BALTIMORE — Providers deemed a "high risk" to government
insurance programs — including prospective DMEPOS suppliers
— face a cadre of new screening tools including criminal
background checks and fingerprinting, according to a proposed
rule (CMS-6028-P) previewed Monday by CMS.
Scheduled to be published in the Sept. 23 Federal
Register, the rule would implement provisions in the
Affordable Care Act related to enrollment in Medicare, Medicaid and
the Children's Health Insurance Program (CHIP).
Under the proposal, all providers/suppliers would be classified
in one of three fraud risk categories:
Limited-risk entities would have to meet
enrollment requirements, licensing and database verification to
check such things as SSN and NPI, HHS OIG exclusion and tax
delinquency. The rule places physicians, non-physician
practitioners, medical clinics and group practices in this category
because they are state-licensed, and because CMS has not seen any
indications of an elevated fraud risk from this group, according to
the rule.
Providers/suppliers that are publicly traded on either the NYSE
or the NASDAQ also present only a limited risk because of their
financial oversight, CMS said. Other limited-risk entities under
the rule include ambulatory surgical centers, critical access
hospitals and skilled nursing facilities.
Moderate-risk providers would have to meet the
same requirements as those in the limited-risk category with the
addition of unscheduled site visits.
CMS puts currently enrolled DMEPOS suppliers at this risk level
(again with the exception of publicly traded companies), along with
currently enrolled home health agencies. Others in this category
include community mental health centers, comprehensive outpatient
rehabilitation facilities, hospice organizations, independent
diagnostic testing facilities, independent clinical labs and
non-public, non-government owned or affiliated ambulance
services.
High-risk providers, including prospective DME
suppliers and home health agencies, also deemed high risk, would
have to meet the initial requirements, pass unscheduled site visits
and, in addition, undergo criminal background checks and
fingerprinting.
According to CMS, fingerprint checks have never been used in
enrollment screening, and criminal background checks have only been
used sparingly. The rule says fingerprint checks will allow CMS to
verify an individual's identity, determine whether that person is
eligible for enrollment and prevent identity theft. The rule
proposes applying the new screening tools "to owners, authorized or
delegated officials or managing employees of any provider or
supplier within the 'high' level of risk."
If finalized, the new provisions would take effect March 23,
2011. Comments on the proposed rule are due Nov. 16.
CMS officials said the fraud prevention measures would help the
agency move from its current pay-and-chase approach to fraud
one that makes it harder to commit fraud in the first place.
"Our initiative will allow us to go beyond what we've always
called 'pay and chase' and to actually have the tools and
mechanisms to prevent much of the fraud we've seen in recent
years," Peter Budetti, director of CMS' new Center for Program
Integrity, said in an
interview with USA Today on the anti-fraud
measures.
The proposed rule also gives CMS new authority to suspend
payments when a "credible allegation" of fraud is being
investigated, including tips from consumers.
Other provisions in the rule would:
Give CMS the authority to impose a temporary moratorium on
enrollment in Medicare, Medicaid and CHIP to help "prevent or
fight" fraud. Suspensions would be in six-month intervals.
Impose a $500 application fee on all providers/suppliers (with
the exception of Part B medical groups or clinics and physicians
and non-physician practitioners submitting a CMS 855I for
enrollment in Medicare). The fee will apply to both first-time
enrollees and those currently enrolled who are revalidating their
status.
Require states to terminate providers from Medicaid and CHIP
when they have been terminated by Medicare or by a state Medicaid
or CHIP.
Solicit input on how to develop provider compliance programs,
now required under the Affordable Care Act.
CMS noted in the rule that its current payment system —
under which providers are paid and then Medicare chases after them
to recoup the money if discrepancies are found — "functions
reasonably well" when CMS seeks to recover overpayments from
legitimate providers. "It is not adequate when the fraud is
committed by sham operations that provide no services or supplies
and exist simply to steal from Medicare or Medicaid and thrive on
stealing or subverting the identities of beneficiaries and
providers," the agency said.
That's what industry advocates say they have been telling CMS
for years. USA Today also quoted the American Association
for Homecare's Michael Reinemer, who told the newspaper, "Nobody is
more anxious to stop fraud than we are because the legitimate
providers are the ones that suffer."
In a Tuesday update, AAHomecare said it has been "frustrated
that it has taken so many years for Medicare to deal effectively
with the fraud problem at the front-end rather than relying on the
pay-and-chase system of catching criminals after theft has
occurred."
The association pointed out that for the HME community,
mandatory accreditation by a CMS-approved accrediting body and a
surety bond requirement have been in place for a year. So critical
questions, the association said, are "What effect have those
measures had on criminal activity?" and "Have those measures had an
impact on fraud numbers?"
The association will submit written comments, including its
13-point
anti-fraud action plan, to the House Energy and Commerce
Subcommittee on Health, which is holding a hearing today on
"Cutting
Waste, Fraud and Abuse in Medicare and Medicaid."
Preview the proposed rule at www.ofr.gov/inspection.aspx.