In the federal government’s war on health care fraud and abuse, the strategy of “pay and chase” is history, according to the Centers for Medicare & Medicaid Services (CMS). The new front on fraud deploys a more proactive approach that officials say will screen out would-be bilkers and streamline the process so that honest providers can better navigate the system.

But in the wake of the agency’s fraud-fighting fervor, some skilled nursing facility (SNF) providers have been subjected to unprecedented tactics that have frightened staff members and, in some cases, put providers in a state of limbo that has stunted cash flow indefinitely.

 

The new National Fraud Prevention Program is based on a data-mining tool known as predictive modeling, which, according to Peter Budetti, director of CMS’ Center for Program Integrity, utilizes a “twin pillars” approach: On the one side is a largely claims-based analytic system that incorporates a wide range of information for the purpose of identifying unusual patterns, while on the other side it screens providers in “a very efficient manner.”

Speaking recently at a briefing in Washington, D.C., Budetti described CMS’ new strategy as “a new generation of activity in which [CMS] is continuing to partner with law enforcement and take administrative action that will interrupt the ability of people to steal from the program.”

 

The purpose of the new approach, he said, is to “make it harder for the bad guys to commit fraud and easier for the good guys to participate.”

 

Launched nearly one year ago, the predictive analytics side of the program, known as the Fraud Prevention System (FPS), processes and monitors 4.5 million claims from Medicare Part A, Part B, and durable medical equipment providers each day using “a complicated and sophisticated set of algorithms to highlight problem areas, to generate alerts that enable the agency to direct its resources accordingly, and to take administrative action,” says Budetti.

 

The system is designed to help investigators identify and analyze billing patterns in real time, in order to stop potentially fraudulent claims before they’re paid, investigate them, and take action quickly.

 

In a Los Angeles Times op ed last year, Budetti outlined how the new approach is working. “First, we’re paying closer attention to who is signing up in the first place,” he said. “Now, before you can become a Medicare provider, you have to go through a rigorous third-party review process that will make sure you have the correct licenses and meet all the requirements to bill Medicare.”

 

The days when you could just “hang a shingle and start billing Medicare are over,” he said. If criminals do get into the system, he added, “they’re now a lot more likely to get caught.”

It is amid this backdrop that CMS contractors have been given their marching orders. Among the groups charged with implementing the new agenda is one that has gained a great deal of attention from providers and the attorneys representing them—they are the Zone Program Integrity Contractors, or ZPICs.

 

Unfortunately for some providers, ZPIC auditors have been known to use aggressive tactics in their investigations by arriving at facilities unannounced and asking to speak to staff members in the middle of their shifts, for example.

“ZPICs are carving out a role for themselves that is perhaps broader than what we would expect from the government itself,” says Scot Hasselman, a partner with Reed Smith, Washington, D.C., and member of the American Health Care Association (AHCA) Legal Committee.

Hasselman and his colleagues have seen this activity in nursing facilities recently, “where the ZPIC auditors have shown up at a nursing home unannounced and said, ‘Let us see your records.’” This is not typical of a Medicare contractor, he says.

“Normally, when there is an audit, the company will get a written notification in the mail, they pull the records together, they send them off, and then there’s a response.”

 

Hasselman stresses that the unusual nature of these activities is unprecedented, even for the government. “When we have clients who are investigated, even under the federal False Claims Act, we’ll get a subpoena from the Office of Inspector General [OIG] or the Department of Justice [DOJ], and we’ll have 30 days or more to respond,” he says.

 

“In contrast, we have reports of ZPIC auditors who have shown up in facilities unannounced, asked to see records, and interviewed employees and who have threatened various sanctions against providers if they refuse such requests.”

 

Another tool being aggressively utilized by ZPICs is statistical sampling, in which the auditor reviews a sample of claims, representing perhaps several thousand dollars, and extrapolates that analysis into an assertion that the provider owes the government hundreds of thousands of dollars.

 

“We are aware of companies that have had $8,000 in claims reviewed, and the ZPIC came back and determined that the disallowance is over $1 million,” Hasselman says.

 

Other ZPICs have put providers under a pre-payment review that prevents the facility from billing to Medicare until the ZPIC has reviewed the claims.

 

Pre-payment reviews are a key exercise of ZPICs’ audit authority, Hasselman says. “It means they can suspend payment to you and prevent you from billing in the first place. The problem with this is you don’t have any administrative appeal rights at this point in the process. In contrast, if you have a claim that has been disallowed, then you can go and appeal.

 

“Instead, under a pre-payment review, the ZPIC will say, ‘we’re going to temporarily suspend you from being able to bill until we can review your claims.’”

 

Halting the billing process can damage a provider’s cash flow. “In addition, you’re at their mercy because you’re waiting for them to analyze and make decisions about your claims,” says Hasselman. “So it can be a real challenge because you’re not in a position where you can go before an administrative law judge or a Medicare Administrative Contractor. There’s no remedy until you have a claim that’s disallowed.”

Attorneys representing SNF providers say the private ZPICs are in hot pursuit of perceived fraud, including the over utilization of therapy, based on what Hasselman describes as “the government’s mistaken belief” that only a very limited percentage of a SNF’s patient population could benefit from high-intensity therapy.

 

“This is a big controversy,” he says, “where a number of providers are being targeted and audited for their provision of therapy services in Medicare skilled nursing facilities.”

 

Hasselman says that ZPICs are zeroing in on SNFs’ use of resource utilization group (RUG) classifications, particularly ultra-high RUGs, “and some will say that if your utilization is over 15 percent or 20 percent it’s a presumption, on the part of the government and the ZPICS, that you’re doing something improper, that it’s fraud.”

 

Most likely at the root of ZPICs’ ardor is a December 2010 OIG report that found “questionable billing practices” on the part of SNFs. In it, OIG asserts that some 26 percent of claims submitted by SNFs were not supported by the medical record and represented some $500 million in “potential overpayments.”

 

Billing by SNFs for ultra-high therapy increased substantially from 2006 to 2008, with 17 percent of all RUGs in 2006 being ultra-high therapy, compared with 28 percent in 2008, the report found. At the same time, SNFs’ use of high therapy (as opposed to ultra-high therapy) dropped from 16 percent in 2006 to 11 percent in 2008.

Most notable in the report is OIG’s assertion that the jump in higher-paying RUGs was not the result of a change in beneficiary characteristics. In the two-year period studied for the report, OIG claims that the beneficiaries’ ages and diagnoses at admission were “largely unchanged from 2006 to 2008.”

 

Some SNFs also were found to have unusually long average lengths of stay, compared with those of other SNFs, the report said, indicating that “certain SNFs may be routinely placing beneficiaries in higher-paying RUGs regardless of the beneficiaries’ care and resource needs or keeping beneficiaries in Part A stays longer than necessary.”

Having identified 348 SNFs that were in the top 1 percent, and using at least one of the measures discussed in the report, OIG asserted that for-profit SNFs owned by large chains are most likely to be inappropriately billing.

What Medicare Contractors Are Looking For

Given their findings, OIG recommended a number of steps that both CMS and SNF providers should take to ease overbilling. Among them: CMS should monitor payments and adjust rates, if necessary; strengthen monitoring of SNFs that are billing for higher-paying RUGs; and follow up on SNFs identified as having questionable billing.

 

In addition, SNFs should consider utilizing “therapists with no financial relationship to the SNF to determine the amount of therapy needed throughout a beneficiary’s stay,” OIG advised.

 
In essence, OIG recommended that CMS look for outliers—providers that are putting what CMS deems to be a high number of patients in ultra-high RUG categories. The problem is, however, that many providers, by virtue of being good at providing rehabilitation therapy, could fit into this category.

Michael Cook, an attorney who specializes in SNF compliance at Liles Parker, a law firm based in Washington, D.C., has seen what appears to be a major push to identify facilities that use ultra-high RUGs in post-acute care. “You have a lot of facilities that focus on these folks, so they may or may not show up as an outlier, but ultra-high RUGs is where they are focusing, so you better have your ducks in a row,” he says.

“They can slice and dice data in so many different ways that practically any provider can appear to be an outlier,” says Robert Liles with Liles Parker. “Ultimately, they are statistics, and statistics may or may not mean anything. Nevertheless, contractors are heavily relying on data mining to identify providers who are billing differently than they would typically expect.”

Liles, who specializes in physician practices, uses oncologists as an example. Although there are undoubtedly cases of fraud that will be identified using data mining, Liles is concerned that some providers may inadvertently be targeted, based solely on the fact that the provider has been identified as an outlier.

“You could have one [oncologist] who is recognized as the best of the best.  His peers may regularly refer him the most complicated cases. In such a situation, you would likely have a provider who is often billing at the highest levels of complexity. The oncologist isn’t necessarily committing fraud, but he would still appear as an outlier when data mining is conducted,” he says.

The same is true for SNFs, according to Cook. “Since the advent of the sub-acute era in the 1990s and the corrections made to the initial RUGs calculations under the prospective payment system [PPS], many skilled nursing facilities have found that they can create a win/win situation by focusing upon serving patients in the SNF who previously would have been cared for in the hospital setting. Thus, the fact that a facility accepts a substantial number of patients who have ultra-high RUGs may simply be a reflection of rationalizing the best use of the setting.” 

Nevertheless, it is important that providers fully understand their obligations when choosing to serve as a participating provider. According to Cook, “There are literally hundreds of thousands of pages of laws, regulations, and guidance, which cover the Medicare and Medicaid programs alone.”

 
Moreover, say Liles and Cook, new guidance is issued every day. “As a participating provider, you are obligated to follow each of these rules. Providers who are unwilling to take on these important responsibilities really shouldn’t join the program.”

Singling out a facility for a fraud audit based solely on its rate of ultra-high therapy patients is a sign that fraud enforcement is out of sync with CMS policy purposes, Hasselman suggests. “The last decade has seen significant changes in post-acute sites of service,” he says. Imposition of Medicare controls like the 75 percent rule for inpatient rehabilitation facilities has pushed many inpatients needing rehabilitation back to SNFs.

“At the same time many providers have invested capital into expanding rehabilitation facilities and developed clinical capabilities to service those patients,” says Hasselman. “In addition, there is an increasing body of clinical literature that supports the benefit of high-intensity rehabilitation for long term care patients. Stated otherwise, there is significant evidence that the patient population has, in fact, changed over the time period in the OIG report,” says Hasselman.

 
In spite of these improvements in the standard of care, CMS is concerned about the resulting additional costs, because reimbursement under the SNF PPS is a per diem payment based upon acuity, where acuity is driven in part by resources provided by the facility, to include minutes of therapy, he adds. Given this dynamic, ZPIC, OIG, and DOJ auditors are second guessing the clinical determinations of the facility staff and the independent attending physicians.

 

“Although the government is prohibited from interfering with the practice of medicine, it is commonplace for auditors to substitute the hands-on clinical decision making of the facility’s professionals with that of their own,” Hasselman says, pointing to the Social Security Act, which contains a provision that prohibits the federal government from asserting any control over the practice of medicine.

 
Section 1801 of the act is clear on this point: “Nothing in this title shall be construed to authorize any federal officer or employee to exercise any supervision or control over the practice of medicine or the manner in which medical services are provided, or over the selection, tenure, or compensation of any officer or employee of any institution, agency, or person providing health services; or to exercise any supervision or control over the administration or operation of any such institution, agency, or person.”

 
“I think it’s a little capricious for [CMS] to say ‘any facility that has more than 50 percent ultra-high RUGs is going to get audited,’” says Karl Steinberg, MD, a long term care physician and multifacility medical director based in San Diego, Calif. “But that’s exactly what they do. The outliers are the ones who will get audited. I’m all for people getting a lot of therapy because usually the more therapy they get, the quicker they get better.”

 
Steinberg, who is vice chair of the American Medical Directors Association Public Policy Committee, calls himself a full-time “SNFologist” because he does not have an office practice and sees patients in 12 nursing homes in San Diego. He points out that SNFs are still saving Medicare money when compared with the cost of therapy in acute rehab facilities.

 
“We’re keeping these people out of acute rehab, basically, which is way more expensive than even the highest RUG rate,” he says. “And I don’t think two hours of therapy a day is excessive for most of the patients I care for.

“In general, physicians are going to support their patients getting as much therapy as is reasonable,” Steinberg says. “I don’t think there is any big outcry from us as to overbilling or providing unnecessarily rigorous services to our patients.”

Given the authority that ZPICs appear to have wielded, it is unlikely they will relent in their efforts anytime soon, say Cook and Liles. In addition to ensuring appropriate documentation, they advise clients, including SNFs, to take several steps to ward off an audit or, in some cases, avoid adverse results in an audit. Most important among them, they say, is to conduct a “gap analysis.”

“Go in, turn the lights on, do a sample of your claims, look at your operations. Are you meeting the current requirements? Yes or no? You’d be shocked at how many organizations have not taken this fundamental initial step,” says Liles. “Notably, those providers who fail to conduct a gap analysis are likely to continue moving down the wrong path—with deficient documentation, coding, and billing practices to show for it.”

The next step is implementing an effective compliance program, he notes. “Once you have a clear picture of your risk areas, you will be better able to design an effective compliance program. Unfortunately, some providers have chosen to merely copy a template or something they found on the Internet, without conducting a full analysis of the organization,” says Liles. “This approach is likely destined to fail. An effective compliance program must take the provider-specific risks into consideration so that these risks can be avoided.”

Cook advises providers to have a “well-functioning compliance program” that accounts for the OIG guidance for nursing facilities, especially the areas of risk noted in the guidance. Also, nursing facilities should consider areas of guidance that are specific to other types of providers with which they may interact significantly, such as hospice providers.

Although the importance of good documentation is not a revelation for SNF providers, he advises clients to make it a priority now more than ever. “At the billing end, if you’re doing high or ultra-high therapy, it’s vitally important that your MDS [minimum data set] matches your care plan, which matches your progress notes, which matches what the therapists are recording in their charts, and that you have appropriate physician orders,” Cook says. 

Staff training is another important aspect of a compliance program, Cook and Liles add. “In addition to the normal training that accompanies a compliance program, staff should be trained about what to do if, and when, auditors arrive at the facility. It is important to keep in mind that you are obligated to cooperate if your organization is audited. While your organization doesn’t have Fifth Amendment rights, the individuals within the organization do,” Liles says.

“Take care when dealing with government auditors; never lie or make a misleading statement. It is a crime to make a false statement to an OIG agent. Should you feel uncomfortable with the questioning, call your attorney.”

Moreover, Cook says, it is important to minimize staff anxiety that may occur when auditors arrive, especially as they attempt to question staff. It is crucial to provide advance training to staff and management on how to appropriately handle the situation.

Additionally, Cook explains that it is important for the facility to ensure that while it provides auditors with the records that they are seeking, the facility should also maintain control of the records that it provides and, to the extent feasible, the records that the auditors copy. “This is critical, among other things, to enable the facility to respond timely and intelligently both at exit and in any review process,” he says.

 

For the purpose of the audit, it is important to designate a point person who is trained on how to handle questions and to ensure that the facility maintains control and knowledge over the records that are reviewed, Cook adds.

 

ZPIC audits are similar to other contractor investigations in that providers have the same administrative appeals available to them as any other Medicare claims audit, Hasselman says. “Just like a Recovery Auditor, you get a regular disallowance and a five-level administrative appeals process. But one of the issues in the appeal can be the statistical analysis,” he says.

“In other words, if you appeal a determination you appeal the underlying claim, but it is in your best interest to also appeal the statistical extrapolation.”

Also worth noting is the fact that ZPICs are fraud auditors, he adds. “That’s their only role—to conduct fraud audits, to disallow claims, and to refer matters to DOJ or OIG. If you are the subject of a ZPIC audit, you should assume that they are reviewing your records to evaluate whether you are engaged in fraud,” says Hasselmen.

“Although providers should treat all audits with seriousness, we recommend that ZPIC audits receive a company’s utmost attention.”

According to Cook, providers are best advised to be proactive in their efforts to respond to an audit. In addition to an effective compliance plan, providers need to ensure that each patient’s care plan is person-centered and tailored to the beneficiary.

 
“To belabor the obvious, providers should ensure that all care plans created for beneficiaries, especially those areas that address therapy, are tailored to the beneficiary’s individual needs and designed to address the beneficiary’s functional deficits,” he says, “and that the MDS, which drives the RUG assignment, is consistent with these factors. Contractors will be on the lookout for RUG assignments that they believe do not match the resident’s condition.” 

 
In the end, say Cook and Liles, it comes down to quality assurance and compliance plans. “If you put an effective compliance plan in place, you can reduce your risk significantly. The only way to eliminate all risk is to not bill at all,” they say.

“It’s like a flu shot,” Liles says, “Having a good compliance program doesn’t mean you won’t get the flu, but if you do get the flu, hopefully it won’t be as bad as if you didn’t get a shot.”