Over the past several years, Congress has steadily expanded the federal government’s legal authority and ability to enforce health care fraud and abuse laws, such as the False Claims Act, against health care providers. At the same time, the government has greatly increased the number and scope of audits directed at participants in federal health insurance programs, such as Medicare and Medicaid.
National economic and political factors have contributed to the government’s elevated efforts to scrutinize payments of federal funds to health care providers. First, Medicare expenditures continue to rise and politicians are under pressure to contain costs. In an otherwise highly polarized political environment, particularly concerning health care, both political parties have been able to agree that wasteful, incorrect, and fraudulently obtained payments should be eliminated. The government has decided to bring fraud and abuse laws, as well as audit tools, to bear in a rare area of political consensus concerning Medicare cost control. Second, as the economy remains weak after a prolonged recession, the federal budget deficit has soared, increasing the government’s incentive to aggressively recoup improper and incorrect health care payments.
Stricter Fraud and Abuse Laws
The Fraud Enforcement and Recovery Act of 2009 (FERA) became law on May 20, 2009. FERA expanded the scope of the federal False Claims Act (FCA) and increased funding for health care fraud and abuse enforcement efforts. Specifically, the law extended FCA liability to downstream subcontractors of government contractors (including health care providers) even if the subcontractor does not directly “present” a claim for payment to the federal government. Prior to FERA, case law interpreted FCA liability to require that a party who makes a “false claim” seek payment directly from the government. FERA also reduced the level of intent required to prove FCA liability; expanded “reverse false claims” provisions, which apply when a party retains improperly obtained payments; granted authority to a greater number of Department of Justice attorneys to commence FCA investigations; and increased federal funding for enforcement.
The health care reform law (Patient Protection and Affordable Care Act, PPACA) also strengthened existing fraud and abuse laws. PPACA imposes new requirements on physicians relying on the “in-office ancillary services” Stark law exception for self-referred MRI, CT, and PET services, and eliminates the Stark law “whole hospital” exception. The law appropriates $250 million for increased government enforcement of fraud and abuse laws over the period from 2011 to 2016. Compliance programs, which are currently voluntary, will eventually become mandatory under PPACA for certain health care providers determined by the Secretary of the Department of Health and Human Services. PPACA reduces the level of intent required for the government to prove violations of the Anti-Kickback Statute, and specifically requires, under the FCA, that health care providers to return Medicare overpayments within 60 days of discovering that an overpayment has been made. The law also expands the scope of the Civil Monetary Penalties law.
A Legion of Auditors
Armed with enhanced fraud and abuse laws, the government has unleashed a number of auditors to identify and recover improper or simply erroneous payments made to health care providers. Some auditors, such as recovery audit contractors (RACs) and zone program integrity contractors (ZPICs), are recent creations. Others, such as state Medicaid Fraud Control Units (MFCUs) have been around for a long time, but have increased their levels of activity recently. Other members of the auditor alphabet soup include Medicaid Integrity Contractors (MICs), Program Safeguard Contractors (PSCs), and Comprehensive Error Rate Testing (CERT) auditors.
The number of potential auditors, who often have overlapping jurisdictions and missions, can be confusing and overwhelming, especially to smaller health care providers. For this reason, it is important for health care providers to task personnel and set up policies to deal with audits before an actual audit begins.
How to Prepare for Expanded Enforcement and Audit Efforts
The recent laws and regulations concerning health care fraud and abuse enforcement and audits have tilted the playing field in the government’s favor. Health care providers can best prepare for possible government inquiries and audits by implementing and operating effective compliance programs. The Office of Inspector General (OIG) recommends that health care providers have compliance programs in place, and has published detailed guidance by provider type on the elements of effective compliance programs. OIG compliance program guidance, including for physician groups, medical billing companies, and hospitals, can be found at http://www.oig.hhs.gov/fraud/complianceguidance.asp. Among other benefits, effective compliance programs can help health care providers identify potential compliance issues before they occur and address problems proactively.
With respect to audits, such as those performed by RACs, health care providers should identify personnel responsible for managing government audit responses before an actual audit commences. Providers should also have policies and processes in place to set parameters for the conduct of audits. For example, timelines are very important in RAC audits, and providers should therefore track deadlines and log correspondence with the auditors. Audit response strategies can be incorporated into a health care provider’s overall compliance program.