Providers Should Prepare for Medicaid Data Mining, Audits

The federal government is redoubling its efforts to combat Medicaid fraud through prevention and detection, as it has for the last several years with respect to Medicare fraud. Speaking at a webinar sponsored by the Health Care Compliance Association, Karen Nelson, explained recent federal developments and their impact on state enforcement efforts with respect to Medicaid fraud and abuse. Nelson, who is Of Counsel at DLA Piper in Austin, Texas, was Deputy Inspector General and Chief Counsel for the Inspector General of the Texas Health and Human Services Commission (HHSC).

“Follow the Money” to Predict Enforcement Efforts

State agencies enforce state law when they collect overpayments or pursue allegations of fraud against Medicaid providers. However, in most states, more than half of Medicaid spending comes from federal funds, and states must return overpayments to the federal government, and they must do so within one year of discovery whether or not they have been able to recoup the money from the provider. As a result, their enforcement efforts will be heavily influenced by federal priorities. Nelson said that providers should pay close attention to the HHS Office of Inspector General’s (OIG) annual Work Plan and CMS guidance.

Federal Priorities

Nelson believes that the HHS OIG will focus on state oversight to prevent, detect, and recover overpayments and state management of the Medicaid program generally. The OIG will monitor whether states have implemented their enhanced powers and authorities under the Patient Protection and Affordable Care Act (ACA) (P.L. 111-148), including: (1) termination of providers whose Medicaid participation has been terminated in other states; (2) suspension of payments due to credible allegations of fraud; (3) recovery of overpayments from credit balances; (4) use of enhanced screening and enrollment disclosures to assure that no payment is made to or for persons excluded from Medicare or Medicaid participation; (5) data matching to confirm beneficiaries’ eligibility; and (6) prevention of the use of inactive or invalid provider numbers or coding edits.

As CMS and the OIG move away from “pay and chase” and toward early detection and prevention of payment of fraudulent claims, they are expanding their use of data mining and analytics, increasing the volume and types of data that contractors will examine to find possible fraud. Nelson compared data mining to prospecting, where one determines the likeliest sources. Investigators use historical data sets to identify patterns and risk factors. The algorithms are continuously refined based on the newest data and recent findings. For example, Medicaid claims for medical transportation could be compared with claims for other services on the same day, drivers’ licenses and automobile ownership to uncover instances where the beneficiary did not have any medical procedures or visits on the date for which transportation was claimed, or would not have needed transportation. Nelson’s other examples included reviewing the officers and boards of professional corporations to for excluded practitioners and their relatives and comparing the number of procedures a practitioner claims to have performed with utility usage at the location.

Reorganization of Integrity Contractors

Nelson noted that CMS is changing its integrity contractor system to combine Medicare and Medicaid functions into Unified Program Integrity Contractors (UPICs). Like Medicare Administrative Contractors, a UPIC will be assigned to each CMS region, combining the functions of zone program integrity contractors, the Medicare-Medicaid Data Match (Medi-Medi), program safeguard contractors (PSC), and Medicaid Integrity contractors (MICs). The recovery audit contractors (RACs) will function separately, however.

Priorities for Providers

Nelson noted that federal enforcement efforts are emphasizing compliance with threshold conditions of payment and recommends that providers do the same, screening regularly to be sure that the individuals furnishing services have proper credentials, have not been excluded from participation and are practicing within the scope of their licenses. This data is relatively easy to find and confirmed with the providers’ internal data. The OIG Work Plan places special emphasis on these matters.

Other Recommendations

Nelson recommended that providers routinely review their internal data to note the claims that are denied most frequently, outliers whose numbers of procedures or dollar amounts are inconsistent with those of others on staff and to track the denials by code and provider. As they develop their programs, they should develop new queries for monthly reports, such as spikes in utilization, readmissions, billing units or dosages, and timed services. As they become aware of risk factors, their training and counseling efforts should be modified accordingly. In the event of an audit, site visit, or requests from a RAC, Nelson recommends that providers closely track each request and record all documents provided in response.