Brace for Medicaid data mining and recoupment demands

S. Gregory FroggeS. Gregory Frogge

By Greg Frogge

The federal Health and Human Services Office of Inspector General (OIG) is escalating its war against Medicaid fraud and abuse, just as it has over the past years with Medicare. The OIG’s focus has turned to early prevention and detection, rather than “pay and chase.”

Like most states, more than half of Oklahoma’s Medicaid spending comes from federal funds. States are required to return Medicaid overpayments to the federal government within one year of discovery — whether or not they have recouped them from the provider. Consequently, states’ enforcement efforts are heavily influenced by federal priorities.

Healthcare providers should be aware that states, including Oklahoma, are expanding their use of data mining and analytics, as well as increasing the volume and types of data examined, to detect possible fraud. Investigators use historical data sets to identify patterns and risk factors, including, for example:

  • Comparing the number of procedures a provider claims to have performed with utility usage at the practice location
  • Scanning lists of officers of professional entities for excluded providers and their relatives
  • Comparing claims for medical transport with claims for other services on the same day

States also are implementing their enhanced powers under the Patient Protection and Affordable Care Act (ACA), including:

  • Suspending payments based on credible allegations of fraud
  • Recovering overpayments from credit balances
  • Using enhanced screening and enrollment disclosures to assure that payments are not made to or for persons excluded from Medicare or Medicaid
  • Data-matching to confirm beneficiaries’ eligibility
  • Preventing the use of inactive or invalid provider numbers and coding edits
  • Terminating providers whose Medicaid participation has been terminated in other states

Recommendations for Providers

  • Invest in competent and qualified billing and coding personnel, and participate in ongoing education and training
  • Conduct regular internal audits, and retain third-party audits on a recurring basis
  • Emphasize compliance with threshold conditions of payment
  • Screen regularly to ensure personnel have proper credentials, have not been excluded from Medicare or Medicaid participation, and are practicing within the scope of their licenses
  • Routinely review internal data, noting any claims that are frequently denied, and track denials by code and provider
  • Review outliers whose numbers of procedures or dollar amounts are inconsistent with those of their peers
  • Develop new queries for monthly reports, such as spikes in utilization, readmissions, billing units or dosages and timed services
  • Modify training and counseling efforts as risk factors are identified
  • In the event of an audit, site visit or request from a recovery audit contractor (RAC), closely track each request and record all documents provided in response

For more information or assistance in reviewing or evaluating your compliance risk, please do not hesitate to contact any of our healthcare regulatory compliance lawyers.

This alert has been provided for clients and friends of McAfee & Taft A Professional Corporation. It does not provide legal advice, and is not intended to create a lawyer-client relationship. Readers should not act upon information in this alert without seeking professional counsel.