Legal Advice and Representation for Healthcare Professionals Under Audit
Every year, Medicare pays billions of dollars in false and fraudulent claims. The federal Medicare system is so vast – and the billing rules and regulations are so complex – that even with their vast resources, the Centers for Medicare and Medicaid Services (CMS) and the Department of Health and Human Services (DHHS) are unable to effectively police participating providers on their own.
In need of help, CMS implemented a “fee-for-service” (FFS) recovery program pursuant to the enabling legislation provisions of the Medicare Modernization Act of 2003. Under this program, CMS pays private government contractors to identify providers that appear to be engaging in Medicare fraud, to audit these providers, and to seek recoupments for fraudulently-billed claims. There are several different classifications of these contractors, each with its own unique scope of authority.
Recovery Audit Contractors perform audits on invoices submitted to Medicare and Medicaid. The CMS implemented the RAC program in 2010 as part of an effort to detect and address previous incorrect payments and curb improper payments in the future. Anyone who submits invoices to CMS on a pay-for-services basis may be reviewed pursuant to a Recovery Audit Contractor (RAC) investigation or audit, including doctors, healthcare service providers, medical equipment suppliers, hospitals and medical facilities. However, RAC audits are limited in scope. They only analyze data for claims that have already been paid and they only look back three years from the date of payment.
Recovery Audit Contractor investigations and audits can have additional consequences as well, and providers that are facing audits must be cautious to ensure compliance and mitigate the risks of facing an unfavorable determination.
How Does a Recovery Audit Contractor Audit Work?
Every RAC team includes certified coders, nurses, therapists and at least one certified medical director (CMD) physician. The review is divided up regionally, with different RACs covering specific regions of the country. While all RACs rely on the same coding and billing policies, medical standards, and Medicare regulations, each program is responsible for designing its own auditing software and database. CMS supplies the RACs with claims files from their respective regions, and the RACs then scan the billing data for both overpayments (usually caused by improper billing codes or medically unnecessary charges) and underpayments.
RAC audits may be either “automated” or “complex.” An automated review simply runs billing data through the RAC’s software program and essentially amounts to data mining. Automated reviews search for facially evident errors in the claims, such as non-covered services or clearly incorrect coding. A complex review involves human review of patient medical files and are used to address situation where coverage of services is unclear or where the Medicare policy is ambiguous.
During the inspection process, the business or practitioner undergoing the inspection will have a chance to converse with the auditors about the apparent improper payments. If an inspection determines that there exists evidence of overpayment, the RAC will issue a demand letter detailing their findings and the amount of overpayment.
Once you have received the RAC’s demand letter, you may either agree to repay any discrepancies or you may gather documentation and appeal the findings. If you accept the RAC’s determination, you have several options for sending payments. You may pay the amount to CMS in one lump sum, you may agree to withholdings from future CMS payments, or you may apply for a long-term repayment plan to CMS.
What Can I Do If I Receive an Unfavorable RAC Determination?
The RAC program has a five-tiered appellate process for business or practitioners that wish to challenge a determination.
Using documentation, an appeal may advance legal defenses to the adverse determination, may seek to justify medical necessity for claims that were deemed unnecessary, or may attack the RAC’s procedures or extrapolation.
Redetermination. A provider who wishes to dispute the RAC’s initial determination may file an appeal for a redetermination within 120 days. The redetermination will be assessed by the Medicare Fiscal Intermediary (FI) who processed the original disbursement. The FI then has 60 days to consider the appeal and issue a redetermination decision.
Reconsideration. Adverse redeterminations may be contested through a second level of appeal called a reconsideration. Reconsiderations are submitted to Qualified Independent Contractors (QICs), who are neutral arbiters that did not participate in the redetermination decision. A request for reconsideration must be filed within 180 days from receipt of the redetermination decision, and the QIC has 60 days to return a decision.
Administrative Law Judge Hearing. Unlike a redetermination or a reconsideration, the third level of Recovery Audit Contractor appeal involves a hearing and has a minimum amount in controversy requirement. The amount in controversy threshold is adjusted annually; in 2016 it was $150. The hearing is in front of an administrative law judge (ALJ) and may be conducted in person or via video-conference or telephone. An ALJ hearing must be requested within 60 days of receipt of the reconsideration and the ALJ has 90 days to issue a decision on the appeal.
Medicare Appeals Counsel Review. An adverse ALJ decision may be appealed to the Medicare Appeals Counsel (MAC) within 60 days of issuance. The MAC must issue its determination within 90s of the request for review; if the MAC misses this deadline, the provider may seek to have the appeal forwarded directly to the fifth and last stage of appeal, judicial review.
Judicial Review. The final stage of the Recovery Audit Contractor appeals process is judicial review by a federal district court. As a prerequisite for review, the appeal must be filed within 60 days of the MAC decision and there is an amount in controversy threshold. The amount in controversy requirement is adjusted every year; in 2016 the minimum amount was $1,500.
My Business or Practice is Being Audited. What Should I Do Now?
If your healthcare business or medical practice has been contacted by a Recovery Audit Contractor, there are several steps that you should begin taking as quickly as possible. A comprehensive defense strategy for an RAC program investigation should include:
- Communications – All personnel within your organization should be instructed on appropriate communications with the RAC, and appropriate employees should be designated as exclusive points of contact for funneling all inbound and outbound communications. RAC auditors should also be instructed to refer relevant communications to the organization’s legal counsel.
- Internal Assessment – It is always better to know what RAC auditors will find before they find it. Healthcare providers facing RAC audits should conduct thorough internal assessments of their billing records, policies, and procedures to determine whether any billing violations may have occurred.
- Disclosure – In many circumstances, proactively addressing billing errors with auditors (and federal investigators) is the best way to mitigate the negative consequences of a Medicare or Medicaid inquiry. Honest mistakes are common, and both disclosing known issues and demonstrating that proactive measures are being taken to prevent future errors can significantly reduce the risk of facing federal charges. However, this requires a careful assessment of all of the potential legal implications, and is an issue that must be discussed with legal counsel.
- Intervention – Intervening in an investigation in order to challenge the use of inapplicable billing standards, faulty calculations, and other issues can help prevent an unnecessary unfavorable outcome. However, a tactful approach is critical, and providers need to be certain that their conclusions are correct.
How We Protect Healthcare Providers During RAC Audits
There are several steps we can take to help protect healthcare providers during RAC audits. Our comprehensive approach starts with intervening in the process immediately, and reviewing the RAC’s actions to date in order to determine whether any legal violations or substantive errors have accrued. We have a multi-faceted approach to RAC audit defense.
- We conduct an internal assessment to identify any issues that may surface as an outcome of the RAC audit.
- We work to identify safe harbors, statutory exceptions, and specific Medicare billing guidelines from CMS that apply to our clients’ billing practices and financial relationships.
- We work closely with executive leadership and providing training to key personnel regarding appropriate and inappropriate communications with RAC auditors.
- We take action when RAC auditors exceed the scope of authority granted in their mandate from CMS.
- We identify and challenge RAC auditors’ flawed methodologies and conclusions, and ensure that selective review of a provider’s Medicare billing records does not lead to a faulty audit determination.
- We ensure that RAC auditors are applying the appropriate Medicare billing regulations, and not applying outdated CMS regulations to current billings or current regulations to past billings.
- We preserve issues for appeal in the event of an unfavorable audit determination resulting in recoupments, prepayment review, program exclusion, and/or other penalties.
FAQs: Answers from Our Experienced Healthcare Fraud Defense Attorneys
Q: Are RAC auditors qualified to assess the legal propriety of my healthcare company’s Medicare billing records?
In order to help ensure that the outcomes of RAC audits are as accurate as possible, CMS requires all Recovery Audit Contractors to employ personnel who are expected to be experts in various facets of the Medicare billing system. This includes certified coders, nurses, therapists, and a physician contractor medical director (CMD).
Unfortunately, mistakes during the RAC process remain common, and providers frequently find themselves forced to challenge flawed liability determinations.
Q: What is involved in an RAC audit?
There are three types of RAC audits: automated, semi-automated, and complex. An automated audit does not involve review of the provider’s medical records. However, a semi-automated review may involve manual review of records by RAC personnel, and a complex review can entail a comprehensive and invasive in-person review that can significantly disrupt your company’s day-to-day operations.
Auditors may request to speak with billing personnel and other key employees as well; and, while providers are entitled to information about their audits, the process is often not as transparent as most providers would expect. These are among the numerous reasons why intervention and legal representation are critical, and why all providers need to be prepared to take proactive measures to protect themselves during the audit process.
Once the auditors have completed their review and the required discussion period has passed, the RAC will issue a determination of liability. If the RAC determines that that actions are needed and recoupments are owed, the provider must pay quickly (or quickly file an appeal) in order to avoid interest and other penalties.
Q: Who are the RACs?
The CMS awarded the current RAC contracts to the following entities:
- Region 1 (Northeast) – Performant Recovery, Inc.
- Region 2 (South and Central States) – Cotiviti, LLC
- Region 3 (Eastern Seaboard and Southeast) – Cotiviti, LLC
- Region 4 (West Coast, Midwest, and Northwest) – HMS Federal Solutions
- Region 5 (Nationwide for Durable Medical Equipment (DME) and Home Health/Hospice (HHH) Services) – Performant Recovery, Inc.
Q: What is meant by the “fee-for-service” audit recovery program?
The “fee-for-service” (FFS) audit recovery program means that RACs are paid on a contingency-fee basis. In other words, they are financially-incentivized from Medicare to identify overpayments, and they have no direct financial incentive to award underpayments to healthcare providers.
During the 2015 fiscal year, RACs collected nearly $360 million in overpayments while awarding just $81 million in underpayments to Medicare. From 2010 to 2015, RAC audits have resulted in liability of more than $8.9 billion for healthcare providers nationwide.
Q: Can an attorney help prevent an unfavorable RAC audit determination?
Potentially, yes. An attorney who has intimate knowledge of the Medicare billing regulations and who has extensive experience in healthcare fraud defense will be able to identify flaws in RAC auditors’ processes and procedures and challenge inaccurate findings before they are formalized in a final determination and payments are needed.
While one option is to let the process run its course and then file an appeal, the less-risky (and typically less-expensive) option is to take a proactive approach to defending against an RAC examination. The goal to this approach is to avoid the need to rely on the appellate process.
Q: What should I expect if I need to file an appeal?
If you have already received an unfavorable determination, or if it is too late to prevent the imposition of recoupment liability by a RAC, you will need to promptly begin gathering documentation to file your appeal. We have covered what healthcare providers need to know about the appeals process in a separate set of Medicare Appeal FAQs.
Q: Can a RAC impose penalties besides recoupment of overbilled claims?
Yes. In addition to demanding recoupments and payments, Recovery Audit Contractors can also deny payment of pending reimbursement claims and initiate payments review. These can lead to substantial cash flow issues for providers who rely on regular reimbursements from Medicare.
If a RAC finds evidence of healthcare fraud, it can also refer providers to CMS, the U.S. Department of Justice (DOJ), the Office of Inspector General (OIG), and other federal authorities – and these referrals can lead to federal investigations that may ultimately result in civil or criminal charges.
Are You Facing an RAC Audit? Contact Oberheiden P.C. Right Away
The sooner we get involved, the more we can do to help. While every case’s facts are different, our goals and actions are to help resolve your inspection without an unjustified determination of liability. Our attorneys offer free initial case assessments. Our team of healthcare fraud defense attorneys is available to take responsive action to your RAC audit immediately.
Trust the experience and expertise of our recovery audit contractor defense and compliance attorneys and former federal prosecutors. We are available to speak with you about your Recovery Audit Contractor (RAC) audit. We represent healthcare providers in RAC audits and appeals across the county. You can call us 24/7 at 888-680-1745, or request a case assessment online and we will be in touch with you shortly.