nationwide implementation, strong stakeholder partnerships, and a rigorous governance process.
  • Achieved a positive return on investment (ROI), saving an estimated $3 for every $1 spent in the first year.
  • Prevented or identified an estimated $115.4 million in payments.
  • Generated leads for 536 new investigations by CMS’s program integrity contractors and augmented information for 511 pre-existing investigations. 

III.   CMS “Twin Pillars” Approach Towards Fighting Health Care Fraud:

According to CMS, the agency’s adaptation of the Fraud Prevention System represents the first of its “Twin Pillars” approach toward fighting health care fraud.  As CMS writes:

“The pillars represent an integrated approach to program integrity—preventing fraud before payments are made, keeping ineligible providers and suppliers and other bad actors out of Medicare in the first place, and quickly taking administrative actions to stop payments to and/or remove wrongdoers from the program once they are detected.”

CMS’ second pillar is represented by the agency’s “Automated Provider Screening (APS) system.  The APS system facilitates the rapid identification of identifies ineligible health care providers and durable medical equipment suppliers both BEFORE they can enroll in the Medicare system and their enrollment and when their eligibility status changes (possibly due to loss of licensure, criminal conviction or exclusion).

To their credit, CMS has now implemented significant changes to the screening and enrollment process which will undoubtedly reduce the number of potential fraudulent claims submitted to the Trust Fund for payment.

IV.   Predictive Modeling and Data Analytics are Providing Targeting Data for ZPIC Audits and RAC Audits:

Using the Fraud Prevention System for predictive modeling and data analytic purposes can be effective targeting tool, thereby providing ZPICs and RACs with a narrowed list of health care providers who are outliers (in terms of the services they are providing or their coding/billing practices) to be audited.  ZPIC audits can take a number of forms, ranging from an unannounced visit to a provider’s place of service to a review which results in the ZPIC’s recommendation to CMS that a provider’s Medicare number should be revoked or suspended.

Over the course the first year, CMS estimates that it has “stopped, prevented, or identified an estimated $115.4 million in payments.”  When compared to the cost of the program, CMS calculated that the Fraud Prevention System resulted in an estimated savings, prevention or recovery of $3 for every $1 spent.

During this same time period, CMS’ use of this system resulted in 536 new investigations by agency  program integrity contractors (including ZPIC audits) and helped provide additional support for approximately 511 investigations which had been initiated prior to the implementation of the Fraud Prevention System.  Importantly, CMS indicated that the Fraud Prevention System has helped them target wrongdoers, focus their audit and investigative resources, and take administrative action against health care providers suspected of engaging in fraudulent or improper activities (administrative action might include temporary suspension from the program or revocation of a provider’s Medicare number – both of which are extremely serious and are likely to result in the bankruptcy of a company).

V.     Conclusion:

For many years now, we have strongly recommended that health care providers actively engage in a “gap analysis” of their business, care, coding and billing practices.  Without such an analysis, it is extremely difficult for a provider to know (with any real level of certainty) whether they are currently “compliant” with applicable laws, rules and regulations OR whether they are merely continuing down the wrong path.  A gap analysis is an integral part of an effective Compliance Plan and Program.  If you have not already done so, we encourage you to initiate this process so that you can learn whether your current practices may appear to be aberrant to CMS or its program integrity contractors.

robert_w_lile-150x150Robert W. Liles serves as Managing Partner at Liles Parker, a boutique health law firm.  Liles Parker attorneys represent health care providers around the country and are more than happy to work with your local counsel, if needed.  Should you have any questions regarding these issues, call Robert for a free consultation.  He can be reached at:  1 (800) 475-1906.

Predictive Modeling: ZPICs Using Data Mining to Identify Medicare Fraud

ZPICs Are Using Predictive Modeling and Data Mining to Target Medicare Providers(April 15, 2011): Over the last decade, the Centers for Medicare and Medicaid Services (CMS) and its contractors (Zone Program Integrity Contractors (ZPICs), Program Safeguard Contractors (PSCs) and Recovery Audit Contractors (RACs)),  have steadily assembled an extensive database of the coding and billing practices of Medicare providers around the country.  Analyzing this data, contractors have been able to identify the profile of a “typical” provider for each specialty.  With this information, Medicare contractors are better able to identify changes in the coding and / or billing habits of a particular provider.   Providers whose billing practices are significantly different from those of their peers may also be easily identified.  The purpose of this article is to provide an overview of the government’s current use of  “data mining”  and “predictive modeling”  techniques.

I. Introduction:

CMS’s computerized database of claims and services billed to the Medicare program covers a comprehensive record of the bills submitted by health care providers for payment.  Over the years, Medicare contractors and law enforcement have steadily refined their ability to analyze this enormous amount of quantitative data.  In addition to assisting with the government’s efforts to estimate future growth in the size of the Medicare program, this database has enabled  Medicare contractors and law enforcement to employ highly sophisticated data mining techniques, thereby identifying (1) health care providers whose current coding and billing actions appear to have deviated from their prior practices, and (2)  Medicare providers whose coding and / or billing actions are significantly different from those of their peers.  Typical factors considered when using data mining techniques for targeting purposes have included, but are not limited to:

A Medicare provider’s specific area of practice.

A Medicare provider’s practice location.

The types and frequency of health care services or supplies billed to Medicare.

The relative size of a provider’s practice, clinic or health care related organization (based on the number of Medicare billing providers employed).

Through an examination of these factors or data elements, Medicare contractors and law enforcement have been able to identify health care providers whose coding and / or billing practices make them “outliers” when their actions are compared to similarly-situated Medicare providers.  Once a health care provider has been identified as an “outlier,” further action may be taken. Typical “data mining” actions taken by ZPICs, PSCs,, RACs and / or law enforcement have historically included:

  • An unannounced site visit by the ZPIC or PSC to the Medicare provider’s practice location.
  • Sending a request for supporting documentation related to a limited number of claims (often less than 10, this type of review is generally referred to as a “Probe Audit”).
  • Sending a request for supporting documentation related to 30 claims or more (these claims are often then used by the ZPIC or PSC as a “sample” in order to calculate an alleged overpayment based on extrapolated damages).
  • Sending a demand letter for an alleged overpayment based on an “automated” review of the data conducted by a RAC or ZPIC.
  • Using “data mining” to identify outlier’s whose billing practices warrant to initiation of an investigation by law enforcement.

II. The Use of “Data Mining” to Identify Post-Payment Improper Practices:

While Medicare contractors such as RACs, PSCs and ZPICs long utilized post-payment data mining to identify providers who appear (based on their assessment of the data) to have likely engaged in improper billing activities, the regular use of data mining by the Department of Justice to identify criminal targets is a fairly recent practice.  As Lanny A. Breuer, Assistant Attorney General of the Department of Justice’s (DOJ’s) Criminal Division indicated last August:

“In 2007, the Criminal Division of the Justice Department refocused our approach to investigating and prosecuting health care fraud cases. Our investigative approach is now data driven: put simply, our analysts and agents review Medicare billing data from across the country; identify patterns of unusual billing conduct; and then deploy our “Strike Force” teams of investigators and prosecutors to those hotspots to investigate, make arrests, and prosecute. And as criminals become more creative and sophisticated, we intend to use our most aggressive investigative techniques to be right at their heels.” (emphasis added).

As law enforcement has readily acknowledged, postpayment billing data is being effectively utilized to “identify patterns of unusual billing conduct.”   Using data mining as a targeting tool, the government is able to quickly focus its investigative and audit resources on specific providers whose coding / billing practices fall outside the scope of what would normally be expected.

III.  The Use of Predictive Modeling to Minimize Wrongdoing:

While identifying improper billing practices after-the-fact has proven enormously helpful, law enforcement has also taken  steps to identify problem providers much sooner in the process, thereby minimizing the amount of improper billing that may be submitted to Medicare for payment.  As HHS Secretary Kathleen Sebelius stated on March 15, 2011, during the joint HHS / DOJ “Detroit Fraud Prevention Summit,” HHS is moving away from the “old pay and chase model.”  According to Secretary Sebelius:

“. . . Instead of the old ‘pay and chase’ model, we’re getting proactive.

Late last year we issued a solicitation for state-of-the-art analytic tools to help predict and identify fraudulent claims as soon as they are submitted, so we can stop payment before it goes out the door.

These are the same type of predictive modeling tools that banks and insurance companies use to identify potential fraud before it occurs. They are how your credit card company can raise the alarm if they see a dozen flat-screen televisions charged to your card in one day. . ..” (emphasis added).

While post-payment claims data analyses will likely play a role in identifying overpayments, the government is serious about stopping health care fraud as soon possible in the process.  While the government cannot “predict” wrongdoing before it happens, based on a complex analysis of various factors, it can effectively identify wrongdoers so quickly that the amount of improper claims paid by the government can be dramatically reduced.

IV.  Provider Concerns:

Many providers are concerned that the government’s heavy reliance on predictive measures such as data mining to identify targets may subject a provider to an unjustified audit or investigation.  Moreover, there is a concern that data mining might create an unwarranted presumption that a Medicare provider has engaged in improper billing practices.  Unfortunately, even if ultimately shown to be incorrect, a provider can spend an enormous amount of money defending itself in connection with a post-payment claims audit.  Providers placed on pre-payment review as a result of data mining can be especially hard-hit.  It is not at all unusual for providers to remain on pre-payment review for six to twelve months (or even longer).  During this time period, cash-flow is interrupted and many providers find it almost impossible to remain in business.

V.  How to Avoid Being a Target: 

In today’s environment of sophisticated data mining, it is essential that Medicare providers have a clear picture of how their coding and billing practices compare to those of their peers.  To be clear, both Medicare contractors and law enforcement recognize that a provider’s practices may differ in one aspect or another from those of their peers.  Moreover, those differences can result in billing practices which might make a provider appear to be an “outlier.”   There are a number of companies who publish benchmarking charts which make it relatively easy for a physician or other provider to compare their billing practices to that of their peers.

To be clear, just because a provider’s coding and billing practices differ from those of their peers (in the same specialty area), does not necessarily mean that a provider’s practices are improper. In recent years, we have seen providers who were targeted by a PSC or ZPIC precisely because their utilization rates of certain codes exceeded those of their peers.   In at least one case, we found that a provider was recognized as an “expert” by his peers and often received highly-complex referrals by other Medicare providers. As a result, the number of highly complex Evaluation and Management (E/M) reviews conducted exceeded those of similarly situated providers.  Having said that, if a provider were to find that its billing practices did not match of its peers, it could conceivably find that its understanding of the coding requirements was incorrect and that remedial training was immediately needed.

In either case, the bottom line is clear – all providers have an obligation to try and ensure that services billed to Medicare meet applicable statutory and regulatory requirements governing coverage and medical necessity.  If your organization is subjected to an audit, it is essential that you determine whether your billing practices fully comply with the rules.  If so, you must be prepared to explain to Medicare contractors or law enforcement why the anomalies identified through data mining or predictive modeling are not evidence of fraud or overpayment.  Providers facing this situation should work with experienced legal counsel to ensure that the arguments to be presented fully address the government’s concerns.  Failure to do so may result in an expansion of the government’s audit.

Robert W. Liles defends health care providers in Medicare auditsRobert W. Liles, J.D., M.B.A., M.S., serves as Managing Partner at Liles Parker, Attorneys & Counselors at Law. Liles Parker attorneys and staff have extensive experience representing health care providers in connection with Medicare contractor audits and / or investigations.  Should you find that your organization is facing a ZPIC, PSC or RAC audit, please give us a call for a complimentary consultation regarding your case.  Call us at: 1 (800) 475-1906.