There are a number of different audits that are carried out by Medicare-contracted auditors. It’s important to know the differences and have a plan for responding.
CERT stands for Comprehensive Error Rate Testing and CERT audits were initiated in 2000. The program is responsible for measuring improperly paid claims. The CERT Program uses the following OIG-approved methodology:
A sample of approximately 120,000 submitted claims is randomly selected;
medical records from providers who submitted the claims are requested; and
the claims and medical records are reviewed for compliance with Medicare coverage, coding and billing rules.
RAC stands for Recovery Audit Contractor and began in early 2009. The RACs detect and correct past improper payments so that CMS and Carriers, FIs, and MACs can implement actions to stop future improper payments. RAC is currently focusing on inpatient services and physical therapy services. As of the date this post was published RAC was not focusing on physician services.
ZPIC (Zone Program Integrity Contractors) replaces the Medicare Program Safeguard Contractors (PSCs) and Medicare Drug Integrity Contractors (MEDICs) that are currently in use by CMS. ZPICs are be responsible for detection and deterrence of fraud, waste and abuse across all claim types. ZPICs have access to CMS National Claims History data, which can be used to look at the entire history of a patient’s treatment no matter where claims were processed. Being able to look at the overall picture will enable them to more readily spot over billing and fraudulent claims. Among other things, ZPICs will look for billing trends or patterns that make a particular provider stand out from the other providers in that community. Once a ZPIC identifies a case of suspected fraud and abuse, the issue is referred to the Office of Inspector General (OIG) for consideration and possible initiation of criminal or civil prosecution. ZPIC is widely considered to be the greatest threat to physician practices.
Seven ZPIC zones have been identified. The zones include the following states and/or territories and most have been assigned contractors:
Zone 1 – CA, NV, American Samoa, Guam, HI and the Mariana Islands http://www.safeguard-servicesllc.com/zpic.asp
Zone 2 – AK, WA, OR, MT, ID, WY, UT, AZ, ND, SD, NE, KS, IA, MO AdvanceMed was just purchased by NCI – site not current
Zone 3 – MN, WI, IL, IN, MI, OH and KY – not awarded
Log all requests for records from all payers. Time and date all communications received and all communications sent.
Scan all records sent and include a cover letter itemizing contents of response.
Send records via certified mail.
If you get a request for a large amount of records at one time, consider getting advice from a consultant or attorney who specializes in Medicare audits as a large scale record request may cripple the practice operations.
How can you be proactive before you get an audit letter?
Check the audit sites monthly to see if your specialty or any services you provide are being targeted for an audit.