ZPIC/UPIC Audit Defense Lawyers
With Decades of Experience, Our Health Care Fraud Defense Attorneys Understand the Growing Threat of Zone Program Integrity Contractor (ZPIC)/Unified Program Integrity Contractor (UPIC) Audits
Zone Program Integrity Contractors (ZPICs)/Unified Program Integrity Contractor (UPIC) exist for a single purpose: to investigate instances of suspected fraud, waste, and abuse in the Medicare system. ZPICs/UPICs are authorized to conduct invasive audits on behalf of the Centers for Medicare and Medicaid Services (CMS), and they have broad powers to prevent payment of improperly-billed amounts and recoup overpayments from Medicare-participating providers and businesses.
Health care providers and other medical businesses (including DME companies) are currently facing immense scrutiny in relation to their Medicare billings, including invasive ZPIC/UPIC audits. These audits can represent significant threats to health care providers’ and businesses’ viability. At Oberheiden, P.C., our federal health care fraud defense lawyers (several of whom are former U.S. Department of Justice (DOJ) prosecutors) have extensive experience on both sides of ZPIC/UPIC audits. If you are facing a ZPIC/UPIC audit, we can help you. To avoid unnecessary recoupment liability and the potential for further federal action – including civil or criminal health care fraud charges – call (888) 519-4897 or contact us online now for a free and confidential consultation.
What Are ZPICs/UPICs?
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 established the Medicare Integrity Program (MIP) in order to strengthen CMS’s ability to detect and deter fraud, waste, and abuse in the Medicare program. As part of the MIP, CMS created a uniform type of administrative entity called Medicare Administrative Contractors (MACs). In accordance with the newly established MAC jurisdictions, seven geographical entities called Zone Program Integrity Contractors (ZPICs)/Unified Program Integrity Contractors (UPICs) were created to perform program integrity functions for Medicare Parts A, B, Durable Medical Equipment (including prosthetics and orthotics), Home Health and Hospice, and Medicare-Medicaid data matching. These entities are:
- Health Integrity
- Safeguard Services (SGS)
A typical ZPIC/UPIC audit consists of a thorough evaluation of all available information to confirm the veracity of the patient and billing records a health care provider or business has on file to substantiate its Medicare billings. Although ZPIC audits are somewhat comparable to Recovery Audit Contractor (RAC) audits, ZPIC/UPIC investigations have the added potential implication of federal Medicare fraud charges, which can result in severe administrative penalties and even criminal prosecution. This makes it even more important to consult with an experienced health care fraud defense attorney as soon as possible after being contacted by a ZPIC/UPIC auditor.
What Types of Providers and Businesses are Targeted in ZPIC/UPIC Audits?
One particularly concerning aspect of CMS’s audit program is that health care providers and other businesses receive little to no warning that they are going to be targeted in a ZPIC/UPIC audit. As a result, all types of Medicare Part A and B providers, durable medical equipment (DME) companies, home health care agencies, and hospices are potentially at risk for being audited at any time. This makes it critically important for these types of providers and businesses to maintain detailed records supporting their Medicare billings at all times.
It is a common misconception that, if you do not actively engage in intentional misconduct, then you have nothing to be concerned about when it comes to a ZPIC/UPIC audit. However, inadvertent mistakes and careless record-keeping errors can result in costly administrative penalties, license revocation, and even criminal charges. Operating in areas that CMS has designated as ‘high risk’ (including Dallas, Los Angeles, Miami, New York, Detroit, and Houston) may make a provider more likely to face a ZPIC/UPIC audit; however, all providers and businesses are at risk for being targeted.
How Do ZPICs/UPICs Choose Which Providers to Target?
Of course, ZPICs/UPICs cannot simultaneously audit all health care providers and medical businesses. So, how do they choose which companies to target?
1. Data Analysis
One of the primary triggers for ZPIC/UPIC audits is ZPICs’/UPICs’ automated review of Medicare program billing data. When the data identify a provider or business as a potential target for an audit, a ZPIC/UPIC will perform a medical record review to determine whether recoupments or other penalties may be warranted. While these reviews often focus on making coverage and coding determinations related to Medicare’s standards for “medical necessity,” all types of billing issues can trigger ZPIC/UPIC audits. These include:
- High frequency of certain services in comparison to local or national patterns
- Billing trends that indicate an “outlier
- Lengths of stay outside of industry standards
- Mismatching claim and physician records
- Other improper or inaccurate billing Medicare billings
2. Complaints & Routine Audits
ZPIC/UPIC audits can also arise from complaints or referrals. More specifically, employee or beneficiary complaints to MACs, the Office of Inspector General (OIG), and other federal law enforcement agencies may result in ZPIC/UPIC audits. In these cases, potential fraud has already been identified and the ZPIC/UPIC has presumed improper billing activities. If the audit is left unchecked, the ZPIC/UPIC may use statistical sampling to calculate and extrapolate the amount of alleged overpayments, allowing the ZPIC/UPIC to generate large overpayment amounts with minimal work. The ZPIC/UPIC also has the power to request medical documentation and other evidence related to the validity of the claim; however, this power is not absolute, and providers can create unnecessary problems for themselves by providing ZPICs/UPICs with too much information. Extrapolated overpayments can quickly devastate a providers and other businesses.
3. “Benefit Integrity” Investigations
ZPICs/UPICs also have significant discretion to conduct reviews for “benefit integrity.” In this scenario, a ZPIC/UPIC may determine that beneficiary interviews are necessary to determine medical necessity or identify billing errors. ZPICs/UPICs around the country have been given ready access to a wide variety of claims coding, billing, and utilization databases and are expected to perform complex data analysis with this data in an effort to identify providers and suppliers with suspicious billing histories. If a health care provider’s claims utilization and billing practices are outside of the norm (making the provider an “outlier”), that provider is likely to be audited. Providers can be placed on up to 100% pre-payment review by a ZPIC/UPIC, in which case the provider must stop billing for claims until further notice.
4. OIG and FBI Investigations
ZPICs/UPICs work closely with agents from the OIG and the Federal Bureau of Investigation (FBI). In many cases, ZPIC/UPIC audits will flow from OIG and FBI inquiries, and providers and other businesses targeted in ZPIC/UPIC audits may end up having their cases referred back to the OIG or FBI for a formal federal investigation.
ZPICs/UPICs do not have to get CMS approval for the companies they choose to target. ZPICs/UPICs also do not have to provide education to providers or post their areas of focus publicly. ZPIC/UPIC investigations can start with a letter requesting claim documentation to determine if an overpayment has occurred. Other times, the ZPIC/UPIC conducts unannounced site visits where auditors take photos and records. In short, there is very little about ZPIC/UPIC audits that is predictable, and this is yet another reason why health care providers and other businesses targeted in ZPIC/UPIC audits must promptly engage experienced legal representation.
What are Examples of Potential Red Flags for ZPIC/UPIC Auditors?
During the audit process, ZPICs/UPICs will look for any excuse to seek recoupments and impose other administrative penalties. Missing pages, erased notations, late or inconsistent entries, and pages filed out-of-order are all examples of “red flags” that can lead to nightmares for providers. Absent countervailing evidence, ZPICs/UPICs will generally conclude that these types of errors are indicative of waste, abuse, or fraud, they can trigger a series of subsequent reviews involving time-consuming and burdensome requests for additional documentation. ZPICs/UPICs can also conduct follow-up interviews with those patients who were beneficiaries of the claimed services, search for indications of previous complaints or suspicious conduct, and analyze virtually all other aspects of Medicare providers’ business dealings.
As a result, all medical providers (especially those servicing patients in CMS’s “high risk’” areas) need to ensure they have adopted and are appropriately implementing comprehensive compliance programs in order to mitigate their risk in the event of a ZPIC/UPIC audit. This includes, among numerous other steps, requesting and filing all requisite documentation from incoming patients prior to performing any treatments or surgeries (attempting to complete processing of new patients after the fact increases the risk of backlogs, errors, and inconsistencies that could lead to ZPIC/UPIC audits and penalties). Consistently attempting to bill the maximum allowable amount for a given procedure or service can increase providers’ and other businesses’ exposure in ZPIC/UPIC audits as well.
What are the Different Types of ZPIC/UPIC Audits?
The ZPIC/UPIC auditory regime is extremely complex. Understanding the different types of audits – and identifying the type of audit in which your business or practice is being targeted – is just one of the essential steps involving in successfully avoiding recoupments and other penalties. Here is a brief overview of the three main types of ZPIC/UPIC audits and the potential implications of each:
1. Automated Audits
Automated audits are generally the result of random annual audit quotas as opposed to specific allegations of fraud or abuse. These types of audits usually do not involve invasive information requests; instead, the ZPIC/UPIC will review the information that has already submitted to Medicare. Although the risk of regulatory action emanating from an automated audit is low, it can still happen. If you find yourself facing a random audit, it is important that you defend your practice or business and prepare for a possible appeal by working with our experienced ZPIC/UPIC audit defense lawyers.
2. Semi-Automated Audits
Semi-automated ZPIC/UPIC audits can result from either random selection or evidence of a potential payment issues. Regardless of the initiating trigger, semi-automated audits are computer-generated reviews accompanied by a request for records and billing documentation. Before submitting any documentation in response to semi-automated audits, providers should consult with a knowledgeable health care fraud defense attorney in order to reduce their risk of liability and further government scrutiny.
3. Complex Audits
If a ZPIC/UPIC auditor identifies a specific issue related to your practice, it may conduct a complex audit. This is the most intensive type of audit format will generally involve of a request for extensive evidence of medical necessity and reimbursement eligibility as well as the legitimacy of the protocol that was utilized. Usually, a complex audit indicates that the ZPIC/UPIC (or a MAC) has already detected a pattern of fraud or abuse. Due to the high risk associated with this type of audit, it is critical to consult with a ZPIC/UPIC audit lawyer before taking any responsive action.
What is at Risk During (and After) a ZPIC/UPIC Audit?
When a ZPIC/UPIC audit results in allegations of submitting fraudulent or erroneous Medicare or Medicaid claims, the consequences can be substantial. Health care providers and medical businesses can face substantial recoupment liability, denial of pending claims, pre-payment review of future claims, and other financial and administrative penalties. Unfavorable ZPIC/UPIC audit determinations can also lead to federal investigations involving the DOJ, FBI, OIG, and other agencies, and these investigations can lead to civil or criminal charges with the potential for life-changing consequences.
Medicare fraud can be prosecuted under various provisions of the United States Code, and allegations can result in the imposition of restitution; fines; and, in some instances, federal imprisonment. In addition, a wide range of administrative sanctions (such as deactivation or revocation of Medicare enrollment or billing privileges, suspension of payments, and exclusion from participation in the Medicare program) and civil monetary penalties may be imposed when warranted by the circumstances at hand. Various laws (including the Anti-Kickback Statute and the False Claims Act) include provisions for both civil and criminal enforcement; and, when facing a Medicare fraud investigation, keeping the investigation civil in nature is critical to mitigating any potential penalties.
What are My Options After an Unfavorable ZPIC/UPIC Audit Determination?
Fortunately, when a ZPIC/UPIC issues a demand for recoupments, this is not the end of the process. There are several stages of ZPIC/UPIC audit appeals, and our attorneys can promptly review your case to determine if you have grounds to challenge the ZPIC’s/UPICs conclusions. Some of the issues we will assess to determine whether you have grounds to file an appeal include:
- Whether the ZPIC/UPIC submitted complete and accurate information supporting its findings;
- Whether the ZPIC/UPIC reviewed your documentation correctly and in accordance with the applicable standards;
- Whether the audit required external clinical expert or physician input; and, if so, whether the ZPIC/UPIC obtained it; and,
- Whether the ZPIC/UPIC has a history of auditing errors.
Our attorneys have decades of experience representing clients at all stages of the appellate process. Based on the results of our assessment, we will be able to advise you regarding the options you have available for potentially reducing or eliminating the amount you owe. We understand that dealing with ZPIC/UPIC audits can be confusing and overwhelming for even the most-sophisticated and established practitioners (especially if you are accused of Medicare fraud or abuse). We can use our experience to protect you and your business or practice, and we can make sure that you feel confident and informed at every step along the way.
How Can a Health Care Fraud Defense Attorney Help with Your ZPIC/UPIC Audit?
ZPIC/UPIC audits play a significant role in the federal government’s fight against Medicare fraud. Recently, the federal government has indicated increased reliance on data analysis to target health care companies. What this means in practice is that companies that are particularly profitable, and thus have larger volumes of claims submissions, appear on the government’s radar and are far more likely to be audited than less-successful providers. However, regardless of a company’s size or volume of Medicare business, a ZPIC/UPIC audit has the potential to be devastating, and it needs to be handled accordingly.
Many health care fraud investigations start with a ZPIC/UPIC audit. Mistakes made during the audit process can have severe consequences – including triggering DOJ, FBI, and OIG investigations – and hiring experienced defense counsel is essential to avoiding unnecessary consequences. Some of the ways that our attorneys assist clients during ZPIC/UPIC audits include:
- Self-Analysis. Our lawyers will review your files before you provide them to the ZPIC/UPIC to ensure that you are not unnecessarily disclosing any information and so that we can proactively address any issues we identify. We can promptly uncover the source of any mistakes, and we can use the available evidence to protect you against a federal investigation.
- Deadline Extension. ZPICs/UPICs will often request a great number of documents, and as a practical matter it may be necessary to request an extension of the deadline for production. We can submit this request strategically and effectively so that you will have the time needed to gather the requested files and analyze them before you submit them for review.
- Improve Compliance. As your counsel, we will not just look at the files requested, but also focus on the bigger picture. What if the ZPIC/UPIC decides to conduct a follow-up audit or recommend a federal subpoena? Is your corporate structure adequately protecting you? Are you prepared for the burdens of dealing with a government inquiry? Is your compliance program strong enough to protect you against allegations of fraud? What other weaknesses could potentially be exposed?
- Working with the Auditors. The best way to find out what may have prompted a particular audit and to assess the risk of a follow-up federal investigation is to immediately open a dialogue with the auditors. Knowing the impetus of the audit is essential to tailoring your response and overall defense strategy; and, in many cases, early intervention can be crucial to a provider’s or business’s ultimate success during a ZPIC/UPIC audit.
- Convincing the U.S. Attorney’s Office. If a ZPIC/UPIC audit results in a referral to the U.S. Attorney’s Office, hiring an experienced attorney right away can be essential to keeping any ensuing federal investigation civil in nature. At this stage, it is imperative not to allow the government to build a case and to open an investigation unchecked. Our attorneys can use their experience and the insights they gained as Assistant U.S. Attorneys to keep your investigation civil in nature and attempt to resolve it without charges being filed.
Why Should I Choose the Federal Health Care Fraud Defense Lawyers at Oberheiden, P.C.?
At Oberheiden, P.C., we offer the first-hand knowledge obtained from representing health care providers across the country in ZPIC/UPIC audits and previously overseeing ZPIC/UPIC audits on behalf of the federal government. Our attorneys can effectively advise and represent you at all stages of the audit process, and we can guide you through the steps you need to take when dealing with ZPIC/UPIC personnel. If necessary, we can also begin preparing for the appeals process as well as any follow-up investigative action by the DOJ, FBI, or OIG.
With the benefit of decades of experience representing clients in ZPIC/UPIC audits and federal investigations, our attorneys can also assist you with developing and implementing a comprehensive and custom-tailored compliance program. Beyond preparing customized documentation, we will help you implement your plan to ensure you will be adequately prepared in the event of another audit, educate your staff on the applicable billing regulations, help you adopt sound records management protocols, and provide effective communication and training methodologies that you can deploy throughout your business or practice.
If you are facing a ZPIC/UPIC audit, you need to have a detailed understanding of the process and the risks involved, and you need to know whether your patient and billing records are an asset or a liability. Our highly-experienced attorneys can explain everything you need to know, and we can ensure that your practice or business is adequately prepared. The risks are simply too great for you to attempt to navigate the ZPIC/UPIC audit process on your own. To discuss your audit with a federal health care fraud defense lawyer at Oberheiden, P.C., contact us today.
Request a Free and Confidential Initial Consultation at Oberheiden, P.C.
ZPIC/UPIC audits can have devastating consequences for health care providers and other Medicare participants. Our attorneys can protect you, but it is important that we start working on your audit as soon as possible. To get started with a free and confidential consultation, call us 24/7 at 888-519-4897, or tell us how to reach you and a member of our firm will be in touch as soon as possible.