Healthcare audits: Helping organizations understand audit guidelines and requirements
Upcoming SlideShare
Loading in...5

Healthcare audits: Helping organizations understand audit guidelines and requirements



Healthcare audits: Helping organizations understand audit guidelines and requirements

Healthcare audits: Helping organizations understand audit guidelines and requirements



Total Views
Views on SlideShare
Embed Views



1 Embed 10 10


Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment
  • Medicaid: Benefits for the low income and welfare population (children/families and the disabled) Federal–state partnership to fund basic health care needs. In the past, the Federal government provided funds for the program, but had little control over Medicaid expenditures. Medicare Part C: Medicare Advantage Plans (HMOs and PPOs) – coverage for Part A (hospital) and Part B (medical) may include Part D (drug coverage) Medicare Part D: Drug Coverage
  • Goal of audit programs… Prevent fraud, abuse and waste
  • Permedion works with over 28 government agencies including State Insurance Departments, Medicare, Medicaid, and Correctional Departments.  Audits ensure the right medical care is provided at the right time in the right setting, that services are billed appropriately, and that the care provided is of the highest quality.
  • QIOs: CMS contracts with 1 organization in each state (also D.C, Puerto Rico, and the U.S. Virgin Islands) to serve as that state's QIO contractor QIOs are private (not-for-profit organizations), staffed by Drs and other health care professionals QIO’s review medical care and help beneficiaries with quality of care complaints and help implement improvements in quality of care available QIO contracts are 3 years in length, with each 3-year cycle referenced as an ordinal "SOW.“ NCDs: - Coverage for items and services that are reasonable and necessary for the dx or tx of an illness or injury (and within the scope of benefits) If no national coverage policy, coverage may be at the discretion of the Medicare contractors based on a local coverage determination (LCD). ________________________________________________________________________________________________________________________ The Medicare Prescription Drug, Improvement, and Modernization Act of 2003 amended several portions of the NCD development process with an effective date of January 1, 2004. For NCD requests not requiring an external technology assessment (TA) or Medicare Evidence Development & Coverage Advisory Committee (MEDCAC) review, the decision on the request shall be made not later than 6 months after the date the completed request is received. For those NCD requests requiring either an external TA and/or MEDCAC review, and in which a clinical trial is not requested, the decision on the request shall be made not later than 9 months after the date the completed request is received. Not later than the end of the 6 or 9 month period described above, the proposed decision shall be made available on the CMS website (or other appropriate means) for public comment. This comment period shall last 30 days, and comments will be reviewed and a final decision issued not later than 60 days after the conclusion of the comment period. A summary of the public comments received and responses to the comments will continue to be included in the final NCD. An Annual Report shall be issued listing the national coverage determinations made in the previous year and explaining how to get more information on those determinations. Following is a list of potential NCD topics. CMS used the circumstances outlined in the guidance document referenced above to vet topics and generate the list. Those circumstances include: 1) a significant number of inquiries from the public, providers, or patients; 2) new evidence or a reexamination of previously available evidence; 3) inconsistent or conflicting local coverage policies; 4) program integrity concerns; 5) substantial clinical advances; 6) technologies for which rapid diffusion could have a significant programmatic impact; or 7) significant uncertainty about the health benefit, patient selection, or appropriate facility and staffing requirements for a new technology. We encourage comments on the below potential NCD topics. TOPIC LIST FOR THIRD QUARTER 2008 Thrombopoiesis stimulating agents (platelet growth factors e.g. romiplostim) may elicit safety concerns similar to the erythropoiesis stimulating agents (ESAs).  Long term safety data are lacking. ESAs have known serious adverse effects in patients who have cancer or pre dialysis chronic kidney disease (CKD).  Their long term benefits and harms in the ESRD population are unclear.  ESAs are a large cost in current ESRD treatment strategies.  CKD uses of ESAs have known adverse effects.  Medicare recently implemented anemia reporting requirements that include the reporting of hemoglobin or hematocrit information on claims for ESA uses in CKD.  It is unclear if ESAs are being used appropriately in this population. Levocarnitine has unclear benefits in the ESRD population.  Recent revisions of K-DOQI guidelines suggest a paucity of evidence to support some uses. Parenteral iron supplementation may be accomplished with a variety of iron containing preparations.  Iron overload and hypersensitivity reactions are not uncommon. Bisphosphonates , particularly longer acting parenteral preparations, have been associated with osteonecrosis of the mandible (jaw) in patients who have dental procedures.  Given the ready availability of oral preparations it is unclear if the convenience afforded by the less frequent administration parenteral agents outweighs the potential harms. A limited body of evidence informs gene expression profiling tests to inform cancer therapy decisions.  It is unclear if the widespread addition of such testing to the evaluation of patients with would result in a meaningful change in disease management and improved health outcomes. Treatment of wet AMD , central vein occlusion and diabetic retinopathy by anti-VEGF agents including but not limited to Avastin and Lucentis.  This clinical field is growing by leaps and bound and we believe there is a need to systematically consider the evidence. Proton beam therapy for prostate cancer : Proposed as means to concentrate radiation therapy and reduce side effects. Very high upfront cost to build these facilities and thus only at very few facilities. For prostate cancer treatment, no current comparative trials comparing to usual therapy. Artificial cervical discs are being developed in an effort to treat symptomatic degenerative disc disease more effectively. The goal of this type of technology is to maintain spinal motion following anterior discectomy, to reduce the incidence of degeneration of adjacent disc levels of the spine (adjacent-segment disease), and to permit more rapid return to normal activity. Is the evidence adequate that this procedure results in improved health for the Medicare population? Minimally invasive methods for bariatric surgery , such as minimally invasive Roux-en-Y gastric bypass is a procedure that is being performed with increasing frequency. It is an advanced laparoscopic procedure with a steep learning curve. Is current evidence sufficient to demonstrate that it results in improved health outcomes for morbidly obese patients? Biological therapies for treatment of chronic wounds: Clinicians' understanding of and ability to achieve wound healing has increased significantly over the past few years, particularly as a result of advances in molecular biology such as the use of growth factors, the ability to grow cells in vitro and the development of bioengineered tissue. Is the evidence for any specific modalities adequate to demonstrate improved health outcomes for selected wound patients while avoiding side effects seen with other growth hormones? Bone morphogenetic protein (BMP): Members of the BMP family are potentially useful as therapeutics in areas such as spinal fusion. BMP-2 and BMP-7 have been shown in clinical studies to beneficial in the treatment of a variety of bone-related conditions including delayed union and non-union. BMP-2 and BMP-7 have received Food and Drug Administration (FDA) approval for human clinical uses. Certain off-label uses in cervical spine fusion may be associated with life-threatening complications. Is the evidence adequate to demonstrate health improvements in the Medicare population? Hip resurfacing may be an alternative to total hip replacement that might offer an interim option to patients. Although many patients can expect to outlive the treatment’s effectiveness, hip resurfacing may have the advantage of preserving enough healthy bone to allow for a future total hip implant. Is the evidence adequate to demonstrate health benefits in the patients who receive the procedure? Ablation for atrial fibrillation: If medication is not effective or not tolerated for atrial fibrillation, a nonsurgical procedure called catheter ablation may be chosen. Focal and circumferential catheter ablation for atrial fibrillation is still being studied in investigational trials but may be done in selected patients to try to cure atrial fibrillation. Is the evidence adequate to demonstrate health benefits in the patients who receive the procedure? Off label use of drug eluting coronary stents : Limited data are available on the off-label use of drug-eluting stents (DESs) in clinical practice. Is that evidence adequate to specify groups of patients that do benefit from treatment with coronary stents or clearly do not benefit? Vertebroplasty and kyphoplasty : Vertebroplasty and kyphoplasty are radiologic procedures for the treatment of the intense pain caused by vertebral compression fracture in patients whose pain has been refractory to medical management or other therapy. Vertebroplasty and kyphoplasty involve the intraosseous injection of acrylic cement under local anesthesia and fluoroscopic guidance to control the pain of vertebral fractures associated with osteoporosis, tumors, and trauma. Typically, vertebroplasties are performed in an outpatient setting, while kyphoplasty typically requires hospital admission. Is the evidence adequate to demonstrate health benefits from pain reduction in selected patients? Lumbar fusion for degenerative disc disease : For certain patients, a two level spinal fusion may be an effective treatment for debilitating back pain from two degenerated lumbar discs. Multilevel fusion as a primary treatment for low back pain from degenerated discs is a controversial topic in spine medicine. However, lumbar fusion of three or more levels of the low back as a primary treatment for back pain is rarely recommended, and many surgeons recommend against it in all cases of multilevel degenerative disc disease. Is the evidence adequate to specify groups that do and do not benefit from the lumbar fusion procedure? Peripheral arterial stenting and vascular intervention : Angioplasty and angioplasty with vascular stenting are commonly used to treat conditions that involve a narrowing or blockage of arteries throughout the body, including 1) narrowing of large body arteries due to atherosclerosis, or hardening of the arteries, a gradual process in which cholesterol and other fatty deposits, called plaques, build up on the artery walls and 2) peripheral vascular disease (PVD) and peripheral artery disease (PAD), a narrowing of the arteries in the legs or arms. In patients with PVD or PAD, angioplasty alone or angioplasty with stenting may be used to open up a blocked artery in the pelvis, leg or arm. Is the evidence adequate to specify groups that do and do not benefit from angioplasty and stenting in the peripheral vascular system? Pharmacogenomic testing: Pharmacogenomic testing det e cts DNA variants that are associated with altered response to therapeutic drugs, in order to optimize drug selection or modify drug dosage to improve effectiveness and/or to avoid adverse drug events.  As examples, testing for certain variants in VKORC1 and CYP2C9 genes (and possibly others) may permit more accurate calibration of warfarin dosage for individuals to prevent thrombosis or thromboembolism; testing for a certain variant in the UDT1A1 gene may highlight greater risk of neutropenia in those receiving the drug irinotecan as part of their anti-cancer chemotherapy.  However, there is a relative scarcity of high-quality published evidence from outcome-related clinical trials about the clinical utility due to pharmacogenetic testing at this time.
  • CERT (Comprehensive Error Rate Test) PSC (Program Safeguard Contractor) OIG (Office of Inspector General Audits)
  • CERT program: Identify reasons for errors in claims payments or denials Implement corrective actions to improve the accuracy of claims and claims processing CERT Documentation Contractor (CDC) will request medical records - Send up to 4 requests - Facility has 75 days after the initial request to submit info - Review MR and see if claim processed correctly - Addl request for MR - additional 14 days to submit MR = then error is assessed and $ will start to be collected - No reimbursement for MR ________________________________________________________________________________________________________________________ If an error has been assessed, providers may receive a phone call from the CERT Nurse Analyst to verify if additional documentation is available. To overturn an error, the missing documentation must be submitted to the CRC for re-review. When the review is complete, Medicare Part A will be notified if there is a revised decision. If the CERT reviewer has determined that the records now adequately document the service(s) billed, Medicare will process an adjustment for the additional payment.
  • New requirements for contractors (for Medicare Parts C and D) Ensure each Medicare Advantage plan under Part C and each Part D prescription drug plan has an anti-fraud plan in effect Review the effectiveness of the plan ______________________________________________________________________________________________________________________ Examine claims for reinsurance payments under section 1860D–15(b) of the Social Security Act to determine whether prescription drug plans submitting the claims incurred costs greater than those allowable under paragraph 2 of the section. Review estimates submitted by private insurers for their prescription drug plans regarding the enrollment of high-cost beneficiaries, and compare them with the numbers of such beneficiaries actually enrolled.
  • Rollout of the program to specific states at certain times, as evidenced by the map. Region A: Diversified Collection Services Inc. in Maine, New Hampshire, Vermont, Massachusetts, Rhode Island and New York;  Region B: CGI Technologies and Solutions Inc in Michigan, Indiana and Minnesota; Region C: Connolly Consulting Associates Inc. in South Carolina, Florida, Colorado and New Mexico; and Region D: HealthDataInsights Inc. in Montana, Wyoming, North Dakota, South Dakota, Utah and Arizona. Additional Documentation Limits for FY 2010 for DRG Validation (as of December 1, 2009)… - CMS has modified the MR request limits for the RAC program in FY 2010. Limits will be established on an annual basis Per campus on the maximum number of MR that may be requested per 45-day period. A campus unit (defined below) may consist of one or more separate facilities/practices under a single organizational umbrella; each limit will be based on that unit’s prior calendar year Medicare claims volume. 1. Limits will be based on the servicing provider/supplier’s Tax Identification Number (TIN) and the first three positions of the ZIP code where they are physically located. Using TINs will reduce the total number of limits that would have been imposed per organization under the previous draft policy, which was based on National Provider Identifiers, while factoring in ZIP codes will promote equitability for regional or national organizations. For example: Provider A has TIN 123456789 and two physical locations in ZIP codes 12345 and 12356; the two locations would qualify as a single campus unit for additional documentation limit purposes. Provider B has TIN 123456780 and is physically located in 12345 as well as 21345. This provider would be considered as two distinct entities for additional documentation purposes, and each location would have its own additional documentation limit. Please note that the definition of a campus for RAC documentation request limits differs significantly from the definition in 42 CFR 413.65(a)(2) used to determine eligibility for provider-based billing. 2. Limits will be set at 1% of all claims submitted for the previous calendar year (2008), divided into eight periods (45 days). Although the RACs may go more than 45 days between record requests, in no case shall they make requests more frequently than every 45 days. A provider’s limit will be applied across all claim types, including professional services. Note: FY 2010 limits are based on submitted claims, irrespective of paid/denied status and/or individual lines, although interim/final bills and RAPs/final claims shall be considered as a unit. For example: Provider C billed 156,253 claims last year. The provider’s additional documentation limit would be (156253 *.01)/8= 195.31, or 195 additional documentation requests per 45 days. Provider D billed 50,000 inpatient claims, 75,000 outpatient claims, 20,000 SNF covered stays, 20,000 home health episodes of care, 250,000 physician claims, 10,000 inpatient rehab claims and 1.000 hospice claims. The total number of claims for this provider would equal 426,000. The provider’s additional documentation limit would be (426000*.01)/8= 532.5. The provider’s additional documentation limit would be 532 additional documentation requests every 45 days, if there were no cap in place (see below). While respecting a provider’s overall limit, the RAC may exercise discretion in the exact composition of an additional documentation request. For example, the RAC may request inpatient records up to the full limit even though the provider’s inpatient business may only be a small portion of their total claim volume. 3. Two caps will exist in FY 2010: Through March 2010, the cap will remain at 200 additional documentation requests per 45 days for all providers/suppliers. However, from April through September 2010, providers/suppliers who bill in excess of 100,000 claims to Medicare (per TIN, across all claims processing contractors) will have a cap of 300 additional documentation requests per campus unit, per 45 days. 4. In addition, in FY 2010 CMS will allow the RACs to request permission to exceed the cap. Permission to exceed the cap cannot be requested in the first six (6) months of the fiscal year. The expanded cap will not be automatic; the RACs must request approval from CMS on a case-by-case basis and affected providers will be notified prior to receiving additional requests. Questions concerning this update can be directed to
  • • Copies are reimbursable at $0.12/pg Items to submit at 1stLevel of Appeal Appeal letter printed on hospital letterhead with case review and medical justification information RAC notice of denial Remittance advice for the recoupment (also called date “harmed”) Complete copy of the medical record Some facilities submit records with pages numbered for reference purposes and portions highlighted to demonstrate medical necessity, where applicable   • Items to Submit at 2nd Level of Appeal Form Letter from redetermination denial Initial appeal letter Any additional information supporting the claim and responding to the justification given by the FI for upholding the redetermination level denial • 3 rd 4 th and 5 th Levels of Appeal require personal appearances
  • Examples of Medicare fraud: Most frequent kind of fraud - false statement or misrepresentation made Looking for entitlement or payment under the Medicare program Violator may be a provider, beneficiary, or an employee of a provider or some other person or business entity (billing service or an intermediary employee) Fraud may take such forms as: Incorrect reporting of diagnoses or procedures to maximize payments. Billing for services not furnished and/or supplies not provided - billing Medicare for appointments that the patient failed to keep. Billing that appears to be a deliberate application for duplicate payment for the same services or supplies, billing both Medicare and the beneficiary for the same service, or billing both Medicare and another insurer in an attempt to get paid twice. - Altering claim forms, electronic claim records, medical documentation , etc., to obtain a higher payment amount. Soliciting, offering, or receiving a kickback, bribe, or rebate, e.g., paying for a referral of patients in exchange for the ordering of diagnostic tests and other services or medical equipment. - Unbundling or “exploding” charges. - Completing Certificates of Medical Necessity (CMNs) for patients not personally and professionally known by the provider. Participating in schemes that involve collusion between a provider and a beneficiary, or between a supplier and a provider, and result in higher costs or charges to the Medicare program. Participating in schemes that involve collusion between a provider and an AC or MAC employee where the claim is assigned, e.g., the provider deliberately over bills for services, and the AC or MAC employee then generates adjustments with little or no awareness on the part of the beneficiary. Billing based on “gang visits,” e.g., a physician visits a nursing home and bills for 20 nursing home visits without furnishing any specific service to individual patients. - Misrepresentations of dates and descriptions of services furnished or the identity of the beneficiary or the individual who furnished the services. - Billing non-covered or non-chargeable services as covered items. - Repeatedly violating the participation agreement, assignment agreement, and the limitation amount. - Using another person's Medicare card to obtain medical care. - Giving false information about provider ownership in a clinical laboratory. - Using the adjustment payment process to generate fraudulent payments. Examples of cost report fraud include: - Incorrectly apportioning costs on cost reports. - Including costs of non-covered services, supplies, or equipment in allowable costs. Arrangements by providers with employees, independent contractors, suppliers, and others that appear to be designed primarily to overcharge the program through various devices (commissions, fee splitting) to siphon off or conceal illegal profits. - Billing Medicare for costs not incurred or which were attributable to non-program activities, other enterprises, or personal expenses. - Repeatedly including unallowable cost items on a provider's cost report except for purposes of establishing a basis for appeal. - Manipulation of statistics to obtain additional payment, such as increasing the square footage in the outpatient areas to maximize payment. - Claiming bad debts without first genuinely attempting to collect payment. - Certain hospital-based physician arrangements, and amounts also improperly paid to physicians. - Amounts paid to owners or administrators that have been determined to be excessive in prior cost report settlements. - Days that have been improperly reported and would result in an overpayment if not adjusted. - Depreciation for assets that have been fully depreciated or sold. - Depreciation methods not approved by Medicare. - Interest expense for loans that have been repaid for an offset of interest income against the interest expense. - Program data where provider program amounts cannot be supported. - Improper allocation of costs to related organizations that have been determined to be improper. - Accounting manipulations.
  • The “Medi-Medi” program: - Major effort to ID fraud, waste, and abuse.
  • Medicare Administration Contractor (MAC): Responsible for the receipt, processing and payment of Medicare fee-for-service claims Primary contact for physicians Perform functions related to: Appeals, Provider Outreach and Education, Financial Management, Provider Enrollment, Reimbursement, Payment Safeguards, and Information Systems Security - Reclast: treatment of postmenopausal osteoporosis
  • Dr. Malcom Sparrow, author of License to Steal: Why Fraud Plagues America’s Healthcare System, estimated that as much as 30% of the amount the government spends on healthcare goes to fraudulent claims. Reduce fraud and abuse in the Medicare program. PSCs established in 1999 – complete transfer completed 2006 CMS began transferring the responsibility for detecting and deterring fraud from carrier and fiscal intermediary fraud units CMS orders PSCs to detect fraud and abuse CMS has the option of renewing or terminating task orders at the end of a performance period. A typical performance period lasts 1 year.
  • Congress appropriated $180 million over four years to the MIP - Required CMS to hire 100 new employees to support states in identifying Medicaid fraud and abuse Review MICs - data-mining (looking for your coding and billing errors - upcoding, medical necessity and uncovered services)  Audit MICs – initiate audits with providers/healthcare organizations - Estimates show MIC Audits will recover more overpaid claims than the highly publicized Medicare RAC program  MICs are not compensated on a “contingency fee” basis - Medical Records - Providers will be given the same amount given to a state be given to produce the records - minimum number of days is 15 calendar days, regardless of the State’s policy - most likely not more than 45 days - CMS does not reimburse the provider for the cost of copying medical records _____________________________________________________________________________________________________ State’s role in the MIP’s provider audits: Verify that MIC audits do not conflict with ongoing program integrity activities Review draft audit reports produced by the Audit MICs to ensure that the contractors reached findings in accordance with State and Federal Medicaid laws, regulations, and policies Adjudicate provider appeals MIG avoids duplicating other Medicaid audits by sharing the list of potential audits with State and Federal law enforcement agencies - If either a State Medicaid agency or a law enforcement agency is conducting an audit or investigation of the same provider for similar Medicaid issues, then the MIG may cancel or postpone the Audit MIC audit of the provider. - Look back of claims will be the same as the state where the provider submitted Medical claims A provider can be audited by multiple oversight bodies (such as the Audit MIC, the State Medicaid agency, Medicare contractors, or the Inspector Generals of the State or the U.S. Department of Health & Human Services), especially if the audits cover different programs (e.g., Medicaid versus Medicare), different audit issues (e.g., one-day stays versus post-mortem payments) or different audit periods. MIG (Medicaid Integrity Group): CMS created group to oversee the MIPs. - Office of Group Director: oversees the implementation of the MIP. – Division of Medicaid Integrity Contracting : oversees procurements, evaluation and oversight of MICs. – Division of Fraud Research & Detection: oversees data-mining strategies. – Division of Field Operations: oversees staff in CMS regional offices of New York, Chicago, Atlanta, Dallas and San Francisco. MIC (Medicaid Integrity Contractors): - ACS Healthcare – AdvanceMed Corporation – IMS Government Solutions – SafeGuard Services – Thomson Reuters Audit MICs: - Booz Allen Hamilton – Fox Systems, Inc. – IPRO – Health Management Systems – Health Integrity, LLC Objectives of the MIP: Audit provider claims Identify overpayments Ensure items and services provided and properly documented, using the appropriate procedure codes In accordance with Federal and State laws, regulations, and policies There are three primary MICs: Review MICs, which analyze Medicaid claims data to determine whether provider fraud, waste, or abuse has occurred or may have occurred Audit MICs, which audit provider claims and identify overpayments Education MICs, which provide education to providers and others on payment integrity and quality-of-care issues
  • 10 Steps in MIC Audit: 1. Identification of Potential Audit Areas Through Data Analysis 2. Confirm Audit Targets with the State (Verify no duplication of efforts) 3. Audit MIC receives audit assignments 4. Audit MIC schedules entrance conference 5. Audit MIC performs audit 6. Exit conference 7. CMS and State Review draft audit report; provider review’s draft 8. MIC Final Audit Report 9. CMS Issues Final Report to State 10. State Issues Final Audit Report to Provider & Begins Recovery
  • PERM: 17 state rotational approach to measure improper payments in Medicaid and SCHIP for the 50 states and the DC over a 3 year period Each state is measured once, and only once, every three years - Identifies program vulnerabilities that result in improper payments - Promotes efficient Medicaid and SCHIP program operations - Helps to ensure medical services are provided to the truly eligible
  • - All states are required to have an MFCU or obtain a waiver from the HHS Secretary. Currently, Idaho, Nebraska, and North Dakota have such waivers. States granted waivers have similar units already in place.
  • OIG/DOJ, or the Office of Inspector General / Department of Justice: Enforcement end of this spectrum - Focusing on the following areas of the Medicaid program: – Hospital outlier payments – Nursing home and targeted case management payments – Home health agency payments – State’s claims to CMS for Medicaid-covered drugs FY 2009, OIG excluded 2,556 individuals and organizations from participation in Federal health care programs OIG also reported 671 criminal actions against individuals or organizations that engaged in crimes against HHS programs 394 civil actions, including False Claims Act and unjust enrichment suits filed in Federal district court, Civil Monetary Penalties Law (CMPL) settlements, and administrative recoveries related to provider self-disclosure matters. Medicare Fraud Strike Force investigations resulted in the filing of charges against 138 individuals or entities, 44 convictions, and $40.7 million in investigative receivables ________________________________________________________________________________________________________________________ OIG's $20.97 billion in savings and expected recoveries includes $16.48 billion in implemented recommendations to put funds to better use, $4 billion in investigative receivables, and $492 million in audit receivables Nursing Home Executive Agrees to Permanent Exclusion The President and Chairman of the Board of Pleasant Care Corporation (Pleasant Care), Emmanuel Bernabe, agreed to be permanently excluded from Federal health care programs following an investigation of substandard care at nursing homes formerly operated by Pleasant Care. OIG alleged that Bernabe, through his management and oversight of Pleasant Care, caused services to be furnished to Pleasant Care residents that substantially departed from the professional standard of care. For example, Pleasant Care failed to maintain adequate staffing levels, properly administer medication, provide adequate hydration and nutrition, and prevent accidents. Residents in Medicare Infusion Fraud Scheme 7 employees of a Miami infusion clinic were ordered to pay $19.8 million in restitution and sentenced to prison terms ranging from 37 to 97 months . In their guilty pleas, the individuals admitted to activities including manipulating patients’ blood samples to generate false medical records, ordering and administering medications to treat conditions that were falsely documented with fraudulent test results, and billing Medicare for services that were medically unnecessary or never provided. Page 1 of 3 Page 2 of 3 This operation was conducted by the Medicare Fraud Strike Force, a key component of the joint HHS-Department of Justice Health Care Fraud Prevention and Enforcement Action Team, known as HEAT. During the reporting period, Medicare Fraud Strike Force investigations resulted in the filing of charges against 138 individuals or entities, 44 convictions, and $40.7 million in investigative receivables.
  • Permedion works with over 28 government agencies including State Insurance Departments, Medicare, Medicaid, and Correctional Departments.  Audits ensure the right medical care is provided at the right time in the right setting, that services are billed appropriately, and that the care provided is of the highest quality.
  • MICs v. RACs: - MIC audits often are mistakenly compared to RAC audits. The differences between the two are: – Applicable laws: MIC (federal and state); RAC (federal) – Days Required to Produce Medical Records: MIC (state law controls); RAC (45 calendar days) – Auditor Compensation: MIC (fixed fee); RAC (contingency fee) – Re-Payment to CMS: MIC (60 days by state, paid in full); RAC (appeals process and repayment plans) Following the enactment of the DRA 2005, Medicaid providers now must be prepared to defend their practices against attacks from many sources: – State Medicaid Program Integrity Units – State Medicaid Fraud Control Units – U.S. Department of Justice (Federal False Claims Act) – Federal whistleblowers (Federal False Claims Act) – Federal Medicaid Integrity Program: Review and Audit MICs – HHS Office of Inspector General – State whistleblowers (State False Claims Acts)

Healthcare audits: Helping organizations understand audit guidelines and requirements Healthcare audits: Helping organizations understand audit guidelines and requirements Presentation Transcript

  • Healthcare Audits Helping organizations understand audit guidelines and requirements
  • Au·dit : efficiency check:  a systematic check or assessment, especially of the efficiency or effectiveness of an organization or a process, typically carried out by an independent assessor Encarta® World English Dictionary [North American Edition] © & (P)2009 Microsoft Corporation.
  • Centers for Medicare and Medicaid Services
    • Federal programs with the most improper payments (2008)
      • #1 - Medicaid ($18.6 Billion)
      • #2 - Earned Income Tax Credit ($12.1 Billion)
      • #3 – Medicare ($10.4 Billion)
    • CMS moving away from a single contractor to multiple single function contractors
    • Over 10 separate types of audits for healthcare organizations to track and provide information/responses
    • New update… Senate Healthcare Reform Bill
      • Medicaid RAC by Dec. 31, 2010
      • Expansion of Medicare RAC to Parts C & D
  • So many audits so little time… Medicare
    • QIO (Quality Improvement Organization)
    • CERT (Comprehensive Error Rate Test)
    • RAC (Recovery Audit Contractor)
    • ZPIC (Zone Program Integrity Contractors)
    • MAC (Medicare Administrative Contractors)
    • PSC (Program Safeguard Contractor)
    • OIG (Office of Inspector General Audits)
    • Goal = Protect the Medicare Trust Fund
  • So many audits so little time… Medicaid
    • MIP (Medicaid Integrity Program)
    • MFCU (Medicaid Fraud Control Unit)
    • RAC (Recovery Audit Contractor)
    • Others…. Ancillary Audits
    • Permedion (Independent Medical Review Organization)
  • Medicare – QIO (Quality Improvement Organization)
    • Quality Improvement Organization (QIO) contractor
      • Improve effectiveness, efficiency, economy and quality of services delivered to Medicare beneficiaries
      • Concentrate on overpayments concerning higher weighted DRGs
      • Tasked with oversight of the HACs (Hospital Acquired Conditions)
      • Link payments to quality
        • Hospital Acquired Conditions (HACs)
        • National Coverage Decisions (NCDs)
          • Never-Events (block Medicare payments for "preventable errors and conditions“)
    • Step 1: Regional Medicare carriers – pay claims
    • Step 2: CERT – verify claims processing errors by carriers
    • - Request additional documentation
    • - CERT contractor reviews services that are paid incorrectly
        • (Under or overpayments)
        • - Notifies Medicare contractor to adjust claim
    • Step 3: RAC review
    • - Provide independent oversight on CERTs
    • Step 4: PSC identify cases of suspected fraud
    • Step 5: OIG prosecutes fraud cases
    • - Criminal or civil, $ fines and/or administrative sanctions
    Medicare Claims Process…
  • Medicare – CERT (Comprehensive Error Rate Testing)
    • Monitors accuracy of the Medicare FFS program
      • Monthly random claims audit – processed correctly
      • Part A & B claims
        • Observing all inpatient claims
        • Focusing on inpatient and outpatient consults (Cardiologists, Pulmonologists, Neurologists and Internal Medicine)
          • Issues
            • Consults should have been billed as visits
            • Not enough documentation
      • Audit frequently used codes
      • May request $ back from provider
      • MAC (Medicare Administrative Contractors) use the results
  • Medicare – RAC (Recovery Audit Contractor )
    • 3 rd highest federal program with most improper payments
      • 3 year pilot program (6 states participated)
        • $1.3 billion in total improper payments identified
    • Correct improper payments under the Medicare Fee-For-Service program
    • Healthcare organizations targeted – Medicare Parts A & B
        • By Dec. 31 st , 2010 expansion to Medicare parts C & D
    • RACs are paid a % of the $$ they recoup
    • Anticipate permanent RAC to be more aggressive
    • OnBase RAC = AHA RACTrac Compatible Vendor
  • Schedule… Implementation nationwide January 1, 2010
  • Medicare – ZPIC (Zone Program Integrity Contractor)
    • Combination of 2 previous audits…
    • Program Safeguard Contractor (PSC) + Medicare Drug Integrity Contractor (MEDIC) = Zone Program Integrity Contractor (ZPIC)
    • Oversee the RACs – help insure accuracy of the audits
    • Check for fraud for all Medicare claims
      • Parts A & B (Hosp., HHC, DME, Providers and Skilled Nursing)
      • Part C (Managed Care)
      • Part D (Prescription Drug Plans)
      • 5 states = “hot spot” zones (CA, FL, IL, NY and TX)
        • Quick response to fraud and administrative actions
    • Coordinate Medicare-Medicaid data matches (Medi-Medi)
      • Partnership between states and CMS
      • Match Medicare and Medicaid claim data to detect fraudulent patterns
      • Patterns appear when claims compared – difficult to identify separately
      • CMS coordinates with Program Safe Guard (PSCs) to complete Medi-Medi tasks
        • Current Medi-Medi states
          • WA, CA, TX, IL, OH, PA, NY, NJ, FL, NC
          • CMS will award (ZPICs) who will consolidate Medicare Parts A, B, C, D and Medi-Medi Benefit Integrity Activities
    Medicare – ZPIC (Zone Program Integrity Contractor)
  • ZPIC Jurisdictions
  • Medicare – MAC (Medicare Administration Contractor)
    • Replace 48 FIs (Fiscal Intermediaries) – 23 MACs by 2011
      • 15 processing Parts A & B claims
      • 4 processing DME claims
      • 4 processing HHC and Hospice claims
    • MACs look for coding errors… patterns
      • Review outliers (compare to peers)
        • Geographic location, state, nationally
      • Focus on high $ codes (Reclast and Ultrasound)
        • MACs do not receive % of $ saved
      • Pre and Post payment reviews & Provider education
      • 2 levels of appeal
      • Identify fraud & abuse – potential jail, fines/payback
  • Medicare – PSC (Program Safeguard Contractor)
    • Purpose to detect and deter fraud and abuse
      • Review Medicare Parts A & B
      • Obtain and review info from RAC auditors for suspected fraud
      • PSCs analyze data
        • Moving beyond capabilities of MACs/FIs
      • Refer cases to OIG
        • Possibly FBI
      • May also refer cases to law enforcement
  • Medicaid – MIP (Medicaid Integrity Program)
    • Established by the Deficit Reduction Act of 2005
      • Contractors hired to…
        • Review provider actions
        • Audit claims / Identify overpayments (Claim error rate 10.5%)
        • Provide education about program integrity issues
      • First federal program to perform Medicaid provider audits
        • - Identify inappropriate payments and fraud
    • Contractors used (private companies)
      • Medicaid Integrity Review Contractors (Review MICs)
      • Medicaid Integrity Audit Contractors (Audit MICs)
        • Most activity – can perform onsite reviews
        • Expected to recover more $ than the Medicare RACs
      • Medicaid Integrity Education Contractors (Education MICs)
  • Medicaid – MIPs cont.
    • Any provider who bills for Medicaid services can be audited
      • Including managed care organizations and fee for service providers
      • Utilize statistical data to target claims and identify potential overpayments –
      • Identified by referrals or by the state
    • No limited look back period
      • No limit on medical record requests (different from RAC)
        • Can look back as far as the state Medicaid agency
      • Document submission to the auditor - approximately 2 weeks
      • No reimbursement for copies of medical records
    • State is responsible for collecting payments
      • Federal govt. will collect $ from the state
  • Medicaid – MIPs cont. - Process
    • 10 step process
      • Identification of audits through data analysis
    • Entrance conference scheduled
    • Notification letters – contact info at Audit MIC
    • Audit MIC – audit report given to state, then provider
      • Each reviews report – can comment of findings
      • CMS will review info and initiate revised draft report
      • Report given back to state to review and make comments
      • State will collect identified overpayments
      • Providers will have appeal rights
    • Measure improper payments
      • Medicaid
      • SCHIP (State Children’s Health Insurance Program)
    • Comply with Improper Payments Information Act of 2002
    • 3 contractors, performing several tasks…
      • Statistical calculations
      • Medical records collection
      • Medical/data processing review of selected State Medicaid and CHIP FFS and managed care claims
    • Most identified errors due to documents not submitted by deadlines
    Medicaid – PERM (Payment Error Rate Measurement)
  • Medicaid – MFCU (Medicaid Fraud Control Units)
    • Program arose from the Medicare and Medicaid Anti-Fraud and Abuse Amendments of 1977
      • Authorized the establishment and Federal funding for the State Medicaid Fraud Control Units (SMFCUs)
      • 49 states and the District of Columbia participate in the program through their SMFCUs
      • Mission is to investigate and prosecute Medicaid provider fraud and incidences of patient abuse and neglect
      • Investigative arm of the state Medicaid agency
  • OIG (Office of Inspector General)
    • Combat fraud, abuse and waste of Medicare and Medicaid programs
    • Obtain and process referrals
      • May seek…
        • Criminal or civil prosecution
        • Monetary penalties
        • Administrative sanctions
      • Responsible for looking at Fraud
        • Enforce accuracy in payment
      • - Will ask for records/documentation – in most cases
      • They can utilize the FBI, if needed
  • FBI
    • Receive referrals from the OIG
    • Handle Beneficiary Complaints
    • Only handle fraud investigations/cases
      • Private and public healthcare programs
  • Other Audits - Permedion
    • Contract with Medicare, Medicaid and State Insurance Departments
    • Perform external and independent medical review services, to ensure:
      • Right care
      • Right setting
      • Services billed correctly
      • Verify provider credentials – Quality care and services
  • Audit Limit Freq. MR Request Response MR Reimburse Discussion Period Collect $ Appeal Rights Mult. Audits RAC 200 inpt 45 days 45 days $0.12/page 15 days 41 st day 5 levels No MAC Unknown Unknown Unknown Unknown Unknown Unknown 2 levels Unknown PERM Unknown Unknown Unknown Unknown Unknown Unknown Unknown Unknown ZPIC Unknown Unknown Unknown Unknown Unknown Unknown Unknown Unknown CERT None Any 30 days None Unknown State Regulated 2 levels Yes PSC Unknown Unknown Unknown Unknown Unknown Unknown Unknown Unknown MIC/MIP None State Regulated State Regulated None State Provider MIC State CMS State Regulated State Regulated Yes MFCU Unknown Unknown Unknown Unknown Unknown Unknown Unknown Unknown Permedion None Any 30 days N/A State Regulated State Regulated 2 levels Yes
  • (RAC) Audit Administration Solution functionality
    • Designed to manage the provider’s appeal process to the RAC auditor and the denial of medical claims
      • Management of inpatient and outpatient claims
      • Task Management
        • Track responsible employee assigned to each task
        • Notifications / reminders
      • Configurable Parameters
      • Tracking functionality
        • Shipping information
        • Expected completion dates / appeal timelines
        • Medical record request costs
        • Interest due on recovered funds
        • Communication with RAC personnel
      • Upload Claim History
    • Dashboard Views:
    • Administration/Management
    • Financial
    • Risk Analysis
    • Process Improvement
  • OnBase RAC Administration Solution Webinars Monday Tuesday Wednesday Thursday Friday 1 4 5 6 7 8 11 12 General Audit 13 Webinar 12pm EST Register Here 14 RAC Solution Demo 15 3pm EST Register Here 18 19 20 7 Steps 21 Webinar 3pm EST Register Here 22 25 RAC Solution Demo 26 3pm EST Register Here 27 28 29
  • References
    • CMS releases details on 2009 permanent Recovery Audit Contractors (RACs) program. Retrieved Jan. 21, 2009.
    • Frequently Asked Questions. (Jan. 25, 2008). Retrieved Jan. 21, 2009, from
    • Healthcare Compliance Quarterly Insights: Surviving RAC. Retrieved Jan, 22, 2008.
    • Center for Medicare & Medicaid Services (CMS) Recovery Auditor Contractor (RAC) Program, AAHAM Position. Retrieved 12/1/2008.
    • Pennsylvania Physicians Facing CERT Audits .
    • How to Survive a Medicare Audit. (May, 16, 2009). Retrieved October 13, 2009 from
    • Legal Note: Medicaid Integrity Contractors. (August 17, 2009). Retrieved October 13, 2009 from
    • Medicaid Integrity Program Provider Audit Fact Sheet (November 2008). Retrieved October 13, 2009 from
    • Potential NCD Topics (July 30, 2008). Retrieved November, 2, 2009 from
    • Office of Inspector General News (December 3, 2009). Retrieved December 11, 2009.
    • Medicaid Integrity Program (MIP), Provider Audits Frequently Asked Questions (July 2009). Retrieved December 11, 2009.
    • CMS RAC Review Phase-in Strategy (6/24/09). Retrieved November 2, 2009.
    • Medicare-Medicaid Data Match Program . Retrieved November 3, 2009.
    • Hospital Payment Monitoring Program (HPMP) Compliance Workbook (January 2006). Retrieved November 4, 2009.
    • “ Data mining programs” intensify scrutiny of Medicare claim.   National Psychologist, Vol. 17, No. 5, p. 9.. Retrieved November 5, 2009.
    • Medicaid Integrity Program A to Z. Retrieved November 6, 2009.
    • Medicare Coverage Determination Process (6/08/2009). Retrieved November 10, 2009.
    • Quality Improvement Organizations (7/02/2009). Retrieved November 10, 2009.
    • Senate Reform Bill Would Expand RAC Program (11/24/09). Retrieved November 25, 2009.
    • Medicaid Fraud & Abuse: A New Era of Federal and State Enforcement (10/9/09). Retrieved Dec 9, 2009. http://wwww.healthlawyers.org_Events_Programs_Materials_Documents_FC09_smith_slides.pdf
    References continued…
  • time to make a difference.