The government is escalating investigations through Recovery Audit Contractors (RACs), Medicare Recovery Contractors (MACs), Medicaid Integrity Contractors (MICs), Zone Program Integrity Contractors (Z-PICs), and now, the very active Health Care Fraud Prevention and Enforcement Action Team (HEAT). Home Health agencies are at a critical crossroads. It is essential that agencies take control, review processes, and proactively identify and address vulnerable areas.
The MACs will be looking at current claims filed. The RACs will take a retrospective look at claims back three years.
The Affordable Care Act identified monitoring and “minimum” requirements of an effective compliance program expecting programs to take steps to ensure the organization’s compliance and ethics program is followed, including monitoring and audit to detect criminal conduct. .It is also expected that an evaluation of the effectiveness of the compliance program will be completed periodically. If ever audited by a government agency, you want to be able to show your compliance plan and the processes involved with that plan.
A REVIEW…The RACs:
The RAC auditors have been authorized to recover “improper payments “of preapproved areas of risk. In the demonstration project, high areas of risk included incorrectly coded records, therapy appropriateness, and medically unnecessary services. The RACS use public information from the Office of Inspector General (OIG) and the General Accounting Office (GAO) to focus improper payment audits.
RACs have a demonstration project that recovered over 96% of all audited claims resulting in take-backs of 1.3 billion dollars. Is it any wonder that the home health industry is concerned about their new focus?
RACs are contingency based, so, they are motivated to seek out variances. They can audit 1% of the average monthly Medicare episodes of care (maximum 200) every 45 days per NPI. There is a RAC designated only for home health, hospice, and DME.
The HSS and the U.S. Department of Justice have teamed up to create the new Health Care Fraud Prevention and Enforcement Action Team (HEAT) to investigate and work to eliminate fraud in healthcare. They are using technology as a key tool for their mission. Their initial focus was directed toward Durable Medical Equipment, as well as services paid for by Medicare Part C (Medicare Advantage) and Part D (Prescription Drug Programs). They have since been very active in home health care.
To have reassurance that one could withstand a RAC/MAC/MIC etc audit, agencies should be reviewing samples of past claims, scrutinizing present processes, educating personnel, and updating the Corporate Compliance Plan. The OIG believes that effective compliance programs should include the following components, which are based on the seven steps of the Federal Sentencing Guidelines.OIG Expected Components of a Compliance Plan:
Compliance Policies and Procedures to include written standards of
Designation of a Compliance Officer and Compliance Committee
Ongoing Education and Training
Effective lines of communication; Process for Reporting Concerns,
such as a hotline
Enforcement of Standards
Development of an Auditing and Monitoring System
Corrective Action Process for Correcting Compliance Problems
The Corporate Compliance Plan should represent the enterprise-wide initiative designed to detect and prevent problems of noncompliance and include:
An Introduction and Purpose complete with expectations.
Response and Corrective Action
Enforcement and Discipline
Standards for Business Conduct
Code of Conduct
Code of Ethics
Employee Open Communication :
Agreement with the National Hotline Service
Tracking all calls including interventions
Effective programs have strong internal controls to promote adherence to applicable federal and state laws. They will also include internal auditing components of agency processes, services, and products with feedback mechanisms. There is a well defined agency code of conduct with a compliant culture and frequent employee training. An infrastructure includes a Corporate Compliance Officer who, in addition to other duties, will monitor industry areas audit focus. The agency can then explore their vulnerabilities.
The OIG Top Medicare PPS Compliance Issues include:
Reporting additional visits not made in order to exceed LUPA and therapy thresholds
Providing additional visits to avoid LUPA and therapy thresholds
Upcoding and downcoding on the OASIS
Duplicate bills and timeliness
Returning credit balances promptly
Routine waivers of copays
Billing for services without physician orders
The RAC Demonstration Project issues include:
Incorrectly coded patient records 35%
Lack of Medical Necessity found in the patient records 40%
Insufficient documentation in the patient record 10%
Besides the above areas that might bring about adverse financial impact and raise questions regarding potential fraud and violations of the False Claims Act (False Claims Act 31 U.S.C. 3730), home health Corporate Compliance Officers must also be aware of HIPAA compliance, Patient Freedom of Choice 1802, Conditions of Participation (CoP) and licensure violations as well as monitoring referrals to prevent referral kickback violations (Stark II, Phase III, SSA 1877) and Civil Monetary Penalties, SSA 1128(a)(5).
Home health agency compliance officers should expect to remain on the frontline of risk assessment and enforcement of health care regulations. The RACs, MICs, MACs, Z-PICs, and HEAT are only just beginning.
For additional information and what to expect from CMS in the future, look at the Medicare Managed Care Manual Chapter 21- Compliance Program Guidelines.
The healthcare map is changing. ACOs are growing. They expect compliance and quality care with positive outcomes as a given. They may ask what completes your agency compliance dashboard. Do you have a compliance dashboard? How often is it produced?
Metrics should include recruitment gauges, background screenings, Education/training metrics, numbers of coding and billing audits, as well as HIPAA breaches. It may be time to look at outside experts for areas of risk, such as Coding and Billing, especially in light of the looming ICD-10 CM.
A positive by-product of an organization that effectively implements a Corporate Compliance Plan is the emergence of a renewed vision of the future. In this age of government audits, a forward thinking organization will create or update their program for all of the right reasons. However, corporations will soon realize that they can leverage their compliance programs as public relations tools, which not only affirm their role, as solid community citizens, but, also as business associates who share commitment to integrity and ethics.
MS, RN, CHCQM, COS-C, ICM
Fellow of the American Institute for Healthcare QualityExecutive Vice PresidentChief Compliance Officer
4155 E. La Palma Ave
Anaheim, CA 92807
RACs have recovered over 96% of all audited claims resulting in take-backs of over 2 billion dollars. Is it any wonder that the home health industry is concerned about their new focus in our industry? The RACs have been identified. The MACs, who will work with the RACs are all now in place.
RACs are contingency based, so, they are motivated to seek out variances. They can audit 1% of the average monthly Medicare episodes of care (maximum 200) every 45 days per NPI.
Home Health agencies should anticipate to see audits of outlier payments for insulin injections. They should expect, based on coding algorithms to see records reviewed. Are you monitoring your coding and documentation closely? Expect audits. Fiscal Intermediaries have identified reasons for claim denials and identified high risk areas for non-compliance. Those targeted areas include areas involving coding, homebound status, the documentation of the skilled services delivered, and the overall medical necessity of care administered.
Agencies should be cautious that the codes affixed are well supported by the documentation of the clinician. Too frequently, there has been partial denial of therapy resulting in medical review down-code. Too often and easily, FIs have found clinical documentation incongruent with OASIS M items. Too many times, the reviewers have found that the documentation does not support the focus of care, the sequence for coding, or the medical necessity of the skilled services billed.
In the RAC demonstration project, 35% of the findings pertained to coding. Expect Home Health coding to become one of the chief areas of focus. Remember, the RACs will be looking at variance which will allow them to view consistency of a client’s OASIS, coding, clinical documentation, and the plan of care.
The RAC attack: how to prepare and manage the audits
The Centers for Medicare and Medicaid (CMS) has implemented, in home health, the audit process that has proven successful in other areas of the health care industry. The RAC auditors have been authorized to recover “improper payments “of preapproved areas of risk. In the demonstration project, high areas of risk included incorrectly coded records, therapy appropriateness, and medically unnecessary services. The RACS use public information from the Office of Inspector General (OIG) and the General Accounting Office (GAO) to focus improper payment audits.
RACs have recovered over 96% of all audited claims resulting in high take-back dollars. Is it any wonder that the home health industry is concerned about their new focus?
RACs are contingency based, so, they are motivated to seek out variances. They can audit 1% of the average monthly Medicare episodes of care (maximum 200) every 45 days per NPI. The question is: what action should the home health agency consider now?
Choose a RAC Leader and RAC Response Team
First of all, agencies should appoint a RAC Team Leader who will identify the single point of contact and establish a RAC Response Team. This dynamic team should represent the components of the clinically driven revenue cycle management (RCM) process. Specifically, 1) physicians and clinicians;, nurses, therapists, social workers, 2) quality improvement and documentation specialists, 3) casemanagers, 4) coders, 5) HIM, 6) chargemaster/billing/RCM specialists, 7) data analysts, 8) Education/Training Specialists, 9) corporate compliance, 10) legal, 11) department heads, 12) mitigation sub-committee that will actually analyze and track each RAC record , and others will be called as needed. This team will need to address both past and present tactical and oversight issues while prioritizing areas of risk. Additionally, they will review the agency’s ability to complete processes, including audits, and tracking the appeal response.
RAC audits represent significant risk to revenues, profit margins, and workflow stability. The education of the RAC Response Team is vital in developing the most thorough, yet, efficient approach to establishing RAC risk review and protocol preparedness. Have the team ready.
RAC Response Team education should include lessons learned from the home health industry past: Operation Restore Trust (ORT), May 1995, a two year project in five states resulting in $187.5 million in fines, recoveries, and civil money penalties. After four years, ORT was credited with a 45% decrease in improper payments, recovery of over $524 million in judgments and settlements and prevention of nearly $11 billion paid in inappropriate claims.
In general, ORT found issues with medical necessity, lack of homebound status, and lack of documentation to support care provided. Sound familiar? ORT targeted agencies by volume of claims, frequency of medical review issues, LUPA episodes, outliers, therapy thresholds, as well as medical necessity determinations and coding errors.
The recent RAC demonstration results reflected similar focus areas. Agencies should heed those trends identified.
The RAC Response Team should become familiar with regulatory requirements and timeliness. Inservices as well as FAQ sheets with key regulatory highlights and a list of appropriate links to review could be provided. The leader should become familiar with the RAC website as well as monitor the CMS website, alerts, and transmittals.
The RAC Demonstration project showed a 7% payment recovery because of inadequate response to medical record requests so, a process will be needed, to mitigate information flow and manage RAC audit activities thus, create the RAC mitigation sub-committee. This committee or team should function as a subsection of the RAC Response Team, aiding the RAC Team Leader in tracking claims under review.
Identify the patient and document flow, identifying tasks and tools. Diagram patient care flow from intake > admission> medication profile review> discipline specific careplan development > coding > plan of care development > RAP drop> discipline visits > outcome achievement> QA process review >to final claim submission and A/R management.
Retrospective chart audits as well as present processes and concurrent chart audits should be completed to identify risk. The RAC Response team may decide to contract with third party specialists for comprehensive consulting services to assist the team. The services can include:
ICD-9-CM Coding Review (Soon to be ICD-10 CM)
Documentation adequacy to substantiate the Plan of Care and the Codes
Billing and Revenue Cycle Management (RCM) Review
Process and Workflow Analysis
Clinical and RCM Resource
Presenting OASIS C and Evidenced-Based Practice correlations
Conducting RAC training sessions to prepare identified personnel for audits
Comprehensive third party clinical/RCM review of care delivered can assign potential organization susceptibility. The chart audits can distinguish:
If the admission was medically necessary and the plan appropriate and covered all disciplines.
If the clinical visits support the plan and the notes
If the coding met convention and had adequate documented support
Focus on case mix diagnoses
Review diagnoses sequencing
If therapy, treatment and procedures were appropriate
If the reason qualifying homebound status was documented each visit and used objective measureable language
Other criteria mutually identified by the RAC Response Team and the outside specialists
The RAC Team should consider reviewing the agency overall compliance process, keeping basic CMS regulations in mind.
There have been no limits placed upon the number of sixty day episodes per beneficiary as long as they remain eligible for the home health benefit. Payment is adjusted to the patient’s need. It becomes the home health agency’s responsibility to assess the patient accurately. Based upon answers to OASIS items describing the patient’s condition and projected therapy needs, a case-mix adjustment is determined. It is the agency’s responsibility to be certain the assessment is accurate, the care is appropriate, and expected outcomes are achieved. Congruency is a key.
Though no limits have been placed on the number of episodes, the Medicare home health benefit is intended to address short term medical needs designed to be met within 60 days. Ongoing recertification is meant to be the exception, not the norm. That recertification must be signed and dated and have backup support of clinical visit and progress notes, copies of summary reports sent to the physicians, and discharge planning. 42 C.F.R. 484.48. Sometimes, agencies forget that recertification episodes must be clearly justified and are being reviewed carefully. The RAC Team may wish to call for an audit of patients with two episodes and higher.
Expect recertification assessments to become a focus of review.
Because, the RAC audits have focused on medical necessity, it is vital that the intake process and admission policies be reviewed to ensure compliance. Involve case managers to discuss how they determine projected visit numbers as well as reconcile their careplan focused visits to the Plan of Care. That Plan of Care is the physician ordered medical certification substantiating the need for home health services. 42 C.F.R. 409.43(c) (3).
The coding processes have historically been one of the highest targeted areas of concern because of inaccurate coding in relation to the assessment and documentation submitted. Improper sequencing of codes with incongruence between assessment and plan of care create chart concerns. Chargemaster functions are to be reviewed to determine how identified problems are corrected. Consider third party coders or third party billing sources who know the rules and assist you to remain compliant.
Billing processes are diverse and should be order centric. A record and process review is necessary to map out areas of high risk, such as physician orders and signatures reconciled prior to final claims dropped. Timeliness requirements should be noted when the process is diagrammed. Billing can become complex when changes and corrections must be made, so a clear tracking process must be maintained. Personnel must be kept current in billing code changes and CMS requirements.
Anytime adjustments or corrections must be made to the billing, there is a risk for duplicate billing. A strong, consistently reviewed process is needed to track beneficiary eligibility, routine billing requirements, billing adjustments, timeliness, and order centricity. This review process will go a long way toward preventing automated audits. Remember, the automated audits are intended to locate the simple errors.
The Complex reviews are seeking errors that require more intense review; through medical record reviews. If a RAC demand letter should arrive, the agency may wish to use that informal discussion period, to discuss the RAC’s reason for the repayment. The agency
You should discuss with the RAC auditor how they can submit supportive documentation. If the RAC agrees to see additional information, they can stop the recoupment process If they do not agree the agency can continue with the appeal process.
Providers/agencies have 120 days (from the date on the demand letter) to file an appeal. This appeal can halt recoupment but, without a valid appeal, recoupment starts on day 41 per CMS. Appeal prevention oriented agencies need strong process review and implementation. They need to start their own review now.
Coding and Documentation. Coding and Documentation. Coding and Documentation. They just keep becoming more and more important!
RACs, MACs, Z-PICs, Part II of IVCERTS – (Comprehensive Error Rate Testing) To better calculate the performance of the FIs and MACs, as well as to look at the reasons for their errors, CMS decided to look at a number of additional rates. The additional rates include
provider compliance error (how well providers prepared claims for submission)
paid claims error rates (measures how accurately FIs and MACs make coverage, coding, and other claims payment decisions). CERTs randomly select a sample of about 100,000 claims each reporting period.
CERTs review the claims for proper Medicare coverage, coding, and billing rules, and if not in compliance, they assign an overall error rate.
CERTs also identify if providers received overpayment letters or notices of adjustments to be made for claims that were overpaid and underpaid. CERTs are considered the Quality Improvement specialists who track and trend the performance of fiscal intermediaries and Medicare Administrative Contractors.
Z-PICs – Zone Program Integrity Contractors will perform Medicare Program integrity functions for CMS. They will interact with each MAC to handle fraud and abuse issues within their jurisdictions. ZPICs are seen to consolidate the work of present CMS Program Safeguard Contractors (PSCs) and Medicare Drug Integrity Contractors (MEDICs) and are divided into 7 zones.
The Z-PICs act with the Department of Justice and FBI and act as the investigators when fraud is very strongly thought to have been found. The Z-PICs have the power to suspend claims for up to a year and the agency has no appeal recourse during that
Annually, CMS receives 1.2 billion claims. That breaks down to 4.3 million claims per work day, 574,000 claims per hour, and 9,579 claims per minute. Fraud and abuse are on the rise and the pressure is on.
CMS has unleashed the age of the auditor with the advent of the RACs, MACs, CERTs, MICs, Z-PICs, and now, the HEAT.
RACs- The contingency motivated Recovery Audit Contractors (retrospectively focused). The RAC Demonstration Project of 2005-2007 recovered over $1.3 billion, mostly due to medically unnecessary services (45%), incorrect coding (35%), and insufficient documentation (10%). With four RAC approved firms covering specific geographic regions, these auditors are expected to continue their positive recovery program. The RAC demonstration project yielded a cost of only 22 cents for every $1.00 recovered. They are now in place and ready to go at measure. Certain RACs have been held back until all MACs were in place. That is now completed.
MACs –Medicare Administrative Contractors have been transitioning in and replacing the Regional Home Health Intermediaries (RHHIs). There are 15 MACs with 4 focusing only on DME claims. Though providers fear the RACs, they are well aware of the power of the MAC. This auditing body can impose “severe administrative action” such as up to 100% prepayment review, payment suspension, and use of statistical sampling for over payment estimation of claims (current and prospective focus). MACs have power and Congress is encouraging them to use it.
Information made available on this website should not be considered legal advice. It is for educational purposes only and does not provide all available information on the subject. Information shared is not a promise or warranty/guaranty (expressed or implied). The opinions expressed, discussions undertaken, and materials provided do not represent any official position of Select Data.