Medicaid Integrity Contractors: Preparing for and Surviving the Audits

Medicaid Integrity Contractors: Preparing for and Surviving the Audits HFMA Region 11 January, 2011 Presented by: Tanja Twist

Objectives Understand the Medicaid Integrity Program Understand the role of Medicaid Integrity Contractors (MICs) Understand the MIC audit process Desk Reviews Field Audits Explore MIC appeal process, potential legal defenses and other potential issues Explore steps to be pursued by providers and counsel to prepare and respond to MIC audits 2

Medicaid Integrity Program 3

Historical Context of Medicaid Integrity Initiative Deficit Reduction Act of 2005 - established Medicaid Integrity Program Medicaid had been identified as large payment risk area Resources to support Medicaid enforcement were uneven compared to those resources dedicated to Medicare enforcement Medicaid enforcement approaches varied widely across states 4

Medicaid Integrity Program: Goals Review the actions of individuals or entities furnishing items or services for fraud, waste or abuse Audit claims for payment for items or services furnished, or administrative services rendered Identify overpayments to individuals or entities receiving federal funds Educate and train other government entities on issues relevant to Medicaid integrity Training site established in South Carolina 5

Role of Medicaid Integrity Contractors (MICs) 6

Medicaid Integrity Contractors Categories of MICs (MICs) Review MICs ( Medicaid data analysis, application of data mining algorithms to Medicaid MSIS data, review of audit candidates, recommendation of candidates) Audit MICs (desk reviews and field audits, applied to audit candidates recommended by Review MIC and approved by CMS)) Education MICs 7

Education MICs Umbrella contracts initially awarded to: Information Experts Strategic Health Solutions Task Order awarded to Strategic Health Solutions (August 2009) Conduct gap analysis of existing education and training effort Develop fraud, waste and abuse training programs Develop educational curriculum via web-based and traditional methods Educate Medicaid providers about Medicaid program integrity and quality of care 8

Medicaid Integrity Contractor Assignments Regional Organization Region 1 and 2: New York / Boston Region 3 and 4: Atlanta / Philadelphia Region 5 and 7: Chicago / Kansas City Region 6 and 8: Dallas / Denver Region 9 and 10: San Francisco / Seattle 9

Review of Provider MIC Zones Awarded AdvanceMed Corporation Thomson Reuters Umbrella Contracts Also Awarded to: ACS Healthcare Analytics IMS Government Solutions SafeGuard Services 10

Audit MIC Zones Awarded Health Management Systems (HMS) Health Integrity IPRO Umbrella Contracts Also Awarded to: Fox & Associates Health Integrity Booz Allen Hamilton 11

Education MIC Zones Awarded Strategic Health Solutions Umbrella Contracts Also Awarded to: Information Experts Strategic Health Solutions 12

What is the MIG? CMS created the MIG (Medicaid Integrity Group) in July of 2006 to implement the MIP and the MIG is organized as follows: Office of the Group Director Primary point of contact on Medicaid fraud and abuse issues within CMS and with other partners, including law enforcement Division of Medicaid Integrity Contracting (DMIC) Division of Field Operations (DFO) Division of Fraud Research & Detection (DFRD) 13

MIG (cont.) Division of Fraud Research & Detection Provides research, statistical and data support to MIP and to states Director: Jim Gorman Division of Field Operations Largest MIG division and works closely with Audit MICs Director: Robb Miller As of July 2009: 44% of audits focused on hospitals 29% of audits focused on long term care facilities 21% of audits focused pharmacies *Source: July 15, 2009 CMS Open Door Forum 14

MIC Developments Provider outreach has been deficient MIG has pledged to do better: Hosting of Open Door Forum Conference Calls Publishing of documents to assist providers FAQs on Medicaid Integrity Program Procurement timelines Audit A-Z Look for documents: www.cms.hhs.gov/medicaidintegrityprogram Addressing provider questions submitted through Medicaid Integrity Program mailbox: medicaid_integrity_program@cms.hhs.gov 15

MIC Audits & Appeals 16

Influence of State Law Record retention requirements Look back period Limitations on records requested Production expectations Reimbursement for records Authority to extrapolate Unique reimbursement expectations Appeal procedures 17

RACs and MICs Compared RACs Provider outreach mandatory Review period set Time to produce records 45 days (possible extensions) Number of records limited Appeal process consistent across regions Formal process for consolidating contacts MICs Provider outreach not mandatory Review period not set Time to produce records shorter (possible extensions) Number of records no limit Appeal process mirrors state Medicaid appeal process No formal process for consolidating contacts 18

MIC Process Audit MIC contacts provider Provider produces records Audit MIC analyzes info Audit MIC generates draft audit report and submits to CMS MIG CMS MIG reviews and sends to state Medicaid agency State may make comment Audit MIC sends draft report to provider Provider has 30 days to review and provide comments Additional review by CMS MIG CMS MIG issues final audit report to state Medicaid agency for" execution CMS MIG can also refer to law enforcement at this time State issues demand to provider regarding alleged overpayment which triggers state-specific appeal procedures 19

State Medicaid Agency Audits vs. MIC Audits State Medicaid Agency Audits State conducts audits or outsources to contractor operating under contract with the state Audits must follow state laws and guidelines governing Medicaid audits of providers (both audit process and appeal procedures) Any compliance component depends on state law authority of Medicaid agency MIC Audits Audit MICs operating under a Statement of Work with CMS (MIC SOW) Audit MICs must follow the MIC SOW, Yellow Book, CMS MIG protocols and state law governing Medicaid audits of providers (both the audit process and appeal procedures) Compliance component (intake questionnaires) 20

MICs and State Medicaid Audit Appeals Compared MIC Audits Appeal Process Findings reviewed by CMS MIG, Audit MIC and state Medicaid agency Draft audit report issued by Audit MIC and provider may comment State Medicaid agency executes final audit findings and demands repayment After state Medicaid agency issues final audit findings, appeal based on state Medicaid agency appeals process State Medicaid Audits Appeal Process Findings not reviewed by CMS MIG or Audit MIC Whether or not draft audit findings issued depends on state law State Medicaid agency executes final audit findings and demands repayment After state Medicaid agency issues final audit findings, appeal based on state Medicaid agency appeals process 21

ZPIC Zone Program Integrity Contractors

ZPIC Zone Program Integrity Contractors Uses third party contractors Eventually will replace current entities: Program Safeguard Contractors (PSC) Medicare Drug Integrity Contractors (MEDIC) HIPAA (Health Insurance Portability and Accountability Act) of 1996 Allowed CMS to transfer Medicare benefit integrity work to independent organizations In 1997 CMS awarded benefit integrity contracts to numerous PSCs within states/regions 23

ZPIC Statement of Work 1.1.4 Fundamental activities Appropriate and consistent with Medicare and Medicaid coverage, coding, and audit policy Will identify, prevent, or correct potential fraud, waste, and/or abuse May include, but are not limited to: BI investigation Referring cases to law enforcement 24

ZPIC Audits Include All Medicare programs (A-D) Medi-Medi data matching Medicare Drug Integrity Contractors (MEDIC) will oversee Part C & D during transition Two MEDICs: SGS (North) Montana, Wyoming, North Dakota, South Dakota, Nebraska, Minnesota, Iowa, Wisconsin, Illinois, Indiana, Michigan, Kentucky, Ohio, West Virginia, Pennsylvania, New York, Vermont, Maine, New Hampshire, Massachusetts, Rhode Island, Connecticut, New Jersey, Delaware and Maryland, the District of Columbia and the U.S. Virgin Islands Health Integrity (South) 25

Primary Differences ZPIC focuses on fraud and abuse ZPIC investigations have flexibility Must respond to requests from ZPIC Despite other ongoing audits (RAC/MIC) Carefully record activities on ALL auditing entity activities Separate and distinct tracking 26

ZPIC What to Expect Investigation process Local trend/utilization analysis to find hot spots Sample of claims Requesting medical records/documentation ***Investigation may be done onsite*** Review of past audit history/violations Data analysis Beneficiary interviews Validation checks on licensure (physicians) CMS states that all investigations will be unique Tailored to the specific circumstances 27

What to Expect (cont.) Investigation process Data analysis Beneficiary interviews Validation checks on licensure (physicians) CMS states that all investigations will be unique Tailored to the specific circumstances 28

PERM Payment Error Rate Measurement

PERM Payment Error Rate Measurement Improper Payments Information Act of 2002 (IPIA; Public Law 107-300) Department of Health and Human Services Auditing Medicaid FFS/SCHIP Claim payment accuracy In 2007 expanded to include Medicaid Managed Care Claims and beneficiary eligibility Areas of focus: Service Actually Provided Medical Necessity Correct Coding Paid or Denied Correctly 30

PERM Contractors 3 Federal Contractors hired by CMS The Lewin Group Statistical Contractor (SC) The RC selects a sample of FFS and MC claims to review for each state Livanta, LLC Documentation/Database Contractor (DDC) The DCC collects Medicaid/SCHIP medical policies from each state Requests the medical records from providers of sample claims Health Data Insights Review Contractor (RC) Review Contractor performs the Medical and data processing reviews Determines if claims paid correctly The SC calculates the state-by-state and national error rate 31

PERM Request Process If selected will receive letter from the DDC: Request copies of Medical Records Hardcopy or Electronic Record Submission (TBD) Must submit records along with a bar-coded coversheet by given due date on each letter 90 calendar days of the request date 32

PERM Requests (cont.) Providers required to submit DUPLICATE copy of medical records requested by the contractor directly to DHCS (in California) DHCS claims to be proactive step for side-by-side review Failure to submit records will result in a claim adjustment Monies recovered by Audits & Investigations (A&I) 33

MIC Audits and Appeals: Preparation Strategies 34

The Perfect Storm MIG Medicaid Integrity Group PERM- Payment Error Rate Measurement MIP- Medicaid Integrity Program High ROI expected ZPIC Zone Program Integrity Contractors Replaced Program Safeguard Contractors (PSC) QIO Quality Improvement Organization CERT Comprehensive Error Rate Testing Program OIG Office of the Inspector General DOJ Department of Justice FBI Federal Bureau of Investigation RAC Recovery Audit Contractor PPACA Patient Protection and Affordable Care Act 35

Reality Issue: Increased number of government contractors actively trying to identify Medicare and Medicaid improper payments Solution: Organizations need effective processes to prepare for audits and manage interaction with MICs, CMS MIG, and state Medicaid agencies 36

What does this mean for Arizona Providers? Consider Medicaid AdvanceMed Corp. (Review of Provider MIC) Health Management Systems (Audit MIC) Strategic Health Solutions (Education MIC) Arizona Health Care Cost Containment System s (AHCCCS) Office of Program Integrity (OPI) - Audits Providers Slide updated as of 5/5/10 * Phoenix Medicare Noridian Administrative Services (A/B MAC & DME MAC) HealthDataInsights (RAC Region D) Potential Fraud Western Integrity Center (PSC Part A and B) Safeguard Services (PSC DME) Zone Program Integrity Contractor (ZPIC Zone 2): AdvanceMed - award protested 37

What does this mean for Hawaii providers? Consider Medicare Medicaid Palmetto (MAC Jurisdiction 1) HDI (RAC Region D) TrustSolutions (PSC Part A) CSC Western Integrity (PSC Part B) SafeGuard Solutions (PSC DME) Slide updated as of 5/5/10 HMS (Audit MIC) AdvanceMed (Review MIC) Strategic Health Solutions (Education MIC) Med-Quest Medicaid Fraud Control Unit (MFCU) Potential Fraud ZPIC (TBD) 38

Core Areas Core areas critical to ability to successfully manage this complex process Government contractor landscape (players, current developments, etc.) Managing audit process from the front end-responding effectively to audit inquiries Managing claims data Strategies for analyzing internal and external audit findings at the exit conference, and draft audit stage Administrative appeal processes Likely federal and state litigation strategies Compliance oriented processes to help organize effort Fraud and abuse analyses 39

Preparedness Infrastructure Contractor committee(s) Information management Records collection Control Production HIPAA Document and records hosting Chain of responsibility Management of overlapping deadlines Other activities Governance considerations Pre-audit testing Data mining Contractor intelligence CMS website Individual contractor websites 40

Comprehensive Analysis and Related Strategies Critical to proactively assess interactions with government contractors OIG expects $2.4 billion in recoveries for health programs in FY 2009 PPACA-Patient Protection and Affordable Care Act This is the comprehensive healthcare reform legislation passed by both the House and Senate in March of 2010 FERA - Fraud Enforcement and Recovery Act This law significantly strengthened the federal False Claims Act by increasing the type of provider conduct that can be attacked by prosecutors and whistleblowers Inspector General Recent Remarks 41

Preparedness Infrastructure Contractor committee(s) Information management Records collection Control Production HIPAA Document and records hosting Chain of responsibility Management of overlapping deadlines Other activities Governance considerations Pre-audit testing Data mining Contractor intelligence CMS website Individual contractor websites 42

If you Remember Nothing Break down the hospital silos Support from the top down Else Formalize reporting of results through UR to PI/Compliance to MEC (Medical Executive Committee) to your Board Critical most hospital compliance policies require this The hospital executive team (C-Suite) needs to spend time with UR and PI (and finance) to garner understanding of effect on the facility Correct issues, ensure compliance and hardwire your systems NOW.

If you Remember Nothing Else Create a state of continued readiness Have a plan to tackle pushback Compliance must be non-negotiable CEO must make top priority Engage Key Players (Medical Staff Leadership) UR committee is key MEC needs to back this Provide Physician Education Can t emphasize this enough

Thank You Questions & Answers Tanja Twist Senior Director of Operations Adreima ttwist@adreima.com (626) 340-3769 45