Articles Posted in Fraud & Abuse

Published on:

The most complex step in the Medicare claims appeals process is generally the third step, a hearing before an Administrative Law Judge (“ALJ”). The ALJ hearing represents both the first time in the claims appeal process that the case is reviewed by a party other than a Medicare contractor and the first time that the provider can offer testimony during a live hearing. An ALJ hearing presents many important strategic considerations for the appealing provider, including before, during, and after the hearing itself.

Before the hearing, the provider must appeal through the first two steps of the Medicare claims appeals process, Redetermination and Reconsideration. Both of these steps involve claim review by a Medicare contractor and are conducted exclusively by written submissions and correspondence. A provider that is dissatisfied with a Reconsideration Decision has a right to request ALJ review of that decision. However, a provider should usually attempt to submit all evidence, especially medical records, prior to the Reconsideration Decision. A provider who waits to submit new evidence until the ALJ level generally must prove why they did not submit it earlier, or else may be barred from submitting new evidence. The formal Request for ALJ also must meet certain regulatory requirements to be effective, especially where the provider is appealing a statistically extrapolated overpayment.

During the hearing and leading up to it, an ALJ hearing is much like a miniature trial. Witnesses must be selected and prepared, evidence organized, important issues briefed, and strategy formulated. Depending on the nature of the case, a provider may have the treating physician testify, or an outside clinical expert may testify in support of the claims. If there is a statistical extrapolation, it may be appropriate to retain an expert statistician to testify regarding any errors in the extrapolation. CMS or its contractors may appear as an opposing party or may submit materials to the ALJ, and may or may not follow the regulatory requirements for doing so. The ALJs themselves are not employed by CMS, but are employed by the Office of Medicare Hearings and Appeal (“OMHA”), another sub-division of HHS.

Published on:

The HHS Office of Inspector General (OIG) recently issued several new work plan items aimed at Medicare Part B payments for skin substitutes. Part B reimbursement for skin substitutes products has long been a thorn in the side of Medicare. Medicare is generally required by federal law to reimburse certain skin substitute products covered under Part B using an Average Sales Price (ASP) methodology established by Congress. However, as the use of these products has grown and the pricing has increased exponentially, HHS has looked for ways to address rising costs to the Medicare program.

OIG updated its work plan in November 2024 to include several new initiatives that OIG intends to undertake in the area of skin substitutes and ASP pricing. First, OIG intends to update its prior conclusions regarding ASP pricing. ASP pricing requires manufacturers to report pricing data. In March 2023, OIG issued a report that found that manufacturer noncompliance with new ASP reporting requirements for skin substitutes led to millions in excessive Part B payments. OIG noted that, since then, Part B expenditures for skin substitute products have continued to rise significantly. OIG therefore intends to provide an update on these manufacturer reporting issues, as well as highlight billing trends and identify potential solutions to any challenges in using the ASP methodology for skin substitutes.

Second, OIG intends to investigate alternative pricing under ASP. The ASP methodology established by Congress mandates that OIG compare ASPs with average manufacturer prices (AMPs) and the widely available market price, if any. If OIG finds that the ASP exceeded the AMP by 5 percent in the two previous quarters or in three of the previous four quarters, then HHS may substitute the reimbursement amount with a lower calculated rate. OIG intends to perform this comparison for various time periods and believes that it may offer recommendations for Medicare to achieve additional savings.

Published on:

Shortly after the COVID-19 Public Health Emergency (PHE) began, Congress passed the Coronavirus Aid, Relief, and Economic Security (CARES) Act, which established the Provider Relief Fund (PRF). The goal of the PRF program was to provide financial support to healthcare providers across the nation in response to the unprecedented challenges presented by the PHE. Despite this noble goal, the federal agencies responsible for carrying out the PRF program have focused their efforts recently on clawing back PRF payments made to providers who the agencies assert did not strictly comply with the Program’s reporting requirements, among others. These PRF repayment demands seek to collect money distributed to providers that was intended to promote patient safety and preserve access to healthcare services. In many instances, providers relied on these funds to simply keep the lights on and stay in business. Now, the government’s demands for return of these monies again threatens the stability of many providers who received PRF funds, and providers are consistently left with little to no information as to why or how these repayment demands are being made in the first place.

Originally tasked with administering the $178 billion authorized under the PRF program, the Health Resources & Services Administration (HRSA), a subagency of the Department of Health and Human Services (HHS) distributed hundreds of thousands of PRF payments to providers of all types over the last several years. Notably, not all providers that received PRF funds needed to request those funds in order to receive payment, or affirmatively agreed to be bound by a set of associated terms and conditions. Recipients of the first batch of disbursements in Period 1 typically received the funds as an automatic deposit, with no notice or solicitation, and with no specific request for the funds required. If Period 1 recipients retained the PRF funds for 90 days or longer, then those providers were deemed to have accepted the PRF program’s terms and conditions, even if providers never read the terms or signed anything and despite the fact that HRSA would not publish the full details of the terms and conditions until months later. Providers who received PRF disbursements in Period 2 or later generally submitted a specific application to receive the funds, along with an attestation agreeing to comply with the terms and conditions.

Regardless of the Period in which a provider may have received funds, one of the most critical requirements attached to the receipt of PRF disbursements was the requirement to submit a report to HRSA on the use of the funds. As the terms and conditions would come to explain, failure to timely submit the necessary reporting would be considered grounds for recoupment of the funds. If a provider did not submit the report on time, HRSA should have notified the provider of its perceived non-compliance with the PRF terms and conditions, and allowed 60 days for the provider to submit the report or otherwise come back into compliance to justify retention of the funds.

Published on:

When a Medicare-enrolled provider or supplier receives a demand to repay an alleged overpayment, especially a massive and statistically extrapolated overpayment that dwarfs the company’s revenue and which the company can never hope to pay back, it often raises the question: who is liable for this alleged debt if the company cannot pay it back? While every company and set of circumstances are different, this question can have a significant impact on how to defend an alleged Medicare overpayment.

Whether the owner, members, or shareholders of the entity that received the alleged overpayment are personally liable generally turns on the corporate nature of the entity. Individually enrolled providers, sole proprietors, and partners in a partnership may generally share liability with the entity that received the overpayment, or may actually be the entity in the case of some individuals. Corporations, LLCs, and other corporate entities may offer more protection for their owners, members, or shareholders, who are generally not liable for the debts of the entity under the principle of “limited liability.” There are exceptions to limited liability which CMS (and other creditors) can attempt to use to collect from owners, but CMS rarely attempts to use these exceptions.

However, owners, members, and shareholders of entities with an alleged Medicare debt should be aware that there may be other impacts. CMS may refer the owner of an entity with an alleged Medicare debt to the OIG for placement on the OIG Exclusion List. CMS may also revoke the current enrollment or deny future enrollment applications of entities affiliated with the owner of an entity with outstanding Medicare debt. Perhaps most importantly, the owner or controller of an entity that knowingly causes the entity to fail to return a Medicare overpayment may create individual liability for themselves under the 60-Day Rule, Civil Monetary Penalties, and – importantly – the False Claims Act. CMS will generally also refer a debt to the US Department of Treasury for collections efforts.

Published on:

In the recently released 2025 Physician Fee Schedule (“PFS”) Final Rule, the Centers for Medicare & Medicaid Services (“CMS”) implemented changes to the 60 Day Rule regarding the return of identified Medicare and Medicaid overpayments. Initially created by the 2010 Affordable Care Act, the 60 Day Rule requires healthcare providers to report and return Medicare and Medicaid overpayments within 60 days of identifying such overpayments. Failing to comply with the 60 Day rule may result in the imposition of a civil monetary penalty or an alleged violation of the Federal False Claims Act.

CMS made two significant changes to the 60 Day Rule in the 2025 PFS Final Rule. First, CMS formalized a six-month period for a good faith investigation before the 60-day clock begins to run. CMS had previously posited in guidance that it believed a provider should generally have up to six months to perform a good faith investigation before the provider is deemed to have “identified” the overpayment. In the 2025 Rule, CMS incorporated this position into the regulation itself, providing that the deadline for reporting and returning an overpayment will be suspended until either the provider completes the investigation or 180 days after the date the overpayment is initially identified, whichever is earlier.

Second, the 2025 Rule dropped the “reasonable diligence” standard and adopted the “knowingly” standard of the False Claims Act. Previously, the provider was deemed to have identified the overpayment if it had or should have determined through reasonable diligence that it had received a quantified overpayment. With the change, the provider will now be deemed to have identified an overpayment when it knowingly receives or retains an overpayment. “Knowingly” is defined by direct reference to the False Claims Act, thus aligning the two standards. Many observers had noted that it was inconsistent for CMS to claim providers would have False Claims Act liability for violating the 60 Day Rule, when the two had different standards. That inconsistency no longer exists.

Published on:

Healthcare providers recently secured a significant legal victory regarding the No Surprises Act (NSA) and its independent dispute resolution (IDR) process. While the NSA was designed to protect patients from surprise medical bills, disputes between providers and insurers have persisted, particularly when it comes to the IDR process used to settle payment disagreements. A recent court ruling struck down parts of the IDR rule, handing a win to providers.

The NSA, which took effect in January 2022, was created to protect patients from unexpected medical bills when they receive care from out-of-network providers, especially in emergencies. These surprise bills usually happen when patients unknowingly receive care from out-of-network providers at in-network hospitals or when they don’t have control over which provider they see, typically during an emergency. In general, the NSA stops group health plans and health insurers from billing patients more than their in-network cost-sharing amount for certain out-of-network services, including:

  • Emergency services,
Published on:

Healthcare fraud, waste, and abuse laws apply to any entity doing business in the healthcare space and especially those submitting claims to government healthcare plans or programs, such as Medicare and Medicaid. The three most important and influential healthcare fraud, waste, and abuse laws are the federal laws: the Physician Self-Referral Statute (commonly called the “Stark Law”), the Anti-Kickback Statute (the “AKS”) and the Eliminating Kickbacks in Recovery Act (“EKRA”). Even a simple business arrangement can require a complex analysis where one or more of these statutes is implicated.

The Stark Law (42 U.S.C. 1395nn) prohibits physicians from referring patients to entities providing “designated health services” covered by Medicare or Medicaid if there is a financial relationship between the physician (or their immediate family) and the entity, except under specific exceptions. The financial relationships can cover employment, direct compensation, investment, and others. The Stark Law is somewhat unique because it does not apply to all Medicare or Medicaid services, but only to specific “designated health services” that are listed in statute and regulations. The Stark Law includes several exceptions, such as in-office ancillary services and fair market value compensation, but each element of the exception must be met for it to apply.

Similarly, the AKS (42 U.S.C. 1320a-7b(b)) prohibits the exchange of “remuneration” to influence patient referrals or generate business for services billed to federal healthcare programs. The AKS applies to all services billed to federal healthcare programs, and “remuneration” is broadly defined to include anything of value. The AKS includes several exceptions and “safe harbors.” A safe harbor refers to a set of circumstances defined by regulations where conduct that would otherwise implicate the AKS is nonetheless permissible if it meets all the requirements of the safe harbor.

Published on:

Corporate Practice of Medicine, or CPOM for short, is a legal doctrine that refers to who is authorized to own and operate a medical practice and, specifically, to employ physicians. Most states regulate CPOM in one way or another, on the rationale that physicians should be able to practice medicine free of influence that may be wielded by an employer who is not licensed. As a practical matter, CPOM regulations also usually increase the importance and bargaining power of physicians in business arrangements.

Every state sets its own policy and rules regarding CPOM, but they fall into three broad categories. First, some states have very strict CPOM rules and only allow physicians to be employed by entities that are 100% owned and controlled by other licensed physicians. Second, some states have few or no CPOM restrictions and any entity can employ physicians, regardless of the licensure of ownership or management. Third, most states fall somewhere in the middle. They may require that the entity that employs physicians have a certain percentage of physician ownership, say 51%, while the remainder can be owned by nonphysicians. They may allow multiple types of licensed practitioners to join together in one practice, for example, physicians and podiatrists owning a practice that practices both medicine and podiatry. They may have exceptions that allow certain types of licensed healthcare facilities to employ physicians.

These complex regulations can create a need for complex business arrangements to maintain compliance. One of the most common is the management services organization (MSO) model. Under an MSO model, the medical practice is owned by licensed practitioners as required by the CPOM rules in the particular state. The medical practice then contracts with the MSO, which is generally owned by un-licensed investors, to provide certain management, administrative, and other services in exchange for a management fee.  In addition to the complex business concerns, these arrangements can raise numerous legal and regulatory compliance concerns, including control over the practice and medical decision making, influence of non-licensed investors, control over personnel decisions, fee-splitting concerns, fraud waste and abuse concerns regarding how the management fee is calculated and any other revenue streams or referrals between the entities, and many more. The MSO model, especially variations backed by private equity, has recently come under scrutiny by professional groups and government entities raising these and other issues. Physician practices contemplating such an arrangement should be mindful of both the reasons for such an arrangement and the compliance concerns, CPOM and otherwise, regarding how the arrangement is structured.

Published on:

When a Medicare provider or supplier receives claims denials or an overpayment demand as a result of a Medicare audit, the decision whether and how to appeal the decision, or to simply repay the amount demanded by the Medicare contractor, is usually a business decision. In some cases, it may initially appear that the value of the demand simply does not justify the effort and cost of pursuing an appeal. However, a Medicare provider in this position should be aware that forgoing an appeal may have consequences far above and beyond paying back the amount demanded by Medicare.

In many cases, choosing to forego an appeal is not simply a matter of repaying funds to the Medicare program, but the Centers for Medicare & Medicaid Services (CMS) and its contractors will generally take a decision not to appeal as an admission by the provider that the audit results are correct and that the claims were properly denied. CMS and its contractors may use this perceived admission of ‘guilt’ against a provider later, long after it is far too late for the provider to appeal the audit findings.

For example, a provider may receive a Medicare probe audit. The contractor conducting the probe audit reviews medical records for 10 claims and denies all 10, claiming that the provider did not meet Medicare requirements for coverage. The repayment demand is ‘only’ $3,000. The provider strongly disagrees with the contractor’s allegation, but decides it is not worth it to appeal and simply pays the $3,000. A few months later, the provider receives another probe audit. The contractor reviews 12 claims and denies all 12 for the same reasons as in the first probe audit. Again, the repayment demand is ‘only’ $4,000, so even though the provider strongly believes their claims meet Medicare requirements, the provider chooses to repay the $4,000 rather than expend the time and resources to pursue the lengthy and complex Medicare claims appeal process.

Published on:

Medicare claims audits can be a complex and frustrating experience for healthcare providers who choose to accept Medicare. If claims are denied during the audit – and they nearly always are – the appeal process can itself take months or years and contains many strategic decisions for a provider to make.

A Medicare audit generally begins when a Medicare contractor requests medical records from a provider. At this stage, it is important to note which type of contractor is making the request (is it a MAC, UPIC, RAC, SMRC, etc.?), which type of review the contractor is performing (pre-payment, post-payment, TPE, PPEO, CERT, is it likely to be statistically extrapolated, etc.?), and any special circumstances of the provider (Has it received similar audits or requests recently? Did it have a recent change of ownership? Does a separate entity possess relevant documentation? Etc.).  Depending on the circumstances of the review, the provider may take additional steps to increase the likelihood that the claims reviewed by the contractor are found payable in the first instance. A provider may choose to submit additional records, retain a clinical expert, engage in additional communication with the contractor, or submit some form of legal brief or position paper. On the other hand, in some cases, it may be more appropriate to simply submit the records and await a response.

If claims are denied during the review, such claims are generally eligible for the Medicare claims appeal process, a complex, 5-step administrative appeals process. First is Redetermination, usually with the same contractor that issued the denials initially. Second is Reconsideration, before a different Medicare contractor. Third is review by an Administrative Law Judge (ALJ), where the provider has the opportunity to conduct a hearing and present witnesses. Fourth is review by the Medicare Appeals Council, the highest level of appeal within the Department of Health and Human Services. Fifth is appeal to federal court, which is usually limited in scope and not appropriate in many cases.

Contact Information