BALTIMORE — Providers deemed a "high risk" to government insurance programs — including prospective DMEPOS suppliers — face a cadre of new screening tools including criminal background checks and fingerprinting, according to a proposed rule (CMS-6028-P) previewed Monday by CMS.
Scheduled to be published in the Sept. 23 Federal Register, the rule would implement provisions in the Affordable Care Act related to enrollment in Medicare, Medicaid and the Children's Health Insurance Program (CHIP).
Under the proposal, all providers/suppliers would be classified in one of three fraud risk categories:
-
Limited-risk entities would have to meet enrollment requirements, licensing and database verification to check such things as SSN and NPI, HHS OIG exclusion and tax delinquency. The rule places physicians, non-physician practitioners, medical clinics and group practices in this category because they are state-licensed, and because CMS has not seen any indications of an elevated fraud risk from this group, according to the rule.
Providers/suppliers that are publicly traded on either the NYSE or the NASDAQ also present only a limited risk because of their financial oversight, CMS said. Other limited-risk entities under the rule include ambulatory surgical centers, critical access hospitals and skilled nursing facilities.
-
Moderate-risk providers would have to meet the same requirements as those in the limited-risk category with the addition of unscheduled site visits.
CMS puts currently enrolled DMEPOS suppliers at this risk level (again with the exception of publicly traded companies), along with currently enrolled home health agencies. Others in this category include community mental health centers, comprehensive outpatient rehabilitation facilities, hospice organizations, independent diagnostic testing facilities, independent clinical labs and non-public, non-government owned or affiliated ambulance services.
-
High-risk providers, including prospective DME suppliers and home health agencies, also deemed high risk, would have to meet the initial requirements, pass unscheduled site visits and, in addition, undergo criminal background checks and fingerprinting.
According to CMS, fingerprint checks have never been used in enrollment screening, and criminal background checks have only been used sparingly. The rule says fingerprint checks will allow CMS to verify an individual's identity, determine whether that person is eligible for enrollment and prevent identity theft. The rule proposes applying the new screening tools "to owners, authorized or delegated officials or managing employees of any provider or supplier within the 'high' level of risk."
If finalized, the new provisions would take effect March 23, 2011. Comments on the proposed rule are due Nov. 16.
CMS officials said the fraud prevention measures would help the agency move from its current pay-and-chase approach to fraud one that makes it harder to commit fraud in the first place.
"Our initiative will allow us to go beyond what we've always called 'pay and chase' and to actually have the tools and mechanisms to prevent much of the fraud we've seen in recent years," Peter Budetti, director of CMS' new Center for Program Integrity, said in an interview with USA Today on the anti-fraud measures.
The proposed rule also gives CMS new authority to suspend payments when a "credible allegation" of fraud is being investigated, including tips from consumers.
Other provisions in the rule would:
-
Give CMS the authority to impose a temporary moratorium on enrollment in Medicare, Medicaid and CHIP to help "prevent or fight" fraud. Suspensions would be in six-month intervals.
-
Impose a $500 application fee on all providers/suppliers (with the exception of Part B medical groups or clinics and physicians and non-physician practitioners submitting a CMS 855I for enrollment in Medicare). The fee will apply to both first-time enrollees and those currently enrolled who are revalidating their status.
-
Require states to terminate providers from Medicaid and CHIP when they have been terminated by Medicare or by a state Medicaid or CHIP.
-
Solicit input on how to develop provider compliance programs, now required under the Affordable Care Act.
CMS noted in the rule that its current payment system — under which providers are paid and then Medicare chases after them to recoup the money if discrepancies are found — "functions reasonably well" when CMS seeks to recover overpayments from legitimate providers. "It is not adequate when the fraud is committed by sham operations that provide no services or supplies and exist simply to steal from Medicare or Medicaid and thrive on stealing or subverting the identities of beneficiaries and providers," the agency said.
That's what industry advocates say they have been telling CMS for years. USA Today also quoted the American Association for Homecare's Michael Reinemer, who told the newspaper, "Nobody is more anxious to stop fraud than we are because the legitimate providers are the ones that suffer."
In a Tuesday update, AAHomecare said it has been "frustrated that it has taken so many years for Medicare to deal effectively with the fraud problem at the front-end rather than relying on the pay-and-chase system of catching criminals after theft has occurred."
The association pointed out that for the HME community, mandatory accreditation by a CMS-approved accrediting body and a surety bond requirement have been in place for a year. So critical questions, the association said, are "What effect have those measures had on criminal activity?" and "Have those measures had an impact on fraud numbers?"
The association will submit written comments, including its 13-point anti-fraud action plan, to the House Energy and Commerce Subcommittee on Health, which is holding a hearing today on "Cutting Waste, Fraud and Abuse in Medicare and Medicaid."
Preview the proposed rule at www.ofr.gov/inspection.aspx.