Raja Sékaran (rsekaran@nossman.com) is a Partner in the San Francisco office of Nossaman LLP.
Voluntary self-audits of Medicare claims should be part of any provider’s compliance program. For fee-for-service claims, these often focus on coding and billing of services. Both for purposes of defining the audit universe and for issuing refunds when appropriate, this article offers a consistent approach to defining a lookback period for auditing, and possibly refunding overpayments to, Medicare.
Traditional fee-for-service Medicare
It is well-established that Medicare overpayments must be returned by the later of: (1) 60days after the date on which the overpayment was identified, and (2) the date any corresponding cost report is due.[1] Less well-known is how far back in time one should self-audit to identify potential Medicare overpayments.
The answer depends on whether one views the circumstances surrounding the potential overpayment as: (1) a mere error, or (2) potentially a false claim by the provider under the federal False Claims Act (FCA) that resulted from either reckless disregard for the veracity of the claim, or deliberate ignorance of the same or, even worse, actual intent to file an improper claim.[2]
Overpayment resulting from mere error
Regarding an overpayment through mere error, although not a model of clarity, the prevailing lookback period in the applicable authorities appears to be a period that runs from the date of the Medicare remittance advice to a date that is five years from the first day of the following year. For example, if the remittance advice is dated June 1, 2019, proceed to the next New Year’s Day (i.e., January 1, 2020) and add five years (i.e., January 1, 2025). Assuming one is auditing only claims recoverable from the Centers for Medicare & Medicaid Services (CMS), an audit of Medicare claims occurring on or after January 1, 2025, need not include claims prior to January 1, 2020.[3]
By way of further example, if the audit itself occurs during 2019, the lookback period would cover claims back to January 1, 2014. Any claim with a remittance advice during 2014 would look to the next New Year’s Day (January 1, 2015) and add five years (through 2020) for the auditable period.
It is worthwhile to understand the authoritative support for this lookback period. The Office of Inspector General (OIG) routinely performs studies and makes recommendations on CMS operations in the interest of reducing fraud, waste, and abuse. In so doing, OIG recommended CMS pursue legislation to increase its lookback period for recovering overpayments. Accordingly, CMS proposed legislation in the American Taxpayer Relief Act of 2012 to establish a period of five years from the first day of the year following the date of payment.
The resulting statute is found at 42 U.S.C. § 1395gg(c). The statute as drafted does not create an across-the-board lookback period. Instead, it applies the lookback period to a list of reasons for claim denial found at 42 U.S.C. § 1395y(a)(1) and (9).[4] The reasons at section (a)(1) relate mostly to the denied service being “not reasonable and necessary” to treat the illness or injury, or for the service being administered “more frequently than is covered” by Medicare. In the case of section (9), the service being denied would be for non-covered custodial care.
Of course, many types of claims denials are not included in 42 U.S.C. § 1395y(a)(1) and (9), including coding and billing errors. Rather than create one system for the statutory variants and another system for everything else, CMS appears to have adopted one standard for all circumstances in its administrative materials.
The Medicare Financial Management Manual addresses overpayments in Chapter 3 in a manner that supports the above interpretation.[5] Specifically, the five-year lookback period is found in section 80, “Individual Overpayments Discovered Subsequent to the Fifth Year,” and states:
There are special rules that apply when an overpayment is discovered subsequent to the fifth year following the year in which notice was sent that the amount was paid. Ordinarily, the provider or beneficiary will be considered without fault unless there is evidence to the contrary. In the absence of evidence to the contrary, the contractor will not demand and recover the determined overpayment. (One example of evidence to the contrary would be a pattern of billing errors. See, Medicare Program Integrity Manual, Publication (PIM) 100-08, Chapter 3.)
In light of the above quote, it is critical to determine what constitutes “evidence to the contrary” that would supplant the five-year lookback period. TheMedicare Program Integrity Manual does not provide much concrete assistance. It states that Medicare Administrative Contractors (MACs) “shall target providers/suppliers who have historically high claim denial rates, who have billing practices that vary from their peers, or when evidence suggests that there is a potential risk to the Medicare Trust Fund.”[6]
These examples are insufficiently concrete. How should we determine what constitutes “evidence to the contrary”? This article proposes to use the same standards that apply to a potential FCA violation to determine when to override the five-year lookback period for overpayments and instead use the FCA statute of limitations.
Overpayment attributable to a potential FCA violation
As discussed below, the standard for potential fraud under the FCA is extensively developed by statute, regulation, judicial opinion, and professional commentary, and is therefore a practical standard to use.
Bases for FCA liability
The FCA establishes several bases for liability, including when one “knowingly presents, or causes to be presented, a false or fraudulent claim for payment or approval” to the United States.[7] Thus, presenting an improperly coded or billed claim to Medicare falls squarely within the statute.
All of the bases for liability under the FCA include an element of knowledge (i.e., the conduct must have been undertaken “knowingly” or in a “knowing” manner). The statute defines this as occurring when “a person, with respect to information—
-
has actual knowledge of the information;
-
acts in deliberate ignorance of the truth or falsity of the information; or
-
acts in reckless disregard of the truth or falsity of the information;”[8]
Importantly, the statute also makes clear that this element of knowledge requires no proof of a specific intent to defraud.
In administering a voluntary audit and compliance program for coding and billing, we can apply this knowledge standard to examine coding and billing errors and determine whether they appear to be more serious than the “without evidence to the contrary” standard quoted above. Specifically, if the circumstances surrounding coding and billing errors suggest “actual knowledge” or “deliberate ignorance” or “reckless disregard” of truth or falsity, the lookback period under the FCA (see below) could be the more appropriate lookback period to apply.
Of course, presenting claims to Medicare with “actual knowledge” of their coding or billing errors would be a very serious matter that requires an internal investigation and possible self-disclosure—beyond simply auditing and refunding. In such circumstances, we would recommend immediate consultation with counsel and an analysis of civil and criminal exposure, with corresponding statutes of limitation that may be fact-specific.
Most federal criminal charges have a five-year statute of limitations. In a conspiracy case, that five-year statute of limitations runs from the date of the last act deemed in furtherance of the conspiracy, which could open the door to a far longer lookback period. In any event, because conduct involving “actual knowledge” is relatively rare and entirely unexpected in common practice, the standards of “deliberate ignorance” or “reckless disregard” are applicable.[9]
As to deliberate ignorance, it is well developed in judicial opinions. For example, the Ninth Circuit Court of Appeals, which has judicial jurisdiction over most of this author’s healthcare clients, recently articulated the deliberate ignorance standard as not permitting a Medicare contractor to deliberately turn a blind eye to reporting errors and then attest that it is unaware of errors.[10] Thus, if an error is detected in reporting procedural codes, for example, the expectation under the FCA is to address those errors directly, such as through targeted auditing. By the same token, if it is discovered that the error had been detected previously but not corrected, the issue should be addressed as a potential FCA matter under the deliberate ignorance standard, applying the appropriate lookback period.
District courts in the Ninth Circuit also have addressed reckless disregard. In Siebert v. Gene Security Network, Inc., the court held that a company’s “failure to review and ensure its compliance,” after learning its accounting procedures might not comply with accounting regulations, supported a finding of reckless disregard.[11] In Hamilton v. Yavapai Community College District,[12] the court held that a recipient of federal funds has some duty to make a limited inquiry to be reasonably certain it is entitled to the monies. Reckless disregard can be established by the failure to make simple inquiries that would alert the person to the falsity of the claims. Thus, the reckless disregard standard includes an expectation of proactive compliance inquiry. Voluntary auditing or other review is a form of such inquiry.
The standard also appears to include proactive, voluntary education. The Hamilton court in an earlier opinion in the same case found the failure to adequately familiarize oneself with the legal requirements of government compensation to be evidence of reckless disregard.[13] Under the authority of these cases, if a failure to make reasonable inquiries or even become familiar with the applicable coding and billing requirements is detected, it is reasonable to conclude that the FCA is implicated and apply the FCA lookback period accordingly.
The FCA lookback period
A case under the FCA must be brought as follows: (1) within six years of the date on which the violation was committed; or (2) within three years of the date that the facts material to the right of action are known or should have been known by the United States official charged with responsibility to act in the circumstances, but in no event more than 10 years after the date on which the violation is committed, whichever occurs last.[14] The Ninth Circuit interprets “United States official” to include a qui tam relator, sometimes referred to as the whistleblower.[15]
The United States or a qui tam relator might invoke the second section above to assert a lookback period as far back as ten years prior to the filing of the action. However, this article is concerned with voluntary auditing of coding and billing—not the defense of a filed FCA case. Presumably, voluntary auditing is part and parcel of a broader compliance program, which exists in part to prevent the circumstances leading to the filing of FCA cases. In this spirit of prevention and proactive compliance, as well as the efficient use of resources, this author proposes using the six-year lookback period for voluntary auditing in circumstances that potentially implicate the FCA.
One open issue is from what date the six-year period runs (i.e., what constitutes “the date on which the violation was committed”). The courts interpreting this FCA section have split—some have begun the period from the date of filing the claim,[16] concluding that presenting a claim for payment to the government begins the statute of limitations period. Others have begun it from the date the claim is paid. Best practices would suggest running the six-year period from the date of filing the claim. This approach appears to be consistent with the FCA’s legislative history,[17] by which the government is permitted “to bring an action within 6 years of when a claim is submitted.”
Therefore, in the event circumstances surrounding the coding and billing indicate a potential FCA violation, the lookback period of auditing should be claims submitted six years retroactive from the date of audit.
Conclusion
The question of whether you are confronting a mere error or potential false claim is ultimately subjective and requires a judgment call. Compliance professionals and their legal counsel should work together to make that determination. In addition, legal counsel can assist compliance professionals in structuring and conducting voluntary audits protected by the attorney-client privilege or attorney work product protection.
Although this article is devoted to traditional, fee-for-service Medicare, there are several other payer classes to worry about as well. This includes designing lookback periods for the other federal payers, including traditional Medi-Cal, traditional Medi-Cal with potential False Claims Act liability, managed care Medicare with a payer-provider contract, managed care Medicare without such a contract, managed care Medi-Cal contracted, and managed care Medi-Cal non-contracted. We also may need lookback periods for private commercial payers and uninsured/self-pay. Ultimately, the population or claims at issue will determine the payer mix at issue. More often than not, a voluntary audit plan must be tailor-made.
Takeaways
-
Voluntary self-audits of Medicare claims should be part of any provider's compliance program.
-
When returning Medicare overpayments, the lookback period will be different if the overpayment was the result of an error or a potential false claim.
-
If the claim involves a mere error, the lookback period runs from the date of the Medicare remittance advice to five years from the first day of the following year.
-
If a potential false claim was made, the False Claims Act is implicated, so the FCA lookback period must apply.
-
An FCA case must be brought within six years of the violation, or within three years of a U.S. official becoming aware of the claim, not to exceed ten years from the violation.