Face Challenges Confidently

Fraud and Abuse Landmines: What the ZPICs, Accrediting Organizations, NSC, and OIG Are Looking For

Thursday, August 24th, 2017



The HME industry is young. In its present form, it has been around for about 40 years. Compare this to physicians, hospitals and pharmacists who have been around for thousands of years. The industry grew up relatively unregulated. Government agencies did not know what we did. And then approximately seven years ago, it is as if CMS woke up one morning and asked: “Who are these people and why are we paying them money?” Added to this was bad publicity emanating from Operation Wheeler Dealer in Houston and blatant fraudulent schemes in South Florida. Another challenge is that few people with CMS and on Capitol Hill have ever set foot in an HME company. Young, healthy people go to physicians, hospitals and pharmacies. As a general rule, senior citizens (whose bodies break down as they age) use HME companies. The 28 year old legislative staffers and the 50-year-old CMS employees have had no reason to visit (much less understand) what an HME company does. As the government is famous for doing, it overreacted. In a relatively short time frame, the industry got hit with increased regulations, decreased reimbursement, competitive bidding, and aggressive post-payment audits and prepayment reviews.

The pendulum will eventually swing back towards the middle. Until that time, however, the HME industry will have to deal with intrusive government scrutiny and frequent headlines about the latest healthcare fraud takedown. What is interesting is that the demand for what the industry has to offer will only increase exponentially. There are 78 million baby boomers (people born between 1946 and 1964). They are retiring at the rate of 10,000 per day. The boomers will leave until they are 85 years old, their bodies will start breaking down at 70, they will expect a good quality of life until they die, and they will not want to live in a long term care facility……they will want to live at home. The mantra of health care cost containment will be to keep Medicare beneficiaries away from physicians and hospitals. The demand, then, for what HME suppliers have to offer will be huge. I call this the “irresistible force” (demand) meets the “immovable object” (Medicare is broke).

And so while we are in strange times, the future is bright for well-run, innovative HME suppliers. One of the biggest challenges facing suppliers today is preparing for and responding to post-payment audits and prepayment reviews. There is abundant contractor abuse in how the audits and reviews are being conducted. AAHomecare and industry stakeholders are working with CMS to correct these abuses. Nevertheless, audits and reviews will be a permanent part of the landscape.

Why is there such an increase in audits and reviews? Audits and reviews are money makers for the government. For every dollar expended by the government to chase a recoupment, the government recovers many more dollars. There is an increase in utilization of HME; this is to be expected in light of the “graying of America.” Generally speaking, HME is expensive. This, by itself, will capture the government’s attention. Contractor auditors are becoming more sophisticated in reviewing HME claims. It is a priority of CMS, the Department of Justice (“DOJ”), and the Office of Inspector General (“OIG”) to uncover and prevent fraud in the Medicare fee-for-service program. Health care providers (not just HME suppliers) have become the new bogey man to the government. The bogey men used to be “Big Oil”….then “Big Tobacco”….then “Big Pharma”…and now “fraudulent health care providers.” Recovering money from fraudulent health care providers makes for an easy sound bite for politicians. Health care providers are “low hanging fruit” for recoupment actions by the government.

As discussed in the next section, another large challenge for the HME supplier are the inquiries and investigations being conducted by HME MACs, RACs, CERTs, ZPICs, the NSC, and accrediting organizations.


Not too many years ago, an HME supplier was not vulnerable to scrutiny from many people/agencies. CMS contractors may have looked at some claims on a post-payment basis. An NSC inspector would show up every couple of years to make sure that a supplier’s hours were posted and the supplier had insurance. And in a worse-case scenario, which did not happen often, the DOJ and OIG would investigate the supplier. That was about it.

Now, the HME supplier is constantly being looked at from a variety of angles. HME MACs, RACs, CERTs and ZPICs are routinely looking at post-payment clams. HME MACs, and particularly ZPICs, are aggressively conducting prepayment reviews. The accrediting organizations (“AOs”) are being required by CMS to ask probing questions and report to CMS and the NSC any activities that the AOs believe are improper. The ZPICs are directing HME MACs to suspend payments when the ZPICs conclude that improper activities are occurring. In response to reports from the ZPICs, the NSC is suspending/revoking supplier numbers. When conducting post-payment audits, the HME MACs and ZPICs are asking questions that go far beyond whether the supplier has complete and accurate documentation. The NSC is aggressively conducting unannounced on-site inspections; in so doing, the NSC inspectors are asking questions that go beyond the rudimentary questions that have been posed in the past. Here are some examples:

  • A mail-order diabetic supplier had payments from all four HME MACs suspended because in a post-payment audit, the ZPIC concluded that the supplier’s file documentation was deficient.

  • An AO threatened to pull a supplier’s accreditation because the AO was critical of the supplier’s marketing practices. The AO informed CMS of the AO’s concerns and CMS jumped into the fray and looked at the supplier’s marketing practices.

  • The NSC suspended a supplier’s Part B supplier number as a result of being informed by a ZPIC that the supplier’s documentation was inadequate…… the NSC took the position that the inadequate documentation violated the supplier standards.

  • In conducting a post-payment audit, the ZPIC asked for names, addresses and phone numbers of the supplier’s marketing representatives, as well as information on the supplier’s relationship with those individuals and how they were compensated.

  • A DME MAC notified a supplier that the OIG had identified potential overpayments based on an OIG data brief and put the supplier on notice that the law requires it to report and refund any overpayments within sixty days of identifying the overpayment. The notice started the supplier’s window under the law to investigate the potential overpayments and refund any actual overpayments.

You get the picture. No matter which way the supplier turns, it will be staring down the figurative barrel of the gun held by the HME MACs, ZPICs, the NSC, its AO, and others.

Frankly, an enforcement action brought by a Medicare contractor…or the NSC…or an AO……is scarier than an action brought by the DOJ/OIG. Here is the reason why. Normally, it takes several years to resolve a DOJ/OIG investigation, and unless the supplier has been doing things that are blatantly fraudulent, then the resolution is normally reasonable. With a DOJ/OIG enforcement action, the supplier normally is able to keep its doors open. The same is often not true with an enforcement action brought by a HME MAC, ZPIC, the NSC or an AO. With the proverbial “flip of the switch,” the contractor/NSC/AO can cut off the supplier’s cash flow. Even if the supplier can later show that the actions by the contractor/NSC/AO were without merit, the supplier will long ago have been forced to close its doors.

So what does the supplier do? The steps that the supplier must take to reduce the chances of having its cash flow cut off are the following: (i) implement a formal corporate compliance program; (ii) conduct regular self-audits of patient files; (iii) have an outside consultant come in at least once a year to audit patient files; (iv) have a competent health care attorney review the supplier’s marketing practices and relationships with referral sources to determine if there are any kickback/Stark problems; and (v) be detail-oriented (to a point of almost being paranoid) regarding completeness and accuracy of patient files.

The Patient Protection and Affordable Care Act

The Senate Health Reform Bill, H.R. 3590, entitled the “Patient Protection and Affordable Care Act” (“Affordable Care Act”), was passed by the U.S. Senate on December 24, 2009. The House of Representatives passed the Senate Bill on March 22, 2010, and the President signed it into law on March 23, 2010. The following is a discussion of some of the most important provisions that are relevant to HME suppliers.

  • Sec. 6401 – Provider screening and other enrollment requirements for Medicare, Medicaid, and CHIP.

    • Offset Payments from Providers with Same Tax ID Number. The Secretary may adjust payments to a supplier that has the same tax ID number as a supplier that owes past-due obligations under Medicare, Medicaid, or CHIP, regardless of such supplier’s Medicare billing number or NPI.

      For example, assume that an HME company has three HME locations (each with a Part B supplier number), a sleep lab, and a home health agency. Assume these are divisions (“DBAs”) of the HME company; they are not separate subsidiary corporations. Assume that one of the HME locations ends up owing a substantial recoupment to CMS. In order to recover the recoupment, CMS may offset not only against the supplier number for the one HME location, but CMS may also offset against payments to be made under the other two HME supplier numbers, the sleep lab local carrier Part B number, and the home health agency provider number.

      The right given to DHHS to look at multiple supplier and provider numbers, under the same corporate entity, for offset is consistent with CMS’s goal of not allowing a company or individual to escape its/his obligations by “hiding” behind a separate supplier/provider number or corporate entity. For example, the Act states that suppliers enrolling or re-enrolling in Medicare, Medicaid, or CHIP will be subject to new disclosure requirements. Applicants will be required to disclose current or previous affiliations, directly or indirectly, with any supplier that owes money to a government program, has been excluded from participating in Federal health care programs, or has had billing privileges denied or revoked.

  • Sec. 6402. Enhanced Medicare and Medicaid program integrity provisions.

    • Reporting and Returning Overpayments. Any supplier that receives an overpayment must (i) report the overpayment to the Secretary, carrier, or other appropriate person and (ii) provide written notice of the reason for the overpayment. An overpayment must be reported and returned no later than 60 days after it is identified or the date of any corresponding cost report (if applicable). Retaining an overpayment after the deadline to report and refund makes the overpayment an “obligation” under the False Claims Act. Thus, failure to timely report and refund may result in significant penalties under the False Claims Act.

      Regulations later promulgated under this statutory provision state that suppliers must conduct reasonable diligence to determine if an overpayment exists once it receives credible information of a potential overpayment. The investigation must be completed in no more than six months from the date credible information was received.

    • Anti-Kickback Statute and False Claims Act. A claim that includes items or services resulting from a violation of the federal anti-kickback statute constitutes a false or fraudulent claim under the Civil False Claims Act (31 USC § 3729).

    • Surety Bonds. The Secretary must take into account the volume of billing for a HME supplier or home health agency when determining the size of the surety bond.

Legal Guidelines for Marketing

  1. Federal

    1. Statutes

      1. Federal Anti-Kickback Statute (42 U.S.C. § 1320a-7b) (“anti-kickback statute”)

        It is a felony for a person or entity to knowingly or willfully solicit or receive any remuneration in return for referring an individual for the furnishing or arranging for the furnishing of any item for which payment may be made under a federal health care program, or in return for purchasing, leasing or arranging for or recommending the purchasing or leasing of any item for which payment may be made under federal health care programs. Likewise, it is a felony for a person or entity to knowingly or willfully offer or pay any remuneration to induce a person to refer a person for the furnishing or arranging for the furnishing of any item for which payment may be made under a federal health care program, or the purchase or lease or the recommendation of the purchase or lease of any item for which payment may be made under a federal health care program.

        Many courts have adopted the “one purpose” test: if any purpose of a payment is to induce referrals, then the anti-kickback statute is violated, regardless of whether the payment is fair market value for other legitimate services provided. Among other exceptions and safe harbors, the prohibitions of the anti-kickback statute do not apply to any amount paid by an employer to an employee.

      2. Beneficiary Inducement Statute (42 U.S.C. § 1320a-7a (a)) (“inducement statute”)

        This statute imposes civil monetary penalties upon a person or entity that offers or gives remuneration to any Medicare beneficiary (or beneficiary under a state health care program) that the offeror knows, or should know, is likely to influence the recipient to order an item for which payment may be made under a federal or state health care program. In the preamble to the regulations implementing this provision, the OIG stated that the statute does not prohibit the giving of incentives that are of “nominal value.” The OIG defines “nominal value” as no more than $15.00 per item or $75.00 in the aggregate to any one beneficiary on an annual basis. “Nominal value” is based on the retail purchase price of the item.

      3. Anti-Solicitation Statute (42 U.S.C. § 1395m(a)(17))

        A supplier of a covered item may not contact a Medicare beneficiary by telephone regarding the furnishing of a covered item unless (i) the beneficiary has given written permission for the contact, or (ii) a supplier has previously provided the covered item to the beneficiary and the supplier is contacting the beneficiary regarding the covered item, or (iii) if the telephone contact is regarding the furnishing of the covered item other than an item already furnished to the beneficiary, the supplier has furnished at least one covered item to the beneficiary during the preceding 15 months.

      4. False Claims Act (31 U.S.C. § 3729)

        Any person or entity who knowingly presents to a federal health care program a fraudulent claim for payment, or knowingly uses a false record or statement to obtain payment from a federal program, is subject to civil monetary penalties. Penalties under the False Claims Act are adjusted annually and, for 2017, range between $10,957 and $21,916 per claim plus three times the actual amount of damages incurred.

      5. False, Fictitious or Fraudulent Claims (18 U.S.C. § 287)

        Whoever makes or presents to any person or officer in the civil military, or naval service of the United States, or to any department or agency thereof, any claim upon or against the United States, or any department or agency thereof, knowing such claim to be false, fictitious, or fraudulent, shall be imprisoned not more than five years and shall be subject to a fine in the amount provided in this title.

      6. Stark Law (42 U.S.C. § 1395nn)

        The “Stark” provisions of the Omnibus Budget Reconciliation Act of 1993, as amended, provide that if a physician has a financial relationship (compensation relationships or ownership/investment interests) with an entity providing designated health services (“DHS”), then the physician may not refer patients to the entity unless one of the statutory or regulatory exceptions applies. Designated health services include (i) durable medical equipment, (ii) parenteral and enteral nutrients, (iii) prosthetics, orthotics and prosthetic devices and supplies, and (iv) outpatient prescription drugs, among others. There are several exceptions to Stark, the applicability of which depends on the type of financial relationship between the parties.

    2. Safe Harbors – Anti-Kickback Statute

      Safe harbor regulations issued under the anti-kickback statute provide “bright line” tests defining arrangements that do not violate the statute. If a business arrangement clearly falls within a safe harbor, then it is not violative of the anti-kickback statute. If the arrangement does not clearly fall within a safe harbor, then it must be examined in light of the anti-kickback statute and related court decisions to determine if it violates the statute. Of the various safe harbors, five are particularly pertinent to suppliers.

      1. Small Investment Interests

        For investments in small entities, “remuneration” does not include a return on the investment if a number of standards are met, including the following: (i) no more than forty percent of the investment can be owned by persons who can generate business for or transact business with the entity, and (ii) no more than forty percent of the gross revenue may come from business generated by investors.

      2. Space Rental

        Remuneration does not include a lessee’s payment to a lessor as long as a number of standards are met, including the following: (i) the lease agreement must be in writing and signed by the parties, (ii) the lease must specify the premises covered by the lease, (iii) if the lease gives the lessee periodic access to the premises, then it must specify exactly the schedule, the intervals, the precise length, and the exact rent for each interval, (iv) the term must be for not less than one year, and (v) the aggregate rental charge must be set in advance, be consistent with fair market value, and must not take into account business generated between the lessor and the lessee.

      3. Equipment Rental

        Remuneration does not include any payment by a lessee of equipment to the lessor of equipment as long as a number of standards are met, including the following: (i) the lease agreement must be in writing and signed by the parties, (ii) the lease must specify the equipment, (iii) for equipment to be leased over periods of time, the lease must specify exactly the scheduled intervals, their precise length and exact rent for each interval, (iv) the term of the lease must be for not less than one year, and (v) the rent must be set in advance, be consistent with fair market value, and must not take into account any business generated between the lessor and the lessee.

      4. Personal Services and Management Contracts

        Remuneration does not include any payment made to an independent contractor as long as a number of standards are met, including the following: (i) the agreement must be in writing and signed by the parties, (ii) the agreement must specify the services to be provided, (iii) if the agreement provides for services on a sporadic or part-time basis, then it must specify exactly the scheduled intervals, their precise length and the exact charge for each interval, (iv) the term of the agreement must be for not less than one year, (v) the compensation must be set in advance, be consistent with fair market value, and must not take into account any business generated between the parties, and (vi) the services performed must not involve a business arrangement that violates any state or federal law.

      5. Employees

        Remuneration does not include any amount paid by an employer to an employee, who has a bona fide employment relationship with the employer, for employment in the furnishing of any item or service for which payment may be made, in whole or in part, under Medicare or under a state health care program.

    3. OIG Advisory Opinions – Anti-Kickback Statute

      A health care supplier may submit a request for an advisory opinion to the OIG concerning a business arrangement that the supplier has entered into or wishes to enter into in the future. In submitting the advisory opinion request, the supplier must give to the OIG specific facts. In response, the OIG will issue an advisory opinion concerning whether or not there is a likelihood that the arrangement will implicate the anti-kickback statute. Although advisory opinions may not be relied on by anyone except the requesting parties, they provide valuable insight into the OIG’s views on certain kinds of arrangements. Past advisory opinions are available online at http://oig.hhs.gov/fraud/advisoryopinions.html.

    4. CMS Advisory Opinions – Stark Law

      A health care supplier may submit a request for an advisory opinion to CMS concerning a business arrangement that the supplier has entered into or wishes to enter into in the future. In submitting the advisory opinion request, the supplier must give to CMS specific facts. In response, CMS will issue an advisory opinion concerning whether or not there is a violation of the Stark Law. Although advisory opinions may not be relied on by anyone except the requesting parties, they provide valuable insight into CMS’ views on certain kinds of arrangements. Past advisory opinions are available online at https://www.cms.gov/Medicare/Fraud-and-Abuse/PhysicianSelfReferral/advisory_opinions.html.

    5. OIG Special Fraud Alerts and Special Advisory Bulletins

      From time to time, the OIG publishes Special Fraud Alerts and Special Advisory Bulletins that discuss business arrangements that the OIG believes may be abusive, and educate the HME and pharmacy industries concerning fraudulent and/or abusive practices that the OIG has observed and is observing in the industry. These documents reflect the OIG’s opinions regarding the application of the fraud and abuse laws. Some of the Special Fraud Alerts and Special Advisory Bulletins relevant to suppliers include the following:

      1. Special Fraud Alert: Joint Venture Arrangements

        The OIG’s first Fraud Alert, issued in 1989, concerned joint venture arrangements between clinical laboratories, suppliers and other providers and their referral sources. In the 1980s, it was common for a supplier to enter into a partnership with a hospital or other entity to form a new supplier. The investors would invest little capital in the partnership, which would contract out substantially all of its operations to the HME investor. In the OIG’s view, these ventures were not legitimate businesses, but simply mechanisms to lock up referral streams and compensate referral sources for referring business, in violation of the anti-kickback statute. The Fraud Alert included a list of “questionable features” which could suggest an anti-kickback violation. Those questionable features included selection of investors on the basis of their ability to generate referrals; an investor engaged in the same line of business as the venture and acting as a subcontractor; and disproportionately large returns on small investments.

      2. Special Fraud Alert: Routine Waiver of Copayments or Deductibles under Medicare Part B

        In this Special Fraud Alert, the OIG stated that routine waiver of Medicare cost-sharing amounts “is unlawful because it results in (1) false claims, (2) violations of the anti-kickback statute, and (3) excessive utilization of items and services paid for by Medicare.” It listed some “suspect marketing practices” including advertisements stating “Medicare Accepted As Payment in Full” or “No Out-Of-Pocket Expense;” routine use of “financial hardship” forms with no good faith attempt to determine the beneficiary’s actual financial condition; and collection of copayments and deductibles only from beneficiaries who have Medicare supplemental insurance. Waiver of copayments is a significant issue for suppliers of high-cost HME, particularly power wheelchairs and scooters, because high copayments (approximately $1000.00 in the case of a K0011 power wheelchair) are a major disincentive to potential customers.

      3. OIG’s April 2003 Special Advisory Bulletin: Contractual Joint Ventures

        In April 2003, the OIG published a Special Advisory Bulletin entitled “Contractual Joint Ventures.” The Advisory Bulletin focuses on a situation where a health care supplier in one line of business (“Owner”) expands into a related line of business by contracting with an existing supplier (“Manager”). The Owner’s line of business is to provide new products to the Owner’s existing patient base. The Manager not only manages the new line of products, but also supplies the Owner with inventory, employees, physical space, billing and other services. In essence, the Owner contracts out substantially the entire operation to the Manager and the Owner pockets the profits from this new line of business. These ventures are very similar to those described in the 1989 Special Fraud Alert, except that the supplier does not own equity in the venture.

        According to the bulletin, the practical effect of the relationship between the Owner and the Manager is for the Owner to have the opportunity to bill for business that is, in reality, provided by either the Manager or by a “joint venture” formed by the Owner and Manager. According to the bulletin, the OIG looks at this type of arrangement as nothing more than a kickback, with remuneration (in form of profits retained by the Owner) flowing back to the Owner.

        Therefore, if a supplier desires to open up a mail order respiratory pharmacy, then it must assume financial risk and operational responsibilities in operating the pharmacy, Likewise, if a hospital contracts with a supplier for management services for the hospital’s HME operation, then while the supplier can provide certain management and administrative services, the financial risk and operational responsibilities of the HME operation must be borne by the hospital.

      4. Special Fraud Alert: Rental of Space in Physician Offices by Persons or Entities to Which Physicians Refer

        A number of suppliers rent space in the offices of physicians or other practitioners. The OIG is concerned that in such arrangements, the rental payments may be disguised kickbacks to the physician in violation of the anti-kickback statute. One of the specific concerns of the OIG is “consignment closet” arrangements between suppliers and physicians. It is common for suppliers to place certain items of equipment and supplies in physicians’ offices for the convenience of physicians and patients. If a patient needs crutches, for example, the physician can dispense the crutches at the time of the office visit. The physician’s office then informs the supplier, which bills for the crutches and replenishes the consignment closet inventory. These arrangements serve a legitimate purpose, but in the past some suppliers paid excessive amounts of rent to the physicians for the space used to store the consignment inventory, as a way of disguising payments for referrals.

        The questionable features of suspect rental arrangements for space in physicians’ offices may be reflected in three areas: (1) the appropriateness of rental agreements; (2) the rental amounts; and (3) time and space considerations. Separately or together, specific details of these arrangements may result in an arrangement that violates the anti-kickback statute, and proposed arrangements should be scrutinized individually.

      5. Offering Gifts and Other Inducements to Beneficiaries

        A person who offers or transfers to a Medicare or Medicaid beneficiary any remuneration that the person knows or should know is likely to influence the beneficiary’s selection of a particular provider, practitioner, or supplier of Medicare or Medicaid payable items or services may be liable for civil money penalties. The statute and implementing regulations contain a limited number of exceptions.

        Unless a supplier’s practices fit within an exception or are the subject of a favorable advisory opinion, any gifts or free services to beneficiaries should not exceed $15 per item and $75 annually.

      6. Telemarketing by Medical Equipment Suppliers

        The Anti-Solicitation Statute prohibits HME suppliers from making unsolicited telephone calls to Medicare beneficiaries regarding the furnishing of a covered item, except in three specific situations. Those are if: (i) the beneficiary has given written permission to the supplier to make contact by telephone; (ii) the contact is regarding a covered item the supplier has already furnished the beneficiary; or (iii) the supplier has furnished at least one covered item to the beneficiary during the preceding fifteen months. The statute also specifically prohibits payment to a supplier that knowingly submits a claim generated pursuant to a prohibited telephone solicitation. Accordingly, such claims for payment are false and violators are potentially subject to criminal, civil, and administrative penalties, including exclusion from federal health care programs.

        Suppliers cannot do indirectly that which they are prohibited from doing directly. A supplier is responsible for verifying that marketing activities performed by third parties with whom the supplier contracts or otherwise does business do not involve prohibited activity and that information purchased from such third parties was neither obtained, nor derived, from prohibited activity. If a claim for payment is submitted for items or services generated by a prohibited solicitation, both the supplier and the telemarketer are potentially liable for criminal, civil, and administrative penalties for causing the filing of a false claim.

        Special Fraud Alerts and Special Advisory Bulletins are available online at http://oig.hhs.gov/fraud/fraudalerts.html.

    6. Supplier Standards

      1. Supplier Standard No. 1.

        An HME supplier must operate its business in compliance with applicable federal and state statutory and regulatory requirements.

      2. Supplier Standard No. 11

        An HME supplier may not directly solicit a Medicare beneficiary. A supplier may call a beneficiary only if one of the following exceptions applies: (1) the beneficiary has given written permission; or (ii) the supplier has furnished a Medicare-covered item to the beneficiary and the supplier is contacting the beneficiary to coordinate delivery of the item.

  2. States

    All states have enacted statutes prohibiting kickbacks fee splitting, patient brokering, or self-referrals. Some statutes refer to definitions and standards found in the federal statutes while others are materially different. Some state statutes apply only when the payor is a state health care program, while other statutes apply regardless of the identity of the payor.

    Texas has an anti-solicitation/anti-kickback statute that applies regardless of payor. Tex. Occ. Code § 102.001(a) provides in relevant part:

    A person commits an offense if the person knowingly offers to pay or agrees to accept, directly or indirectly, overtly or covertly any remuneration in cash or in kind to or from another for securing or soliciting a patient or patronage for or from a person licensed, certified, or registered by a state health care regulatory agency.

    The above statute adopts the exceptions and safe harbors to the federal anti-kickback statute. Tex. Occ. Code § 102.003 provides:

    Section 102.001 permits any payment, business arrangement, or payment practice permitted by 42 U.S.C. Section 1320a-7b(b) or any regulation adopted under that law.

    In addition, Texas also has an anti-kickback statute that applies only to referrals for items or services covered by the Texas Medicaid program. Tex Hum. Res. Code § 32.039 provides, in relevant part:

    1. (a) In this section:

      1. (1-a) “Inducement” includes a service, cash in any amount, entertainment, or any item of value.

    2. (b) A person commits a violation if the person…

      1. (1-a) engages in conduct that violates Section 102.001, Occupations Code [the Texas anti-kickback/anti-solicitation statute];

      2. (1-b) solicits or receives, directly or indirectly, overtly or covertly any remuneration, including any kickback, bribe, or rebate, in cash or in kind for referring an individual to a person for the furnishing of, or for arranging the furnishing of, any item or service for which payment may be made, in whole or in part, under the medical assistance program, provided that this subdivision does not prohibit the referral of a patient to another practitioner within a multispecialty group or university medical services research and development plan (practice plan) for medically necessary services;

      3. (1-c) solicits or receives, directly or indirectly, overtly or covertly any remuneration, including any kickback, bribe, or rebate, in cash or in kind for purchasing, leasing, or ordering, or arranging for or recommending the purchasing, leasing, or ordering of, any good, facility, service, or item for which payment may be made, in whole or in part, under the medical assistance program;

      4. (1-d) offers or pays, directly or indirectly, overtly or covertly any remuneration, including any kickback, bribe, or rebate, in cash or in kind to induce a person to refer an individual to another person for the furnishing of, or for arranging the furnishing of, any item or service for which payment may be made, in whole or in part, under the medical assistance program, provided that this subdivision does not prohibit the referral of a patient to another practitioner within a multispecialty group or university medical services research and development plan (practice plan) for medically necessary services;

      5. (1-e) offers or pays, directly or indirectly, overtly or covertly any remuneration, including any kickback, bribe, or rebate, in cash or in kind to induce a person to purchase, lease, or order, or arrange for or recommend the purchase, lease, or order of, any good, facility, service, or item for which payment may be made, in whole or in part, under the medical assistance program;

      6. (1-f) provides, offers, or receives an inducement in a manner or for a purpose not otherwise prohibited by this section or Section 102.001, Occupations Code [the Texas anti-kickback/anti-solicitation statute], to or from a person, including a recipient, supplier, employee or agent of a supplier, third-party vendor, or public servant, for the purpose of influencing or being influenced in a decision regarding: (A) selection of a supplier or receipt of a good or service under the medical assistance program; (B) the use of goods or services provided under the medical assistance program; or (C) the inclusion or exclusion of goods or services available under the medical assistance program.

    For comparison, the state of New Jersey has only one anti-kickback statute, and the statute applies only to referrals for items or services covered by the state Medicaid program. N.J. Stat. Ann. § 30:4D-17 (1968) provides, in relevant part:

    1. (c) Any provider, or any person, firm, partnership, corporation or entity who solicits, offers, or receives any kickback, rebate or bribe in connection with:

    2. (1) The furnishing of items or services for which payment is or may be made in whole or in part under [Medicaid]; or

    3. (2) The furnishing of items or services whose cost is or may be reported in whole or in part in order to obtain benefits or payments under [Medicaid]; or

    4. (3) The receipt of any benefit or payment under this act, is guilty of a crime of the third degree, provided, however, that the presumption of nonimprisonment set forth in subsection e. of N.J.S.2C:44-1 for persons who have not previously been convicted of an offense shall not apply to a person who is convicted under the provisions of this subchapter.

    This subsection shall not apply to (A) a discount or other reduction in price . . . if the reduction in price is properly disclosed and appropriately reflected in the costs claimed or charges made . . . ; and (B) any amount paid by an employer to an employee who has a bona fide employment relationship with such employer for employment in the provision of covered items or services.

Use of Employees and Independent Contractors

It is acceptable for a supplier to pay commissions, bonuses and other production-based compensation to bona fide full-time and part-time employees who market the company’s products and services. There is a specific exception to the anti-kickback statute for payments to bona fide employees. Likewise, there is an safe harbor that provides that payments to a bona fide employee do not constitute illegal remuneration in violation of the anti-kickback statute. Normally, marketing through a bona fide employee is acceptable under state statutes. The reasoning behind this exception and safe harbor is that an employer has the duty to train, control and supervise its employees. In addition, under the doctrine of respondeat superior, an employer is liable for the acts of its employees that are conducted within the course and scope of the employees’ employment. As a result, the employer is motivated to exercise control over its marketing employees.

It is critical that the employee be a “bona fide” employee as opposed to being a “sham” employee. The IRS has published extensive guidance and factors to be considered in determining whether a person is an employee or an independent contractor. In scrutinizing whether a person is an employee versus an independent contractor, the government will look at “substance over form.” For example, if an HME company has a written employment agreement with a person, withholds taxes and Social Security from the person’s paycheck, and issues a W2 to the person, such factors by themselves do not establish an employment relationship. Other important factors are whether the employer is supervising, training and controlling the employee. Therefore, if the company calls a person an employee and pays the person as if he or she is an employee, but otherwise treats the employee as if he or she is an independent contractor, then the government will likely conclude that the person is an independent contractor.

If a supplier pays commissions, bonuses and other production-based compensation to an independent contractor to market to federal healthcare program beneficiaries, then the anti-kickback statute will likely be violated. The only possible mechanism for a supplier to pay an independent contractor (a person who receives a 1099) for marketing to federal healthcare program beneficiaries is for the company to pay a fixed annual fee to the contractor that is the fair market value equivalent of the person’s efforts, not his or her results. In other words, the relationship with the independent contractor needs to fall within the guidelines of the personal services and management contracts safe harbor.

Assume that the independent contractor wishes to market only to commercial/cash-paying patients. This is acceptable unless applicable state law says otherwise.

Employee Liaison

A supplier may designate an employee to be on the hospital/physician office premises for a certain number of hours each week. The employee may educate the hospital/physician staff regarding home health services or medical equipment (to be used in the home) and related services. The employee may also work with a patient after a referral is made to the supplier (but before the patient is discharged/leaves the physician’s office), in order for there to be a smooth transition when the patient goes home. The employee liaison may not assume responsibilities that the hospital/physician is required to fulfill. Doing so would save the hospital/physician money, which will likely constitute a violation of the federal anti-kickback statute. However, in setting up such a relationship, the supplier must be careful that the presence of the employee liaison does not violate the Medicare Supplier Standards. The NSC may take the position that, if patients reasonably expect to receive services from the supplier at the location and/or if the employee liaison is present during set hours, the physician’s office or hospital is a “location” of the supplier that should be enrolled in the Medicare program.

Medical Director Agreement

A supplier can enter into an independent contractor Medical Director Agreement (“MDA”) with a physician, even if the physician is a referral source. The MDA must comply with the (i) personal services and management contracts safe harbor to the federal anti-kickback statute, and (ii) the personal services exception to the Stark Law. Among other requirements:

  • The MDA must be in writing and must have a term of at least one year;

  • The compensation to the physician must be fixed a year in advance and it must be the fair market equivalent of the actual services rendered;

  • The physician must render actual, necessary and substantive services to the HME company/pharmacy; and

  • The compensation paid by the HME company/pharmacy to the physician cannot take into account the volume or value of business generated.

Purchase of Internet Leads

In order to cut marketing expenses, an increasing number of HME companies are cutting back on “sending sales reps into the field” and are focusing on purchasing leads. Basically, what this means is that a lead generation company (“ABC”) compiles a list of names, addresses, phone numbers, and other information about individuals who have expressed an interest in a particular product line (e.g., diabetic supplies). Some of the prospective customers are covered by Medicare, while others are covered by commercial insurance. ABC sells the list to XYZ Medical; XYZ, in turn, calls the names on the list. The compensation paid by XYZ to ABC may be on a “per lead” basis (e.g., $10 per name) or may be on a “flat fee” basis.

To obtain these leads, ABC may manage a number of websites that can be reviewed by prospective customers. A prospective customer can type in his/her name and contact information and check a box indicating the prospective customer’s consent to be called by a HME company. Prospective customers can “cut out, sign and mail” to ABC forms out of newspapers, magazines and direct mail pieces that contain the prospective customer’s name and contact information and gives the prospective customer’s consent to be called by a HME company. Prospective customers can call ABC on a toll-free telephone number in response to television, internet, radio and print ads. ABC can purchase lists of leads from other companies that acquire leads.

On November 5, 2008, the OIG issued Advisory Opinion 08-19 discussing internet leads in the context of the anti-kickback statute. The proposed arrangement involved one or more websites to which patients interested in chiropractic services would enter their zip code. The website would then display assigned phone numbers and e-mail addresses of chiropractors within the zip code indicated. When the patient calls the phone number or sends an e-mail, the call or e-mail is routed to the listed chiropractor (and electronically tracked by the advertiser). The advertiser is paid a “per lead” fee based on the routed call or e-mail. In the Opinion, the OIG indicated that it would not seek enforcement action against the parties for the arrangement proposed in the Opinion. We highlight some of the factors that were important to the OIG’s decision. First, the advertiser in the Opinion did not collect “health care information” on the potential patient. Second, the arrangement in the Opinion passively routed calls/e-mails initiated by the lead. Third, the arrangement in the Opinion did not actively “steer” patients to a particular supplier.

Looking at the anti-kickback statute and the Advisory Opinion together, it appears that the OIG is comfortable with a HME company paying compensation, on a per lead basis, for what we call “unqualified” leads. Generally, an unqualified lead will consist of name, address, phone number, and the prospective customer’s interest in talking to the HME company about its products. An “unqualified” lead will start moving into the “qualified” category as ABC gathers specific information from the prospective customer, such as (i) age; (ii) third-party insurance coverage; (iii) diagnosis of illness/disability; (iv) products/equipment currently being used; (v) treating physician’s name; (vi) et cetera. While the purchase of an unqualified (or “raw”) lead is exactly what it is…the purchase of a lead, the purchase of a qualified lead can likely be construed as the payment for a “referral.” The percentage chance of an unqualified lead becoming a paying customer of the HME company will be low; conversely, the percentage chance of a qualified lead becoming a paying customer will be much higher. Note that a HME company can likely purchase qualified leads from ABC if the arrangement meets the requirements of the personal services and management contracts safe harbor to the anti-kickback statute. Among other requirements, the compensation must be fixed one year in advance (e.g., $50,000 over the next 12 months), the compensation must be the fair market value equivalent of ABC’s services, and the compensation cannot take into account the volume of referrals to be generated by ABC.

The arrangement also needs to be examined within the context the Anti-Solicitation Statute if telephone calls are made to Medicare beneficiaries. In the lead generation scenario, and for Medicare beneficiaries, the only potentially applicable exception to the Anti-Solicitation Statute is if the beneficiary has given written permission for the telephone call.

The question, therefore, is whether the HME company has “written permission” to call the lead. If the prospective customer checks a box on a web page that clearly shows his/her consent to be called (not just “contacted”) by the HME company that ends up calling the prospective customer and it is clear that the customer intended to be bound by checking the box like it was his/her signature, then a credible argument can be made that the prospective customer’s “electronic signature” complies with the federal Electronic Signatures in Global and National Commerce Act and, as a result, constitutes “written permission” under the Anti-Solicitation Statute. Likewise, if a prospective customer calls a toll-free number and, over the phone, consents to be called by a HME company that ends up calling the prospective customer, then it is unlikely that the government will assert that the Anti-Solicitation Statute is violated. The prudent course of action will be for the phone calls to be recorded.

The arrangement also needs to be examined within the context of the Health Insurance Portability and Accountability Act of 1996, 42 U.S.C. § 1320d, and the corresponding regulations contained in title 45, Code of Federal Regulations, parts 160 and 164 (collectively “HIPAA”). A HME company is likely subject to the requirements of HIPAA. HIPAA prohibits the use or disclosure of protected health information (“PHI”) that is not specifically permitted or required by HIPAA. PHI includes information that is created or received by a health care provider (such as a HME company) that –

  1. (2) Relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual; and

    1. (i) That identifies the individual; or

    2. (ii) With respect to which there is a reasonable basis to believe the information can be used to identify the individual.

  2. 45 C.F.R. § 164.103.

This definition would encompass patient identifiers and contact information for a lead, as well as the information that relates to the lead’s interest in HME. Therefore, the HME company’s use of the information is subject to HIPAA.

HIPAA defines “marketing” to include “a communication about a product or service that encourages recipients of the communication to purchase or use the product or service.” 42 C.F.R. § 164.501. HIPAA generally, subject to certain exceptions, prohibits use of PHI for marketing, unless the covered entity obtains a valid HIPAA authorization from the potential customer prior to making such communication.

The contract between ABC and the HME company should include the following: (i) ABC represents that leads it obtains on its own properly gave their consent to be called by the HME company; (ii) the HME company has the right to audit ABC’s operations to ascertain if the leads properly gave their consent to be called by the HME company and ABC is using the script approved by the HME company; and (iii) ABC indemnifies the HME company against any claims made against the HME company on the basis that a lead did not give his/her consent to be called.

Steps to Reduce the Risk of Being Subjected to an Audit or Investigation

Effective Corporate Compliance Program

The OIG has repeatedly stressed the importance of compliance programs by issuing guidance to various provider and supplier types concerning the implementation of compliance programs. The OIG’s compliance program guidance for the HME industry was issued in June of 1999. According to this guidance, the OIG stated:

Compliance efforts are designed to establish a culture within a DMEPOS supplier that promotes prevention, detection, and instances of resolution of conduct that do not conform to federal and state law, and federal, state and private payor heath care program requirements, as well as the DMEPOS supplier’s ethical and business policies. In practice, the compliance program should effectively articulate and demonstrate the DMEPOS supplier’s commitment to ethical conduct. Benchmarks that demonstrate implementation and achievements are essential to any effective compliance program. Eventually, a compliance program should be part of the fabric of routine DMEPOS supplier operations.

This language helps to highlight the importance that the OIG places on implementation of compliance programs and the role such a program plays in a HME company’s operation. However, merely purchasing compliance policies is not enough. According to the OIG:

Implementing an effective compliance program requires a substantial commitment of time, energy, and resources by senior management and by the DMEPOS supplier’s governing body. Superficial programs that simply have the appearance of compliance without being wholeheartedly adopted and implemented by the DMEPOS supplier or programs that are hastily constructed and implemented without appropriate on-going monitoring will likely be ineffective and could expose the DMEPOS supplier to greater liability than no program at all.

In addition, the OIG worked with the Healthcare Compliance Association to publish a guide regarding the effectiveness of compliance programs. The guide, Measuring Compliance Program Effectiveness: A Resource Guide, was published in early 2017. This guide is important to HME suppliers looking to evaluate their own compliance programs. It will also help suppliers respond to inquiries from OIG, DOJ, et cetera and be able to demonstrate the effectiveness of their compliance programs.

Why Implement a Compliance Program

Many companies wonder why compliance programs are important to their operation. The short answer is that Section 6401 of the Affordable Care Act requires it (although a deadline for implementation of the requirement has not been set). Additionally, the OIG has long promoted the importance of a corporate compliance program. Finally, the quality standards for suppliers of durable medical equipment, prosthetics or products and supplies issued on August 14, 2006 state:

The supplier shall implement business practices to prevent and control fraud, waste and abuse by:

  • Using procedures that articulate standards of conduct to ensure the organization’s compliance with applicable laws and regulations; and

  • Designating one or more individuals in leadership position to address compliance issues.

The bottom line is a company must have a commitment to establishing practices to prevent and control fraud, waste and abuse.

In addition to the requirements of the final quality standards, there are several other reasons that corporate compliance programs are beneficial to HME suppliers. The following are ten reasons that HME suppliers should implement a compliance program: (1) adopting a compliance program concretely demonstrates to the community at large that a supplier has a strong commitment to honesty and responsible corporate citizenship; (2) compliance programs reinforce employees’ innate sense of right and wrong; (3) an effective compliance program helps a supplier fulfill its legal duty to government and private payors; (4) compliance programs are cost effective; (5) a compliance program provides a more accurate view of employee and contractor behavior relating to fraud and abuse; (6) the quality of care provided to patients is enhanced by an effective compliance program; (7) a compliance program provides procedures to promptly correct misconduct; (8) an effective compliance program may mitigate any sanction imposed by the government; (9) voluntarily implementing a compliance program is preferable to waiting for the OIG to impose a corporate integrity agreement; (10) effective corporate compliance programs may protect corporate directors from personal liability.

Compliance Obstacles

Making the decision to implement a corporate compliance program is only the first step. There are many factors that can complicate a company’s attempt to implement an effective compliance program. Following are ten obstacles that suppliers may face in implementing effective compliance programs: (1) creating buy-in and enthusiasm; (2) changing past behavior (eliminating the ‘we’ve always done it this way’ syndrome); (3) lack of or poor communication; (4) too many roles for compliance officer; (5) not enough financial support; (6) integrating compliance with other systems; (7) overcoming fear of retaliation/retribution; (8) finding qualified people; (9) lack of procedures; (10) education and training.

In dealing with corporate compliance program implementation issues in the HME industry, by far the most difficult obstacle to overcome is creating buy-in and enthusiasm. The first hurdle in creating a compliance program for any entity is obtaining an organizational commitment to compliance.

How a Corporate Compliance Program Should Be Structured

The OIG’s compliance guidelines for HME suppliers lists seven required elements of an effective compliance program.

  1. Written Policies and Procedures.

  2. Designation of a Compliance Officer and Compliance Committee.

  3. Conducting Effective Training and Education.

  4. Developing Effective Lines of Communication.

  5. Enforcement of Disciplinary Standards.

  6. Auditing and Monitoring.

  7. Response to Offenses and Corrective Action.

It is important to note that in order to be deemed “effective,” the compliance program must be something more than a set of documents that simply restate these seven elements. These seven basic elements must be specifically implemented by the organization and be designed to address past, existing and future activities of the organization.

Identifying Risk Areas

It is not enough for suppliers to implement policies and procedures generally geared at educating staff and identifying potential regulatory and statutory violations. The organization is required to implement policies and procedures targeted at specific risk areas of concern to the individual company. In its guidance to HME suppliers regarding compliance programs, the OIG listed specific areas of concern for HME suppliers, which include: billing for items or services not provided; billing for services that the supplier believes may be denied; billing patients for denied charges without a signed written notice; duplicate billing; billing for items or services not ordered; using a billing agent whose compensation arrangement violates the reassignment rule; upcoding; unbundling items or supplies; billing for new equipment and providing used equipment; continuing to bill for rental items after they are no longer medically necessary; resubmission of denied claims with different information in an attempt to be improperly reimbursed; refusing to submit a claim to Medicare for which payment is made on a reasonable charge or fee schedule basis; and the list goes on and on.

Compliance Program Follow-Up

Once the corporate compliance program is implemented, the supplier must continue to take steps on an on-going basis to ensure that the plan remains effective.

Compliance Plan Updating

In reviewing a corporate compliance program to determine if it requires updating, some of the questions to be asked include:

  • What was the date of implementation of the corporate compliance program?

  • When was the compliance program last updated?

  • Has the supplier’s scope of practice or management personal changed since implementation of the compliance plan?

  • Is the company following its obligations under the corporate compliance program, including to continually train its employees?

  • Is the corporate compliance officer in tune with regulatory changes in the health care industry?

Responding to an Audit

Steps to Take Prior to Being the Subject of an Audit

The first step any supplier should take is to verify that each patient file contains the documentation explicitly required by Medicare rules. Items that should be in every supplier’s patient files include a written order from the physician (documenting a face to face evaluation, if required), an intake form that records applicable diseases and conditions, including the ICD-10 codes for those diseases or conditions, signed delivery tickets, any specifically required additional documents (such as a Certificate of Medical Necessity) evidence of periodic re-evaluation of medical necessity, and detailed notes of every interaction with the patient or the patient’s family, whether in person, by telephone or by other means. It is prudent for suppliers to develop a checklist of the documents required for various types of equipment and to keep the checklist in patient files.

Second, it is imperative that suppliers insure that the documents are valid on their face. Review documents to insure that “white-out” is not used. Verify that there are no erasures or attempts to change or correct numerals or other critical information.

Third, suppliers should be detailed and careful in their evaluations of the patient’s current and potential functional abilities and prognosis and how the equipment will address those issues. Fourth, suppliers should verify that all of the documentation supports medical necessity and that the documentation is internally consistent.

  • So where does this leave a HME supplier?

  • First, the supplier needs to insure that its documentation is extensive. Document everything. Remember the 5 Ws of journalism: who, where, what, when, and why. Write down exactly who did what to whom, when and why. Note the patient’s statements about his or her diseases/conditions and activities and how the equipment will affect the patient’s diseases/conditions or those activities of daily living. Note family member comments. Add detail to any descriptions of activities of daily living. Note whether the public transportation is readily accessible to handicapped individuals. State if the patient lives in a rural area without paved roads.
  • Second, the supplier needs to continually document its relationship with the patient. The supplier’s recollection of the patient’s abilities a year or two after seeing the patient will not help when a medical reviewer looks in the file for documentation contemporaneous with the time the service was provided.
  • Third, the supplier should seriously consider involving other allied health professionals.
  • Fourth, the supplier should work with and keep in contact with its patients. In audits, a government agency may perform telephone interviews with beneficiaries about their equipment. The supplier should educate its patients about proper care of the equipment. Document the education process. And don’t stop there. Call the patient shortly after providing the equipment to see how the patient is faring with the device. Offer to make minor adjustments or retraining, if necessary, and document such intervention. Then call periodically afterward to see if the item is still being used by the patient. Nothing will cause an overpayment request faster than a patient telling an interviewer that he or she has not used a particular piece of equipment because “it is too cumbersome” or “it just didn’t fit right and I quit using it.”
  • Finally, the supplier should educate its physicians. In any audit, the government agency will ask for verification of medical necessity, usually in the form of copies of progress notes. Physicians must understand their obligation to respond (and respond promptly) to an agency letter requesting copies of patient charts. Failure of a physician to respond to an agency information request will result in that claim being denied.

Self Audits

Why Perform a Self-Audit?

Self-auditing has many advantages and very few disadvantages. One of the primary advantages, if the supplier has a corporate compliance program, is to provide evidence that the corporate compliance program is effective. This is important because an effective corporate compliance program can greatly reduce any fines or penalties that might result from a government investigation. An effective corporate compliance program may also result in the government not requiring the supplier to enter into a corporate integrity agreement as part of a settlement resulting from an investigation.

Why Perform a Self-Audit?

An effective internal audit process will become part of what the supplier does. It will become as much part of the daily, weekly or monthly tasks as filing or working denials.


An effective audit procedure takes place periodically. The exact period does not matter so much as that an audit happens at defined time intervals. Those intervals may be a week, a month, a quarter, or any other interval that makes sense for the supplier. At the very least, audits should be performed annually.

Also, note that how often self-audits occur is influenced by and, in turn, influences the scope of the audit. In other words, if the supplier only audits once per year, the audit will most likely have a large sample size. On the other hand, if audits are performed monthly, the number of items audited each month may be smaller.

More frequent audits also have the advantage of allowing a supplier to more quickly find and correct problems in the flow of paperwork. This leads to earlier preventive measures, such as additional training of employees that can help prevent a pattern of continued problems and the ability to minimize overpayment amounts that have to be reported and refunded.

Eventually cover all areas of exposure

Whether the audits are monthly, quarterly, or annually, the audits should address all risk areas for the supplier. For example, if the supplier is auditing monthly, the first month may audit completeness of physician’s orders. The second month’s audit may check for the existence of properly completed delivery tickets. The third month’s audit may look into proper use of modifiers. One way to ensure that all risk areas are audited is to develop checklists both for the audit topics or areas and the specific areas addressed in each audit.

Individuals held accountable

Individuals should be held accountable both for the performance of the audits and for implementing any changes that result from the audits. In other words, performing audits should be a part of a manager’s job description, and performance and overall results of audits should be an element in the manager’s annual review. Likewise, individual staff members should have as an element of their job descriptions and performance reviews the timely and thorough completion of any audits assigned to them.

Documentation of the audit

Proper documentation of the audit must be maintained. The documentation must include the specific risk areas the audit addressed, the individuals performing the audit, the time frame of the audit, a description of the sample selected for auditing, a copy of the audit tool, the results of the audit, recommendations for changes to policies and procedures, specific changes that were, in fact, implemented as a result of the audit, and finally a subsequent re-audit to verify that the changes in policies and procedures took root. All of this documentation should be kept not only in the affected department (such as billing or the warehouse), but also with the corporate compliance plan materials for easy access in case of government inquiries.

Specific Self-Audit Areas and Procedures

Below is a list of specific types of audit procedures a supplier may consider conducting. Be aware that this list is by no means complete. The list should serve as a beginning point in developing the supplier’s own audit plan. In addition, each supplier has its own risk areas and risk factors that should be addressed.

  1. Review denials to determine if there are any patterns to the denials. For example, does the supplier have a large number of denials for non-covered items?

  2. Review the supplier’s accounts receivable history. Does the supplier have a significant number of days’ sales outstanding? This is an indicator that the documentation supporting claims is probably deficient.

  3. Review the OIG’s annual workplan. The workplan is available on the Internet and details where the OIG will be placing its enforcement efforts during that fiscal year. Because the OIG’s projects usually span several years, the workplans for previous years also provide useful information.

  4. Review recent reports published by the DME MACs and the relevant state Medicaid program(s).

  5. Review the results of Medicare hearings, appeals, and reviews. These will often pinpoint, with laser-like specificity, any problems in the supplier’s underlying medical necessity documentation.

  6. Verify that the supplier’s employees and vendors do not appear on the OIG’s list of excluded individuals upon hire/engagement and regularly thereafter.

  7. Test various employees (especially billing personnel) to verify their knowledge of correct procedures. Perform a quick 10 question quiz. If the results demonstrate a need for improvement, conduct a training session. About a month after the training session, retest the individuals.

  8. Review the audits conducted and develop statistics. How many files had what type of error? Track these statistics over time to see if the number and type of errors is improving.

Conduct of the Self-Audit
Availability of Claims for Review

To ensure that all necessary information is available for review, claims selected for retrospective review should be reviewed three to six months from the date of bill generation. This will allow sufficient time for the primary claims to have been paid, and billing and collection of secondary insurances and co-payments.

em{Determine the Sample for Analysis}

The supplier should review a sufficient number of claims for each category of product/service provided during the audit period. For example, the supplier may prospectively audit 15 randomly selected claims prior to billing and then retrospectively audit 15 randomly selected claims for a quarter. The categories of claims selected should be generated in a way to accurately represent the supplier’s lines of business

The prospective and retrospective audits should encompass claims submitted to government programs and commercial payors alike. The supplier should also perform focused claim reviews from time to time to address perceived or discovered problems. For example, if a patient lodges a complaint regarding a provided service, the supplier should generate a focused review to discover the source of the alleged dissatisfaction and take corrective action as needed.

Complete the Audit Tool for Each Type of Claim to Be Reviewed

The Compliance Officer or designee should review each claim and supporting documentation using the appropriate audit tool to determine whether compliance standards for each element being evaluated have been satisfied. The audit tool provides the reviewer with a detailed document for recording the results of each individual claim reviewed. Prospective audits will focus on ensuring that all appropriately completed documents have been obtained prior to claims submission. However, prospective audits will not detect deficiencies in the billing process, such as collection of co-payments, but these types of deficiencies will be detected in the retrospective audit process. The development of audit tools should be dynamic rather than static and, thus, audit tools should be revised/customized as needed. It is important to keep in mind that government and commercial payor policies and requirements change frequently, and therefore, audit tools should be updated to capture these changes.

Review and Summarize Findings

Proper documentation of the audits must be maintained. The Compliance Officer or designee should review all the audit tool forms completed during the audit and summarize the results. The supplier may wish to classify the type of deficiencies identified. An example of the format that the supplier might wish to utilize to classify the type of deficiencies is as follows:

Compliance Deficiency Types

  1. Non-compliant with Medicare requirements, refund required.

  2. Arguably Medicare compliant but at risk if audited. Best practice is to refund or rebill unless corrective action or additional documentation may resolve the issue.

  3. Meets Medicare requirements but failed to meet internal requirements.

  4. Meets Medicare requirements, meets internal requirements, but presents an opportunity for improvement.

All identified deficiencies should be addressed in a summary of the findings. The audit summary report should include, but not limited to:

  • General information regarding the nature of the audit, such as whether the audit is a random or focused audit; if the audit is a random audit, how the random sample was generated; if the audit is a focused audit, the nature of the issue that generated the audit; how many total claims were reviewed; the date of the report; and the name of the person conducting the audit.

  • The methodology of the subject audit, such as the range of dates of service reviewed, and any specific risk area focus. For example, “This random audit included billed dates of service from May 1, 2011, through July 31, 2011, for enteral, ostomy, wound care and urological services. Title XIX forms were reviewed for completeness and accuracy in addition to other determined criteria. See audit tool criteria.”

  • Patient-specific results, including but not limited to: patient name, patient identification number, specific audit finding, deficiency type and any proposed corrective action. An example of the format that the supplier might wish to utilize in its report is as follows:

Patient Name: Ima Sick, #1234567

Date of Service Reviewed: June 30, 2009

  • Finding: The physician’s order dated June 28, 2009, for ostomy product did not contain the quantity of product to be dispensed. This date of service has been billed and paid. This order did not contain the correct ICD-9-CM diagnosis code to support the medical necessity of the product dispensed and billed.

Deficiency Type: 1

  • Proposed Corrective Action: The employee responsible for reviewing physician’s orders’ will receive additional training regarding the importance in reviewing all physician’s orders for completeness and accuracy of all required areas before submitting a claim for reimbursement.

  • The billing department will issue a refund to the payor for date of service of June 30, 2009.

  • Customer Service Department will obtain a new valid physician’s order for subsequent dates of service.

  • Recommendations for any identified opportunities for improvement, such as system process changes, policy and procedure changes and educational offerings.

Post-Audit Follow-Up

The audit summary should be reported to the supplier’s CEO on a routine basis as determined by the supplier.

  • Other follow-up actions may include, but are not limited to:

  • Revising policies and procedures. This can be helpful in correcting systemic errors.

  • Providing additional training in specific areas. This is important to affect the desired employee behavior and thus limit repeat errors.

  • Making refunds, if appropriate. Associate dollar amounts to the various types of identified deficiencies. Determine whether the identified deficiencies require a refund to the Medicare program. The Compliance Officer should determine which types of errors require refunds. If a refund is required, then payments should be refunded to the appropriate payor in a timely manner and corrected bills should be submitted, if appropriate.

  • Taking disciplinary action, if necessary. If an employee refuses to adapt his/her behavior to ensure compliance with applicable regulations, disciplinary action is warranted. This action should not be undertaken without involvement of senior management, human resources and the president.

  • Changing the focus of the audits. There is no magic formula for how many internal audits must be conducted and what each audit should contain. Audit plans should be flexible and revised based upon the results of previous audits. Review the audits conducted and develop statistics: how many files had what type of deficiencies? Track these statistics over time to see if the number and type of deficiencies is improving and to determine whether a re-audit of the deficiency is warranted.

  • Documenting specific changes that were, in fact, implemented as a result of the audit, and subsequent re-audits to verify that the changes in policies and procedures and that corrective actions have been implemented successfully.

All audit plans, audit summaries and completed audit tools should be maintained and secured appropriately.

Preparing for a Government Investigation

Investigations into health care fraud are being coordinated among several federal, state and local government agencies including but not limited to the OIG, FBI, IRS, the United States Postal Service, Department of Labor, Defense Investigative Service, various state agencies, and state and local police departments. It is increasingly common for agents from one or more of these agencies to arrive, without prior notice, at a HME supplier’s business to obtain information in connection with an investigation of its operations. The investigations conducted by these agencies focus on a number of issues, including but not limited to (1) paying or receiving alleged illegal remuneration (2) accuracy of patient testing (e.g., pulse oximetry tests), and (3) documentation irregularities.

Preparatory Steps

There are a number of steps the HME company can take to prepare itself for a possible government investigation.

Corporate Compliance Program

The best way to be prepared for an investigation is to institute a corporate compliance program that is carefully designed and thoroughly implemented. If an effective compliance procedure is part of the company’s corporate structure, it is less likely that it will be the subject of a government investigation, and if it is, the disruption to the company’s operations will possibly be reduced.

Regular Computer System Backups

The company should regularly back up its computer system and keep the backup files in a secure offsite location, so that if computers or hard drives are seized, an accurate record of business transactions will be available to keep disruption to operations at a minimum. These records may also prove useful for analysis by management and attorneys.

Comprehensive Document Inventory

The company should maintain a detailed inventory of documents and their locations on the premises, e.g. a list of patient files, and which office and/or file cabinets they are kept in. This will be important if documents are seized and removed by investigating agencies, making it possible to identify what is removed.

Appoint a Company Spokesperson

A company spokesperson, ideally a member of senior management, should be appointed. This individual will immediately take charge of the situation and will coordinate the investigators’ requests. The company spokesperson should greet the investigators, request identification, and read any official documents carefully to determine the scope of the investigation. The other employees should stand aside, awaiting instructions on how they may assist with the investigation.

Employee Training

It is important to remember that the company should not instruct its employees to refuse to speak with investigators, because this could be construed as obstruction of justice. Rather, the company should instruct employees that it is their choice whether or not to answer the investigator’s questions, and that they have the right not to do so. It is also their right to request that an attorney be present during questioning.


Too frequently, investigators take advantage of situations where unsuspecting, frightened employees act impulsively to release information that may be outside the boundaries of the investigation. It is easy, after the fact, for government agents to claim that the employees released the information voluntarily. A “fire drill” approach to rehearsing such a scenario is an effective way to prepare employees for the real thing.

As a precautionary measure, a HME company may wish to develop a response procedure for its employees to rehearse periodically, in the event that representatives from a government agency pay a surprise visit to the premises. In this way, employees who are caught off guard by such a visit will be able to recover quickly from the initial shock of encountering such a visitor and respond in an orderly and appropriate fashion. This response procedure should also be placed in writing to assist those employees who are too shaken to respond appropriately.

Retain a Health Care Attorney

A HME company should retain a competent health care attorney, even if it is not the subject of an investigation, and develop an attorney-client relationship. An attorney who knows the background, structure and conduct of a particular business will be able to give immediate and effective counsel in the event that government investigators arrive on the premises. Educating an attorney on various aspects of the business will waste valuable time, and even more time may be wasted on the housekeeping details of establishing an attorney-client relationship. Finally, a previously contracted attorney may require less of a retainer than an attorney beginning a relationship with a new and unknown client.

This monograph is not intended to be legal advice or legal opinion on any specific facts or circumstances. The contents are intended for general information purposes only. The law pertaining to this monograph may have changed following the date of the monograph. The reader should consult his or her own attorney for legal advice concerning the contents of this monograph. Except where noted, attorneys are not certified by the Texas Board of Legal Specialization.

Prepared by:

Health Care Group
Brown & Fortunato
P.O. Box 9418
Amarillo, Texas 79105-9418

(806) 345-6300
(806) 345-6363 (fax)

© Brown & Fortunato