A brief guide for physician practices, including tips on protecting yourself against RAC audits.
In a series of recent discussions we have examined exposures like ELPI Insurance, cyber liability insurance, and the need for directors and officers coverage by many physicians and practice owners. Continuing our examination of commonly overlooked medical practice risk management issues we turn to today to the issue of Recovery Audit Contractor (RAC) Audits, or the government’s Recovery Audit Program.
What is a RAC Audit?
As many physicians know, RAC audits is part of the government’s program to reduce fraud, waste, and errors in healthcare insurance billing practices and Medicare and Medicaid in particular. Audits run as part of the test program between 2005 NS 2008 resulted in nearly $1 billion in compensation being returned to the Medicare Trust Fund by medical service providers, that $1 billion (approx) was the yearly dollar number by 2012.
Auditors are assigned regions of the country and conduct audits on providers in response to whistle-blower tips and complaints and as a result of irregularities and red-lag markers in billing and coding practices by “…providers that have a high propensity for error based on the Comprehensive Error Rate Testing (CERT) program and other CMS analysis,” according to information available at CMS’ website.
The site lists the following key reasons for determining overpayment:
-Incorrect payment amounts;
-Non-covered services (including services that are not reasonable and necessary under section 1862(a)(1)(A) of the Social Security Act);
-Incorrectly coded services (including DRG miscoding); and
- Duplicate services
Who do RAC Audits affect?
Almost any healthcare provider (including hospitals, doctors offices, home health care providers, nursing homes, or anyone else who submits bills to government programs such as Medicaid or Medicare) should prepare to be audited at some point.
What are the risks and burdens of a RAC Audit?
The auditors themselves work on a contingency fee basis and the five regional firms contracted by the government are paid up to 12.5 percent of all claims they successfully identify as invalid and which they collect. The burden this places on healthcare providers from both a resource, financial liability and record-keeping standpoint is significant, they can go back as far a three years and the maximum number of requests per 45 days is 400. The maximum request amount is per campus.
Campus is defined as one or more facilities under the same Tax Identification Number (TIN) located in the same area (using the first three positions of the ZIP code). This means two locations of your practice properly incorporated separately, with different tax ID numbers in the same city, could theoretically be required to produce and defend up to 800 files in a 45-day period. The average payment denied to hospitals, as one example, on automatic denial basis is nearly $600 and those defined as “complex” denials on larger cases average a loss or denial to the provider of nearly $6,000, yet more than 50 percent of hospitals say that they have had no training on avoiding payment errors from either CMS or its contracted RACs.
How do I protect myself and my practice against RAC Audits?
First, as with all effective defensive or preventative legal and financial planning, it’s better to identify the issues and correct them before a RAC auditor does it for you. Over the last few years a substantial industry of compliance auditors and software systems that will proactively identify and correct issues has emerged. Choose carefully, as some are law firms or accounting firms with specialized training and experience, some are software companies, and some are independent “consultants” with murky credentials that may or may not be of value.
Second, get your own professional audit counsel in place if your practice is subject to a RAC Audit. A significant percentage of claims are appealed and a percentage of those denials are overturned in the provider’s favor, but this seems to statistically favor hospitals over other providers.
Finally, and perhaps most importantly, insure yourself against the costs. There is RAC Audit liability coverage available that will help address the massive research cost and resource drain an audit creates.
A good policy may also cover expensive related exposures like:
• Medicare & Medicaid Audit (RAC Audit)
• Commercial Payer Audits
• STARK Violations
• HIPAA Compliance
• EMTALA Violations
Coverage is typically affordable and includes the costs of defending a healthcare provider such as legal fees, specialized consultants, secure document reproduction costs, and independent audit work in addition to the audit fines and penalties themselves.