Few know the federal False Claims Act (FCA; today found via 31 U.S.C. Sections 3729 through 3733) dates back to 1863 when the US government was battling to maintain geographic solvency amidst the Civil War and clashing with swindlers selling decrepit livestock, malfunctioning weapons, and rancid rations to the Union Army. In short, then and now, the FCA simply affords the United States government the ability to seek damages against any individual knowingly defrauding the government.
In healthcare, we think of claim audits often from Recovery Audit Contractors (RAC), which are companies auditing records for CMS. These firms are paid percentages of recovered dollars thus creating a perverse incentive for them to find and profit from healthcare provider wrongs. The Qui Tam provision of the FCA affords payment to “whistleblowers” whose tips or insider information help the government successfully prosecute healthcare providers. Millionaires have been minted seemingly overnight as a result of Qui Tam cases (View ABC News' 7 Richest Snitches: Time to Rat Out Your Boss?).
As a PQRS registry, we must conduct audits of the PQRS data submitted by our clients. We have to make certain data submitted by our clients indicating fulfillment of measures were, well, actually performed and documented. PQRS measure data may seem innocuous yet adequate submission mitigates payment loss (penalty avoidance) from CMS and if value-based modifier performance is elevated, has resulted in some Eligible Providers (EPs) partaking in a 30% payment bump… derived largely from monies recovered from those EPs unsuccessfully reporting. So, when PQRS (or Meaningful Use, Certified Electronic Health Record Tech, Value Based Modifier) data are submitted, there is an expectation that the work was actually performed AND documented. It is pretty similar to chart audits.
For chart audits, CMS 1500 or ANSI 837 files are reviewed. HCPCS (e.g., CPT) and ICD data are included in these claim files and CMS conduct audits (through RACs and MACs) to be certain the services for which they’ve paid have actually occurred. PQRS is no different. When a registry like Patient360 conducts an audit, we are verifying data submitted through our registry is substantiated in documentation. Like coding chart audits, sometimes the data is substantiated and other times, not so much.
In a recent audit, we found a client submitted elements of designated files but not all of the medical record necessary for Patient360 auditors to verify tests were performed, patient education conducted, referral to specialist managed, medication list updated, etc. While we don't think the client was/is being duplicitous, we are compelled to research the discrepancies to make certain we are comfortable that data we submitted actually meets minimum reporting thresholds. Like chart audits, the government affords us three options once an audit has been conducted.
- Inform the client of any discrepancy and assist in remediation… Detect and correct.
- Release (fire) non-compliant clients… If clients won’t change, distance yourself.
- Turn the non-compliant clients in to the Office of the Inspector General (OIG)… Undesirable FBI involvement.
Obviously, we prefer number 1 and avoid option 3 at all costs… it’s just not good for business. However, we have found Eligible Providers don’t always grasp the significance of these audits and the fact that we are trying to help them avert issues in the event of a “real” CMS audit.
To be clear, if CMS were to audit EP documentation to confirm existence of PQRS measure data parameters (and they do, every year), failure of such data to exist would result CMS recovery of any payments made as a result of successful PQRS reporting. In other words, CMS has used a 7-year statute of limitations on audits, and if an EP avoided a 2% payment penalty each year for 7 years, CMS could recover that 2% from each year with up to 18% compounded interest. In real money… say a provider generates annual Medicare payments of $100,000. The 2% is obviously only $2,000 but at 18% interest would be another $360… This $2,360 continues compounding (with each additional year’s recovery plus interest) up to the point of final recovery. On top of this, depending on how the data is conveyed to CMS, EPs may be convicted of wire or mail fraud, each carrying their own compounding penalties.
While Patient360 and other registries fully expect measure data submitted by our clients to be substantiated in documentation, Patient360 and other registries are obligated to verify. Further, clients and all healthcare professionals must be fully aware of the FCA and potential sanctions. The vast majority of healthcare providers are doing the right thing and attempting to comply with complex and often challenging rules and regulations. Don’t be caught off-guard and see hard-earned money recovered by CMS because your practice and team were ill-prepared or inadequately managing PQRS and other data measures. Small mistakes can be quite costly.