All told, the auditing firms in those years requested records on 2.6 million Medicare patient encounters, discovering errors in half of them, usually for care delivered in settings that were too expensive or billed using the incorrect code, according to the OIG report. The average individual payment denial was for $507.
Seven years ago, Congress ordered Medicare to hire four private companies, known today as recovery auditors, to police the Medicare payments and detect cases where hospitals, doctors and suppliers were being overpaid. In 2011, the program recovered $488 million for Medicare after accounting for contractor fees and successful appeals of payment denials.
The auditing firms have come in for heavy criticism by hospitals' lawyers and lobbyists, who say the companies are too aggressive—as shown by the high rate of cases that the hospitals win on appeal. The American Hospital Association supports bills in the House and Senate to scale back the auditing by the firms, bolstered by hospital-reported survey findings that at least 40% of all denials are appealed, and 70% of those are successful.
AHA officials said the discrepancy between the hospital-reported and OIG appeal rates was due to their data being two years fresher than the data analyzed by the government. AHA officials also said their data was drawn only from hospitals, while the OIG figures pertained to all Medicare Part A and B providers.
Moreover, “the appeals rates don't tell the whole story about the accuracy of the RACs,” said Melissa Jackson, who oversees RAC policy issues for the AHA. She said many providers may avoid disputing payment denials simply because of the time, legal uncertainty and administrative expense of the administrative appeals process.
Recovery auditors are hired primarily to look for payment errors, but they are required to report to authorities cases in which evidence shows the healthcare company could have been engaged in intentional fraud. Yet in 2010 and 2011, the companies reported just six such cases nationwide, and none of them were in fraud “hot spots” in Florida or Texas. The OIG's office criticized the companies for finding too little fraud.
Meanwhile, the report said the CMS is not doing enough to investigate the leads it does get or provide training and regular updates that could help create new fraud tips. And although the CMS made 28 specific changes to its billing rules to close “vulnerabilities” exposed by the overpayment data, it never evaluated the success of those amendments.
In a written response to the report, CMS Administrator Marilyn Tavenner said measuring the effectiveness of any such changes is difficult because some of them require multiple steps over wide-ranging time frames. “Some are implemented within a few months, while others take significantly longer, hindering CMS' ability to draw conclusions about the effectiveness of a specific corrective action,” she wrote.
(Story updated with AHA comment at 5:50 p.m. Central time.)
Follow Joe Carlson on Twitter: @MHJCarlson