Medicare pays billions of dollars in fraudulently billed claims each year despite the various tools the Medicare system has at its disposal. Because of this problem, the Centers for Medicare and Medicaid Services (“CMS”) implemented several programs to assist it with regulating healthcare providers and preventing fraud.
One example is a fee-for-service program where CMS pays private contractors to audit healthcare providers, uncover Medicare fraud, and seek recoupment of billed claims that are fraudulent. Recovery Audit Contractors (“RACs”) are one type of private contractor whose objective is to identify fraud in Medicare Part A and Part B claims.
Additionally, under the Medicare Integrity Program (“MIP”), as established by the Health Insurance Portability and Accountability Act (“HIPAA”) of 1996, CMS created Medicare Administrative Contractors (“MACs”) to assist in detecting Medicare fraud and abuse.
Healthcare providers that participate in Medicare should be wary of governmental reviews and audits of their billing practices. As Medicare fraud increases, the government has enhanced its efforts to combat such fraud and hold providers accountable for fraudulent billing practices.
Regrettably, many providers make mistakes or are otherwise inconsistent in their billing practices and compliance programs. This can lead to negative audit reviews and forces many healthcare providers to appeal, which can be a lengthy and time-consuming process. It is therefore important to understand how to protect your business in the first place.
MAC versus RAC Audits
A Medicare Administrative Contractor (“MAC”) is a private healthcare insurer hired by the CMS to handle and process Medicare Part A and Part B claims or Durable Medical Equipment (“DME”) claims for Medicare fee-for-service (“FFS”) beneficiaries. MACs also help with audits of claims from home health hospice providers. MAC audits are powerful and intrusive procedures that have the potential to lead to serious federal charges for healthcare entities.
A Recovery Audit Contractor (“RAC”) reviews claims and identifies overpayments from Medicare so that CMS and other auditors are able to prevent improper payments in the future. RACs work to uncover instances of fraud within healthcare provider’s billing practices and pursue recoups if needed. If evidence of fraud or other misconduct is uncovered during a RAC audit, the RAC can refer the matter to other federal agencies such as the Department of Justice (“DOJ”) or the Office of Inspector General (“OIG”) for further investigation.
“Both MAC and RAC audits can result in serious civil or criminal charges. These audits request extensive data and information from a provider with little advance notice. Auditors have the power to demand the repayment of amounts they deem fraudulently obtained from Medicare reimbursement claims. A negative audit result could result in your practice owing substantial sums to CMS and may eventually lead to a protracted appeal. Therefore, when faced with a MAC/RAC audit, providers need to be prepared with a strategic defense plan—a plan that starts with retaining an experienced healthcare defense attorney.” – Dr. Nick Oberheiden, Founding Attorney of Oberheiden P.C.
Five Key Defense Strategies
Providers need to be proactive when preparing and defending against RAC and MAC audits. The list compiled below provides five key defense strategies to take when preparing for audits and preventing further federal investigation.
1. Retain legal counsel early in the audit process
There are several factors that providers need to keep in mind when hiring an attorney for healthcare audits: federal experience; attorneys with experience in the government; results; teamwork; and commitment. RAC/MAC audits are complex events with varying requests and deadlines. Hiring an attorney can help strengthen your compliance department when dealing with an ongoing audit. If you receive a negative audit review, you may wish to appeal that finding. The appeal process is time-consuming and highly intricate, demanding the assistance of an attorney. An attorney can also help evaluate the effectiveness of your business’ compliance program and its ability to detect and respond to internal weaknesses.
2. Understand the types of audits that are possible
It is important to recognize the types of audits that are possible and the different procedures that accompany each. For instance, RAC audits can be automated, semi-automated, or complex. The response the provider develops can vary depending on the type and scope of the particular audit.
3. Stay abreast of all legal and regulatory changes in healthcare audits
CMS websites often post information of the latest changes and news involving RAC and MAC audits. Healthcare providers ought to continuously monitor these websites for updates in audit procedures.
For instance, virtual audits became commonplace due to the coronavirus pandemic, but in-person visits could resume any day, necessitating that providers stay informed.
4. Ensure that all documentation regarding billing procedures and medical records is properly recorded in a thorough and legible manner
The best evidence is recorded documentation. RACs especially scrutinize a provider’s ability to demonstrate medical “necessity.” Therefore, it is imperative that all practices are properly documented and retained. Personnel should be trained on how to maintain and organize documents. Such information will be a necessity if the provider receives a negative audit review and needs to file an appeal.
5. Maintain a robust and comprehensive compliance program that identifies, corrects, and monitors internal weaknesses
The compliance program should be reviewed intermittently and updated as the law and other internal changes dictate. For instance, if changes in Medicare billing requirements are announced, all provider personnel should be informed and trained on such changes. The compliance program should also have detailed policies in place for recording and documenting key company information.
Healthcare fraud is on the rise. To combat the increase in Medicare fraud, waste, and abuse, CMS works with private contractors to root out fraud in a provider’s billing practices. Providers face a serious risk of recoupment from auditors. MAC and RAC audits collect millions of dollars in overpayments and fraudulent Medicare claims annually.
Medicare audits can lead to additional challenges down the road, including payment suspensions, prevention from working with governmental programs, civil investigative demands, government subpoenas, and sometimes criminal prosecutions.
It is important for providers to be prepared for these audits. This means taking the first step to retain legal counsel early in the audit process as well as understand the types of audits and regulatory environment. Providers must also ensure that their billing practices are properly documented and that they maintain a comprehensive compliance program.