[House Hearing, 106 Congress]
[From the U.S. Government Publishing Office]
THIRD-PARTY BILLING COMPANY FRAUD: ASSESSING THE THREAT POSED TO
MEDICARE
=======================================================================
HEARING
before the
SUBCOMMITTEE ON
OVERSIGHT AND INVESTIGATIONS
of the
COMMITTEE ON COMMERCE
HOUSE OF REPRESENTATIVES
ONE HUNDRED SIXTH CONGRESS
SECOND SESSION
__________
APRIL 6, 2000
__________
Serial No. 106-97
__________
Printed for the use of the Committee on Commerce
U.S. GOVERNMENT PRINTING OFFICE
64-027CC WASHINGTON : 2000
COMMITTEE ON COMMERCE
TOM BLILEY, Virginia, Chairman
W.J. ``BILLY'' TAUZIN, Louisiana JOHN D. DINGELL, Michigan
MICHAEL G. OXLEY, Ohio HENRY A. WAXMAN, California
MICHAEL BILIRAKIS, Florida EDWARD J. MARKEY, Massachusetts
JOE BARTON, Texas RALPH M. HALL, Texas
FRED UPTON, Michigan RICK BOUCHER, Virginia
CLIFF STEARNS, Florida EDOLPHUS TOWNS, New York
PAUL E. GILLMOR, Ohio FRANK PALLONE, Jr., New Jersey
Vice Chairman SHERROD BROWN, Ohio
JAMES C. GREENWOOD, Pennsylvania BART GORDON, Tennessee
CHRISTOPHER COX, California PETER DEUTSCH, Florida
NATHAN DEAL, Georgia BOBBY L. RUSH, Illinois
STEVE LARGENT, Oklahoma ANNA G. ESHOO, California
RICHARD BURR, North Carolina RON KLINK, Pennsylvania
BRIAN P. BILBRAY, California BART STUPAK, Michigan
ED WHITFIELD, Kentucky ELIOT L. ENGEL, New York
GREG GANSKE, Iowa TOM SAWYER, Ohio
CHARLIE NORWOOD, Georgia ALBERT R. WYNN, Maryland
TOM A. COBURN, Oklahoma GENE GREEN, Texas
RICK LAZIO, New York KAREN McCARTHY, Missouri
BARBARA CUBIN, Wyoming TED STRICKLAND, Ohio
JAMES E. ROGAN, California DIANA DeGETTE, Colorado
JOHN SHIMKUS, Illinois THOMAS M. BARRETT, Wisconsin
HEATHER WILSON, New Mexico BILL LUTHER, Minnesota
JOHN B. SHADEGG, Arizona LOIS CAPPS, California
CHARLES W. ``CHIP'' PICKERING,
Mississippi
VITO FOSSELLA, New York
ROY BLUNT, Missouri
ED BRYANT, Tennessee
ROBERT L. EHRLICH, Jr., Maryland
James E. Derderian, Chief of Staff
James D. Barnette, General Counsel
Reid P.F. Stuntz, Minority Staff Director and Chief Counsel
______
Subcommittee on Oversight and Investigations
FRED UPTON, Michigan, Chairman
JOE BARTON, Texas RON KLINK, Pennsylvania
CHRISTOPHER COX, California HENRY A. WAXMAN, California
RICHARD BURR, North Carolina BART STUPAK, Michigan
Vice Chairman GENE GREEN, Texas
BRIAN P. BILBRAY, California KAREN McCARTHY, Missouri
ED WHITFIELD, Kentucky TED STRICKLAND, Ohio
GREG GANSKE, Iowa DIANA DeGETTE, Colorado
ROY BLUNT, Missouri JOHN D. DINGELL, Michigan,
ED BRYANT, Tennessee (Ex Officio)
TOM BLILEY, Virginia,
(Ex Officio)
(ii)
C O N T E N T S
__________
Page
Testimony of:
Aronovitz, Leslie G., Associate Director for Health Financing
and Public Health Issues, U.S. General Accounting Office... 13
Burleigh, Robert B., Vice President, PractiCare.............. 29
Hast, Robert H., Acting Assistant Comptroller General, Office
of Special Investigations, U.S. General Accounting Office.. 9
Morris, Lewis, Counsel, Office of the Inspector General,
Department of Health and Human Services, accompanied by
Steve Lack, Special Agent.................................. 18
Thompson, Penny, Director, Medicare Program Integrity Group,
Health Care Financing Administration....................... 25
Material submitted for the record by:
Bliley, Hon. Tom, Chairman, Committee on Commerce, letter
dated March 14, 2000, to Penny Thompson, Director, Program
Integrity Group, Health Care Financing Administration,
requesting response for the record......................... 62
Thompson, Penny, Director, Medicare Program Integrity Group,
Health Care Financing Administration, letter dated March
30, 2000, to Hon. Tom Bliley, enclosing response for the
record..................................................... 63
(iii)
THIRD-PARTY BILLING COMPANY FRAUD: ASSESSING THE THREAT POSED TO
MEDICARE
----------
THURSDAY, APRIL 6, 2000
House of Representatives,
Committee on Commerce,
Subcommittee on Oversight and Investigations,
Washington, DC.
The subcommittee met, pursuant to notice, at 10 a.m., in
room 2322, Rayburn House Office Building, Hon. Richard Burr
(presiding).
Members present: Representatives Burr, Bryant, Stupak,
Green, and Strickland.
Staff present: Chuck Clapton, majority counsel; Amy
Davidge, legislative clerk; and Chris Knauer, minority
investigator.
Mr. Burr. The Chair will call this hearing of the Oversight
and Investigations Subcommittee to order.
I would like to take this opportunity to welcome our
witnesses today, some of whom have previously been before us.
The purpose of today's hearing is to look at the third-
party billing company fraud that exists within the Medicare
billing process. We are delighted to have with us a number of
witnesses to testify. This hearing will be limited to one
panel. I know that we have got members who will be in and out,
so please be patient with us as we try to accommodate whatever
questions they might have.
For the purposes of an opening statement, the Chair would
recognize himself and all members who wish to make one and
would also ask unanimous consent that any member who wishes to
enter an opening statement that is not here would be permitted
to do so.
Without objection, that will be so ordered.
Today's hearing is about determining whether HCFA is doing
an adequate job of protecting Medicare from fraud and abuse by
third-party billing agencies. Across America, the population of
companies that represent medical providers from the standpoint
of processing their billing information for the purposes of
reimbursement to the Health Care Financing Administration has
grown dramatically.
Today we will hear how a woman using one of the third-party
billing agencies in Texas was able to submit $1.3 million in
false claims, which was never detected by the Health Care
Financing Administration. This raises a great question for this
subcommittee, for Congress, and for the American people. The
Office of the Inspector General at HHS will also tell us about
several cases they investigated where a third-party billing
agency was able to steal millions of dollars from Medicare.
I will take this opportunity to say the purpose of this
hearing is not to bash the Health Care Financing
Administration. It is to educate us more clearly about this
third-party billing industry that has emerged in America, to
determine what additional procedures should be in place at the
Health Care Financing Administration that have not existed up
until this point. We should insure that everybody involved in
the process has the comfort level of knowing that gaming the
system is not quite as easy as it seems to be right now.
Let me say that even the IRS, which is not known for its
efficiency, requires the preparers of tax returns identify
themselves with an identifying number. One of the most
troubling pieces of this challenge that we have before us today
is that we do not currently have any type of identifier that
follows a third-party biller. A third-party biller can contract
with multiple physicians, yet the identifier that the Health
Care Financing Administration sees is, in fact, the
physician's, and not the third-party biller's.
One of the questions I hope to get an answer to is how many
third-party billers exist in the country today. Clearly, our
hope is that, between the members of this committee, we can
work to make sure that the right type of procedures are in
place at HCFA that assure us that the future is not one where
fraud and abuse is such an opportunity. In fact, what we can do
is shepherd third-party billing companies to be honest entities
providing a very valuable service for the reimbursement process
that many health care entities do not have the manpower, the
time or the expertise to do.
I would be remiss if I did not take this opportunity to say
that third-party billers have been created for a number of
reasons, but probably the biggest is because of the confusion
and difficulty faced by physicians attempting to understand the
rules and regulations that HCFA sets out for them. Congress is
partly responsible for that very massive undertaking that each
physician is faced with.
I have made the comment many times that physicians in North
Carolina, in the absence of being able to understand the
constant changes in our health care regulations, turn to the
business schools of many universities and hire that MBA student
to come in and run their medical practice from the standpoints
of the administrative and billing side.
The biggest problem they have today is now that same MBA is
walking into the physician's office saying, I can't do this any
more, because I can't figure it out. I can't assure you with
any degree of confidence that I have kept you out of that gray
area that somebody might want to chase that we commonly refer
to as fraud and abuse.
I am confident that we can find a satisfactory conclusion
to this current problem, but my hope also is that we can in the
future build a system that is easier to understand, simpler for
all involved, and, more importantly, focuses more on the
beneficiaries who are covered under Medicare than the process
of paying claims.
At this time, the Chair would recognize Mr. Bryant for an
opening statement.
Mr. Bryant. I thank the chairman, and I thank the chairman
for conducting this hearing. I thank the panel of witnesses. My
statement will be brief.
I have been in Congress as long as the chairman has, but
this is really my first tour of duty on Commerce. It seems to
me the short time I have been on Commerce, we have been at this
hearing, this type of hearing, over the fraud in Medicare and
abuse a couple of times. This may even be the third time we
have been up here on some aspect of it.
I fully appreciate the complexity of everything involved in
Medicare, the size, the amounts of money we are dealing with,
the number of people necessary to handle this, but I would echo
what our Chairman has said that we are all wanting the same
thing out of this, and it seems to me we ought to be able to
get a handle on this. By bringing in third-party payers and
intermediaries, I assume that was done to make this process
work better, but it appears that, to some extent, we have just
added somebody else in the system who can cheat and steal from
us.
I appreciate very few of the people in the big picture do
this, but the ones that do it do it in significant amounts. It
just seems to me we have got to find a way to better account
and oversee all the parties involved in this.
I know, in reading some of the materials in preparation for
this hearing, it seems we have not done much with this
intermediary group of third-party payers, and, of course, we
are now starting to see the results, or at least catching some
of these folks.
Again, I am going to stop now. I know Mr. Stupak is here
and has a statement to make, and I am very interested in
hearing what each one of you has to say. If you have got any
comments you can make in terms of how Congress can help you do
your job, particularly from HCFA, we would appreciate it. But,
again, I thank all of you for taking your time to come today. I
look forward to your testimony.
Mr. Chairman, I yield back balance of my time.
Mr. Burr. The gentleman from Michigan.
Mr. Stupak. Thank you, Mr. Chairman. I will be very brief.
I don't have an opening statement. I am here interested in
hearing the witnesses today.
I am familiar with this third-party payee system and how
sometimes innocent doctors get caught in the billing practices
where they give to a third-party, who then bills Medicare and
then, unfortunately, we have some problems. That is what we are
going to get at today and how best to address it. I am not here
looking to put blame on anyone but trying to get answers to the
serious situation.
Mr. Chairman, with that thought in mind I would like to
enter into the record, if I may, a GAO report dated June 2,
1999, to the Honorable John Dingell, ranking minority member on
this side of the aisle. This side, as the majority, has been
concerned about the third-party billing claims, submitting
claims, and if there is fraud and abuse going on in that area.
Mr. Dingell has a report from GAO, and I would like to make
that part of the record with your acceptance of this report.
Mr. Burr. Without objection, so ordered.
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED] T4027.001
[GRAPHIC] [TIFF OMITTED] T4027.002
[GRAPHIC] [TIFF OMITTED] T4027.003
[GRAPHIC] [TIFF OMITTED] T4027.004
[GRAPHIC] [TIFF OMITTED] T4027.005
Mr. Stupak. I yield back my time. Thank you.
Mr. Burr. I thank the gentleman from Michigan.
[Additional statement submitted for the record follows:]
Prepared Statement of Hon. Tom Bliley, Chairman, Committee on Commerce
Chairman Upton, thank you for holding this hearing today. This
hearing builds on the work this Committee has done to reduce fraud in
the Medicare program. Serious questions have been raised about what the
Health Care Financing Administration is doing about third party
billers, and whether HCFA is putting Medicare at unnecessary risk of
fraud. I hope that today's hearing will provide answers to these
questions.
I should note that I believe that the vast majority of third party
billers are honest and reputable small businesses that provide a very
valuable service to many health care providers. In fact, third party
billers can play a very important role in insuring that claims are
submitted in an accurate manner that complies with all of the complex
billing requirements associated with the Medicare program.
Unfortunately, a very small number of unscrupulous individuals have
used third party billing services to take advantage of weaknesses in
the current Medicare system to steal millions of scarce program
dollars.
At my request, the Office of Special Investigations at the General
Accounting Office took a look at a Texas health care provider who was
using a third party biller to submit claims to Medicare. The GAO found
that Behavioral Medical Systems, of Sugarland Texas, was able to submit
$1.3 million in false claims that went undetected. It was not until GAO
shared their findings with the Medicare contractor that the provider
number being used to submit these false claims was suspended. Last week
we learned that this individual has also been using an old number to
submit additional claims to Medicare. How was this individual able to
submit all of these false claims and avoid detection? How was she able
to continue billing Medicare after her group provider number was
suspended?
I was equally shocked to learn of the findings in the report
released by the Office of Inspector General at HHS two days ago. The
OIG found that many Medicare contractors have no way of knowing who
actually submitted a claim to Medicare, or how many claims were
submitted by a third party biller. In addition they lack even basic
information about who submits a claim. According to the OIG, anyone
with a computer, a modem, access to a provider's number and a patients
health insurance number could send false claims to Medicare.
This seems to me to be a recipe for disaster. How can we expect
Medicare's front line defenders to fight fraud when they know so little
about the claims being submitted by third party billers. These findings
all indicate that HCFA is failing to adequately protect Medicare from
potential fraud and abuse by third party billers. This is not a
hypothetical risk. The case that the GAO has investigated for the
Committee, along with the cases identified and prosecuted by the OIG,
clearly show that fraud by third party billers costs millions of
Medicare dollars.
HCFA has indicated that they are taking steps to address these
problems. While any effort to reduce the risk of Medicare fraud is
good, I am concerned that these efforts may not do enough to solve the
problems that have been identified. HCFA proposes to obtain information
from health care providers about their use of third party billers and
clearinghouses, but studies show that this information is often out of
date and inaccurate. Additionally, in the time that it takes HCFA to
gather this information, Medicare will continue to be at risk. How many
more millions of Medicare dollars do we have to lose before we put in
place an adequate system that will address these problems?
I would like to thank all of the witnesses for testifying today,
and will look forward to hearing their views on what can be done to
prevent the criminal misuse of third party services to defraud
Medicare.
Mr. Burr. We are pleased today to have a number of
witnesses. We have with us Mr. Robert Hast, Acting Assistant
Comptroller General of the United States General Accounting
Office. We have Mr. Lew Morris, Counsel of the Office of
Inspector General. Mr. Morris is accompanied by Steve Lack,
Special Agent. Mr. Robert Burleigh, Vice President, PractiCare.
Ms. Leslie Aronovitz, Associate Director for Health Care
Financing and Public Health Issues from the General Accounting
Office; and Ms. Penny Thompson, from the Health Care Financing
Administration.
As I believe most of you are aware, this subcommittee is an
investigative subcommittee; and, as such, it has had the
practice of taking testimony under oath. Does anyone have an
objection to taking testimony under oath?
You also have the right under the House rules to be advised
by counsel. Is there anybody who chooses to have counsel advise
them?
Hearing none, if I could get all of you to rise.
[Witnesses sworn.]
Mr. Burr. Consider yourselves sworn in and under oath. The
Chair would work from your right, my left.
At this time, I would recognize Mr. Hast.
TESTIMONY OF ROBERT H. HAST, ACTING ASSISTANT COMPTROLLER
GENERAL, OFFICE OF SPECIAL INVESTIGATIONS, UNITED STATES
GENERAL ACCOUNTING OFFICE; LESLIE G. ARONOVITZ, ASSOCIATE
DIRECTOR FOR HEALTH FINANCING AND PUBLIC HEALTH ISSUES, UNITED
STATES GENERAL ACCOUNTING OFFICE; LEWIS MORRIS, COUNSEL, OFFICE
OF THE INSPECTOR GENERAL, DEPARTMENT OF HEALTH AND HUMAN
SERVICES, ACCOMPANIED BY STEVE LACK, SPECIAL AGENT; PENNY
THOMPSON, DIRECTOR, MEDICARE PROGRAM INTEGRITY GROUP, HEALTH
CARE FINANCING ADMINISTRATION; AND ROBERT B. BURLEIGH, VICE
PRESIDENT, PRACTICARE
Mr. Hast. Mr. Chairman and members of the subcommittee, I
am pleased to be here today to discuss the results of our
recent investigation in the operations of Behavioral Medical
Systems, Incorporated, referred to as BMS. We determined that
BMS represented itself to Medicare as a health care provider.
However, BMS functioned as a broker of medical services and
contracted with a third-party biller for submitting claims to
Medicare. In short, BMS prepared claims and had its third-party
biller remit them to Medicare on behalf of the health care
providers. My testimony today is based on the report of our
investigation, which you are releasing.
More specifically, my remarks concern BMS and how it
conducted business, its improper billing of Medicare, and our
belief that BMS violated the U.S. Code.
In brief, BMS, founded by Sandra Hunter, a Ph.D. and a
licensed social worker, consistently caused improper claims to
be submitted to Medicare. Those claims involved services by six
psychiatrists contracted to it. Indeed, of the approximately
4,900 Medicare claims that BMS filed in the 20-month period we
investigated, 87 percent, or almost 4,300 claims, were for
services that were not provided. These improper Medicare claims
total $1.3 million.
In addition, BMS violated the general statutory principle
that Medicare payments should be made directly to the
beneficiary or the assigned physician who provided the medical
service. Neither of these situations fit BMS.
On the basis of our investigation, a Medicare carrier
temporarily suspended BMS from the Medicare program on July 9,
1999. To date, BMS remains on suspension.
In addition, we referred the matter to the Inspector
General of the Department of Health and Human Services and also
to the Justice Department. However, we recently learned that
Dr. Hunter is currently submitting Medicare claims under an old
provider number issued to her in 1993. That provider number is
not related to BMS and we have not conducted an investigation
to determine whether or not these claims are proper.
In regard to BMS and its operations, Dr. Hunter applied for
and received a group provider number for BMS in 1995. That
group provider number allowed her to bill Medicare for services
rendered. In the application, Dr. Hunter represented the
location of BMS as a suite at a particular address in
Sugarland, Texas. This gave the impression that BMS was located
in a business environment and that medical services would be
provided there. Instead, the stated suite number and business
address consisted of a mailbox number at a local Mailbox
Express.
In addition, on her application for a group provider
number, Dr. Hunter represented BMS as a group practice
specializing in psychiatry. We determined, however, that BMS
did not directly employ psychiatrists and was thus not a group
practice. Instead, in its business, BMS contracted with nursing
homes to provide psychiatric and related services to the
resident. BMS then contracted with psychiatrists and
psychotherapists as independent contractors, not as BMS
employees to provide these services. According to the
psychiatrists, they were to use BMS as their third-party
biller.
These psychiatrists and psychotherapists prepared monthly
activity reports providing necessary Medicare billing
information. These reports were then forwarded to Dr. Hunter
for processing. Dr. Hunter next forwarded them to her
contracted third-party biller who, following her directions,
submitted them as billings to the fiscal carrier on behalf of
BMS. Medicare sent the claim payments back to Dr. Hunter, who
paid the contracted psychiatrists and psychotherapists,
extracting a 5 percent fee.
Medicare also sent the explanations of benefits detailing
these payments for the services to BMS and not to the
psychiatrists. These psychiatrists stated they were thus
unaware of the additional claims being made on their behalf.
However, BMS billed Medicare for fictional visits to
patients. Most, in fact 80 percent, of the claims we analyzed
for the period of September 1997 through April 1999 were for
services that the psychiatrists had not rendered to these
patients.
For example, Medicare paid BMS for 90 visits by one
psychiatrist to a patient between September 1, 1997, and
February 28, 1998. According to his records, the psychiatrist
had not visited the patient at all during that period. In
addition, the same psychiatrist saw a second patient six times
between May 23, 1998, and February 16, 1999. Yet carrier
records show that BMS billed Medicare for 70 additional visits
by the psychiatrist during that timeframe.
According to another psychiatrist, he made five visits to
one patient, yet carrier claims records show BMS billed
Medicare for 41 more visits by that psychiatrist.
As another matter, we believe BMS violated the U.S. Code
concerning direct Medicare payments. BMS should not have billed
Medicare because it did not directly employ the psychiatrists
and psychotherapists who provided the services to Medicare
patients, and it did not provide a facility in which services
were rendered. Based on the statute and HCFA's implementing
regulations, BMS was not entitled to bill Medicare directly for
the services provided by the psychiatrists to nursing home
patients.
We believe that the statutory language is clear that BMS
could not bill Medicare because it was neither the beneficiary
nor the provider of services to the Medicare patients.
Mr. Chairman, this concludes my prepared remarks, and I
would be pleased to respond to any questions that you or the
other members have. Thank you.
[The prepared statement of Robert H. Hast follows:]
Prepared Statement of Robert H. Hast, Acting Assistant Comptroller
General for Special Investigations, Office of Special Investigations,
GAO
Mr. Chairman and Members of the Subcommittee: I am pleased to be
here today to discuss the results of our recent investigation of the
operations of Behavioral Medical Systems, Inc. (BMS) of Sugarland,
Texas, which functioned as a broker of medical services and contracted
with a third-party biller for submitting claims to Medicare. Third-
party billers prepare and remit (electronically or by paper) claims to
Medicare contractors on behalf of health care providers.
You had asked that we undertake the investigation because of your
concern about fraud and abuse within the Medicare program. Such
activities could be involved in a recent estimate, reported by the
Office of Inspector General (OIG), Department of Health and Human
Services (HHS), that $12.6 billion of fiscal year 1998 Medicare
payments for fee-for-service claims did not comply with Medicare rules.
My testimony today is based on our recent report of our investigation,
which you are releasing today.1 More specifically, my
remarks concern (1) BMS and how it conducted business, (2) its improper
billing of Medicare, and (3) our belief that BMS violated the U.S.
Code.
---------------------------------------------------------------------------
\1\ See Medicare: Improper Third-Party Billing of Medicare by
Behavioral Medical Systems, Inc. (GAO/OSI-00-5R, Mar. 30, 2000).
---------------------------------------------------------------------------
In brief, we determined that although BMS represented itself to
Medicare as a health-care provider, in fact it functioned as a broker
of medical services and, according to its contracted psychiatrists, a
third-party biller. Further, through the services of the third-party
biller with which it had contracted, BMS consistently caused improper
Medicare claims to be submitted for services by six psychiatrists
contracted to it. Indeed, of the approximately 4,900 Medicare claims
that BMS filed in the 20-month period we investigated, 87 percent--or
almost 4,300 claims--were for services that reportedly were not
provided. Those improper Medicare claims totaled $1.3 million. As
another matter, we believe that BMS violated the general statutory
principle 2 that Medicare payments should be made directly
to the beneficiary or the assigned physician who provided the medical
service. Neither of these situations pertained to BMS.
---------------------------------------------------------------------------
\2\ 42 U.S.C. section 1395u(b)(6).
---------------------------------------------------------------------------
On the basis of our investigation, the Medicare carrier temporarily
suspended BMS from Medicare program participation on July 9, 1999. At
this time, BMS remains suspended. Further, we referred the matter to
the HHS OIG, and it has been referred to the Department of Justice.
However, we recently learned that the founder of BMS--Sandra J. Hunter,
Ph.D., a licensed social worker--is currently submitting Medicare
claims under an old provider number issued to her in 1993. That
provider number is not related to BMS. We have not conducted an
investigation to determine if these claims are improper.
BMS and Its Operations
In February 1995, Dr. Hunter applied to a Texas Medicare Part B
carrier for a Medicare billing (provider) number for BMS. Dr. Hunter
subsequently received a group provider number that allowed her to bill
for Medicare services rendered. In the application, Dr. Hunter
represented the location of BMS as a suite at a particular address in
Sugarland, Texas. This gave the impression that BMS was located in a
business environment and that medical services would be provided there.
Instead, the stated suite number and business address consisted of a
mailbox number at a local Mail Box Express.
In addition, on her application, Dr. Hunter represented BMS as a
group practice specializing in psychiatry. We determined, however, that
BMS did not directly employ psychiatrists and was thus not a group
practice. Instead, in its business, BMS contracted with nursing homes
to provide psychiatric and related services to their residents. BMS
also contracted with psychiatrists and psychotherapists--as independent
contractors, not BMS employees--to provide those services and,
according to the psychiatrists, use BMS as their third-party biller.
Then, as was the BMS process, (1) the psychiatrists and
psychotherapists prepared monthly activity reports providing necessary
Medicare billing information; (2) the reports were forwarded to Dr.
Hunter for processing; and (3) Dr. Hunter forwarded them to her
contracted third-party biller for it to submit billings, following her
direction, to Medicare on behalf of BMS. Medicare sent the claims
payments to Dr. Hunter, who paid the contracted psychiatrists and
psychotherapists. Medicare also sent the Explanations of Benefits,
detailing the payments for the services, to BMS and not to the
psychiatrists.3 These psychiatrists stated that they were
thus unaware of the additional claims made on their behalf.
---------------------------------------------------------------------------
\3\ Our analysis did not include a review of psychotherapists
because their rate of reimbursement was based on an hourly rate for
individual services rendered.
---------------------------------------------------------------------------
BMS Billed Medicare fo Reportedly Fictional Visits to Patients
We compared the service dates that the psychiatrists submitted to
Dr. Hunter in their activity reports and the claims that the BMS
contractor submitted for reimbursement to Medicare, under Dr. Hunter's
direction. Most--87 percent--of the claims that we analyzed from the
period September 1997 through April 1999 (the period that we
investigated) were for services that the psychiatrists had not rendered
to their patients. For example, Medicare paid BMS for 90 visits by one
psychiatrist to a patient between September 1, 1997, and February 28,
1998. However, according to his records, the psychiatrist had not
visited the patient at all during that period. In addition, the same
psychiatrist saw a second patient six times between May 23, 1998, and
February 16, 1999. Yet carrier records show that BMS, through its
contractor, billed Medicare for 70 additional visits by the
psychiatrist during that time frame. According to another psychiatrist,
he made five visits to one patient. Yet carrier claims records show
that BMS billed Medicare for another 41 visits by that psychiatrist.
We analyzed the 4,922 claims that the BMS contractor submitted to
Medicare on behalf of the 6 contract psychiatrists for the September
1997-April 1999 time frame. Of these claims, 4,291--or 87 percent--were
reportedly fictitious. According to the 6 psychiatrists and fiscal
carrier records, these claims represented 9,854 patient visits that
never occurred. Also according to carrier records, the improper claims
totaled $1.3 million for unrendered services. We determined that BMS
had received over $362,000 in Medicare payments for the fictional
visits and services. The difference of approximately $951,000 is
attributable to claims that were disallowed/disputed, co-payments,
deductibles, or claims that exceeded allowable Medicare reimbursable
amounts.
BMS Violated the U.S. Code Concerning Direct Medicare Payments
BMS should not have billed Medicare because it neither (1) directly
employed the psychiatrists and psychotherapists who provided the
services to the Medicare patients nor (2) provided a facility in which
the services were rendered. Based on statute 4 and HCFA's
implementing regulations,5 BMS was not entitled to bill
Medicare directly for the services that the psychiatrists and
psychotherapists provided for patients in the nursing homes.
---------------------------------------------------------------------------
\4\ Title 42 U.S.C. section 1395u(b)(6) states in pertinent part,
``No payment under that part [B] for a service provided to any
individual shall be made to anyone other than such individual or[,]
pursuant to an assignment[,] . . . [to] the physician or other person
who provided the service, except that (A) payment may be made (i) to
the employer of such physician or other person . . . [or] (ii) (where
the service was provided in a hospital, rural primary care hospital,
clinic, or other facility) to the facility in which the service was
provided if there is a contractual arrangement between such physician
or other person and such facility under which such facility submits the
bill for such services . . . .''
\5\ HCFA regulations at 42 C.F.R. section 424.73(a) implement the
congressional intent by limiting the extent to which Medicare pays
individuals or entities that do not directly provide medical care.
---------------------------------------------------------------------------
We believe that the statutory language is clear that BMS could not
bill Medicare because it was neither the beneficiary nor the provider
of the services to the Medicare patients. The subject statute
establishes the general principle that Medicare payments are to be made
to the beneficiary or, under assignment, to the medical provider who
rendered the service. Legislative history indicates that the Congress
was concerned about third-party direct billing because, among other
points, ``[s]uch reassignments have been a source of incorrect and
inflated claims for services.'' (H.R. No. 92-231, at 104 (1971))
Through the subject statute, the Congress sought to eliminate a third
party's incentive to submit claims for unprovided services or to engage
in abusive billing practices.
Mr. Chairman, this concludes my prepared remarks. We would be
pleased to respond to any questions that you or other members of the
Committee have.
GAO Contacts and Acknowledgements
For further information regarding this testimony, please contact
Robert H. Hast at (202) 512-7455 or Steve Iannucci at (202) 512-6722.
Robert Gettings and Harvey Gold made key contributions to this
testimony.
Mr. Burr. Thank you, Mr. Hast.
The Chair would recognize Ms. Aronovitz.
TESTIMONY OF LESLIE G. ARONOVITZ
Ms. Aronovitz. Thank you, Mr. Burr, Mr. Stupak and Mr.
Bryant.
I am very pleased to be here today. I am very pleased to be
here today to discuss the effectiveness of HCFA's efforts to
detect fraud by third-party billing companies that submit
claims to Medicare on behalf of their provider clients.
Mr. Hast has just described to you a case of a broker who
supplied erroneous information that was ultimately used to
fraudulently bill Medicare. This case involved a different
entity than a third-party biller, but our concerns about third-
party billers could actually apply to any entity that acts on
behalf of providers to facilitate the submission and payment of
medical claims. That is not to say that all third-party billers
should be suspect. In fact, the vast majority play an important
and legitimate role in assisting providers with billing and
management services.
HCFA's contractors can only manually review a limited
number of claims. Finding fraud among third-party billers is
like finding a needle in a haystack.
Knowing that providers are linked to a problematic third-
party biller is like giving HCFA a magnet to look for the
needle. We found that HCFA's efforts to comprehensively
identify and review claims associated with third-party billers
fell short in several areas. I would like to briefly discuss
some of our concerns.
First, the identity of a third-party biller submitting a
claim is lost on many electronic claims when multiple entities
are involved, while on paper claims such information is not
recorded at all. For providers, third-party billers and other
entities such as clearinghouses to submit claims to Medicare
electronically, they must obtain a submitter number from a
Medicare contractor. This number becomes part of each claim's
submission. However, when a claim passes through other entities
such as one or more clearinghouses before reaching the
contractor for payment, the entity may overwrite another's
number.
Further, on provider claims, forms only include space to
identify the provider and not the biller. It should also be
noted that such billers do not register with Medicare nor are
they linked systematically to the providers they serve.
Although the enrollment process requires providers to identify
the name of the billing company, its address, phone number and
a contact person, there is no registration process for third-
party billers that would allow HCFA to identify crucial
information on the company's owners, criminal history record or
other identifiers. Without this information, HCFA might have
difficulty identifying an officer or officers of the company if
problems should occur.
We also found that HCFA's efforts to develop comprehensive
data on all providers, including their use of third-party
billers, is still several years from completion. In May, 1996,
HCFA issued a new enrollment form, but HCFA's data indicates
only about 15 percent of Medicare providers have enrolled since
HCFA began using the new form. Thus, 85 percent of Medicare
providers that enrolled before 1996 likely have not provided
this information to HCFA.
Further, even if providers that have completed the new
enrollment form--even those providers may not have valid
information in HCFA's system because HCFA's contractors depend
on providers to report any changes.
We heard that providers often do not report changes in
their billing arrangements and as a practical matter action
would rarely be taken against non-complying providers.
Finally, we are concerned that information HCFA does have
about providers' use of third-party billers is not reliable
because HCFA's data base is dependent on a provider's self-
reporting and does not validate it. HCFA is drafting a
regulation effective this October which would require all
providers to update their enrollment information, and we think
this is a good thing. Here again, however, this process
involves self-reported data that typically will not be
validated or updated by the contractors.
Mr. Burr, this concludes my statement. I will be happy to
answer any questions you or other members of the subcommittee
have.
[The prepared statement of Leslie G. Aronovitz follows:]
Prepared Statement of Leslie G. Aronovitz, Associate Director, Health
Financing and Public Health Issues, Health, Education, and Human
Services Division, GAO
Mr. Chairman and Members of the Subcommittee: We are pleased to be
here today to discuss the effectiveness of HCFA's efforts to prevent
fraud by third-party billing companies that submit claims to Medicare
on behalf of providers. With 1999 payments of about $208 billion and
responsibility for financing health services delivered by hundreds of
thousands of providers to almost 40 million elderly and disabled
Americans, Medicare is inherently vulnerable to fraud, waste, and
abuse. We, and the Department of Health and Human Services (HHS) Office
of Inspector General (OIG) have issued several reports addressing the
need for sophisticated program safeguards to identify and detect
potentially fraudulent billing practices.
In fiscal year 1999, Medicare's fee-for-service program covered
about 83 percent of Medicare's beneficiaries. HCFA administers
Medicare's fee-for-service program largely through a network of more
than 50 claims processing contractors--insurance companies such as
Mutual of Omaha and Blue Cross and Blue Shield plans--that process and
pay Medicare claims. Once enrolled in Medicare, physicians, hospitals,
and other providers may submit claims for payment, sometimes through
third-party billers, to Medicare contractors. Third-party billing
companies are businesses that prepare and submit claims on behalf of
health care providers to payers such as Medicare, Medicaid, and private
health insurers. In the first 7 months of fiscal year 1999, Medicare
contractors processed over 508 million claims--averaging more than 72
million claims per month.
HCFA's contractors can only review a limited number of claims.
Finding fraud among third-party billing companies is like looking for a
needle in a haystack. Knowing that providers are linked to problematic
third-party billers is like giving HCFA a magnet to look for those
needles. In a GAO report issued last June, we found that HCFA's efforts
to comprehensively identify and review claims associated with third-
party billers fell short for several reasons.1 First, the
identity of a third-party biller submitting a claim is lost on many
electronic claims when multiple entities are involved, while on paper
claims, such information is not recorded at all. Second, such billers
do not register with Medicare, nor are they linked systematically to
the providers they serve. Third, HCFA's efforts to develop
comprehensive data on all providers, including their use of third-party
billers, are still several years from completion. Finally, information
HCFA does have about providers' use of third-party billers is not
reliable because HCFA's database is dependent on provider self-
reporting and is not validated.
---------------------------------------------------------------------------
\1\ GAO/HEHS-99-127R, June 2, 1999.
---------------------------------------------------------------------------
background
Although third-party billing services have been part of the U.S.
health care system since the 1950s, large billing companies emerged in
the 1980s, when Medicare required that hospital-based physicians'
services be separately billed. In 1990, Medicare required physicians
and other providers to submit claims to Medicare on behalf of all
beneficiaries, increasing providers' billing workloads. Many providers
have turned to third-party billing companies to assist them in
submitting claims and to provide advice regarding reimbursement
matters, as well as overall business decision-making. Officials of an
industry trade association estimate that there are currently about
5,000 active third-party billing companies in the United States.
Third-party billing companies prepare either paper or electronic
claims for submission to Medicare contractors. In fiscal year 1999,
about 83 percent of Medicare claims were submitted electronically.
Electronic claims may be submitted directly to a contractor or may be
sent through one or more other entities, known as clearinghouses,
before reaching the Medicare contractor. Third-party billers, and even
providers, contract with clearinghouses to reformat claims to meet
Medicare's requirements.
Medicare claims administration contractors are responsible for
processing and paying Medicare claims. In addition, they are
responsible for payment safeguard activities intended to protect
Medicare from paying inappropriately. These activities include
analyzing claims data to identify potentially inappropriate claims,
performing medical review of claims to determine whether the services
provided were medically necessary and covered by Medicare, and
investigating potential cases of fraud and abuse. To target program
integrity resources, contractors attempt to identify aberrant patterns
of claims submitted by providers to determine whether the claims should
be subjected to greater scrutiny. In this connection, the ability to
scrutinize the claims being submitted by individual third-party billing
companies might allow HCFA to identify aberrant patterns indicative of
fraud and abuse in their submissions.
hcfa cannot identify claims submitted by third-party billers
Third-party billing companies often have access to billing
information about multiple health care providers and many of their
patients. As a result, unscrupulous operators of such businesses have
an opportunity to submit false claims. For example, in 1997, a billing
company agreed to pay the government $7.75 million to settle
allegations that it had violated the federal False Claims Act when it
filed improperly coded claims. In 1998, a different third-party biller
was found to have submitted duplicate claims and claims with incorrect
diagnosis codes. Although it did not admit guilt, it agreed to pay the
federal government $1.5 million to settle these allegations. In a third
case, a third-party billing company agreed to pay the government almost
$415,000 to settle allegations that it improperly filed medical supply
claims with Medicare on behalf of a provider. The provider denied that
it knew of, or participated in, any fraudulent conduct with respect to
the submission of the claims.
Even when HCFA or its contractors suspect that providers' claims
are abusive, they are often unable to tell that the claims were
submitted by a third-party biller. This is due to limitations in both
the systems for processing electronic claims and the complete lack of
identifying information on paper claims. For providers, third-party
billers, and clearinghouses to submit claims to Medicare contractors
electronically, they must obtain a submitter number from a Medicare
contractor. This number becomes part of each claim submission.
Electronic claim submissions contain only one submitter number. If a
third-party biller submits a claim directly to a contractor, the number
identifies the claim as coming from that biller. However, when a claim
passes through other entities, such as one or more clearinghouses,
before reaching the contractor for payment, the third-party biller's
number is not always present. In some cases, one entity may overwrite
another's number, or entities may decide among themselves whose number
to use.
While HCFA has established this process--albeit imperfect--to
monitor the source of electronic claims, no such process exists for
paper claims. Paper claim forms include a section or space to identify
the provider but not the biller. In general, contractors would know if
a third-party biller submitted a paper claim only if the provider
specifically informed the contractor when it first enrolled in Medicare
of its intention to use a third-party biller, or if the contractor
identified a biller while investigating a provider. An OIG official who
has investigated several cases of Medicare fraud by third-party billing
companies told us that when billing companies used paper claims, it was
difficult for the OIG to identify all providers using a given biller.
In the case where a third-party billing company was submitting
fraudulent claims for surgical dressings on behalf of many nursing
homes across the United States, there was no indication that the same
third-party biller was involved. The OIG agents pursued the case
against one nursing home as an individual fraudulent provider, when in
fact 70 nursing homes were involved. After additional cases were opened
by other OIG offices targeting other individual nursing homes, the
agents met to share lessons learned and realized that all the nursing
homes used the same billing company and that a single company was, in
fact, the source of the fraud.
hcfa's efforts show limited results
HCFA has no routine registration process to collect comprehensive
information about third-party billers. Although the enrollment process
requires providers to identify the name of the billing company, its
address, phone number, and a contact person, there is no registration
process for third-party billers that would allow HCFA to identify
critical information on the company's owners, criminal history record,
or other identifiers. Without this information, HCFA might have
difficulty identifying an officer or officers of the company if
problems should occur. In addition, although providers indicating that
they plan to use a billing company must provide a copy of their
contract with the biller, the information in the contract may be
minimal. For example, we reviewed one contract that identified the
services the biller would provide but included no identifying
information about the biller other than its name and a signature. Even
if HCFA did have complete information on third-party billers, it has
limited recourse if problems arise. Although HCFA can refer the biller
to the HHS OIG or the Department of Justice, it does not have the
ability to take intermediate administrative actions. According to a
HCFA official, whereas the agency would like to be able to exclude
third-party billers from submitting claims to Medicare, it cannot do so
because third-party billers do not have to enroll with Medicare to
participate in the program.
HCFA has made efforts to obtain information on third-party billers,
but it still cannot routinely match a third-party biller with all of
the providers it represents. In May 1996, HCFA issued a new enrollment
form for providers entering Medicare. The form requires detailed
information, including an identification of the third-party billing
company a provider plans to use, if any. While the enrollment form
provides information about billers that HCFA and its contractors
previously did not have, HCFA data indicate that only about 15 percent
of Medicare providers have enrolled since HCFA began using the new
form. Thus, the 85 percent of Medicare providers that enrolled before
May 1996 likely have not provided this information to HCFA. Further,
even providers that have completed the new enrollment form may not have
valid information in HCFA's system. This is due to the fact that HCFA
and the contractors depend on providers to report any changes.
Providers often do not comply with the requirement in enrollment
instructions to notify their claims processing contractors when they
change or add third-party billers, according to HCFA and contractor
officials we talked with. Although notification is legally required, it
is unlikely as a practical matter that any action would be taken
against a non-complying provider.
In an attempt to gather updated and comprehensive information about
providers, HCFA is drafting a regulation to require providers that
enrolled in Medicare before May 1996 to complete the new enrollment
form to fill this information gap. Providers would also be required to
recertify the information on their enrollment form every 3 years. HCFA
plans to have the regulation in effect by October 1, 2000, and begin
requiring providers to update their enrollment information shortly
thereafter. Here again, this process involves self-reported data that
typically will not be validated or updated by the contractors.
To make provider and third-party biller information more accessible
to the contractors, HCFA is developing a new automated system to access
the provider enrollment database. HCFA intends that the system, known
as the Provider Enrollment, Chain and Ownership System (PECOS) will
provide a complete history of a Medicare provider based on the
information in the provider enrollment application.2
Initially, HCFA plans to incorporate currently available provider
information into the system, and, according to HCFA officials, will
include updated information from all providers in the future. HCFA
plans to implement PECOS for institutional providers, such as hospitals
and nursing homes, by June 2000. HCFA's timeline currently indicates
that PECOS will be operational for providers of outpatient services in
January 2002. According to a HCFA official, this timeline was developed
prior to addressing all Y2K concerns ; due to a smooth transition,
however, it may be able to move implementation up to August 2001.
Finally, HCFA expects that comprehensive data on durable medical
equipment suppliers will be brought into PECOS about 12 months after
these other efforts are completed. The system will depend entirely on
providers submitting information to the contractors, without subsequent
validation. As a result, PECOS will only be as useful as the accuracy
of the information it receives.
---------------------------------------------------------------------------
\2\ PECOS' functions include capturing enrollment data, logging and
tracking provider enrollment forms, identifying and profiling provider
chains, tracking associations of Medicare providers to these chains,
providing inquiry and reporting capability, and providing a data
exchange process that forwards enrollment and claim information to
other processing systems.
---------------------------------------------------------------------------
conclusions
In an effort to ensure the integrity of Medicare, HCFA and its
contractors need to develop reliable and sophisticated approaches to
identifying potentially fraudulent billing practices. In this regard,
contractors should be able to easily access information about third-
party billers that complete and submit claims to Medicare for payment.
It is especially important to be able to match up third-party billers
with the providers they represent, so that contractors can identify
potentially questionable billing patterns and subject these claims to
more extensive review. Although HCFA has various efforts underway to
better identify providers' questionable claims and their associated
third-party billers, there continue to be gaps in its safeguard
program. It is important that HCFA complete its provider
recertification program as soon as possible so that it will have
available comprehensive information about all Medicare providers and
their billers. Further, we are concerned about problems with data
reliability inherent in any type of self-reporting program.
Mr. Chairman, this concludes my statement. I will be happy to
answer any questions you or the Subcommittee Members may have.
gao contact and acknowledgements
For future contacts regarding this testimony, please call Leslie G.
Aronovitz, Associate Director, Health Financing and Public Health
Issues, at (312) 220-7767. Other individuals who made key contributions
include Shaunessye Curry and Lynn Filla-Clark.
Mr. Burr. I can assure you we will have some questions.
Thank you for your testimony.
The Chair recognizes Mr. Morris for an opening statement.
TESTIMONY OF LEWIS MORRIS
Mr. Morris. Good morning, Mr. Chairman, members of the
subcommittee.
Mr. Chairman, as you observed, third-party billing
companies that operate ethically can provide great service to
both providers and the Federal health care programs. These
companies offer expertise in program reimbursement
requirements, help assure claims are accurately prepared, and
free physicians and other practitioners to devote their energy
to the care of their patients. Unfortunately, there are system
vulnerabilities which an unethical company can take advantage
of and exploit for its financial gain.
While the OIG cannot discuss any ongoing investigations,
the following cases and others discussed in my written
testimony show easily how dishonest third-party billing
companies can generate millions in fraudulent claims.
A criminal investigation from the early 1990's aptly
demonstrates the vulnerability to our programs. In this case, a
third-party billing company known as Handle With Care performed
lost charge audits for over 70 nursing homes in eight States.
The company referred nursing home resident medical records for
services that supposedly had been provided but not claimed,
billed Medicare in the name of the nursing home for these
overlooked charges, and kept 50 percent of the proceeds. In
actuality, Handle With Care billed for surgical dressings for
nursing home patients who had never had surgery and
fraudulently caused Medicare to pay approximately $7.4 million
for non-rendered services.
A more recent example of third-party billing fraud can be
found in the Emergency Physician Billing Service case, or EPBS.
EPBS provided coding, billing and collection services for
emergency physician groups in 100 emergency departments in as
many as 33 States. The investigation and subsequent trial
revealed that EPBS and its principal owner, Dr. J.D. McKean,
routinely billed for higher levels of treatment than was
provided or supported by medical record documentation.
The operation of EPBS had a number of characteristics
common to these type of fraud schemes. First, EPBS was paid by
its clients based on a percentage of revenues, either billed or
recovered. Coders received a base pay, with bonuses based on
the number of charts processed and were required to process 40
emergency room charts per hour or the equivalent of a chart
every 90 seconds. By contrast, a competitor of EPBS required
120 charts per day. The coders at EPBS were able to meet the
quotas by taking shortcuts and disregarding information in the
charts. In addition, no coder at EPBS ever attended training or
other informational meetings regarding emergency room decoding
requirements other than those provided by the company, and
coders never contacted a physician who had questions regarding
the charts.
EPBS and its owner, Dr. McKean, were found liable under the
False Claims Act and agreed to pay $15.5 million to resolve
their liabilities. In addition, Dr. McKean was excluded from
participation in the health care programs for a period of 15
years, and EPBS entered into a comprehensive corporate
integrity agreement. We are presently pursuing cases against
the physician groups that were clients of the firm.
These investigations, as well as studies by the Inspector
General's Office and GAO, highlight the Federal health care
program's potential vulnerabilities to fraud by unscrupulous
third-party billing companies.
Among the insights gained from our efforts are the
following: First, the ability of the Federal health care
programs to identify third-party billers is inadequate. There
are approximately 5,000 third-party billing companies in the
United States. However, recent reports indicate HCFA's ability
to identify these companies is limited. Likewise, it is unknown
how many of the approximately 700 million claims per year
processed by Medicare are submitted by third-party billers. As
the case of Handle With Care demonstrates, a scam artist can
hide behind the identification of a legitimate health care
provider and evade detection.
Another lesson: there are loopholes in the payment
reassignment rules. Medicare will only pay a third-party biller
on behalf of its clients when the agent has no financial
interest in how much is billed or collected. Unfortunately,
some billing companies circumvent this rule by having the
health care provider agree to automatic transfer of Medicare
payments to the billing company's billing account. Under this
lockbox arrangement, as it is called, the restrictions-only
reassignment of claims do not apply because the initial
Medicare payment is made directly to the physician, not the
agent.
Given the inability to adequately identify those third-
party billers, assessing the qualifications of these companies
or their personnel is almost impossible. Currently, the
Medicare program lacks any standards or eligibility
requirements to allow third-party billing companies to prepare
and submit claims to the program.
Based on our experience to date with third-party billers,
the IG has formulated some tentative suggestions for reform
measures.
First, those who administer the health care programs need
an effective mechanism to identify third-party billers when
they participate in our programs. This identification system
should allow the programs to track the third-party billing
company's overall billing paths earnings, to link specific
claims to particular billers, and to require claims to be
submitted only from authorized sites. This may involve
registering third-party billers and clearinghouses so as to
provide an audit trail and ensure that claims entering the
system are from authorized sources.
Second, Congress should consider measures to expressly
prohibit the use of payment incentives in third-party billing
companies, no matter how the arrangement is structured. In
other words, the lockbox loophole should be closed.
Finally, mandated minimum training as parts of
qualification standards must be considered as a way to
discourage unscrupulous and ill-informed billers from gaining
access to the Federal health care programs and to ensure high-
quality participation by honest billers who do participate. In
the interim, contractor education efforts should be directly to
billing companies, rather than indirectly through providers.
I appreciate the opportunity to share the information and
insights of the Office of Inspector General. Special Agent Lack
and I would be pleased to try to answer any questions you may
have.
[The prepared statement of Lewis Morris follows:]
Prepared Statement of Lewis Morris, Assistant Inspector General for
Legal Affairs, U.S. Department of Health and Human Services
Good Morning, Mr. Chairman and Members of the Committee. I am Lewis
Morris, Assistant Inspector General for Legal Affairs in the Office of
Inspector General (OIG), U.S. Department of Health and Human Services
(HHS). I am accompanied by Special Agent Steve Lack from our San
Francisco Regional Office who is familiar with many of the issues and
cases I will describe today.
The mission of the OIG is to identify ways to improve HHS programs
and operations and protect them against fraud, waste and abuse. We do
this by conducting independent and objective audits, evaluations, and
investigations, which provide timely, useful, and reliable information
and advice to Department officials, the Administration, the Congress,
and the public. In carrying out our mission, we work with the
Department and its operating divisions, the Department of Justice
(DOJ), other Federal and State agencies, and the Congress to bring
about systemic improvements in HHS programs and operations, and to
prosecute and/or recover funds from those who defraud the Government.
I appreciate the opportunity to testify before you today and
provide the Committee with the OIG's perspective on the issues
presented by the role of third-party billing companies in the Federal
health care programs. My testimony will provide:
an overview of the role played by third-party billing
companies;
a description of OIG efforts to promote integrity among third-
party billers;
a look at some specific fraud investigations involving third-
party billing companies;
the insights the OIG has gained from these cases; and
some suggestions for programmatic reforms.
Role of Third-Party Billing Companies
Billing companies are becoming a vital segment of the health care
industry. Increasingly, health care providers rely on billing companies
to assist them in processing claims in accordance with applicable
statutes and regulations. Additionally, health care providers consult
with billing companies for advice regarding reimbursement matters, as
well as overall business decision-making.
Billing companies provide a variety of types of services. For
example, some billing companies only process bills that have already
been coded by the provider, while others take on the added
responsibility of assigning billing codes based on the client's medical
documentation. In addition to claims preparation, some billing
companies also offer a spectrum of management services, including
accounts receivable management and bad debt collections. Other third-
party billing companies specialize in a particular sector of the health
care industry, such as physician services provided in emergency rooms.
In fiscal year 1998, the Medicare program processed over 700
million Part B claims and 149 million Part A claims, the vast majority
of which under both categories were electronic. Even with its enhanced
program integrity functions, the Health Care Financing Administration
is able to conduct payment reviews on only 10 percent of these claims.
The system must rely on the honesty and good faith of health care
providers, as well as those who process and submit claims on their
behalf. Third-party billing companies that operate ethically can
provide a great service to providers and the Federal health care
programs. These companies can offer expertise in program reimbursement
requirements, help ensure that claims are accurately prepared, and free
physicians and other practitioners to devote their energies to the care
of their patients.
OIG Efforts to Promote Integrity among Third-Party Billers
In order to assist honest billers establish internal controls that
promote adherence to Federal health care program requirements, the OIG
has taken proactive steps to promote integrity among the third-party
billing industry.
Compliance Guidance. The primary method by which the OIG has
reached out to the billing industry is through the release of the
``Compliance Program Guidance for Third-Party Medical Billing
Companies,'' in November 1998. Consistent with other OIG compliance
guidance, the Third-Party Billing Compliance Guidance sets forth the
benefits of a compliance program, describes the essential elements of a
compliance program, discusses general compliance principles and
counsels companies on how they might use the Guidance. Most
importantly, the OIG formulated the Guidance with the input of the
third-party billing industry, as well as other interested parties.
The Third-Party Billing Compliance Guidance also identifies the
specific risk areas that should be addressed by all billing companies.
Such areas include billing for items or services not actually
documented; unbundling and upcoding of claims; computer software
programs that encourage billing personnel to enter data in fields
indicating services were rendered though not actually performed or
documented; knowing misuse of provider identification numbers which
results in improper billing in violation of rules governing
reassignment of benefits; billing company incentives that violate the
anti-kickback statute; and percentage billing arrangements.
In addition, the Guidance describes the risk areas for companies
that provide coding services in addition to billing services, including
``assumption'' coding (the coding of a diagnosis or procedure without
supporting clinical documentation); alteration of the documentation;
coding without proper documentation of all physician and other
professional services; and billing for services provided by unqualified
or unlicenced clinical personnel.
The OIG hopes that providing information and recommendations such
as contained in the Guidance will help lead third-party billing
companies to voluntarily embrace corporate compliance programs that fit
their individual needs, and thus, help reduce the level of fraud, waste
and abuse in Medicare and Medicaid reimbursement.
Corporate Integrity Agreements (CIAs). Another manner in which the
OIG seeks to promote compliance in the third-party billing industry is
through the imposition of CIAs on certain billing companies involved in
fraud schemes. These agreements are imposed in global settlements in
lieu of exclusion from participation in Federal health care programs.
CIAs are imposed on companies to help reorient a corporate culture that
may have previously been prone to fraud and abuse. In this way, the OIG
attempts to directly affect change in third-party billing entities.
Such CIAs may also serve as admonitory examples for others within the
industry.
CIAs set forth specific requirements that a provider must meet in
establishing a compliance program or in maintaining an existing
compliance program. For instance, the CIAs imposed on third-party
billing companies require them to establish and maintain a compliance
officer function, a code of conduct, specific policies and procedures
addressing billing and coding issues, a training program, and annual
audits and reviews. Moreover, the companies must make annual reports to
the OIG on their efforts to comply with the CIAs.
Investigations of Third-Party Billing Companies
Unfortunately, there are system vulnerabilities that an unethical
billing company can take advantage of and exploit for its financial
gain. The problems associated with dishonest third-party billing
companies are as old as the Medicare program itself. As early as 1972,
the Congress took action to stop ``factoring'' arrangements, the
practice of physicians and other providers reassigning their Medicare
and Medicaid receivables to a collection agency for a percentage of
their face value. The agency in turn prepared and submitted the claims
to the health care programs and received payment in its name. These
reassignments were a significant source of incorrect and inflated
claims. Cases of fraudulent billings by collections agencies and
payment of substantial overpayments to these ``factoring'' agencies
were also found. In response, Congress prohibited, with limited
exceptions, payment for covered services to anyone other than the
patient or the person who provided the service.
Despite the effort to stop factoring of Medicare and Medicaid
bills, some individuals and billing companies circumvented the intent
of the law by the use of a power of attorney, allowing the billing
company to receive Federal health care payments in the name of the
provider, thus continuing the abuses associated with reassignment of
claims. In 1977, the Congress responded by precluding the use of a
power of attorney as a device for reassignment of benefits. However, a
billing agency could continue collecting Medicare or Medicaid payments
on behalf of a health care provider, provided that the agency does so
pursuant to an agreement under which the compensation paid to the
agency for its services is unrelated to the dollar amount of the
billings or payments, and is not dependent upon the actual collection
of any such payments.
These Congressional efforts to curb program abuses continue to be
thwarted by unethical billing companies. While the OIG cannot discuss
any ongoing investigations, the following cases show how easily a
dishonest third-party billing company can establish a scheme that
generates millions in fraudulent claims.
Physicians on Call. During the 1980's, the OIG investigated
allegations that a billing company called ``Physicians on Call'' used
recent medical school graduates to perpetrate a fraudulent billing
scheme. The company hired doctors, obtained Medicare providers numbers
in their names, and then contracted with nursing homes for the
provision of monthly physician visits to perform examinations of the
residents. Although these monthly examinations generally were brief,
the billing company upcoded the physician's visits to reflect
extensive, and more highly reimbursed, services. This fraudulent
upcoding was done without the knowledge of the doctors, who received
payment from the company based on the services actually rendered. The
scheme was uncovered by the Medicare contractor during a routine review
of claims for physician services. As the named providers of service on
the Medicare claims, the physicians were assessed overpayments. They
were not able to seek relief from Physicians on Call because it had
gone out of business.
Handle With Care, Inc. A criminal investigation from the early
1990's provides another example of how vulnerable the Federal health
care programs are to the schemes of dishonest billing companies. In
this case, two sisters, Kristina Brambila and Wendy Desalvo, set up a
third-party billing company known as Handle With Care, Inc. (HWC) to
perform ``lost charge'' audits for nursing homes. The two sisters
persuaded at least 70 nursing homes in 8 states that they would review
residents' medical records and accounts for services that had not been
billed to Medicare. Using ``tricks of the trade'' known only to HWC,
the company billed Medicare on behalf of the nursing home for these
overlooked charges and kept 50 percent of the proceeds. In actuality,
HWC billed for surgical dressings for nursing home patients who had not
had surgery and fraudulently caused Medicare to pay approximately $7.4
million for nonrendered services.
Because the billing company submitted the fraudulent claims under
the nursing home's provider number, it took OIG investigators a great
deal of time and resources to tie what appeared to be unrelated
improper billings by different nursing homes back to a single third-
party billing company. At the conclusion of the investigation, the two
sisters were convicted of Medicare fraud and received prison sentences.
Additionally, the Government reached False Claims Act (FCA) settlements
with 15 of the involved nursing homes and recovered over $5 million
cumulatively.
Medaphis Corporation. While some third-party billing schemes
involve a small group of individuals, they can also involve some of the
largest billing agencies. For example, in 1998, the United States
investigated allegations brought by a whistle blower that the national
third-party medical billing companies, Medaphis and Medaphis Physician
Services (Medaphis), was submitting duplicate claims and using
incorrect codes on claims submitted on behalf of a client. During the
period of 1992 through 1996, a Medaphis subsidiary was alleged to have
improperly submitted multiple claims for payment for the same service
to the same patient on the same date of service; used incorrect or
inapplicable diagnosis codes in resubmitting claims which had been
denied based on the diagnosis originally stated; and submitted other
improper radiology and cardiology-related claims. Medaphis agreed to
pay $1.5 million to resolve its civil liability and entered into an
extensive five year corporate integrity agreement (CIA) that covers its
activities throughout the nation.
Gottlieb Financial Services, Inc. In 1999, the United States
resolved allegations against another wholly-owned subsidiary of
Medaphis Physician Services, Gottlieb Financial Services, Inc. (GFS),
that provided emergency department physician billing services. When
preparing claims for evaluation and management services, GFS allegedly
used an automated coding software system that routinely upcoded
emergency room visits. In this instance, based on an inability to pay
more, Medaphis agreed to pay $15 million to settle its liability, $2.4
million of which went to the whistleblower who brought the case under
the qui tam provisions of the FCA. Moreover, the Medaphis CIA imposed
as part of the earlier settlement was made part of this new settlement,
given that GFS's conducted pre-dated the execution of the prior CIA.
Professional Medical Billers d/b/a Professional Radiology Billers.
Yet another example of the Medicare program's vulnerability to third-
party billing fraud can be found in a recently prosecuted criminal
case. Professional Medical Billers d/b/a Professional Radiology Billers
(PRB) provided third-party billing services primarily to physicians.
From 1994 through 1996, PRB added fabricated services to the physician
claims and then submitted the claims to Federal health care programs
under the physicians' provider number. PRB would reimburse the
physicians for the legitimate claims (less PRB's percentage for
providing billing services) and keep all the payments for the
fabricated services. The scheme was uncovered when one of the company's
clients learned that his year-to-date earning from Medicare were double
the amount that had been deposited into his bank account by the billing
service.
Nancy Thetford and Tracey Huff, co-owners of PRB, pled guilty to
criminal charges and acknowledged that the scheme cost Medicare and
Medicaid over $1 million. Thetford was sentenced to 5 years supervised
probation and was excluded from Federal health care programs for 10
years. Huff was sentenced to 21 months imprisonment and is also subject
to mandatory exclusion. The company ceased to operate in the course of
the investigation and is now defunct.
Emergency Physician Billing Services, Inc. Perhaps the most
alarming example of the systematic abuse of the Federal health care
programs by a third-party billing company can be found in the recent
case of Emergency Physician Billing Services, Inc. (EPBS). At the time
of the investigation, EPBS provided coding, billing, and collections
services for emergency physician groups in over 100 emergency
departments in as many as 33 states. Based upon allegations presented
by a qui tam relator, the United States charged that EPBS and its
principle owner, Dr. J.D. McKean, routinely billed Federal and state
health care programs for higher level of treatment than was provided or
supported by medical record documentation.
EPBS was paid based on a percentage of revenues either billed or
recovered, depending on the client. EPBS coders received a base pay
with bonuses based on the number of charts processed and were required
to process 40 emergency room medical charts per hour, or the equivalent
of a chart every 90 seconds. By contrast, a competitor of EPBS requires
120 charts per day. The EPBS coders were able to meet these quotas by
taking short-cuts and disregarding information in the chart. As the
trial court noted, no coder at EPBS ever attended training or any other
informational meeting regarding emergency department coding other than
in-house EPBS training and no coder ever contacted a physician with
questions regarding a chart.
After a trial in which the United States District Court for the
Western District of Oklahoma found EPBS and Dr. McKean liable under the
FCA, the defendants agreed to pay $15.5 million to resolve their civil
and administrative monetary liabilities. In addition, Dr. McKean agreed
to be excluded from participation in the Federal health care programs
for 15 years and EPBS entered into a comprehensive CIA. Currently, the
Government is pursuing physician groups that benefitted from EPBS's
fraudulent practices.
Insights Gained from these Investigations
These investigations, as well as program evaluations by the OIG and
GAO, highlight the Federal health care program's potential
vulnerability to fraud by unscrupulous third-party billing companies.
The insights gained from the investigations include:
payment incentives such as percentage compensation
arrangements can encourage abuse;
there is a loophole in the prohibition on reassignment rule;
training of billers and coders may be inadequate;
the ability to identify and track third-party billers is
limited at best; and
standards for participation (certifications, qualifications or
conditions) to act as billing agents for Federal health care
programs are non-existent.
Payment incentives can encourage abuse. There can be little doubt
that payment arrangements where billing companies are reimbursed on a
percentage basis create an environment ripe for abuse. The temptation
to upcode or fabricate additional services may be irresistible when the
billing company's compensation depends upon the amount of revenue
generated or claims submitted. For instance, EPBS was paid by its
physician clients based on a percentage of revenues, and in turn EPBS
paid its coders a base salary with bonuses based on the number of
charts coded. Such payment incentives discouraged coders from paying
close attention to the adequacy of documentation in charts to support
the claim to Medicare.
Improper incentives appear to have been a factor in several of the
cases discussed above. Although we are not certain of the pervasiveness
of these types of arrangements, our suspicion is that it characterizes
many third-party billing arrangements.
Loophole in prohibition on reassignment rules. Although not
addressed specifically by the court in the EPBS case, the Government
determined that the manner in which EPBS was compensated by its clients
undermined Medicare policy on reassignment. As a general matter,
Medicare prohibits the reassignment of the right to payment to persons
other than the provider or supplier who delivered the service. However,
as an exception to this general rule, payment may be made to an agent
who furnishes billing and collection services to the health care
provider if certain conditions are satisfied. Among the conditions to
be eligible for the reassignment, the agent's compensation may not be
related to the dollar amounts billed or collected. In other words,
Medicare will only pay a third party biller on behalf of its clients
when the agent has no financial interest in how much is billed or
collected.
Unfortunately, it appears that some billing companies have
constructed payment arrangements that circumvent the intent of the
Medicare rule. Rather than comply with the prohibition on incentive
payments, billing companies arrange for the Medicare payments to be
made to the client for deposit in a bank account in the client's name,
usually at the same financial institution where the billing company
maintains an account. The money is typically held in the client's
account for twenty-four hours or less, after which the Medicare funds
from the individual provider client account are swept into the billing
company's general bank account. There often is an agreement between the
client and the biller that the former will not remove any funds during
the initial twenty-four hour period. Then the billing company remits to
the client's account the reimbursement to which the client is entitled,
minus its percentage-based billing fee. And in the case of dishonest
billing companies, they also withhold the proceeds from fabricated,
upcoded or other improper claims submitted in the name of the client.
Under this ``lockbox'' arrangement, as it is often called, the
prohibition on reassignment of claims to an incentive compensated
billing agent does not apply because the payment is made directly to
the physician and not the agent.
Training may be inadequate. The OIG is not aware of any studies
examining the quality and extent of training provided by billing
companies to their personnel. However, certain facts are clear. First,
the Medicare program does not mandate that billing companies ensure
that their personnel meet minimal training requirements. While there
are certain private organizations that train and certify coders and
Medicare contractors can provide certain coding and billing training,
such certifications and outside training are not required by Medicare.
Moreover, it is the OIG's understanding that to the extent that
Medicare contractors issue educational guidance on billing and coding
issues, such guidance is only sent to providers and not to billing
companies.
Third-party billing companies that choose to abuse the Medicare
program can take advantage of these system weaknesses. For example,
EPBS did not send its coders to any training or any other informational
meeting regarding emergency department coding other than in-house EPBS
training. Such in-house training was highly problematic as it was based
on an internal coding manual created by Dr. McKean and did not
incorporate the CPT manual, the primary tool used by Medicare to
determine appropriate billing codes.
Ability to Identify third-party billers is limited. There are
approximately 5,000 third-party billers in the United States. However,
the OIG has just issued a report 1 on computerized billing
systems that incidently raised the issue that HCFA's ability to
identify these companies is limited. Likewise, it is unknown how many
of the approximately 700 million claims per year processed by Medicare
are submitted by third-party billers. One reason for this uncertainty
is that many billing agencies submit claims to Medicare using billing
and submitter numbers (unique numbers assigned to billers and providers
by HCFA for electronic claim submission) of the providers for whom they
bill. As the case of Handled with Care, Inc. demonstrates, a scam
artist can hide behind the identification numbers of a legitimate
health care provider and evade detection. Even if the billing company
uses its own submitter number, the electronic claims often are passed
through clearinghouses that reformat the claims and then submit them to
Medicare. Under this situation, the initial third-party billing number
may no longer appear on the claim.
---------------------------------------------------------------------------
\1\ Medical Billing Software and Processes Used to Prepare Claims,
March 2000 (OEI-05-99-00100).
---------------------------------------------------------------------------
Standards for participation are non-existent. Given the inability
to adequately identify who is doing third-party billing, assessing the
qualifications of these companies or their personnel is almost
impossible. Currently, the Medicare program lacks any standards or
eligibility criteria for allowing third-party billing companies to
prepare and submit claims to the program.
The magnitude of this vulnerability is highlighted by a recent
advertisement for a ``step-by-step'' business guide for medical claims
processing services found in a complementary airline magazine. For a
mere $69 dollars, ``How to Start a Medical Claims Processing Service''
promises that your ``prescription for a healthy income'' involves no
more than owning a computer, printer, modem and claims processing
software. As the ad also notes: ``There's no training needed and . . .
with health care reform, the need for processors (and the profits to be
made) will only increase.'' In short, without any type of certification
process or minimal standards for third-party billers, Federal health
care programs shall remain vulnerable.
Suggestions for Reform
Based on its experience to date with third-party billing in the
Federal health care programs, the OIG has formulated some tentative
suggestions for reform measures.
First, those who administer the Federal health care programs need
an effective mechanism to identify third-party billers when they
participate in Federal health care programs. This identification system
should allow the programs to track billing companies' overall billing
patterns, to link specific claims with particular billers, and to
require claims be submitted only from authorized sites. This may
involve registering third-party billers and clearinghouses so as to
provide an audit trail and ensure that claims enter the Medicare system
from authorized sources.
Second, Congress should consider measures to expressly prohibit the
use of payment incentives in third-party billing contracts, no matter
how the arrangement is structured. In other words, the ``lockbox
loophole'' should be closed.
Third, mandated minimal training as part of qualification standards
may be a way to discourage unscrupulous and ill-informed billers from
gaining access to Federal health care programs and to ensure high
quality participation by honest billers who do participate. In the
interim, we believe contractor education efforts should be provided
directly to billing companies rather than indirectly through providers.
Conclusion
I appreciate the opportunity to share the views of the Office of
Inspector General on this important subject. Special Agent Steve Lack
and I welcome your questions.
Mr. Burr. Thank you, Mr. Morris.
The Chair would recognize Ms. Thompson for an opening
statement and welcome.
TESTIMONY OF PENNY THOMPSON
Ms. Thompson. Mr. Burr, Mr. Bryant, good morning. Nice to
see you again.
Thank you for inviting us here to talk about this issue.
The question of what we should do and what our relationships
should be with third-party billers is an area of growing
interest and concern to us, and we greatly appreciate this
subcommittee's interest and support, as well as the efforts of
the General Accounting Office and the Office of Inspector
General.
As has been said here, but bears repeating, third-party
billing companies who operate ethically can provide a valuable
service in helping providers and suppliers submit claims
correctly, and actually they can participate in helping us
ensure that those claims are processed in an ethical and
appropriate manner. But improper third-party billing practices
pose a significant threat to the program.
Under current regulations, we review these arrangements
when new providers or suppliers ask that their payments be made
directly to an agent. Those reviews have led to an increasing
compliance with our requirements around the financial
arrangements as delineated in our existing laws and
regulations. But these billing companies are not regulated when
they do not actually receive the payment for the provider
directly and our overall ability to monitor third-party billing
practices is quite limited as discussed by both the GAO and the
OIG.
I would like to take this opportunity also to clarify one
statement in our testimony in our letter to the chairman around
paper claims which, as you have said and as the GAO and OIG
have said in their testimony, do not contain information on
submitters or preparers. We are looking into that now to see
what should be done about that. Problems identified by us, by
our OIG and GAO colleagues and others make clear we need to do
more.
We are now working to strengthen the available safeguards
to better protect the Medicare trust funds from potential
third-party billing abuses. We are developing new provider
enrollment regulations and a new enrollment data base, and
these will help us gather information on third-party billing
companies. The regulations will require providers to
periodically update their billing arrangements; and, in
publishing the provider enrollment regulation, we intend to
solicit public comments on what we should do to further
strengthen our oversight of third-party billing companies.
In addition to our desire to appropriately collect
information on billers so that we can track claims and know who
we are doing business with, we also need to understand and
assess the costs and benefits of collecting that information,
of changing electronic claims submission standards, of setting
and enforcing regulatory standards, and of overseeing private
contracts. We also need to think through what are the rights
and expectations we have with the physician and the suppliers
and the providers who are providing the service and contracting
with these entities to help them with their business functions
and what special issues exist for third-party billers as
opposed to billers employed by physicians, suppliers and
providers.
We also know that we need to consult with private insurers,
who largely treat third-party billers in exactly the same way
that Medicare does, and in the interest of administrative
simplification understand what changes we want to make to
electronic claims transactions so that they apply to all
billers and all insurers and not just the Medicare program.
In the meantime, we will increase our efforts to educate
providers and billing agents around the legal requirements for
their relationships, as well as how to file claims correctly,
and we are doing more in that regard every day. We are
committed to working with providers, billing agents, our OIG
and GAO colleagues and Congress as we proceed.
I thank you again for holding this hearing. I am happy to
answer your questions.
[The prepared statement of Penny Thompson follows:]
Prepared Statement of Penny Thompson, Program Integrity Director,
Health Care Financing Administration
Chairman Upton, Representative Klink, distinguished Subcommittee
members, thank you for inviting us to discuss our efforts to address
concerns with third party billing agents. This is an area of growing
concern, and we greatly appreciate this subcommittee's interest and
support, as well as the efforts of the General Accounting Office and
HHS Inspector General.
Third party billing companies who operate ethically can provide a
valuable service to providers and suppliers who seek out their help in
submitting claims correctly and efficiently. These firms vary greatly,
performing a wide variety of services from simply formatting claims for
submission to Medicare and private insurance companies to managing the
entire ``business end'' of provider practices.
Improper third party billing practices can pose a significant
threat to Medicare. Under current regulations, we review these
arrangements only when new Medicare providers or suppliers ask that
their payments be made to an agent. These reviews have led to an
increase in the number of third party billing contracts that are in
compliance with existing laws and regulations.
However, when billing companies assist in preparing bills or
coding, but do not actually receive payment, they generally are not
regulated. Billing arrangements for providers who entered the program
before 1996 are not reviewed, and our overall ability to monitor third
party billing practices is quite limited. Problems identified by us,
our HHS Inspector General and General Accounting Office colleagues, and
others make clear that we need to do more.
We are working to strengthen the available safeguards to better
protect the Medicare Trust Fund from waste, fraud and abuse. We are
developing new enrollment regulations and a new enrollment database for
all providers. This database will gather information on third-party
billing companies. The new enrollment regulations will require
providers to periodically update information, including their billing
arrangements.
And, in publishing the provider enrollment regulation proposal this
spring, we intend to invite public comments on how to address
challenges in better oversight of third party billing companies. For
example, the costs and benefits of collecting additional information,
changing electronic claims submission standards, setting and enforcing
regulatory standards, overseeing private contracts, and other possible
risk mitigation strategies must be weighed. There also may be
unintended consequences and marketplace responses to any actions that
should be carefully assessed and considered.
Background
Third party billing companies can take on many different forms,
structures, operations, functions and relationships with providers.
Billing companies vary significantly in both the size and reach of
their organizations and functions, from small ``mom and pop''
organizations who only facilitate the electronic submission of claims
to large business organizations providing coding, claims submission and
consulting services. As the U.S. Department of Health and Human
Services Office of Inspector General noted,
``It is important to note the tremendous variation among
billing companies in terms of the types of services and the
manner in which these services are provided to their respective
clients. For example, some billing companies code the bills for
their provider clients, while others only process bills that
have already been coded by the provider.
``Some billing companies offer a spectrum of management
services, including accounts receivable management and bad debt
collections, while others offer only one or none of these
services.'' (HHS OIG, ``Compliance Program Guidance for Third-
Party Medical Billing Companies,'' page 3.)
False Claims
Billing companies that engage in behavior that gives rise to false
claims can be held accountable under the False Claims Act. One such
case was brought through qui tam or ``whistleblower'' lawsuits. The
firm, Emergency Physicians Billing Service, had promised its clients it
would increase their reimbursements by 10 to 25 percent. Unfortunately,
it did so by ``upcoding,'' or filing claims for a higher level of
service than was actually delivered. Reassignment violations and
misrepresentations on Medicare enrollment applications were also
identified.
In a settlement agreement last fall with the federal government and
28 individual states, the firm and its owner, and J. D. McKean, Jr.,
M.D., agreed to pay $15.5 million. In addition, McKean is excluded for
15 years from participation in any federal health care program. The
firm has entered into a comprehensive Corporate Integrity Agreement
with the Inspector General. And the federal government is negotiating
additional settlements with approximately 25 emergency physician groups
that were clients of the firm.
This case serves as a national example of improper billing
perpetrated by third party billers. We, along with staff from five
Medicare contractors, participated in this investigation, performing
data analysis directed at detecting the improper billing, suspending
Medicare payment, and calculating the losses to the program.
In fact, one of the contractor employees received a commendation
for their exemplary performance during the investigation from the
Department of Justice.
Current Oversight
Our current ability to detect such abuses is limited. Medicare does
not have a direct business relationship with such entities, and the
only oversight authority we have is to review arrangements for new fee-
for-service providers who have entered the Medicare program since 1996
and requested that their payments be made directly to a third party
billing agent.
Medicare claims processing contractors conduct reviews for these
requests to ensure compliance with the statutory requirement that the
provider's compensation to such an agent not be related in any way to
the dollar amounts billed or collected. These reviews have led to an
increasing number of such agreements coming into compliance with the
statute and regulations. As the health care and billing communities
have become more aware of these requirements and our enforcement of
them, we see more contracts expressly containing language supporting
our requirements.
However, thorough assurance of compliance with the law is hampered
by:
the resource-intensive process for reviewing lengthy,
complicated legal documents;
the capacity of contractors to accurately and fully understand
such documents;
variability in the nature and scope of agreements and the
complicated corporate structure reflected in such agreements,
where it is not unusual to find a number of subcontractors
involved in various functions;
lack of penalties for failure to inform Medicare when such
agreements change; and
the limited number of providers and suppliers required to
submit such information.
Our ability to identify when third party billers have been involved
in submitting claims is also limited. Paper claims include a space for
listing the ``source'' or ``preparer'' of the claim. And electronic
claims differentiate whether the claim was sent by a third party agent
or directly by a provider. However, we are not able to identify all
entities that may have had a role in processing and filing a claim.
For example, if a third party billing company coded the claim and
sent it to a clearinghouse that formatted the claim for electronic
submission to the Medicare program, only the clearinghouse information
would be evident on the claim.
New Enrollment Process
We are taking steps to improve our oversight of third party billing
arrangements. We plan to issue this Spring a proposed rule that would,
among other things, require periodic verification of provider
enrollment data and reporting of changes in third party billing
arrangements. Once the proposed rule is finalized, we will begin an
``enrollment clean up'' process and require providers and suppliers to
confirm and update their information, including information on third
party billing arrangements.
We also are developing a new national database, the Provider
Enrollment, Chain and Ownership System, that will include extensive
information on providers, including information on providers' billing
arrangements and any reassignment of benefits. It also will include
information on chain ownership and related organization information,
which is essential because it allows us to identify when a provider or
supplier is part of a larger organization, and to view the entire line
of business. This will also allow a local contractor to view national
data about an individual or entity rather than simply the data that
appears on a local provider file. And it will better identify providers
and suppliers who have been denied privileges, or subject to
revocations or exclusions.
Even with this new system and our enrollment ``clean-up'' process,
outstanding issues remain. These include:
identifying common ownership among billing entities or
``linking'' agencies that might operate in different
jurisdictions;
regulating billing agents to ensure adherence to professional
standards; and
our lack of information on third party billers who do not
negotiate checks or submit claims directly to the program.
We are seeking to answer many of these questions through comments
to proposed regulations.
In our proposed provider enrollment regulation, we will solicit
comments on several approaches to better oversight of third party
billing agents. Among the issues we are considering in regulation
billing agents:
Should we register billing companies, and/or set standards for
them?
Would we need additional legislative authority to do so?
Should such standards apply only to entities that actually
submit claims and receive negotiated checks on behalf of
providers?
Should such standards apply to all entities that might advise,
consult, prepare, support, staff, or otherwise influence the
selection of codes and claims to be submitted to the Medicare
program?
How should such standards reflect the diversity in capability,
organization, mission, functions, and relationships in the
industry?
How would we enforce such standards?
What staffing and skill set needs would we require in order to
ensure billing companies met standards and agreements were
properly executed?
How should claims properly reflect the preparer's identifying
information? What if there are multiple preparers or
submitters?
To what extent would providers, suppliers, and physicians
support Medicare regulation of their business contracts and
partners?
To what extent is surveillance and assessment of billing
patterns a better approach to ensure compliance than
registration or standard setting?
What information would be needed to accurately group claims
handled by a common third party billing company?
If Medicare were to regulate business arrangements with third
party billing companies, what impact would such regulation have
on the private sector and the arrangements between providers
and third party billers in submitting claims to private
insurance companies and, overall, would those effects be
positive or negative?
Answers to these questions are necessary before we can proceed in
taking further action to address third party billing concerns.
Education Efforts
In the meantime, we will increase our efforts to educate providers
and billing agents about legal requirements for their relationships, as
well as how to file claims correctly. One of the task orders we have
for our special new program integrity contractors specifically focuses
on developing educational strategies for third party billers.
We want to build on the success we achieved in working to educate
billing agents about how to be prepared for the Year 2000 information
system challenge. These efforts helped to ensure that these billers
were aware of our format requirements, Y2K compliance standards, and
testing standards. Our claims processing contractors aggressively
pursued testing with these submitters to assure their systems were
ready for Y2K. And these billers helped us in setting up a major
conference to bring together these organizations and Medicare
contractors to discuss testing and implementation strategies and
timetables.
We intend to pursue similar avenues of education on other issues of
importance to third party billing initiatives. For example, we have
already contacted a major association to invite key billers to
participate in education sessions for the new outpatient prospective
payment system. We will continue dialogue with these organizations on
future, significant changes to Medicare's claims processing systems.
And these relationships should help contribute to a climate of
cooperation in all our efforts, including those related to program
integrity.
conclusion
We are making some progress in addressing concerns about third
party billing. Our new provider enrollment system and database will
help us make additional progress. However, we clearly have much more to
do to fully protect program integrity in this area. We are committed to
working with providers, billing agents, our IG and GAO colleagues, and
Congress as we proceed. I thank you again for holding this hearing, and
I am happy to answer your questions.
Mr. Burr. Thank you, Ms. Thompson.
The Chair would recognize Mr. Burleigh for his opening
statement.
TESTIMONY OF ROBERT B. BURLEIGH
Mr. Burleigh. Chairman Burr, distinguished members, I have
the honor of representing the Healthcare Billing and Management
Association today as Chairman of HBMA's Ethics and Compliance
Committee and consultant to the Association's Board of
Directors.
HBMA is a voluntary membership organization and is the only
trade association representing third-party billing companies.
The Association's primary goals are education, promotion of
ethics and compliance and advocacy.
On behalf of HBMA, I would like to thank the committee for
the opportunity to appear today to address your interest in
developing methods to identify those who submit claims to
federally sponsored health care programs. We are pleased that
the Commerce Committee, in addition to its responsibilities
regarding oversight of Medicare, has some interest in the Small
Business Administration, since almost all of our members are
small businesses. Our member companies employ nearly 20,000
nationwide processing and an estimated 650 million claims per
year, worth an estimated $55 billion. However, most of our
member companies have fewer than 25 employers. We have attached
a one-page profile of our membership to our testimony.
HBMA and its members share your commitment to preventing
and detecting fraud and abuse in the Medicare program. Indeed,
HBMA takes great pride in our compliance activities, putting us
in the forefront of efforts to prevent fraud and abuse in
third-party billing. Having said that, it is our view that the
potential for the commission of fraud by third-party billers is
no greater than the potential for fraud committed by
physicians' offices that bill Medicare directly.
Let me begin by emphasizing that HBMA strongly supports the
goal of protecting the integrity of the Medicare program and
other federally funded health care programs. We have worked for
over 4 years with HHS's Department of OIG on the development
and promotion of the Model Compliance Guidance for Third-Party
Billing Companies.
Beginning in February 1999, HBMA began conducting a
compliance education program for its members and non-members to
support implementation of the Model Compliance Guidance for
Third-Party Billing Companies released the previous November.
We are pleased to report that several hundred third-party
billing companies have completed our course, in spite of the
fact that our registration fee is seven times higher than the
fee charged for national meetings.
Interestingly, had the third-party billing company cited in
today's GAO report been a HBMA member or had they attended our
compliance course, they might have known that what their client
was doing was improper. Our compliance course specifically
discusses the need for third-party billing companies to be
aware of the potential that criminal enterprises, intent on
generating fraudulent Medicare claims, may seek out legitimate
third-party billers to serve as a front for their criminal
enterprise. It appears that the conduct cited earlier is
exactly such a case.
Every Medicare claim, regardless of its origin or
mechanisms for delivery to HCFA's contractors, carries with it
a risk of either being fraudulent or manipulated in such a way
as to cause an overpayment by the Medicare program.
It is also important, as we engage in this dialog on how to
prevent Medicare fraud and fraudulent billing, that we do so
with an understanding that, no matter how creative we may be in
establishing mechanisms for prevention or detection of fraud,
we realize that we will never be able to eliminate deliberate
billing fraud.
The analysis prepared by the GAO and the OIG made constant
reference to third-party billing companies without attempting
to define the use of that term. This is important because the
issue is far more complex than it would appear to the layman.
Certainly a separately incorporated company offering billing
services is a billing company. Our full testimony outlines the
variations that illustrate the complexity of the issue.
The number of variations in billing service relationships
is nearly infinite and they change constantly, usually driven
by entrepreneurs, concerns over excess operating costs by
billing companies and/or changes in technology. We are
concerned that any initiative to register claim submitters
would overlook large segments of the industry that regularly
handle some part of the claims preparation and/or submission
process.
We have considered the list of potential factors that might
be involved in the registration of Medicare claims submitters,
and our full testimony outlines 12 potential problematic
concerns relating to how a billing company or submitter would
be registered.
As we read the OIG's report, it appears the sole basis for
concluding that the Medicare program is at risk due to claim
submission by third-party billers is that an additional party
has been added to the claim's processing chain between the
practice and the contractor. The fact that more than 30 billing
individual/entities have been excluded from participation in
the Medicare and State Medicaid programs seems to be the only
thing of evidence that there is a problem.
We noted that the report contains numerous examples of
incorrect understanding of how the industry operates, how
practices use billing services, how the software industry
serves practices and billing companies; and the report reaches
a number of inaccurate conclusions regarding the types and
levels of risk associated with claims handled by billing
companies, clearinghouses and medical practices. HBMA would be
willing to itemize these concerns, although it may be
unnecessary, as we know that the identity of each and every
party involved in presenting a claim for a party would be
beneficial to reducing fraud and abuse. This may not be
economically or technically practical.
Of the companies identified by the OIG in their data base,
we are pleased to report that none of the excluded individuals
or companies is or was a HBMA member. What is not clear is
whether the potential for fraud is any greater at different
points in that chain. In other words, is a claim handled by a
third-party biller any more likely be used to commit fraud than
a claim submitted directly by a physician's office? We suggest
an equally reasonable conclusion, given that we have so few
billing entities excluded from the Medicare program. It is that
claims submitted by third-party billers are less likely to be
erroneous and therefore less likely to be fraudulent.
We have made a number of specific comments regarding our
reaction to these proposals.
In the interest of time, I would like to conclude by
thanking the committee for inviting us to participate in this
very important process, and we look forward to your questions
and to further participation in this important matter.
[The prepared statement of Robert B. Burleigh follows:]
Prepared Statement of Robert B. Burleigh, Vice President, PractiCare
Chairman Burr and Distinguished Members of the Committee, my name
is Robert B. Burleigh and I am Vice President of PractiCare; I direct
my company's healthcare consulting practice, known as Brandywine
Healthcare Consulting Group, a firm I founded in 1988. Today I have the
honor of representing the Healthcare Billing and Management Association
(HBMA) as Chairman of the HBMA's Ethics and Compliance Committee and
Consultant to the Association's Board of Directors. HBMA is a voluntary
membership organization and the only trade association representing
third-party medical billing companies. The Association's primary goals
are education, the promotion of ethics and compliance and advocacy.
On behalf of HBMA, I would like to thank the Committee for the
opportunity to appear today to address your interest in developing
methods to identify those who submit claims to federally sponsored
healthcare programs. We are pleased that the Commerce Committee, in
addition to its responsibilities regarding oversight of Medicare, is
also responsible for the Small Business Administration, since almost
all of our members are small businesses. Our member companies employ
nearly 20,000 nationwide, processing an estimated 650 million claims
per year, worth an estimated $55 billion; however, most of our member
companies have fewer than twenty-five employees. A one-page profile of
our membership is included at the end of our written testimony.
introduction
HBMA and its members share your commitment to preventing and
detecting fraud and abuse in the Medicare program. Indeed, HBMA takes
great pride in our compliance activities, putting us in the forefront
of efforts to prevent fraud and abuse in the third party billing
industry. Having said that, it is our view that the potential for the
commission of fraud by third party billers is no greater than the
potential for fraud to be committed by physician's offices that bill
Medicare directly.
Let me begin by emphasizing that the HBMA strongly supports the
goal of protecting the integrity of Medicare and other federally funded
health care programs. We have a long and well-established record of
working with the House and Senate, HCFA, the HHS OIG, the GAO and the
OMB and other government agencies on a wide variety of matters, most of
which involve Medicare and compliance in some way. We are currently
working with HCFA's Office of Program Integrity and OMB on improvements
to the provider enrollment form (855) and processes as well as having
had meetings last year on the subject of today's hearing; we have
worked for over four years with HHS's OIG on the development and
promotion of the Model Compliance Guidance for Third Party Billing
Companies; we have testified about and submitted comments on
Congressional and HCFA proposals regarding patient privacy and
confidentiality; and, of course, we intend to carefully review and
comment on the upcoming Model Compliance Guidance for Physicians.
Beginning in February 1999, HBMA began conducting a compliance
educational program for HBMA members and non-members to support
implementation of the OIG's Model Guidance for Third Party Billing
Companies released in November 1998. This intense, 3\1/2\ day course is
based on HCFA's model compliance program guidance for third party
billers. HHS's OIG, U.S. Attorney's Office and the FBI have each
provided guest speakers for our programs. The response to this program
from the third party billing community has been overwhelming. Each of
the three conferences presented in 1999 sold-out; the first
presentation for 2000 has already shown strong registration. We are
pleased to report that several hundred third party billing companies
have completed our courses in spite of the fact that the registration
fee is more than seven times the fee for our regular educational
meetings. Moreover, compliance has been an educational topic at every
HBMA National and Chapter meeting since 1995.
Interestingly, had the third party billing company that has been
cited in today's GAO's report been an HBMA member or had they attended
our compliance course, they would have known that what their client was
doing was improper. Furthermore, had the billing company followed our
compliance training, it would have ``fired'' or reported the customer.
Indeed, more and more of our members report that they have found it
necessary to ``fire'' customer(s) because the client has refused to
cease its (apparently) suspect behavior. Our compliance course
specifically discusses the need for third party billing companies to be
aware of the potential that criminal enterprises, intent on generating
fraudulent Medicare claims, may seek out legitimate third party billers
to serve as a front for their criminal enterprise. It appears that the
conduct cited earlier is exactly such a case.
Every Medicare claim, regardless of its origin or mechanism(s) for
delivery to HCFA's contractors, carries with it a risk of either being
fraudulent or manipulated in such a way as to cause an overpayment by
the Medicare program. Our goal, and we believe the goal of this
Committee, is to reasonably reduce the extent to which this can happen
and create a mechanism where auditors can more readily detect those
instances of fraudulent billing that may occur. We also believe that
the Medicare program's best source of protection is the partnership of
a medical practice with an effective compliance program and a billing
company with an effective compliance program; rather than increasing
risks to the program, this relationship would double the program's
protection. With two compliance programs at work, the chances of
errors, as well as deliberate misconduct are sharply reduced. We are
happy to report that such arrangements already exist and are a growing
trend as our members encourage their clients to develop and implement
their own compliance programs.
It is also important, Mr. Chairman, as we engage in this dialogue
on how to prevent fraudulent billing, that we do so with an
understanding that no matter how creative we may be in establishing
mechanisms for the prevention and detection of fraud, we realize we
will never eliminate deliberate billing fraud. The simple reason is
that the creativity of the criminal mind knows no bounds. Just as
sophisticated bank vaults do not stop determined bank robbers from
their crimes, no system of registration, auditing or oversight, will
prevent a criminal from defrauding Medicare.
definitions and classifications
The analysis prepared by the GAO and the OIG make constant
reference to ``third party billing companies'' without attempting to
define their use of the term. This is important, since the issue is far
more complex than it would appear to the layman. Certainly, a
separately incorporated company offering billing services is a billing
company. But . . .
1. What about the medical practice that, for tax reasons, has
incorporated its own billing office under another identity?
2. What about the claims clearinghouse to whom claims are sent by
medical practices and/or billing companies?
3. What about the billing software vendor serving as a ``collection
station'' who then forwards the claims on to a clearinghouse,
or the software vendor that serves as a clearinghouse itself.
4. What about the claims editing vendor who edits the claims on their
way to the software vendor and/or clearinghouse?
5. What about the collection agency to whom uncollected claims are
referred by the practice after the billing process (the
practice's or their billing company's) has failed?
6. What about hospital-owned practices, billed by the hospital under
the identity of its MSO (Management Service Organization)?
7. What about insurers who own practice(s) and provide billing?
8. What about the company that provides off-site printing and mailing
of paper claims as a subcontractor to the practice and/or the
practice's billing service?
9. And, of course, what about the Practice Plan providing centralized
or de-centralized billing support for medical school faculty?
The number of variations in billing and service relationships is
nearly infinite, and they change constantly, usually driven by
entrepreneurs, excess operating costs and/or changes in technology. It
is impossible to anticipate the number of combinations and variations
of claims handling: to register only one party (a billing company, if a
clear definition can be constructed) would be unfair and would not
achieve the apparent goal of this initiative; to register and track all
of the possible combinations could become impossible. We are concerned
that any initiative to ``register'' claims submitters would overlook
large segments of the industry that regularly handle some part of the
claims preparation and/or submissions process.
the registration process
We have considered the list of potential factors that might be
involved in the registration of Medicare claims submitters. Listed
below are some of the aspects of this potential process that we
consider potentially problematic:
1. How is a ``billing company'' defined?
2. By whom would billers be registered? HCFA, the Carrier(s), or
another central source?
3. How would ``registration'' be accomplished? A simple name, address,
telephone and FEIN #, or a long, detailed ``855-style'' form?
How could a new ``billing company'' begin business without a
number, and how could it be a ``submitter'' without one?
4. What would be done when the ownership and/or or management of the
``billing company'' changes? What would be considered a
``reportable'' change?
5. How many ``registration(s)'' would be required? One, or one for each
type of claim (Physicians, Hospitals, DME Companies, Home
Health Agencies, Nursing Homes, Ambulance Services, etc.)?
6. Would ``registration'' discriminate against billers and discourage
their use?
7. How would ``billers'' with multi-state constituents be affected?
8. Would the practice handling its own billing be registered? If not,
why not?
9. Where in the Uniform Data Set would the biller registration number
be located?
10. Where on the HCFA 1500 form would the number(s) be printed?
11. How much lead time would be required for Carriers, Intermediaries,
software vendors, clearinghouses and others to adapt their
systems? (We estimate three to five years.)
12. Is a ``submitter'' a company or a person?
the oig's report
We have had an opportunity to perform a preliminary review of the
recently released Inspector General's report entitled, ``Medical
Billing Software and Processes Used to Prepare Claims.'' Before
addressing the specific recommendations made by the OIG, I would first
like to comment on the information gathering process used to develop
these recommendations.
As we read the OIG's report, it appears that the sole basis for
concluding that the Medicare program is at risk due to claims
submissions by third party billers is that an additional party has been
added to the claims processing chain between the practice and the
Medicare contractor. We found no information presented in the OIG
report to demonstrate that there is direct evidence of a third-party
billing company problem. The fact that ``more than 30 billing
individuals/entities have been excluded from participation in the
Medicare and state Medicaid programs'' is the only thing approaching
evidence of a problem.
We noted that the report contains numerous examples of incomplete
or incorrect understanding of how the billing industry operates, how
practices utilize billing services, how the commercial billing software
industry serves practices and billing companies, and the report reaches
a number of inaccurate conclusions regarding the types and levels of
risk associated with claims handled by billing companies,
clearinghouses and medical practices. HBMA would be willing to itemize
these concerns, although it may be unnecessary, since we agree with the
broadest conclusion of all--that knowing the identity of EACH AND EVERY
party involved in presenting a claim for payment would be beneficial to
reducing fraud and abuse. However, this may not be economically or
technically practical.
The OIG's Report notes that ``it is estimated that there are more
than 5,000 third party billing companies. To date, ``more than 30''
(the OIG's online database reports exactly 30 individuals and/or
companies) have been excluded from the Medicare and Medicaid programs.
That is six tenths of one percent of the number of companies that may
be submitting claims to Medicare or Medicaid. To further put this in
context, we noted that according to the OIG's web site, more than 40
federal or state employees have been excluded from participation in the
Medicare or Medicaid programs. Finally, in terms of the magnitude of
this problem within the overall context of Medicare fraud, only 30 of
the nearly 18,000 individuals or entities (or .0016) excluded from the
Medicare program are classified as third party medical billers. I am
pleased to report that none of the excluded individuals or companies is
or was an HBMA member.
Incidentally, the only HBMA member ever adjudicated of a claims-
related violation was promptly suspended from membership, pending the
court's determination of the penalties to be imposed. That company is
now under a Corporate Integrity Agreement, has had its ownership
restructured, and we have asked the new President to apply for and
justify reinstatement or face termination of its membership.
Mr. Chairman, we believe it is fair to conclude that every
individual or organization that ``touches'' a Medicare claim is in a
position to commit fraud with respect to that claim, including the
contractors who process them. What is not clear is whether the
potential for fraud is any greater at different points in that chain.
In other words, is a claim handled by a third party biller any more
likely to be used to commit fraud than a claim submitted directly by
the physician's office?
We believe that there is little or no clear evidence of a problem
and we are troubled by the OIG's conclusion on page 9 of the report
that states: ``Inability to assess whether a claim came directly from a
provider or passed through the hands of a third party represents a
vulnerability in Medicare program safeguards.'' We suggest that an
equally reasonable conclusion--given that there have been so few
billing entities excluded from the Medicare program--is that claims
submitted by third party billers are less likely to be erroneous and
therefore less likely to be fraudulent.
Now to the specific recommendations and a preliminary reaction to
these proposals: Due to the fact that we only learned of these
proposals very recently, the Association leadership has not had an
opportunity to discuss these recommendations nor consult with our
members. Consequently, the comments I make about these recommendations
are the views of someone with over 30 years of experience in health
care billing and not those of the Association. We will, however,
discuss these proposals with our membership and provide you with an
organizational position in the near future.
1. Identification and registration of all clearinghouses and third-
party billers.
In concept, we support the idea of identification of clearinghouses
and third-party billers. However, we suggest that this should be
broadened to include everyone who submits claims to government payers.
In other words, the claim should not only identify whether the claim
was submitted by a third party billing company, it should identify
whether the claim was submitted by an employee of the practice, and all
of the (many) others who may have handled the claim prior to
submission.
We would also suggest that because many third party billers handle
billing for practices located in multiple states, the identification/
registration process should be national and not carrier specific. Some
of our members have a national clientele spanning dozens of states; the
prospect of securing and keeping track of dozens of submitter numbers
is daunting, to say the least.
In addition, the majority of our members utilize commercial billing
software. None of the programs currently contain a provision for such
an identification number. We predict that it will take the software
industry two or more years to accommodate a new data element
requirement and the transmission of it. Medicare Carriers may need even
more time.
2. HCFA should only accept electronic claims from authorized sites and
terminals.
Please refer to our comments, above, under THE REGISTRATION
PROCESS. In addition, we do not understand the report's reference to
``terminals.''
3. HCFA should educate the provider community concerning their
liability for erroneous claims submitted to Medicare using
their provider number.
Educating the provider community is laudable and we would welcome
HCFA's assistance in this area. Our members go to great lengths to
educate their clients about their legal responsibilities. These are not
the third party billers claims, they are the practices' claims. We are
merely acting as the agent for the practice and we are therefore
dependent upon the quality of information we receive from them to
prepare and submit their claims. The old saying, garbage in, garbage
out, is particularly relevant to third party billers.
On all of these issues, Mr. Chairman, the HMBA is eager to work
with HCFA and HHS's Office of the Inspector General to develop
standards that are fair, equitable and reasonable in view of the scope
of the potential problem.
As I mentioned in my description of the third party billing
industry, the majority of third party billers are small businesses. For
some, this is literally a cottage industry; some third party billers
are home-based businesses. If requirements are created that are costly
or create an environment that suggests that practices that use third
party billers are subject to a higher level of scrutiny, it could
reduce the desirability of using a billing company and could put some
companies out of business. HCFA staff has indicated that they view
third party billing companies as an ally in preventing improper claims
rather than being a source of them.
In conclusion, Mr. Chairman, we welcome the support of Congress and
the Health Care Financing Administration as the billing industry does
its part to prevent fraud and abuse and we appreciate the opportunity
to participate in this important matter. Our budget is, of course, more
limited than those available to the Medicare program. We believe it is
possible to develop a system that provides a higher level of confidence
in the third party billing process while at the same time ensuring that
a role for billing experts continues to exist. If reforms in this area
result in the diminishment or closure of third party billing companies,
we believe that the result will be more errors in claims submissions
and at least the potential for more fraud and abuse.
I would be happy to answer any questions you may have.
Mr. Burr. Thank you, Mr. Burleigh. Thank you for your
reminder to those of us on this committee that when that
pendulum on the clock swings from one direction to the other,
we have a tendency to let it go too far. I think you raise a
good warning to us as it relates to some things I am sure
members will ask questions on.
Let me thank all of our witnesses for their testimony.
Let me especially thank the OIG for making Special Agent
Lack available. The OIG has a policy that generally prohibits
field agents from appearing in congressional hearings, and we
very much appreciate their accommodating our request to have
Agent Lack here accompanying Mr. Morris. Given that they prefer
that special agents do not directly testify, I will let my
first question go to Mr. Lack so that he can answer a question
versus testifying.
I would ask you, if you would, to share with us anything
about the third-party billing cases that you have investigated
and also comment on the vulnerabilities that exist in the
Medicare program relating to third-party billing, Agent Lack.
Mr. Lack. Well, the case that was highlighted in Mr.
Morris's testimony was Handle With Care. What exemplifies the
vulnerability to the program is that Handle With Care billed
under the premise of different nursing homes. They would go to
a nursing home and they would tell them what appeared to be a
legitimate pitch--that they were missing charges that they
could legitimately recover. The company said to the nursing
homes, ``It would be no loss to you, we will bill on your
behalf, and the government will pay you, and then you just cut
us a check for 50 percent.'' So, it seemed like no loss to the
nursing home. It seemed legitimate, since the check would come
from Medicare to the nursing home.
The billing company proceeded to prepare a claim for
surgical dressings, using a surgical diagnostic code, and the
computer logic went: ``Surgical dressing, surgical code, pay,''
and then paid the nursing home, and eventually ended up paying
70 nursing homes in the same way.
We didn't know that there was a billing company out there.
It ended up we had several cases in the United States open on
this kind of problem, not realizing we were dealing with one
company. One thing about companies that are questionable is
they want to get in; they want to get the money; and they want
to get out fast; and that is what happened with Handle With
Care.
By the time we determined that it wasn't the nursing homes'
fault, it was this company, the company ceased to exist. In
fact, it had split into two companies. The sisters had a
disagreement and each went her way forming her own billing
company, now billing other nursing homes. We knew Handle With
Care, but were figuring out we got a new company.
We then attempted to find out who this new company was. Our
problem was there was no data base with which to determine
this. We were lucky in being able to determine what codes were
being used and queried the system on those codes. We found, in
fact, one of the sisters was actively engaged in this fraud as
we were working. We were able to mount an undercover operation
and get her to pitch us and find out, one, how this pitch
worked; and, two, how the mechanism worked that they got it
through.
The highlight of the vulnerability was this billing company
was masquerading as nursing homes. That is a particular problem
highlighted by that.
Another case called ``Physicians on Call'' from the late
1980's, that was my first experience with billing companies. In
that case, the company recruited brand new medical graduates
and said, ``We will start you up with a medical practice
visiting nursing home patients, because they have to be seen
every 30 days. We will get you a Medicare number. We will take
care of the hassle for you, because, I think the regulations
are somewhat difficult.'' Both Handle With Care and Physicians
on Call oversold the difficulty of it and got people to say,
``Well, if it is too difficult, you know what you are doing.''
These doctors gave permission to use their number or to get a
number and use it to bill. What they didn't realize was the
usual fee for an intermediate visit was padded by Physicians on
Call as an extensive visit. The Medicare contractor sent the
check to Physicians on Call, thinking it was going to the
doctor. Physicians on Call cut a check back to the doctor for
what should have been billed and kept the remainder, which was
the fraudulent portion of it.
The Medicare system actually worked in its analysis of
utilization by these physicians. The system found these
physicians were billing high for these types of services and
did an analysis, finding the payments were not typical. The
Medicare contractor called the physician in. The physician
said, ``I didn't bill you; somebody else billed you.'' But
Medicare said, ``This is your number on the check; you are the
one we paid; it is an overpayment; and you are eligible to be
excluded from the program.'' This surprised the brand new
physicians. They called Physicians on Call, and, like Handle
With Care, Physicians on Call said, ``We would like to help
you, but we are out of business; we have no money; and good
luck.''
So that also highlighted the masquerading of a billing
company.
Mr. Burr. Let me say, for the purposes of the witnesses and
members, it is the intent of the Chair not to keep a clock on
members and to be a little more informal because of the few
number of members that are here. I would just ask all members
not to abuse that, including myself.
Ms. Thompson, would you like to comment on what you have
just heard from the standpoint of the Health Care Financing
Administration?
Ms. Thompson. Well, as I mentioned in the testimony, we do
believe and agree with all that the GAO and the OIG have said
about what we don't know about third-party billers. My question
is, what is the right set of solutions to respond to that? As I
hear some of the cases described, for example, I wonder to what
extent, had we registered billing agents, that that would have
really addressed the problem, for example.
In a lot of instances, for example in the case that Mr.
Hast talks about, it seems to me there is a person masquerading
as a provider that really isn't a provider. That is something
that we should be catching and dealing with in our provider
enrollment process.
In the cases that Mr. Lack is describing, it seems to me
one of the issues is providers or suppliers or physicians
basically delegating their responsibilities and saying I am not
going to worry about this, I am not going to pay attention to
what is going on, I am going to have my contractor deal with
all of these issues, not looking at the information that is
being submitted, not looking at the kinds of claims that are
being submitted, not doing any double-checking, not asking
about what are the credentials of the people, what are your
quality control procedures, do you have ways of ensuring that
claims that are being submitted are correct.
So I worry a little bit about rushing to a false solution
that makes it appear as though we have really addressed the
problem, but the fundamental vulnerabilities still remain.
Again, that is one of the reasons I raised the question
about what is the right set of expectations for the physicians
and the suppliers and providers who are doing business with
some of these companies. What should they be doing? What are
the right set of expectations for us to place on them to say,
you can't simply delegate away this responsibility and decide
you are not going to worry about it anymore, you are not going
to care about it anymore, you are not going to look at
information being submitted to the program on your behalf?
Mr. Burr. Let me share with you a personal frustration on
the part of this member. With only 6 years of experience at
serving on this committee and looking at our health care
delivery system as it is currently designed, I think one of the
frustrations that I have is that it seems that the fraud and
abuse initiatives of the Health Care Financing Administration
are, in fact, the results of congressional hearings and the
investigations of GAO and OIG. It is not an internal evaluation
of the vulnerabilities that exist in our system and a proactive
initiative by the Health Care Financing Administration to make
sure that we have a system in place that does not require
Special Agent Lack to, in fact, be on the job. I am not trying
to put him out of business. I can assure you we have got plenty
for him to stay after.
But I share that with you in an open way, to tell you that
this is a frustration. It seems that our level of interest in
fraud and abuse is driven based upon the threat of a possible
congressional hearing on a specific area. I would hope that, in
the future, those initiatives are something that can be
determined prior to fraud and abuse being committed, to the
degree that it can be.
I would also take this opportunity to tell you this is not
a member that believes that we will increase the solvency of
Medicare by another 50 years because we can squeeze out fraud
and abuse. I think that publicly that is sometimes the belief
that is conveyed from this institution to the American people.
But clearly we have a responsibility for the fiscal integrity
of Medicare regarding how the money is being spent.
The Chair would recognize Mr. Bryant for questions.
Mr. Bryant. Thank you, Mr. Chairman.
I was going to start with Mr. Lack on a question, but I
want to start with Ms. Thompson, because I think you hit on a
good point, something that I am sitting here thinking about,
and you partially answered my question. But in this
relationship that is set out, where the health care provider is
entitled to be paid, and a lot of these health care providers
have actual employees on the payroll where they are responsible
for the billing process and getting the right codes, and I
assume they take great care to properly train these people and
make sure, for instance, that they are not up-coded, that they
are coded properly--we will talk about that in a minute. There
are those out there like that.
Then we have got this situation where many use the
intermediary, the third-party people that Mr. Burleigh
represents in his Association.
You talk about the expectation thing. Let's talk about
legalities here. What is the legal relationship, in your view,
between a health care provider and this third-party person I
assume they contract with to handle the administration of their
claims?
Ms. Thompson. Largely we have treated that as a private
transaction, like how any provider or supplier or physician
might decide to arrange their practice in a way that makes
sense to them in terms of their employment practices or in
terms of whether they employ consultants to help them with
training, whether they employ auditors to look at their
practices, whether they employ compliance training firms to
come in and help them develop compliance programs and so forth.
So we have seen that as sort of a subcontract type of
arrangement, where the provider, the supplier, the physician is
basically our prime contractor, and they have subcontractors
who may specialize in certain areas or assist them in certain
areas, but ultimately they are the ones responsible, they are
the ones making those selections, they are the ones assessing
the qualifications and capabilities of those kinds of entities.
Mr. Bryant. Okay, you said something at the end that may
have answered my question. You said, ultimately, the buck stops
there; they are responsible. Do you accept the premise that the
providers have legal liability, legal exposure, for the fraud
and abuse that person they have contracted with, their
subcontractor, perpetrates on the United States Government? Do
you take that position? If so, do you go back after the health
care providers in a civil fashion to recover the dollars? Does
that happen?
Ms. Thompson. Yes. But I would offer perhaps Mr. Morris to
expound more on that.
Ultimately, yes, the payments are made to the provider,
regardless of whether or not they select an agent who helps
them collect that payment and post accounts receivables and so
forth. If there is an overpayment, it does get taken back from
that provider. Whether or not they are legally culpable, of
course, in a civil or criminal matter will in some part depend
upon whether or not they meet the legal standards for reckless
disregard and so forth.
Mr. Bryant. One angle we are talking about today where it
is not the provider cheating, it is the provider's third-party
subcontractor, there are all kinds of answers to this; and we
can talk about maybe HCFA ought to set some standards and
requirements for these third-party payers to come in and be
qualified. But it seems to me the simple solution is to look
back to the health care provider with whom we have the contract
with, who has deep pockets. If they can't be any more careful
in who they subcontract with or who they oversee or check, some
of the people where they are being cheated, they don't catch
that, if they can't be more responsible, then they are the ones
that owe us the money.
I am wondering why we are here trying to find a solution at
the Federal level in overseeing this, when it is just a simple
matter of going back to that provider and saying, I am sorry,
but the folks you trusted abused the system and committed fraud
or abuse, and we had to overpay them, so therefore you owe us
this.
Maybe by making some examples--and I have friends that are
health care providers, and I hate to lay it on them, but they
are the ones responsible. By letting them know in a clear,
visible, financial way that then maybe they will be more
careful in who they hire and be more careful in overseeing and
making sure that these folks they hired are not cheating. To
me, that is the simple solution to this aspect of third-party
fraud and abuse.
Mr. Burr. Would the gentleman yield for 1 second? I know
Mr. Morris wants to answer the question you asked, but let me
turn to Mr. Lack for just a second. Because you got on the
inside. You understand--you got pitched.
Mr. Lack. Yes.
Mr. Burr. I guess my question would go right at the heart
of what Mr. Bryant is raising. Did you find that the pitch
really did feed off of the difficulty that doctors have any
assurance that they are in compliance with what the rules and
regulations are?
Mr. Lack. Yes. As a matter of fact, with the pitch that we
received, we portrayed ourself as a nursing home chain seeking
the assistance of Handle With Care. As part of it, we had an
agent acting as a medical records technician, saying, ``Why
can't we do this ourselves? Why do we need you?''
And what we got pitched back was, ``Medicare doesn't want
you to know how to bill. It is a secret. It is a trade secret.
And you know how difficult this is, and we have been at this
for years. We used to work for an intermediary.'' Which was not
true. Most of it was puffery and fabrication. But we would not
have known that as a company. We would have had to check their
references.
And they had very good references, by the way, extremely
good references. Because of all the other nursing homes--the
nursing homes didn't know they had been defrauded originally.
The first one they went to in Seattle, they went to work for a
week, and Medicare cut a check to the hospital--the nursing
home was owned by a hospital--for half a million dollars. The
hospital would say, ``This came from Medicare. How can it be
fraudulent? It went through the system. Everything is fine.''
It wasn't until those claims were reviewed at our request 2
years later that the fraud became evident. Medicare processed
those because the computer thought they were fine. It is
surgical dressing, surgical diagnosis. The computer didn't ask
the critical question: ``What are surgeries being done for in a
nursing home?'' The computer just did what it was told to do.
In that case, it appeared to be a legitimate transaction.
This nursing home was very happy. Actually, they enlisted the
help of a large law firm, a law firm that specialized in health
care matters, and they underwrote Handle With Care for the tune
of a couple million dollars, saying this is great. This law
firm was then representing Handle With Care and getting clients
for it. When they come to us, they come to us with
representatives from the Seattle hospital, which is a
legitimate major concern, and representatives from this legal
firm that was legitimate. So, for all intents and purposes, it
appeared legal.
Mr. Bryant. But it seems to me again we are chasing the
wrong horse here. It is a simple matter that the health care
provider is liable for the subcontractors, at least in terms of
not going to jail, but in terms of paying that money back if we
put that onus to pay money back on the provider, that sounds
good.
These folks are doctors. They go to medical school. They
have MBAs running their hospitals and clinics and so forth.
These are smart people. They are going to have to get the
message that, yes, if these folks cheat, we are going to
ultimately be responsible, as they would be in any such legal
relationship. This is not an exceptional case for doctors and
hospitals. It seems like, anyway, that would be the simplest
solution.
Those people, like the third-party payers who commit fraud,
criminal fraud--and my question to you was going to be, do you
ever see any of these people go to jail? Or is it always just
they are on a list somewhere and they can't do this for a while
or they have to pay the money back? But do any of them go to
jail?
Mr. Lack. In the Handle With Care case we were successful
in all avenues. One of the sisters went to prison for 3 years.
The other went to prison for 5 years. We brought civil actions
against the nursing homes because we held them responsible for
not looking at nine claims. They should have asked more
questions. The main question is, ``If I get a check for
$500,000, I don't want to miss that in the future. What did we
do wrong?''
So we recovered--of the $7 million that was offered paid,
we recovered $5 million of it in civil settlements against 15
of the nursing homes.
Mr. Bryant. Without being abusive, let me just thank you
for your answer and commend you for sending some people to jail
that need to be in jail for a while, and let Mr. Morris make
your comment.
Mr. Morris. Although you are correct that both the
provider, in this case the nursing home or the physician and
the third-party billing company, are responsible for the claim
and the False Claims Act specifically addresses those who
submit or cause to be submitted a false claim, there are three
potential challenges to the solution you proposed.
The first is that ofttimes we cannot find all the providers
that a third-party billing company has enlisted, wittingly or
unwittingly, in its scheme. As Mr. Lack explained in his case,
we did not realize that there was a common thread to separate
investigations. So it may be, even when we close down a crooked
third-party billing company, we never learn all of those who
intentionally or otherwise benefited from its scheme.
The second problem is that, many times, the amount of money
that a particular provider receives as a result of these
schemes is relatively small. When we are talking about millions
of dollars in fraud taking place in our programs, we obviously
have to allocate resources. So a $15,000, $20,000, $30,000
fraud, although not insignificant and is money that should come
back to the trust fund, may not warrant the sort of attention
that a $1 million fraud has. Even if we know who the health
care provider is that benefited from a crooked third-party
biller, it may not be an appropriate use of our resources to go
after that one. Finally, we are always mindful of providers'
ability to pay.
If we take money back from a provider who thought it was
receiving legitimate payment for legitimate service, that is
money that comes off of their bottom line. Ofttimes we are
confronted with the situation of having to ask whether it is
better to walk away from a known debt and allow a provider to
continue to provide quality services to needed patients or to
insist on that money being repaid.
So both the challenge of finding these people in a timely
fashion and actually getting the money back in a cost-effective
way makes the idea of just going back to the provider and
holding them accountable have some challenges to it.
Mr. Bryant. If I might just respond, I understand the
economies of scale on this, and I appreciate that, but I think,
again, if we put the burden on the--where it should be, we
could accomplish a great deal. We are not going to get every
case, obviously, but issues like small amounts, relatively
small amounts like $30,000, it seems to me if you know that
money is owed, send a letter to them, like in overpayments in
the past we have done that. Of course, I hear from my hospitals
and doctors when you do that. I say, why are you all being so
hard on them? But that is what you might need to do,
particularly if there is a pattern there.
Again, I think I am interested in sending a message out
there that we have to--this is a problem and we have to be
careful about this. I am not so sure it is HCFA and those of us
sitting in the room that have to be that careful, we should,
but the legal burden is on the people in the contract with
them, to check them out better and to monitor what they are
doing better, and maybe the way to get their attention to do
this is through the pocketbook.
Mr. Morris. If I could add one last point--and we agree
with that approach, we have issued a number of compliance
guidelines, one in particular to third-party billing companies.
We are now working on a compliance guideline, a voluntary
guideline, for physician practices. One of the issues we will
be addressing in that set of best practices is the need to make
sure they know who they are contracting with, consultants,
third-party billing companies and the like.
Mr. Bryant. We will let Mr. Burleigh speak after a while on
this.
Mr. Burr. I think Ms. Aronovitz would like to add
something. Let me say as I move to it, I have been sitting here
thinking as Mr. Bryant has talked about physicians entering
into this agreement and what Mr. Lack said trying to figure out
what drives them, with my belief that we do have a very
confusing system. I don't quite give the credit to physicians.
They are educated, they are intelligent up to a point. I think
business is not a course that they teach in medical school, nor
was tax preparation.
I sit here waiting for my taxes to come back. I contracted
with somebody that I thought was capable, reputable, and the
fact is that I am at the mercy of the calculations they come
to. They will ask me to look them over. If I was smart enough
to catch the mistake, I would have done the damn thing myself.
But the fact is that I am not capable of doing it because of
the confusion and the difficulty of wading through a Tax Code
that I am not educated enough to do.
I don't know that that is necessarily----
Mr. Bryant. When the IRS comes back and you underpaid, who
pays that?
Mr. Burr. They come to me.
Mr. Bryant. You get a different accountant next year.
Mr. Burr. I am not questioning that fact. But the same way
I would look at the Tax Code and say does it have to be this
difficult, I would look at your quarterly booklet of new
regulations and say, does it really have to be this difficult.
Ms. Thompson. If I may make a comment about that, in these
cases, as is often the case, because often we hear this, our
rules are complex, and some of them are--but these are services
that weren't rendered, every claim submitted was submitted at a
higher code. These are things, if anybody had been paying one
degree of attention to the claims submitted, they would have
known they were wrong.
Mr. Burr. Clearly, you are right. I think my point was more
on the motivational factor of the contract being entered into
originally. I think when we choose somebody who has the
references, who we have the confidence in, we tend, because we
are not experts, to trust the conclusions that they come to. I
think Mr. Burleigh said it. We will never weed out all the bad
apples.
Ms. Aronovitz.
Ms. Aronovitz. I think we are talking about an issue that
is--this a fundamental issue in terms of the way HCFA uses very
limited and valuable safeguard resources to identify problems
that arise.
I think Mr. Morris said the key thing when you talked about
how we could get HCFA to systematically identify providers that
have been either victimized or a part of a situation where one
problem third-party biller has engaged in erroneous or
fraudulent billing.
The problem right now, and one of the concerns we have, is
that HCFA, in identifying a situation where there is a third-
party biller and going after one provider, it can do that. But
what it cannot do is link that third-party biller with all the
other providers who might have been involved and systematically
deal with them as one case.
I think Special Agent Lack and Mr. Morris both described
the extra resources and intellect it took to finally realize
that this one third-party biller was behind quite a few
different fraud schemes around the country. That is
unacceptable. If there could be a way to link in either a data
base or some automated approach which would then get to
identifying individual providers or third-party billers in a
more systematic and constructive way----
Mr. Burr. Hopefully--we all hope the outcome of this
hearing is to stimulate the thought processes as to whether
this is a way to design that, and clearly I think we can.
Before I recognize Mr. Stupak, let me just ask one question
of Ms. Thompson. You said to Mr. Bryant that you consider this
to be one entity, the physician and the contractor as one. We
have new proposed regulations as it relates to health care
privacy. Do you consider that the third-party billing agent is
under the guidelines that you extend to the physician as it
relates to health care privacy?
Ms. Thompson. I am not the privacy expert, and I know that
those are fairly complicated rules. We will get you an answer
for the record. I believe that is the case.
[The following was received for the record:]
Yes, the proposed rule, which implements the privacy provisions of
the Health Insurance Portability and Accountability Act of 1996, would
apply to the third-party billing agent of the physician.
The third-party billing agent, who is under contract to perform
services for the physician, is a contractor. While the proposed privacy
rule applies to three types of covered entities (e.g., health plans,
health care clearinghouses, and health care providers who transmit any
health information in electronic form), its provisions also pertain to
the business partners of covered entities. Section 160.504 of the
regulation describes a business partner as a person to whom the covered
entity discloses protected health information to assist in the
performance of a function or activity and includes ``contractors or
other persons who receive protected health information from the covered
entity . . . including lawyers, auditors, consultants, third-party
administrators, health care clearinghouses, data processing firms,
billing firms, and other covered entities.'' Clearly, the third-party
billing agent falls within the purview of a business partner.
In section 160.506(e)(1) of the regulation, covered entities are
required to have contracts with their business partners to ensure that
the business partners appropriately safeguard protected health
information. This means that business partners of covered entities are
required to comply with the same privacy rule standards for the use and
disclosure of protected health information as covered entities.
Therefore, the proposed privacy rule requirements for protecting
health information would apply to the physician's third-party billing
agent.
Mr. Burr. So wouldn't that really compel you to want to
know who that third-party billing agent is?
Ms. Thompson. Our instincts are to want to know who the
third-party billing agent is. That is why we are collecting
that information on our enrollment forms. When we have fully
implemented our new enrollment process, it will do it.
Miss Aronovitz has talked about collecting information on
third-party billers, to be able to allow us to make some
linkages about which providers third-party billers are
associated with, for the purposes of looking at claims and
doing analysis and supporting investigations and so forth and
so on. There are some issues with that. Ms. Aronovitz talks
about the fact it is self-reported data. That is true. We are
going to be setting out requirements asking for periodic
updates of that information. It is also true, though, if
someone fails to do that, our recourses are somewhat limited.
People will say, well, I overlooked it. I didn't update the
information. But it was an oversight.
So I think that there are some issues with that, but I
think it is going to provide a lot richer data for us in order
to be able to aggregate and analyze claims that are being
handled by a third-party source.
Mr. Burr. I just want to make sure I understood you. As
director of the Medicare Program Integrity Group, you weren't
consulted in an integral way about the privacy regulations that
HHS was proposing?
Ms. Thompson. Yes, I was, but I am not the privacy expert,
and I don't have in front of me all of the answers to who falls
under what rubric.
Mr. Burr. Mr. Stupak is on a very tight schedule, I know,
and I don't want to take away from that, but I am going to come
back to this, because I think the implications of the privacy
issue are enormous. I saw Mr. Burleigh start writing. I think I
have raised an issue that he should be very interested in, too,
in taking your interpretation and understanding of how these
two tie together.
Mr. Stupak.
Mr. Stupak. Ms. Thompson, in response to Mr. Bryant you
said something like, this case was very simple. No one was
paying attention. They were overpaying false claims. I think 87
percent of the claims filed were false by this BMS. Who should
have been paying attention? Who should have been overlooking
the data that comes in?
Ms. Thompson. Well, clearly, it is one of our
responsibilities, in terms of analyzing the claims, that we
receive to assess whether or not those claims are correct and
appropriate for payment. Obviously, with 1 billion claims, it
is very difficult for us to collect a medical record on each
one of those claims or to go out to the providers or the
beneficiaries onsite and document that those claims were
actually rendered.
Mr. Stupak. If you have the responsibility, then where is
the accountability then? Who do we hold accountable when we get
cases like this?
This isn't something that just happened. I entered Mr.
Dingell's report from GAO, which was June 1999, but I know this
has been on the radar screen for several years now and doesn't
seem like we are any closer to a solution to this problem.
So while maybe people are willing to accept responsibility,
I guess we are still not getting accountability here. How do we
go about implementing this so it doesn't continue to happen?
Ms. Thompson. I have to say that I always want to caution
people about the idea of how do we fix the problem of people
submitting claims that aren't true, and there isn't an easy,
silver-bullet answer to that. If there was, we would do it, and
we would put the OIG out of business, and they could go home
and move on to other areas of fraud.
Mr. Stupak. That is not realistic. I said it has been going
on for a couple of years. The GAO report in June 1999 put forth
conclusions that it should be done. What has been done to
implement the conclusions of almost 10 months ago? Anything?
Ms. Thompson. We have had many conversations about what
steps we need to take, and I think that part of my testimony is
pointing out that two sentences saying you should register
billing agents who collect this data doesn't quite reflect the
complexity which Mr. Burleigh discusses, about the kinds of
questions we need to answer so we are not imposing a regulation
on the industry, that really doesn't accomplish what any of us
want it to accomplish and creates administrative burdens and
new requirements without really addressing the underlying
vulnerability.
Mr. Stupak. You said you have had some conversations, and
the two lines you put out in your statement there, those
suggestions have been around even before June 1999, even before
that report. So how many more years are we going to have
conversations before we actually get some implementation of
something?
Ms. Thompson. Mr. Stupak, implementation of what? What
would you like us to do?
Mr. Stupak. Just start with the third-party billing. Let's
start with the identifications and identify who they are.
Ms. Thompson. So what are the answers to the questions that
Mr. Burleigh and I have raised in our testimony about who we
should classify as a third-party biller, and what standards
should be set for them, and what is the registration process so
that we can validate the information that we receive?
Mr. Stupak. Well, the rule of law under HCFA says the
person who receives it is the provider, right? You have to have
a provider number, right?
Ms. Thompson. Right.
Mr. Stupak. Someone applies to you. They are either a
provider or not. So if they are not, I think they would fall
into third-party billing.
Ms. Thompson. We don't enroll third-party billers. We
enroll providers. I think the question is whether or not we
should enroll----
Mr. Stupak. Hasn't the recommendation been for some time
now, even before the June 1999 report, that it is time to
enroll these third-party billers?
Ms. Thompson. Yes.
Mr. Stupak. So other than just having discussions among
yourselves, what have you been doing to get the process off the
ground?
Ms. Thompson. We are not prepared to say that we agree that
that is the right solution.
Mr. Stupak. If that is not the right solution, then what is
your suggestion as the right solution?
Ms. Thompson. What we are inclined to do is say, yes, we
need to have a process for tracking claims so that we can
understand who is associated with the preparation of those
claims. Again, the response to that--I think we also need to be
clear about what that information is going to give us, and
whether or not we can be confident about the reliability of the
information--to the extent we have collected information from
providers, for example, on who their third-party billers are,
as Ms. Aronovitz points out, how confident are we that
information is being updated and that information is correct,
or in absence of a registration process, how well we link
commonly owned, say, third-party billers from one to another.
Mr. Stupak. To summarize, you are really not sure what you
should be doing yet. You haven't made a decision yet.
Ms. Thompson. That is one of the reasons we are very happy
to have this hearing and work with the committee on what are
the proper responses.
Mr. Stupak. Let me ask Ms. Aronovitz and Mr. Morris. Each
of you know the GAO report was completed for Mr. Dingell in
June of last year highlights a number of weaknesses regarding
the way HCFA tracks third-party billing. Since that report was
issued, can you tell me of any material changes HCFA has made
to corrects these problems?
Ms. Aronovitz. I think in our report last June we did not
actually take on the idea of registration. We were concerned
with some other fundamental problems about activities that HCFA
had agreed to do, and that was to update its provider
enrollment data base and to develop its automated system. We
see that there are some real gaps in reliable and complete and
timely information in those two efforts, and our hope is that,
at a minimum, HCFA will consider ways to deal with those gaps.
Mr. Stupak. Those two gaps----
Ms. Aronovitz. Those still exist right now.
Mr. Morris. In a report we issued earlier this week
entitled Medical Billing Software and Processes Used to Prepare
Claims, one of our conclusions was there was a need for
identifying and registering all clearinghouses and third-party
billers, and there was a need for improving safeguards. HCFA
agreed with those recommendations. I don't think we are finding
resistance from HCFA. As Ms. Thompson indicated, the question
is how to do that effectively.
One of the problems we have seen, not just in the third-
party billing context but all of the interfaces we have with
providers or their representatives, is how do we know the
information is accurate and updated? So one of the balances is,
if you get all this information in, can you rely on it and what
do you do with it?
We do think there are vulnerabilities. I think Ms. Thompson
made it clear she acknowledged that as well. To answer your
specific question, I am not aware of any changes from the
summer.
Mr. Stupak. Mr. Burleigh?
Mr. Burleigh. Well, I think that this is probably a good
point to make several comments on, but to respond specifically
to your question, the idea that a third-party billing company
is a third-party billing company oversimplifies this.
For example, a medical practice might, for tax reasons--and
there are a number of examples of this--incorporate a separate
identity to employ all of the staff involved in its billing,
and they do that because they can have separate pension funds
and so forth. Is that a billing company? Their only customer is
the owner of the billing company. It is a different name.
Some of those organizations provide billing services to
other practices. Gee, I am having trouble with my billing, and
my colleague tells me they are doing pretty well, so I will
hire my colleague and their practice to do my billing. They use
commercial software. Because of the aggregation and sort of
critical mass required for claims submission, it is not unusual
for the software vendor that provided the software to become a
collection point for the claims. They then forward that to a
clearinghouse.
Mr. Stupak. That may all be true, but, again, if you rely
on 42 USC 1395, it says that payments made to a beneficiary or
under assignment to the medical provider who provides the
service----
Mr. Burleigh. That is how it works.
Mr. Stupak. [continuing] whether they set up a corporation
to do their billing or anything else, it if it is supposed to
be to the provider, if it is not the provider, then I think it
is a third-party.
Mr. Burleigh. The payments are not made to the third-party.
The payments are made to the practice.
Mr. Stupak. The third party does the billing, right?
Mr. Burleigh. That is right.
Mr. Stupak. So they should have a separate identification
number, separate from the doctor or the hospital providing the
medical service.
Mr. Burleigh. The complication is the number of third
parties involved in that process explodes. The practice hires a
third-party biller. The biller is a relatively small
organization. They transmit the claim that they have prepared
to the software company whose software they are using. The
software company aggregates them with others, forwards it to a
clearinghouse.
Mr. Stupak. That may be all true. Maybe I am taking a
little hardheaded approach here, but this has been going on for
some time. I don't think it is that difficult to identify a
provider and third-party biller. I mean, we just were talking
about our taxes. Most of us probably have someone else do our
taxes. That person who prepares our taxes has his
identification or her identification number on there. I still
have to sign it. I still have to put my John Hancock on there.
If there is a problem, I am still responsible.
But, you know what? There is a provider number for that
accountant or CPA firm or H&R Block or if Burr is doing my
taxes, heaven forbid, he has to have one. The point being, I
don't think it is that difficult to identify these third
parties if we get at it instead of continue discussions and
make up excuses--you know, different scenarios how we could get
around it. If we do it with the Tax Code, which everyone says
is the worst thing in the world to deal with, why can't we do
it with something like this?
Mr. Burleigh. We agree conceptually identifying who we are
is not a problem. The concern is that, in terms of the
practical process, if the billing company has touched a claim,
put their number on it, if the software company that they sent
it to has touched the claim and could theoretically participate
in some fraudulent scheme, put their number on it also, it then
goes to a clearinghouse, and they have the same opportunities,
you have got to put their number on it as well. There are
additional variations of that. There are billing companies and
practices alike who subcontract to have their paper claims
handled by a third-party, even though they do their own
electronic claims, or they have other contractors do that. The
industry has become very, very complicated.
Mr. Stupak. Probably with all the rules, we made it more
complicated. Why don't we just call a summit between all the
stakeholders next month and have them come in and get a grip on
this thing and fix the thing?
Mr. Burleigh. We would be happy to do that.
Mr. Stupak. That is one positive thing I heard. Go ahead,
Ed.
Mr. Bryant. I thank my friend from Michigan.
Before you arrived, we were talking about this issue, and I
think it has become even more complicated.
Mr. Burleigh, I appreciate your explanation in terms of the
way the system works sometimes. It appears we have got multiple
layers now of subcontractors, and that subcontractor is
subcontracting, and as many as maybe two or three, which seems
to be something of a defense here, that, well, that is part of
the problem. That is why there is abuse and fraud. We don't
know who is doing it, but we are not doing it. Somebody else is
doing it.
I am not saying HCFA doesn't have an obligation and others
don't have an obligation at the top end to look down. But,
ultimately, all of these layers of subcontractors--the legal
responsibility goes back to the provider who hires the first
subcontractor. And it seems to me that is--I know it is an
oversimplification, but if we start going back against some of
my colleagues back home who operate clinics and doctors'
offices and hospitals and really letting them know I think they
have a legal obligation to the taxpayers to be more responsible
in who they bring on and monitoring who they bring on so we
don't get hit with this fraud and abuse--this is not to say you
don't have a responsibilities, too, but I think we are missing
a key component here. I know we are doing it some, but I think
we could do a better job of getting that message out.
I yield back.
Mr. Stupak. Mr. Burleigh, has HCFA contacted you, your
business, PractiCare, on your input on the problem?
Mr. Burleigh. We have had an ongoing dialog with Ms.
Thompson's office and with the Office of the Inspector General
and others in the government. Because, as an association, we
viewed this as an obligation that we have to be proactive, to
have a clean house, to be a strong advocate for compliance in
every respect, to promote it with our members and our members'
customers.
You will see in my written comments that we have even
advised our members that it may become necessary for them to
fire a customer if they have a problematic practice who has
asked them to do things that they are not comfortable with. So
we are very much in favor of keeping a clean process and
supporting compliance, as long as it is realistic and
practical, and as long as it really is not a false solution, as
Ms. Thompson said. Because you can know who we are, and there
are so many others involved in the process that you really have
not addressed the issue.
Mr. Stupak. Well, you know, as I think Ed pointed out in
his opening statement, he has only been on here--he is in his
first term. Mr. Burr and I have been on here for some time, 6
years at least, and it seems like we are always dealing with
the same thing, always getting the answer we are working on it,
and nothing gets done. From this end of the dais, it gets
frustrating. When I suggested a summit between the stakeholders
next month to fix it, I hope HCFA picks that up. Is there any
objection to having a summit and getting it resolved?
Ms. Thompson. I think that is a wonderful idea. As we noted
in our testimony, we plan--our upcoming provider enrollment
regulation asks for public comments on what steps we should be
taking to strengthen the oversight of third-party billers. That
could be, actually, a very helpful sort of precursor to wider
opportunity for public comment on what steps we should be
taking.
Mr. Stupak. Thank you, Mr. Chairman.
Mr. Burleigh. If I could just add one thing, last year we
met--our immediate past president and our current treasurer,
two of our board members met with Ms. Thompson and her staff to
talk about this specific issue; and we also participated in a
conference call with the GAO staff, who were also exploring
this on behalf of Congressman Dingell. So we have been active
and wish to continue to be active in assisting the committee
and developing a solution.
Mr. Stupak. Active discussions are great, but we want
active, concrete action.
Mr. Burr. I thank the gentleman.
I see that we have been joined by several more of our
colleagues. The Chair would recognize Mr. Green for the
purposes of questions.
Mr. Green. Thank you, Mr. Chairman. I ask unanimous consent
to have a statement placed in the record.
[The prepared statement of Hon. Gene Green follows:]
Prepared Statement of Hon. Gene Green, a Representative in Congress
from the State of Texas
Thank you, Mr. Chairman for scheduling today's hearing. The
problems of waste, fraud and abuse in the Medicare program is a
continuing one and this Committee must remain vigilant if we are to
ever start making progress toward diminishing it.
Today, we are examining the role of third party billers in the
Medicare system. Because of their access to billing information from
the health care providers and their patients, these companies, should
they be inclined, are in a unique position to commit fraud with a low
chance of discovery.
Part of the difficulty in tracking this fraud is that HCFA
currently has no way to determine whether or not providers are
submitting claims themselves, or if they are using a third party
billing company.
In the example that the GAO will present to us today, a woman from
Sugarland, Texas added a new twist. She operated as a broker between
doctors providing mental health services to nursing homes and another,
reputable third party billing company, using her access to doctor and
patient information to improperly bill Medicare for $1.3 million
dollars.
This case, currently under review by the U.S. Attorney's office in
Houston, should serve as a call to action, not just to this Committee,
but to HCFA, to implement regulations that will put an end to this type
of behavior.
Again, I commend the Chairman for calling this hearing and look
forward to the testimony of the witnesses before us today.
Mr. Green. Mr. Morris, your office, the OIG, released a
report suggesting that HCFA register all claims and
clearinghouses and all third-party billers. Following up on my
colleague from Michigan, in that report OIG suggested HCFA
cannot identify most of the clearinghouses and billing
agencies. I think that is what we heard in the last series of
questions.
First, what are the implications of this finding; and,
second, Ms. Thompson, after Mr. Morris, does HCFA agree with
the IG's findings in that it cannot identify most of the
clearinghouses and most much the billing agencies and all of
the people that may touch those? Mr. Morris?
Mr. Morris. The implications of that recommendation are we
would have then a data base by which we could draw patterns and
identify overarching practices and individuals. I think the
analogy of a needle in the haystack, this would allow us to use
a magnet to pull that needle out. It would give us another tool
to be able to identify problems which are broader than a single
provider. So it would be very helpful to us.
Mr. Green. Ms. Thompson?
Ms. Thompson. We did concur with the OIG recommendation as
we have been discussing. We do believe we need to develop more
information and have more information on the clearinghouses and
third-party billers involved in our process and have some plans
and efforts under way to increase the amount of information
that we collect on those billers.
Mr. Green. Okay. That includes the whole gambit, as Mr.
Burleigh talked about, of people who--everyone that may touch
that particular claim?
Ms. Thompson. I think that is one of the issues that we
need to sort out a bit better. Because there is a question, for
example, as to whether or not we would want to reach in to,
say, a small practice environment in one of our rural States
where there is a part-time contractor who comes in perhaps on a
weekly basis to prepare a claim. Do we really want to regulate
that kind of person and set standards for that kind of person?
Does that kind of person need to register? So we do need to
have some conversations about where to draw these lines and who
we want to define as a third-party biller and who we really
want to know about and track.
Mr. Green. If that part-time contractor all of a sudden
from that rural State that does it part-time all of a sudden
started billing three or four times what is expected, you need
to have some mechanism to identify that.
Ms. Thompson. That is right. There are some available
mechanisms where we might be able to see that. In fact, at
least in one of the cases that was discussed here today it was
a contractor actually performing focused medical review, which
is one of our program safeguard activities, that actually
identified the vulnerability and identified the improper
payments and actually triggered the investigation. So I think,
again, the question is, do we--you know, where do we want to
draw the line? Is it on everyone who may influence or who may
participate in a coding decision? And to what extent, for
example, would we want to set standards if we are doing that
for employees, say, of a physician's office?
Mr. Green. Mr. Morris?
Mr. Morris. If I could just add, there is a way of looking
at this that expands the analysis beyond just clearinghouse
registration. As we note in our written testimony, Congress
recognized as early as the early 1970's paying billing
companies based on a percentage of the revenues they bring back
to the client is an incentive to cheat, because the more you
bill the program, the more you can take off the top.
This is what we have seen in Handle With Care. They took 50
percent of the receivables. It is what we see with physician
billing practices. If you can inflate claims because you are
going to get a percentage of each claim that goes in in
dollars, that creates an incentive. Anonymity creates an
incentive to cheat, because, if no one knows what you are doing
in the dark corners, it is one more temptation. Registering
third-party billing companies addresses the issue of anonymity,
but we should also be thinking about whether there should be an
expressed, clear prohibition against incentive billing.
The way the Congress set the reassignment requirements up,
there is such a prohibition. But, as we note in our written
testimony, there is a very easy way that one can circumvent
that by having the payment first go to the physician who then
promptly reassigns it to the third-party billing company.
What happens is physicians will have all the money come
into an account and authorize its third-party billing company
to sweep that account every 24 hours. So from the appearance of
HCFA, it is making a payment to a physician and thus none of
the reassignment rules apply. Yet, in reality, the third-party
billing company has swept that account, taken all the money out
and, if operating on a percentage basis, has every incentive to
inflate the claims that went into that account. So as we think
about this, it is not just a question of registering third-
party billing companies and facing the challenges of dealing
with small providers and the like, but it is also going to the
fundamental incentive that anybody has to inflate services in
order to get a greater share of the fraud.
Mr. Green. Again, from what we have heard today and the
suggestion of my colleague, Mr. Stupak, do you think HCFA is
moving forward with what they are talking about, just from the
little bit of time here?
By the way, Mr. Chairman, I apologize. I was at the telecom
hearing downsize. Governor Gilmore was there, and very seldom
does a lowly Member of Congress get to question a Governor of a
State.
Mr. Burr. My only hope is I can touch you before you go.
Mr. Green. But do you think HCFA is on the road to drafting
new regulations or addressing the concerns that the OIG has?
Mr. Morris. I think so. I think, as Ms. Thompson indicated,
this hearing, our reports, the GAO reports, all add logs to
that fire. I think certainly they intend to try to address this
as best they can.
Mr. Green. Do you have any other suggestions that HCFA
could do? Obviously, hopefully you communicate with each other
more often than when we have these congressional hearings every
6 months.
Mr. Morris. One other suggestion we would offer, and it is
in our written testimony, is, in addition to knowing who we are
dealing with and cutting out the incentive to cheat through
these incentive payments, is that there be efforts made to
ensure that third-party billing companies are adequately
trained and know what they are doing.
In my written testimony I reference an advertisement we
came across in an airline magazine, where for $69 you could get
into the business of medical billing company services. It is
quite remarkable, if I could read from it.
For a mere $69 you can pick up a book called ``How to Start
a Medical Claims Processing Service'' that promises that your
prescription to a healthy income involves nothing more than
owning a computer, a printer, a modem and claims processing
software. The ad goes on: ``There is no training needed; and
with health care reform, the need for processors and the
profits to be made will only increase.''
We think that kind of inducement to bring people in who
don't know what they are talking about to this line of work
creates another vulnerability.
Mr. Burr. Would the gentleman yield for a second? I just
want to take this opportunity to point out, I am sure this is
not an ad that the association took out.
Mr. Burleigh. That is right.
Mr. Burr. I don't want there to be any link there. That ad
just on its face suggests that you have to have some type of
application or ID number or something that eliminates an ad
like that from filtering anybody into this business it can.
One real specific question: In your proposals, your No. 1
was you have got to have an ID. I heard Ms. Thompson say we are
not convinced that that is a necessity. I understand Mr.
Burleigh's reluctance, because sometimes our actions to tighten
an opening that is there becomes very onerous, and we are going
to stay focused on that as we look for solutions to make sure
it is not overburdening on stakeholders.
But there is a distinct difference. You are making a
specific proposal with a great deal of confidence that this is
one of the things we need to do. You are saying we don't know.
I am hearing that you are talking to OIG. I don't think you
didn't know that he would make this proposal. I think you have
probably shared it with him.
Mr. Morris. We talk frequently.
Mr. Burr. Had you ever seen that ad?
Ms. Thompson. No, although it was very scary to me, because
it was very reminiscent of some ads we used to see for home
health agencies about 15 years ago. We don't see them any more.
But it is a very scary kind of ad.
Again, I want to clarify, we do believe conceptually that
registering billing agents is something that we should do. The
question is less what than how.
Appreciating all the kinds of issues that Mr. Burleigh
brings to the table, as we have discussions about how would you
react to that and would you be supportive of that kind of an
approach--and the general answer again is, conceptually, yes,
but now what information are we collecting? Some of this gets
down to the details about how onerous is this going to be. How
high is the bar going to be? Can you decline to register me? On
what basis would you decline to register me and basically then
sort of make me unable to do business with providers who are
billing the program?
Mr. Burr. Clearly, based upon our reimbursements, if that
were a home health ad today, we could bring them up on false
advertising. They can't aspire to making a profit being in the
business.
Mr. Green. I just have one last question.
Mr. Burleigh, you remarked in your testimony that your
Association is concerned with, and in the last line of
questioning, any initiative to register claim submitters would
overlook large segments of the industry that regularly handle
some parts of the claims preparation and submission process.
Mr. Burleigh, how do you achieve accurate accountability over
the entire Medicare payment chain without your having to
register each and every participant involved in handling or
submitting a Medicare claim? In other words, what is the best
solution for tracking ancillary or third-party billers that
play some role in preparing these Medicare claims?
Mr. Burleigh. The methodology has to be divided, first,
between electronic claims and paper claims, because there
continues to be claims that require attachments and other
documents that have to be go on paper, and there are still
insurers who will not accept claims electronically. So on the
tracking electronic claims, our view is it would require there
be an identification number or an identification mark of some
kind that would be attached by each party that handled the
claim, and that would require space for probably five or six
possible additions to the claim before it got to the payer.
The physical aspects of that, the technological aspects of
that--there is a very well-established data set, and the time
required to reprogram the contractor's computers to receive the
information, the vendor's computers to transmit the
information, the practice to keep track of all of that
information, would be very time-consuming, and we have to begin
wondering to what benefit?
To go back to what Ms. Thompson said about the possibility
that we have a false solution, we agree that identifying all
the parties that have handled the claim will make the OIG's job
easier, and we don't disagree with that. We support that as
well. We believe in compliance. Our members are not concerned
about having anyone know who they are. Most of the examples
that have been discussed today describe a criminal enterprise
and not ordinary business being done by billing companies.
So, you know, again, we have no problem with it. We do have
concerns about how it would be done and whether it is
technically feasible and whether it is economically practical.
Mr. Burr. If the gentleman would yield, let me say it is
the hope of this committee that our policy won't be to make
Special Agent Lack's job easier. It would be that we discourage
people from committing the type of fraudulent claims that Mr.
Lack goes out and investigates. I think you just misstated what
you meant to----
Mr. Burleigh. Thank you for that suggestion. I think, too,
that Mr. Lack will never be out of work, just because there are
criminals in every walk of life, and some of them decide to
come down in the medical billing arena or in health care in
general.
Mr. Burr. There seems to be an attraction to that anywhere
there is a large pot of money. Clearly, this is one of the
largest that we can identify.
Mr. Burleigh. Let me just make a comment on an example that
Mr. Morris gave related to the $69 get-into-the-billing
business. That ad and others like it, there is an example that
$695, another one at $895, all of those represent essentially
consumer fraud and not billing fraud. What is really going on
there is the separation of the unaware from their money. No
billing ever occurs.
The people who respond to those ads are buying basically an
empty bag, because they get what they think is software that
will allow them to be in the billing business, and they are
misinformed as to the amount of money that they can get paid by
practices to provide those services, and they never get any
customers. So really what that describes is a consumer fraud.
No one ever really ends up in the billing business as a result
of those ads, as far as we know. We have had a number of people
who after buying the package contact our association to join,
and months later come back saying they can't find any
customers. They were told how to do this, and it isn't working.
It is because they really don't know.
Mr. Burr. Let me go back to you, Mr. Morris, because I
think the Office of Inspector General has done some studies on
providers that have identification now. You have looked at
those that--you know who some of the third-party billers are
now at HCFA. Have you looked at the data that they have got?
Mr. Morris. On electronic claims, there is a field for the
submitter which could be one of potentially many third-party
billers. I don't believe we have done any studies specifically
analyzing what that submitter data field means.
Mr. Burr. I was hoping to get a feel for the accuracy of
the information that they currently have or that exists about
these people.
Mr. Morris. I don't believe we have done any work to
determine what is on the electronic claim form, if it matches
present reality, for example, whether the number on the
electronic claim form for a submitter actually represents who
is doing the submitting of the claim.
Mr. Burr. Let me go to you, Mr. Burleigh. Prior to my
question to Ms. Thompson about privacy, did you know that HCFA
considered your members covered under the new proposed privacy
legislation exactly in the same way that the doctors are?
Mr. Burleigh. We interpreted the proposal differently. We
prepared official comments to the proposal and submitted those.
Our reading of it was that a billing company would be a
business partner, although one of our criticisms of the
regulations was that the proposal was left quite confusing as
to whether we were a clearinghouse or a business partner or
both or neither. So I think that the regulations require
considerable effort to clarify that question.
We are quite aware of the confidential nature of the data
we possess on a regular basis, and we regularly inform our
members on what they have as a responsibility to protect the
privacy of the data.
Mr. Burr. Ms. Thompson, who is responsible under the
proposed privacy legislation to purge the physician worlds on
any breach of medical data?
Ms. Thompson. Well, as a general rule, all electronic
claims that we are dealing with and that are dealt with within
the insurance world in general are going to be subject to the
privacy rule protections.
Mr. Burr. If there is a breach by a physician of medical
data, is it HCFA's responsibility----
Ms. Thompson. There are various penalties laid out, some of
which we have responsibility for and some of which may be
enforced by law enforcement.
Mr. Burr. That would be also the same penalty that would go
to the third-party billers?
Ms. Thompson. Correct.
Mr. Burr. How do we enforce that if we don't know who they
are? Mr. Burleigh said earlier we will never eliminate all the
bad apples. I believe that. Medical data is, I think, an issue
that all of us have taken on as a very big responsibility of
the Congress for the American people. We have attacked this
issue in a way that, though I haven't been in full agreement
how we have done it, we have erred on the side of protection,
in some cases when some of us thought it limited our
capabilities for research and development of future drugs,
devices and other things. But with that said, can we take it
that seriously and have an entity out there that has full
access of medical data that we are not concerned with knowing
who it is?
Ms. Thompson. One comment that I would make about that is
that, in any kind of surveillance or enforcement mechanism,
there are going to be various layers of detail and attention.
One of the issues that we always face, of course, in program
safeguard activity, is figuring out where to place those
resources and knowing we are not going to be able, for example,
to look underneath every claim that we process to assess the
medical record and the necessity of the service and whether the
service is coded correctly based on what we see in the medical
record, or even then to go below the medical record to say to
the beneficiary or to the provider, was this service actually
rendered? Was it rendered in the way described in the record?
So the question is always one of balancing how much
information do we want to collect and receive and deal with at
the Federal level, what do we want to enforce as an ongoing,
every-case kind of basis, what do we want to pursue on an
exception basis, and what should that entire surveillance
network look like.
I think that is one of the issues that we have to face with
the Privacy Act issues or the privacy rule issues, as well as
many of the other sets of rules that we establish.
Mr. Burr. I remember in the privacy debate--and correct me
if I am wrong, because I think you are closer to it than we
were. At a point of that debate we discussed whether we should
limit what insurance companies got about procedures performed
because we were concerned about what could happen to that
patient. And we got to the point where we were talking about
could it just be one lump sum. And the question that arose is,
how can an insurance company pay based upon not knowing what
was performed?
So I know how tightly we were in this debate and in the
negotiations. This seems to be an area that we have just
disregarded any concern about privacy and just said, well, they
are covered. I mean, it is an automatic link.
Whether Mr. Burleigh knew it or whether every member of the
Association knows it or whether the 5,000 individuals out there
know it, I think there is a question and probably an honest
effort to make sure that they do. But then we go back around
the circle and say, if HCFA is responsible for the integrity
and Congress ultimately, I believe, because we go back to our
constituents and say you don't have to worry, we have got
things in place, can I confidently with 5,000 individuals, or
potentially 5,000 individuals, can I go home and tell them that
all of the information they are using to bill these Medicare
claims, that none of that medical data gets out?
Mr. Thompson. One of the issues that we are addressing in
developing the proposed regulation actually goes back to HIPAA,
which established certain requirements for administrative
simplification of electronic claim submission standards, some
of which have to do particularly with security, with things
like the protection of data at rest, the protection of data in
motion, the encryption of data, the possibility for digital
signatures to authenticate who actually created or prepared the
claim. So some of those issues are being addressed as well
through that venue.
Mr. Burr. Let me go back to you, Mr. Morris, because I was
trying to work off my memory, which on a Thursday when we are
getting ready to adjourn--as you can tell, I am in travel
clothes. Nothing matches. I am just trying to reallocate these
to the right spot, whether it is North Carolina or Washington.
In the OIG report it said this: Studies have shown that
information on provider applications concerning billing
agencies is often outdated and inaccurate. Can you expand on
that at all?
Mr. Morris. You are referring to the reports we issued
earlier this week?
Mr. Burr. Yes.
Mr. Morris. Well, this is a concern that we have that I
think Ms. Thompson touched on. If it is the self-reporting
obligation with no sanctions associated with failure to keep
the information current, you don't know that the data that you
have, the data base you developed, has any value to you,
because it may be so outdated that you are dealing with
companies that no longer exist.
We have come across this in other contexts as well.
Ofttimes we will go out to the provider address which payments
have been made for and discover it is now a pizza parlor,
because we have not, nor has the Health Care Financing
Administration nor its contractors, been given updated data
about who it is we are dealing with.
So the vulnerability we have--and I think this is what Ms.
Thompson was getting at. If we put this data field together, if
we compel billing companies to provide us with their
identification, how are we going to make sure that it is
accurate, updated and reflects all the players? Because it is
very easy to put a number in a field. The computers are set up
generally to say look for a number in this field. If it is
there, move on.
Mr. Lack gave a good demonstration of it in the Handle With
Care case. If you put the right procedure code number into the
computer, it will say, ``Oh, surgical dressing, surgery, fine,
I will pay.'' The computer doesn't then ask questions like,
``What is a patient in a nursing home doing with surgery?''
Unless we have the computers ask, do we know that this biller
number is accurate, and when was the last time it was updated,
and has someone gone out actually onsite and knocked on a door,
that information sits there, but it has no value. So that is
the risk you face.
Mr. Burr. We update physician information how often?
Ms. Thompson. Our proposed regulation will address that. It
is supposed to be updated with any material changes within 30
days. The difficulty, of course, is that, as Mr. Morris and Ms.
Aronovitz have talked about, if we find that the information is
not updated, what is our response? Sometimes what a physician
might say is, well, I just forgot to update the information. It
was an oversight on my part. Here is the updated information.
Mr. Burr. Don't physicians who participate in Medicare as
well get an annual notification?
Ms. Thompson. No. But that is one of the issues that we are
addressing in our proposed rule. How frequently should we go
back, even if we haven't heard--No. 1, a provider, a supplier
physician should be updating their information on an ongoing
basis. But how often should we ourselves go back and ask them
to recertify to what we have currently in our data base?
Physician groups basically don't think that we need to go back
to them very frequently. They believe that physicians will
update it and fulfill their responsibilities as required.
There may be some higher risk versus lower risk kinds of
groups where we want to go back to some folks more frequently
than other folks. Maybe you could postulate, for example, that
a hospital, a large hospital, would be more apt to keep their
information updated, or perhaps even have fewer changes, than
some other kinds of providers or suppliers or physicians. But
we do believe that we have to have a sort of reasonable process
to go back to people where we haven't heard from them over some
period of time and make sure----
Mr. Burr. We might go back to physicians more frequently
that use third-party billing as a way to reimburse.
Ms. Thompson. Yes.
Mr. Burr. But we wouldn't know which ones use third-party
billing today, would we?
Ms. Thompson. In our enrollment form that we instituted in
1996, it contained a space for completing information on third-
party billers. When we go back and do our enrollment clean-up
process, we will be getting that information from everyone. I
think that is an excellent idea.
One of the things we are looking at is, what are some of
the risk triggers or categories that would make us want to go
back more frequently to certain providers than others, knowing
that we don't necessarily want to go back to 1 million
different providers every 6 months or every year to ask them to
update their information. Maybe the presence of a third-party
biller is sort of an additional risk factor that could trigger
more frequent requests for updated certifications.
Mr. Burr. I don't want to put words in your mouth, but did
you just tell me you are interested in knowing who the third-
party billers are?
Ms. Thompson. Yes. We are collecting that information now
and collecting that going forward. That is a different question
than whether or not you want to register or set standards for
third-party billers.
Mr. Burr. Our debate is over how we want to know who they
are.
Ms. Thompson. Right. And how much information we should
collect to know who they are. Right now, we collect information
on a company name and address and contact name. We don't
collect as we do on providers' and owners', Social Security
numbers.
Mr. Burr. You have that on how many third-party billers?
Ms. Thompson. We have that on all providers that have come
into our system since the institution of the new form, which is
since 1996. That is about 15 percent of the providers that we
do business with now.
Mr. Burr. That is how many?
Ms. Thompson. 150,000.
Ms. Aronovitz. 150,000.
Mr. Morris. The only drawback or challenge to that approach
is all you have to do is put down the name of a third-party
billing company. You can create a name of a third-party billing
company as quickly as getting lunch. Handle With Care could be
Handle with Diligence overnight. All of a sudden we have two
different billing companies. Well, no, we don't. We have one
billing company with two names.
So, one of the things that it speaks to having a unique
identifier, similar to physicians, is to say if you are going
to be in business, you are going to have, like an employment
identification number, a single number that identifies you,
regardless of what you call yourself, so we can then match data
based on a common element. Whereas, if you are free to put down
whatever the company chooses to call itself this week, you have
got a data field completed, but it tells you nothing about the
commonality of that named party to others that, in this case,
scam artists have set up.
The Handle With Care case demonstrates that once the two
scam artists parted ways, two sisters in this case, they set up
two different companies with two different names. Neither of
those names presumably would have had any linkage to the first
company name. So having a field that gives you just a name
isn't requesting to help you try to figure out where there is
commonality in the third-party billing companies.
Mr. Burr. Does the fact that they are registered, with no
degree of confidence as to who they are, bring credibility in
any way to their operation?
Mr. Morris. The mere fact of registering?
Mr. Burr. Yes.
Mr. Morris. I guess you would have to ask what are you
registering.
Mr. Burr. What are they registering?
Mr. Morris. Well, that is the question. Right now, I think
the answer is nothing. For the third-party billing company,
nothing is registered. So the provider, the physician, will
say, ``When I filled out this form, the name of the company
that I did my third-party billing through was X. I made no
representations about who it is, what they do, what their skill
levels are, or who their head is and whether he or she----''
Mr. Burr. So from a standpoint of an investigative agency,
what is that worth to you?
Mr. Morris. If you are focusing on intent to defraud, not
much.
Mr. Burr. Let me go back to Special Agent Lack. I don't
want to take anything away from your investigative skills----
Mr. Lack. Sure.
Mr. Burr. [continuing] but the connection that was made
between these two companies, as I understand it, was the result
of more than one agent getting together, agents working on
different cases----
Mr. Lack. Right.
Mr. Burr. [continuing] and through the exchange of what
each was doing, a light bulb went off and said this is all
connected.
Mr. Lack. Correct. It was the name of one of the sisters.
When we had this conference call, I threw out the name, and the
others said, ``That is the owner of mine. That is the owner of
mine. That is the owner of mine.'' That is what tied it
together as a national problem.
Mr. Morris. Coincidence.
Mr. Burr. I didn't want to use that.
Mr. Lack. I got the case as an individual case. As a matter
of fact, when the nursing home in question found out about it,
they went to their legal counsel; and their legal counsel said,
``You've got to be careful, because they might hold you
responsible. Send a check for the overpayment.'' This nursing
home, to their credit, agreed with that and called us up. I got
there, and, sure enough, those claims were false. They said,
this company told us they are out at a lot of different places.
We don't know how many.
If I had been able to go to a data base and pull up that
number, I would have found Massachusetts, Florida, Ohio, and we
could have immediately pulled it altogether. But it wasn't
until 2 years later that we knew the full extent. We knew when
we had that conference call we had maybe four or five nursing
homes. We didn't realize the extent was 70 nursing homes, and
this all occurred in the space of 10 months. She went from No.
1 to number 70 in 10 months.
Mr. Burr. Ms. Thompson, whose responsibility was it to have
caught this?
Ms. Thompson. I think there is some shared
responsibilities. I mean, I think the program itself has
significant responsibility in analyzing the claims that it
receives to make sure they are--there is no doubt we consider
that to be our responsibility and our job.
I think the nursing homes have responsibility for knowing
what has been submitted on their behalf. I think that they had
some responsibility for perhaps not being as tempted as perhaps
they were for the idea that there was some easy money that was
going to require no outlays on their part and that magically
some money would show up and it would be good money they were
entitled to and they decided to take that money and not ask any
questions. So I think there is also some responsibility on the
nursing home.
Of course, ultimately, the actual, ultimate accountability
lies with the people themselves who decide the way to make some
money and be successful in life is to defraud the program.
Mr. Burr. Let me be more specific in how I can ask the
question. Where should we have detected it, if it isn't in
Special Agent Lack's investigation?
Ms. Thompson. I think that we probably should have detected
it if we had had some more information on the commonality
amongst the claims themselves.
One of the best ways that we use to detect potential fraud
or payment errors is by aggregating claims and making
comparison among different kinds of sets of claims. For
example, if you can look at various kinds of physician
specialists, for example, and you can see that in a certain
community every physician specialist has a kind of bell curve
in their billings, some high coded, some lower----
Mr. Burr. Does that happen at the Medicare carrier level or
at HCFA?
Ms. Thompson. It happens at the contractor level. But it is
under our direction, and we tell them the kinds of things that
we want them to do, and we give them the resources.
Mr. Burr. Are there contractors sitting in on these
discussions as to how we close this hole?
Ms. Thompson. Yes. We discuss with our contractors on an
ongoing basis issues of importance to us and how to address
potential program vulnerabilities.
Mr. Burr. Let me just stipulate, there is a huge difference
between a discussion and an inclusion. If you see the Medicare
carrier as the point that we should be catching, detecting,
some improprieties, then they should play a substantive role in
the design of what it is we are trying to institute to close
that. Are they playing such a role?
Ms. Thompson. I would characterize it, yes, as a
substantive role. We do look to them to help us understand what
it is they are seeing as they conduct these activities. But we
are also aware that we are the ones that have the
responsibility and the contractors have the responsibility to
implement our instructions. So, ultimately, we have to be the
decisionmakers about where we want to place resources and what
expectations we want to place on what we want our contractors
to do. We can't, again, delegate that responsibility to the
contractors and say, well, this contractor did a good job, this
contractor did a bad job, and it is all the contractors. We
have to take that responsibility ourselves.
Mr. Burr. I don't think the intent of this oversight
hearing was to reach conclusions today. I think it was clearly
to make sure that we provided the correct amount of stimulus so
that we could reach some type of conclusion.
Mr. Hast, I want to apologize to you, because we have
neglected you at that end of the table. Let me also make the
assurance that from a standpoint of an oversight investigative
committee, that is a good thing.
I want to take this opportunity to thank each of you for
your willingness and openness to discuss this particular issue.
The lack of involvement by all of the members of the
subcommittee is not a lack of interest in the challenge that we
have got before us in finding a solution to this, it is more
indicative of its schedule today and the fact that they are
probably also trying to book some flights for tonight since we
weren't expected to leave.
Let me extend to anybody that would like to, if there is
any follow-up comments that you would like to make, anybody
that would like to make additional comments? Mr. Burleigh?
Mr. Burleigh. Well, once again, we very much appreciate
becoming part of this hearing and having the opportunity to
contribute to this process. The vast majority--we think 99
percent of, at least, the members of our Association and more
billers who may not yet be members are honest and improve the
system, and we want to make sure that any changes that are made
continue to contribute to strengthening the system and provide
a practical solution to these very appropriate concerns that
the committee is investigating.
Mr. Burr. As do we. Any other members?
Let me once again thank you and say to you, Mr. Morris,
with your comment relative to the incentive that we create on a
percentage billing, it has made me also think about my choice
of tax preparers and wondering, had somebody been out there and
said, you know, I will set your cost based upon how much I save
you over last year, I wonder what my reaction would be.
Clearly, it would get my attention. Whether it would get a
business relation between the two of us, probably as a Member
of Congress, it wouldn't. As a member of the private sector, it
probably would have an influence on who I chose. I might on the
back end be a little more prudent at my review of what they
came up with, which I think is something that Mr. Bryant
expressed about your members and consequently the physicians
that contract with them.
But, clearly, there are some ways that we can set it up or
that could be allowed to be set up that create incentives for
people to cheat. Health care is the largest challenge that we
will deal with for the next decade, and the primary piece of
that will be how we pay for it. The work that each one of you
has before you will play a very important role in how long or
whether in the future we can continue to afford what it is we
have in this country. I thank you for your commitment.
This hearing is now adjourned.
[Whereupon, at 12:15 p.m., the subcommittee was adjourned.]
[Additional material submitted for the record follows:]
U.S. House of Representatives
Committee on Commerce
March 14, 2000
Ms. Penny Thompson
Director
Program Integrity Group
Health Care Financing Administration
7500 Security Blvd.
Baltimore, MD 21244
Dear Ms. Thompson: I am writing to ascertain what actions the
Health Care Financing Administration (HCFA) has taken to respond to the
problems associated with third party billing companies, which were
identified in a June 2, 1999 General Accounting Office (GAO) letter.
The Committee on Commerce is very concerned about possible misconduct
by third party billing companies, which may result in the loss of
millions of Medicare program dollars due to undetected fraud and abuse.
As part of the Committee's ongoing efforts to assess the efforts of
HCFA to combat fraud and abuse within the Medicare program, I wish to
learn what specific steps have been taken to insure that scarce
Medicare dollars are not being wasted due to fraud committed by third
party billing companies.
As you know, acts of fraud committed by third party billing
companies are an insidious form of health care fraud which is, by many
accounts, particularly difficult to detect. It has been estimated that
there are currently over five thousand third party billing companies
currently operating in the United States, which prepare and submit
claims on behalf of health care providers to Medicare, Medicaid and
other health insurers. In doing so, they provide a valuable service to
many doctors and other health care providers, by freeing them from the
sometimes onerous administrative requirements of submitting claims for
the health care services they provide. However as third party billing
companies often have wide access to the billing information of multiple
health care providers and many of the patients they treat, unscrupulous
individuals operating such companies are uniquely situated to be able
to submit fraudulent medical claims.
Given the threat that such activities could pose, the Committee was
particularly disturbed to learn of GAO's findings regarding this issue.
The GAO determined that HCFA and its Medicare contractors are unable to
determine, when Medicare claims are submitted in a paper format,
whether the claim was prepared by a third party billing company. In
addition, where claims are submitted electronically, Medicare
contractors are still not always able to identify claims submitted by
third party billing companies. For the overwhelming majority of
providers, HCFA has not sought information about whether they utilize
third party billing companies to prepare and submit their claims, nor
has HCFA made any effort to gather information about the third party
billing companies themselves.
Such a lack of basic safeguards provides an open invitation for
fraud. Further, according to the GAO, HCFA has taken only limited steps
to address this problem. Since 1996, HCFA's new provider enrollment
form has required these new providers to identify which third party
billing company, if any, that they will use to prepare their claims.
This change has no impact, however, on the 96% of all Medicare
providers who enrolled in the program prior to 1996. In addition to
modifying the enrollment form, HCFA is also developing a new automated
database system, to provide Medicare contractors with provider
enrollment data. It has been reported that this data will include the
identity of any reported third party billing company used by that
provider. This database, the Provider Enrollment Chain and Ownership
System (PECOS), will depend upon the information submitted by
providers, who often fail to report when they change billing services.
These changes, while individually possessing some merit, fail to
address the systemic problems associated with third party billing
company fraud. It is imperative that HCFA and its contractors be able
to immediately identify all claims submitted by a third party billing
company, whether such claims are submitted electronically or in paper
format. Additionally, HCFAs should at least obtain basic background
information on all persons who are submitting Medicare claims. Failure
to do so needlessly exposes the Medicare program to additional risks of
fraud and abuse.
In order for the Committee to better assess HCFA's response to this
emerging problem, we request pursuant to Rules X and XI of the U.S.
House of Representatives, that you provide the following information no
later than March 30, 2000.
1. Please identify what actions have been taken to date to enable HCFA
and its contractors to identify all paper claims prepared and
submitted by third party billing companies. In your answer,
please also separately identify all actions that HCFA
prospectively plans to take relating to this issue, including
the specific type of action planned and when such action will
occur.
2. Please identify what actions have been taken to date to enable HCFA
and its contractors to identify all electronic claims prepared
and submitted by third party billing companies. In your answer,
please also separately identify all actions that HCFA
prospectively plans to take relating to this issue, including
the specific type of action planned and when such action will
occur.
3. Please identify what actions have been taken to date to gather basic
background information relating to third party billing
companies. In your answer, please also separately identify all
actions that HCFA prospectively plans to take relating to this
issue, including the specific type of action planned and when
such action will occur.
4. Please analyze all actions taken to date by HCFA and its contractors
relating to third party billing companies and provide to the
Committee your assessment of whether these actions have
sufficiently addressed the concerns raised in the June 2, 1999
GAO letter and thereby minimized the risk of third party
billing company fraud.
5. Please identify when the regulation requiring all Medicare providers
to complete a new enrollment form, which will identify any
third party billing companies they utilize, will be completed.
6. Please specifically identify when the PECOS system will be made
available to Medicare fiscal intermediaries and carriers.
7. Please provide to the Committee your assessment of whether these
additional actions, along with any others HCFA may be planning,
sufficiently address the concerns raised in the July 2, 1999
GAO letter and thereby minimize the risk of third party billing
company fraud.
If you should have any questions relating to this request, please
contact Charles M. Clapton, Committee Counsel at 226-2424. We
appreciate your cooperation in this matter.
Sincerely,
Tom Bliley
Chairman
______
Department of Health and Human Services
Health Care Financing Administration
March 30, 2000
The Honorable Tom Bliley
Chairman
Committee on Commerce
U.S. House of Representatives
Washington, DC 20515-6115
Dear Chairman Bliley: Thank you for your letter of March 14, 2000,
asking about our activities with respect to third party billing
companies and issues raised by the U.S. General Accounting Office in a
June 2, 1999 letter on this subject. We appreciate your interest in
this important subject and for giving us the opportunity to express our
views.
Third party billing companies who operate ethically can provide a
great service to providers, suppliers and physicians who seek out their
expertise and help in submitting claims that are consistent with
Medicare laws and regulations. However, unethical third party billing
practices pose a significant threat to Medicare's program integrity.
Our efforts to review third party billing arrangements have led to an
increase in the number of third party billing contracts that are in
compliance with existing laws and regulations. Though our ability to
monitor third party billing practices is now limited, we are working to
strengthen the available safeguards to better protect the Medicare
Trust Fund from waste, fraud and abuse. We intend to ask for public
comments on how to strengthen our oversight of third party billing
entities in the proposed provider enrollment regulation that we
anticipate issuing this spring. And we look forward to working further
with you, as well as our colleagues at the General Accounting Office
and HHS Inspector General to address this important issue.
Our efforts involving third party billing practices represent one
part of our overall strategy to protect the integrity of Medicare today
and for the future. We continue to work to ensure that providers are
paid appropriately while we protect beneficiaries and taxpayers from
improper payments caused by both honest errors and unscrupulous
activity. Our efforts to date have shown real results. As you know,
Medicare has reduced its improper payment rate sharply from 14 percent
four years ago to less than 8 percent last year, and we are committed
to achieving further reductions in the future.
General Background
As you know, we consider our provider enrollment function central
to our program integrity activities. In fact, we focused on provider
integrity and enrollment functions in our comprehensive plan for
program integrity, which we released last year. Since then, we have
accomplished a number of important tasks which have strengthened the
Medicare program by ensuring that only qualified entities enter the
program and have billing privileges. For example, we have implemented:
New standards for testing facilities. Because of evidence of
widespread problems in enrolling qualified entities to perform
physiological testing, we implemented new standards for
supervisory physicians, technicians and equipment. We required
all entities previously enrolled as independent physiological
laboratories (IPLs) to reenroll in the program and establish
their qualifications to meet the new, enhanced standards as
independent diagnostic testing facilities. We verified their
status through site visits. Hundreds of IPLs did not even
submit new applications or failed their assessments, and are
now off our rolls. As a result, we now have much better
assurance that the entities doing business with us are
legitimate, qualified health care suppliers.
New scrutiny of Community Mental Health Centers. Likewise, we
have stepped up our scrutiny of CMHC applicants as part of our
10-point plan for addressing vulnerabilities in this area. We
now conduct site visits to all new applicants to verify the
representations made in their applications and ensure that they
are qualified to enter the program. We have also moved to
terminate noncompliant providers, beginning with the most
egregious providers, and have clarified to our regional offices
and to state survey agencies the statutory and regulatory
requirements applicable for participation in the Medicare
program.
Continued vigilance over durable medical equipment supplies.
We have continued to fund the work of the National Supplier
Clearinghouse, which conducts site visits for suppliers. In
fiscal year 1999, the NSC completed over 22,000 site visits on
new and reenrolling suppliers, resulting in 227 denials of
initial applications and 2,848 revocations of existing numbers.
Work on new regulations and national database. We plan to
issue this spring a proposed rule on provider enrollment, and
are currently developing a national database including
extensive information on providers as they enroll in our
program. Once the proposed rule is finalized, we will begin an
``enrollment clean up'' process. As part of this process, we
will go back to providers, suppliers and physicians now billing
the program and require them to confirm and update their
information, including information on third party billing
companies they use. Providers and suppliers will be required to
periodically update this information, and inform us of any
changes to their billing agreements. Information collected will
be entered in our new enrollment system, known as the Provider
Enrollment, Chain and Ownership System (PECOS). PECOS is
integral to our enrollment approach, because it will be a
central source of provider/supplier enrollment information. In
addition, to chain ownership and related organization
information, it will include information on providers' billing
arrangements and any reassignment of benefits. The chain
organization/related organization information is essential,
because it allows contractors to identify when a provider or
supplier is part of a larger organization, and to view the
entire line of business. PECOS will also allow a local
contractor to view national data about an individual or entity
rather than simply the data that appears on a local provider
file. PECOS will also identify provider/suppliers who have been
denied privileges, or subject to revocations or exclusions.
Third Party Billing Companies
Your letter specifically asks about third party billing companies,
our efforts to identify them as claims are submitted or as providers
are enrolled, and the risks and vulnerabilities we see.
Health care providers look to billing companies to assist them in
processing claims in accordance with applicable statutes and
regulations, and many claims received by Medicare, Medicaid and private
insurance companies involve such companies.
Third party billing companies can take on many different forms,
structures, operations, functions and relationships with providers.
Billing companies vary significantly in both the size and reach of
their organizations and functions, from small ``mom and pop''
organizations who only facilitate the electronic submission of claims
to large business organizations providing coding, claims submission and
consulting services. They can be employed by providers, suppliers and
physicians to manage the ``business end'' of the practice or simply to
format claims for submission to insurance companies. As the U.S.
Department of Health and Human Services Office of Inspector General
noted,
At this juncture, it is important to note the tremendous
variation among billing companies in terms of the types of
services and the manner in which these services are provided to
their respective clients. For example, some billing companies
code the bills for their provider clients, while others only
process bills that have already been coded by the provider.
Some billing companies offer a spectrum of management services,
including accounts receivable management and bad debt
collections, while others offer only one or none of these
services. (HHS OIG, ``Compliance Program Guidance for Third-
Party Medical Billing Companies.)
Medicare contractors review billing agreements when Medicare
payments are made to a billing agent rather than a provider. However,
when billing companies assist in preparing-bills or coding, but do not
actually receive payment, as a general rule, they are not regulated.
Yet, it is absolutely true that the Medicare program can be
inordinately harmed by the poor business practices or unethical or even
illegal behavior of such companies, even though the program does not
have a direct business relationship with those entities or regulate
them in any fashion. If a billing company engages in behavior that
gives rise to false claims, however, they can be held accountable under
the False Claims Act.
For example, On September 27, 1999, the United States, through the
Department of Justice, HHS, TRICARE, and OPM, as well as 28 individual
states, entered into a Settlement Agreement with Medical Consultants,
Inc., d/b/a Emergency Physicians Billing Service (``EPBS'') and J.D.
McKean, Jr., M.D. (``McKean''). EPBS provided billing and coding
services to emergency physician practice groups and was owned and
operated by McKean.
Emergency Physicians Billing Service (``EPBS'') and its owner, Jack
McKean, were the subjects of a qui tam lawsuit. The lawsuit alleged
that the parties engaged in deceptive practices resulting in
significant Medicare, Medicaid, and CHAMPUS overpayments. The
allegations of fraud have now been confirmed by a Federal Judge in
Oklahoma City, Oklahoma. On August 10, 1998, EPBS and Mr. McKean were
found liable for the submission of false claims to various federal and
state health insurance programs.
EPBS and McKean were found liable for upcoding emergency room
services, reassignment violations, and misrepresentations on Medicare
enrollment applications. EPBS promised its clients it would increase
their reimbursements by a range of 10-25 percent and was able to
deliver on this promise by upcoding emergency services to higher
complexity levels than were provided. Nearly all of EPBS' clients saw
increased billings in the range of 10-25 percent as a result of EPBS'
services.
As part of the settlement McKean and EPBS have agreed to pay $15.5
million to resolve their civil and administrative liabilities arising
out of the allegations in the qui tam lawsuit. In addition, McKean is
being excluded for 15 years from participation in the Federal health
care programs, and EPBS has entered into a comprehensive Corporate
Integrity Agreement with the OIG. In addition to the settlement with
EPBS and McKean, the United States is currently negotiating additional
settlements with approximately 25 emergency physician groups which were
clients of EPBS.
This case was developed by the FBI and HHS OIG, with assistance
provided by various Medicare contractors. HCFA and staff from five
Medicare contractors participated in the EPBS investigation, performing
data analysis directed at detecting the improper billing, suspending
Medicare payment and the calculation of the losses (overpayment) to the
Trust Fund. One such contractor employee received a commendation for
their exemplary performance during the investigation from the
Department of Justice's Assistant U.S. Attorney responsible for the
case.
This case served as a national example for improper billing
perpetrated by third party billers and was presented at the Department
of Justice's quarterly Health Care Fraud Working Group meeting in
February 2000. This working group consists of federal staff from law
enforcement agencies, U.S. Attorney's offices, HCFA, Medicaid State law
enforcement offices, and Medicare contractors' anti-fraud units.
As this case demonstrates, unethical third party billing companies
can cause significant damage to the Medicare program.
At the same time, there are challenges and costs involved in
stricter oversight of third party billing companies. In addition to the
simple resource costs of collecting additional information on
companies, changing electronic claims submission standards, setting and
enforcing regulatory standards, overseeing private contracts, and other
possible risk mitigation strategies, there may be unintended
consequences and marketplace responses that should be carefully
assessed and considered.
You asked us to identify actions taken or planned to enable HCFA to
identify all paper claims and electronic claims submitted by third
party billers.
Ninety-seven percent of claims submitted to intermediaries are
submitted electronically and 81% of claims submitted to carriers are
submitted electronically.
For electronic claims, we can differentiate whether the claim was
sent by a third party agent or directly by a provider. Each of the
electronic claims formats we support for Medicare (UB-92 flat file for
institutional claims, National Standard format for professional claims,
and the X12.837 format for professional and institutional claims) have
fields that separately identify the submitter and the provider of the
care being billed. A comparison of these fields would clearly indicate
when the submitter was other than the provider.
However, this identifying information goes to the submitter only,
and may not contain a ``history'' of all entities who may have
contributed to the claims data or information. For example, if a third
party billing company coded the claim and sent it to a clearinghouse
which formatted the claim for electronic submission to the Medicare
program, only the clearinghouse information might be obtainable from
the claim.
Paper claims include an item for ``source'' or ``preparer''
information.
We believe the new provider enrollment regulations, the enrollment
clean-up initiative, and our PECOS database will gather information on
third-party billing companies, identify such companies for contractors,
and provide significant protections for beneficiaries and taxpayers.
You asked us to identify actions taken to date and those planned to
gather basic background information relating to third party billing
companies, and to analyze all actions taken to date by HCFA and its
contractors relating to third party billing companies. You further
asked whether those actions, taken and planned, have addressed the
issues raised by the GAO's June 2, 1999 letter and minimized the risk
of third party billing company fraud.
Presently the HCFA provider enrollment process collects some
information about third party billers for new fee for service
providers. The current form collects the name of the billing agency/
management service organization, the employer identification number, a
contact name, the business street address, telephone and fax numbers.
Contractors review billing agent agreements when they involve agents
who negotiate checks payable to the provider, supplier or physician.
Current law prescribes who may be paid by the Medicare program for
services provided to Medicare beneficiaries, generally stipulating that
payment must be made to the individual performing such services, or
their employer, facility, or plan. However, the statute also provides
for payment to be made to agents under assignment ``if (but only if)
such agent does so pursuant to an agency agreement under which the
compensation to be paid to the agent for services for or in connection
with the billing or collection of payments due . . . is unrelated
(directly or indirectly) to the amount of such payments or the billings
. . . (42 U.S.C. 1395g.) Under regulations we established at 42 CFR
424.73 implementing the statute, payments to an agent who furnishes
billing and collection services to a provider may be made if:
the agent receives the payment under an agreement;
the agent's compensation is not related in any way to the
dollar amounts billed or collected;
the agent's compensation is not dependent on the actual
collection of payment;
the agent acts under payment disposition instructions that the
provider may modify or revoke at any time; and
the agent, in receiving the payment, acts only on behalf of
the provider.
Our instructions to Medicare contractors reiterate these
requirements, explaining that ``the primary purpose . . . is to permit
computer and other billing services to claim and receive Medicare
payment in the name of a physician (or other supplier or eligible
party). The conditions for payment are designed to ensure that the
billing agent has no financial interest in how much is billed or
collected and is not acting on behalf of someone who has such an
interest, other than the physician himself/herself.'' (Medicare
Carriers Manual 3060.10.)
Medicare contractors' review of billing agreements has led to an
increasing number of such agreements coming into compliance with the
statute and regulations. As the health care and billing community has
become more aware of these requirements and our enforcement of them, we
see more contracts expressly containing language supporting our
requirements. However, thorough assurance of compliance with these
requirements is hampered by:
the resource intensive process for review of sometimes lengthy
and complicated legal documents;
the capacity of Medicare contractors to accurately and fully
understand such documents;
the variability in the nature and scope of agreements,
depending on the size of the third party billing company and
the services they perform;
the complicated corporate structure reflected in such
agreements, where it is not unusual to find a number of
subcontractors involved in various functions;
lack of sanctions or intermediate penalties for failure to
update the Medicare program when such agreements change or
arrangements are altered;
the limited number of providers, suppliers, or physicians who
have been required to submit such information (only those who
have newly enrolled in the program since implementation of the
new national enrollment form in 1996).
Furthermore, until implementation of our enrollment ``clean-up''
process, a major undertaking, and the availability of PECOS to all
contractors, consistent information on third party billers will not be
available for easy search and retrieval. Even then, significant
limitations remain (in addition to the first five points identified
above, which are not solved by PECOS or enrollment clean up), such as
our limited ability to identify common ownership or to ``link''
agencies which might operate in different jurisdictions, the absence of
regulation of such entities to ensure adherence to professional
standards, or our lack of information on third party billers who do not
negotiate checks or submit claims directly to the program. These
information or programmatic gaps are not easily solved. We continue to
consider to what extent direct Federal regulatory action should be
taken to address these issues.
In our proposed rule to be issued this spring, we will be
soliciting comments on the question of whether we should register third
party billing agents, and/or set standards for them. Such an approach
could significantly strengthen our protection of the Medicare program
and address some of the problems cited above. However, there are also
significant challenges and costs to be carefully weighed and
considered. We discuss these in more detail in response to your last
question.
We continue to train Medicare contractor fraud units in
identification and analysis of third party billing company fraud.
Medicare contractors have also received specific training to combat
this problem. During fiscal year 1999, HCFA sponsored Benefit Integrity
Training Conferences at which contractor staff were provided with
detailed explanations on appropriate billing arrangements and examples
of inappropriate arrangements. HCFA is also planning additional
contractor training during this year's Benefit Integrity training
conferences. This year's training session will focus on the improper
billing perpetrated by Emergency Physicians Billing Service and J.D.
McKean Jr., M.D.
You asked when regulations requiring all Medicare providers to
complete a new enrollment form will be completed. We expect to publish
a proposed rule this spring.
You asked when the PECOS system will be made available to Medicare
fiscal intermediaries and carriers. Our current schedule calls for
PECOS to be running for fiscal intermediaries this summer, with
carriers following in January 2002.
You asked us to provide an assessment of whether our actions, taken
and planned as a whole, will address the GAO's concerns and minimize
the risk of third party billing company fraud.
While we believe that our ``enrollment clean up'' and PECOS
implementation will address a number of vulnerabilities, we believe
that additional threats may remain. We continue to consider how to best
to respond to risks posed by third party billing companies while not
impeding the activities of ethical companies, in light of the
substantial assistance they can provide to providers in submitting
proper claims. Among the questions we are considering are:
Should HCFA register billing companies, and/or set standards
for them? As noted above, we plan to pose this question in our
proposed rule this spring.
Would HCFA need additional legislative authority to do so?
Should such standards apply only to entities who actually
submit claims on behalf of providers?
Should such standards apply only to entities who actually
submit claims and receive negotiated checks on behalf of
providers?
Should such standards apply to all entities who might advise,
consult, prepare, support, staff, or otherwise influence the
selection of codes and claims to be submitted to the Medicare
program?
How should such standards reflect the diversity in capability,
organization, mission, functions, and relationships in the
industry?
How would HCFA enforce such standards?
What staffing and skill set needs would HCFA require in order
to ensure billing companies met standards and agreements were
properly executed?
How should claims properly reflect the preparer's identifying
information? What if there are multiple preparers or
submitters?
To what extent would providers, suppliers, and physicians
support HCFA regulation of their business contracts and
partners?
To what extent is surveillance and assessment of billing
patterns a better approach to ensure compliance than
registration or standard setting?
What information would be needed to accurately group claims
handled by a common third party billing company?
If Medicare were to regulate business arrangements with third
party billing companies, what impact would such regulation have
on the private sector and the arrangements between providers
and third party billers in submitting claims to private
insurance companies? Overall, would those effects be positive
or negative?
We look forward to working closely with your Committee and the
Congress as we consider this important topic. We hope the information
and analysis we have supplied is useful. Please feel free to contact me
should you have any questions or wish to discuss our responses further.
Sincerely,
Penny Thompson
Director, Program Integrity Group
cc: The Honorable John D. Dingell
�