Stories of waste, fraud, and abuse are becoming a daily story in the news. Behind the scenes government agencies are working hard to fight off the growing epidemic and one such measure is ZPIC auditing. While uncovering fraudulent billing is a huge step in the right direction, the current means of screening healthcare providers is incredibly invasive.
To understand ZPIC audits well, the first thing is to understand what Zone Program Integrity Contractors (ZPICs) are. ZPICs are entities created by CMS (Centers for Medicare and Medicaid Services), whose primary goal is to identify suspected fraud cases, thoroughly develop them, and immediately take action (which includes criminal prosecution). Generally, the CMS endows ZPICs with responsibilities of preventing, detecting, and deterring of any form of fraud involving the Medicare Trust Fund. ZIPCs aren’t meant to recover the money, but moreso to prevent disbursement of money.
According to zpicaudit.team, a ZPIC audit is often more invasive than other CMS entities’ inspections like the RAC (Recovery Audit Contractor) audits. ZPIC audits also have a significant potential of leading to a civil enforcement action or a criminal charge if the organization is found culpable of Medicare fraud or abuse.
ZPIC auditors rarely give notice that they are beginning an audit. Providers that are audited are chosen because some sort of red flag has been raised. Contractors aren’t chosen by chance.
Some of the factors that may initiate the audits include;
– Complaints made by beneficiaries or employees to the ZPICs or the Office of Inspector General.
– Referrals made by law enforcement agencies or other CMS contractors to the ZPICs.
– The ZPIC may also use data analysis to find out outliers based on, say, a high frequency of billing trends, specific services, and lengths of stay compared to both the national and local patterns.
A ZPIC audit may involve many actions which include;
- Conducting random and unannounced sites visits in the provider’s location. Law enforcement officials may accompany the ZPICs.
- Several requests for medical documents and records.
- Statistical sampling and also extrapolation to coding or billing errors, if any are found.
- Conducting interviews with staff and management of the provider.
- A review of prepayment or post-payment for future or existing claims
- Cases maybe referred to the Department of Justice or Office of Inspector General
- A recommendation maybe submitted to the CMS for the provider to be excluded from the Medicare Trust Fund program.
How Respond to ZIPC Audit
It’s important to gather a well qualified team. The team should consist of attorneys, CPAs, billing specialists that are experienced with ZPIC audits. Communication with the ZPIC auditors is crucial. Send any documentation, questions, or disputes back to them promptly.
Again, while the program has the right end goal in mind, the current means of reviewing companies is an invasive process that leaves many healthcare practices feeling violated. Few provides make it out unscathed. During the audit ZPIC may place a provider on 100% pre-payment review which means no payment until the review is complete. That could be a devastating blow to some providers.
How to Prepare
There are several things that can be done to be prepared for a ZPIC audit. In many cases, this information and preparedness can eliminate those warning signs that they are looking for.
-Hire a qualified corporate compliance officer
-Create a compliance plan and evaluate it quarterly or yearly.
-Create a team that can be called on during an audit. This should be a team of attorney and CPAs.
-Train staff members on how to respond to audit questions.
-Have a billing specialist review the provider annually
-Analyze all data internally to check trends.
ZIPC audits can be brutal. Preparing for the event of an audit is the best thing a provider can do. This can be helpful to reduce the focus on the provider because all of the data and trends should already be reviewed by the provider’s internal team. The information gathered can show a provider what needs to be addressed. If this is done properly, the provider should be aware of any information that could cause the provider to be on the radar of ZPIC.