A little orientation

Humana has produced a teaching video that is a great place to start in trying to understand Medicare. It’s three minutes well spent. Then there's Medicare's own video about "Medicare Alphabet Soup"...


Medicare is the largest payment source for healthcare in the U.S. covering over 47 million people at an annual cost of over $500 billion. The portion of the government charged with oversight for this spending is the Centers for Medicare and Medicaid Services (CMS) in the Department of Health and Human Services. CMS is located in Baltimore but offers a wide array of compliance and educational material for providers and beneficiaries through the web (cms.gov, medicare.gov), “open forum” conference calls , its own YouTube channel and Twitter account, training webinars, and the "Medicare Learning Network."

Processing of claims to the part A and part B (fee for service) Medicare programs is done by a series of contractors previously known as “carriers” and “fiscal intermediaries”, now called “Medicare Administrative Contractors” or “MACs”. Generally these companies process claims from all fee for service providers in a certain geographic area, although there are separate MACs for Durable Medical Equipment (DME), Home Health and Hospice claims. Part of the MAC Scope of Work includes training those submitting claims on program requirements. These contractors have a separate “Compliance Program Guidance” document that was issued by CMS in 2005.

Occasionally finding yourself lost in an all the acronyms related to Medicare? Check out the CMS Acronym Lookup Tool.


Medicare also has four Recovery Audit Contractors (RACs) who review paid fee for service claims (Part A and Part B) on a contingent fee basis to discover under and overpayment errors. Education is not part of the RAC Scope of Work. However, CMS is using RAC "findings" in its education materials like the Quarterly Provider Compliance Newsletter.

The Government Accounting Office spent some time in 2013 analyzing the different methods used by CMS for "postpayment review" of claims, finding that the differing schedules and procedures create an "administrative burden" for providers. The GAO report has a good outline of the various routes by which CMS "chases" potentially improper claims that is has already paid.

Minimum "Conditions of Coverage" "Conditions of Participation"

In addition to billing in the correct format(s) for the correct good or service under the correct circumstances, each provider and supplier of goods and services under the Program must agree to certain "conditions of participation" (COPs). These are different for different types of providers (Hospices vs. Hospitals, for example) and generally contain "acceptable quality" operating requirements such as the make-up of the governing board, contents and maintenance of the medical record, a process for protecting patient rights and another one for handling complaints / grievances. The EMTALA requirements are another example of such a condition.

Unlike the data mining and record review techniques used for assessing compliance with billing requirements, however, judging whether a provider has met its COPs generally requires visiting the facility, talking with staff, examining policies and procedures, etc. That takes people and rather than hire its own investigators CMS relies of two other types of organizations for information to judge if the COPs have been met or violated:

  • The first of these are the state survey and certification agencies that are already examining the providers for compliance with sometimes similar state requirements. CMS publishes detailed guidelines in its State Operations Manual, attempting to make a violation of a certain COP in one state match what's seen as a violation in another.

  • The second are private accreditation agencies that are paid by the provider to survey them against a set of standards, usually as a requirement for receiving third party insurance payments. Medicare "deems" passage of these privately funded surveys to indicate COP compliance, absent evidence to the contrary turning up as part of a "revalidation" or complaint triggered survey conducted by the state surveyors.

Failure to meet each and every COP requirement at all times can trigger a "notice of deficiency", "plan of correction" and resurvey process that can, but rarely does, end with termination of the provider's right to bill Medicare (and Medicaid) - a financial death knell for the organization.

Mandatory Medicare Compliance Programs

Since 2004 Medicare Advantage Plans (Part C) and the contractors administering the Part D drug plans must, as a condition of contracting, have “effective compliance programs” with certain features (See 42 CFR §422.503(b)(3)(vi) Part C ; 42 CFR §504(b)(vi) Part D). Their compliance with these requirements (and CMS’s oversight efforts) has been the subject of multiple reviews (past and planned for the future) by the DHHS OIG and the Government Accountability Office (GAO).

In November 2011 CMS published the final rule for its “Shared Savings” (aka Accountable Care) program – including certain “Compliance Plan” requirements for the organizations that choose to participate.

Regulations for mandatory Compliance and Ethics programs required by 2010's Patient Protection and Affordable Care Act are still under development, however in July 2015 CMS published a proposed Rule for nursing facilities and Skilled Nursing facilities describing:
  • an effective compliance and ethics program that would require facilities to use internal controls to more efficiently monitor adherence to applicable statutes, regulations, and program requirements to deter, reduce, and detect violations and promote quality of care for nursing home residents.
This required program would be memorialized as a new COP (42 CFR Sec. 483.85) and facilities would be subject to surveyor scrutiny of their compliance and ethics programs.

What's New With Medicare?

Medicare published a summary of its "Fraud Prevention Initiative" which describes a series of strategies intended to "strike a balance" between recovery of improper payments already made, enforcement, and still paying for the vast amount of healthcare that is properly delivered and billed for under the program.

Compliance Reviews -

Among those strategies are a series of "Compliance Reviews" of billing by particular hospitals. The Reviews are conducted by the Office of Audit Services in the DHHS OIG and have become highly targeted to specific billing areas and claims. The standard conclusion statement for these Reviews ("Overpayments occurred primarily because the Hospital did not have adequate controls to prevent the incorrect billing of Medicare claims and did not fully understand Medicare billing requirements") might mislead others to overlook their value. But the reports provide a good look at the list of billing issues that CMS has long identified as problematic and the hospitals' responses (included as an appendix to each report) often give great detail about the facility's processes for compliance in this area. This review of billing by Cedars Sinai provides a fairly extensive list of the both inpatient and outpatient "risk areas" OIG is focusing on in these reviews.

In April 2013 the OIG posted a Podcast on its website describing the process and progress of its Compliance Reviews of Acute Care Hospitals.

Data Mining - Another very visible strategy is the use of data mining techniques on Part A and Part B claims to identify both payment errors and potential signs of criminal activity. Here's the story of one such prosecution, but reports of new civil and criminal enforcement cases come out just about every day.

These techniques are also one of the reasons for the creation of the "CMS Program Integrity Command Center" to promote information sharing between data analysts within the programs, investigators and law enforcement types. There's even a video about the "Center" in which one of the presenters claims a sevenfold ROI for every dollar spent on anti-fraud efforts.

Another good example of data mining is this June 2013 report on the "questionable" prescribing habits of 700 (out of a million) providers using Part D records. As described in the report, it is the latest in a series of looks at Part D data for potential abuse in the form of medically unnecessary prescriptions.

"Partnership" - A different type of information sharing is at the heart of a public and private partnership announced in 2012 between federal and state officials and representatives from private health insurance carriers. In 2015 this effort is know as the Healthcare Fraud Prevention Partnership although there are few details about what it does on its website. This 2015 testimony by the Director of CMS's Center for Program Integrity has a few more details.

Billing Transparency - 2013 saw the lifting of a 33 year old injunction against disclose of payments from Medicare to individual physicians. In follow-up, CMS released a data set of all claims paid in calendar year 2012 in several formats through its website. The same website also provides information from hospital chargemasters.

Anyone Have A Question?

On a little known page of the CMS website the agency has a mechanism for allowing the public to submit questions - even anonymously - and receive a public response. The requester chooses from a list of topics , chooses whether or not to reveal their identity and then can type in a question free text or attach a file or both. There's even a mechanism for tracking the status of previously submitted questions. The number of FAQs varies by topic, which cover everything from physician self referral to billing and enrollment technicalities.

Those who prefer to do their own research about Medicare and Medicaid requirements may want to bookmark the UCLA law library's "Beginner's Guide to Medicare / Medicaid Research"

Medicare Resources on the Web:

Shared by Toolbox members:

  • < Click "edit" above and start typing here>