Face to Face with Robert Liles, Esq

Douglas O'Dell (DOD): Were you surprised by the recent Congressional block of the 5.1% decrease in Medicare fees? And that they ultimately wound up with a 1.5% increase?

Robert Liles (RL): Yes, I was surprised. Despite their best efforts, most special interest groups, representing specialty providers, have failed in maintaining reimbursement levels. If Congress thinks margins are too generous they haven't hesitated to seek cuts.  While there has been some progress, it's unusual for associations to walk out with a complete win. Overall, associations and their lobbyists have only been marginally effective in convincing Congress that cuts are ill advised.

If you look back at reimbursement rate levels over the last 10 years, there's no question that Congress has consistently cut closer to the bone at every opportunity. When high margins are perceived in certain areas, cuts often ensue.  The fact is that the Medicare program is more costly than ever before.  Moreover, most providers have adopted business models that rely on Medicare reimbursement in order for the business to survive.  This fact isn't lost on Congress.  They recognize that they have providers over a barrel. Not many providers these days can afford to forego participation. At the end of the day, Medicare is going to be a low margin, relatively high volume business for many providers.

DOD: In a 2004 study conducted by Taxpayers Against Fraud, a national non-profit organization focused on the enforcement of the False Claims Act, health economist Jack Meyer estimated that for every dollar spent by the government, $13 is returned. So why doesn't CMS put more emphasis on better policing the system?

RL: Over the last decade, both the Department of Justice (DOJ) and the Department of Health and Human Services, Office of Inspector General (HHS-OIG) have substantially increased the amount of prosecutorial and investigative resources dedicated to health care fraud enforcement. When you think of HIPAA, most people think of the privacy provisions. But with HIPAA's passage came a special appropriation of funds to be used for additional law enforcement resources to finance anti-fraud health care enforcement activities. In 1997, the appropriation available was $104 million. That amount grew to more than $240 million in fiscal year 2003 to the present.

In the first six months of 2006, this program had already netted $1.02 billion from its efforts to reduce fraud.

This focus on accountability and enforcement will only continue to increase. I think that it's also important to remember that the days when compliance was optional are numbered. We're already seeing this trend. For example, Starting this month (January) companies that do at least $5 million a year in Medicaid business are required under the Deficit Reduction Act of 2005 to have a number of compliance mechanisms in place in order to participate in the program. They will have to teach their employees and officers how to detect fraud, waste and abuse. Health care providers also must tell employees that if they report fraud, they will be protected against retaliation and may be entitled to a share of money recovered by the government. I think that it's just a matter of time until Medicare participants will also be required to have a compliance plan in place.

In implementing a compliance plan, it is important that a provider recognize that the only thing worse than not having a compliance plan is having one and not following it.  If a physician has knowledge of how claims are supposed to be processed, identifies erroneous claims, and continues down the wrong path, the government may view their conduct as indicative of fraud.  Additionally, training is an essential element of all effective compliance programs.  Providers who choose to rely on coders and billers who aren't properly trained are just asking for problems. 

DOD: I understand one trade-off for the reduction block was the expansion of CMS' Recovery Audit Program (RAC) to all 50 states. For readers not familiar with RAC's, this is the pilot program launched in three states in early '05 as part of the Medicare Modernization Act to supplement CMS efforts in securing improper Medicare payments. CMS contracts with RAC's to uncover Medicare underpayments and overpayments and to collect the overpayments. The RAC gets a percentage. I've heard it described as a "bounty-hunter" system. Thoughts?

RL: RAC efforts should be a concern of all Medicare participants.  Please understand, no one is suggesting that overpayments shouldn't be returned.  Everyone agrees that providers have an obligation to ensure that billings are proper.  Nevertheless, there is a certain balance that is necessary to maintain both program integrity and a level of fairness in the system.  While RAC's have successfully identified millions of dollars in overpayments, I'm concerned that in many cases the basis for these overpayments may be technical errors or mistakes rather than substantive in nature.  Over the last few years, I have seen instances where Program Safeguard Contractors (PSC's) have sought to collect essentially all of the Medicare monies paid to a provider, in some cases covering a period of years, based on technical or administrative errors (e.g. lack of a PIN number), despite the fact that the services were properly ordered, medically necessary, the patients benefited and the provider was an authorized Medicare program participant.

The RAC system is likely subject to the same type of "overreaching," especially since the RAC will reap financial benefit from the assessment of overpayments.  It has been my experience that both CMS and HHS-OIG have exercised their enforcement authorities in a reasonable fashion with a degree of fairness.  I am concerned that PSC's and RAC's may not have the experience or the discretion to recognize that all errors are not the same and should not all be automatically treated as overpayments.

I believe it is shortsighted for Congress to permit PSC's and RAC's to take such unreasonable positions with providers.  At some point, providers may take the position that Medicare / Medicaid participation isn't worth the headaches, especially if CMS' agents intend to seek repayments based on mere technical mistakes or administrative omissions.

DOD: What happens when a provider asks a certified coder or an independent consultant to assess coding and billing procedures to ensure that the practice is getting all reimbursement it is entitled to, and the auditor instead finds that the provider has in fact been upcoding and submitting improper claims? What obligation or protection does the auditor have by law?

RL: It's important for a physician to understand that when they engage an outside certified coder or independent consultant to conduct a billing review, the findings (regardless of whether they are positive or negative) are unlikely to be privileged.  Prior to conducting such a review, a better practice would be for the provider to have outside counsel engage and direct the work of the billing consultant so that any findings are least arguably privileged.  If a physician is calling an auditor up about discreet questions about a practice, that's one thing - but if the auditor contracts with the physician, and they run across evidence of fraud, those findings would likely be discoverable and may be subpoenaed by the government.

Regardless of whether an outside certified coder is retained by counsel or directly by a physician, if problems are identified they must be addressed.  If an overpayment has occurred, it typically isn't a matter of whether the overpayment should be repaid, but rather how to best handle the repayment.

With regard to the scenario you have raised, outside certified coders and consultants who identify an overpayment should advise the physician to repay the monies.  However, upon completing a review, they often move on to their next project and don't know if follow-through has occurred.  In some cases, a provider may seek a second review or a legal assessment before deciding how to respond to the findings.  An outside certified coder has met their obligation in this regard.  The provider is responsible for ensuring that proper remedial steps are taken.

Another scenario might include a situation where an outside third-party billing company is engaged to handle the billings and collections for a physician.   Suppose they advise the provider "Dr. Smith, we have identified a problem. In many cases, your accompanying documentation doesn't support what you're billing."  While the third-party billing company has properly alerted the physician of their concerns, they are in a precarious position.  First, the physician will need to repay any overpayments that have been identified.  Second, remedial steps need to be taken to ensure that the documentation and coding fully supports the billings.  If the third-party billing company merely advises the physician yet continues to improperly bill for services (based on the lack of documentation or faulty coding submitted by the provider), they may find themselves included in a subsequent government investigation.  While they don't want to lose the business, the billing company could be putting itself at risk. If the physician continues to submit erroneous claims, the billing company must fire the client to ensure it isn't implicated along with the physician.

An outside coder/consultant has a better defense than the third-party billing company who is an integral component in the billing process.  Nevertheless, this situation may still be problematic.  Over time, the government may question the degree of an outside coder's involvement and perhaps argue that they somehow played a role in the submission of wrongful billings. 

Certified coders working for a physician should diligently work to ensure that coding is accomplished consistent with applicable rules and regulations.  In some cases, a physician may disagree with a coder's assessment.  Work through the issues; help educate the physicians regarding proper coding practices.  If a coder identifies improper coding, they should go to the doctor and advise them of the problem.  More often than not, a physician will appreciate knowing that a mistake has occurred and will readily correct any errors than have been identified.  A team approach, comprised of dedicated physicians, certified coders and trained billing personnel can go a long way towards better ensuring that claims are properly submitted for payment.

Robert Liles, Esq.,
is a health care fraud defense attorney based in Washington DC. His firm, Liles Parker, represents health care providers in both civil and criminal proceedings around the country. Prior to entering private practice, Mr. Liles served as the first National Health Care Fraud Coordinator, responsible for coordinating the health care fraud enforcement efforts for all 94 U.S. Attorney's Offices.  He was subsequently appointed to the position of Deputy Director for Legal Programs at the Department of Justice, Executive Office for United States Attorneys.  He also worked as an Assistant United States Attorney in the Southern District of Texas, Houston office, where he primarily handled False Claims Act cases. He currently serves on the faculty for the Georgetown University / National Institute of Trial Advocacy. He is a member of the American Health Lawyers Association. 

Mr. Liles may be reached at (202) 298-8750 or he may be e-mailed at rliles@lilesparker.com

Douglas O'Dell is the President/CEO of Practice Management Institute® (PMI), which provides training and certification for more than 40,000 medical office staff each year. For 25 years, PMIÒ has taught physicians and staff how to properly navigate complex regulations and secure accurate reimbursement. PMI programs focus on essential coding, reimbursement, compliance, and practice productivity issues. In 2004, the Centers for Medicare and Medicaid Services (CMS) named PMI as an example provider to be used to fulfill Medicare contractor coding certification requirements initiated as part of the Medicare Prescription Drug Improvement and Modernization Act of 2003 (MMA). PMI has certified more than 11,000 professionals through their three professional credentials, CMC, CMIS, and CMOM.

More information can be found at www.pmiMD.com