Holland & Knight (formerly Waller) healthcare industry team leader, Jennifer Weaver, and founder and president of Armory Hill Advocates, Jon Rawlson, discuss their work in assisting clients to navigate Unified Program Integrity Contractor (UPIC) audits.
Watch the video by clicking here.
Read through the transcript below:
Morgan: Welcome to PointByPoint. This is Morgan Ribeiro, the firm’s Chief Business Development Officer and the host of the podcast.
On today’s episode, we are joined by Jon Rawlson, founder and president of Armory Hill Advocates, a government affairs firm that represents healthcare clients in the nation’s Capital and in several state legislatures and Jennifer Weaver, Holland and Knight partner (formerly Waller) in the firm’s government investigations and litigation group.
Today, we’re going to discuss the government audit landscape for healthcare providers and what they can do to safeguard their organizations, and if audited, how they can respond. Jon and Jennifer, thank you for joining us today.
Jennifer: Thanks very much for having us, Morgan.
Jon: It’s great to be here. Thank you.
Morgan: Great. You both have extensive experience working with healthcare providers, facing government audits and investigations across the country.
Before we get into the specifics of our conversation today, I would love to hear from both of you and to share with our listeners a little background about yourself and how you all came to work together. Jennifer?
Jennifer: Yeah. I’ve been representing healthcare providers for over 20 years now and mostly focused on their dealings with the Department of Justice and False Claims Act investigations.
Those seemed bad enough and hard enough for healthcare providers to navigate and then, about 10 years ago, I was retained by a client that was facing a UPIC audit. UPICs are contractors. They contract with CMS stands for a Unified Program Integrity Contrator. So, they’re private companies under contract. They go out and do these audits, and a lot of times providers believe these are routine audits like the RAC audits or just regular commercial payer audits that you deal with in the ordinary course of business, and UPICs are not that. They are instigated by suspicion of fraud that is the result of data mining, primarily.
They do these audits and then come up with an error rate and extrapolate. So you can have providers facing multi-million dollar overpayment demands. Then, what is also particularly dangerous about them is that after the first two levels of appeal, you’re in the Medicare appeals process. So, the contractors are reviewing their own work. So, you don’t really get a chance to have a neutral arbiter decide anything until an ALJ hearing, and there’s currently a multi-year backlog. The dangerous part is they can recoup the money and they take all that money back before you get your appeal with an administrative law judge.
If I’m doing a False Claims Act investigation with the Department of Justice, that can go on for years and we can haggle and we might settle a case. I might challenge the government or convince them that their legal theories are wrong. They decide not to intervene in the case or I can challenge them in court, but the bottom line is until there’s a settlement or a judgment, the government can’t take the money. With the UPICs they take the money. And that was a situation I found myself in about 10 years ago with a client, a very large physician practice with locations across multiple states, that got hit with a $27 million overpayment as a result of a UPIC audit. An audit that was done that was incredibly shoddy.
That’s another point I’d like to make about UPICs. A lot of times the people who are doing the audits are not clinicians. They don’t have the background. They’re doing medical necessity reviews with checklists, making billing and coding decisions. These are not certified coders with real experience, but you don’t have a real chance to challenge the audit results you get back until you get to an administrative law judge. By that point, it may be too late because they’ve already taken $27 million from you. And so that’s how I met Jon and was introduced to Jon. I’m going to turn it over to him and he can tell you, what he does as a concierge service through the Medicare appeals process. Jon, you want to tell them a little bit about how you helped me back on our first outing together with the $27 million overpayment?
Jon: Sure. Thank you, Jennifer. I’m in my 29th year of being a government relations professional. I’ve been working with Congress and the relevant oversight committees, as well as CMS, HHS and the other agencies which regulate the healthcare industry.
We had an opportunity where we worked together for a physician specialty practice based in Nashville. It was an interesting situation in the beginning because when we were first introduced to them the issue, we weren’t sure was nearly as deep or as wide as it seemed to be. However, quickly we figured out that this particular issue had a potentially devastating impact on this practice. It was a multi-state practice and it could have put them out of business and into bankruptcy.
So over the course of, I think it was a little over six months, we were able to work closely with the state of Alabama, with the Energy and Commerce Committee in the House, and the Senate Help Committee in the Senate, as well as HHS and CMS, which is essentially Medicare agency, to bring together all parties, including the chairman of the Senate Help Committee, the vice chairman of the Energy and Commerce Committee in the House, to basically come to the aid of this practice and collaboratively with the legal team that Jennifer had brought together and the government affairs work that we brought to the table, we were able to overturn this verdict, which was, I believe, $27 million dollars.
Jennifer: To chime in on that, Jon, what was really critical was we had great legal arguments. We had arguments to show that the claims were billed correctly and medical necessity was there. I had all of that. If we were in a regular court case, I can rely on the strength of my legal arguments to carry the day, and a judge is going to review that. When you’re in the Medicare appeals process, it’s just basically a rubber stamp. They’ll take the $27 million dollars. They’ll look at my briefs, maybe, and they’ll just rubber stamp what the UPIC auditor did without giving any consideration, without looking at the medical records, our clinical arguments.
Why Jon was so critical is because all his contacts were at the highest levels of the contractor level, both with the Medicare Administrative Contractors, the MACs, which is the first level of review. At the QICs, which is the second level review. Having those contacts with the head of these contractors, we weren’t asking for anything more than for our legal arguments and our clinical arguments to be given due consideration. And that’s where Jon came in to make sure that it was. In addition to getting program integrity at CMS, and to get the appropriate people on The Hill on the relevant committees and in Congress to put some pressure on CMS who then puts some pressure on the contractors. The result of this was $27 million down to $6,900, but that also just goes to show great work on Jon’s part. Hopefully I did good legal work, but it’s also to my point that these UPIC auditors are not doing competent audits. They’re coming up with conclusions that just don’t withstand scrutiny.
Jon: We’re at a time right now where many of these providers have been complaining about the treatment from these Medicare auditors for quite some time. So members of Congress are sensitive to this. They’ve been hearing about it for quite some time. They’ve been providing some feedback to the program integrity division at CMS, which oversees all of this audit environment.
So it has really provided some very fertile ground for us to work with. Members of Congress who are sick and tired of hearing about this intrusive activity that’s happening with providers of all sizes, whether you’re small or large, it really doesn’t matter. You’re a target. We’ll talk a little bit more about that a little later in the podcast, but yeah, we’ve been very fortunate to be able to work together and the auditors— the relationships that I’ve forged there, and also within CMS, have really played to our advantage as we’ve been working to resolve these situations with all of these clients.
Morgan: I think, as you all pointed out, it’s not just about the legal arguments, which is key, right? That is very necessary in all of this, but I think just as equally important is having those relationships and knowing the process and how to navigate is vital for these clients when they’re working through these issues.
So, Jon, one thing for you. Over the past two years it’s already been challenging for healthcare providers dealing with the pandemic and labor shortages and just a lot of unpredictability around their operations. Have the UPIC auditor’s scaled back during the pandemic or has it been full steam ahead?
Jon: So CMS told the auditors to take a step back at the beginning of COVID. So, when we were right at the very beginning of the pandemic, I think as you remember, a lot of agencies just shut down. The IRS and what have you, and CMS and Medicare did as well. And the auditor’s took steps back. Some of them were running large operations of their own, and so they had all their own corporate issues to deal with in terms of employee safety and what have you.
However, about, I think when we were starting to come out of the first wave of the pandemic, CMS signaled to the MACs and the UPICs that they could begin to ramp back up again. Right off the bat I think we had about a three month lull and then all of a sudden, boom, it started ramping back up again and it’s been full steam ahead ever since. We’re hearing from providers of all sizes especially in key states where CMS and Program Integrity are watching fraudulent activity occur. Some of it’s legitimate, a lot of it is not, but they’re still keeping an eye on that environment and it has ramped back up and full speed ahead.
Jennifer: To some extent they never scaled down like CMS instructed them to. Jon and I right now are helping a hospital that was in one of the hardest hit cities at the very beginning of the pandemic in March and April of 2020, and that’s when one of the UPICs, CoventBridge, decided to go in, onsite, inside a hospital at the very beginning of the pandemic in one of the hardest hit Metro areas to demand documents and question staff. So, they can be pretty aggressive.
Jon: Oh. Terribly aggressive and ignoring the situations that are impacting those hospitals.
This particular hospital had a COVID outbreak in the middle of the audit and the auditors didn’t take a step back and let that hospital deal with the COVID outbreak, which was just ridiculous. They had a physician that died in the midst of it, one of the medical directors for that particular clinic.
Sometimes it just defies common sense as to why these auditors handle it the way they do, but it’s important for both Jennifer and I to be able to represent our clients in a manner that both educates Congress and the oversight committees on this kind of activity that’s occurring and CMS. To some degree Program Integrity is not aware of some of this activity that’s occurring like this.
So we needed to bring it to light and help the agencies manage that activity appropriately.
Jennifer: Yeah. when Jon has been able to get me an audience with Program Integrity at CMS, one of the things I’ve stressed is that you need to have more oversight of your contractors and your oversight should not just be how much money are these contractors bringing back into the program. And when they’re up for contract and they rebid their contracts, it shouldn’t just be who has brought back the most dollars because some of the ways that they’re getting this money is unfair to providers and doesn’t withstand scrutiny when it’s challenged during the appeals process.
And what I urge Program Integrity to do is to also ensure that they are hiring contractors that have real expertise, have clinical expertise, and can conduct fair and competent audits that providers can feel confident in.
Jon: Oftentimes we find that providers will be in the midst of the initial period of the audit process and they’ve been approached by auditors and they ‘re trying to contact the auditor and the auditor’s not returning a call and not responding to an email. It’s extremely frustrating. Jennifer and I have both experienced that, and it’s important that CMS be aware of that. So we’ve brought these situations to CMS and in one regard they completely shut down one of the MACs. I think the work that we’re doing and providing feedback to CMS is valuable.
Morgan: Jon, you’ve touched on this, but curious if you have anything to add, as a government relations professional, you’re very aware of the influence of regulators in this entire process. What do you see happening now that’s different from say, two years ago, and what does the regulatory landscape look like?
Jon: The regulatory landscape now is a little bit different because we have a new administration, and the new administration views for-profit healthcare providers differently than the previous administration.
You’re seeing an uptick in audit activity, both from the OIG, from the Department of Justice and CMS and Medicare contractors, particularly towards for profit healthcare providers and those that are in key areas, hospice, home health, home infusion, some hospitals and related physician practices are definitely under scrutiny. Especially in key hotspots states like Florida, Texas, Ohio, Michigan, where they’ve seen an uptick of fraudulent activity.
It’s interesting. Previous administrations have a tendency to look differently at for-profit healthcare providers. When a Democrat led administration or Democrat led majority in Congress comes into play, they really have a jaundiced view believing that for-profit providers are in it for returning profit and dividends to shareholders and not really looking at the quality of healthcare that’s being provided to patients.
It just creates a more aggressive atmosphere. Obviously it’s more work for us, which is nice, but also provides a really difficult landscape for those types of providers to navigate. Especially when it comes to program integrity related issues.
Jennifer: I will say though, that Jon and I have been doing this together now for almost 10 years and across three administrations, and we’ve had success with all the administrations so far. Jon’s been able to bring in really good advocates from both sides of the aisle to help us get our healthcare provider clients out of some really troubling situations.
Morgan: As that relates to UPICs, even more specifically, where do you see that heading next?
Jennifer: It’s one of those things that truly is bi-partisan. The UPICs, which were originally called ZPICs— I don’t want it to get into too much alphabet soup here— but they were created, I think the Medicare Modernization Act of 2003 is when they first were stood up. So they’ve been around a while, but they’ve really ramped up in the past decade. But that’s completely bipartisan. Everyone’s opposed to waste, fraud, and abuse. You won’t get any pushback on that. Across the aisle everyone wants to come up with what they believe are legislative strategies to curb waste, fraud, and abuse. The problem is that they don’t always understand what they’re unleashing. So in the case of the UPICs seems perfectly reasonable. Medicare is overpaying providers who are fraudulently billing, and we can hire these private contractors to go out and do audits and they will find waste, fraud and abuse and return it to the public FISC.
The problem is that, we already have a situation in this country where the demand for healthcare services, especially in certain communities, outstrips the supply. It’s hard enough for providers to stay in business, to service the communities that need them, when they’re being hounded by these UPIC auditors who can and do put providers out of business.
If you’re hit with a multi-million dollar overpayment that’s incorrect and you have to wait for five years to get an ALJ hearing, but they will recoup that money immediately while you wait five years for your appeal to get it back. Many providers who have gone out of business and had to declare bankruptcy because they can’t stay open. They can’t stay in business long enough to get their day in court, which is an unfortunate result of something that I think a lot of lawmakers viewed as very worthy. Who could possibly object to trying to combat waste, fraud, and abuse?
Morgan: The intention is good, but understanding how it plays out in reality sounds like a different story
Jon: Exactly. I think the Program Integrity Division at CMS is about $1.3 billion operation, which generally returns to the Medicare trust fund about $3.5 to $5 billion annually in savings. About 40% of the claims that are audited are actually fraudulent, and the 60% are actually related to documentation errors. Simply, in many cases, completing the form incorrectly. However, this process puts those providers through the same level of scrutiny regardless of whether there’s an outcome of actual fraud or not.
So it’s the UPIC scenario, which there are now four primary UPIC providers that are regionally set up across the country, it presents a scary atmosphere for providers who are used to routine RAC audits, which are a routine audit by CMS. When a provider receives documentation from a UPIC that indicates some level of fraudulent activity that’s occurred, it’s a scary environment for a provider. I think one of the things that we’ve experienced over the last few years has been that providers who don’t take this seriously right off the bat are the ones that stand to lose the most and have the most difficult experience. When they recognize right up front, “Oh boy, we’ve got a serious situation.” They reach out to their attorney. They get Jennifer on the line. They get me involved early on. It’s a much easier path for us to navigate for those providers. But at the end of the day, Congress likes this program and when they do their oversight committee hearings every year and they look at the savings that have been generated and they look at the activity, the true real fraudulent activity that does occur across the country, it has a tendency to over weigh the irritating, and oftentimes needless, type of activity that we see every day where providers are put through an enormous amount of scrutiny for, really at the end of the day, just documentation errors that don’t demand this level of scrutiny and can be corrected easily.
Jennifer: Yeah, and what’s so dangerous about UPICs and what’s so frustrating about UPICs— in addition to being able to do these extrapolated multi-million dollar overpayments they also can and do put providers on Medicare payment suspension based on very little, if anything. That’s one area where I absolutely depend on Jon because the regulations do not provide for any appeal of that determination. So a UPIC can decide that we think that there’s credible allegations of fraud that we’ve seen. So, we’re just going to put you on a payment suspension. You’re still going to provide services to all of our Medicare beneficiaries, but we’re just not going to pay you. Instead, we’re going to put the money into our lockbox and once we complete our audit, maybe 18 months, two years from now, maybe we’ll give it back, probably not. And that’s incredible unchecked authority. If I didn’t have Jon to work with to help me help my clients get out of those situations, I don’t have legal recourse.
Like I said, I started out and I still do the majority of my work representing providers, dealing with the Department of Justice and False Claims Act investigations, which are scary enough, but in those cases the government has to prevail to get the money. If they’re going to get money from my client, they have to either convince me that my client has an overpayment to the government, has some liability, and we agree to a settlement or they have to convince a court or a jury that my client has improperly billed or committed some type of billing fraud in order to get a judgment in court. They don’t get the money until the government proves that. Whereas the UPICs, these auditors can come with unqualified people who don’t have clinical backgrounds, who don’t have coding background, just determined there’s a $10 million overpayment and we’ll just take it right now, and years from now, maybe you’ll convince a judge to give it back.
Jon: It’s a completely unnerving process. You have to prove your innocence through a five-step appeals process. If you don’t navigate that, it can really cost you in the long run, dollars and cents and reputation to you as a provider. So it’s always incredibly important that you’re armed well with, smart, legal advice like Jennifer provides and then somebody like me to help run some of this. Some of the issues we’ve seen with these provider suspensions are just crippling financially. Terribly crippling. So it’s important and it’s wonderful that we’ve been able to guide providers through that process successfully at the end of the day.
Morgan: This all sounds pretty grim, but I know that you all have success stories in battling these UPICs. I know you’ve shared some already earlier in our conversation, but any other examples or success stories that you want to share with our audience?
Jennifer: Working with Jon, he’s the secret to my success to a large extent. We’ve done a bunch of these now. I think a couple of years ago, we had a large nationwide home health provider that was hit with a $16 million overpayment from a UPIC. Jon came in. The MAC in that case, which was our first appeal, I think it was Palmetto. He knew the top people at Palmetto. Again, he does the concierge service for the Medicare appeals process. He let them know this was coming, that we were appealing the $16 million overpayment, that they needed to put all their best people on it and give it due attention. We ended up within the matter of months on the first appeal, getting it reduced to $20,000. So that was great for our client, obviously.
Another one— to show how critical Jon is in this process. This was another home health company, a different one, and they had a home health and a memory care facility that they were operating in Florida. The UPICs, in this case, actually went into a memory care facility in person to interview the patients to see if the home health providers had actually provided home health services at the memory care facility. It’s a memory care facility. These are Alzheimer patients who could not remember when they got home health services. The fact that you have these very aggressive auditors scaring these people and they’re allowed under their CMS contract to walk in to any hospital, any home, any memory care facility, any nursing facility. As a result of those really, I thought, overly aggressive and frankly, ridiculous interviews they put our client on a payment suspension. Jon was able to go in and go direct to Program Integrity and get that lifted, which is something I couldn’t have done because I don’t have recourse under the regs to appeal that determination. Jon’s assistance is really critical for me to be able to just have someone listen to, the legal arguments and the clinical arguments that I’m making.
Jon: I’m able to navigate a space, which is not prescribed. Jennifer has a prescribed legal path under the Medicare guidelines, and I have an environment which allows me to navigate relationships within the department, within the agency, within the contractors, which is really great because I’m able to have those one-off conversations to be able to highlight the specifics that oftentimes the contractor’s reviewers overlook. So we’re able to drive some of the very good medical necessity arguments that our clinicians and our teams have put together, but if they’re not going to be reviewed adequately by the medical team the outcome is diminished significantly. So we’ve been able to put together a great scenario that has benefited all of our clients.
It’s interesting, we have a national oncology company right now that is a provider across the county of a unique type of treatment for non-melanoma skin cancer. Because of the individual practice scenarios that they see, we have been intervening on behalf of all these individual practices across the country. And we’ve had significantly great results at the second level of the appeals process, and it’s primarily because we’re able to make our arguments, which are great, and should, be weighed appropriately at the first level of appeal, but for whatever reason aren’t.
So I think we find ourselves having significant success across the board when we’re able to have the appropriate medical and clinicians who are tasked with reviewing this data, actually sit down and review the data. Oftentimes we find many of these decisions are rubber stamped. They go from one level to another level until they end up at the ALJ level, which is the third level of appeal, only because they were rubber stamped and never adequately reviewed. So my role, the way I see it, is not only to intervene with CMS as an agency, but also to intervene with these contractors to make sure that the medical directors and their teams are doing the job that they’re paid to do.
Morgan: As we look forward to this, I know you’ve talked about some practical tips for providers who may face these UPIC audits, but any specific advice that you would give to them? To me, it seems like you hear a lot of discussion about the False Claims Act and dealing with the DOJ, but you really hear less about these. But it seems like these are situations that, as soon as you’re faced with them, it’s critical that you act quickly, but I think, even better, it’s how you prevent these from happening in the first place. So what advice do you all have for providers?
Jennifer: Number one piece of advice would be know when you’re dealing with a UPIC. What I’ve seen so many times is these UPIC audit requests come in and the providers don’t realize what they are. They think it’s just another routine audit and not a UPIC that can carry with it the huge consequences we’re talking about in terms of extrapolated overpayments in a multimillion dollar range and payment suspensions. So, if you get a letter from CoventBridge, Safeguard Services or Qlarant, Q L A R A N T, those are the three main UPICs right now. So be very careful when you’re dealing with them.
We always preach having a full, robust compliance program that is lived daily at the practice with the provider. That’s essential for all healthcare providers. I think everyone knows that by now, but even the best compliance program doesn’t protect you. The UPICs are doing data mining looking at the prevalence of certain codes. If you’re looking like an outlier because your usage of certain codes or what you’re billing, that just might be because you’re a big player in the market. You’re not doing anything wrong. You’re the largest home health agency in that particular region. You’re the largest ophthalmology practice in that part of the country. So really hard to avoid having them. I think the key is what Jon already said. Number one, know what you’re dealing with. If you do get a letter from one of these or they show up in person from CoventBridge, Safeguard, or Qlarant, then take it very seriously. Make sure you are submitting, in response to the audit request, complete, pristine, thorough medical records. Make sure you go over it with a fine tooth comb.
Sometimes I’ll use clinical experts to double check the provider’s work to make sure everything is there. Then we’ll prepare a clinical summary to put on top of every record for each patient to go through all of the Medicare coverage criteria and direct the auditor. Here’s where it is. If you go to this portion of the medical record, you will see the evidence that everything that’s required for Medicare coverage is there. You have the appropriate signed physician orders. You have the plans of care that are required. Whatever it is, in any sector, whatever you’re billing for, just trying to make sure that it’s there.
Jon, any other advice?
Jon: My biggest piece of advice is to the providers and their front desk people. Too many times we find out that they’ve received a letter from one of the CMS contractors, but it’s been sitting on the desk, it’s been buried somewhere and nobody opened it. It is critically important that every provider inform their front desk personnel that when they get a letter from CMS, they’ve got to open it and they’ve got to send it to the appropriate folks so that they can respond appropriately. You would be surprised how many skilled providers front desk personnel either lose it or don’t know what it is or don’t route it appropriately or just don’t open it.
Morgan: Great. I know this is not an uplifting conversation, but I think based on this conversation, there are certainly steps that providers can take to prevent these actions in the first place and lessen the blow when they do occur. So appreciate your time. Anything else that you all would like to add?
Jon: Yeah, Morgan, just thanks so much for having me. I appreciate being a part of this today and both of us hope tremendously that we able to arm providers with the important information going forward and how they can be ready and prepare. And they can certainly reach out to us.
Compliance programs are awfully important these days. Jennifer has a great practice of helping all types of providers develop a compliance program that basically, helps them work in these areas with CMS and with program integrity contractors.
Jennifer: Yeah. Thank you. Thank you very much, Morgan. I really appreciate your time doing this. I know it’s not the most uplifting topic, but I will just say there’s a lot of great things about being in the healthcare industry. It’s a wonderful industry. A wonderful profession that really impacts people’s lives, and it’s great business. But unfortunately, if you’re going to be in healthcare, this is part of the cost of doing business is dealing with UPICs and other enforcement agencies. But Jon and I are here to help you get through it.
Morgan: Awesome. Thank you guys again.
Jennifer: Thanks, Morgan.
Jon: Thank you, Morgan.
References: https://www.hklaw.com/en/insights/media-entities/2022/04/how-to-navigate-upic-audits
