Big Brother Comes to Medicare: CMS Fingerprinting Protocols Begin

April 16, 2014

New rules will now require Medicare enrollees who are classified as “high risk,” to subject themselves to fingerprint-based background checks.

How would you like to receive a letter demanding that you appear for fingerprinting within 30 days?  What if the reason you were required to appear was due to the type of business you owned and nothing you or your company actually had done? 

According to a document recently posted on the CMS website of new rules will now require both current and future Medicare enrollees who are classified as “high risk,” to subject themselves to fingerprint-based background checks.  Eventually, all individuals holding a five percent 5 percent or greater stake in a Medicare supplier or provider categorized as “high risk” will be subject to this requirement. 

Who is considered high risk?  Right now, regulations appear to define “high risk” as providers and suppliers of durable medical equipment, prosthetics, orthotics and supplies (DMEPOS) or home health agencies (HHA).  However, the “high risk” category is defined at the discretion of the HHS secretary and could be expanded in the future. 

Although the stated purpose of the program is to weed out “bad actors,” it’s easy to see how such a program could itself be abusive and affect the rights of innocent individuals across the country. 

While the media presents stories of abusive Medicare providers on a daily basis, these providers actually represent a small number of those who do business with the Medicare program. 

Most individuals are hardworking Americans who do their best to run a healthcare business in a time of ever-changing and complex regulations.

Should the ownership of a certain business be the criteria for an expansive fingerprinting program?  Is this a net thrown too wide based on the actions of relatively few? Is this the best use of taxpayer dollars? Does this violate basic civil rights or is that simply the price one must pay to have the privilege of doing business with the government? Most importantly, who is next on the list of providers that will be subject to such a fingerprinting program: Physicians?

Until we know more about this program, here is some basic information:

1. Enhanced enrollment screening provisions are permitted pursuant to Section 640 of the Affordable Care Act.

2. This program is to begin in 2014.

3. An individual is required to be fingerprinted only once but CMS reserves the right to request additional fingerprints.

4. Individuals have 30 days from the date of the notification letter to be fingerprinted.  Individuals required to undergo the fingerprinting will incur the cost of fingerprinting. 

5. The FBI will compile a background history based on fingerprints within 24 hours and share results with the Fingerprint-Based Background Check contractor (FBBC). 

6. CMS, through the FBBC, will assess law enforcement data and provide a fitness recommendation to CMS. CMS will assess the recommendation and make a final determination.

7. CMS will rely on existing authority to deny enrollment applications and revoke existing Medicare billing privileges if a provider or supplier has submitted an enrollment application that contains false or misleading information. 

8. Providers or suppliers will be notified by CMS if a fingerprint-background check results in the denial of its enrollment application or revocation of its existing Medicare billing privileges.

Having represented my fair share of DMEPOS suppliers and HHAs, concerns posed by this program are astounding. If somebody is not approved, will that individual be given enough notice to transfer ownership before the business is shut down and patients scattered? What if there is a mistake in someone’s identity due to similar/same names? Is there a timely process to appeal decisions and findings?

Although there are certainly good reasons to increase the scrutiny of businesses receiving reimbursement from the Medicare program, this is a frightening direction for the government to push its fraud and abuse investigative authority. I suspect that one day soon the only way for a healthcare provider to preserve his or her remaining freedoms in this country will be to refuse to do business with Medicare.   To me, this seems contrary to the goal of best serving the healthcare needs of this country.