Published on:

On October 7, 2022, the Centers for Medicare & Medicaid Services (CMS) published a request for information (RFI) notice seeking public comment on a proposed national healthcare provider directory. CMS states in the RFI that the directory would be a “centralized data hub” for healthcare provider, facility, and entity directory information across the country. Under the proposal, CMS would establish and maintain the national directory and validate the data against primary sources. The national directory would also be application programming interface (API)-enabled.

While patients already use provider directories to locate healthcare providers and learn about the services they offer, these directors are typically maintained by individual payers and may not be the most accurate source of provider information. Moreover, reporting contact and services data to payers places a significant administrative burden on providers. In the RFI, CMS cites a 2019 study conducted by the Council for Affordable Quality Healthcare (CAQH), which found that physician practices collectively spend around $2.7 billion annually on directory maintenance. Viewed differently, that figure equates to about $1,000 per month per practice, or one staff member workday per week. According to CAQH, a single streamlined platform for reporting provider directory information would save practices over $4,700 each year, or approximately $1.1 billion in collective annual savings nationwide. Although it is worth noting that payors would likely still require providers to report contact and services data to them, meaning CMS is only adding an additional administrative burden.

CMS’s proposed nationwide directory purports to streamline existing data across its system and publish easily accessible information using interoperable technology in a centralized location. According to CMS, the proposed directory would not only give patients more accurate provider information, but also improve health data exchange and care coordination between providers. A national directory also has the potential to improve public health reporting, a major challenge for the healthcare industry during the COVID-19 pandemic.

Published on:

On October 3, 2022, the US Department of Health and Human Services (HHS) Office of Inspector General (OIG) issued a report detailing OIG’s findings related to the efficacy of the Unified Program Integrity Contractor (UPIC) program. As many healthcare providers may know, UPICs are the primary program integrity contractors for the Centers for Medicare & Medicaid Services (CMS) and the only program integrity contractors with authority to review both Medicare and Medicaid claims. UPICs are tasked with investigating instances of suspected fraud, waste, and abuse in the Medicare and Medicaid programs. However, much of their work amounts to medical review and payment recovery, as their investigations rarely identify meaningful fraud, although it can cause tremendous damage to a provider when the UPIC accuses a provider of fraud

OIG conducted a qualitative study of each of the five UPICs’ 2019 activities, including surveying each UPIC to find out about the challenges they faced in performing program integrity activities. OIG also solicited input from CMS about the effects of the unification of Medicare and Medicaid program integrity activities, how CMS measures the effectiveness of UPICs, and any challenges UPICs face in conducting their work. Notably, OIG did not assess whether UPICs were appropriately targeting providers with audits and suspensions, or whether UPIC findings were upheld on review by other contractors or Administrative Law Judges in the administrative appeals process. Rather, OIG’s report seems to imply that more auditing is always better, regardless of its efficacy or its impact on healthcare providers.

As a result of the study, OIG found that UPICs conducted substantially more Medicare program integrity work compared to Medicaid work. The study revealed that UPICs conducted only minimal activities related to Medicaid managed care, even though most Medicaid enrollees receive services through managed care. OIG further noted that UPICs reported no data analysis projects completed or vulnerabilities identified related to Medicaid managed care in 2019. Overall, UPICs conducted disproportionately fewer Medicaid activities compared to the levels of funding they receive from CMS for Medicaid program integrity activities.

Published on:

Recently, the US Department of Health and Humans Services (HHS) Office of the Inspector General (OIG) released a data brief analyzing telehealth services covered by Medicare and related program integrity risks. OIG sought to evaluate the impacts on program integrity due to the regulatory flexibilities implemented during the COVID-19 pandemic and the corresponding spikes in utilization rates for telehealth services by Medicare beneficiaries. Of the 742,000 providers that OIG evaluated, 1,714 had “concerning billing” on at least one of the seven measures that OIG considers to be potential indicators of fraud, waste, and abuse. The data brief represents OIG’s latest effort to use data analytics to identify program integrity concerns and includes specific proposals to improve data quality to aid in program integrity efforts.

OIG identified seven measures that it views as posing high risk for fraud, waste, and abuse. It is worth noting that these integrity measures are related to, but different from, the seven measures OIG identified in a special fraud alert issued in July 2022 with respect to provider arrangements with telehealth companies. The seven measures that OIG identified in the data brief are as follows:

  • Billing for both a telehealth service and a facility fee for most visits
Published on:

The Office of Inspector General (OIG) for the United State Department of Health and Human Services (HHS) recently released a template to assist with preparing advisory opinion requests. This template can be used to ensure that requestors include the information required for the advisory opinion process. The template lays out the basic information required for an advisory opinion request and leaves an optional section for legal analysis. Although providing a legal analysis is not required, most requests include significant legal analysis regarding why OIG should approve the arrangement and it is often the most detailed and insightful portion of a successful advisory opinion request.

Advisory opinions issued by HHS OIG are legal opinions that are issued to the requesting parties that apply OIG’s fraud and abuse authorities to the requesting parties’ current or proposed business arrangement. Since the advisory opinion is tailored to and binding on a requesting party’s current or proposed business arrangement, OIG will not advise on any hypothetical or other arrangements that the party does not actually intend to engage in. Although most advisory opinion requests seek guidance regarding the Anti-Kickback Statute (AKS) and its safe harbors, OIG is also authorized to issue advisory opinions on the application of exclusion authorities, civil monetary penalty authorities, and criminal penalties.

OIG also declines to issue opinions on general questions of interpretation, the fair market value of goods, services, or property, or the application of the Stark law or the Eliminating Kickbacks in Recovery Act (EKRA). Although advisory opinions can provide valuable guidance, requesting an advisory opinion is a completely voluntary process. Accordingly, failure to seek an advisory opinion regarding a business arrangement cannot be introduced as evidence as proof that the party violated the law.

Published on:

One of the most destructive types of audits that a Medicare provider can suffer from a Medicare contractor is a UPIC audit. A UPIC (Unified Program Integrity Contractor) is a type of Medicare contractor that combines several program integrity functions that were previously handled by different entities. The primary goal of the UPICs is to identify potential fraud; however, they are often quick to accuse providers of significant fraud and bring devastating consequences to providers without giving the providers an opportunity to respond. Even a UPIC audit for a relatively small number of claims or a relatively small dollar value should be treated as a significant investigation.

A UPIC may initiate an investigation based on several types of leads. The UPICs are authorized to use analysis of claims data to identify potential billing irregularities or suspected fraud, and this is the most frequent source of a UPIC investigation. This means that providers with unusual billing patters or high utilization are inherently more susceptible to UPIC investigations, even if these billing practices are for entirely legitimate reasons, such as a particular patient population. The UPICs may also receive referrals from other agencies and from outside sources, such as news media, interviews, or beneficiary complaints.

Once a UPIC initiates an investigation, it has many tools at its disposal. It may utilize records requests, onsite reviews at the place of business of the provider or supplier, or interviews of employees of the provider or supplier. Often UPIC audits begin as small probe audits, possible only a dozen claims valued at a few thousand dollars. These small probe audits may at first appear to be not worth defending or appealing. However, UPICs often use the results of these small probe audits to jump to the conclusion that the provider is committing fraud and, seemingly out of nowhere, suspend the provider’s Medicare payments. The UPIC may also persuade the Centers for Medicare & Medicaid Services (CMS) to revoke the provider’s Medicare billing privileges because the UPIC’s probe audits have made it appear as though the provider has a pattern of submitting claims that do not meet Medicare requirements. At this point, it may be too late to appeal the results of the earlier probe audits, leaving the provider in the unenviable position of defending itself when CMS thinks the results of the probe audits are set in stone.

Published on:

With low rates of Medicare reimbursement, complex and unclear regulations, tremendous administrative burden, and the often arbitrary actions of Medicare contractors, a growing number of physicians and healthcare providers may wonder if there is an alternative to participation in Medicare. There is. Some providers have the option to “opt-out” of Medicare. Opting-out of Medicare refers to the process by which a healthcare practitioner foregoes any right to bill Medicare and collect reimbursement from Medicare. Instead, the practitioner is reimbursed directly by his or her patients. Opting-out of Medicare can be part of a larger concierge medicine model. Not every provider type is eligible to opt-out of Medicare, but for those who may opt-out, it can be an intriguing option.

Unfortunately, opting-out of Medicare cannot be accomplished by simply not enrolling in the Medicare program. Because the entitlement to Medicare services technically belongs to the beneficiary, a provider who provides Medicare-covered services to Medicare beneficiaries generally must either bill Medicare for the services or opt-out. The provider generally cannot bill the beneficiary (other than co-pays, etc.) for Medicare-covered services because, among other reasons, the beneficiary may then be entitled to bill Medicare themselves for the covered services. These rules generally do not apply to services that are not covered by Medicare.

Therefore, a healthcare practitioner who intends to bill Medicare beneficiaries directly for services that would otherwise be covered by Medicare must undergo the formal process of opting-out of Medicare. First, the practitioner must submit a set of documents, including an affidavit, to the Medicare Administrative Contractors (MACs) in any jurisdiction in which they would otherwise submit Medicare claims. Second, the practitioner must enter into a “private contract” with every Medicare beneficiary to whom he or she provides Medicare-covered services. These “private contracts” are required to contain several specific terms in order to be effective. Once a provider opts-out, the opt-out is generally effective for two years. While a practitioner must opt-out for all patients and all services, opting-out generally does not affect a practitioner’s ability to order other items or services that are covered by Medicare or the practitioner’s group’s ability to bill Medicare.

Published on:

On Friday, August 26, 2022, the Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS), Department of Labor, and Department of Treasury (collectively, the Departments) issued a new Final Rule updating key regulations pertaining to the No Surprises Act. The Final Rule addresses disclosure requirements for group health plans and health insurance issuers related to the Qualified Payment Amount (QPA) for out of network services, as well as establishing the factors and information which certified federal independent dispute resolution (IDR) entities must consider in arbitrating disputes for out of network services or items. The Final Rule takes effect October 25, 2022 and covers services and items rendered during plan years beginning on or after January 1, 2022.

The July 2021 interim final rule initially required group health plans and health issuers to make certain disclosures. When the QPA serves as the recognized amount or the amount that serves as the basis for cost sharing with respect to out of network services, plans and issuers must disclose the QPA and certain related information, as well as certain additional information at the request of the provider or facility. When a plan or issuer down-codes the billed claim, the plan or issuer must automatically provide additional information about the QPA with an initial payment or notice of denial. The additional information must include a statement that the claim was down-coded, an explanation of why the claim was down-coded, and the amount that would have been the QPA had the claim not been down-coded.

In October 2021, the Departments issued their first attempt at establishing the information an IDR entity must consider, however these rules were challenged in court and subsequently vacated. Under the most recent Final Rule, a Federal IDR entity must weigh specific considerations and select the offer that “best represents the value of the qualified IDR service or item” as the out of network rate. Specifically, the IDR entity must consider the QPA for the same or similar qualified IDR service or item for the applicable year, as well as additional information submitted by a party related to:

Published on:

The Department of Health and Human Services (HHS) Office of Inspector General (OIG) recently issued OIG Advisory Opinion No. 22-14 that applied its November 2020 special fraud alert targeting remuneration associated with speaking arrangements funded by pharmaceutical and medical device companies.

The November 2020 special fraud alert addressed potential Anti-Kickback Statute (AKS) risks arising from paying physicians to speak at educational programs and providing benefits to  attendees. OIG outlined several factors that, if present, would increase the risk of an AKS violation.

OIG’s No. 22-14 Advisory Opinion was issued in response to an ophthalmology practice’s proposed continued education program. The practice intended to offer continued education programs to local optometrists, who may be responsible for referring approximately half of the practice’s surgical patients. Although many of the local optometrists refer their patients to the practice, the program would be available to all optometrists in the area, and there would be no obligation to refer patients to the practice after attending the program.

Published on:

The Department of Health and Human Services (HHS) Office of Inspector General (OIG) announced several new changes in its Work Plan update in August 2022. The OIG Work Plan forecasts the projects that OIG plans to implement over the foreseeable future. These projects usually include OIG audits and evaluations. Below are the highlights from the Work Plan update of which providers and suppliers should take notice.

First, OIG will perform an audit of selected HHS divisions to evaluate the effectiveness of security controls to determine whether service providers are identifying and reporting cybersecurity events. The audit seeks to ensure HHS’s compliance with the Federal Information Security Management Act and OMB Circular A-130 which requires Federal agencies to ensure that service providers meet the security requirements for transmitting, processing, or storing Federal information.

Second, OIG will perform a nationwide review of skilled nursing facility (SNF) costs for services, facilities, and supplies furnished by entities with common ownership with the SNF. Medicare regulations require that the cost of services, facilities, and supplies furnished to a provider by an organization under common ownership or control be the same or lower than the cost of comparable services and supplies purchased elsewhere. Accordingly, the review will compare these costs to determine whether skilled nursing facilities are reporting these related-party costs in accordance with the Medicare regulations. The review will also consider how a skilled nursing facility’s allocation of Medicare funds can impact beneficiary care.

Published on:

More of the long-promised enforcement actions related to COVID-19 pandemic relief and healthcare programs have started to unfold. This time it is demands from the Health Resources and Services Administration (“HRSA”) that providers repay funds they have received for providing COVID-19 testing to the uninsured during the pandemic.

As part of the response to the COVID-19 pandemic, Congress provided funding for testing of patients without health insurance. The funding of testing for the uninsured was overseen by HRSA under the COVID-19 Claims Reimbursement to Health Care Providers and Facilities for Testing, Treatment, and Vaccine Administration for the Uninsured Program. HRSA contracted with Optum to administer the program directly. Generally referred to as “HRSA funding” for testing of the uninsured, this system functioned as a claims reimbursement program wherein eligible healthcare providers submitted claims to HRSA/Optum for reimbursement, made certain attestations, and Optum reimbursed providers’ claims.

Recently, healthcare providers who billed and received reimbursements under this program have begun to receive “assessment” letters from HRSA. HRSA has generally insisted that these are not “audits,” but “assessments.” These letters generally indicate that HRSA made payments to the provider in error and demand that the provider make immediate repayment. The letters generally do not provide denial reasons or explain the nature of the “error,” and do not contain allegations of fraud. They simply demand repayment. The letters also generally do not provide for an appeal process. Where a provider receives a letter, HRSA generally also suspends payment to the provider, pending the completion of an assessment.

Contact Information