Articles Posted in Audit

Published on:

by

Earlier this month, the Michigan Department of Health and Human Services (MDHHS) awarded Comprehensive Health Care Program contracts for Michigan’s Medicaid health plans. Health plans administered under Michigan Medicaid provide access to healthcare services to nearly 2 million Michigan residents. In this recent award of health plan contracts, nine health plans submitted proposals. The awarded Medicaid contracts are expected to go into effect in October 2024 and carry terms of five years, with three, one-year optional extensions.

The Medicaid health plan contracts were awarded based on Michigan’s 10 Prosperity Regions as follows:

  • Region 1 – Upper Peninsula Prosperity Alliance: Upper Peninsula Health Plan, LLC.
Continue reading
Published on:

by

On March 12, 2024, several senators wrote a letter to the Government Accountability Office (GAO) Comptroller General, requesting an investigation into the policies and procedures CMS has in place to prevent Medicare fraud, waste, and abuse. The senators noted that in 2022, GAO estimated there were $47 billion in improper Medicare payments with $1.7 billion being reclaimed, representing a 2.8% recovery rate.

The senators’ letter was likely prompted by a recent investigation from the National Association of Accountable Care Organizations (NAACOS), which uncovered an alleged fraudulent urinary catheter scheme. NAACOS discovered that ten medical device companies went from billing 15 patients for catheters to over 500,000 patients for catheters within a period of two years. This alleged scheme has been estimated to cost CMS over $2 billion and has garnered significant media attention. Of particular concern to the senators is the fact that NAACOS publicly commented on this issue prior to any announcements from CMS.

The senators noted that this alleged scheme highlights “critical vulnerabilities” within CMS’ fraud, waste, and abuse policies. To this point, they requested that the fraud prevention measures of the Medicare Fraud Strike Force, a team with representatives from the Department of Health and Human Services (HHS), Office of Inspector General (OIG), and Federal Bureau of Investigation (FBI), should be investigated by GAO in order to identify weaknesses and areas for improvement.

Continue reading
Published on:

by

As we noted previously, Medicare providers of wound care services continue to be the target of audits by Medicare contractors. Wound care services typically involve the application of allografts, skin substitutes, and related products to promote healing and support recovery. Due to the generally high reimbursement rates and need for frequent reapplication of these types of products, the Medicare program views such products as a high risk for improper payments or alleged fraud. Providers who utilize these products for wound care services or who are subjected to audit should understand the contours of an audit and be aware of their rights in responding to an audit.

The Medicare Unified Program Integrity Contractors (UPICs), such as the CoventBridge Group or Qlarant, typically perform these audits. UPICs are charged with the primary goal of investigating instances of suspected fraud, waste, and abuse in Medicare or Medicaid claims. Historically, UPICs are quick to allege that a provider has committed fraud and deny claims for any supposed non-compliance with coverage or documentation requirements, regardless of how minor the perceived deficiency. Providers should be cognizant that a UPIC’s allegation of fraud or non-compliance may bring about significant adverse consequences, especially when such allegations are not disputed. These allegations may be addressed by a timely and well-developed appeal of claims denied by the UPIC.

Wound care services involving skin substitutes and similar products subject to audit are generally denied for reasons such as the following:

Continue reading
Published on:

by

A recent report by the Department of Health and Human Services (HHS) Office of Inspector General (OIG) may signal even more scrutiny of healthcare providers who received funds from the Provider Relief Fund (PRF). As we have long predicted, while the PRF was intended as a financial lifeline for the country’s healthcare providers during the height of the COVID-19 pandemic, as the pandemic has cooled, it has become a minefield of compliance issues for healthcare providers and fertile ground for government auditors to demand repayments.

The PRF is a $178 billion fund created by Congress through the CARES Act to provide financial relief to healthcare providers during the COVID-19 pandemic. HHS subdivided the PRF into various general and targeted distributions and assigned the Health Resources and Services Administration (HRSA) to administer the PRF. These distributions were paid to providers in several waves between April 2020 and the present. While this infusion of cash was likely a welcome relief at the time, it came with strings attached. Some of these strings included restrictions on which providers were eligible to receive funds, restrictions on how providers could use the funds, and requirements to report on the use of the funds.

The recent OIG investigation looked at PRF payments made to 150 providers during the PRF Phase 2 General Distributions. The Phase 2 General Distributions required providers to apply for payments and submit documentation. HRSA reviewed these applications and calculated the payment amount to make to provider, mostly based on the provider’s patient care revenue as documented in the application. OIG asserted that, for 17 of the 150 providers it reviewed, HRSA had miscalculated amounts due and had overpaid the providers. OIG recommended that HRSA demand these providers return these funds and that HRSA review all other Phase 2 General Distributions for similar errors HRSA may have made.

Continue reading
Published on:

by

In response to the unprecedented challenges created by the COVID-19 pandemic, the Coronavirus Aid, Relief, and Economic Security (CARES) Act established the Provider Relief Fund (PRF) as an effort to financially support the nation’s healthcare providers as they grappled with COVID-19. To achieve this goal, the Health Resources & Services Administration (HRSA) was tasked with administering the PRF program, and distributed hundreds of thousands of payments from the program’s $178 billion fund to healthcare providers of all types. However, even though providers may have used the PRF funds for permitted COVID-related purposes, many providers are increasingly being demanded to return the money, and being given little to no notice or information as to why.

In the early days of the COVID-19 pandemic, the first batch of disbursements under the PRF program were unsolicited and were deposited directly into providers’ bank accounts without prior application or notice. Providers had to quickly decide whether to return the funds, or to keep the money and agree to abide by the terms and conditions of the PRF program, despite not knowing at the time precisely what those terms were. Many providers that are being subjected to the current rash of repayment demands received PRF funds during the earliest distribution phases.

The repayment demands themselves and the processes available to dispute such demands present an entirely new set of complications and may often give the impression that a provider is being unfairly targeted for performing valuable healthcare services during a public health emergency. As the administrator of the PRF program, HRSA is supposed to initially notify providers of any alleged non-compliance with the PRF program terms and conditions. Usually, this is due to HRSA’s claim that a provider has not submitted the required reporting before the appropriate deadline or within the late reporting timeframe. Notably, providers are increasingly commenting that they are not receiving any notices regarding compliance with the PRF program or reporting requirements, or further, that they are later discovering such notices were sent to the wrong address.

Continue reading
Published on:

by

Healthcare providers are starting to see the first claims audits based on analysis and determinations made by artificial intelligence (AI). Although the technology is new, many of the issues remain the same. Especially where the companies that develop AI-based audit tools sell these tools and services to commercial insurance companies, AI-driven audits increasingly resemble audits of Medicare providers and suppliers performed by the Recovery Audit Contractors, or RACs.

RACs are Medicare contractors charged by the Centers for Medicare & Medicaid Services (CMS) to identify overpayments and underpayments made to providers and to facilitate return of overpayments to the Medicare Trust Fund. Primarily, RACs accomplish this by conducting audits and issuing repayment demands. RACs are different from other types of Medicare contractors that conduct audits because RACs are paid on a contingency fee. That is, RACs received a percentage of any funds they extract from providers, making them significantly incentivized to deny claims and demand repayment even where there is no clinical or legal basis to do so.

Similarly, because few insurance carriers have developed sophisticated AI tools in house, they often contract outside technology companies to provide the AI audit tools, and often to conduct the audits themselves. These outside contractors are motivated to deny claims and identify alleged overpayments in order to retain the business of the insurance carrier. This motivation is further enhanced where the outside contractor is paid a percentage of the alleged overpayments that their AI tool identifies. Therefore, any provider should carefully scrutinize any such audit findings, much as they would scrutinize the findings of a similarly motivated RAC.

Continue reading
Published on:

by

In the Medicare Advantage (MA) program, overseen by the Centers for Medicare & Medicaid Services (CMS), Medicare Advantage Organizations (MAOs) – typically private insurers – receive monthly payments from CMS. The MAOs then contract with healthcare providers and suppliers to provide services pursuant to multiple MA plans offered by the MAOs. With the rise of artificial intelligence (AI), many providers have expressed concern that MAOs are using AI tools to review claims, make coverage determinations, deny claims, and conduct audits with little to no human oversight.

CMS recently released its 2024 MA Final Rule and a set of accompanying frequently asked questions (FAQs). In these, CMS cautioned MAOs that, while an algorithm or software tool can be used to assist MA plans in making coverage determinations, it remains the responsibility of the MAO to ensure that the algorithm or AI complies with all applicable rules for how coverage determinations by MA organizations are made. CMS emphasized that this included that MAOs make medical necessity determinations based on the circumstances of each specific individual including the patient’s medical history, physician recommendations, and clinical notes; and in line with all fully established Traditional Medicare coverage criteria (including established criteria in applicable Medicare statutes, regulations, National Coverage Determinations (NCDs), or Local Coverage Determinations (LCDs)), or with publicly accessible internal coverage criteria that are based on current evidence in widely used treatment guidelines or clinical literature.

CMS gave several examples of non-compliant use of AI by MAOs, mostly due to a lack of human, clinical oversight of the AI-driven tool and the implementation of its outputs. In an example involving a decision to terminate post-acute care services, CMS noted that an algorithm or software tool can be used to assist providers or MA plans in predicting a potential length of stay, but that prediction alone cannot be used as the basis to terminate post-acute care services. For those services to be terminated in accordance with MA regulations, the patient must no longer meet the level of care requirements needed for the post-acute care at the time the services are being terminated, which can only be determined by re-assessing the individual patient’s condition prior to issuing the notice of termination of services. Additionally, for inpatient admissions, CMS noted that algorithms or AI alone cannot be used as the basis to deny admission or downgrade to an observation stay; the patient’s individual circumstances must be considered against the permissible applicable coverage criteria.

Continue reading
Published on:

by

Among the plethora of different contractors used by the Centers for Medicare & Medicaid Services (CMS) to administer the Medicare program is the Supplemental Medical Review Contractor, or SMRC. Like the Medicare Administrative Contractors (MACs), Recovery Audit Contractors (RACs), Unified Program Integrity Contractors (UPICs), and others, the SMRC – of which there is only one at any given time – also audits the claims submitted for reimbursement by Medicare providers and suppliers and issues allegations that providers have received overpayments. Noridian Healthcare Solutions, which is also a MAC, was selected as the SMRC in 2018 and remains the current SMRC.

SMRC audits generally begin with an Additional Documentation Request (ADR), usually in a distinctive green envelope with the Noridian SMRC letterhead or logo. After the provider submits the requested records, the SMRC conducts the review based on the analysis of national claims data, statutory and regulatory coverage, and coding, payment, and billing requirements. The SMRC should eventually issue a Review Results Letter. Providers should be aware that a SMRC review can sometimes last for several months with no intervening correspondence or status updates from the SMRC. Providers who expect, but have not received, a SMRC response should consider carefully checking their Medicare EOBs for activity their MAC may have taken based on the SMRC audit and note any appeal deadlines. Also, providers should be aware that the SMRC is a regional contractor who is allowed to conduct audits nationwide and thus may misunderstand local rules, state laws, or LCDs. SMRC audit findings should generally be carefully scrutinized.

SMRC audit findings also have an additional appeal mechanism available to them. Where the SMRC denies claims, the provider generally has a right to appeal the findings directly to the SMRC and can sometimes request a discussion and education session directly with the SMRC. If the SMRC denies the appeal, it will refer the case to the provider’s local MAC to collect the alleged overpayment or to other government agencies for further action. Where the MAC demands that the provider return an overpayment based on the SMRC’s findings, that demand is subject to the standard Medicare claims appeal process.

Continue reading
Published on:

by

Nearly 4 years after the beginning of the COVID-19 pandemic, healthcare providers continue to see payor audits and demands for repayment for services provided during the pandemic, primarily COVID-19 testing and vaccinations. While these services were an essential public function during the pandemic, constantly changing and often unclear rules and regulations governing the coverage of these services have created fertile ground for payors to allege after-the-fact that provider were not entitled to payment.

The issues asserted by payors tend to be systemic; that is, related to the process used by the provider rather than issues related to any unique characteristics of any specific claim. Therefore, these allegations often lead to demands that the provider pay back a significant portion of reimbursements for their COVID-19 services, often in the hundreds of thousands or millions of dollars.

COVID-19 audits tend to focus on a few common issues. Payors may audit providers based on the requirement for an “individualized clinical assessment,” including whether the ordering provider was authorized, whether the order for testing was within the scope of state law, whether the assessment was conducted by telemedicine or by a questionnaire, whether the ordering provider used a standing order, and what rules apply where a state does not or did not require an order for COVID-19 testing. The use of standing orders has become a particular point of contention, especially in cases where the practitioner who issued the standing order did not personally examine patients, was located offsite, or was under contract with and receiving reimbursement from the entity billing for the services.

Continue reading
Published on:

by

Both the Centers for Medicare & Medicaid Services (CMS) and its plethora of contractors rely on the mail to notify providers and suppliers of document requests, audit findings, disciplinary actions, and many other important items. Providers should be careful that their mailing addresses on file with Medicare are current and accurate. Failure to do so can result in the provider not receiving an important piece of correspondence and inadvertently causing significant consequences for the provider.

The Medicare Provider Enrollment, Chain, and Ownership System (PECOS) is the online Medicare enrollment management system. It allows individuals and entities to enroll as Medicare providers or suppliers. When a provider or supplier enrolls in Medicare, it must provide a series of addresses, including a correspondence address, medical review address, and payment address. Whether a provider enrolls online or uses a paper application, once the provider is enrolled, these addresses are stored in PECOS. In PECOS, a provider can check and edit their listed addresses. When CMS or a contractor needs to mail correspondence to the provider, they will look to PECOS for the address to use. As there are multiple address types listed in PECOS, which may list different addresses, the address selected may relate to the purpose of the correspondence, or a contractor may simply choose an address seemingly at random.

Items that may be sent to a provider’s address or addresses listed in PECOS may be Additional Documentation Requests (ADRs), notices of audits, notices of audit findings with appeal rights, and notices of disciplinary proceedings such as Medicare suspensions, revocations, and exclusions. A provider that does not receive one of these because of an incorrect address listed in PECOS may inadvertently fail to provide records, miss an appeal deadline, or otherwise miss the chance to address some action that Medicare takes against them. In general, where correspondence is sent to the address in PECOS, Medicare will assume that it was received and shift the responsibility to the provider to keep PECOS updated. Not receiving such mail can have devastating consequences for the provider and make subsequent appeal or remedials actions much more difficult.

Continue reading
Contact Information
210 E 3rd St #204
Royal Oak, MI 48067
Phone: 248-544-0888
Fax: 248-544-3111

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please do not include any confidential or sensitive information in a contact form, text message, or voicemail. The contact form sends information by non-encrypted email, which is not secure. Submitting a contact form, sending a text message, making a phone call, or leaving a voicemail does not create an attorney-client relationship.

Copyright © 2016 – 2024, Wachler & Associates, P.C.
JUSTIA Law Firm Blog Design