New HHS CIA claims review procedures

Here are the seven items outlined by the Health and Human Services’ (HHS) Inspector General designed to gauge the need for corporate integrity agreements (CIA):

1. Discovery sample of 50 randomly selected paid claims from each relevant universe of claims. The internal review organization (IRO) or internal audit staff will conduct the discovery sample, depending on circumstances and terms of the CIA.

2. Random OIG validations of a small percentage of CIA providers’ discovery samples.

3. If the net financial error rate of discovery sample is below 5% (the reportable error rate), the provider is not required to do any further audit work under the CIA for that year. Results are reported to OIG, and any identified overpayments are refunded in accordance with payer policies.

4. If the financial error rate attributable to net overpayments is 5% or more than the reimbursement received for all the sampled claims, the provider must engage an IRO to conduct a statisically valid random sample (SVRS) for that same time period.

The provider may use the discovery sample as its probe sample. In the OIG’s discretion, under certain circumstances, the OIG may allow the provider to internally conduct the review without an IRO.

5. The provider must repay identified overpayments in the sample in accordance with payer policies.

6. Concurrent with the SVRS, the provider will conduct a systems review related to the errors identified in the discovery sample.

7. The OIG may formally refer the results of the SVRS and systems review to the Medicare contractor for appropriate follow-up by CMS and its contractors.

Here are the criteria the HHS Inspector General will use to gauge the need for CIAs:

  1. Whether the provider self-disclosed the alleged misconduct;
  2. The monetary damage to the federal health care programs;
  3. Whether the case involves successor liability;
  4. Whether the provider still is participating in the federal health care programs or in the line of business that gave rise to the fraudulent conduct;
  5. Whether the alleged conduct is capable of repetition;
  6. The age of the conduct;
  7. Whether the provider has an effective compliance program and would agree to limited compliance or integrity measures and would annually certify such compliance to the OIG;
  8. Other circumstances, as appropriate.