1
Statement of Work for the Recovery Audit Program
I. Purpose
The Recovery Audit Program’s mission is to reduce Medicare improper payments
through the efficient detection and collection of overpayments, the identification of
underpayments and the implementation of actions that will prevent future improper
payments.
The purpose of this contract will be to support the Centers for Medicare & Medicaid
Services (CMS) in completing this mission. The identification of underpayments and
overpayments and the recoupment of overpayments will occur for claims paid under the
Medicare program for services for which payment is made under part A or B of title
XVIII of the Social Security Act. The CMS expects that Recovery Auditors review all
claim types to assist the Agency in lowering the error rate and in identifying improper
payments that have the greatest impact on the Trust Fund.
This contract includes the identification and recovery of claim based improper payments.
This contract does not include the identification and/or recovery of MSP occurrences in
any format.
This contract includes the following tasks which are defined in detail in subsequent
sections of this contract:
1. Identifying Medicare claims that contain underpayments for which
payment was made under part A or B of title XVIII of the Social Security Act.
This includes the review of all claim and provider types and a review of
claims/providers that have a high propensity for error based on the
Comprehensive Error Rate Testing (CERT) program and other CMS analysis.
2. Identify and Recouping Medicare claims that contain overpayments for
which payment was made under part A or B of title XVIII of the Social Security
Act. This includes corresponding with the provider. This includes the review of
all claim and provider types and a review of claims/providers that have a high
propensity for error based on the CERT program and other CMS analysis.
3. For any recovery auditor identified overpayment that is appealed by the provider,
the recovery auditor
shall provide support to CMS throughout the administrative appeals process and,
where applicable, a subsequent appeal to the appropriate Federal court.
4. For any recovery auditor identified vulnerability, support CMS in developing an
Improper
Payment Prevention Plan to help prevent similar overpayments from occurring in
the future.
2
5. Performing the necessary provider outreach to notify provider communities of the
recovery auditor’s purpose and direction.
NOTE: The proactive education of providers about Medicare coverage and coding
rules is NOT a task under this statement of work. CMS has tasked FIs, Carriers, and
MACs with the task of proactively educating providers about how to avoid submitting
a claim containing a request for an improper payment.
II. Background
Statutory Requirements
Section 302 of the Tax Relief and Health Care Act of 2006 requires the Secretary of the
Department of Health and Human Services (the Secretary) to utilize Recovery Auditors
under the Medicare Integrity Program to identify underpayments and overpayments and
recoup overpayments under the Medicare program associated with services for which
payment is made under part A or B of title XVIII of the Social Security Act.
CMS is required to actively review Medicare payments for services to determine
accuracy and if errors are noted to pursue the collection of any payment that it determines
was in error. To gain additional knowledge potential bidders may research the following
documents:
• The Financial Management Manual and the Program Integrity Manual (PIM) at
www.cms.hhs.gov/manuals
• The Debt Collection Improvement Act of 1996
• The Federal Claims Collection Act, as amended and related regulations found in
42 CFR.
• Comprehensive Error Rate Testing Reports (see www.cms.hhs.gov/cert)
• Recovery Audit Program Status Document (see www.cms.hhs.gov/rac )
Throughout this document, the term “improper payment” is used to refer collectively to
overpayments and underpayments. Situations where the provider submits a claim
containing an incorrect code but the mistake does not change the payment amount are
NOT considered to be improper payments.
III. Transitions Transitions
Outgoing Recovery Auditor to Incoming Recovery Auditor
3
From time to time in the Recovery Audit Program, transitions from one Recovery
Auditor to another Recovery Auditor will need to occur (e.g., when the outgoing
demonstration Recovery Auditors cease work and the new incoming permanent Recovery
Auditors begin work). It is in the best interest of all parties that these transitions occur
smoothly.
The transition plan will include specific dates with regard to requests for medical records,
written notification of an overpayment, any written correspondence with providers and
phone communication with providers. The transition plan will be communicated to all
affected parties (including providers) by CMS within 60 days of its enactment.
Outgoing Claim Processing Contractor to Incoming Claim Processing Contractor
and its impact on Recovery Audit Program
At times CMS will transition the claim processing workload from one contractor to
another. CMS will review each transition independently taking into account the outgoing
and incoming contractor, the impact on the provider community, historical experience
and the recovery auditor relationship with the involved contractors to determine the
impact on the recovery audit program. The impact may vary from little to no impact to a
work stoppage in a particular area for a 3-6 month period of time (or more dependent on
the transition). The impact to the recovery audit program will be determined within 60
days of the announcement of the upcoming transition. Each impacted Recovery Auditor
will be required to submit a transition plan to CMS for approval. The lack of an
approved transition plan will result in a minimum transition time of 6 months.
IV. Specific Tasks
Independently and not as an agent of the Government, the Contractor shall furnish all the
necessary services, qualified personnel, material, equipment, and facilities, not otherwise
provided by the Government, as needed to perform the Statement of Work.
CMS will provide minimum administrative support which may include standard system
changes when appropriate, help communicating with Medicare contractors, policies
interpretations as necessary and other support deemed necessary by CMS to allow the
Recovery Auditors to perform their tasks efficiently. CMS will support changes it
determines are necessary but cannot guarantee timeframes or constraints. In changing
systems to support greater efficiencies for CMS, the end product could result in an
administrative task being placed on the Recovery Auditor that was not previously. These
administrative tasks will not extend from the tasks in this contract and will be applicable
to the identification and recovery of the improper payment.
Task 1- General Requirements
A. Initial Meeting with PO and CMS Staff
4
Project Plan - The Recovery Auditor's key project staff (including overall Project
Director and key sub Project Directors) shall meet in Baltimore, Maryland with the
PO and relevant CMS staff within two weeks of the date of award (DOA) to discuss
the project plan. The specific focus will be to discuss the time frames for the tasks
outlined below. Within 2 weeks of this meeting, the Recovery Auditor will submit a
formal project plan, in Microsoft Project, outlining the resources and time frame for
completing the work outlined. It will be the responsibility of the Recovery Auditor to
update this project plan. The initial project plan shall be for the base year of the
contract. The project plan shall serve as a snapshot of everything the Recovery
Auditor is identifying at the time. As new issues rise the project plan shall be
updated.
The project plan shall include the following:
1. Detailed quarterly projection by vulnerability issue (e.g. excisional
debridement) including: a) incorrect procedure code and correct procedure
code; b) type of review (automated, complex, semi-automated,
extrapolation); c) type of vulnerability (medical necessity, incorrect
coding…)
2. Provider Outreach Plan - A base provider outreach plan shall be
submitted as part of the proposal. CMS will use the base provider
outreach plan as a starting point for discussions during the initial meeting.
Within two weeks of the initial meeting the Recovery Auditor shall submit
to the CMS PO a detailed Provider Outreach Plan for the respective
region. The base provider outreach at a minimum shall include potential
outreach efforts to associations, providers, Medicare contractors and any
other applicable Medicare stakeholders.
3. Recovery Auditor Organizational Chart - A draft Recovery Auditor
Organization Chart shall be submitted as part of the proposal. The
organizational chart shall identify the number of key personnel and the
organizational structure of the Recovery Auditor effort. While CMS is not
dictating the number of key personnel, it is CMS’ opinion that one key
personnel will not be adequate for an entire region. An example of a
possible organizational structure would be three (3) key personnel each
overseeing a different claim type (Inpatient, Physician, and DME). This is
not prescriptive and CMS is open to all organizational structures. A
detailed organizational chart extending past the key personnel shall be
submitted within two weeks of the initial meeting. Any changes to the
Recovery Auditor’s original organizational chart (down to the first line
management) shall be submitted within seven business days of the actual
change being made to the Contracting Officer Technical Representative
(COTR). First line management is Recovery Auditor specific, and refers to
any individuals charged with the responsibility of overseeing audit
reviewers, analysts, customer service representatives, and any other staff
essential to recovery audit operations. The first line management may or
5
may not include personnel involved in day-to-day communications with
the CMS COTR. This excludes changes to key personnel which shall be
communicated immediately to CMS and approved by CMS before the
transition occurs.
B. Monthly Conference Calls
A minimum of two monthly conference calls to discuss the Recovery Auditor project
will be necessary.
1. On a monthly basis the Recovery Auditor’s key project staff will participate in
a conference call with CMS to discuss the progress of the work, evaluate any
problems, and discuss plans for immediate next steps of the project. The
Recovery Auditor will be responsible for setting up the conference calls,
preparing an agenda, documenting the minutes of the meeting and preparing
any other supporting materials as needed.
2. On a monthly basis the Recovery Auditor’s key project staff will participate in
a conference call with CMS to discuss findings and process improvements
that will facilitate CMS in paying claims accurately in the future. CMS will
be responsible for setting up the conference calls, preparing an agenda,
documenting the minutes of the meeting and preparing any other supporting
materials as needed.
At CMS’ discretion conference calls may be required to be completed more
frequently. Also, other conference calls may be called to discuss individual
items and/or issues.
C. Monthly Progress Reports
1. The Recovery Auditor shall submit monthly administrative progress reports
outlining all work accomplished during the previous month. These reports shall
include the following:
1. Complications Completing any task
2. Communication with FI/Carrier/MAC/DME MAC/QIC/ADQIC
3. Upcoming Provider Outreach Efforts
4. Update of Project Plan
5. Update of what vulnerability issues are being reviewed in the next month
6. Recommended corrective actions for vulnerabilities (i.e. LCD change, system
edit, provider education…)*
7. Update on how vulnerability issues were identified and what potential
vulnerabilities cannot be reviewed because of potentially ineffective policies
8. Update on JOAs
9. Action Items
10. Appeal Statistics
6
11. Problems Encountered
12. Process Improvements to be completed by Recovery Auditor
At CMS discretion a standardized monthly report(s) may be required. If a
standardized monthly report is required, CMS will provide the format.
*The majority of coverage policy in Medicare is defined through Local Coverage
Decisions (LCD). Therefore, LCDs typically provide the clinical policy
framework for Recovery Auditor medical necessity reviews. If a LCD is out of
date, technically flawed, ambiguous, or provides limited clinical detail it will not
provide optimal support for medical review decisions.
The Recovery Auditors will identify and report LCDs that can benefit from
central office evaluation and identify their characteristics (out of date, technically
flawed, ambiguous, and/or superficial). Identification of these LCDs will
improve the integrity of the Medicare program and the performance of the
Recovery Auditor program.
2. The Recovery Auditor shall submit monthly financial reports outlining all work
accomplished during the previous month. This report shall be broken down into
eight categories:
a. Overpayments Collected- Amounts shall only be on this report if the
amount has been collected by the FI/Carrier/MAC/DME MAC (in
summary and detail)
b. Underpayments Identified and Paid Back to Provider- Amounts shall only
be on this report if the amount has been paid back to the provider by the
FI/Carrier/MAC/DME MAC (in summary and detail)
c. Overpayments Adjusted- Amounts shall be included on this report if an
appeal has been decided in the provider’s favor or if the Recovery Auditor
rescinded the overpayment after adjustment occurred (in summary and
detail)
d. Overpayments In the Queue- This report includes claims where the
Recovery Auditor believes an overpayment exists because of an
automated or complex review but the amount has not been recovered by
the FI/Carrier/MAC/DME MAC yet
e. Underpayments In the Queue- This report includes claims where the
Recovery Auditor believes an underpayment exists because of an
automated or complex review but the amount has not been paid back to
the provider yet
f. Number of medical records requested from each provider (in detail) and
the amount paid to each provider (in detail) for the medical record requests
for the previous month
g. Number of medical reviews completed within 60 days
h. Number of reviews that failed to meet the 60 day review timeframe and
the rationale for failure to complete the reviews within 60 days
7
Reports a, b and c in #2 above shall also be included with the monthly
voucher to CMS.
All reports shall be in summary format with all applicable supporting
documentation.
At CMS discretion a standardized monthly report(s) may be required. If a
standardized monthly report is required, CMS will provide the format.
Unless alternative arrangements are approved, each monthly report shall be
submitted by the close of business on the fifth business day following the end of the
month by email to the CMS COTR and one copy accompanying the contractor’s
voucher that is sent to the CMS accounting office.
D. RAC Data Warehouse
CMS will provide access to the RAC Data Warehouse. The RAC Data Warehouse is
a web based application which houses many but not all RAC identifications and
collections. The RAC Data Warehouse includes all suppressions and exclusions.
Suppressions and exclusions are claims that are not available to the RAC for review.
The RAC will be responsible for providing the appropriate equipment so that they can
access the Data Warehouse.
E. Geographic Region
Unless otherwise directed by CMS through technical direction, the claims being
analyzed for this award will be all fee-for-service claims processed in Region ___
regardless of the providers’ or suppliers’ physical locations. Exception: Claims
processed by the legacy fiscal intermediary Wisconsin Physician Services (WPS)
will be subject to review exclusively by the Recovery Auditor with jurisdiction
over the provider’s physical location.
Once the legacy workload is transitioned to another intermediary or MAC, in
whole or in part, jurisdiction will fall to the Recovery Auditor in the destination
region and physical location will become irrelevant.
The incumbent Recovery Auditor, if not also the gaining Recovery Auditor, may
no longer review pre-transition claims and shall transfer themt o the new
Recovery Auditor or discard them as directed by CMS.
A map of the regions can be found in Appendix 2.
Task 2- Identification of Improper Payments
8
Identification of Medicare Improper payments
The Recovery Auditors(s) shall pursue the identification of all Medicare claim types
which contain improper payments for which payment was made or should have been
made under part A or B of title XVIII of the Social Security Act. Recovery Auditors are
required to comply with Reopening Regulations located at 42 CFR 405.980. Before a
Recovery Auditor makes a decision to reopen a claim, the Recovery Auditor must have
good cause and must clearly articulate the good cause in New Issue proposals and
correspondence (review results letters, ADR, etc) with providers. Additionally, Recovery
Auditors shall ensure that processes are developed to minimize provider burden to the
greatest extent possible when Identifying Medicare Improper payments. This may
include but is not limited to ensuring edit parameters are refined to selecting only those
claims with the greatest probability that they are improper and that the number of
additional documentation requests do not impact the provider’s ability to provide care.
To assist the Recovery Audit Program CMS works closely with the claim processing
contractors to establish monthly workload figures. These figures are generated after
consultation with the Recovery Auditor. The workload figures are typically modified
annually, with the option for modification if necessary. A Recovery Auditor’s failure to
meet established workload limits repeatedly without notice to the CMS COTR may result
in a lessening of future workload limits. Workload limits equate to the number of claims
that a claims processing contractor is required to adjust on a monthly basis.
Should the Recovery Auditor demonstrate a backlog of claims for a claims processing
contractor, and have projections showing the necessity for a higher sustained minimum
monthly workload, the CMS will consider increasing future workload limits.
A. Improper payments INCLUDED in this Statement of Work
Unless prohibited by Section 2B, the Recovery Auditor may attempt to identify
improper payments that result from any of the following:
• Incorrect payment amounts
(Exception: in cases where CMS issues instructions directing contractors to
not pursue certain incorrect payments made)
• Non-covered services (including services that are not reasonable and
necessary under section 1862(a)(1)(A) of the Social Security Act),
• Incorrectly coded services (including DRG miscoding)
• Duplicate services
For claims from the following provider types:
• Inpatient hospital
• Outpatient hospital
• Physician/Non-physician practitioner
• Home Health Agency
9
• Laboratory
• Ambulance
• Skilled Nursing Facility
• Home Health Agency
• Supplier
• Inpatient Rehabilitation Facility
• Critical Access Hospitals
• Long Term Care Hospitals
• Ambulatory Surgical Center
• Other
CMS conducts at a minimum an annual review of recovery auditor activities. In the past
the review has been conducted quarterly. If CMS has evidence to believe a recovery
auditor is not reviewing all claim/provider types CMS will issue an official warning to
the recovery auditor. This notification shall identify the specific claim/provider types
failing to be audited, shall include the documentation citations that support the
conclusions, and a CMS allotted time frame for Recovery Auditor correction. If the lack
of reviews continue CMS will consider recalling specific claim/provider type(s) from one
recovery auditor and giving the opportunity to review the claims/providers to another
CMS contractor. If this occurs, it will be a permanent change.
B. Improper payments EXCLUDED from this Statement of Work
The Recovery Auditor may NOT attempt to identify improper payments arising from any
of the following:
1. Services provided under a program other than Medicare Fee-For-Service
For example, Recovery Auditors may NOT attempt to identify improper
payments in the Medicare Managed Care program, Medicare drug card program
or drug benefit program.
2. Cost report settlement process and Medical Education payments
Recovery Auditors may NOT attempt to identify underpayments and
overpayments that result from Indirect Medical Education (IME) and Graduate
Medical Education (GME) payments.
3. Claims more than 3 years past the date of the initial determination
The Recovery Auditor shall not attempt to identify any overpayment or
underpayment more than 3 years past the date of the initial determination made on
the claim. The initial determination date is defined as the claim paid date. Any
overpayment or underpayment inadvertently identified by the Recovery Auditor
after this timeframe shall be set aside. The Recovery Auditor shall take no further
10
action on these claims except to indicate the appropriate status code on the RAC
Data Warehouse. The look back period is counted starting from the date of the
initial determination and ending with the date the Recovery Auditor issues the
medical record request letter (for complex reviews), the date of the overpayment
notification letter (for semi-automated reviews) or the date of the demand letter
(for automated reviews). Adjustments that occur after the 3 year timeframe can
be demanded and collected, however the Recovery Auditor shall not receive a
contingency fee payment.
Note: CMS reserves the right to limit the time period available for Recovery
Auditor review by Recovery Auditor, by region/state, by claim type, by provider
type, or by any other reason where CMS believes it is in the best interest of the
Medicare program to limit claim review. This notice will be in writing, may be
by email and will be effective immediately.
4. Claim paid dates earlier than October 1, 2007
The Recovery Audit program will begin with claims paid on or after October 1,
2007. This begin date will be for all states. The actual start date for a Recovery
Auditor in a state will not change this date. As time passes, the Recovery Auditor
may look back 3 years but the claim paid date may never be earlier than October
1, 2007. In other words the Recovery Auditor will only look at FY 2008 claims
and forward. The Recovery Auditor will not review claims prior to FY 2008
claim paid dates.
For example, in the state of New York a Recovery Auditor will be “live” in
March 2008. In March 2008, the New York Recovery Auditor will be able to
review claims with paid dates from October 1, 2007- March 2008. In December
2008, the New York Recovery Auditor will be able to review claims with paid
dates from October 1, 2007- December 2008.
Another example, in the state of Pennsylvania a Recovery Auditor will not be
“live” until January 2009 (or later). In January 2009, if the Recovery Auditor is
“live,” the Recovery Auditor in Pennsylvania will be able to review claims from
October 1, 2007- January 2009.
5. Claims where the beneficiary is liable for the overpayment because the
provider is without fault with respect to the overpayment
The Recovery Auditor shall not attempt to identify any overpayment where the
provider is without fault with respect to the overpayment. If the provider is
without fault with respect to the overpayment, liability switches to the
beneficiary. The beneficiary would be responsible for the overpayment and
would receive the demand letter. The Recovery Auditor may not attempt
recoupment from a beneficiary. One example of this situation may be a service
that was not covered because it was not reasonable and necessary but the
11
beneficiary signed an Advance Beneficiary Notice. Another example of this
situation is benefit category denials such as the 3 day hospital stay prior to SNF
admission.
Chapter 3 of the PIM and HCFA/CMS Ruling #95-1 explain Medicare liability
rules. Without fault regulations can be found at 42 CFR 405.350 and further
instructions can be found in Chapter 3 of the Financial Management Manual.
In addition, a provider can be found without fault if the overpayment was
determined subsequent to the third year following the year in which the claim was
paid. Providers may appeal an overpayment solely based on the without fault
regulations.
Therefore, the Recovery Auditor shall not identify an overpayment if the provider
can be found without fault. Examples of this regulation can be found in IOM
Publication 100-6, Chapter 3, and Section 100.7.
6. Random selection of claims
The Recovery Auditor shall adhere to Section 935 of the Medicare Prescription
Drug, Improvement and Modernization Act of 2003, which prohibits the use of
random claim selection for any purpose other than to establish an error rate.
Therefore, the Recovery Auditor shall not use random review in order to identify
cases for which it will order medical records from the provider. Instead, the
Recovery Auditor shall utilize data analysis techniques in order to identify those
claims most likely to contain overpayments. This process is called “targeted
review”. The Recovery Auditor may not target a claim solely because it is a high
dollar claim but may target a claim because it is high dollar AND contains other
information that leads the Recovery Auditor to believe it is likely to contain an
overpayment. A Recovery Auditor may receive provider referrals from other
CMS contracting entities and may (upon approval from CMS) perform provider
specific reviews. Referrals received for issues that have not yet been approved by
the new issue approval process for the Recovery Auditor within that region must
still comply with new issue approval process prior to audit initiation.
NOTE: The above paragraph does not preclude the Recovery Auditor from
utilizing extrapolation techniques for targeted providers or services.
7. Claims Identified with a Special Processing Number
Claims containing Special Processing Numbers are involved in a Medicare
demonstration or have other special processing rules that apply. These claims are
not subject to review by the Recovery Auditor. CMS attempts to remove these
claims from the data prior to transmission to the Recovery Auditors.
8. Prepayment Review
12
The Recovery Auditor shall identify Medicare improper payments using the post
payment claims review process. Any other source of identification of a Medicare
overpayment or underpayment (such as prepayment review) is not included in the
scope of this contract.
C. Preventing Overlap
1. Preventing overlap with contractor performing claim review and/or responsible
for recoveries.
In order to minimize the impact on the provider community, it is critical that the
Recovery Auditor avoids situations where the Recovery Auditor and another
entity (Medicare contractor, ZPIC/PSC, MAC or law enforcement) are working
on the same claim.
Therefore, the RAC Data Warehouse will be used by the Recovery Auditor to
determine if another entity already has the provider and/or claim under review.
The RAC Data Warehouse will include a master table of excluded suppressed
providers and excluded claims that will be updated on a regular basis. Before
beginning a claim review the Recovery Auditor shall utilize the RAC Data
Warehouse to determine if exclusion exists for that claim. Recovery Auditors are
not permitted to review suppressed or excluded claims. The Recovery Auditor
will be notified to cease all activity if a suppression is entered after the recovery
auditor begins its review; exclusions entered after recovery auditor reviews begin
shall be handled individually based on the timing of the other review.
Definition of Exclusions - An excluded claim is a claim that has already been
reviewed by another entity. This includes claims that were originally denied and
then paid on appeal. Only claims may be excluded. Providers may not be
excluded. Exclusions are permanent. This means that an excluded claim will
never be available for the Recovery Auditor to review.
The following entities may input claims into the master table for exclusion:
o Fiscal Intermediaries, A/B MACs and DME MACs
o Quality Improvement Organizations (QIO)
Program Safeguard Contractors/Zone Program Integrity Contractors
o Comprehensive Error Rate Testing (CERT) Contractor
o CMS Recovery Auditor COTR
2. Preventing Recovery Auditor overlap with contractors, CMS, DOJ, OIG and/or
other law enforcement entities performing potential fraud reviews.
13
CMS must ensure that Recovery Auditor activities do not interfere with potential
fraud reviews/investigations being conducted by other Medicare contractors or
law enforcement. Therefore, Recovery Auditors shall input all claims into the
RAC Data Warehouse before attempting to identify or recover overpayments.
(The master table described above will be utilized.)
Definition of Suppression - A suppressed provider and/or claim is a provider
and/or claim that are a part of an ongoing investigation. Normally, suppressions
will be temporary and will ultimately be released by the suppression entity.
The following contractors may input providers and/or claims into the master table
for suppression:
o PSCs/ZPICs, OIG, DOJ or other law enforcement
o CMS Recovery Auditor COTR
The CMS Recovery Auditor COTR may also issue a Technical Direction Letter (TDL)
that suppresses claims. Immediately upon receipt of such letter the Recovery Auditor
shall stop all work that could possibly affect the claims identified in the TDL, and make
system and process changes to implement the suppression before resuming work.
D. Obtaining and Storing Medical Records for reviews
Whenever needed for reviews, the Recovery Auditor may obtain medical records by
going onsite to the provider’s location to view/copy the records or by requesting that
the provider mail/fax or securely transmit the records to the Recovery Auditor.
(Securely transmit means sent in accordance with the CMS business systems security
manual – e.g., mailed CD, MDCN line, through a clearinghouse)
If the Recovery Auditor attempts an onsite visit and the provider refuses to allow
access to their facility, the Recovery Auditor may not make an overpayment
determination based upon the lack of access. Instead, the Recovery Auditor shall
request the needed records in writing.
When onsite review results in an improper payment finding, the Recovery Auditor
shall copy the relevant portions of the medical record and retain them for future use.
When onsite review results in no finding of improper payment, the Recovery Auditor
need not retain a copy of the medical record.
When requesting medical records the Recovery Auditor shall use discretion to ensure
the number of medical records in the request is not negatively impacting the
provider’s ability to provide care. Before contract award CMS will institute a
medical record request limit. Different limits may apply for different provider types
and for hospitals the limit may be based on size of the hospital (number of beds). The
limit would be per provider location and type per time period. An example of a
medical record limit would be no more than 50 inpatient medical record requests for a
14
hospital with 150-249 beds in a 45 day time period. CMS may enact a different limit
for different claim types (outpatient hospital, physicians, supplier, etc). The medical
record request limit may also take into account a hospital’s annual Medicare
payments.
The medical record request limit may not be superseded by bunching the medical
record requests. For example, if the medical record request limit for a particular
provider is 50 per month and the Recovery Auditor does not request medical records
in January and February, the Recovery Auditor cannot request 150 records in March.
All Medical Request letters must adequately describe the good cause for reopening
the claim. Good cause for reopening the claim may include but is not limited to OIG
report findings, data analysis findings, comparative billing analysis, etc.
The Recovery Auditor shall develop a mechanism to allow providers to customize
their address and point of contact (e.g. Washington County Hospital, Medical
Records Dept., attention: Mary Smith, 123 Antietam Street, Gaithersburg, MD
20879). By January 01, 2010 all Recovery Auditors shall develop a web-based
application for this purpose. All web-based applications shall be approved by the
CMS Project Officer. Recovery Auditors may visit the CERT Contractor’s address
customization website at http://www.certcdc.com/certproviderportal/verifyaddress.aspx for an
example of a simple but successful system. Each medical record request must inform
the provider about the existence of the address customization system.
NOTE: The Recovery Auditor is encouraged to solicit and utilize the assistance of
provider associations to help collect this information and house it in an easily updatable
database.
1. Paying for medical records
a. Recovery Auditors shall pay for medical records.
Should the Recovery Auditor request medical records associated with:
o an acute care inpatient prospective payment system (PPS) hospital
(DRG) claim,
o A Long Term Care hospital claim, the Recovery Auditor shall pay the
provider for producing the records in accordance with the current
formula or any applicable payment formula created by state law. (The
current per page rate is: medical records photocopying costs at a rate
of $.12 per page for reproduction of PPS provider records and $.15 per
page for reproduction of non-PPS institutions and practitioner records,
plus first class postage. Specifically, hospitals and other providers
(such as critical access hospitals) under a Medicare cost
reimbursement system, receive no photocopying reimbursement.
Capitation providers such as HMOs and dialysis facilities receive $.12
per page. Recovery Auditors shall comply with the formula calculation
15
found at 42 CFR §476.78(c). Recovery Auditors shall also ensure
compliance with any changes that are made to the formula calculation
or rate in future publications of the Federal Register.)
Recovery Auditors are required to pay for copying of the inpatient (PPS) and
Long Term Care hospital medical records on at least a monthly basis. For
example, a Recovery Auditor may choose to issue checks on the 10
th
of the
month for all medical records received the previous month. All checks should
be issued within 45 days of receiving the medical record.
Recovery Auditors shall develop the necessary processes to accept imaged
medical records sent on CD or DVD beginning immediately. Recovery
Auditors must remain capable of accepting faxed or paper medical records
indefinitely.
Recovery Auditors shall pay the same per page rate for the production of
imaged or electronic medical records. Recovery Auditors must ensure that
providers/clearinghouses first successfully complete a connectivity and
readability test with the Recovery Auditor system before being invited to
submit imaged or electronic records to the Recovery Auditor. The Recovery
Auditor must comply with all CMS business system security requirements.
At its discretion, CMS may institute a maximum payment amount per medical
record. Prior to becoming effective, this change would be communicated to
the provider community.
b. Recovery Auditors may
pay for medical records.
Should the Recovery Auditor request medical records associated with any
other type of claim including but not limited to the facilities listed in PIM
1.1.2, paragraph 2, the Recovery Auditor may (but is not required to) pay the
provider for producing the record using any formula the Recovery Auditor
desires.
2. Updating the Case File
The Recovery Auditor shall indicate in the case file (See Task 7; section G for
additional case record maintenance instructions.)
o A copy of all request letters,
o Contacts with ACs, CMS or OIG,
o Dates of any calls made, and
o Notes indicating what transpired during the call.
Communication and Correspondence with Provider- Database
To assess provider reaction to the Recovery Auditors and the Recovery Audit
16
Program, CMS will complete regular surveys with the provider community.
To help determine the universe of providers contacted by a Recovery Auditor,
the Recovery Auditor will have to supply a listing of all providers to CMS
and/or the evaluation contractor. CMS encourages the Recovery Auditor to
utilize an electronic database for all communication and correspondence with
the provider. This ensures tracking of all communication and allows for easy
access for customer service representatives. This also allows for easy
transmission to CMS in the event of an audit or when the listing for the
surveys is due. CMS expects the listing to be due no less than twice a year.
3. Assessing an overpayment for failing to provide requested medical record.
Pursuant to the instructions found in PIM 3.10 and Exhibits 9-12, the Recovery
Auditor may find the claim to be an overpayment if medical records are requested
and not received within 45 days. Prior to denying the claim for failure to submit
documentation the Recovery Auditors shall initiate one additional contact before
issuing a denial.
4. Storing and sharing medical records
The Recovery Auditor must make available to all ACs, CMS, QICs, OIG, (and
others as indicated by the PO) any requested medical record via a MDCN line.
Storing and sharing IMAGED medical records
The Recovery Auditor shall, on the effective date of this contract, be prepared
to store and share imaged medical records. The Recovery Auditor shall:
o Provide a document management system
o Store medical record NOT associated with an overpayment for 1 year,
o Store medical records associated with an overpayment for duration of
the contract,
o Maintain a log of all requests for medical records indicating at least the
requester, a description of the medical record being requested, the date
the request was received, and the date the request was fulfilled. The
RAC Data Warehouse will not be available for this purpose. The
Recovery Auditor shall make information about the status of a medical
record (outstanding, received, review underway, review complete, case
closed) available to providers upon request. By January 01, 2010 all
Recovery Auditors shall develop a web-based application for this
purpose. All web-based applications shall be approved by the CMS
Project Officer.
17
For purposes of this section sharing imaged medical records means the transmission of
the record on a disk, CD, DVD, FTP or MDCN line. PHI shall not be transmitted
through any means except a MDCN line, postal mail, overnight courier or a fax machine.
Upon the end of the contract, the Recovery Auditor shall send copies of the imaged
records to the contractor specified by the PO.
E. The Claim Review Process
1. Types of Determinations a Recovery Auditor may make
When a Recovery Auditor reviews a claim, they may make any or all of the
determinations listed below.
a. Coverage Determinations
The Recovery Auditor may find a full or partial overpayment exists if the service is
not covered
(i.e., it fails to meet one or more of the conditions for coverage listed below).
In order to be covered by Medicare, a service must:
i. Be included in one of the benefit categories described in Title
XVIII of the Act;
ii. Not be excluded from coverage on grounds other than 1862(a)(1);
and
iii. Be reasonable and necessary under Section 1862(a) (1) of the Act.
The Recovery Auditor shall consider a service to be reasonable and
necessary if the Recovery Auditor determines that the service is:
A. Safe and effective;
B. Not experimental or investigational (exception: routine
costs of qualifying clinical trial services with dates of
service on or after September 19, 2000 which meet the
requirements of the Clinical Trials NCD are considered
reasonable and necessary); and
C. Appropriate, including the duration and frequency that is
considered appropriate for the service, in terms of whether
it is:
Furnished in accordance with accepted standards
of medical practice for the diagnosis or treatment
of the patient's condition or to improve the
function of a malformed body member;
Furnished in a setting appropriate to the patient's
medical needs and condition;
Ordered and furnished by qualified personnel;
One that meets, but does not exceed, the patient's
medical need; and
18
At least as beneficial as an existing and available
medically appropriate alternative.
There are several exceptions to the requirement that a service be
reasonable and necessary for diagnosis or treatment of illness or
injury. The exceptions appear in the full text of §1862(a) (1) (A)
and include but are not limited to:
o Pneumococcal, influenza and hepatitis B vaccines are
covered if they are reasonable and necessary for the
prevention of illness;
o Hospice care is covered if it is reasonable and necessary for
the palliation or management of terminal illness;
o Screening mammography is covered if it is within
frequency limits and meets quality standards;
o Screening pap smears and screening pelvic exam are
covered if they are within frequency limits;
o Prostate cancer screening tests are covered if within
frequency limits;
o Colorectal cancer screening tests are covered if within
frequency limits; and
o One pair of conventional eyeglasses or contact lenses
furnished subsequent to each cataract surgery with insertion
of an interlobular lens.
Recovery Auditors must be very careful in choosing which denial type to
use since beneficiaries' liability varies based on denial type. Benefit
category denials take precedence over statutory exclusion and reasonable
and necessary denials. Statutory exclusion denials take precedence over
reasonable and necessary denials. Contractors should use HCFA Ruling
95-1 and the guidelines listed below in selecting the appropriate denial
reason.
Limitation of Liability Determinations
If a Recovery Auditor identifies a full or partial overpayment because an
item or service is not reasonable and necessary, the Recovery Auditor
shall make and document §§1879, 1870, and 1842(l) (limitation of
liability) determinations as appropriate. Because these determinations can
be appealed, it is important that the rationale for the determination be
documented both initially and at each level of appeal. Limitation of
Liability determinations do not apply to denials based on determinations
other than reasonable and necessary. See PIM Exhibits 14 - 14.3 for
further details.
b. Coding Determinations
The Recovery Auditor may find that an overpayment or underpayment exists if the
service is not correctly coded (i.e., it fails to meet one or more of the coding
requirements listed in an NCD, local coding article, Coding Clinic, or CPT .)
19
c. Other Determinations
The Recovery Auditor may determine that an overpayment or underpayment
exists if the claim was paid twice (i.e., a “duplicate claim”), was priced
incorrectly, or the claims processing contractor did not apply a payment policy
(e.g., paying the second surgery at 50% of the fee schedule amount).
2. Minor Omissions
Consistent with Section 937 of the MMA, the Recovery Auditor shall not make
denials on minor omissions such as missing dates or signatures if the medical
documentation indicates that other coverage/medical necessity criteria are met.
Any questions regarding whether a claim shall be denied for a minor omission
shall be directed to the COTR.
3. Medicare Policies and Articles
The Recovery Auditor shall comply with all National Coverage Determinations
(NCDs), Coverage Provisions in Interpretive Manuals, national coverage and
coding articles, local coverage determinations (LCDs) (formerly called local
medical review policies (LMRPs)) and local coverage/coding articles in their
jurisdiction. NCDs, LMRPs/LCD and local coverage/coding articles can be found
in the Medicare Coverage Data Warehouse
http://www.cms.hhs.gov/mcd/overview.asp). Coverage Provisions in Interpretive
Manuals can be found in various parts of the Medicare Manuals. In addition, the
Recovery Auditor shall comply with all relevant joint signature memos forwarded
to the Recovery Auditor by the project officer.
Recovery Auditors should not apply a LCD retroactively to claims processed
prior to the effective date of the policy. Recovery Auditor shall ensure that
policies utilized in making a review determination are applicable at the time the
service was rendered except in the case of a retroactively liberalized LCDs or
CMS National policy.
The Recovery Auditor shall keep in mind that not all policy carries the same
weight in the appeals process. For example, ALJs are not bound by LCDs but are
bound by NCDs and Rulings.
If an issue is brought to the attention of CMS by any means and CMS instructs the
Recovery Auditor on the interpretation of any policy and/or regulation, the
Recovery Auditor shall abide by CMS’ decision.
4. Internal Guidelines
As part of its process of reviewing claims for coverage and coding purposes, the
Recovery Auditor shall develop detailed written review guidelines. For the
purposes of this SOW, these guidelines will be called "Review Guidelines."
20
Review Guidelines, in essence, will allow the Recovery Auditor to operationalize
CMS policies to ensure consistent and accurate review determinations. Review
Guidelines shall are a step-by-step approach to ensuring coverage requirements
are met and to assist the reviewers in making logical decisions based on the
information in the supporting documentation. The Recovery Auditor need not
hold public meetings or seek public comments on their proposed review
guidelines. However, they must make their Review Guidelines available to CMS
upon request. Review Guidelines shall not create or change policy. In the
absence of CMS policy Review Guidelines shall be developed using evidence-
based medical literature to assist reviewers in making a determination.
5. Administrative Relief from Review in the Presence of a Disaster
The Recovery Auditor shall comply with PIM 3.2.2 regarding administrative
relief from review in the presence of a disaster.
6. Evidence
The Recovery Auditor shall only identify a claims overpayment where there is
supportable evidence of the overpayment. There are three primary ways of
identification:
a) Through “automated review” of claims data without human review of
medical or other records; and
b) Through “complex review” which entails human review of a medical
record or other documentation.
c) Through “semi-automated review” which entails an automated review using
claims data and potential human review of a medical record or other
documentation.
7. Automated Review vs. Complex Review
a. Automated Review. Automated review occurs when a Recovery Auditor makes a
claim determination at the system level without a human review of the medical
record.
i. Coverage/Coding Determinations Made Through Automated Review
The Recovery Auditor may use automated review when making coverage and
coding determinations only where BOTH of the following conditions apply:
there is certainty that the service is not covered or is incorrectly coded,
AND
a written Medicare policy, Medicare article or Medicare-sanctioned
coding guideline (e.g., CPT statement, Coding Clinic statement, etc.)
exists
When making coverage and coding determinations, if no certainty exists as to
whether the service is covered or correctly coded, the Recovery Auditor shall
21
not use automated review. When making coverage and coding
determinations, if no written Medicare policy, Medicare article, or
Medicare-sanctioned coding guideline exists, the Recovery Auditor shall
not use automated review. Examples of Medicare-sanctioned coding
guidelines include: CPT statements, CPT Assistant statements, and Coding
Clinic statements.)
EXCEPTION: If the Recovery Auditor identifies a “clinically unbelievable”
issue (i.e., a situation where certainty of noncoverage or incorrectly coding
exists but no Medicare policy, Medicare articles or Medicare-sanctioned
coding guidelines exist), the Recovery Auditor may seek CMS approval to
proceed with automated review. Unless or until CMS approves the issue for
automated review, the Recovery Auditor must make its determinations through
complex review.
ii. Other Determinations Made Through Automated Review
The Recovery Auditor may use automated review when making other
determinations (e.g. duplicate claims, pricing mistakes) when there is certainty
that an overpayment or underpayment exists. Written
policies/articles/guidelines often don’t exist for these situations.
b. Complex Review. Complex review occurs when a Recovery Auditor makes a
claim determination utilizing human review of the medical record. The Recovery
Auditor may use complex review in situations where the requirements for
automated review are not met or the Recovery Auditor is unsure whether the
requirements for automated review are met. Complex medical review is used in
situations where there is a high probability (but not certainty) that the service is
not covered or where no Medicare policy, Medicare article, or Medicare-
sanctioned coding guideline exists. Complex copies of medical records will be
needed to provide support for the overpayment.
c. Summary of Automated vs. Complex. The chart below summarizes these
requirements.
Complex Review
(with medical record)
Automated
(without medical record)
Coverage/Coding Determinations
Other
Determinations
(duplicates, pricing
mistakes, etc)
Written
Medicare
policy/article
or Medicare-
sanctioned
coding
No written
Medicare
policy/article
or Medicare-
sanctioned
coding
Written Medicare
policy/article or
Medicare-
sanctioned coding
guidelines exists
No written Medicare
policy/article or
Medicare-sanctioned
coding guidelines
exists
Certainty
exists
NO
Certainty
exists
Certainty
NO
Certainty
NO
22
guidelines
exists
guidelines
exists
exists
Certainty
exists
exists
Certainty
exists
Allowed
Allowed
(often called
“Individual
Claim
Determinations”)
Allowed
Not
allowed
Allowed
with prior
CMS
approval
(often called
“clinically
unbelievable”
situations)
Not
allowed
Allowed
Not
allowed
8. Semi-Automated Review
Semi-Automated Review is a two-part review. The first part is the identification of a
billing aberrancy through an automated review using claims data. This aberrancy has
high indexes of suspicion to be an improper payment. The second part includes a
Notification Letter that is sent to the provider explaining the potential billing error that is
identified. The letter also indicates that the provider has 45 days to submit
documentation to support the original billing. If the provider decides not to submit
documentation, or if the documentation provided does not support the way the claim was
billed, the claim will be sent to the Medicare claims processing contractor for adjustment
and a demand letter will be issued. However, if the submitted documentation does
support the billing of the claim, the claim will not be sent for adjustment and the provider
will be notified that the review has been closed. This type of review is to be used in
which a clear CMS policy does not exist but in most instances the items and services as
billed would be clinically unlikely or not consistent with evidence-based medical
literature.
The Recovery Auditor is not required to reimburse providers for the additional
documentation submitted for semi-automated reviews.
9. Individual Claim Determinations
The term “individual claim determination” refers to a complex review performed by a
Recovery Auditor in the absence of a written Medicare policy, article, or coding
statement. When making individual claim determinations, the Recovery Auditor shall
utilize appropriate medical literature and apply appropriate clinical judgment. The
Recovery Auditor shall consider the broad range of available evidence and evaluate
its quality before making individual claim determinations. The extent and quality of
supporting evidence is key to defending challenges to individual claim
determinations. Individual claim determinations which challenge the standard of
practice in a community shall be based on sufficient evidence to convincingly refute
evidence presented in support of coverage. The Recovery Auditor shall ensure that
their CMD is actively involved in examining all evidence used in making individual
claim determinations and acting as a resource to all reviewers making individual
claim determinations.
10. Staff Performing Complex Coverage/Coding Reviews
23
Whenever performing complex coverage or coding reviews (i.e., reviews involving
the medical record), the Recovery Auditor shall ensure that coverage/medical
necessity determinations are made by RNs or therapists and that coding
determinations are made by certified coders. The Recovery Auditor shall ensure that
no nurse, therapist or coder reviews claims from a provider who was their employer
within the previous 12 months. Recovery Auditors shall maintain and provide
documentation upon the provider’s request the credentials of the individuals making
the medical review determinations. This only includes a reviewer’s credentials.
Names and personal information are not required to be shared. If the provider
requests to speak to the CMD regarding a claim(s) denial the Recovery Auditor shall
ensure the CMD participates in the discussion.
11. Timeframes for Completing Complex Coverage/Coding Reviews
Recovery Auditors shall complete their complex reviews within 60 days from receipt
of the medical record documentation. Recovery Auditors may request a waiver from
CMS if an extended timeframe is needed due to extenuating circumstances. If an
extended timeframe for review is granted Recovery Auditors shall notify the provider
in writing or via a web-based application of the situation that has resulted in the delay
and will indicate that the Notification of Findings will be sent once CMS approves the
Recovery Auditor moving forward with the review. Unless granted an extension by
CMS, Recovery Auditors shall not receive a contingency fee in cases where more
than 60 days have elapsed between receipt of the medical record documentation and
issuance of the review results letter.
12.
DRG Validation vs. Clinical Validation
DRG Validation is the process of reviewing physician documentation and determining
whether the correct codes, and sequencing were applied to the billing of the claim. This
type of review shall be performed by a certified coder. For DRG Validations, certified
coders shall ensure they are not looking beyond what is documented by the physician,
and are not making determinations that are not consistent with the guidance in Coding
Clinic.
Clinical validation is a separate process, which involves a clinical review of the case to
see whether or not the patient truly possesses the conditions that were documented.
Clinical validation is beyond the scope of DRG (coding) validation, and the skills of a
certified coder. This type of review can only be performed by a clinician or may be
performed by a clinician with approved coding credentials.
13. Re-openings of Claims Denied Due to Failure to Submit Necessary Medical
Documentation (remittance advice code N102)
24
In cases where the Recovery Auditor denies a claim with remittance advice code
N102 (“This claim has been denied without reviewing the medical record because
the requested records were not received or were not received timely.”) and the denial
is appealed, the appeals department may, at CMS direction, send the claim to the
Recovery Auditor for reopening under certain conditions, listed in CMS Pub. IOM
100-04, chapter 34, §10.3. If this occurs, the Recovery Auditor shall conduct a
reopening of claims sent by the appeals department within 30 days of receipt of the
forwarded claim and requested documentation by the Recovery Auditor. In addition,
the Recovery Auditor shall issue a new letter containing the outcome of the review
and the information required by PIM chapter 3, §3.6.5.
14. Allowance of a Discussion Period
All providers receiving a demand letter and/or review results letter from the recovery
auditor are availed an opportunity to discuss the improper payment with the recovery
auditor. The recovery auditor can have an escalation process in plan for the
discussion period, however if the physician (or a physician employed by the provider)
requests to speak to a physician, that request must be acted upon. The request for a
discussion period shall be utilized to determine if the provider has other information
relevant to the payment of the claim. All discussion requests should be in writing and
shall be responded to by the recovery auditor within 30 days of receipt, unless the
recovery auditor is notified by the affiliated contractor of a provider initiated appeal.
If during the discussion period the recovery auditor is notified by the contractor that
the provider initiated the appeals process, the recovery auditor shall immediately
discontinue the discussion period and send a letter to the provider that the recovery
auditor cannot continue the discussion period once an appeal has been filed.
If the recovery auditor modifies the original improper payment identification, written
notification shall be sent to the provider so that the provider can share it with the
appropriate appeal entity if necessary. If the claim has already been forwarded to the
MAC for adjustment, the recovery auditor shall immediately notify the MAC that the
claim no longer requires adjustment or needs to be re-adjusted.
F. Activities Following Review
1. Rationale for Determination.
The Recovery Auditor shall clearly document the rationale for the determination.
This rationale shall list the review findings including a detailed description of the
Medicare policy or rule that was violated and a statement as to whether the
violation resulted in an improper payment. Recovery auditors shall ensure they
are identifying pertinent facts contained in the medical record to support the
review determination. Each rationale shall be specific to the individual claim
under review.
The Recovery Auditor shall make available upon request by any other ACs, CMS,
25
OIG, (and others as indicated by the PO) any requested rationale.
Storing and making available IMAGED rationale documents
The Recovery Auditor shall on the effective date of this contract be prepared
to store and share imaged medical records. The Recovery Auditor shall:
o Provide a document management system that meets CMS
requirements,
o Store rationale documents NOT associated with an overpayment for 1
year,
o Store rationale documents associated with an overpayment for the
duration of the contract,
o Maintain a log of all requests for rationale documents indicating at
least the requester, a description of the medical record being requested,
the date the request was received, and the date the request was
fulfilled. The RAC Data Warehouse will not be available for this
purpose.
Upon the end of the contract, the Recovery Auditor shall send copies of the
imaged rationale documents to the contractor specified by the PO.
2. Validation Process
a.
Validating the Issue
Recovery Auditors are encouraged to meet with the FIs, carriers, and
MACs in their jurisdiction to discuss potential findings the Recovery
Auditor may have identified. The Recovery Auditor may request that the
FI/Carrier/MAC review some claims in order to validate the accuracy of
the Recovery Auditor determination.
b.
Validating the New Issues at CMS or the RAC Validation Contractor
Once the Recovery Auditor has chosen to pursue a new issue that requires
semi-automated, complex or automated review, the Recovery Auditor
shall notify the PO of the issue in a format to be prescribed by the COTR.
The PO will notify the Recovery Auditor which issues have been selected
for claim validation (either by CMS or by an independent RAC Validation
Contractor). The Recovery Auditor shall forward any requested
information in a format to be prescribed by the PO. The PO will notify the
Recovery Auditor if/when they may begin issuing medical record request
letters (beyond the 10 test claims) and demand letters on the new issue.
The Recovery Auditor shall not issue any demand letters on issues that
26
have not approved by CMS. The Recovery Auditor may request up to 10
medical records when developing a test case for CMS to validate. The
Recovery Auditor shall not issue medical record requests beyond the 10
test claims without prior PO approval. CMS or the RAC Validation
Contractor may also evaluate the clarity, accuracy, and completeness of
the Recovery Auditor letter to providers.
Upon approval to review the issue the recovery auditor shall post the issue
name, description, posting date, state applicable provider type and any
relevant HCPCS code or DRG code to the Recovery Auditor website. A
separate page on the website shall be dedicated to new issues. By June 01,
2011, the new issue listing shall be sortable by at a minimum provider
type. Additional sort methodologies could include post date, state and
claim type.
Upon approval of the new issue by CMS, CMS reserves the right to share
new issues with all CMS review entities which may include, but is not
limited to, other recovery auditors in Medicare and Medicaid, MACs,
CERT contractor, and ZPICs.
3. Communication with Providers about Improper Payment Cases
The Recovery Auditor shall strive to send the provider only one review results per
claim. For example, a Recovery Auditor shall try NOT to send the provider a
letter on January 10 containing the results of a medical necessity review and send
a separate letter on January 20 containing the results of the correct coding review
for the same claim. Whenever possible, the Recovery Auditor shall wait until
January 20 to inform the provider of the results of both reviews in the same letter.
However, if both issues are not yet approved by CMS for widespread review, the
Recovery Auditor may issue one review results letter and reserve the right to
conduct another review in the future. Prior to completing an additional, different
review the Recovery Auditor shall notify the provider. The Recovery Auditor
shall not request the additional documentation again but shall afford the provider
the opportunity to submit additional documentation for the new review. The time
period for submission shall be the same as an original additional documentation
request.
It is acceptable to send one notification letter that contains a list of all the claims
denied for the same reason (i.e. all claims denied because the wrong number of
units were billed for a particular drug). In situations in which the Recovery
Auditor identifies two different reasons for a denial, a letter should be sent for
each reason identified. For example, if the Recovery Auditor identified a problem
with the coding of respiratory failure and denied several claim(s) because the
wrong procedure code and wrong diagnosis codes were billed, the Recovery
Auditor should send two separate letters. The first letter should list all claims in
which an improper payment was identified that contained the wrong procedure
27
code and the second letter should identify those denied because the wrong
diagnosis code was billed.
Recovery Auditors shall ensure that the date a claim was reopened (regardless of
the demand letter issue date) is documented and the rationale for good cause when
claims are reopened more than 12 months from date of the initial determination.
Including this information will lend credibility to Recovery Auditor
documentation if the Recovery Auditor determination is appealed. Recovery
Auditors shall clearly document the date the claim was reopened and the rational
for good cause in the Notification of Recovery Auditor Review Findings (for
initial determinations made by a Part A claims processing contractor), in the
demand letter (for initial determinations made by a Part B claims processing
contractor) and in all case files.
a.
Automated review
The Recovery Auditor shall communicate to the provider the results of
each automated review that results in an overpayment determination. The
Recovery Auditor shall inform the provider of which
coverage/coding/payment policy or article was violated. The Recovery
Auditor need not communicate to providers the results of automated
reviews that do not result in an overpayment determination. The
Recovery Auditor shall record the date and format of this communication
in the RAC Data Warehouse.
b. Complex review
The Recovery Auditor shall communicate to the provider the results of
every semi-automated and complex review, including cases where no
improper payment was identified. In cases where an improper payment
was identified, the Recovery Auditor shall inform the provider of which
coverage/coding/payment policy or article was violated. The Recovery
Auditor shall record the date and format of this communication in the
Recovery Auditor Data Warehouse.
c. Contents of Notification of Recovery Auditor Complex Review
Findings Letter
The Recovery Auditor shall send a letter to the provider indicating the
results of the review within 60 days of the exit conference (for provider
site reviews) or receipt of medical records (for Recovery Auditor site
reviews). If the Recovery Auditor needs more than 60 days, they are to
contact the Project Officer for an extension. Each letter must include:
• Identification of the provider(s) or supplier(s)--name, address,
and provider number;
• The reason for conducting the review (See Section SOW 2F-3);
28
• A narrative description of the overpayment situation: state the
specific issues involved which created the improper payment and
any pertinent issues as well as any recommended corrective actions
the provider should consider taking;
• The findings for each claim in the sample, including a specific
explanation of why any services were determined to be non-
covered, or incorrectly coded;
A list of all individual claims including the actual amounts
determined to be noncovered, the specific reason for noncoverage,
the amounts denied,
• For statistical sampling for overpayment estimation reviews, any
information required by PIM, chapter 3, section 3.10.4.4;
• An explanation of the provider’s or supplier’s right to submit a
rebuttal statement prior to recoupment of any overpayment (see
PIM Chapter 3, Section 3.6.6);
• An explanation of the procedures for recovery of overpayments
including Medicare’s right to recover overpayments and charge
interest on debts not repaid within 30 days, and the provider’s right
to request an extended repayment schedule;
• The provider appeal rights information;
• All demand letter requirements listed in Task 4, Section A-
Written Notification to Provider.
4. Determine the Overpayment Amount
a.
Full denials
A full denial occurs when the Recovery Auditor determines that:
i. The submitted service was not reasonable and necessary and no
other service (for that type of provider) would have been
reasonable and necessary, or
ii. No service was provided.
The overpayment amount is the total paid amount for the service in
question.
b.
Partial denials
A partial denial occurs when the Recovery Auditor determines that:
i. The submitted service was not reasonable and necessary but a
lower level service would have been reasonable and necessary, or
ii. The submitted service was upcoded (and a lower level service was
actually performed) or an incorrect code (such as a discharge status
code) was submitted that caused a higher payment to be made.
iii. The AC failed to apply a payment rule that caused an improper
payment (e.g. failure to reduce payment on multiple surgery cases).
29
Note: Other situations that are not categorized above should be brought to
the CMS PO’s attention before the Recovery Auditor sends notification to
the provider.
In these cases, the Recovery Auditor must determine the level of service
that was reasonable and necessary or represents the correct code for the
service described in the medical record. In order to determine the actual
overpayment amount, the claim adjustment will have to be completed by
the AC. Once the AC completes the claim adjustment, preferably via the
file-based mass adjustment process, the AC will notify the Recovery
Auditor through the RAC Data Warehouse (or another method instructed
by CMS) of the overpayment amount. The Recovery Auditor shall then
proceed with recovery. The Recovery Auditor can only collect the
difference between the paid amount and the amount that should have been
paid.
*How the adjustment is completed in the shared system may not
necessarily correlate with the Recovery Auditor contingency amount. For
example, a Recovery Auditor contingency amount could equate to the
difference between the full denial and any services determined by CMS to
be payable.
c.
Extrapolation
Recovery auditors are encouraged to use extrapolation for some claim
types when all requirements are met. Extrapolation may be cost effective
for low dollar claims that require complex review that have a history of
having a high error rate. Recovery auditors shall follow the procedures
found in PIM 3.10 and Exhibits 9-12, as well as MMA Section 935(a),
regarding the use of extrapolation. The use of extrapolation shall be
approved for each issue prior to beginning.
G. Potential Fraud
The Recovery Auditor shall report instances of potential fraud immediately to the
CMS PO. (See Task 7 section F on recalled cases)
H. Potential Quality Problems
The Recovery Auditor shall report potential quality issues immediately to the
appropriate CMS COTR.
I. Recovery Auditor Medical Director
30
Each Recovery Auditor must employ a minimum of one FTE contractor medical
director (CMD) and arrange for an alternate when the CMD is unavailable for
extended periods. The CMD FTE must be composed of either a Doctor of Medicine
or a Doctor of Osteopathy who has relevant work and educational experience. More
than one individual’s time cannot be combined to meet the one FTE minimum.
Relevant Work Experience
Prior work experience in the health insurance industry, utilization review firm or
health care claims processing organization,
Extensive knowledge of the Medicare program particularly the coverage and
payment rules, and
Public relations experience such as working with physician groups, beneficiary
organizations or Congressional offices.
Relevant Educational Experience
Experience practicing medicine as a board certified doctor of medicine or doctor
who is currently licensed.
All clinicians employed or retained as consultants must be currently licensed to
practice medicine in the United States, and the contractor must periodically verify
that the license is current. When recruiting CMDs, contractors must give preference
to physicians who have patient care experience and are actively involved in the
practice of medicine. The CMD's duties relevant to the Recovery Auditor are listed
below.
Primary duties include:
o Providing the clinical expertise and judgment to understand LCDs, NCDs and
other Medicare policy;
o Serving as a readily available source of medical information to provide
guidance in questionable claims reviews situations;
o Recommending when LCDs, NCDs, provider education, system edits or other
corrective actions are needed or must be revised to address
Recovery Auditor vulnerabilities;
o Briefing and directing personnel on the correct application of policy
during claim adjudication, including through written internal claim review
guidelines;
o Keeping abreast of medical practice and technology changes that may
result in improper billing or program abuse;
Other duties include:
31
o Interacting with the CMDs at other contractors and/or Recovery Auditors to share
information on potential problem areas;
o Participating in CMD clinical workgroups, as appropriate; and
o Upon request, providing input to CO on national coverage and payment policy,
including recommendations for relative value unit (RVU) assignments.
o Participating in CMS/Recovery Auditor presentations to providers and
associations
To prevent conflict of interest issues, the CMD must provide written notification to
CMS within 3 months after the appointment, election, or membership effective date if
the CMD becomes a committee member or is appointed or elected as an officer in any
State or national medical societies or other professional organizations. In addition,
CMDs who are currently in practice should notify CMS of the type and extent of the
practice.
J. Assisting CMS in the development of the Medicare Improper Payment
Prevention Plan
Through monthly calls, monthly reports and databases the Recovery Auditor shall
assist CMS in the development of the Medicare Improper Payment Prevention Plan.
The Medicare Improper Payment Prevention Plan is a listing of all Recovery Auditor
vulnerabilities identified that CMS may need to address through LCDs, NCDs,
provider education or system edits.
K. Communication with Other Medicare Contractors
1. Joint Operating Agreement
The Recovery Auditor shall be required to complete a Joint Operating Agreement
(JOA) with all applicable Medicare contractors (FIs, Carriers, DME MACs,
MACs, and other contractors as instructed by CMS) The JOA shall encompass all
communication between the Medicare contractor and the Recovery Auditor. The
JOA shall be a mutually agreed to document that is reviewed quarterly and
updated as needed. The JOA shall prescribe 1) agreed upon service levels and 2)
notification and escalation mechanisms with CMS involvement.
The MAC serves as the conduit to allow the recovery auditor to adjust claims and
recoup overpayments. The relationship between the MAC and the recovery
auditor is crucial to the success of the program. CMS has the following
expectations with the MAC/recovery auditor relationship:
-The MAC is a contractor of CMS and does not take direction from the recovery
auditor.
-Any communication issues with the MAC shall be brought to the attention of the
recovery auditor COTR at CMS so additional discussions with the appropriate
parties can be held.
32
-The MAC is responsible for adjusting the claims, applying recoupments,
uploading the RAC Data Warehouse when required and routine customer service
and requests from CMS.
The Recovery Auditor is responsible for identifying improper payments, issuing
demand letters timely and uploading the dates/amounts of those letters to the RAC
Data Warehouse, completing in depth customer service, performing all research
required to determine the status of a claim, answering CMS and answering all
correspondence unless otherwise instructed by CMS.
2. Referrals from CMS
CMS often gets referrals of potential improper payments from claim processing
contractors, program integrity contractors, external entities and OIG. At CMS discretion,
CMS may choose to forward the referral (provider, claims, issue…) to the Recovery
Auditor for the Recovery Auditor’s consideration. When a direct referral comes to the
Recovery Auditor from CMS, CMS reserves the right to enact the Payment Methodology
Scale B.
The largest source of referrals for which Payment Methodology Scale B will be enacted
will be improper payments identified and recouped by the Recovery Auditor from an
OIG report that was referred to the Recovery Auditor by CMS after June 30, 2010.
Referrals will be given to the Recovery Auditors via a Technical Direction Letter (TDL).
The TDL will include all information deemed necessary by CMS but may include a pre-
approval of the issue, language for the Recovery Auditor’s new issue section of the
website and edit parameters and/or review methodologies. This is not an all inclusive
listing of possible inclusions in the TDL. If necessary, CMS may require the Recovery
Auditors CMD and staff presence on a conference call with the OIG for explanation
purposes. Recovery Auditors shall ensure they report the issue as an OIG referral on the
New Issue form and shall follow the rest of the requirements in the Recovery Auditor
SOW regarding demand, collection, and reporting.
Outside of OIG reports the enactment of Payment Methodology Scale B will occur
individually and will be communicated to the Recovery Auditors in writing, by email
and/or Technical Direction.
Each referral sent to the Recovery Auditors by CMS will require a decision by the
Recovery Auditor within 30 calendar days. The decision point will be if the Recovery
Auditor intends to pursue the issue in its jurisdiction and when. Upon acceptance of the
issue the Recovery Auditor will have to track the progress and report back to CMS
periodically. Once the web-based referral tracking system is in place the tracking will
take place in it. Until then, the tracking shall occur in the Recovery Auditor’s monthly
report to the PO. Specific tracking guidance will be shared with the Recovery Auditors at
the time of the first referral.
If the Recovery Auditor chooses to not review the issue in their jurisdiction, CMS
reserves the right to give the issue to another contractor. This could be another Recovery
33
Auditor not associated with your jurisdiction that is responsible only for referrals from
CMS.
NOTE: CMS is developing a web-based referral tracking system. This system will be
available to all Medicare contractors, to CMS and to the Recovery Auditors to make and
track referrals. The Recovery Auditors will be required to review the referral tracking
system and to determine if the referral will be reviewed or not. The Recovery Auditor is
not required to act upon any referral. However, the Recovery Auditor is required to
update CMS with the decision and status. The expected timeframe for review and
decision is 30-45 days from the referral being entered into the system.
3. Referrals from the CERT program
Annually CMS releases the CERT program error rate. CMS will share claim type
specific information with the recovery auditors for their review If CMS has evidence to
believe a recovery auditor is not reviewing all claim/provider types with a high error rate
as determined by CMS, CMS will issue an official warning to the recovery auditor. This
notification shall identify the specific claim/provider types failing to be audited, shall
include the documentation citations that support the conclusions, and a CMS allotted time
frame for Recovery Auditor correction. If the lack of reviews continue CMS will consider
recalling specific claim/provider type(s) from one recovery auditor and giving the
opportunity to review the claims/providers to another CMS contractor. If this occurs, it
will be a permanent change.
Task 3- Underpayments
The Recovery Auditor will review claims, using automated or complex reviews, to
identify potential Medicare underpayments. Upon identification the Recovery Auditor
will communicate the underpayment finding to the appropriate affiliated contractor. The
mode of communication and the frequency shall be agreed upon by both the Recovery
Auditor and the affiliated contractor. If necessary, the Recovery Auditor shall share any
documentation supporting the underpayment determination with the affiliated contractor.
Neither the Recovery Auditor nor the AC may ask the provider to correct and resubmit
the claim, although the Recovery Auditor shall issue an Underpayment Notification
Letter including the claim(s) and beneficiary detail.
A sample letter shall be approved by the CMS COTR before issuing the first letter.
For purposes of the Recovery Auditor program, a Medicare underpayment is defined as
those lines or payment group (e.g. APC, RUG) on a claim that was billed at a low level of
payment but should have been billed at a higher level of payment. The Recovery Auditor
will review each claim line or payment group and consider all possible occurrences of an
underpayment in that one line or payment group. If changes to the diagnosis, procedure
or order in that line or payment group would create an underpayment, the Recovery
Auditor will identify an underpayment. Service lines or payment groups that a provider
34
failed to include on a claim are NOT considered underpayments for the purposes of the
program.
Examples of an Underpayment:
1. The provider billed for 15 minutes of therapy when the medical record clearly
indicates 30 minutes of therapy was provided. (This provider type is paid based
on a fee schedule that pays more for 30 minutes of therapy than for 15 minutes of
therapy)
2. The provider billed for a particular service and the amount the provider was paid
was lower than the amount on the CMS physician fee schedule.
3. A diagnosis/condition was left off the MDS but appears in the medical record.
Had this diagnosis or condition been listed on the MDS, a higher payment group
would have been the result.
The following will NOT be considered an underpayment:
1. The medical record indicates that the provider performed additional services such
as an EKG, but the provider did not bill for the service. (This provider type is paid
based on a fee schedule that has a separate code and payment amount for EKG)
2. The provider billed for 15 minutes of therapy when the medical record clearly
indicates 30 minutes of therapy was provided…however, the additional minutes
do not affect the grouper or the pricier. (This provider type is paid based on a
prospective payment system that does not pay more for this much additional
therapy.)
3. The medical record indicates that the provider implanted a particular device for
which a device APC exists (and is separately payable over and above the service
APC), but the provider did not bill for the device APC.
Provider Inquiries (Not requested by Recovery Auditor)
The Recovery Auditor will have no responsibility to randomly accept case files from
providers for an underpayment case review. If case files are received from providers that
were not requested by the Recovery Auditor, the Recovery Auditor may shred the record
requests. The Recovery Auditor is under no obligation to respond to the provider.
Medical Record Requests
The Recovery Auditor may request medical records for the sole purpose of identifying an
underpayment. If required, the Recovery Auditor will pay for all medical record
requests, regardless of if an underpayment or overpayment is determined.
Appeal of the Underpayment Determination
The normal appeal process is available to providers for all underpayment determinations.
35
Task 4- Recoupment of Overpayments
The Recovery Auditor(s) will pursue the recoupment of Medicare overpayments that are
identified through Task 2. The recovery techniques utilized by the Recovery Auditor
shall be legally supportable. The recovery techniques shall follow the guidelines of all
applicable CMS regulations and manuals as well as all federal debt collection standards.
Some guidelines specific to CMS include, but are not limited to, 42 CFR, the Debt
Collection Improvement Act of 1996, and the Federal Claims Collection Act, as
amended. The Recovery Auditor is required to follow the manual guidelines in the
Medicare Financial Management Manual, Chapter 3 & 4, as well as instructions in CMS
One Time Notifications and Joint Signature Memorandum unless otherwise instructed in
this statement of work or specifically agreed to by the PO.
Adjustment Process
The Recovery Auditor shall not attempt recoupment or forward any claim to the
FI/Carrier/MAC/DME MAC or the applicable CMS Data Center for adjustment if the
anticipated amount of the overpayment is less than $10.00 unless the recovery auditor is
choosing to review the claims using extrapolation. Claims less than $10.00 cannot be
aggregated to allow for demand unless extrapolation is used and if inadvertently
demanded the Recovery Auditor shall not receive a contingency fee on any amounts
recouped.
The Recovery Auditor shall not forward any claim to the FI/Carrier/MAC/DME MAC or
the CMS Data Center for adjustment if the anticipated amount of the underpayment is
less than $1.00.
The Recovery Auditor shall not forward claims to the FI/Carrier/MAC/DME MAC for
adjustment if the claim is incorrectly coded but the coding error is not expected to equate
to a difference in the payment amount. For example, HCPCS code xxxxx requires a
modifier for payment. Payment with the modifier is $25.50 per service. Without the
modifier payment is $25.50 per service. While the claim without the modifier is
incorrect, there is no overpayment or underpayment and the claim shall not be forwarded
for adjustment.
Sometimes when the system adjusts the claim for the Recovery Auditor identified
overpayment other lines are adjusted because of system edits. CMS calls these additional
lines associated findings. While the Recovery Auditor did not identify these lines for
adjustment, they were initiated because of the Recovery Auditor adjustment.
The Recovery Auditor receives credit for the entire claim adjustment and the Recovery
Auditor shall include these additional lines and denial reason codes on the written
notification to the provider.
Also, a Recovery Auditor identified adjustment may trigger the denial of the entire claim
because of a known Medicare Secondary Payer occurrence or a known instance of the
36
beneficiary’s enrollment in a managed care plan. If an entire claim is denied because of
managed care eligibility or a known MSP occurrence the Recovery Auditor will not
receive credit for the denial and will not receive credit for the adjustment identified by
the Recovery Auditor.
When partial adjustments to claims are necessary, the FI/Carrier/MAC/DME MAC shall
downcode the claim whenever possible. The Recovery Auditor will only be paid a
contingency payment on the difference between the original claim paid amount and the
revised claim paid amount. Some examples include DRG validations where a lower-
weighted DRG is assigned, claim adjustments resulting in a lower payment amount,
inpatient stays that should have been billed as outpatient, SNF…. If the system cannot
currently accommodate this type of downcoding/adjustments, CMS will work with the
system maintainers to create the necessary changes. This includes some medical
necessity claims.
37
Part B Adjustment Process
Step 2: File is adjusted by
Carrier/MAC/DME MAC or
associated data center. Several
return files are created: 1.
completed adjustments, 2. claims
with incorrect HIC numbers, 3.
claims with an incorrect claim
number
Step 3: Recovery Auditor
receives several files back from
the Carrier/MAC/DME MAC or
associated data center.
Recovery
Auditor sends written
notification to the provider of the
overpayment and researches
additional files to determine
correct claim
numbers and/or
HIC numbers
Step 1: Recovery Auditor sends
an electronic file through the
MDCN line to the
Carrier/MAC/DME MAC or
associated data center
Step 2A. Carrier/MAC/DME
MAC or associated data center
creates an accounts receivable
for the adjusted claim
38
Part A Adjustment Process
Step 2: Recovery Auditor
sends an electronic file
through the MDCN line to
the FI/MAC or associated
data center
Step 3: File is adjusted by
FI/MAC or associated data
center. Several return files
are created: 1. completed
adjustments, 2. claims with
incorrect HIC numbers, 3.
claims with an incorrect
claim number
Step 4: Recovery Auditor
receives several files back
from the FI//MAC or
associated data center.
Recovery Auditor researches
additional files when
necessary.
Step 1: Recovery Auditor
sends written notification to
the provider of the
identification of the
overpayment
39
In the demonstration each FI/Carrier/DME MAC and the Recovery Auditor worked
collaboratively to develop methods to automate adjustments. This was successful in
some areas and more difficult in others. In areas where automation was difficult
backlogs of claims requiring adjustment were created. With expansion of the Recovery
Auditor Program CMS realizes the need for standardization of all reporting and
automation. CMS is currently in the process of creating standard system changes to all
shared systems (FISS, MCS, and VMS). CMS does not have a completion date for the
system changes. Until CMS has complete system changes manual adjustments may be
required and it is possible backlogs will occur. While CMS will work with the
appropriate FI/Carrier/MAC/DME MAC and the Recovery Auditor to eliminate the
backlog, CMS will not compensate the Recovery Auditor for claims stuck in the backlog.
A. Written Notification of Overpayment
After the claim is adjusted and an accounts receivable is created, the Recovery Auditor
shall issue a demand letter to the provider. Since the accounts receivable and demand
letter begins interest accrual, includes appeal rights and begins recoupment timeframes it
is imperative that the demand letter be dated the same day as the accounts receivable
date. The Recovery Auditor is responsible for issuing the demand letter on the same date
as the accounts receivable is received from the MAC and is responsible for ensuring the
MAC is notifying the Recovery Auditor timely of the accounts receivable creation.
Failure to issue demand letters timely will result in the suspension of all recovery audit
activity in a jurisdiction/region. The recovery auditor is responsible for ensuring they are
receiving timely and accurate information from the MAC. The demand letter shall
include all necessary requirements specified in the Medicare Financial Management
Manual, Chapter 4, and section 90 (unless specifically excluded in this statement of
work). The CMS COTR shall approve a sample of all demand letters prior to use.
B. Recoupment through Current and/or Future Medicare Payments
Medicare utilizes recoupment, as defined in 42 CFR 405.370 to recover a large
percentage of all Medicare provider overpayments. “Recoupment” as defined in 42 CFR
405.370 is the recovery by Medicare of any outstanding Medicare debt by reducing
present or future Medicare provider payments and applying the amount withheld to the
indebtedness. Overpayments identified and demanded by the Recovery Auditor will also
be subject to the existing withholding procedures. The existing withhold procedures can
be found in the Medicare Financial Management Manual, Chapter 4, section 40.1.
Withholding of present and/or future payments will occur by the appropriate Medicare
FI/Carrier/MAC/DME MAC. These withhold procedures will be used for all provider
overpayments.
Once payments are withheld, the withhold remains in place until the debt is satisfied in
full or alternative payment arrangements are made. As payments are withheld they are
applied against the oldest outstanding overpayment. The debt receiving the payments
may or may not have been determined by the Recovery Auditor. All payments are first
40
applied to interest and then to principal. Interest accrues from the date of the demand
letter and in accordance with 42 CFR 405.378.
The Recovery Auditor will receive a contingency payment, as stated in the Payment
Methodology attachment, for all amounts recovered from withholding of present and/or
future payments that are applied to the principal amount identified and demanded by the
Recovery Auditor.
The Recovery Auditor should not stop recovery attempts strictly because recoupment of
the overpayment through current and/or future Medicare payments is being attempted.
Outside of the first demand letter and the Intent to Refer demand letter and the offset
process, the Recovery Auditor can determine the recovery methods they choose to utilize.
See the Medicare Financial Management Manual, Chapter 4 §20 and §90 for minimum
requirements of the Medicare FIs/Carriers/MACs/DME MACs. All recoupment methods
shall be explained in detail in the bidder’s proposal.
C. Repayment Through Installment Agreements
The Recovery Auditor shall offer the provider the ability to repay the overpayment
through an installment plan. The Recovery Auditor shall have the ability to approve
installment plans up to 12 months in length. If a provider requests an installment plan
over 12 months in length the Recovery Auditor shall forward a recommendation to the
appropriate regional office. The regional office will review the case and if the
recommended installment plan is over 36 months in length, the regional office will
forward the recommendation to Central Office for approval. The Recovery Auditor shall
not deny an installment plan request. However, the Recovery Auditor may recommend
denial. All recommended denials shall be forwarded to the appropriate regional office for
review. If necessary the regional office will request Central Office
assistance. If an installment plan requires assistance from the Regional or Central Office,
the package shall include all documents listed in the Medicare Financial Management
Manual, Chapter 4, Section 50.3. When reviewing all installment agreements the
Recovery Auditor shall follow the guidelines in section 1893(f) (1) of the Social Security
Act as amended by section 935(a) of the Medicare Prescription Drug, Improvement and
Modernization Act of 2003.
The Recovery Auditor will receive a contingency payment based on the principal amount
of each installment payment. As the provider submits monthly payments, the Recovery
Auditor shall receive the applicable contingency payment for the principal amount
received.
D. Referral to the Department of Treasury
The Debt Collection Improvement Act of 1996 (DCIA) requires federal agencies to refer
eligible delinquent debt to a Treasury designated Debt Collection Center for cross
servicing and further collection activities, including the Treasury Offset Program. CMS
is mandated to refer all eligible debt, over 180 days delinquent, for cross servicing.
41
Per DCIA referral criteria, “delinquent” is defined as debt: (1) that has not been paid (in
full) or otherwise resolved by the date specified in the agency’s initial written notification
(i.e., the agency’s first demand letter), unless other payment arrangements have been
made, or (2) that at any time thereafter the debtor defaults on a repayment agreement.
Debts ineligible for referral include:
• Debts in appeal status (pending at any level);
• Debts where the debtor is in bankruptcy;
• Debts under a fraud and abuse investigation if the contractor has received specific
instructions from the investigating unit (i.e., Office of Inspector General or Office
of General Counsel, etc.) not to attempt collection;
• Debts in litigation (“litigation” means litigation which involves the federal
government as a party; it does not include litigation between the debtor and some
party other than the federal government);
• Debts where the only entity which received the last demand letter is the employer
and the employer is a Federal agency (MSP debts only);
• Debts where the debtor is deceased;
• Debts where CMS has identified a specific debt or group of debtors as excluded
from DCIA referral (MSP debts only);
• Debts where there is a pending request for a waiver or compromise;
• Debts less than $25.00 (for non-MSP this amount is principal only; for MSP this
amount is principal and interest);
• Debts of $100 or less where no TIN is available.
The Recovery Auditor shall refer all debt to the claim processing contractor within a
time frame that allows for the claim processing contractor to issue the “intent to refer”
letter before the debt is 130 days delinquent. The Recovery Auditor is required to cease
all recovery efforts once the debt is referred to the Department of Treasury. Once the
overpayment referred is it is no longer the responsibility of the Recovery Auditor.
E. Compromise and/or Settlement of Overpayment
The Recovery Auditor shall not have any authority to compromise and/or settle an
identified or possible overpayment. If a debtor presents the Recovery Auditor with a
compromise request, the Recovery Auditor shall forward the overpayment case and all
applicable supporting documentation to the CMS PO for direction. The Recovery
Auditor must include its recommendation on the request and justification for such
recommendation. If the debt is greater than $100,000, the package must include a
completed Claims Collection Litigation Report (CCLR). If the provider presents the
Recovery Auditor with a settlement offer or a consent settlement request, the Recovery
Auditor shall forward the overpayment case and all applicable supporting documentation
to the CMS PO for direction. If CMS determines that a compromise and/or settlement is
in the best interests of Medicare, the Recovery Auditor shall receive a contingency
payment for the portion of principal that was recouped, providing that the Recovery
42
Auditor initiated recoupment by sending a demand letter prior to the compromise and/or
settlement offer being received.
F. Voluntary/Self-Reported Overpayments by the Provider
If a provider voluntarily self-reports an overpayment after the Recovery Auditor issues a
demand letter or a request for medical record, the Recovery Auditor will receive a
discounted contingency fee based on the Payment Methodology Scale. In order to be
eligible for the contingency fee, the type and dates of service for the self-reported
overpayment must be in the Recovery Auditor’s most recently approved project plan.
o If the provider self-reports this kind of case to the Recovery Auditor, the
Recovery Auditor shall document the case in its files and the RAC Data
Warehouse, and forward the check to the appropriate Medicare contractor.
o If the provider self-reports this kind of case to the Medicare contractor, the
Medicare contractor will notify the Recovery Auditor. The Recovery Auditor will
document the case in its files and the RAC Data Warehouses. Timeframes
associated with the reporting of the voluntary/self-reported overpayment shall be
addressed in the JOA between the Recovery Auditor and the AC/MAC.
The Recovery Auditor shall cease recovery efforts for the claims involved in the self-
report immediately upon becoming aware (i.e., when the Recovery Auditor is notified by
the Medicare contractor, the provider, etc.)
If a provider voluntarily self-reports an overpayment, and the self-reported overpayment
does NOT involve the same types of services for which the Recovery Auditor had issued
a demand letter or a request for medical records, then the Recovery Auditor is not entitled
to a contingency fee amount.
o If the provider self-reports this kind of case to the Recovery Auditor, the
Recovery Auditor shall forward the check to the appropriate Medicare contractor.
o If the provider self-reports this kind of case to the Medicare contractor, the
Recovery Auditor need take no action.
The Recovery Auditor may continue recovery efforts since the overpayment the provider
self- reported involved a different provider/service combination.
Unsolicited/Voluntary Refunds (by check or claims adjustment, including those due to
credit balances)
Occasionally the AC may receive an unsolicited/voluntary refund from a provider. An
unsolicited/voluntary refund is a refund that is submitted to the AC without a demand
letter. It is a situation where the provider realizes that a refund is due the Medicare
program and refunds the money to the AC. By definition, an unsolicited/voluntary
refund (by check or by claims adjustment) must occur before a demand letter is issued.
43
The Recovery Auditor shall not receive any contingency payment on an
unsolicited/voluntary refund.
G. Recoupment During the Appeals Process
The Recovery Auditor shall ensure that all demand letters initiated as a result of an
identified overpayment in Task 2 contain provider appeal rights, where applicable.
If a provider files an appeal with the appropriate entity within the appropriate timeframes,
the Recovery Auditor shall follow all CMS guidance regarding Section 1893(f) (2) of the
Social Security Act as amended by section 935(a) of the Medicare Prescription Drug,
Improvement, and Modernization Act of 2003 regarding the limitation on recoupment.
If Section 935(a) is applicable following all CMS guidelines, once the Recovery Auditor
is notified of the appeal request, the Recovery Auditor shall cease all recovery efforts. If
a provider instructs the Recovery Auditor that it has filed an appeal, the Recovery
Auditor shall cease recovery efforts and confirm the appeal request with the CMS Project
Officer or its delegate. After the reconsideration level of the appeal process (completed
by the Qualified Independent Contractor (QIC)) is adjudicated (or the first level of appeal
if the QIC reconsideration process has not been implemented yet), the Recovery Auditor
shall resume recovery efforts if the decision was not favorable to the provider.
The aging of the provider overpayment for debt referral purposes will cease while
recovery efforts are stopped during the appeal process. Interest shall continue to
accrue, from the date of the demand letter, throughout the appeals process.
H. Interest
Regulations regarding interest assessment on determined Medicare overpayments and
underpayments can be found at 42 CFR 405.378. Interest will accrue from the date of the
final determination and will either be charged on the overpayment balance or paid on the
underpayment balance for each full 30-day period that payment is delayed. The interest
rate in effect on the date of final determination is the rate that will be assessed for the
entire life of the overpayment. When payments are received, payments are first applied
to any accrued interest and then to the remaining principal balance. Contingency fees are
based upon the principal amounts recovered. All payments are applied to interest first,
principal second.
I. Customer Service
The Recovery Auditor shall provide a toll free customer service telephone number in all
correspondence sent to Medicare providers or other prospective debtors. The customer
service number shall be staffed by qualified personnel during normal business hours from
8:00 a.m. to 4:30 p.m. in the applicable time zone. For example, if the Recovery Auditor
is conducting the work in California the customer service number shall be staffed from
8:00am to 4:30pm Pacific standard time. Customer service staff shall be available to
44
providers on all business days except for federal holidays. After normal business hours, a
message shall indicate the normal business hours for customer service. All messages
playing after normal business hours or while on hold shall be approved by the CMS
Project Officer before use.
The staff answering the customer service lines shall be knowledgeable of the CMS
recovery audit program. The staff shall have access to all identified improper payments
and shall be knowledgeable of all possible recovery methods and the appeal rights of the
provider. If need be, the staff person that identified that the improper payment shall
return the call within 1 business day. The Recovery Auditor shall provide a translator for
Spanish speaking providers or other prospective debtors. This translator shall be
available within 1 business day of the provider’s original call.
The Recovery Auditor shall utilize a Quality Assurance (QA) program to ensure that all
customer service representatives are knowledgeable, being respectful to providers and
providing timely follow-up calls when necessary. The QA program shall be described in
detail in the proposal.
The Recovery Auditor shall respond to written correspondence within 30 days of receipt.
The Recovery Auditor shall provide the CMS Project Officer with copies by fax and
mailed hard copy, of all correspondence (including email) indicating displeasure with the
Recovery Auditor, in the overpayment identification, or in the recovery methods utilized,
within ten (10) calendar days of receipt of such correspondence. (If the Recovery
Auditor is not sure how the correspondence will be interpreted, it should forward the
correspondence to the CMS COTR.)
The Recovery Auditor shall respond to all discussion requests within 30 days of receipt.
The incoming discussion request and the written reply as well as any supporting
documentation shall be included in the case file.
The Recovery Auditor shall provide remote call monitoring capability to CMS personnel
in Baltimore or the regional offices, if directed by the CMS COTR. The Recovery
Auditor phone system must notify all callers that the call may be monitored for quality
assurance purposes.
The Recovery Auditor shall retain a written report of contact for all telephone inquiries
and supply it to the CMS PO within 48 hours of it being when requested. At a minimum,
the written report shall include the provider name, phone number, date and reason for the
call to the Recovery Auditor, the response to the inquiry, and the outcome of the call.
The Recovery Auditor shall respond to all email inquiries within 2 business days of
receipt. (Friday after 5:00 pm- Monday 6:00 am and all federal holidays are excluded)
This includes requests from CMS as well as inquiries from providers and other external
entities.
The provider outreach plan should include a component on customer service and should
45
be updated with the project plan, as needed. CMS may stop recovery work in a particular
region if evidence leads CMS to believe the customer service plan is not appropriate
and/or effective. This “stop order” would be effective until CMS was satisfied with all
improvements made in the customer service area.
Task 5- Supporting Identification of Overpayments in the Medicare Appeal Process
and/or in the DCIA Process.
Providers are given appeal rights for the majority of Medicare overpayments determined
during the post payment review process. If a provider chooses to appeal an overpayment
determined by the Recovery Auditor, the Recovery Auditor shall assist CMS with
support of the overpayment determination throughout all levels of the appeal.
This includes providing supporting documentation (including the medical record) with
appropriate reference to Medicare statutes, regulations, manuals and instructions when
requested, providing assistance, and representing CMS at any hearings associated with
the overpayment when requested by CMS.
Providers shall request an appeal through the appropriate Medicare appeals process. A
third party shall adjudicate all appeal requests related to provider overpayments identified
by the Recovery Auditor. This third party may be the current Medicare contractor, a
third party contractor identified by CMS, a Qualified Independent Contractor, an
Administrative Law Judge, or HHS’ Departmental Appeals Board’s Medicare Appeals
Council. Some recovery claims may eventually be appealed to the appropriate Federal
court. If the Recovery Auditor receives a written appeal request it shall forward it to the
appropriate third party adjudicator within one business day of receipt. If the appropriate
Medicare contractor is not known, the Recovery Auditor shall contact the CMS PO
within one business day of receipt for assistance. If the Recovery Auditor receives a
verbal request for appeal from a provider, the Recovery Auditor shall give the provider
the telephone number of the appropriate Medicare contractor and inform them that their
verbal request does not suspend the permissible time frame for requesting an appeal as set
forth in the demand letter.
The appropriate Medicare contractor will notify the Recovery Auditor and the CMS PO
of the appeal request and the outcome of each applicable appeal level. This notification
will occur at least one a month.
Additionally the Recovery Auditor must provide support, as needed, if the debt is
disputed outside of the formal administrative appeals process after being returned to the
local contractor (or a third party as designated by CMS) for further collection action
including referral to the Department of the Treasury for further debt collection activities.
Task 6a- Reporting of Identified, Demanded and Collected Medicare Overpayments
and Identified Medicare Underpayments
The Recovery Auditor will be required on a monthly basis to provide the CMS PO or its
46
delegate with detailed information concerning overpayments and underpayments that
have been identified, overpayments that have been demanded and overpayments that
have been fully or partially collected. The Recovery Auditor shall have supporting
documentation for all line items on the report. This report will be due no later than the
fifth (5
th
) business day of the following month. Task 1, C.2 contains additional
information required in the monthly financial reports.
Data Warehouse Reporting of Possible/Identified Improper Payments
CMS utilizes a Data Warehouse to house information on potential and outstanding
improper payments under the Recovery Auditor realm of responsibility. This Data
Warehouse stores outstanding overpayment data, determination dates, principal and
interest amounts, the status of the overpayment and allows CMS to prepare detailed
and/or summary reports from various data included in the Data Warehouse.
Below summarizes when a Recovery Auditor shall enter data into the Data Warehouse.
1) RAC chooses claim for potential review (automated or complex) and uploads
required elements to the RAC Data Warehouse. If the claim is suppressed or
excluded (initially or at any point in the review) the RAC stops work
immediately.
2a) COMPLEX REVIEW: RAC updates the Data Warehouse with the medical
record request date, date of provider’s extension request and revised due date (if
applicable), date of receipt, date of RAC’s request for review period extension
and revised date granted by CMS (if applicable), results letter sent date and date
claim sent to the MAC/EDC for adjustment (if applicable).
2b) AUTOMATED REVIEW: RAC updates the Data Warehouse with date claim
sent to the MAC/EDC for adjustment.
2c) SEMI-AUTOMATED REVIEW: RAC updates the Data Warehouse with the
advisory letter date and (as applicable) the date of provider’s extension request
and revised due date, date of records receipt, date of RAC’s request for review
period extension and revised date granted by CMS, results letter date and date
claim sent to the MAC/EDC for adjustment.
3) Recovery Auditor receives the improper payment amount and receivable/payable
information from the FI/carrier/MAC/DME MAC/EDC. The Recovery Auditor
receives such information for the purpose of conducting their audit operations,
and shall not be held responsible for updating the RAC Data Warehouse with
payment information but shall be responsible for uploading the date the finalized
adjustment was received from the claims processing contractor.
4) Recovery Auditor updates the Data Warehouse with the date of its demand letter
or no demand letter, as well as the demanded amount (negative values for
underpayments).
47
RAC Data Warehouse Reporting and Recovery Auditor Invoices
The RAC Data Warehouse is an integral participant in the success of the Recovery
Auditor project. However, the Recovery Auditor Data Warehouse can only be successful
if the data input into it by the Recovery Auditor is reliable, timely and valid. The RAC
Data Warehouse shall produce pre-filled invoices based on claims information from the
Recovery Auditor linked to collection/payment and reversal transactions from the
Medicare contractors. Contingency rates will be automatically applied based on
transaction type codes reported by the claim processing contractors.
Recovery Auditors may not add to the automatically generated invoices, although they
may remove records with appropriate notice to their COTR.
CMS may consider supplemental invoices with transactions that are not in the RAC Data
Warehouse or that failed automated matching, but such consideration is solely at the
discretion of CMS. Acceptance of one or more supplemental invoices does not bind the
Agency to accepting future supplemental invoices.
Inaccurate Information Input into the RAC Data Warehouse
CMS hires a contractor to maintain and enhance the RAC Data Warehouse. Whenever
erroneous files are input into the Recovery Auditor Data Warehouse, CMS has to pay the
contractor by the hour to fix the file. All costs attributed to fixing errors input by the
Recovery Auditor will be absorbed by the Recovery Auditor. CMS will accomplish this
by notifying the Recovery Auditor and by subtracting that amount from the next invoice.
For example: A Recovery Auditor uploads a file of 30,000 claims and later realizes that
the wrong provider type was input. In order to fix the error, CMS must notify the RAC
Data Warehouse maintainer to change the provider type or delete the entire file. If this
takes 4 hours to complete and the RAC Data Warehouse maintainer is paid $100 per
hour, the next invoice for the Recovery Auditor will have $400 deducted from it for the
cost of the error.
CMS has instituted this new process to ensure all Recovery Auditors understand the
importance of the RAC Data Warehouse and take due diligence when inputting
information into it and to ensure that CMS can accurately budget for the maintenance of
the RAC Data Warehouse.
Task 6b Other Systems Created by Recovery Auditor
The Recovery Auditor is free to utilize a subsequent system in addition to RAC Data
48
Warehouse provided by CMS. Any subsequent system shall not take the place of the
RAC Data Warehouse.
All reports generated from an alternative system shall be converted to appropriate
Microsoft Excel version requested by the CMS COTR.
Task 7 – Administrative and Miscellaneous Issues
A. Administrative Functions
Once the Recovery Auditor has identified an overpayment, the Recovery Auditor shall
send the debtor written notification as indicated in Task 4A. This notification shall
request that the debtor submit payment in full. Payments shall be sent to the appropriate
Medicare FI/Carrier/DME MAC/MAC.
B. Separate reporting
The reporting and data collection/analysis or each of the major tasks must be kept
separate and submitted in the appropriate format per Task 1.
C. Payment Methodology
All payments shall be paid only on a contingency fee basis and shall be based on the
principal amount of the collection or the amount paid back to a provider (underpayment).
Contingency fees:
• Because interest collected is returned to General Revenue rather than to the
Medicare trust funds, a contingency fee shall not be paid on any interest collected.
• The Recovery Auditor shall not receive any payments for the identification of the
improper payments.
• The contingency fee will be determined by the overpayments collected without
consideration given to the underpayments identified (i.e. without netting out the
underpayments against the overpayments.) Underpayments in a claim are
counted separately.
• The Recovery Auditor shall receive 75% of the agreed upon contingency
percentage for recovery efforts accomplished through the offset process of a Part
A claim (processed by the FISS) by a FI/MAC
• The Recovery Auditor shall receive 50% of the agreed upon contingency
percentage for any of the following recovery efforts:
49
Recovery efforts accomplished through the offset process by a carrier/DME
MAC or a Part B claim by a MAC.
Recovery efforts accomplished through Treasury offset or another collection
vehicle after the debt is referred to the Department of Treasury.
Recoveries made through a self-disclosure made by a provider in result of a
prior Recovery Auditor identified request for medical records or demand
letter. Self- disclosed service and time period must be included in the
Recovery Auditor’s project plan.
• If a provider files an appeal disputing the overpayment determination and the
appeal is adjudicated in the provider’s favor at ANY level, the Recovery Auditor
shall repay Medicare the contingency payment for that recovery. Repayment to
Medicare will occur on the next applicable invoice.
D. Point of Contact for Recovery Auditor
The primary point of contact for the Recovery Auditors shall be the CMS PO or his/her
delegate.
E. Data Accessibility
CMS shall provide the Recovery Auditor with all applicable data files for all claims paid
during the specific timeframes of the contract for the appropriate geographic area. The
Recovery Auditor will receive new data updates as they become available. (monthly or
quarterly) The data file format, data fields available and user agreements are available
upon request. To access data the Recovery Auditor shall acquire a Medicare Data
Communications Network (MDCN) line. This is a secure line between the Recovery
Auditor and the CMS Data Center. The cost of the MDCN line shall be incurred by the
Recovery Auditor. Anticipated costs range from $1500-$2000 per month. This does not
include setup costs. These costs may increase at any time. CMS will provide the
applicable points of contact to set up the MDCN line. In addition, the Recovery Auditor
must acquire the appropriate software to enter into the CMS Data Center. IBM/Sterling
Commerce Connect:Direct software is currently being utilized by CMS for this purpose.
There is no other alternative software. At this time the price of the IBM/Sterling
Commerce Connect:Direct software is approximately $185,000.00. The Recovery
Auditors are responsible for all costs of the MDCN line and the software.
As CMS moves towards utilizing Enterprise Data Centers (EDC) the transmission of data
may cease. The Recovery Auditor may be required to utilize a CMS system in a CMS
Data Center to retrieve extracts of claims.
The Recovery Auditor shall pay for any charges associated with the transfer of data. This
includes, but is not limited to, cartridges, data communications equipment, lines,
messenger service, mail, etc. The Recovery Auditor shall pay for all charges associated
50
with the storage and processing of any data necessary to accomplish the demonstration.
The Recovery Auditor shall establish and maintain back-up and recovery procedures to
meet industry standards. The Recovery Auditor shall comply with all CMS privacy and
security requirements. The Recovery Auditor shall provide all personal computers,
printers and equipment to accomplish the work described herein throughout the contract
term.
F. Recalled Cases
CMS may determine that it is in the best interest of the Medicare Fee-for-Service
Recovery Audit Program to cease work in certain areas. Should CMS initiate a recall ,
the Recovery Auditor shall immediately stop all activities included in the recall.
Recalls could occur because of additional activity that is occurring by another
contractor/entity or lack of adherence by the Recovery Auditor of any provision of the
Statement of Work. Recalls are indefinite and may require a corrective action plan to
resume activity. Recalls can be claim or provider specific, claim or provider type
specific, jurisdiction specific, or regional specific. Unless instructed by CMS through
technical direction, demands previously issued will still continue to be recouped and the
Recovery Auditor will receive a contingency fee, if appropriate.
G. Case Record Maintenance
The Recovery Auditor shall maintain a case file for every improper payment that is
identified, including documentation of subsequent recovery efforts. This file shall
include documentation of all processes followed by the contractor including a copy of all
correspondence, including demand letters, a telephone log for all conversations with the
provider or other individuals or on behalf of the provider or other debtor, and all
collection activities (including certified/registered mail receipts, extended repayment
agreements, etc). The case file may be electronic, paper or a combination of both. For
electronic files, the case file shall be easily accessible and made available within 48 hours
of request. At CMS’s request or no later than fifteen (15) days after contractor
termination, the Recovery Auditor shall return to CMS all case files stored in accordance
with CMS instructions. Once an improper payment is determined all documentation shall
be kept in the case file. The Recovery Auditor shall not destroy any supporting
documentation relating to the identification or recovery process.
All case files shall meet the requirements as set by OMB Circular A-130, which can be
found at http://www.whitehouse.gov/omb/circulars/a130/a130trans4.html.
H. Recovery Deposits
The demand letters issued by the Recovery Auditor will instruct debtors to forward their
refund checks to the appropriate address at the applicable Medicare contractor
(FI/Carrier/DME MAC/MAC). All refund checks shall be payable to the Medicare
51
program. If the Recovery Auditor receives a refund check, the Recovery Auditor shall
forward the check to the appropriate address. Before forwarding the check, the Recovery
Auditor shall make copies of and otherwise document these payments. A copy shall be
included in the appropriate overpayment case file.
I. Support OIG or Other Audits
Should the OIG, CMS or a CMS authorized contractor choose to conduct an audit of the
Recovery Auditor, the Recovery Auditor shall provide workspace and produce all needed
reports and case files within 1 business day of the request.
J. Support Evaluation Contractor
CMS is required to report on the Recovery Auditor Program annually. To assist with the
report, CMS utilizes an independent evaluation contractor. This contractor assists CMS
with the analysis of data, completes the provider survey, may assist CMS in monitoring
the Recovery Auditors, and maintains the referral database. Each Recovery Auditor will
have a point of contact for the Evaluation Contractor and each Recovery Auditor shall
assign a point of contact in their organization. At times, the evaluation contractor may
request data from each Recovery Auditor. All requests will be filtered through the CMS
PO and should be addressed within 15 days of receipt unless otherwise noted in the
request.
K. Public Relations & Outreach
The initial project plan shall include a section covering provider outreach. CMS will
announce the use of the Recovery Auditors in the specified geographic area. All other
debtor education and outreach concerning the use of Recovery Auditors will be the
responsibility of the Recovery Auditor. The Recovery Auditor shall only educate
providers on their business, their purpose and their process. The Recovery Auditors shall
not educate providers on Medicare policy. The CMS PO shall approve all presentations
and written information shared with the provider, beneficiary, and/or other debtor
communities before use. If requested by CMS, the Recovery Auditors project manager
for the CMS contract, at a minimum, shall attend any provider group or debtor group
meetings or congressional staff information sessions where the services provided by the
recovery audit contractors are the focus.
The Recovery Auditor is required by January 01, 2010 to develop and maintain a
Medicare Recovery Auditor webpage to communicate to the provider community helpful
information (e.g., who to call for an extension, how to customize the address for a
medical record request letter). The Medicare information shall appear on pages that are
separate and distinct from any other non-Medicare work the Recovery Auditor may have.
The Recovery Auditor shall obtain prior PO approval for all Medicare webpage content.
L. Quality Assurance
52
1. Each Recovery Auditor shall be required to complete a Statement of Auditing
Standards No. 70 (SAS 70) Audit. Each Recovery Auditor shall be responsible for
contracting with an independent and certified public accounting (CPA) firm to perform
the audit. The CPA firm will ideally have experience in Medicare operations and must
have experience performing SAS 70 Type II audits.
CMS control objectives can be found in IOM Pub. 100-6, Chapter 7. CMS will dictate
which control objectives will be applicable to the audit. The scope of the audits will be
dictated by CMS and will be determined no later than 180 days after award. A final
report from the CPA firm must be submitted to CMS by the end of each award year. Any
corrective action plan must be submitted to CMS within 45 days of the issuance of the
final report.
Additional general information concerning a SAS 70 audit can be found in IOM Pub.
100-6, Chapter 7.
2. At CMS discretion, CMS may perform a contractor performance evaluation.
Advance notice may/may not be given. During the evaluation CMS reviewers will work
from a prescribed audit protocol, review actual cases and issue a final report. Any
finding from the review will require a corrective action plan.
3. At CMS discretion, CMS may contract with an independent contractor to
perform an accuracy audit on a Recovery Auditor’s identifications. At a minimum, this
audit would be performed annually.
Every six (6) months (at a minimum) recovery auditors shall review their approved issues
to ensure compliance with the most recent CMS policy changes. Any changes to a new
issue and the policy used to make the review determinations shall be submitted to the
COTR for approval before beginning reviews. The COTR and associated staff shall then
review such changes to issues and/or policy and issue guidance to the recovery auditors
within a 30 day approval period.
Task 8 Final Report
The final report shall include a synopsis of the entire contract project. This includes a
final report identifying all amounts identified and demanded, all amounts collected and
all amounts still outstanding at the end of the demonstration. It shall include a brief
listing of all identification methods or other new processes utilized and their success or
failure.
The contractor should include any final thoughts on the program, as well as any
advantages or disadvantages encountered. From a contractor point of view, the final
report should determine if the contract was a success or a failure and provide support for
either opinion.
53
A final report shall be delivered to the CMS PO in the three formats (paper/electronic) as
stated below and in the required “electronic” formats to the [email protected]
mailbox:
1) Paper, bound, in the number of copies specified;
2) Paper, unbound, suitable for use as camera-ready copy;
3) Electronic, as one file in Portable Document Format (PDF), as one file in Hypertext
200-word abstract/summary of the final report suitable for submission to the National
Technical Information Service. Drafts of all documentation shall be provided to CMS
approximately four weeks prior to final deliverable due dates unless otherwise agreed
to. CMS staff will review materials and provide comments back to the contractor
within 2 weeks, thereby allowing 2 additional weeks for the contractor to make any
necessary revisions. All data files and programs created under this project shall be the
sole property of CMS and provided to CMS upon request in the appropriate format.
They shall not be used for any other purpose other than fulfilling the terms of this
contract without the express permission of the contracting officer.
54
SCHEDULE OF DELIVERABLES
The contract awarder shall provide the necessary personnel, materials, equipment, support,
and supplies to accomplish the tasks shown below in the specified time. The contract
awarder shall complete the evaluation and report to CMS its findings. All work done under
this contract shall be performed under the general guidance of the CMS PO subject to the
PO’s approval.
Written documents for this project shall be delivered in hard copy to the project officer (2
copies), unless otherwise specified. These documents shall also be delivered to the Project
Officer in an electronic version via email. At present, the CMS standard is Microsoft Word
2007 and Microsoft Excel 2007. This is subject to change, and the contractor shall be
prepared to submit deliverables in any new CMS standard.
Task
Number
Deliverable
Number
Deliverable
Due Date
(from contract award date)
1.a.
1
Initial Meeting
2 weeks
1.a.
2
Project Plan
4 weeks
1.b.
3
Monthly Conference Calls
Monthly
1.c.
4
Monthly Progress Reports
Monthly
6
5
Financial Report
Monthly
1
6
Vulnerability Report
Monthly
6
7
Training on RAC Data
Warehouse
Within 15 days of the start of
Task 2
6
8
Case File Transfers
Within 15 days after contract
end
9
9
Final Report- Draft
Within 4 weeks of contract
end date
9
10
Final Report- Final
Within 8 weeks of contract
end date
55
Appendix 1- Intentionally Left Blank
56
Appendix 2: Map of Recovery Audit Contract Regions
D
C
B
A
57
