The Centers for Medicare & Medicaid Services (CMS) established seven zones based on the Medicare Administrative Contractor (MAC) jurisdictions. As a result, the Zone Program Integrity Contractors (ZPICs) were created to perform program integrity functions for Medicare Parts A, B, C, D, Durable Medical Equipment (DME), Home Health + Hospice (HH + H), and the Medicare Medicaid Data Match Project (Medi-Medi).
CMS began transitioning responsibility for benefit integrity activities to ZPICs from Program Safeguard Contractors in 2009, as CMS wanted ZPIC zones to be co-extensive with MAC jurisdictions.
According to CMS, the primary goal of ZPICs is “to identify cases of suspected fraud, develop them thoroughly and in a timely manner, and take immediate action to ensure that Medicare Trust Fund monies are not inappropriately paid out and that any mistaken payments are recouped.”

How Are ZPICs Different From Other CMS Contractors?

The primary mission of ZPICs is to identify fraud. They do not conduct random audits, they have no specification regarding look-back periods, they can make unlimited document requests, and they are not paid on a contingency fee basis, although they do get performance bonuses.
Recovery Auditors must identify and correct improper payments, they have some limitation on the documents they can request, and they are paid on a contingency fee basis.
The purpose of MACs is to educate providers, process and conduct billing, correct the behavior in need of change and prevent future inappropriate billing, and recover payments.

How Do ZPIC Audits Arise?

Data analysis, complaints, and referrals are the main triggers for ZPIC audits. With data analysis, a ZPIC may use data to detect high frequency of certain services as compared with local and national patterns, trends of billing, or other information that may suggest the provider is an outlier.

Employee or beneficiary complaints to the Office of Inspector General hotline, fraud alerts, or even directly to the ZPIC can trigger an audit. MACs or other contractors and law enforcement agencies may alert ZPICs. For example, a MAC could identify billing inconsistencies and refer it to a ZPIC for further analysis.

What Are The Potential Outcomes From A ZPIC Audit?

ZPIC audits can result in a number of actions, including: suspension of payment; recoupment of alleged overpayments; referral to enforcement agencies, such as OIG; and revocation of participation in Medicare.
Providers can be placed on up to 100 percent pre-payment review by a ZPIC, in which case the provider must stop billing for claims until further notice. If a case is referred to the Office of Inspector General, it has 90 days to accept the referral, refer the case to the Department of Justice, or reject the case.

ZPIC Zones

There are seven ZPIC zones, compared with the previous 17 PSC zones, with four contractors awarded among the ZPIC zones, as follows:
Zone 1: Safeguard Services: American Samoa, California, Guam, Hawaii, Mariana Islands, Nevada.

Zone 2: NCI (previously AdvanceMed Corp.): Alaska, Arizona, Idaho, Iowa, Kansas, Missouri, Montana, Nebraska, North Dakota, Oregon, South Dakota, Utah, Washington, Wyoming.

Zone 3: Cahaba Safeguard Administrators (fully operational start date is April 24, 2012): Illinois, Indiana, Kentucky, Michigan, Minnesota, Ohio, Wisconsin.

Zone 4: Health Integrity: Colorado, New Mexico, Oklahoma, Texas.

Zone 5: NCI: Alabama, Arkansas, Georgia, Louisiana, Mississippi, North Carolina, South Carolina, Tennessee, Virginia, West Virginia.

Zone 6: Cahaba Safeguard Administrators: Connecticut, Delaware, District of Columbia, Maine, Maryland, Massachusetts, New Hampshire, New Jersey, New York, Pennsylvania, Rhode Island, Vermont.

Zone 7: SafeGuard Services: Florida, Puerto Rico, U.S. Virgin Islands.
Source: Reed Smith,