Taking Aim in 2013: The Government Points Two Barrels at Preventing and Punishing Healthcare Fraud and Abuse

A few weeks ago we posted on this Blog an article highlighting the “gathering storm” surrounding HIPAA enforcement and predicted an ominous future for hospitals and other providers who fail to develop and maintain adequate HIPAA compliance policies.  While there is no doubt the future is bleak for those unwilling to abide by HIPAA’s mandate, the forecast for providers who commit healthcare fraud is equally devastating.  This is because, in 2013, the federal government will attack healthcare fraud from two angles. First, the Office of Inspector General (“OIG”), per the terms of its 2013 Work Plan (“Work Plan”), will review many of the government’s anti-fraud efforts to maximize recovery of Medicare and Medicaid overpayments.  Second, many of the new anti-fraud provisions in the Affordable Care Act (“ACA”) will kick into high gear now that the result of the presidential election has guaranteed the law’s survival.  

This article analyzes the 2013 Work Plan and the ACA and offers providers a not-so-subtle tip: review your organization’s policies to be sure they are in compliance with Medicare and Medicaid billing requirements, because 2013 is shaping up to be a record-breaking year for fraud and abuse enforcement.

The 2013 OIG Work Plan

The 2013 Work Plan was released a few weeks ago and, not surprisingly, the OIG (the enforcement arm of the Department of Health and Human Services (“HHS”)) has again vowed to crack down on healthcare fraud and abuse.[i]  What may be surprising about the 2013 Work Plan, however, is that this year meaningful fraud prevention appears likely, if not guaranteed. 

Generally speaking, the Work Plan annually identifies providers and suppliers (for example, Home Health Agencies), government agencies and contractors (for example, state Medicaid Fraud Control Units), and federal rules and regulations (for example, HIPAA electronic health record requirements) that the OIG plans to assess during a fiscal year.  Using the Work Plan as a roadmap, the OIG identifies areas of noncompliance within the Medicare and Medicaid programs.  This year, the OIG has prioritized preventing fraudulent billing practices and recovering overpayments.  To that end, the 2013 Work Plan sets forth an agenda to analyze aspects of the Medicare and Medicaid programs that are particularly vulnerable to fraud and abuse.  Below are just a few areas the OIG will focus on in 2013.


–        Home Health Agencies: The OIG identified home health agencies – an industry that received $19.5 billion from Medicare and provided services to 3.4 million beneficiaries in 2010 – as being particularly susceptible to Medicare fraud.  To combat this problem, the OIG will review Medicare Administrative Contractor’s (“MAC’s”) oversight of home health agency claims to identify past overpayments and prevent future overpayments.

–        Diabetes Testing Supplies:  The Medicare Improvement for Patients and Providers Act of 2008 required a 9.5% reduction in fee schedules for diabetic testing supplies that are delivered by mail to Medicare beneficiaries.  The OIG will review claims data from 2011 to identify suppliers who distributed mail-order diabetic testing supplies but who billed as if they were dispensed from a physical location.  The 2013 Work Plan has identified this scheme as being vulnerable to fraud, and the OIG hopes a closer look at last year’s claims data will recover significant overpayments. 

–        Sleep Testing:  The OIG plans to review questionable billing practices for sleep study services provided to Medicare beneficiaries in 2009 and 2010.  The Work Plan cites a $172 million increase in payment for polysomnography between 2001-2009 as a reason to suspect significant fraud in this area.

Government Agencies and Contractors

–        Recovery Audit Contractors (“RACs”):  RACs are government contractors in charge of identifying Medicare overpayments and underpayments.  In 2013, the OIG will review the extent that RACs identified overpayments, identified vulnerabilities in provider billing processes, and made referrals of potential fraud and abuse in 2010 and 2011.  The OIG will also review the steps CMS took to investigate RAC reports of fraud and overpayment.

–        State Medicaid Fraud Control Units (“MFCUs”):  The Secretary of HHS has published 12 MFCU performance standards and has delegated her authority to the OIG to ensure compliance with these standards.[ii]  In this capacity, the OIG is required to certify MFCUs annually.  In 2013, the OIG will determine the extent that each state’s MFCU operates in accordance with the Secretary’s 12 published performance standards and identify both effective practices and areas in need of improvement.

Reinforcement and Review of Federal Rules and Regulations

–        Medicaid MCO’s Identification of Fraud:  All Medicaid MCOs are required to establish processes to detect, correct, prevent and report fraud.  However, because the federal rules requiring MCOs to establish these processes are so vague and generalized, the OIG has reported that more than 25% of Medicaid MCOs failed to report even a single case of suspected fraud in 2009.[iii]  The OIG will conduct a comprehensive review of Medicaid MCOs to determine if they are accurately reporting suspected fraud and abuse.

–        The Health Information Technology for Economic and Clinical Health Act (“HITECH”):  The proposed HITECH regulations provide $36 billion (with a “B”) in incentives for providers who use electronic health record systems (“EHR”) that have been certified by a CMS-authorized testing and certification body.  The OIG will identify fraud and abuse vulnerabilities specific to EHRs, and will determine how HITECH, via certified-EHR systems, can address these vulnerabilities.   

The 2012 Presidential Election and the Future of the Affordable Care Act

Generally speaking, when it comes to preventing fraud and abuse, the Work Plan adjusts its agenda annually to best identify programs, billing practices and government agencies that are susceptible to fraudulent billing practices.  It seeks to plug the holes that it can and move on; what a Work Plan doesn’t get to in one year, it will (hopefully) get to in the next.  In other words, although the 2013 Work Plan has identified fraud and abuse as a priority in 2013, there is no guarantee that it will lead to significant fraud and abuse enforcement.  The ACA’s anti-fraud provisions, on the other hand, empower those responsible for punishing fraud and guarantee long-lasting enforcement well into the future.  As opposed to the 2013 Work Plan, the ACA isn’t merely an annual referendum highlighting areas of potential vulnerability; it is a call to arms empowering the federal government with unprecedented resources to eradicate healthcare fraud.  

The results of the 2012 presidential election guarantee that the authority bestowed upon HHS, the OIG, the FBI and various other government entities by the ACA is here to stay.  In the two short years since being signed into law, the ACA has already had a significant impact on fraud prevention and punishment.  For example, minimum sentences have been escalated beginning with crimes that involve more than $1 million in losses, rigorous prescreening and enrollment criteria have been established to weed out dishonest providers, new technology is being developed to combat fraud, and Medicare and Medicaid overpayment recovery efforts have greatly improved.  Ideally healthcare fraud and abuse will decrease exponentially as these regulations and programs continue to grow and mature.

Preventing healthcare fraud – whether through programs envisioned by the ACA or not – continues to enjoy unwavering support on both sides of the political aisle.  Proponents of the ACA have leveraged this bipartisan support to create new government programs to crack down on healthcare fraud.  For instance, the Healthcare Fraud Prevention and Enforcement Action Team (“HEAT”) is a joint task force between HHS and the Department of Justice.  Co-directed by HHS Secretary Kathleen Sebelius and Attorney General Eric Holder, the creation of HEAT has “made the fight against Medicare a cabinet-level priority.”  HEAT’s mission, among other things, is “to gather resources across the government to help prevent waste, fraud and abuse in the Medicare and Medicaid programs.”  Since its inception in 2008, HEAT has charged over 1,400 defendants responsible for collectively falsely billing Medicare more than $4.8 billion – at least a 75% increase in convictions compared to any year before HEAT was created.

More recently, HEAT coordinated a seven-city sting operation that led to charging of 91 individuals collectively responsible for $429.2 million in fraudulent billing. In a press release after the sting operation, Secretary Sebelius praised the ACA stating that it “gives [HHS] new tools to better fight fraud and make Medicare stronger.”  The Secretary went on to state that HEAT will use these new tools to “stop future payments to many of the healthcare providers suspected of fraud, saving Medicare resources and taxpayer dollars from being lost to fraud in the first place.”


Through the ACA, the federal government is now armed with unprecedented power to prevent and punish healthcare fraud.  In addition to the ACA’s new anti-fraud directives, the 2013 OIG Work Plan will review current aspects of the Medicare and Medicaid programs to identify areas that are particularly vulnerable to fraud.  The federal government isn’t strictly focused on fraud intentionally committed by society’s most corrupt.  Rather, it has launched an “all hands on deck” approach to identify and recover any overpayment that results in a waste of taxpayer dollars.    As the government continues to throw money and resources at fraud prevention (the ACA alone has pledged an additional $350 million in funding over the next 10 years), it is more important than ever to be sure your organization is compliant with Medicare and Medicaid billing requirements.

[ii] The 12 standards were published at 59 Fed. Reg. 49080.

[iii] The federal rule requiring Medicaid MCOs to establish programs to identify fraud can be found at 42 CFR § 438.608.

About The Author

Tags: , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *