Journal of AHIMA - July 2011

In addition, organizations should gain an understanding of the increased workload that may result due to these external audits. For example, RAC auditors are allowed to request up to 500 records every 45 days. Organizations should determine the staffing needs required to support the process from the point of request receipt and record copying through the possible denial and appeal process.

The ABCs of Government Auditors

More than a dozen government auditors are currently at work in healthcare. Following are descriptions of the major auditors and the focus of their audits.

CERT

CMS implemented the Comprehensive Error Rate Testing (CERT) program to measure improper payments in the Medicare Fee-for-Service (FFS) program. It was designed to comply with the Improper Payments Elimination and Recovery Act of 2010.

All claims for the CERT program are chosen at random and designed to pull a random electronic sample of claims. CMS outlines how records are requested for the CERT program through its “Improper Medicare Fee-for-Service Payments Report,” available at https://www.cms.gov/apps/er_report.

DOJ

The Department of Justice collaborates with many of the auditing agencies including OIG and the Department of Health and Human Services (HHS). In addition, DOJ can perform other audits if requested by other government agencies.

DOJ primarily uses auditors to work on civil fraud cases and uses these same auditors to work on healthcare fraud. When a federal or state investigative agency identifies that a subject is under current investigation in multiple states or jurisdictions, that information is sent to DOJ to develop a nationwide strategy to coordinate the multiple efforts and resources. See appendix A in the online version of this practice brief for a list of DOJ activities in FY 2010.

HEAT

The goal of the Health Care Fraud Prevention and Enforcement Action Team is to prevent fraud and abuse in the Medicare and Medicaid programs by identifying fraud perpetrators and those abusing the system. The program also focuses on perpetrators who prey on Medicare and Medicaid beneficiaries.

Increased HEAT audits are considered to be the number-one compliance risk of 2011 because the program has been incredibly successful in building partnerships between DOJ, HHS, and other agencies to recover tax-payer dollars. 3 In fact, an additional $60.2 million in funds has been dedicated to fund additional teams and investigations in FY 2011.4 See appendix B in the online version of this practice brief for a list of HEAT Strike Force results in FY 2010.

Practice Brief

MACs

Medicare Administrative Contractors are contracted to perform prepayment medical reviews to ensure services provided to Medicare beneficiaries are covered and medically necessary. All claims submitted to MACs are put through a “scrubber” to check against claim edits and ensure payments are made to certified providers. CMS publishes and maintains these edits, such as the Outpatient Code Edit (OCE).

Once the claim passes all edits, the MAC calculates the payment amount based on fee schedules, formulas, geographical adjustments, provider characteristics, and beneficiary copay-ments.

The Medicare Prescription Drug Improvement and Modernization Act of 2003 mandated CMS transition all its fee-for-service fiscal intermediaries and carriers to MACs by 2011. As a result, 15 A/B MAC jurisdictions were established. In July 2010 CMS posted a notice of plans to consolidate the 15 MACs into 10 jurisdictions, implement a contract limit for the A/B MAC contracts, and enhance the role of the contractor medical directors.

In 2011 MAC audits are expected to be combined with RAC audits and leverage their resources in identifying payment errors. MACs primarily review on a prepayment basis, while RACs review on a retrospective system. As the MAC utilizes prepayment edits to identify payment errors, the results may be sent to the RAC for retrospective review.

If an organization receives a MAC review and identifies that a billing or coding error has occurred, it is best to self-report regarding past discharges. By self-reporting, the organization stops a potential RAC retrospective review, which could also open the organization to full medical necessity review in addition to a DRG review.

MIP and MICs

The Deficit Reduction Act of 2005 created the Medicaid Integrity Program (MIP) under section 1936 of the Social Security Act. MIP is the first comprehensive federal strategy to prevent and reduce provider fraud, waste, and abuse in the $300-billion-per- year Medicaid program.

CMS has two broad responsibilities under MIP: to hire contractors to review provider activities and to support states in their efforts to combat fraud and abuse.

The Social Security Act also required CMS develop the five-year Comprehensive Medicaid Integrity Plan in consultation with internal and external partners. The Medicaid Integrity Group oversees MIP through Medicaid Integrity Contractors (MICs) and State Program Integrity Operations.

There are three primary MICs. Review MICs analyze Medicaid claims data to determine potential provider fraud, waste, or abuse. Audit MICs audit provider claims and identify overpayments. Education MICs provide education to providers and others on payment integrity and quality-of-care issues.