Can a fair and reasonable audit be conducted during the COVID-19 pandemic? The purpose of this paper is to argue how routine payer audits conducted during a time of an unprecedented health crisis can potentially have unfair results. COVID-19 has caused a serious global health threat resulting in a Public Health Emergency (PHE) being declared in the United States on January 27, 2020. In response, the Centers for Medicare & Medicaid Services (CMS) suspended most Medicare Fee-For-Service (FFS) medical reviews on March 30, 2020.
The suspension ended in August 2020 despite the continued health and now economic crisis in our country. From March to August, the hold on audits included pre-payment medical reviews conducted by Medicare Administrative Contractors (MACs) under the Targeted Probe and Educate program, post-payment reviews conducted by the MACs, and Supplemental Medical Review Contractor (SMRC) reviews by Recovery Audit Contractors (RACs).
Audits have now recommenced, regardless of the spike in COVID-19 across our country and increased burden to our health care system.
Responding to a Request for Information (RFI) During the Pandemic
Request a Fair and Reasonable Process. Request a reasonable extension or a delay. The objective of any claims audit should be to achieve reliable results. The process should be fair to both the payer and the provider involved.
If you have been served an audit notice, then it is critical to promptly and effectively respond to all documentation requests. Whenever possible, request an extension to “buy” time to appropriately respond. To respond appropriately and exercise your rights during this health care crisis, it is imperative you seek legal counsel to understand your rights, and effectively deal with any broad or unfair documentation requests.
Unfortunately, COVID-19 will continue to have a profound effect on physician practices and their workforce until the Public Health Emergency (PHE) is over, which is not likely to be soon, according to scientists. If your organization should receive notice of an audit discuss any hardships related to COVID-19 with your Medicare Administrative Contractor (MAC) or payer conducting the audit.
First, determine the nature of the request. Is it an investigative probe? RAC audit? CERT Audit? Routine Audit?
Understand the type of audit involved when your organization receives the Request for Information. Insurance Carriers typically refer suspicious claims data to their Special Investigative Units. Special Investigative Unit AKA “SIU” is a unit or department within an insurance company involved in detecting and pursuing action against fraudulent activities on the part of insureds or claimants.
The Centers for Medicare & Medicaid Services (CMS) retains specialized contractors for these investigations. Typically, all CMS investigations start with a routine audit conducted by a Medicare Administrative Contractor or “MAC” or as a result of a routine CERT audit.
Comprehensive Error Rate Testing (CERT) Audits – May Grant Extensions
According to the announcement made by the Centers for Medicare & Medicaid Services (CMS), Comprehensive Error Rate Testing (CERT) program activities resumed in August 2020. These audits were temporarily suspended in response to the public health emergency (PHE) due to COVID-19. Specifically, the CERT program has resumed sending documentation request letters as well as conducting phone calls with providers or suppliers to request medical documentation for claims in Reporting Year (RY) 2021 (claims submitted 7/1/2019 through 6/30/2020) and RY 2022 (claims submitted 7/1/2020 through 6/30/2021).
According to CMS.GOV, the CERT Request for Information documents must be submitted within 45 calendar days of the request. However, the CERT program has the discretion to grant extensions to providers and suppliers who need more time to comply with the request.
Medicare FFS Recover Audit Program Conducted by RACs
The Medicare Fee for Service (FFS) Recovery Audit Program’s mission is to identify and correct Medicare improper payments through the efficient detection and collection of overpayments made on claims of health care services provided to Medicare beneficiaries, and the identification of underpayments to providers so that the CMS can implement actions that will prevent future improper payments in all 50 states.
Recovery Audit Contractors better known as the “RACs” review claims on a post-payment basis. The RAC's detect and correct past improper payments so that CMS Carriers and MACs can implement actions that will prevent future improper payments.
Note: CMS often receives referrals of potential improper payments from the MACs, Unified Program Integrity Contractors (UPICs), and Federal investigative agencies (e.g., OIG, DOJ). At CMS discretion, CMS may require the RAC to review claims, based on these referrals. These CMS-Required RAC reviews are conducted outside of the established Additional Documentation Request or “ADR” limits.
Unified Program Integrity Contractor Audits
The unified program integrity contractors (UPICs) perform fraud, waste, and abuse detection, deterrence and prevention activities for Medicare and Medicaid claims processed in the United States. Specifically, the UPICs perform integrity related activities associated with Medicare Parts A, B, durable medical equipment (DME), home health and hospice (HH+H), Medicaid, and the Medicare-Medicaid data match program (Medi-Medi).
A UPIC audit can result in payment suspension to the provider once there is reliable information that overpayment exists, incorrect payments have been made, or when there is a credible allegation of fraud.
The UPIC contracts operate in five separate geographical jurisdictions in the United States and combine and integrate functions previously performed by the zone program integrity contractor (ZPIC), program safeguard contractor (PSC) and Medicaid integrity contractor (MIC) contracts.
CMS’ Review Contractor Directory
The Review Contractor Directory - Interactive Map allows you to access state-specific CMS contractor contact information for RACs and UPICs, in example.
Your organization may receive correspondence from one or several of these contractors in your state. They may request medical records from you, as they perform business on behalf of CMS. You can use this website to access their contact information including emails, phone numbers and websites.
Submitting Your Request for Extension or Delay
Be truthful about your situation, such as if you acquired a Payroll Payment Protection Loan (PPP) which has now been depleted and without further financial assistance you have had to furlough staff. Indicate whether any providers or members of your workforce have contracted COVID-19 putting undue pressure on your organization to care for your patient population.
Utilize reports from reliable sources to request a delay or extension. Below are just a few at your disposal to argue your case for a fair and reasonable audit.
The Office of Inspector General (OIG) published the results of a Survey conducted during the COVID-19 pandemic “Hospital Experiences Responding to the COVID-19 Pandemic: Results of a National Pulse Survey March 23–27, 2020.” In this 41-page report, the OIG states:
- “Hospitals reported that their most significant challenges centered on testing and caring for patients with known or suspected COVID-19 and keeping staff safe. Hospitals also reported substantial challenges maintaining or expanding their facilities’ capacity to treat patients with COVID-19. Hospitals described specific challenges, mitigation strategies, and needs for assistance related to personal protective equipment (PPE), testing, staffing, supplies and durable equipment; maintaining or expanding facility capacity; and financial concerns.”
The JAMA COVID-19 Resource Center article written in June 2020, “COVID-19’s Crushing Effects on Medical Practices, Some of Which Might Not Survive,” states:
- “Physicians in small private practices around the country have reported steep declines in revenues, drops so significant that some of them and their supporters have turned to GoFundMe—the platform best-known for helping patients pay their medical bills—to raise funds to help pay their overhead. Telemedicine has helped pick up only a small portion of the slack.”
A July 14, 2020 article posted on the Wolters Kluwer website entitled “Economic Impact of COVID-19 on Physicians,” quotes a 2020 Medscape Physician Compensation Report detailing how COVID-19 has affected physician income:
- "Practices report a 55% decrease in revenue and a 60% decrease in patient volume on average since the beginning of the COVID-19 crisis." The report also notes that 43,000 healthcare workers were laid off in March.”
The American Medical Association (AMA) article entitled “97% of practices feel COVID-19 financial sting: Where to get help” states:
- “Physician practices of all sizes are facing financial instability caused by the countermeasures taken to mitigate the COVID-19 pandemic. Ninety-seven percent of practices have experienced a negative financial impact directly or indirectly related to COVID-19, and less than half of primary care clinicians have enough patient volume and cash to stay open for the next four weeks.”
Understanding the Opposition Can Strengthen Your Position
Bad actors make it difficult for the rest of us - Visit the OIG Criminal & Civil Enforcement webpage
Government’s Need to Enforce Compliance – What Is at Stake? The Centers for Medicare & Medicaid Services (CMS) estimates the Medicare Fee-for-Service (FFS) program improper payment rate through the Comprehensive Error Rate Testing (CERT) program.
Each year, the CERT program reviews a statistically valid stratified random sample of Medicare FFS claims to determine if they were paid properly under Medicare coverage, coding, and payment rules. The fiscal year (FY) 2019 Medicare FFS estimated improper payment rate is 7.25 percent, representing $28.91 billion in improper payments, compared to the FY 2018 estimated improper payment rate of 8.12 percent representing $31.62 billion in improper payments.1
It is reasonable to believe that a prolonged suspension of CMS’ audit activities could encourage fraud and/or abusive coding and billing practices. Therefore, a balance must be maintained. Activities to prevent and combat health care fraud, waste and abuse must be on-going. For instance, the Medicare Fraud Strike Force Teams bring together the efforts of the Office of Inspector General, the Department of Justice, Offices of the United States Attorneys, the Federal Bureau of Investigation, local law enforcement, and others. These teams have a proven record of success in analyzing data and investigative intelligence to quickly identify fraud and bring prosecutions.
According to the Washington Post, for-profit nursing home providers that have faced accusations of Medicare fraud and kickbacks, labor violations or widespread failures in patient care received hundreds of millions of dollars in “no strings attached” coronavirus relief aid, meant to cover shortfalls and expenses during the pandemic.
Another issue, as reported by Kaiser Health News in May 2020, is that some of the biggest COVID payments have gone to providers paying millions in criminal penalties due to investigations. At least half of the top 10 recipients, part of a group that received $20 billion in emergency funding from HHS, have paid millions in recent years either in criminal penalties or to settle allegations related to improper billing and other practices.
The pandemic has fueled COVID scams as well, which require investigation. Recent reports indicate a rise in scammers selling fake at-home test kits or going door-to-door performing fake tests for money. Another scam is related to COVID-19 face masks - selling “Mask exemption” cards. Scammers are selling mask exemption cards that claim that the card-holder has a disability that prevents wearing a mask. Such cards may include the seal of a government agency. No such card is government-supported or has any legal significance.
The Federal Trade Commission (FTC) Blog Article “Scammers are using COVID-19 Messages to Scam People” states Medicare scams include government imposters using COVID-19 who call your patients to offer things like a “COVID-19 kit,” “Coronavirus package,” or Medicare benefits related to the virus, followed by asking for bank account information, Social Security and Medicare numbers.4
Treatment scams are becoming prevalent, such as criminals selling fake vaccines, medicines, tests, and cures for COVID-19. The list is long but some of this criminal activity is being committed by actual medical practices and organizations. It is evident criminals will continue taking advantage of this health care crisis and we must rely on law enforcement and government agencies to survey and take action to protect our patients and identify “bad actors.”
What is at Stake if you do Nothing? Everything!
No organization is immune from an investigative audit or probe regardless of size, location or external circumstances. The size of the health care organization will not make one “immune” from potential wrong-doing and government agencies know that. Regardless of whether a location is rural, suburban, urban, or what type of organization, (i.e. Tribal, Federally Qualified Healthcare Center/FQHC or Critical Access Hospital/CAH) you are expected to perform in compliance with applicable rules and regulations.
COVID-19 has changed everything, but it doesn’t mean your health care organization is immune from coming under investigation for potential fraud or abuse. The pandemic has altered how we work in the blink of an eye and this is the new constant. Note the avoidance of stating “new normal.”
There is nothing “normal” about the extraordinary circumstances posed to health care organizations at this time.
As already mentioned, you may be able to present a strong argument to delay a routine-type of audit, but an investigative audit or probe is not likely to be delayed. Retain legal counsel and insist on an extension to provide the precious time needed to appropriately prepare and respond to payer audits during this health crisis.