This article concerns the use of self-audits. –Ed.
Written by Marla Durben Hirsch
If practices uncover large or systemic billing problems that led them to receive overpayments, they should conduct statistical sampling to quantify the total potential amount of overpayments received.
Doing so will reduce the time and resources some practices will need to spend dealing with overpayments in the wake of the final rule HHS released Feb. 11 (MPCA 3/16). Practices that conduct statistical sampling won’t have to review every claim that may have been overpaid, says attorney Ross Burris with Polsinelli in Atlanta.
Statistical sampling — also known as extrapolation — can be particularly helpful when complying with the rule because failing to meet the deadline to return overpayments is a violation of the False Claims Act. Penalties currently include fines of $5,500-$11,000 per claim, treble damages (damages times three) and/or exclusion from the Medicare and Medicaid programs.
The Accountable Care Act requires overpayments to be returned within 60 days of being identified. The rule clarifies how providers go about doing so.
Now that HHS issued the rule, providers are likely to see an increase in enforcement of the requirement that overpayments must be returned, Burris says.
Industry experts didn’t want to speculate on what percentage of providers might be receiving overpayments and might fall into the category of having large or systemic billing problems. However, all types of providers have at least some overpayments — many of which occur without bad intent.
Statistical sampling is a methodology to apply the rate of billing errors found in a sample of claims to a similar total population of claims. It is frequently used by the HHS Office of Inspector General (OIG), the Department of Justice, zone program integrity contractors (ZPICs), recovery audit contractors and other auditors to calculate providers’ overpayments.
The final rule specifically allows providers to use extrapolation proactively to quantify the amount to be returned, using “sound and accepted principles” that include randomly selecting claims from the applicable population of similar claims and extrapolating only within the time frame covered by the population from which the sample was drawn.
Statistical sampling is very accurate if performed correctly, experts contend.
How to apply statistical sampling
To determine whether your practice should use statistical sampling, first conduct a probe sample or audit. Do so after you receive credible information that there may have been an overpayment.
You’ll probably need to tailor the audit, say to particular years or a particular identified coding issue, Burris says.
If the probe audit reveals a larger, more systemic problem, extrapolation may be appropriate. Several decisions need to be made, in large part depending on the circumstances.
Most overpayments merely involve billing errors — say by a new coding employee — and will be returned to your Medicare administrative contactor (MAC). In these cases, you typically can (but don’t have to) conduct your own extrapolation following CMS’ program integrity manual section 8.4, which outlines what CMS is looking for in extrapolation and using a statistical sampling tool.
One of the most popular statistical sampling tools for this purpose is called RAT-STATS, which was created by the OIG and is available free on its website along with an instruction guide.
“It’s pretty easy to use and you don’t need to be a statistician,” says Gary Keilty with FTI consulting in Washington, D.C. RAT-STATS even allows users to utilize different “confidence” levels (the degree of certainty that the sample correctly depicts the total population) and “precision” levels (the estimated range of accuracy) percentages, he adds.
CMS accepts RAT-STATS as a statistical sampling tool for extrapolation calculation purposes, although its use is not required and a MAC may not have a preferred method.
Once your calculation is complete, go to the refund form from the MAC and submit the overpayment, Burris says.
“Most of the time the MAC will simply say ‘Thank you,’ and that’s the end of it,” he says.
If you’ve uncovered more than a simple error, the fraud and abuse or Stark laws(*) may be implicated. If the government is already involved, you’ll need more manpower and will want to engage an experienced attorney to handle the issue, including hiring an expert statistician, determining which government entity is involved to return the overpayment to (and what else that may involve), what the statistical sampling will entail and how best to approach the government.
Often the provider representative and the government will agree to negotiate smaller claims populations or timeframes subject to extrapolation, look at the sample together or use a statistician to provide a report, and then the parties come to a settlement based on those discussions, Burris says.
Using an attorney also will keep your investigation protected under attorney-client privilege, Keilty says.
It’s important to identify which government agency is involved, since different agencies prefer different methods of statistical sampling. For example, the OIG, which handles repayments under its self-disclosure protocol for issues involving the antikickback statute, prefers extrapolation using a 90% confidence level and a 25% precision level, Keilty says.
Consider 6 extrapolation tips
1. Don’t automatically assume that a discovered error requires extrapolation. A small error involving one or a few claims does not rise to a systemic issue that lends itself to extrapolation, Burris says.
2. If you’re handling your own extrapolation, make sure it’s a method the government accepts. This includes utilizing RAT-STATS as a statistical sampling tool and utilizing preferred confidence and precision levels. If you hire an outside statistician, ask what method he/she uses and whether the government finds that method acceptable. The government may be more likely to challenge your sampling — and overpayment amount — if it’s less accepting of the method being used.
3. Make sure you choose the right type of sample and sample size. For example, the sample needs to be randomly generated. RAT-STATS and even Microsoft Excel contain random generators, Keilty says.
4. Be careful about what you’re including in the extrapolation. For example, extrapolation assumes the total population it’s being applied to is very similar. If it isn’t, you may be including too many claims and triggering a higher overpayment than you should be repaying.
5. Note that if you use extrapolation, you don’t need to make two repayments — one for the errors uncovered during the probe audit and another covering the extrapolated amount. You can include them in just one payment, Burris says.
6. Include documentation explaining how the extrapolation was conducted and what method was used. The final 60-day overpayment rule requires this information be included when reporting and returning the overpayment, Burris says.
The Office of the Inspector General (OIG) of the U.S. Department of Health & Human Services (HHS) just released summary data for 2015. It was a busy year. There were 4,112 exclusions, 925 criminal actions, and 682 civil actions for matters such as false claims and civil monetary penalties.
Of particular interest to healthcare providers is the growth in the number of exclusions. RACmonitor took a look back at the historical record. Between 1977 to around 1982, there were only a handful of exclusions. But they have grown rapidly since. By 1991, OIG was excluding 1,000 providers per year. By 2001, that number had risen to around 2,800 per year. By the end of 2015, the OIG was running at an exclusion rate of around 3,800 per year, a little more than 15 providers per day.
One would assume that eventually this growth in exclusions will taper off, but for the time being, there seems to be nothing standing in the way of the trend continuing.
The OIG currently is branching out in several new directions. One important new effort is aimed at combating the growing heroin and prescription opioid crisis sweeping across the United States. Data from the Centers for Disease Control and Prevention (CDC) indicates that fatal overdoses from heroin have risen by more than 325 percent, and the addiction rate now is more than 2 per 1,000 persons. That adds up to 640,000 addicts across the country for heroin alone. There also is a severe problem with prescription opioids. From 1999 to 2010, they caused more than five times the number of deaths than cocaine and heroin overdoses combined. More than 82 percent of prescription opioid overdose deaths were unintentional. As a result, HHS has declared that prescription opioid overdose deaths constitute an epidemic.
To crack down on the overuse of opioid prescriptions, the OIG is joining a coalition including the FBI, DEA, and various state agencies. A pilot project is being launched in Massachusetts. The focus is going to be on prescriptions for hydrocodone, oxycodone, morphine, and codeine. The OIG already has prosecuted a number of cases in which providers take cash and blindly write prescriptions. It is going to increase audits in this area.
Although originally tasked with combating fraud and abuse in federal healthcare programs, we now will see the OIG assisting more actively in criminal prosecutions and coordinating more closely with state authorities. In other words, inspection and auditing powers are being used for social engineering. That’s a new role for the OIG.
The OIG also is sharpening its focus in other areas.
For example, in response to chronic problems in long-term care, the agency is pushing to set up a system of national background checks for all facility employees. This is based on section 6201 of the Patient Protection and Affordable Care Act. Long-term care facilities and providers in participating states must conduct state and national background checks on prospective employees, including a check of state abuse and neglect registries, state criminal history records, and national fingerprint-based criminal history records. For the time being, interested states can apply for participation and get matching federal funds for the work. The long-term goal is to have a nationwide program put into place.
Based on Section 502 of the Medicare Access and CHIP (Child Health Insurance Program) Reauthorization Act (MACRA) of 2015, the OIG has been directed “to establish procedures to ensure that Medicare payments are not furnished to … individuals not lawfully present in the United States.” It is foreseeable that providers eventually may be required to verify the immigration or nationality status of some individuals. It is unclear how this is going to be implemented, as are the penalties that will be assessed if the provider makes a mistake. What will happen in so-called sanctuary cities? This part of the Act also applies to incarcerated or deceased individuals. Since every law has its genesis in the real world, we can assume that there is a major problem of Medicare payments being made to dead people.
The OIG also is planning on getting much more involved in how states finance and run their healthcare programs. Many states finance some of their Medicaid spending by imposing taxes on healthcare providers. But there are federal rules (42 CFR §§ 433.55 & 433.68) that control the extent of state power in this area, and the rules must be followed for a state to continue taking advantage of medical assistance programs. These taxes must be broad-based and uniformly imposed. Another federal-state issue is how to run state Medicaid fraud control units. OIG is auditing these state units for compliance with federal regulations and policy. So this means that the OIG is auditing the states themselves and enforcing compliance with federal law. Look for some fireworks in these areas.
On another front, OIG’s Office of the National Coordinator for Health Information Technology will be taking a crack at the problem of inter-operability of health-related information systems. Auditing is focusing on whether provider information systems meet the standards for electronic health records. So apart from a provider getting its claims audited, now the specific format of computer-stored meta data concerning claims will be a new target.
My guess is that much of this auditing work eventually will be done by artificial intelligence that endlessly searches for problems throughout your information systems.
This post originally appeared in RACmonitor on February 15, 2016