“I know of hospitals that have been touched by this,” says Kristin Pollock McDonald, a partner with the law firm Nelson Mullins Riley & Scarborough in Atlanta. “It's going to hit every industry.”
The CMS has four companies under contract doing this Medicare program-integrity work in seven zones around the country, but the companies have been prodded by recent reports from HHS' inspector general's office that suggest ZPICs could be generating more cases from the mining of government data.
At the same time, the Senate Finance Committee and the Government Accountability Office have begun an examination of whether the CMS has a tight-enough leash on the powerful companies, as complaints about their aggressiveness have surfaced.
Several sources told Modern Healthcare about zealous tactics of the ZPIC agents, from showing up at healthcare clinics and taking unauthorized photos, to blocking routine Medicare payments for challenges that are never explained and ultimately shot down at the end of Medicare's long administrative appeals process.
Nationally, the four ZPICs employ slightly more than 500 people, and they use government analytics and their own proprietary methods to develop cases based on irregularities for Medicare hospitalization and physician care services—known as Medicare Parts A and B, respectively.
Gary Keilty, a managing director with Huron Consulting Group, says he and others have worked with several hospitals that have been targeted by ZPICs because of suspicions in Medicare bills uncovered by data-mining.
“Because of the potential allegation of fraud, these tend to be sort of kept quiet,” Keilty says. “Hospitals are definitely seeing activity as well, but it tends to be more quiet.”
Hospital officials are more familiar with two other types of CMS-hired entities that can audit their bills: Medicare administrative contractors (MACs) and recovery audit contractors (RACs). But while those entities wield somewhat similar powers, their auditing is intended only to prevent errors and recoup overpayments and penalties
ZPICs are charged with finding Medicare fraud. They use tips from the public and advanced analysis of government data, and some of their cases end up being turned over to HHS and the Justice Department for prosecution, as was the case with WakeMed.
That means, unlike requests from MACs and RACs, ZPIC interventions are not routine and should not be treated as just another source of work from Medicare's alphabet soup of regulators.
“People need to take it seriously,” McDonald says. “They do not go away, and more often than not, they do find overpayments.”
Not all overpayments are fraud, of course, and some critics have complained that they find little fraud compared with the volume of simple payment errors.
But providers of all stripes were reluctant to talk about their experience during ZPIC audits. Numerous sources contacted for this article directly and indirectly declined to do on-the-record interviews talking about their experience being audited by government contractors.
In the case of WakeMed, the system declined several interview requests even as the system made national news this year after it was hit with what prosecutors in North Carolina called the first-ever case of a not-for-profit community health system being charged with making material false statements to Medicare in order to inflate reimbursements—a criminal charge that could result in the closure of a 628-bed acute-care hospital in Raleigh if hospital employees violate terms of a two-year deferred prosecution agreement.
WakeMed Health & Hospitals' Raleigh campus was found to have among the nation's highest rates of a suspicious inpatient billing pattern, known as “zero-day stays,” between 2003 and 2006. Zero-day stays happen when an inpatient does not spend even one night in the hospital.
Court files recently revealed that the entity that first uncovered the WakeMed conduct was a ZPIC called Cahaba Safeguard Administrators. (At the time, Cahaba was a benefit-integrity contractor under the designation of “program safeguard contractor,” a name that has since been changed to “zone program integrity contractor.”)
Cahaba, which is owned by Blue Cross and Blue Shield of Alabama and based in Birmingham, declined to make officials available for an interview, citing terms of their contract with the CMS that forbids media interviews.
But Lester Perling, a partner with Broad and Cassel in Fort Lauderdale, Fla., says hospitals tend not to be subjected to the more intrusive investigative techniques employed by ZPICs, such as physical searches of premises.
Perling recounted stories from smaller clients who said ZPIC officials arrived at providers' front doors demanding tours of facilities, taking photographs and requesting immediate access to documents and even desk drawers. He recommends providers in such circumstances send the investigators to the waiting room and call their attorneys immediately.
Rachel Hold-Weiss, a partner with the law firm Arent Fox in New York, says providers can't simply refuse the investigators entry, however.
“Whoever it is who walks in the front door and says we have a piece of paper to get this information, you want to make sure you have someone who is trained in how to deal with them,” she says. “You want to make sure that other than water or a cup of coffee, nothing is offered to them. You don't want to do anything that could be misconstrued as a bribe,” like offering to take a ZPIC agent out to lunch.
However, requests for extensive documentation by mail are also common, and they must be handled with care as well.
Hold-Weiss says government contractors may gloss over key facts in the medical records. She has personally worked on several cases where the ZPIC wrongly claimed medical records lacked forms documenting a patient's consent for treatment, even though documents to the contrary were turned over with the original response.
“ZPICs don't always find everything in the record that they should,” she says.
The key to mounting a solid defense in such an audit is to make sure that each page of a medical record submitted for review is stamped in an overall page-numbering system, known as Bates numbering, so that omissions or mysteriously “lost” documents will stand out as gaps in the sequence of pages.
“In every case that I have handled, there has been at least one record where there was a technical denial that there was no basis for, because we have been able to show that the document was there,” Hold-Weiss says.