Home  |   Subscribe  |   Resources  |   Reprints  |   Writers' Guidelines

February 28, 2011

Say Hello to Medicaid RACs
By Lisa A. Eramo
For The Record
Vol. 23 No. 4 P. 20

Brace yourself for the latest addition to the healthcare regulatory auditor family.

The Medicaid recovery audit contractor (RAC) program—an initiative of the Affordable Care Act—is set to officially kick off April 1, according to a proposed rule released by the Centers for Medicare & Medicaid Services (CMS) on November 5, 2010. Comments on the rule were due by January 10, and providers are currently waiting for the agency to publish a final rule.

What will yet another auditor mean for providers? You guessed it—a whole slew of new rules and requirements to understand, implement, and follow.

The CMS’ latest venture into the world of Medicaid shouldn’t come as a surprise, experts say. According to the proposed rule, the agency estimates the Medicaid RAC program will yield approximately $80 million in fiscal year 2011. By fiscal year 2015, it is expected to yield $330 million.

Providers should get used to the idea that third-party auditors—Medicaid included—will have the authority to cross-check claims, says Sara Kay Wheeler, a partner at King & Spaulding, LLP in Atlanta. “Providers are beginning to understand that the exploding contractor landscape is part of the new world and that there are simply going to be a greater number of entities that have the authority to ask for claims submission information to make a determination,” she says.

The expansion of the RAC program into Medicaid certainly sends a message to providers that there will be increased scrutiny of claims, says Holly Louie, chair of the Healthcare Billing and Management Association’s (HBMA) Ethics and Compliance Committee. “Providers need to be meticulous and careful in terms of what they code and bill because it’s going to be scrutinized,” she says. “The good old days of submitting a claim and getting paid are gone. That’s not how the world works now.”

However, introducing Medicaid RACs into an already stressful regulatory environment may result in negative long-term consequences, says Robert B. Burleigh, a past president of the HBMA who currently serves on the association’s Government Relations and Ethics and Compliance committees.

“It’s no secret that there are massive numbers of doctors who simply won’t see Medicaid patients because the payments are so poor. If the RAC program puts another thorn in the relationship … physicians may not want to bother with it. There is the risk that implementation of Medicaid RACs could reduce the number of [participating] providers,” he says.

Know the Basics
For now—and regardless of the program’s long-term effects—states and providers must understand how Medicaid RACs will fit into the complicated web of today’s auditor landscape.

Although some may assume the Medicaid and Medicare RAC programs will overlap in terms of design and structure, this couldn’t be further from the truth. In fact, as proposed, the Medicaid RAC program will be largely designed by individual states. This is unlike the Medicare RAC program, which has been procured and executed by the CMS at the federal level. However, one important characteristic remains the same between the two programs: Both Medicare and Medicaid RACs are expected to identify overpayments as well as underpayments.

The Medicaid RAC program will be state directed simply because Medicaid itself is a state-administered program that addresses the needs of each state’s eligible beneficiaries, says Angela Brice-Smith, director of the CMS’ Medicaid Integrity Group in Baltimore.
Allowing individual states to structure their own Medicaid RAC programs may ultimately be beneficial for providers because it may result in audits that are more closely aligned with each state’s unique Medicaid program, says Wheeler. “The fact that the states are controlling the procurement of the companies who are bidding to serve as Medicaid RACs makes sense because it’s the states that know how their programs work and the audit approaches that may be the most effective,” she says. “Who would be better to understand whether a company is competent to perform those audit services? Someone at the state level who’s familiar with the reimbursement methodologies, rules of eligibility, conditions of participation…? Or someone at the federal level who hasn’t been working directly with the reimbursement in that state?”

On the other hand, one disadvantage is that because programs will be state directed, there are currently no national standards for how Medicaid RACs will conduct audits, meaning the process will likely vary from state to state, says Wheeler. There also isn’t a national standard for the number of RACs with which a state must contract. According to the proposed rule, states may contract with “one or more” auditors.

The option for states to be able to contract with multiple auditors is deliberate, explains Brice-Smith. “If the expertise is more granular in certain parts of the state Medicaid program, the state can [employ] multiple RACs based on subject matter. It gives them more flexibility in terms of management,” she says.

In its proposed rule, the CMS allows states to determine the qualifications of Medicaid RACs, required personnel (eg, physicians and certified coders), contract duration, RAC responsibilities, time frames for completion of audits/recoveries, and audit look-back periods.

Individual states will also determine contingency fees. However, the CMS proposes general guidance under which states can use their own discretion. The proposed rule outlines the following two fee structures as suggested options:

• State A pays RAC B its fee when RAC B identifies and recovers an overpayment. If provider C appeals and wins at any stage, RAC B is required to return any portion of the contingency fee that corresponds to the amount of an overpayment that is overturned on appeal.

• State D pays RAC E its contingency fee at the point at which the recovery amount is fully adjudicated, meaning at the conclusion of any and all appeals available to provider F. State D pays RAC E a contingency fee based on the amount recovered.

When determining contingency fees, the CMS urges states to consider the level of effort to be performed by each RAC, the size of the state’s Medicaid population, the nature of the state’s Medicaid healthcare delivery system, and the number of Medicaid RACs engaged.

Each state’s payment methodology must incentivize the Medicaid RAC to identify underpayments. According to the proposed rule, state contingency fee payments to Medicaid RAC contractors will generally be capped at the highest Medicare RAC contingency rate. Currently, that rate is 12.5%. If a state exceeds this rate, it must seek approval from the CMS prior to implementing it. The CMS says it will make states aware of any modifications to this rate by publishing the information in the Federal Register no later than December 31, 2013.

“Certainly we recognize the difference between a state program vs. a national program. We may have to make some considerations around what the contingency fee rate should be,” says Brice-Smith. “We tried to incorporate this into the proposed rule, but it might be something that we have to give some real thought around in terms of whether we’re giving adequate flexibility to the states to perform a procurement action and attract vendors to their work.”

There’s also the topic of appeals. According to the proposed rule, states may incorporate Medicaid RAC appeals into administrative appeals infrastructures already in place within the state or they may establish a separate appeals process for RAC determinations. The CMS does not require states to adopt a new administrative review infrastructure specifically for Medicaid RAC appeals.

“Providers will need to follow what their state says in terms of how the Medicaid appeals process will work,” says Wheeler. This will be particularly important for providers spanning multiple states because they will need to be able to identify which entity serves as the Medicaid RAC(s) in each of those states as well as the state-specific appeals process, she adds.

However, just because the CMS is leaving much of the Medicaid RAC program design up to the states doesn’t mean it won’t provide guidance along the way. “We were very mindful of the experience on the Medicare side mainly because we didn’t want to re-create the wheel,” says Brice-Smith.

Nevertheless, in its comments to the CMS regarding the proposed rule, the American Hospital Association (AHA) says the CMS can—and should—do more to incorporate problems that were identified and addressed in the Medicare RAC demonstration program. This includes ensuring safeguards to prevent overzealous and aggressive payment denial patterns, inappropriate recoupments, and excessive record requests.

The association also advocates for oversight of the Medicaid RAC program by at least one staff person appointed by the Medicaid agency and a requirement for each RAC to designate a medical director and at least one full-time physician per 400,000 Medicaid discharges. In addition, the AHA says the CMS should require Medicaid RACs to implement a discussion period so providers can discuss denials before appealing.

Most—if not all—states will ultimately be required to participate in the Medicaid RAC program. In its proposed rule, the CMS says it will grant complete Medicaid RAC program exceptions only in rare and compelling circumstances.

In its comments on the proposed rule, the AHA says the exemption process should be more flexible, including exempting states with Medicaid Integrity Programs, a Medicaid managed care program, or another Medicaid audit program.

For now, it’s important for providers to understand that Medicaid RACs will not replace any other auditors, particularly Medicaid integrity contractors (MIC), which are entities with which the CMS has contracted on a federal level to perform audits of Medicaid providers. Medicaid RACs also will not replace zone program integrity contractors, the Medicaid Fraud Control Unit, or the Office of Inspector General (OIG), to name a few.

Identify Challenges
Although it’s still early in the implementation process, providers are already anxious about the operational and financial effects of the Medicaid RAC program. This is especially true for those who have been the unfortunate target of a Medicare RAC, an MIC, or another governmental audit, says Louie. “Some of the initial Medicare RAC findings and program integrity targets were overturned pretty frequently. It’s very costly, time consuming, and stressful to deal with this. Providers who have had this experience are probably very leery as compared with providers who haven’t had this experience at all,” she says.

Experts say multiple duplicative audits are a big concern for providers. In addition to Medicaid RAC audits, providers could also be facing state routine program integrity audits, MIC audits, OIG audits, or audits conducted by law enforcement organizations such as the U.S. Department of Justice and state Medicaid Fraud Control Units.

In its proposed rule, the CMS acknowledges that “although overlapping or multiple provider audits may be necessary,” it hopes to minimize the likelihood this will occur.

Minimizing duplicative audits may be easier said than done, says Wheeler. That’s because unlike Medicare RACs, which rely on a federal Medicare data warehouse to ensure that auditors don’t duplicate efforts, Medicaid RACs have no Medicaid data warehouse that auditors can tap for information.

However, even if such a database existed, there’s still no guarantee that providers would not get hit with audits for a Medicare and a Medicaid RAC audit on the same service. “That level of detail hasn’t been explained. I’m not so worried that this will become some plague on [providers] because if it becomes one, there will be enough noise made that it will be fixed,” says Burleigh.

In its proposed rule, the CMS says one solution to avoid duplicative audits is for states to establish a memoranda of understanding (ie, an agreement outlining an intended common line of action) with their Medicaid Fraud Control Unit, program integrity unit, or other law enforcement agency. However, the agency admits coordination may be a “challenge because of the number of other agencies or entities conducting audits.”

Another challenge is that some states have subpar policy and procedure manuals regarding provider documentation and coding rules, says Burleigh. Medicaid RACs in these states will essentially have no clear rules under which they can audit, he notes. “I think it’s going to be really hard for the states that have poor documentation or none at all to find a contractor that’s going to be willing to step into that situation,” he says. “This issue has been raised by providers in these states for years, and nothing has ever happened.”

Budgetary constraints pose another challenge. “I think one of the problems for many states is that they don’t have the budget to help with this. They’ve cut Medicaid programs, and this is rolling out as multiple other legislative requirements are coming forth,” says Louie.

Other challenges include the fact that, as proposed, there is no national limitation for how many records Medicaid RACs can request nor is there a CMS review process for issues RACs will be allowed to review—both of which could equal operational nightmares for providers down the road, says Wheeler.

The CMS has tried to take all these concerns into consideration as it drafts a final rule, says Brice-Smith. “We have been very sensitive to the voices at the state level in terms of budget challenges, furloughs, requests from governors, and the demands that all of this is placing on state resources. As a result, in the proposed rule, we actually solicited comments on that implementation date,” she says. “I suspect based on the anecdotal feedback we’ve been getting from states that there may be some comments on this date.”

Prepare Now
The key to provider preparation for Medicaid RAC audits or any other type of third-party audit is to think big, says Wheeler. “Providers really need to think about the whole spectrum of entities that can come in and ask for records and opine on whether the claims have been submitted accurately,” she says.

Provider education and preparation strategies will be primarily delegated to the states, says Brice-Smith. “In the statute, the expectation is for the states to do a lot of this activity and coordination. That’s not to say that we aren’t available to provide technical assistance. We’ve already done this to help states be prepared,” she says. “At this point, we want to get the rule finalized and then look for feedback from the states to determine what steps we need to take going forward to assist them.”

Will Medicaid RACs look at the same issues as Medicare RACs? “I think it’s certainly possible, and it shouldn’t be surprising if that happens,” says Brice-Smith. “If you examine where the greatest Medicaid expenditures are and the populations that drive those Medicaid dollars, it shouldn’t be surprising to see inpatient issues raised. That’s what we’ve seen on the Medicare side. Medicaid RACs might be interested in some of the same issues to the extent that the state policy is comparable.”

However, providers shouldn’t limit themselves to issues targeted by Medicare RAC auditors, cautions Wheeler. “I would expect that there may be other issues that the Medicaid RACs will target that will depend on the unique rules and regulations of Medicaid reimbursement,” she says.

When preparing for Medicaid RAC audits, refer to:

• Your state Medicaid agency. Some states, such as New York, have very active auditing programs that could provide a wealth of information. “If the state has already taken an internal assessment of provider issues, this information may just be handed over to the Medicaid RAC for further inquiries,” says Wheeler.

• Fiscal year 2011 OIG Work Plan.

• CMS Medicare RAC program evaluative report published in June 2008, which includes Appendix G (top services with overpayments) and Appendix H (top services with underpayments).

Lisa A. Eramo is a freelance writer and editor in Cranston, R.I., who specializes in healthcare regulatory topics, HIM, and medical coding.


• American Hospital Association comments on Medicaid recovery audit contractors (RACs): www.aha.org/aha/letter/2010/101220-cl-cms-6034.pdf

• New York Office of the Medicaid Inspector General 2011 Medicaid Work Plan: www.omig.ny.gov/data/images/stories/work_plan/omig_work_plan_2010_2011.pdf

• Fiscal Year 2011 Office of Inspector General Work Plan: http://oig.hhs.gov/publications/workplan/2011/FY11_WorkPlan-All.pdf

• Centers for Medicare & Medicaid Services Medicare RAC evaluative report: www.cms.gov/RAC/Downloads/RACEvaluationReport.pdf

• Medicaid RAC Proposed Rule: http://edocket.access.gpo.gov/2010/pdf/2010-28390.pdf