Medicare Audit Contractors Demand Providers Perform Self-Audits

Although the details of federally ordered auditing of providers have changed over the years, one thing remains the same.

We have lived for years under the Sword of Damocles – the continuing waves of healthcare audits by federal contractors. The names of the Medicare Recovery Audit Contractors (RACs) have changed over time. The program has changed. Some auditors have gone, some have stayed.

But what has not changed is the quality of their work. The coding consultants, attorneys, and statistical experts who help providers through the lengthy, arduous, and very expensive appeal process are familiar with the quality of their work. It can be sloppy, inaccurate, and filled with faults. On average, more than 60 percent of their decisions are overturned on appeal. This means that they are wrong more than half of the time. But they continue to collect money and even thrive in this protected market.

One might imagine that the auditors’ business model is to simply demand repayments from providers, however unreasonable, and then figure that a certain percentage will just pay up without a fight. For the others, there is a carefully managed obstacle course that makes the appeals process difficult and expensive.

This is not to say that there is never some wrongdoing here and there, but it likely is far less prevalent than claimed. And there is no way to fix this chronic problem with healthcare management in the United States. The system is too large and complex to be reformed.

The effects on healthcare providers have been devastating. Year after year, more providers either raise their prices or cut back their services in order to pay for legal and administrative expenses. Some doctors joke that “we spend more time doing paperwork than seeing patients.”

They are probably right.

One could examine the numbers, but what would be the use, anyway?

Target, Audit, Extract

The system has been built upon a three-step process – target, audit, extract. First, the Medicare auditor finds out who to target. To do this, they use simplistic data-mining techniques that compare averages and look for outliers. Second, they conduct audits. The audit is often a poorly executed statistical sample, combined with faulty and often arbitrary and inconsistent interpretation of the rules for what Medicare will pay for. My favorite rule interpretation was for an elderly lady (93 years old) in Florida who had broken ribs, was incontinent, and could not walk. In her case, the “rules” indicated that a hospital bed was not “medically necessary.”

Sometimes these decisions by auditors are so divorced from medical reality and patients, it is horrifying. Finally, a statistical extrapolation generates a repayment demand figure, from which the auditor takes its cut.

Data mining makes it possible to investigate patterns of claims filed by all Medicare providers. The system works like the secret police in the Soviet Union under Lavrentiy Beria, its head. He famously once said: “show me the man, and I’ll show you the crime.”

What he meant is that if anyone is investigated long enough and extensively enough, then it will be possible to come up with a crime.

Medicare audits use the same logic. These days, for-profit Medicare auditors act as bounty hunters for the government. For them the motto is: “show me a provider, and I’ll show you the overpayments.”

The Rise of Self-Audits

Now we may be seeing a new trend. It appears that auditors have developed a way to skip the middle step. They can go directly from “target” to “extract.” They do this by forcing the audit onto the shoulders of the healthcare provider.

Here is how it works. After finding a provider to target, the auditor sends a letter suggesting that a pattern in billing shows an anomaly. The letter states that the provider has 60 days to pay back the money that is owed. If not, they will be subject to qui tam-type damages.

These damages are severe. Here is how to calculate them: take the overpayment amount, then multiply it by three. We can call this the “base amount.” Next, count the number of claims considered to be in error. Take that number and multiply it by around $11,000 to $22,000 dollars per claim. Then add that to the base amount to get how much must be paid back.

With a giant number like that, it certainly provides a powerful incentive for the provider to perform its own audit. There is no way to go back over every single claim that has been filed, but statistical sampling can be used to make a reasonable estimation of what is owed, if anything. It’s a self-audit.

The difference is that the cost of a self-audit is shifted to the provider, which must hire the coding experts and statisticians, and at rates that are far more than what it costs the auditor to do the work.

We have not seen enough data yet, but it is reasonable to suspect that the type of sloppy statistical work that the auditors routinely apply will never be acceptable if it is done in a self-audit. Providers will be held to a much higher standard. Is that fair? Fairness has nothing to do with it.

So now we have come full circle. The Medicare auditors have figured out a way to avoid investing the time needed to audit a provider. They need only to scare them into auditing themselves, and paying for the audit themselves. Then they send in the money by themselves.

Now it is a two-step process: target, then extract.

The self-audit certainly makes the Medicare audit industry more efficient, at least if you measure efficiency from the point of view of the auditor. But for the Medicare system as a whole, it is another step backward into higher costs in healthcare.