Due diligence in health care is a familiar experience for hospitals that buy physician practices, but increasingly it’s the terrain of private equity (PE) firms as they gobble up practices and other types of providers and suppliers. PE firms have to look beyond the financial potential and dive into compliance risks, including coding, the revenue cycle and clinical standards.
“Over the past three to four years, there’s been an increase in requests for coding reviews,” says Valerie Rock, consulting senior manager with PYA in Atlanta, Georgia. “It used to be all they would do is financial reviews, but they realized that was not where the financial risk was. When a practice is audited, the financial impact of coding errors could take down the practice.” Rock says PE firms increasingly realize they must audit “targets”—the physician practices and other entities they buy—to identify evaluation and management coding errors and other compliance liability. There are the usual suspects to review: HIPAA and the Stark Law, for example, as well as clinical aspects of the practice, including endoscopy sterilization, proper gloving techniques and medication storage.
“There are more pitfalls than they realize,” she says. “The PE firms are spending a lot of money in due diligence and still only touching the service, but they’re in a better position to do well after the acquisition if PE firms identify and correct noncompliance.”
PE investment in health care has “exploded” in the past few years, says attorney Lisa Atlas Genecov, with Katten Muchin Rosenman in Dallas. If this seems vaguely familiar, it’s because PE invested heavily in the 1990s in physician practices, although that often was less than a smashing financial success. “The trends were very different. It seems more sustainable now. Part of that is technology allowing for better analysis of the industry and PE firms understanding the market better,” Genecov says. And unlike the 1990s, more physicians are remaining employed longer with PE-owned practices and have an opportunity to receive rollover equity. “They also have the opportunity to participate in medical advisory committees that allow them to have a say in the medical direction of the practice,” she explains.
PE firms also have revisited health care because of market factors. “There is an aging population in need of more health services and big growth in more chronic conditions because people are living longer,” Genecov says. “All this creates more opportunities for PE investment.” Once they wade into health care, however, they realize it’s very regulated and complicated. That’s why many PE firms are in the market for a stable physician practice or other health care entity “with a compliance focus,” she says. “They aren’t just looking for a group that may have a lot of business, but one that’s growing financially and in a compliant way.”
NPPs Are a Risk, Partly Because of Supervision
One vulnerability is the use of nonphysician practitioners (NPPs)—physician assistants (PAs) and nurse practitioners (NPs), Rock says. This is a multifaceted compliance risk, with issues around the credentialing of NPPs and billing under incident-to rules, which require direct physician supervision when billing 100% of the physician’s fees. “You have to follow state laws for the supervising provider, which usually limits how many NPPs you can supervise at one time,” Rock says. CMS changed the rules a few years ago, and now expects the physician who supervises the services to be on the bill. For example, if Dr. Smith orders the services, the Medicare Physician Fee Schedule regulation says they must be billed under Dr. Jones because she was present in the suite when the services were performed. “Make sure one physician isn’t carrying all the billing under their number for all NP or PA services,” Rock cautions. Direct physician supervision means physicians must be immediately available and interruptible if their help is needed.
Modifier 25 also has turned up in due diligence for PE firms. “We’ve found modifier 25 has not been used appropriately,” she says. “It goes through a process of being disclosed to the target if there is something that’s a bright line and looks like a big deal. The target and the investor’s attorneys have to talk it through.” An overpayment refund may be necessary, whether or not the deal is consummated.
Follow Claims All the Way Through
With due diligence, Rock recommends a “true revenue cycle or operational assessment.” That potentially helps identify double billing to government and commercial payers for the same patient as well as embezzlement. Patients may be covered by Medicare, for example, for medical care, but use commercial payers for vision or psychiatric services. However, the government and commercial payers shouldn’t be billed for the same service. “If the target is double billing and you’re focused only on government-payer coverage, you may not catch that,” she explains. “And if you only do a coding review and you don’t do a revenue cycle review, you may not catch erroneous or double billing or embezzlement.”
These types of problems surface during revenue cycle or operational assessments, Rock says. “You would look from [patient] check in to check out and follow claims through the process of the payer paying it.” Is there balance billing? What are the results of a coding review? She says this kind of due diligence is “pretty overwhelming,” but PE firms are getting savvier now that they’re cutting more management deals with health care entities. As more compliance issues surface, they may have to clean them up on the back end with the target.
Contact Rock at vrock@pyapc.com and Genecov at lisa.genecov@kattenlaw.com. ✧