From LilesParker.com

I.     ZPIC Prepayment Reviews:

Over the last year, Zone Program Integrity Contractors (ZPICs) have turned much of their attention to prepayment review, the process by which the Medicare contractor reviews a claim for problems before it is paid. Unlike postpayment audits, if your organization is placed on ZPIC prepayment review, there is very little you can do other try to identify the nature of deficiencies noted so that remedial action can be taken.  Being placed on prepayment review does not trigger any type of an administrative appeals process, thereby potentially making prepayment reviews incredibly damaging for a small provider or DME supplier. In addition, there is no concrete method for getting off ZPIC prepayment review – it is left essentially to the discretion of the contractor. Couple this with recent rules eliminating the time restrictions for a ZPIC to keep a provider on prepayment review, and the ZPIC could theoretically maintain a prepayment review action forever.

II.     Who do We Turn To if Our Company is Placed on Prepayment Review?

Recently, we noticed that some providers had attempted to turn to the Small Business Association (SBA) to sort out their problems with ZPICs and Medicare. While a creative option, it is not likely a solution that is going to get you very far.

The Centers for Medicare & Medicaid Services (CMS) and its contractors are not obliged to follow the direction of the SBA or many other entities, and even if they were, there is considerable support from the public and the government regarding the prepayment review process in light of the persistent Medicare fraud from which the program suffers. Instead, there are really only two options for responding to prepayment review.

First, you could file a suit for injunctive relief against CMS. For this option, you would hire an attorney to sue the government in the hopes that a federal judge would find that the ZPIC should be restrained from continuing its prepayment review. Normally, you would need to prove at least 3 things to obtain an injunction:

A cause of action against CMS;

A probable right to the relief sought (success on the merits); and

An imminent, irreparable harm.

Unfortunately, proving a cause of action against CMS or a ZPIC can be difficult, as can be proving irreparable harm (that is, something that can not be fixed with money). Just think about it – in what other industry would a consumer get to pay for something first and then find out if the product they bought it broken. But under the current Medicare system, that is exactly what is happening. The government is paying for medical services without seeing if they are legitimate until several years later. So the ZPIC prepayment review process is probably going to be upheld by a federal judge as a fair exercise of the government’s right to protect its funds. Moreover, ZPIC prepayment review does not involved the destruction of property or the loss of life (although there is possibly an access argument that could exist in certain situations), and usually unless one of these two elements is present, there is not “irreparable harm.” Instead, whatever harm actually does occur can be fixed with money. Because of these issues, it can be very hard, if not impossible, to successfully obtain injunctive relief. Add to this the costs and expenses associated with going to federal court, and this is not really a great option.

Second, we’ve developed a strategy to deal with ZPIC prepayment review based on our experience with clients who’ve gone through the process in the past. While this involves a lot of work and some great organizational skills, it is the only true way to get off of ZPIC prepayment review and stay off. Quite simply, you have to attempt to meet the ZPIC’s demands and requirements, until you’ve proven to them that you’ve cleared up any problems associated with your claims. The process can be drawn out, especially when it takes about 4 – 6 months for the ZPIC to make a decision on your first set of claims, but once you know what problems they’ve identified, you can proactively address those problems so that the ZPIC cannot rely on that issue moving forward. Eventually, the ZPIC will have nothing left to criticize, and with some well-placed calls from an attorney, will likely terminate the prepayment review. The lasting benefit of this option, of course, is that your claims should be easily defensible in any administrative, civil, or criminal action that may be brought against you. Through the course of this process, it is important to engage and retain qualified health law counsel to assist and advise you on aspects of the ZPIC prepayment review and specific coding, billing, and medical necessity issues identified.

III.     Conclusion.

ZPIC prepayment reviews are hard to address because there is no proverbial “silver bullet” to end it. And the government is turning to this effective tool more and more often, as it recognizes the fiscal benefits of preserving the Medicare trust fund. Nevertheless, it can cost honest providers tremendous time, energy, and in some cases their business. ZPIC prepayment review generally cuts off the cash flow of either 30, 70, or 100% of a provider’s Medicare claims as the ZPIC reviews those claims, and for most providers, this is too much to bear.  Nevertheless, those providers who have a lot at stake and the resources to survive for a substantial amount of time can and do make it out of ZPIC prepayment review.

Robert W. Liles counsels providers on prepayment review issues and represents clients in Medicare and Medicaid post-payment appeals. In addition, he advises clients on HIPAA compliance risks, HIPAA breach notification and implementing effective compliance plans.   Robert also performs gap analyses and internal reviews and trains healthcare professionals on compliance issues. For a free consultation, call Robert today at 1-800-475-1906.

ZPIC Audits ■ Medicare Audits

From LilesParker.com

ZPICs Have Conflict of Interest

HHS-OIG recently released a report concerning the professional independence of CMS contractors. Specifically, OIG identified that several organizations serving as Zone Program Integrity Contractors (ZPICs) had conflicts of interest, whereby the ZPIC “could be in the position of evaluating work performed or associated with its own company.” For instance, one ZPIC’s parent company had a contract with a Medicare Part D plan sponsor to provide technological implementation and operations. Another ZPIC’s parent company owned Medicare Part C and D plans which were at work throughout the country. Another ZPIC applicant’s parent company was also a Medicare Part C and D plan sponsor in the zones for which the ZPIC had submitted a proposal. Thus, each ZPIC could be put in the position of having to evaluate its work or the work of its parent organization.

Nevertheless, OIG found that each one of these potential conflicts had in some way been “mitigated.” This is done through screening processes and other techniques, by which those who bid on government contracts and perform the actual auditing duties of the ZPIC are not the same as those administer the company’s (or parent company’s) other programs. We’ve previously discussed some of the Medicaid contractors for various “hot-spot” cities, such as Baton Rouge and Houston, and you might find it interesting to note that a lot of Medicaid claims processing contractors or benefit integrity contractors are companies like Xerox (ACS) and HP (the same companies that you get copiers and computers from). Many of these large conglomerates have found that securing a bid for a Medicare or Medicaid contract can be a lucrative business, but because they are so large, there are often conflicts between the various divisions.

Looking specifically at OIG’s report, the report itself does not name names. It does not identify which companies specifically had conflicts, but does instead note that two of the five ZPIC contracts currently awarded have actual conflicts of interest. This can be a scary thought: what kinds of incentives do the people reviewing my claims for payment or denial have? Could they deny my claims because I’m in a certain state or region, but pay similar claims so that their claims processing department has better numbers? Well, it’s possible – but not probable. 

Effects on ZPIC Claim Review

At the end of the day, a ZPIC is a ZPIC and a RAC is a RAC. These Medicare contractors are designed to identify problematic claims, review them with a critical eye, and deny them if they don’t meet stringent technical and medical requirements. The simple fact that the ZPIC’s parent company owns other health care operations is probably not enough to affect the judgment of individual auditors. These auditors, anyway, are already looking for a reason to deny a claim. In fact, we have been in many situations when denial of 100% of a sample was not uncommon. ZPICs often cite multiple reasons for denying a claim when they update a provider on the results of the review, usually relying on both a technical aspect (missing signature/legibility) and a medical aspect (medically unnecessary service/documentation does not support the level billed). It’s been our experience that a strong and all-encompassing approach when appealing these denials is important.

CMS Changes to ZPIC Bidding

In any regard, the OIG’s report came down hard on CMS for failing to adequately screen ZPICs and their subcontractors before awarding them contracts, noting that, “[c]urrently, CMS does not use a written policy or standard checklist to facilitate its review of Organizational Conflict of Interest Certificates. In addition, we found no documentation showing that CMS conducted a review of some offerors’ and subcontractors’ certificates. In some cases, even after CMS had requested revised certificates, required conflict and financial interest information was still missing.” In other words, CMS ignored a number of its duties in pre-screening ZPICs for possible and actual conflicts. As a result, OIG recommended that CMS develop more formal policies and procedures for reviewing conflict of interest problems and that CMS require bidders to more thoroughly note any actual or potential conflicts.

Robert Liles represents providers in Medicare post-payment audits and appeals, and similar appeals under Medicaid. In addition, Robert counsels clients on regulatory compliance issues, performs gap analyses and internal reviews, and trains healthcare professionals on various legal issues. For a free consultation, call Robert today at 1-800-475-1906.

ZPIC Audits ■ Medicare Audits

I.     HHS-OIG Report Concerning Texas HHAs.

A recent report by HHS-OIG found that a substantial number of home health agency (HHA) billings in Texas were fraudulent or inappropriate. The report noted that several common schemes were identified among home health agencies and used to sort out potentially fraudulent providers, including:

1. Overlapping with claims for inpatient hospital stays

2. Overlapping with claims for skilled nursing facility stays

3. Billing for services on dates after beneficiaries’ deaths

The HHS-OIG, CMS, and CMS Contractors (ZPICs, RACs, and MACs) are using comparative data mining to view HHS claims under a microscope, looking for any clues of impropriety, such as the errors above. Importantly, OIG found that one in four HHAs (25%) exceeded one of its sample thresholds that indicated questionable billing. Of all those HHAs with questionable billing, the majority were located in Texas.  HHS-OIG recommended to CMS that several processes occur:

1. Implement a claims processing edit or improve existing edits to prevent inappropriate HHA payments for the three specific errors identified above

2. Increase monitoring of billing for home health services

3. Enforce and consider lowering the 10-percent cap on the total outlier payments an HHA may receive annually

4. Consider imposing a temporary moratorium on new HHA enrollments in Florida and Texas

5. Take appropriate action (i.e. audits and overpayment recovery) regarding the inappropriate payments OIG identified in its sample.

II.     What Do These Things Mean To Your Texas Home Health HHA?

For Texas providers, the most important takeaway is that OIG has recommended (and CMS has stated it will implement) a moratorium on new HHA enrollment. That means no new agencies in the state of Texas, and, if the ban ever gets lifted, every new HHA application will be scrutinized with the utmost care. Moreover, if you close down your business, lose a provider number, or attempt to re-open an HHA, you may not be able to successfully accomplish that in Texas. In addition, CMS may even consider a reassessment of every re-enrollment application it receives from HHAs in the state of Texas.

Moreover, OIG recommended enforcement of the 10% cap on annual outlier payments. This means that an HHA who is an outlier (perhaps because of an unusually complex patient load or a large degree of business) may see their payments capped at 10% greater than the “standard” payment numbers. For an HHA that is expending a lot of resources on staff and providing high quality care to complex beneficiaries, this could represent a real problem.

Finally, CMS and Health Integrity (the Texas ZPIC) will likely closely monitor each and every HHA claim. While HHAs will continue to receive funding under the Prospective Payment System (PPS), expect a substantial increase of both post payment audits and prepayment audits. As Health Integrity begins administrative audits of those HHAs that were targeted in the sample (they may not even know their claims were reviewed since the process was entirely data-driven), many agencies may face increased scrutiny and across-the-board payment denials.

III.     What You Can Do for Your Family

There are 2 steps each HHA should take. First, if you haven’t already done so, implement an effective compliance plan. Second, retain an experienced Medicare post payment audit appeals attorney to represent you through the appeals process.

A compliance plan will give your organization the tools and understanding it needs to ensure that claims are coded and billed in an appropriate fashion and that your company’s business practices and arrangements comply with the numerous laws concerning patient referrals and illegal payments. An effective compliance program begins with a gap analysis and usually includes all seven elements of a compliance plan as a framework. It is important that your staff receives comprehensive training and clear, consistent guidance on what you and your organization expect from each individual member with regards to compliance. For more ways to do this, call us today.

Second, if you have received any correspondence from Health Integrity, you should not hesitate to call an experienced Medicare appeals attorney. Both before the audit results come and after, an attorney skilled in Medicare audits and appeals can give you the guidance you need to give your claims their best chance at eventual payment. While the process can be long and arduous, in many cases it is “do or die” for your business. Health Integrity regularly imposes overpayment demands of one million dollars or more when auditing HHA claims. When the stakes are that high, you need someone on your side you can trust and who knows how this process works.

Robert W. Liles represents providers in Medicare post-payment audits and appeals, and similar appeals under Medicaid. In addition, Robert counsels clients on regulatory compliance issues, performs gap analyses and internal reviews, and trains healthcare professionals on various legal issues. For a free consultation, call Robert today at 1-800-475-1906.

ZPIC Audits ■ Medicare Audits

MIC and MFCU Dental Audits Introduction

Medicaid dental fraud is growing worse throughout the country, and not just in states traditionally prone to fraud like Florida and Texas. Because of this, Medicaid dental audits and investigations are uncovering fraudulent dental practices in states such as Rhode Island, Connecticut, Massachusetts, and Virginia, as well as the rest of the country.

In fact, dental providers in Connecticut were recently indicted for operating a fraudulent Medicaid billing scheme, stealing nearly $20 million from the Connecticut Medicaid Program. In this case, although the chief architect of the scheme had been excluded from the Medicare and Medicaid programs in 1998, he continued to operate several dental practices in the Northeast from 2005 until his arrest in 2012. In addition, he recruited other dentists to serve as the face of the dental practice entities which billed millions of dollars in false or unnecessary dental service claims. Federal agents recently arrested all the alleged conspirators and charges are currently pending.

Use of MIC Dental Audits Increasing

What this and other cases bring to light is the fact that more and more often, both Federal and state governments are focusing on dentistry as a source of significant fraud, waste, and abuse. Investigators and auditors alike are recognizing that there are sometimes serious deficiencies in dental claims billing, and more importantly, they are redoubling their efforts to fix it. If you are a provider of dental services, expect that both Medicare and Medicaid contractors (ZPICs and RACs for Medicare and MICs and MRACs for Medicaid) will be gearing up to audit dental claims throughout the country. To be clear, Medicare only covers dental services that are  necessary due to an underlying covered condition. Medicare contractors, therefore, only audit dental claims to the extent they relate to a covered condition. Nevertheless, MIC audit efforts have already begun in states such as Texas, where both government contractors and the state’s Health and Human Services Commission (HHSC) Office of Inspector General (OIG) have initiated reviews.

Steps to Avoiding a MIC Dental Audit

So what can you do as a dental provider to reduce the risk of a Medicaid audit? As dental Medicaid audits become more common, you need to ensure that both your business operations and your billing and coding functions are performed in compliance will all applicable guidelines and regulations, both Federal and state. The simplest way to do this is to designate a compliance officer and implement an effective Compliance Plan for your practice. The benefits of a Compliance Plan are innumerable; by creating a roadmap for excellence in internal operations, your office will operate more efficiently and recognize and follow your affirmative duties as a Medicare/Medicaid provider. In addition, your staff will better understand their unique role in your organization and work hard to ensure that treatment and revenue management are conducted in accordance with applicable laws. Finally, your risk of exposure, both to government audits and investigations and to medical malpractice claims, will be reduced by the implementation and maintenance of an effective Compliance Plan.

Unfortunately, even with the best tools, dentists, orthodontists, and other providers may still find themselves subject to audits. Reviewers and auditors employed by Medicare and Medicaid contractors are highly experienced, knowledgeable and skilled in assessing the propriety of a claim.  They have years of experience handling audits and excel at identifying deficiencies in your documentation, regardless of how minor you may believe those  deficiencies might be.  While it is essential to understand your obligations as a Medicare/Medicaid participant, it is equally important to understand how and why practices get audited.  As discussed in earlier articles, while you may not be able to avoid an audit, you can do your very best to help ensure that upon review, a CMS contractor will find that your practices fully meet specific Medicaid rules and regulations.  The development, implementation and adherence to an effective Compliance Plan are the most important steps you can take to avoid regulatory problems.

Robert Liles is the managing member of Liles Parker PLLC. Located in our Washington, D.C., office, Robert represents providers in Medicare and Medicaid post-payment audits and appeals. In addition, Robert counsels clients on regulatory compliance issues, performs gap analyses and internal reviews, and trains healthcare professionals on various legal issues. For a free consultation, call Robert today at 1-800-475-1906.

ZPIC Audits ■ Medicare Audits

Michael Cook and Robert Liles, partner and managing member of Liles Parker, respectively, are extensively quoted in an article published in the May 2012 issue of Provider Magazine.  Provider Magazine is the official publication of the national trade association for nursing and skilled nursing providers.  The article, entitled “Fraud Fighters Mine Data,” focuses on the fact that skilled nursing facilities (SNFs) have seen a substantial uptick in both the volume and level of aggressiveness of ZPICs in their audits of SNF providers.  The article discusses how ZPICs are utilizing data mining techniques and predictive modeling to target SNFs that they believe have a high prevalence of submitting claims for residents in the Ultra High Resource Utilization Groups (Ultra High RUGs).

The article discusses not only the increase in volume, but also the fact that ZPIC auditors are showing up at facilities without notice, and often demanding to see records and interview staff during the middle of the day, when the staff are also responsible for delivering resident care.  The article also discusses the likely driver of the audits, a report from HHS-OIG, and why a high prevalence of patients falling within the Ultra High RUGs may not signify any improper billing, but rather simply reflect the fact that treatment of what previously was labeled sub-acute patients, and the increasing of acuity in the resident complement, may simply represent current  and cost efficient use of resources.

In the article, Mr. Cook and Mr. Liles comment on steps that SNF providers can take in protecting themselves against these audits, not only through the appeals process, but also through the implementation of strong compliance and quality assurance programs, as well as training of staff on how to respond to these audits.  While the article is specific to ZPIC audits of SNFs, the preventive strategies discussed by Liles Parker attorneys are transferable to all provider groups, including home health agencies, durable medical equipment suppliers, hospices, and physicians.

The link to the article is http://www.providermagazine.com/archives/archives-2012/Pages/0512/Fraud-Fighters-Mine-Data.aspx.

Liles Parker attorneys have extensive experience working with nursing facilities and other providers and their associations on matters of this nature.  This includes working with clients on compliance issues, audits, appeals, and training.  For a free consultation, contact Michael Cook or Robert Liles at 202-298-8750.

ZPIC Audits ■ Medicare Audits

I.  HHA Compliance Background:

Over the past few weeks, several important events and issuances have occurred which should have home health agencies (HHA) in Texas, Oklahoma and the rest of the country rethinking the adequacy of their existing HHA compliance efforts. While the practices of many home health agencies have long been a concern of the Department of Health and Human Services, Office of Inspector General (HHS-OIG) and the Centers for Medicare & Medicaid Services (CMS), the government’s apprehension appears to be at an all-time high.  Last week, HHS-OIG issued yet another report recommending that CMS further tighten its oversight of home health providers through the implementation of additional sanctions for non-compliant home health agencies.  Notably, HHS-OIG’s report has been issued on the heels of a significant home health fraud investigation centered in the Dallas, Texas area which was reportedly initiated by Health Integrity, the Zone Program Integrity Contractor (ZPIC) covering Texas and Oklahoma.

II.  HHS-OIG’s Home Health Report of Fraud and Abuse:

On March 2, 2012, HHS-OIG issued a report entitled, “Intermediate Sanctions for Noncompliant Home Health Agencies” which examined CMS’ ongoing efforts to identify and sanction home health agencies that were non-compliant with Medicare’s applicable conditions of participation. As detailed in the report, CMS (formerly known as the Health Care Financing Administration (HCFA)) was directed in 1987 to develop and implement “intermediate sanctions” against home health providers violating Medicare rules. These sanctions were anticipated to include civil monetary penalties (CMPs), Medicare payment suspension, and even appointment of temporary management of a noncompliant agency. Initially required to implement these sanctions under the Omnibus Budget Reconciliation Act of 1987 (OBRA 1987), CMS issued a Notice of Proposed Rulemaking in 1991, but subsequently withdrew this notice in 2000.

CMS has stated that it anticipates publishing new proposed rules in September 2012 addressing these “intermediate sanctions.”  Frankly, home health providers and their associates cannot continue down the current path.  While both CMS and HHS-OIG recognize the important role played by home health agencies in the care and treatment of homebound Medicare beneficiaries, the government has made it abundantly clear that participating providers must fully comply with applicable medical necessity, coverage, documentation, coding and billing rules.  Non-compliant providers are being immediately suspended and / or excluded from participating in the Medicare program.  Moreover, health care providers who engage in nefarious activities are being aggressively prosecuted.

III.  Health Integrity’s Audit of Home Health Agencies:

Since winning the contract in 2009, Health Integrity, the Zone 4 ZPIC covering Texas, Oklahoma, New Mexico and Colorado, has conducted a wide variety of Medicare post-payment audits throughout Zone 4.  To their credit, Health Integrity’s audits have not been limited to merely large metropolitan areas.  Rather, the ZPIC is in the process of “leaving no stone unturned,” conducting audits and reviews of home health agencies throughout Zone 4, regardless of size, revenues and / or location.

To be clear, Health Integrity’s audits have not been limited to only home health services.  The ZPIC has actively reviewed the operational, coding and billing practices of a wide variety of Part B health care providers in Zone 4.  Nevertheless, the ZPIC does appear to have redoubled its audits of home health agencies in Texas and Oklahoma who appear to be outliers through data-mining activities. After reviewing the homebound status of both prior and current patients, clinicians working for Health Integrity have been thoroughly assessing the care and treatment provided by billing home health agencies.  After carefully assessing the medical records forwarded by the home health agency, in many cases Health Integrity has concluded that it is appropriate to seek extrapolated damages based on the post-payment audit conducted.

IV.  Health Integrity is on the Front Line of Home Health Fraud Identification:

Despite the fact that most Texas home health agencies are doing their best to operate within the four corners of the law, there are still a number of providers who are continuing to engage in wrongdoing. Texas home health providers recently received significant negative media coverage for fraudulent and abusive billing practices allegedly committed by agencies within their ranks. As you may have heard, just last week a physician and several home health agency “recruiters” in the Dallas-Fort Worth area were indicted in the largest Medicare fraud scheme in history, allegedly totaling nearly $375 million for home health services either not needed or never provided. Additionally, it was noted that over 75 home health agencies to whom referrals were made have also been implicated in the wrongdoing.  Such an enormous scheme only further demonstrates the fact that fraudulent activity in home health services is continuing, despite the fact that mostTexashome health providers are well-meaning organizations, trying in good faith to provide medically necessary services to our nation’s most sick and disabled. Nevertheless, such accusations only increase suspicion and scrutiny of the entire home health industry in this region.

In a separate incident, a news reporter recently had a healthy, yet elderly, woman pose undercover as a potential home health patient when visiting a physician in South Texas.  The reporter noted that the healthy patient was allegedly improperly diagnosed and certified for home health services. While some providers may be concerned about the use of patients in undercover sting operations such as this, the fact is that improper conduct is occurring, at both the physician referral and the home health agency level, clearly illustrating why law enforcement is concerned that fraud is continuing to occur in this area of practice. In light of these and similar cases, it is clear why Health Integrity appears to be “ramping up” its reviews of home health providers throughout Texas and Oklahoma.

V.  What HHA Compliance Steps Can a Provider Take to Reduce Risk?

To be clear, there is no proverbial “silver bullet” that can be used by a home health agency to avoid the scrutiny of Health Integrity and / or law enforcement.  Every home health agency in Texas and Oklahoma should expect to be audited.  Rather than wait for such an eventuality, home health agencies should affirmatively review their operations, coding and billing practices to ensure that their practices squarely fall within the rules.  Although not all-inclusive, the following five steps can serve as an excellent starting point when preparing for an audit of your agency’s home health claims:

Recommendation #1: Don’t assume that your current practices are compliant, check them out! Conduct a “gap” analysis and implement an effective HHA Compliance Plan.  While most, if not all, home health agencies will profess to have an HHA Compliance Plan already in place, the real question is whether the existing plan is “effective,” or merely a sample that was obtained by the agency in the past.  No two home health agencies are alike.  As a first step, a home health provider needs to engage qualified legal counsel to advise the organization on whether the agency is properly operating at a baseline level of HHA compliance.  If not, remedial steps must be taken so that the agency can move forward in a compliant fashion.

As you will recall, Section 6401 of the Affordable Care Act (ACA) (generally referred to as the “Health Care Reform Act”) states, “. . . a provider of medical or other items or services or supplier within a particular industry, sector or category shall, as a condition of enrollment in the program under this Title . . . establish a compliance program.”  Although HHS-OIG has not announced the deadline for home health agencies to meet this requirement, it is only a matter of time before all health care providers who choose to participate in the Medicare program must have an effective HHA Compliance Plan in place in order to remain a participating provider.

Recommendation #2: As you review your claims, you should abide by the following:  First, “If it doesn’t belong to you, give it back.”  Conversely, “If you don’t owe the money, don’t throw in the towel.”  One of the attorneys in our firm is regularly asked to speak at provider conventions around the country.  For years, he has told providers “If it doesn’t belong to you, give it back.”  This simple concept covers a lot of ground when it comes to Medicare overpayments and is the single best policy you can employ as a good corporate citizen.

Recommendation #3: Don’t merely focus on your claims.  Are your business practices fully compliant with applicable laws and regulations?  Health Integrity and other ZPICs serve an essential role in identifying overpayments and other wrongdoing by health care providers. While an audit will almost always include a request for medical records, you should keep in mind that Health Integrity will not merely be examining your medical documentation.  Should you receive a request for documents, it will probably be broken into two major parts. The first section will likely be focused on business-related records such as the following: 

“Business contracts or agreements with other providers, suppliers, physicians, businesses or individuals in place during a specific period.  Additionally, any verbal agreements must be summarized in writing.

A listing of all current and former employees (employed during a specific period), along with their hire date, termination date, reason for leaving, title, qualifications, last known address, phone number.

• A list of all practice locations, along with their address and phone number.
• Leases.
• Employment agreements.
• Medical Director contracts.” 

One purpose of this section is to assist the ZPIC in identifying potential business practices which may constitute a violation of the Federal Anti-Kickback Statute, Stark Laws and / or the False Claims Act.  Should the ZPIC identify a possible violation, it will readily refer the case to CMS, HHS-OIG and / or DOJ, depending on the nature of the potential violation.

In contrast to the first section of the ZPIC’s request, the second section of the request will usually list the patient records and dates of service to be audited.  The number of dates of service audited differs from case to case.  Regardless of whether the ZPIC requests supporting documentation related to 5 claims or 50 claims, it is essential that you never ignore a request for information.  If additional time is needed to assemble the requested information, call the contractor.  Health Integrity has generally been cooperative with providers needing additional time to gather the records being requested.

Recommendation #4: Remember learning how to “drive defensively” in high school?  Your documentation practices should be approached in a similar fashion.   When is the last time that you have reviewed the applicable documentation requirements set out in the Medicare Administrative Contractor’s latest Local Coverage Determination guidance covering the services you are providing?  Health Integrity’s auditors are excellent at identifying one or more deficiencies in your documentation. While you may disagree with the ultimate conclusions reached by their clinicians, you should not completely discount their assessments.  Health Integrity’s findings should be carefully analyzed so that any problems with your documentation can be promptly addressed.

Recommendation #5: Engage qualified legal counsel and clinical experts to assist with your efforts. If your home health agency is audited, we strongly recommend that you engage qualified legal counsel, with experience handling this specific type of case.  Moreover, don’t be afraid to ask for references and to inquire about the anticipated cost of an engagement.  While it is often difficult to estimate legal costs due to the various factors faced when handling a ZPIC audit case, most experienced health lawyers can give you a range of expected legal fees.

VI.  Conclusion:

While an effective HHA Compliance Plan cannot fully shield an organization from risk, the implementation of, and adherence to, an effective plan can greatly assist your home health agency in identifying weaknesses and taking corrective action before an audit occurs.  Now is the time to ensure that your practices are compliant – after an audit occurs, it may be too late.

Liles Parker is a full service health law firm, providing HHA compliance reviews, “gap analyses” and training to home health providers and their staff.  Our attorneys are also experienced in representing home health providers in the administrative appeal of overpayments identified in the Medicare post-payment audit process. Should you have any questions, please call us today at 1-800-475-1906 for a free consultation. 

ZPIC Audits ■ Medicare Audits

I.  What is a CERT Audit?

The “Comprehensive Error Rate Testing” (CERT) program was created as a tool for the Centers for Medicare and Medicaid Services (CMS) to assess whether Medicare Administrative Contractors (MACs) are paying claims properly. Essentially, the CERT audit serves as an integral management tool for CMS as well as an important feedback mechanism for the MACs. When problem areas are identified, they can be addressed by Medicare contractors with audit responsibilities.  Notably, several of the MACs around the country have been aggressively reasserting their program integrity roles.

Essentially, MACs write reimbursement checks on behalf of CMS.  As a result, they play a central role in the Medicare reimbursement process. Therefore, when a CERT auditor finds that a MAC has been incorrectly reimbursing providers for claims which may not qualify for coverage, it is very important that the MAC immediately address this system-wide deficiency.

II.  Recent Actions Taken by MACs in Response to CERT Audit Findings

In response to certain CERT audit findings, one MAC recently sent notification to providers of Evaluation and Management (E/M) services explaining that new “stringent corrective actions” will be taken to address some of the more common claims errors identified by the CERT auditors when conducting their reviews of MAC payment practices.  As recent correspondence to a provider reflects, MACs are taking the results of CERT audits quite seriously, and are expanding their program integrity efforts.  As one MAC recently wrote, the contractor stands ready to:

• Suspend a provider if that provider has “too many” payment errors (it does not state how many is “too many”);
• “[R]efer every physician” to that region’s ZPIC if those providers continue to bill for services which may constitute payment errors;
• “[R]efer every physician” to the ZPIC if there is a pattern of past payment errors; and,
• “[C]onduct prepayment reviews” of future claims, up to 100% of a provider’s claims.

To be clear, none of these potential corrective actions represent new authorities.  Nevertheless, the fact that MACs are now reasserting these points is reflective of CMS’ ongoing concerns regarding the prevalence of improper claims.  Indirectly, CMS is making it crystal clear that as the initial recipient and screener of Medicare claims submitted by providers for payment, MACs play an essential role in screening out improper claims and bad providers.  As Medicare’s primary gatekeepers, MACs are responsible for identifying both improper claims and providers who may be engaged in abusive and / or fraudulent practices.

III.  What Should You Do if You Are Notified of a CERT Audit?

Should you receive a CERT audit request for documents from a CERT Documentation Contractor (CDC), it is important to keep in mind that your practice or clinic is not being accused of fraud or wrongdoing.  Fundamentally, a CERT audit is primarily designed to identify deficiencies and mistakes made by Medicare contractors.  Nevertheless, it is imperative that you take a CERT audit request quite seriously.  At the end of the day, it will be you, not the MAC, who is responsible for any overpayments identified as a result of the audit. Moreover, bad results on a CERT audit may lead to further auditing in the future.

IV.  What Actions Should a Compliance Officer Take to Avoid Being Audited?

As an organization, if you are subjected to a CERT audit, the “horse is already out of the barn,” so to speak.  Your goal is to review and monitor your organization’s coding, billing and utilization practices on an ongoing basis so that improper claims are never submitted to your MAC in the first place.   In most cases, you can check your MAC’s website to determine if their CERT auditor has already identified certain areas of concern. For instance, one MAC recently reported that out of 508 errors identified in a CERT audit of certain Medicare claims, the contractor found that:

• 311 errors were due to “insufficient documentation.”  Notably, a majority of the errors in this category were because the medical record “did not contain a valid physician’s signature” or because a diagnostic test performed “did not contain a valid physician’s order” or an identification of the provider who rendered the service.
• 132 errors were due to “lack of medical necessity” based on the medical documentation submitted.
• 37 errors were due to “incorrect coding” (primarily related to laboratory testing).
• 10 errors were due to “invasive procedures that were assessed to be without medically necessity.”
• 9 errors were due to an “incorrect procedure code” used when billing the service.
• 6 errors were the result of “billing for services that were not rendered.”
• 2 errors were due to “other errors.”
• 1 error was due to an “incorrect discharge code being used.”

Compliance Officers can take these “general” risk areas, add them to the “practice-specific” risk areas already noted, and take special note of these concerns when conducting internal reviews. The only way to avoid the scrutiny of Medicare’s various administrative contractors (MACs, ZPICs, RACs and CERT auditors) is to avoid payment errors altogether.  While no provider is perfect, the development, implementation and adherence to an effective Compliance Plan can significantly reduce the number of improper claims submitted by a provider to a MAC for reimbursement.

V.  What Actions Should a Compliance Officer Take After Receiving a CERT Audit Letter?

As Compliance Officer, upon receipt of a CERT audit request, you should carefully review the request and take steps to assemble a complete set of medical records and other supporting documentation related to the specific claims at issue.  It is important not only to make sure that your documentation is complete when sending in records to a CERT contractor, but to make sure that compliance is a daily part of your practice. Ensuring that your documentation is appropriate and accurately documents both medical necessity and the level of services performed can greatly assist you in avoiding trouble down the road.

Now, more than ever, it is important that you have an effective Compliance Plan in place.  Your Compliance Plan should explicitly set out your organization’s policies about how to correctly assess the need for, and document the services provided to a Medicare beneficiary. Otherwise, as demonstrated by the tough stance being taken by the MAC discussed above, CERT audits and other Medicare post-payment audits could raise serious problems for your practice.

Liles Parker attorneys represent health care providers in CERT, MAC, ZPIC and RAC audits and investigations.  Our attorneys have extensive compliance experience and can conduct “gap” analyses designed to place your practice or clinic on solid regulatory footing.  To speak with one of our attorneys, call 1-800-475-1906 for a free consultation today.

ZPIC Audits ■ Medicare Audits

ZPIC Audit Introduction

Has your Practice, Home Health Agency, Hospice, DME Company or PT / OT / ST Clinic been audited by a Zone Program Integrity Program (ZPIC)?  If not, it may only be a matter of time.  Despite your best efforts to follow Medicare’s directives, your organization may still be identified as an “outlier” by a ZPIC and subjected to a probe review or a full-blown ZPIC audit.  Should you receive a request for records from a ZPIC, being prepared - in advance of receiving a ZPIC audit - can help ensure your organization’s compliance with applicable documentation, coding and billing requirements.  The following recommendations can assist with those efforts:

Recommendation #1:   If you have not already done so, conduct a “gap” analysis and implement an effective Compliance Plan.  Despite the fact that significant strides in compliance have been made by large Medicare providers (such as hospitals and nursing homes),  it has been our observation that most physician practices and small-to-mid sized provider organizations still do not have a tailored Compliance Plan in place.   To be clear, we recognize that many providers may have copied draft plan off of the internet or purchased a sample plan.  While they may fully intended to follow through with personalization of the draft document, in most of the cases we have seen, more pressing events have taken precedence and these providers have not had the time or expertise to complete the project.

Providers who have not put a Compliance Plan should immediately do so. As you have likely heard, Section 6401 of the Affordable Care Act (ACA)(generally referred to as the “Health Care Reform Act”) states, “. . . a provider of medical or other items or services or supplier within a particular industry, sector or category shall, as a condition of enrollment in the program under this Title. . .establish a compliance program.”   To be clear, at this time, the Department of Health and Human Services, Office of Inspector General (HHS-OIG) has not announced deadlines effectuating this requirement.  Nevertheless, it is merely a matter of time until all providers who choose to participate in the Medicare program will be required to have an effective Compliance Plan in place.

Rather than wait until the last minute, Medicare providers who have not already done so should immediately take steps to implement an effective plan.  As a first step, providers should review each of the regulatory and statutory provisions related to the specific services being billed to Medicare.  Next, providers should compare their actual documentation, coding and billing practices with Medicare’s rules.  Any gaps between the applicable requirements and a provider’s actual practices must immediately be remedied. Additionally, should these gaps represent an overpayment, the Medicare provider must repay the overpayment to the government within 60 days of identification.

Prior to conducting a gap analysis, we recommend that providers contact their legal counsel for assistance with both the internal review and with the implementation of an effective Compliance Plan.   While no Compliance Plan can prevent a ZPIC audit, the implementation of an effective plan will greatly improve a provider’s likely adherence to Medicare’s rules and regulations should a ZPIC audit be initiated.

Recommendation #2:   Don’t ignore a ZPIC’s request for documents[1]. At the outset, it is important to keep in mind that the ZPIC audit play an important role in the current enforcement environment.  In addition to  auditing records for possible overpayments, ZPICs are also responsible for identifying fraudulent providers and making referrals to the Centers for Medicare and Medicaid Services (CMS), the Department of Health and Human Services, Office of Inspector General (HHS-OIG) and the U.S. Department of Justice (DOJ) for further action.  Possible actions taken include, but are not limited to:

• CMS — Administrative action such as suspension or revocation from the Medicare program.
• HHS-OIG – Administrative action such as Civil Monetary Penalty action.  HHS-OIG may also investigate and refer a provider to DOJ for possible civil litigation under the False Claims Act.  Finally, HHS-OIG may investigate and refer a provider to DOJ for criminal prosecution under the Federal Anti-Kickback Act or a host of other statutes.
• DOJ – May investigate and prosecute a provider for civil and / or criminal violations of law.

Should you receive a request for documents from your ZPIC, in most cases it will broken into two sections.  The first section will likely focused on business related records, including, but not limited to, copies of: 

“Business contracts or agreements with other providers, suppliers, physicians,  businesses or individuals in place during a specific period.  Additionally, any verbal agreements must be summarized in writing.

A listing of all current and former employes (employed during a specific period), along with their hire date, termination date, reason for leaving, title, qualifications, last known address, phone number.

• A list of all practice locations, along with their address and phone number.
• Leases.
• Employment agreements.
• Medical Director contracts.” 

The unstated purpose of this portion of the ZPIC’s request is likely to identify potential instances of violations of the Federal Anti-Kickback Statute, Stark and / or the False Claims Act.  Should the ZPIC identify a possible violation, it will readily refer the case to CMS, HHS-OIG and / or DOJ, depending on the nature of the potential violation.

In contrast to the first section of the ZPIC’s request, the second section of the request usually lists the patient records and dates of service to be audited by the ZPIC.  While every case is different, the number of claims requested typically ranges from 8 – 100, depending on whether the ZPIC’s request is a “probe review” or a full-blown ZPIC audit.  On occasion, we have seen the number of claims sought can range from 150 – 300.

Never ignore a ZPIC request for records.[2] Importantly, should you fail to respond to the ZPIC’s request, the contractor can recommend to the CMS that your organization be suspended[3] from participation in the Medicare program.  Depending on the ZPIC’s concerns, the contractor can also recommend that CME pursue a revocation action against your organization.  Should you need more time to the ZPIC’s request for supporting documentation, don’t hesitate to request it.

Recommendation #3:  Remember learning how to “drive defensively” in high school?  Your documentation practices should be approached in a similar fashion. A ZPIC audit can be excellent at identifying one or more ways in which your claims do not meet applicable coverage requirements.  While you may very well disagree with their assessments (especially in “medical necessity” determinations), in all likelihood, when you file a request for redetermination appeal (and later, a request for reconsideration appeal), you will find that your Medicare Administrative Contractor (MAC) and your Qualified Independent Contractor (QIC) agree with the ZPIC’s denial decision.  Rather than endure significant costs and stress when defending against an overpayment assessment, you need to take steps to avoid a denial in the first place. To that end, health care providers should ensure that clinical staff members are fully trained and educated regarding Medicare’s documentation, coding and billing process.

We recognize that “perfect documentation” is neither required nor realistic to expect from your clinical staff.  Nevertheless, using published reports of other cases, you can show your clinicians that a ZPIC audit often involves a strict application of Medicare’s documentation and coverage requirements.  Through education and training, your clinical staff will understand why it is imperative that they review, understand and comply with:

• Any applicable Local Coverage Determinations (LCDs).
• Any applicable National Coverage Determinations (NCDs).
• Any Local Medical Review Policies (LMRPs).
• The Medicare Policy Benefit Manual (MPBM).
• The Medicare Program Integrity Manual (MPIM).
• Any statutory provisions which cover the services.
• Any additional guidance issued by Medicare which would apply to these claims.

It is important that you regularly review the government’s latest concerns and any enforcement actions which have been taken.  Additionally, you should read HHS-OIG’s reports so that you may learn from the mistakes being made by similarly situated providers.  Upon doing so, we recommend that you check the list of “risk areas” in your Compliance Plan and ensure that they reflect both general “risks” and “specific risks” which may be unique to your organization.  Is your organization still in full compliance?  If not, remedial action is likely necessary.

Recommendation #4:  Retain experienced legal counsel to assist with your efforts. When experiencing symptoms of a cardiac problem, most patients wouldn’t turn over their care to a dermatologist.  Instead, they would seek to be evaluated and treated by a Cardiologist.  Similarly, if you have a health law problem, would it be wise to rely on advice from an attorney specializing in family law?  Ultimately, that’s your call.  While no attorney can guarantee you success — we believe that an experienced health lawyer is well situated to give you advice regarding a Medicare audit or investigation.   Having said that, it is important to recognize that the field of health law is extraordinarily broad.  Should you be audited by a ZPIC or a Recovery Audit Contractor (RAC), don’t hesitate to ask a health lawyer whether they have handled these types of cases before.  If so, how many times have they represented a provider in a ZPIC audit?  When selecting a lawyer, keep in mind that the legal fees charged by an attorney can vary greatly, depending on a variety of factors.  Don’t be shy – ask how much the representation is likely to cost.  While it is often difficult to estimate legal costs due to the various factors faced when handling matters involving a ZPIC audit, most attorneys can give you a range of expected legal fees.  Finally, be sure and ask for references.  Other providers who have been through an administrative appeal case can provide you with invaluable insights into the process.

Recommendation #5:  The administrative appeals process has become quite complicated in recent years.  A ZPIC audit can result in alleged overpayments running into the millions of dollars. Moreover, the ZPIC’s overpayment assessment isn’t usually the end of the story.  While providers often lose at the redetermination and reconsideration levels of appeal, the third level of appeal – before an Administrative Law Judge (ALJ) – is usually your best opportunity to prevail in an administrative appeal.  Over the years, our attorneys have argued cases in front of judges out of each of the field offices of the Office of Medicare Hearings and Appeals (OMHA).   While we may not always agree with their decisions, the ALJs we have practiced before have been professional, fair and more than willing to hear a provider’s arguments in support of payment.

Should you choose to forego legal counsel and represent yourself in an ALJ hearing, keep in mind that even though these hearings are intended to be non-adversarial,  it can feel quite adversarial during the actual hearing.  Furthermore, these proceedings can be quite complicated.  In most large dollar cases, representatives of the ZPIC are participating in the hearing and arguing their position before the ALJ.  ZPIC representatives can include one or more statisticians (if an extrapolation was conducted), a clinician (usually a Registered Nurse who is experienced in conducting medical reviews) and a lawyer.  In a recent Home Health Agency case we handled, this was precisely what occurred.  Frankly, few providers are experienced in presenting their case and in responding to the arguments raised by statisticians, clinicians and lawyers representing a ZPIC.  As a result, it is strongly recommended that the provider consider engaging an experienced and knowledgable attorney.

Recommendation #6:  When reviewing your claims, you should abide by the following:  First, “If it doesn’t belong to you, give it back.”  Conversely, “If you don’t owe the money, don’t throw in the towel.”  I am regularly asked to speak at provider conventions around the country.  For years, I’ve told providers “If it doesn’t belong to you, give it back.”  This simple concept covers a lot of ground when it comes to alleged Medicare overpayments.  Similarly, if the facts and the evidence shows that the claims should have been paid,  think twice before waiving your right to appeal the denial of these claims.  From a practical standpoint, we have heard of  situations where a provider chooses to “just pay the bill” so that the case will quickly be resolved.  Several providers have commented that when dealing with small dollar assessments, it is just easier to pay the alleged overpayment rather than incur the hassle and expense of contesting the contractor’s denial.  Although we understand the reasoning behind such a decision, you should keep in mind that every claim which is denied by in a ZPIC audit increases a provider’s “error rate.”  If you were a ZPIC, PSC, RAC or MAC contractor, would you choose to audit a provider with a low error rate or a high error rate?  In any event, the bottom line is fairly straight forward.  Should you find that you are not entitled to payment for one or more claims, you must repay the money to the government as soon as possible (but no later than 60 days after an overpayment has been identified),  regardless of whether the claim is part of an ongoing or recently completed Medicare audit.  If, however, you are audited and you believe that a ZPIC has incorrectly denied one or your claims, you have the right to appeal the denial of these claims.

Recommendation #7:  Carefully read a ZPIC’s denial decision letter. When you receive a denial decision letter from a ZPIC, carefully review the notice and determine whether the contractor has specifically addressed the reasons for denial associated with each of the claims at issue.  Every ZPIC audit is different.  Over the last few months, one of the ZPICs involved in the cases we are handling has been citing only a general reason for denial (such as “not medically necessary”).  Should the ZPIC in your case not provide sufficient information, you will find it difficult, if not impossible, to address any specific reasons your claims have been denied. Your legal counsel may be able to get the ZPIC to provide additional specificity in connection with their denial reasons.

Recommendation #8:  Don’t forget – shortly after the “demand letter” is sent, any payments you may be expecting may be recouped by your Medicare Administrative Contractor (MAC).   A demand letter from your MAC usually follows a few days after you receive a ZPIC’s denial decision letter.  While you have 120 days to file a request for redetermination appeal[4], should you fail to file the request for redetermination within 30 days of the date of the MAC’s demand letter, your Medicare payments may be recouped starting on day 41.  Alternatively, a provider may set up an extended repayment program with the MAC so that the alleged overpayment can be repaid through monthly installments.  We strongly recommend that you set this up.  You will then be able to take advantage of the 120 period permitted to file a redetermination appeal rather than filing a poorly prepared appeal within the 30 day period.  Similar issues (with completely different deadlines) are present at the reconsideration level of appeal — the next level in the administrative appeals process. Once again, these issues can be quite complicated.  We recommend that you discuss available appeals options with your counsel.

Recommendation #9: Foster a corporate culture which encourages compliance.  ZPIC audit reviewers have increased their ZPIC audit activities dramatically in numerous areas of the country. South Texas has been especially hard-hit. Providers in Houston, McAllen, Harlingen, Edinburgh, Laredo, Corpus Christi and Brownsville appear to have experienced a recent surge in ZPIC audit activity.  Be aware that ZPIC audit reviewers are looking for aberrations in billing patterns and often target providers based on these variations in coding or billing practices.  Compliance with regulations and consistency in your “message” to employees is essential. Establishing good intake and records management procedures, continuing employee education and training efforts, can facilitate the adoption of an ethical, compliant corporate culture.

Recommendation #10:  When drafting a Compliance Plan, providers should include a “Code of Conduct” that is easily understood by employees.  We believe that a “Code of Conduct” should accurately reflect the belief system an organization has pursued and sincerely intends to follow.   In doing so, an organization can engender a compliant corporate culture.  Over the years, we have seen organizational “Codes of Conduct” which range from a succinctly described phrase to discussions of more than a page.

Our favorite “Code of Conduct” is used by Cadets at the United States Military Academy at West Point. Modified for use by health care providers, the “Code of Conduct” reads:

“Our clinicians and staff will not lie, cheat, steal, or tolerate those who do.”

This simple yet elegant “Code of Conduct” succinctly lays out a provider’s ethical responsibilities, both with respect to Medicare and in other business dealings.  We recommend that you consider adopting and adhering to this or a similar “Code of Conduct.”

Liles Parker attorneys and staff have extensive experience representing Physicians, Clinics, Home Health Agencies, Hospices, DME Companies, Skilled Nursing Facilities, Chiropractors, Pain Medicine Clinics, Rehabilitative Medicine Clinics and other Medicare providers in connection with a ZPIC audit or audits by  RACs, PSCs, MACs and other contractors.  We also have years of experience assisting providers with “gap” analyses and in implementing an effective Compliance Plan.  Should you have questions about these or other health law issues, please feel free to call us for a complementary consultation.  We can be reached at:  1 (800) 475-1906.  

ZPIC Audits ■ Medicare Audits

Introduction to Medicare Compliance

There are “rules of life” we have learned that can really bring certain essential Medicare compliance concepts into focus. While perhaps cliché, these sayings and principles can be quite helpful when explaining fundamental Medicare compliance concepts to new staff or non-compliance personnel.  These 5 essential Medicare compliance concepts include:

(1)  “If it isn’t yours, give it back” 

Sound familiar? This is one of the first principles we are taught as children.  Nevertheless, it is as true today as it was back then.  Medicare providers have a legal obligation to promptly return any overpayments identified. In fact, with the passage of the Affordable Care Act (ACA) in 2010, it is now a requirement that providers return Medicare overpayments to the government within 60 days of identification or face significant liability under the False Claims Act.

While the prompt, mandatory return of a known overpayment is clearly required, we were recently asked about a provider’s obligations when it comes to less clear potential overpayments.  For example, suppose that a provider identifies a specific claim that was improperly submitted and paid by Medicare.  When reviewing how the overpayment occurred, the provider also learns that a former employee mistakenly believed that a certain service was covered by Medicare.  While the provider may only have evidence that a single claim was improperly submitted and paid by Medicare, the provider may suspect that the former employee may have incorrectly handled similar claims.  The issue therefore becomes whether a provider has an obligation to further investigate and determine whether other, unconfirmed overpayments may exist.  In considering this issue in furtherance of Medicare compliance, we believe that the general principle still applies, regardless of the fact that the exact language of ACA may not cover this situation.  Remain unconvinced?  In addition to being the ethical and right action to take, it is important to keep in mind that even if the 60-day repayment provisions of the ACA may not apply (although CMS may believe differently), a provider who turns a blind eye to potential overpayments is possibly exposing the practice to a whistleblower suit under the False Claims Act. Do you know of a potential overpayment?  More than likely, someone else in your practice is also aware of the problem. The bottom line is simple – “If it isn’t yours, give it back”. 

(2)  “Participation in the Medicare program is a privilege, not a right.”

Remember taking driver’s education in high school?  I still remember my driver’s education teacher repeatedly reminding us that we did not have a right to have a driver’s license.  Rather, it was a privilege – a privilege that could be taken away as quickly as it was granted if we failed to follow the laws of the State and the rules of the road.  Frankly, Medicare compliance is no different.  Health care providers do not have a right to participate in the Medicare program.  It is a privilege that must be earned and maintained.  Should a provider fail in their Medicare compliance activities, this privilege can be taken away.  With this in mind, providers must actively work to better ensure that their  Medicare compliance initiatives meet Medicare’s coding and billing requirements. Should they not fully understand the program’s guidelines, it is the provider’s responsibility to learn Medicare’s rules and ensure that the provider’s business practices fully comply with the program’s provisions.

(3)  “If it sounds too good to be true, it probably is.”  

Physicians, small group practices and clinics should exercise caution when dealing with ‘consultants’ or ‘experts’ who boast of guaranteed increases in revenues or profits.  Unfortunately, many providers are dealing with steady declines in both Federal and private payor reimbursement rates.  In the current economy, unemployment rates have remained high and many patients are having a difficult time meeting their financial obligations.  In this environment, the promises of “innovative” business models or ways to modify a provider’s billing practices which will significantly increase revenues can be tempting to a provider experiencing financial difficulties.  Have you been approached by someone with a “deal” which sounds too good to be true?  Check out HHS-OIG’s “Fraud Alert” titled “Special Advisory Bulletin: Practices of Business Consultants.”  While published a decade ago, the lessons and concerns discussed in the bulletin are as current today as they were a decade ago.  And remember – the adage “If it sounds too good to be true, it probably is,” is especially true when it comes to health care business opportunities.

(4)  “Everyone does it, so it must be okay.”

In years past, a number of drug companies and medical device companies played fast and loose with Medicare’s rules, showering physicians with lavish gifts, inviting them to attend paid vacations and entering into sham “advisory” or “consulting” agreements which paid the physicians regular stipends for little, if any, work.  Why did these companies engage in these practices?  In many instances, the companies wanted to influence the physicians’ decision-making when it came time to prescribe certain drug or order medical devices for their patients. These actions amount to kickbacks – plain and simple.  Today, drug and medical device industry representatives have made great strides in educating their members to eliminate these illegal practices.  At the height of these practices, many physicians appeared to take the position that since their peers accepted kickbacks, it must be okay.  Clearly, this mindset is just flat wrong.

Unfortunately, it isn’t limited to drug and medical device companies. Generally, physicians should exercise care before accepting any thing of value from a company or clinical practice with whom the physician works – especially when the physician either makes referrals to the company or prescribes items or devices sold by that company to their patients.  In considering this issue, it is often helpful to ask, “Where do I send my referrals?” Additionally, ask yourself, “Who refers patients to me?” Once answered, these business relationships should be carefully reviewed to ensure that there are no transactions that could give even the appearance of being improper. A typical example which repeatedly arises involves the use of “Medical Director” agreements where a physician is paid a monthly stipend which exceeds the fair market value of any services which are provided under the agreement. This is an important area in Medicare compliance, as it also implicates potential criminal activities.

(5)  “Neatness and accuracy count.”   

We represent a wide variety of health care providers when responding to Medicare post-payment audits conducted by ZPICs and other Medicare contractors. Over the last two years, we have noted a significant increase in the number of claims being denied because medical documentation is either illegible or incomplete. From a Medicare compliance standpoint, these problems are among the easiest for a provider to remedy.

Handwritten Portions of a Medical Record Must be Legible - When assessing denial reasons cited by ZPICs, our attorneys are often required to go through medical records as we assemble responsive arguments in support of payment.  More often than not, we don’t have any problem deciphering the records which the ZPIC alleges are “illegible.”  Having said that, ZPICs and other contractors have an enormous audit caseload, meaning they don’t spend a lot of time trying to make sense out of poorly written passages.  As a result, if their reviewers cannot readily read a passage, they merely deny the claim and move on.

The lesson to be learned is clear – physicians, nurses, therapists, counselors and others must ensure that any handwritten comments, signatures, dates or other information entered into a medical record can easily be read by an outside third party who is not experienced in reading the handwriting of your staff.  It is important to keep in mind that if there is an audit or review of this information by a ZPIC or another government contractor, it is likely to be several years in the future. During that period, the writer may no longer be with the practice and it may be difficult (if not impossible) to easily locate the writer for assistance in deciphering handwritten passages.  For Medicare compliance, regular self-audits can prove quite helpful in identifying possible problems.

If you are conducting a self-audit and find that words or passages are illegible or incorrect, you should consider taking the following remedial steps:

Advise your staff of the problem and follow-up to ensure that future entries are legible and accurate – Physicians, nurses and staff should be educated regarding the importance of ensuring that their handwriting is easily legible and the information they are providing is accurate. In most instances, once this is identified as an issue, most staff are willing to work with you so that future problems do not arise.  We recommend that regular follow-ups are conducted to ensure that problematic handwriting does not again deteriorate to where it is again illegible.

Correcting illegible or erroneous words, phrases or passages – Should you find that certain portions of a patient’s record documenting prior services rendered are illegible, you cannot merely erase it or use white out to hide the original handwritten section  before re-writing the passage so that it is legible. We recommend that you contact your Compliance Officer or legal counsel before making any changes to a medical record (regardless of whether the record is handwritten or electronic).  Legal counsel can guide you on the correct way to make changes or corrections to a medical record which documents services previously rendered. If a change or correction to a word or passage is necessary, you should not erase, white-out, scratch out or use a marker to conceal the original remark.  Instead, we usually recommend that a single line through the incorrect or illegible phrase or passage is made. If you are audited, an outside reviewer will be able to readily see the original passage. Next, the corrected entry should be carefully written next to or above the original entry. It should then be signed and dated by the individual making the correction.  In this fashion, an outside reviewer will not be misled in any way about what was originally written, when the corrected entry was made and / or the identity of the person making the change to the record.

As set out in Chapter 3 of the Medicare Benefit Policy Manual, the Centers for Medicare & Medicaid Services (CMS) advises ZPICs to consider the following:

“3.3.2 – Medical Review Guidance

For example, ZPIC staff looks for some of the following situations when reviewing documentation:

 • Possible falsification or other evidence of alterations including, but not limited to: obliterated sections; missing pages, inserted pages, white out; and excessive late entries;

 • Evidence that the service billed for was actually provided; or,

 • Patterns and trends that may indicate potential fraud.” (emphasis added).

 As a participating provider in the Medicare program, it is essential that you ensure that the care and treatment you provide is factual, accurate and recorded in a legible fashion. Ultimately, providers who diligently work to achieve these points will have made significant strides towards Medicare compliance in their  practice.

Liles Parker attorneys have extensive experience assisting providers in establishing an effective Medicare Compliance Plan. Should you have questions regarding Medicare compliance or how to instill a compliant culture in your clinic or practice, please give us a call at 1-800-475-1906 for a complimentary consultation. 

ZPIC Audits ■ Medicare Audits

I.  Background of AdvanceMed Transaction:

AdvanceMed has a new parent. Last week, it was announced that NCI, Inc., one of the nation’s most successful information technology companies, had acquired the outstanding capital stock of AdvanceMed Corporation (AdvanceMed), an affiliate of CSC. While the acquisition went largely unnoticed by the health care provider community, the transaction may, in fact, be quite significant.

With this acquisition by NCI, a recognized powerhouse in information technology, Medicare and Medicaid providers should expect AdvanceMed’s expertise in data mining and investigations to continue to grow. As AdvanceMed continues to fine-tune its data mining efforts and further expands its ability to conduct “Predictive Modeling,” providers will likely find their actions under the microscope like never before.  It is therefore imperative that all health care providers immediately implement an effective Compliance Plan or further enhance their current compliance efforts.

NCI first announced its plans to acquire AdvanceMed last February.  As NCI’s February 25th News Release noted:

“The Obama Administration has emphasized reducing fraud, waste, and abuse in Federal entitlements. AdvanceMed is ideally positioned to support the program integrity initiatives of CMS and other Federal Government agencies. . . We are extremely pleased to have AdvanceMed join NCI and believe that this acquisition will provide NCI an outstanding platform to address this rapidly growing market opportunity.”

In recent years, AdvanceMed has positioned itself to where it now has multiple contracts with the Federal government.  AdvanceMed serves as the Zone Program Integrity Contractor (ZPIC) for Zone 2 and Zone 5.  Additionally, the contractor also serves as a Comprehensive Error Rate Testing (CERT) contractor.   On the Medicaid side,  AdvanceMed serves as a Medicaid Integrity Contractor (MIC).  While a host of other contractors have been awarded contracts covering other zones and program areas, AdvanceMed’s growth has been undeniably impressive.

As NCI announced in its April 4^th “News Release” covering the acquisition:

“AdvanceMed is a premier provider of healthcare program integrity services focused on the detection and prevention of fraud, waste, and abuse in healthcare programs, providing investigative services to the Centers for Medicare and Medicaid Services (CMS). Serving CMS since 1999, AdvanceMed has grown rapidly, demonstrating the value and return on investment of the Federal Government’s integrity program activities.

AdvanceMed employs a strong and experienced professional staff, which leverages sophisticated information technology, data mining, and data analytical tools, to provide a full range of investigative services directed to the identification and recovery of inappropriate Medicare and Medicaid funds. AdvanceMed supports healthcare programs in 38 states with a staff of more than 450 professionals, including information specialists, nurses, physicians, statisticians, investigators, and other healthcare professionals.

AdvanceMed has multiple contracts with CMS under the Zone Program Integrity (ZPIC), Program Safeguard (PSC), Comprehensive Error Rate Testing (CERT), and Medicaid Integrity (MIC) programs. All of these programs are executed under cost plus contract vehicles. The largest contracts-ZPIC Zone 5 and ZPIC Zone 2-were awarded in late 2009 and 2010 and have five-year periods of performance.

The acquisition price was $62 million. Included within the price is a recently completed, state-of-the-art data center to support the ZPIC Zone 5 and ZPIC Zone 2 contracts. Additionally, NCI will make a 338(h)(10) election, enabling a tax deduction, which is expected to result in a tax benefit with an estimated net present value of approximately $6 million to $8 million. NCI expects the transaction to be slightly accretive to 2011 earnings.

As of the end of March 2011, AdvanceMed has a revenue backlog of approximately $300 million with approximately $51 million of that amount being currently funded. Revenue for the trailing 12 months ending March 31, 2011, is estimated to be approximately $51 million, all of which was generated from Federal Government contracts, and 99% of the work performed as a prime contractor. NCI’s AdvanceMed 2011 revenue, covering the nine-month period of April 2, 2011, to December 31, 2011, is estimated to be in the range of $43 million to $47 million (the equivalent of $57 million to $63 million on a full 12-month basis), with the midpoint reflecting a full-year growth of approximately 16%. . .”

II.  Overview of the ZPIC Program:

Under the Medicare Prescription Drug, Improvement and Modernization Act of 2003 (MMA), CMS was required to take a number of steps intended to streamline the claims processing and review process:

•  Using competitive measures, CMS was required to replace the current Medicare Fiscal Intermediaries (Part A) and Carriers (Part B) contractors with Medicare Administrative Contractors (MACs).
• After setting up the new MAC regions, CMS created new entities, called Zone Program Integrity Contractors (ZPICs).
•  These actions were intended to consolidate the existing program integrity efforts.  Over the last 2 — 3 years, ZPICs have been taking over PSC audit and enforcement activities around the country.

At the time of transition, there were twelve PSCs that had been awarded umbrella contracts by CMS. As these contracts have expired, CMS has transferred the PSCs’ fraud detection and deterrence functions over to ZPICs.  Of the seven ZPIC zones established in the MMA, CMS has awarded contracts for a number of the zones. CMS is still working to issue awards for the final ZPIC zones.  The seven ZPIC zones include the following states and / or territories:

• Zone 1 – CA, NV, American Samoa, Guam, HI and the Mariana Islands.
• Zone 2 – AdvanceMed: AK, WA, OR, MT, ID, WY, UT, AZ, ND, SD, NE, KS, IA, MO.
• Zone 3 – MN, WI, IL, IN, MI, OH and KY.
• Zone 4 – Health Integrity: CO, NM, OK, TX.
• Zone 5 – AdvanceMed: AL, AR, GA, LA, MS, NC, SC, TN, VA and WV.
• Zone 6 – PA, NY, MD, DC, DE and ME, MA, NJ, CT, RI, NH and VT.
• Zone 7 – SafeGuard Services: FL, PR and VI.

In many instances, these changes have been nothing more than a name change. ZPIC responsibilities are generally the same as those currently exercised by PSCs. While ZPIC overpayment review duties have not appreciably changed, the number of civil and criminal referrals appear to be increasing. In our opinion, ZPICs clearly view their role differently than that of their PSC predecessors.  ZPICs clearly view themselves as an integral part of the law enforcement team, despite the fact that they are for-profit contractors.  In consideration of their ability to recommend to CMS that a provider be suspended or have their Medicare number revoked, or even refer a provider to law enforcement for civil and / or criminal investigation, providers should take these contractors quite seriously.

Both ZPICs and PSCs have traditionally asserted that unlike their RAC counterparts, they are not “bounty hunters.”  ZPICs are not paid contingency fees like RACs but instead directly by CMS on a contractual basis.  Nevertheless, common sense tells us that if ZPICs aren’t successful at identifying alleged overpayments, the chances of a ZPIC’s contract with CMS being renewed are likely diminished. AdvanceMed’s recent announcement shows that they are a very profitable entity and are paid on a “cost-plus” basis (leaving room for bonuses and other incentives). Additionally, experience has shown us that despite the fact that ZPICs are expected to adhere to applicable Medicare coverage guidelines, a ZPIC’s interpretation and application of these coverage requirements may greatly differ from your understanding of the same provisions.

           In recent years, ZPICs have been aggressively pursuing a wide variety of actions, including but not limited to:

• Pre-Payment Audit.  After conducting a probe audit of a provider’s Medicare claims, the ZPIC may place a provider on “Pre-payment Audit” (also commonly referred to as “Pre-Payment Review”).  Unlike a post-payment audit, there is no administrative appeals process that may be utilized by a provider for relief.  Having said that, there are strategies that may be utilized by a provider which may assist in keeping the time period on pre-payment review at a minimum.
• Post-Payment Audit.  Audits conducted by ZPICs primarily involve Medicare claims that have already been paid by the government.  In many cases, the ZPICs appear to have conducted a strict application of the coverage requirements, regardless of whether a provider’s deviation from the rules is “de minimus” in nature. In doing so, it is not unusual to find that a provider has failed to comply with each and every requirement.  Depending on the nature of the initial sample drawn, a ZPIC may extrapolate the damages in a case, significantly increasing the the alleged overpayment.  In doing so, the ZPIC is effectively claiming that the “sample” of claims audited are representative of the universe of claims at issue in an audit.
• Suspension.  While the number of suspension actions taken by ZPICs has steadily increased in recent years,  Medicare providers should expect to see this number continue to grow.  Under the Affordable Care Act (often informally referred to as the “Health Care Reform” Act), CMS’ suspension authority has greatly expanded.   
• Revocation.  As with suspensions, we have seen a sharp increase in the number of Medicare revocation actions taken over the last year. The reasons for revocation have varied but have typically been associated with alleged violations of their participation agreement. In some cases, the ZPIC contractors found that the provider has moved addresses and did not properly notified Medicare. In other cases, a provider was alleged to have been uncooperative during a site visit. Finally, there were a number of instances where the provider allegedly did not meet the “core” requirements necessary for their facility to remain certified.
• Referrals for Civil and Criminal Enforcement.  ZPICs are actively referring providers to HHS-OIG (which can in turn refer the case to the U.S. Department of Justice (DOJ) for possible civil and / or criminal enforcement) when a case appears to entail more that a mere overpayment. However, just because a referral is made doesn’t mean that it will prosecuted. In many instances, HHS-OIG (and / or DOJ) will decline to open a case due to a variety of reasons, such as lack of evidence, insufficient damages, etc.).

 III.  Steps Providers Can Take Now, Before They are Subjected to a ZPIC Audit:

In responding to a ZPIC audit, it is important to remember that although they may not technically be “bounty hunters,” it is arguably to their benefit to find that an overpayment has occurred. These overpayments are often based on overlapping “technical” (such as an incorrect place of service code) and “substantive” (such as lack of medical necessity) reasons for denial.  In recent years, the level of expertise exercised by ZPICs is often quite high — noting multiple reasons for denial and concern.

Unfortunately, the reality is that most (if not all) Medicare providers will find themselves the subject of a ZPIC, CERT, RAC or other type of claims audit at some point in the future.  In our opinion, the single most effective step you can take to prepare for a contractor audit is to ensure that your organization has implemented and is adhering to an effective Compliance Plan.  Several general points to consider also include:

Keep in mind your experiences with PSCs and other contractors.  The lessons you have learned responding to PSC, CERT and RAC audits can be invaluable when appealing ZPIC overpayments.  As you will recall, the appeals rules to be followed are virtually the same.

Monitor HHS-OIG’s Work Plan.  While often cryptic, it can be invaluable in identifying areas of government concern.  Are any of the services or procedures your organization currently provides a focus of HHS-OIG’s audit or investigative?

 Keep an eye on RAC activities.  Review the service-specific findings set out in annual RAC reports.  Review targeted areas carefully to ascertain whether claims meet Medicare’s coding and medical necessity policies.

You never realize how bad your documentation is until your facility is audited. While many providers start out “over-documenting” services (to the extent that there is such a thing), a provider’s documentation practices often become more relaxed as time goes on – especially when the provider has not been audited for an extended period of time.  In such situations, both physicians and their staff may fail to fully document the services provided.  Moreover, the care taken to ensure that all supporting documentation has been properly secured may have also lapsed over the years.

Review your documentation.  Imagine you are an outside third-party reviewer.  Can an outsider fully appreciate the patient’s clinical status and the medical necessity of treatment?  Are the notes legible and written is a clear fashion?  Compare your E/M services to the 1995 or 1997 Evaluation and Management (E/M) Guidelines – have you fully and completely documented the services you provided?  If dealing with skilled services, have you fully listed and discussed both the need for skilled services and the specific skilled services provided?

IV.  Closing Thoughts:

Imagine a ZPIC hands you a claims analysis rife with alleged errors, an indecipherable list of statistical formulas, and an extrapolated recovery demand that will cripple your practice or clinic. What steps should you take to analyze their work? Based on our experience, providers can and should carefully assess the contractor’s actions, particularly the use of formulas and application of the RAT-STATS program when selecting a statistical sample and extrapolating the alleged damages based on the sample. Over the years, we have challenged the extrapolation of damages conducted by Medicare contractors around the country, including tens of thousands of claims. Regardless of whether you are a Skilled Nursing Facility providing skilled nursing and skilled therapy services, an M.D. or D.O. providing E/M services, a Home Health company or a Durable Medical Equipment (DME) company, it is imperative that you work with experienced legal counsel and statistical experts to analyze the actions take by a ZPIC.

Liles Parker attorneys and staff have extensive experience representing a wide range of Medicare providers in audits by ZPICs, PSCs and other contractors.  Should you have questions regarding an inquiry from a ZPIC, PSC or RAC that you have received, please feel free to give us a call for a complimentary consultation.  We can be reached at:  1 (800) 475-1906.

ZPIC Audits ■ Medicare Audits