The rule's commentary “indicates that a physician has a perpetual duty to ‘research' whether any overpayment may exist. This requirement would be extremely burdensome for physicians, as it would impose a boundless duty to troll medical records in search of innumerable vulnerabilities,” according to a comment letter signed by the AMA and more than 100 other physicians' groups.
Experts say the proposal was objectionable partly because many Medicare overpayments are because of errors by the government or its contractors. While providers have long been expected to find and fix such errors within a reasonable amount of time, the new rule defines 60 days as the deadline, 10 years as the look-back period and the False Claims Act as the method of computing penalties.
“So providers have to not only be Medicare's keeper ... but now that gets to go back for 10 years? Based on fraud? That is really where everyone has lost their minds,” said Polsinelli Shughart attorney Colleen Faddick, describing providers' reactions. “There are plenty of ways for CMS to go back 10 years when there's fraud. But extending what are often routine and transactional issues into the area of fraud is what is driving everyone nuts.”
The CMS has long sought to clarify exactly when and how providers are required to return overpayments. In March 2010, the Patient Protection and Affordable Care Act declared a 60-day repayment rule.
Last February, the CMS published the proposed rule for Medicare Part A and Part B providers and suppliers, saying they could simply return overpayments within 60 days through the existing voluntary refund process—though the program is being renamed the “self-reported overpayment refund process” because it is no longer voluntary.
Common reasons for such overpayments would include incorrect service dates or codes, duplicate payments, insufficient documentation, and lack of medical necessity for the service. The rule would apply to overpayments up to 10 years old.
The CMS' rule says the 60-day clock begins running either when a provider identifies the payment, or when it shows “reckless disregard or deliberate ignorance” to it by failing to make a reasonable investigation into events such as audit findings and unexpected increases in revenue.
“We believe defining ‘identification' in this way gives providers and suppliers an incentive to exercise reasonable diligence to determine whether an overpayment exists,” the CMS wrote. “Without such a definition, some providers and suppliers might avoid performing activities to determine whether an overpayment exists, such as self-audits, compliance checks and other additional research.”
John Joseph, a principal with Post & Schell in Philadelphia and a former assistant U.S. attorney, said that requirement is new because it no longer requires a provider to actively conceal an overpayment in order to trigger False Claims penalties.
“The law, as it has been changed, can trigger false claims liability without any action on the provider,” he said. “In a way, you are providing liability now for, instead of an action, a state of mind. That is a new feature.”