welcome to the "medicaid provider enrollment requirements" presentation. the passage of the affordable care act in 2010 led to many changes in the health care system. these changes include new requirements for enrolling in medicaid and the children's health insurance program (chip) or continuing
to participate in the programs after enrollment. to reduce opportunities for fraud, waste, and abuse, the centers for medicare & medicaid services (cms) adopted rules under the affordable care act that require more detailed information from fee-for-service (ffs) providers and require state medicaid agencies (smas) to perform checks to
verify their eligibility to participate. providers that want to enroll in ffs medicaid or chip programs or continue to participate in either program will benefit from learning about these changes. smas that want to keep fraudulent providers out of their programs will also benefit from learning about these changes and
how to implement them. the purpose of this presentation is to educate providers and smas on the requirements to enroll in the ffs medicaid program and chip, the enrollment process, and the benefits of the new requirements. references to the sma include reference to the state chip agency.
let's review the objectives of the presentation. the affordable care act and the federal regulations implementing it put many new enrollment requirements in place. at the end of this presentation the learner should be able to: identify the responsibilities
of the sma during the provider enrollment process. recall the provider categorical risk levels. identify the new requirements that apply to all providers enrolling in the ffs medicaid program or chip. recall which providers are required to submit fingerprints. recall the types of providers on
which smas must perform criminal background checks, and identify what a provider's rights are if medicaid or chip enrollment is denied or terminated. this presentation discusses many requirements that providers seeking to enroll in medicaid or chip are required to meet.
let's review some of the vulnerabilities that the new requirements attempt to address. since 2003, the u.s. government accountability office (gao) has designated the medicaid program as one of the government operations at high risk, vulnerable to fraud, waste, and abuse. gao estimated that in fiscal year (fy)
2014 the amount of improper payments medicaid made for ineligible persons or to providers for services not furnished was $17.5 billion. the law defines an improper payment as "any payment that should not have been made or that was made in an incorrect amount (including overpayments and underpayments) under statutory,
contractual, administrative, or other legally applicable requirements." one way to prevent improper payments is to prevent the enrollment of providers who appear likely to obtain or seek to obtain such payments. the affordable care act sought to prevent the enrollment of such providers by making a number of changes in the
medicaid program's enrollment requirements. before considering these changes, let's first look at enrollment provisions that have been in effect since before the affordable care act. before the affordable care act, providers were required to sign an enrollment agreement with the sma and to disclose certain pertinent information
about ownership and control. this information includes ownership of significant subcontractors and significant business transactions with any subcontractor or wholly owned supplier. additionally, the regulations required, and still require, all providers, other than individual practitioners or
groups of practitioners, to disclose: names and addresses of all individuals or entities with an ownership or control interest in the provider business, or that have authority to act as an agent for the provider. the identity of any managing employee, including name, address, date of birth (dob),
social security number (ssn), and certain business transactions with subcontractors and wholly owned suppliers. some states consulted databases to verify ownership and identity, but there was no uniform verification requirement or requirement to check specific databases. as noted by the u.s.
department of health and human services, office of inspector general (hhs-oig) in a 2010 report, it was not uncommon for enrolling providers to furnish false information, or omit information, about ownership. regulations also required, and still require, providers to disclose program- related criminal convictions of any
person with ownership or control interests or who was a manager or agent. cms defines an agent as "any person who has been delegated the authority to obligate or act on behalf of a provider." although providers were required to disclose convictions, federal law did not require criminal background checks
to ensure the enrolling provider had not concealed a conviction. some states attempted to verify criminal convictions by conducting background checks, but they only checked their own databases, thus missing convictions from other states. smas were not required to verify that providers of a type that required a
license had an unrestricted license. some states verified the existence of licenses but did not check for license restrictions. in addition to the difficulty some smas had with collecting or verifying required information, the lack of any requirement for providers to submit other important information, also affected program integrity.
examples of such other information include: ownership and control information on fiscal agents, managing employees, and family members. dob and ssn for individuals, and tax identification number and the address of every business location, that's for corporations. in addition, as noted by hhs-oig in 2010,
enrollment integrity was hampered because federal law did not require site visits or periodic provider re-enrollment, or restrict the enrollment of problematic provider types. because of these and other problems, unscrupulous providers were too easily able to enroll in the program and commit fraud.
let's look at some examples of fraudulent enrollment before the affordable care act and the consequences for medicaid. cases of fraudulent enrollment that occurred before congress passed the affordable care act illustrate the vulnerabilities that the affordable care act seeks to address. in one case,
a massachusetts dentist was convicted in 1997 for submitting false health care claims. in 1998, hhs-oig excluded him from the massachusetts medicaid program. he also lost his license. nonetheless, in 2008 he and one of his employees applied to enroll several dental clinics in connecticut's medicaid program.
the applications did not disclose the excluded dentist's control interest in the clinics or his disciplinary history. the excluded dentist received millions of dollars in improper medicaid payments through the clinics. after pleading guilty in 2013 to health care fraud, he was sentenced to eight years in prison and
ordered to pay more than $10 million in fines and restitution. this dentist stole from medicaid not just once, but twice. the massachusetts case illustrates the benefits of the affordable care act's new enrollment requirements in several ways. if the sma had confirmed
the identity and determined the exclusion status of all persons with an ownership interest in the clinics through a routine check of federal databases, as required by the affordable care act, it may have detected the involvement of the excluded dentist, his conviction, and his lack of a license to practice. if so, the sma would have denied the clinics'
enrollment application. another case of concealed convictions and ownership interests involved a wisconsin durable medical equipment (dme) company. in 2004, the owner was convicted of mail fraud for billing medicaid for items never delivered. also in 2004, hhs-oig excluded
him from medicaid. after his release from prison, he and a fellow former inmate persuaded other people to submit dme provider enrollment applications under their own names for seven different companies the two former inmates implemented a business plan that included billing for items not delivered.
as part of the plan, the nominal owners cashed checks received from medicaid for equipment never delivered and split the money with the convicted individuals. medicaid paid over $1 million for items not delivered. the two individuals were convicted of medicaid fraud and sentenced to terms of split confinement: six years
confinement followed by eight years on extended supervision, and five years confinement followed by seven years on extended supervision. the nominee owners of the seven dme companies were sentenced to terms of split imprisonment and probation. the procedures required by the affordable care act might have
prevented this fraud. first, under the affordable care act, the sma would have had to confirm the identity and the exclusion status of all persons with an ownership interest through a routine check of federal databases. also, if the dme companies had attempted to enroll after the affordable
care act, they would have come within the high-risk category of providers under wisconsin's medicaid rules. high-risk category providers are subject to site visits and fingerprint based background checks. if the sma had made unannounced visits to the site of the new dme companies, it might have determined
the companies did not have the inventory or facilities that would be present if they were legitimate providers. criminal background checks may have revealed the convictions of the two persons with control interests. we will discuss the specifics of the new verification requirements in more detail later in this presentation.
now let's back up and look at who is required to enroll and what they are supposed to disclose. the affordable care act made changes to the enrollment process "to improve the integrity" of federal health care programs. one change required enrollment of providers who did not bill medicaid directly, but who ordered or
referred services or items billed to medicaid by another provider. under regulations adopted under the affordable care act, smas "must require all ordering or referring physicians or other professionals providing services under the state plan, to be enrolled as participating providers." cms defines "other professionals"
as any person or entity recognized to be enrolled by an sma. in addition to expanding the enrollment requirement to more providers, the affordable care act increased the amount of information providers, other than individual practitioners, must disclose about ownership and control, obligated smas to verify providers'
identity and exclusion status, and required additional screening of providers categorized as presenting a moderate or high-risk of fraud, waste, or abuse. providers must furnish the ssn and dob for any individual having an interest or authority in the business. the sma may deny an application for enrollment if required information is not
disclosed and verified, or if the provider does not pass screening requirements. smas must revalidate the enrollment and screening information at least every five years after enrollment. for providers enrolled on or before september 25, 2011, smas must complete revalidation on or before september 25, 2016.
smas are also required to rescreen deactivated providers when they apply for reactivation. these changes in the enrollment process are consistent with cms' shift from an anti-fraud strategy of "pay and chase" to a strategy of preventing fraudulent providers from enrolling in the program from the beginning.
this strategy underlies cms' approach to implementing the affordable care act through regulations. the strategy can be explained as follows: identifying overpayments due to fraud and recovering those overpayments from providers that engaged in the fraud is resource-intensive and can take years. in contrast, keeping
ineligible entities and individuals from enrolling in state medicaid plans as providers in the first place allows the program to avoid paying claims to such parties and then attempting to identify and recover those overpayments. provider screening enables states to identify such parties before they are able to enroll and start billing.
to support provider screening, the affordable care act required providers, other than individual practitioners, to pay an application fee. to help pay for the screening process, the affordable care act imposes an application fee on all institutional providers, such as hospitals and skilled nursing facilities.
individual providers, such as physicians, non-physician practitioners, and other non-institutional providers are not required to pay it, nor are medical groups or clinics composed of physicians and non-physician practitioners. cms noted physicians and non-physician practitioners in medical groups and clinics simply reassign their
federal health program billing privileges to those groups and clinics. cms reasoned that since the individuals are exempt, the groups the individual privileges have been assigned are also exempt. cms adjusts the application fee for each calendar year based on the consumer price index.
the application fee for 2016 is $554. each provider required to pay an application fee is only required to pay it once a year, regardless of how many programs the provider participates in. as part of the enrollment process, the sma should ask each provider if the provider has enrolled or is enrolling in medicare or another state's medicaid program.
if the provider is in an "approved" status as a medicare provider, and the risk categories, name, tax identification number, practice locations, and persons with five percent or more ownership interest match, the sma should not collect an application fee. if an enrolling provider reports it is already enrolled in another state's
program, the state should contact the other state to confirm the information. if the provider is already enrolled and has either paid an application fee to the other state or been excused from payment of the fee, no additional application fee is due. if imposition of the fee would result in a hardship to the provider, and if the sma
recommends approval, cms may grant an exemption. similarly, if the sma demonstrates that imposition of the fee would impede beneficiary access to care, cms may grant a waiver. more information is available on the cms website. the affordable care act required the
secretary of the u.s. department of health and human services "to determine the level of screening" of providers "according to the risk of fraud, waste, and abuse, as determined by the secretary, with respect to the category of provider of medical or other items or services or supplier." the secretary assigned types of
providers recognized by medicare to categories representing limited-, moderate-, or high-financial risk of fraud, waste, or abuse to the medicare program. the affordable care act requires smas, in turn, to place providers in a medicaid risk category not lower than the category that would apply to the providers if they were enrolling in medicare.
for medicaid provider types not recognized by medicare, the sma must assign the provider type to a risk category based upon the risk of fraud, waste, or abuse posed by the provider type. cms sub regulatory guidance suggests that in evaluating this risk, smas should consider whether the type is generally highly dependent on income
from federal health care programs, has shown vulnerability to improper payments, or has been identified as problematic by hhs-oig, gao, law enforcement, or the sma. specific provider types and their associated categorical risk levels are set forth in the federal medicare regulations. some of the providers
assigned to the limited-risk category are: physician or non-physician practitioners and medical groups or clinics, end-stage renal disease facilities, rural health clinics, and smas are required to complete the limited-risk category provider screening requirements for all providers. these requirements include the following steps:
verify the provider meets applicable federal regulations or state requirements for the provider type, verify the provider is currently licensed, including purported licensure in states other than where the provider is enrolling, and conduct database checks (both pre-enrollment and post-enrollment) to ensure providers and their owners,
agents, or other managing employees are not excluded or dead or that the provider is otherwise unqualified to enroll. next let's look in more detail at the screening requirements that apply to all providers. under the affordable care act and regulations adopted by cms to implement the affordable care act,
providers are required to disclose additional information regarding identity, managing employees, ownership, and control. specifically, providers enrolling in medicaid or chip must disclose: dob and ssn, licenses and certifications, national provider identifier (npi), ownership of, and significant business
transactions with, wholly owned suppliers and subcontractors, and convictions of any offense related to the person's involvement in any program under medicare, medicaid, or title xx of the social security act since those programs began. provider entities, such as corporations, enrolling in medicaid or chip must also disclose
names and addresses of any persons with an ownership or control interest in the entity, name, dob, and ssn of any managing employee of the provider or of a fiscal agent or managed care entity, whether a person with an ownership interest is related to another person with an ownership or control interest, names of other entities that any person
with an ownership and control interest in the provider has an ownership or control interest in, convictions of persons who have ownership or control interests in the provider entity, or who are agents or managing employees of the provider entity, and family relationships between persons with ownership or control interests in the provider.
a "person with an ownership interest" is defined as an individual or entity that has direct or indirect ownership interests in the disclosing entity totaling five percent or more. direct ownership interest means possession of equity in the capital, the stock, or the profits of the disclosing entity indirect ownership interests are
interests in entities other than the disclosing entity that in turn have an ownership interest in the disclosing entity. ownership interests must be disclosed when submitting an application for enrollment, when signing the provider agreement, when the sma requests such information on revalidation, and within 35 days after any change in
ownership of the disclosing entity. additional information that must be disclosed within 35 days of a request from the sma includes: the ownership of any subcontractor with whom the provider has had business transactions totaling more than $25,000 during the previous year, and any significant business transactions
between the provider and any wholly owned supplier or any subcontractor during the previous five years. as discussed earlier, some of these ownership disclosure requirements have been in place for ffs providers since before the affordable care act and some were put in place in 2011. they will be phased in for managed care
network providers by july 1, 2018. to help states comply and avoid enrollment issues identified as problematic in state program integrity reviews, cms developed a set of enrollment toolkit products available in addition to disclosures, database checks are an important part of the screening requirements.
smas are required by law to perform database checks on all providers regardless of the provider categorization: limited-, moderate-, or high-risk. the regulations require that states check hhs-oig's list of excluded individuals and entities (leie) and the general services administration's (gsa's) excluded
parties list system (epls) monthly to ensure enrolled providers were not excluded from participation in federal health care programs or debarred from participating in federal contracts. the system for award management (sam) has replaced the epls. under the affordable care act, smas are to check sam's advanced search
exclusions database. smas are to use the sam database to identify individuals and entities ineligible to participate in the federal procurement and nonprocurement programs. smas and providers can access the database on the sam website at the address shown in the handout materials.
medicaid regulations do not explicitly address whether a debarred provider is ineligible to enroll in medicaid. smas and providers should continue to check this database as required by the regulation but await further guidance from cms on whether to deny or terminate enrollment on this basis. in a 2009 state medicaid directors
letter, cms issued a policy clarification advising states to remind providers of their obligation to screen their contractors and employees against the leie list. the letter encouraged states to require providers to check the database monthly. providers should check with
their sma for the rules in their state. in addition to the leie and the sam advanced search-exclusions database, smas are required to check the following databases: social security administration's (ssa's) death master file, cms' national provider identifier (npi) registry, within the national plan and
provider enumeration system (nppes), and other appropriate databases to confirm identity upon enrollment and re-enrollment. cms acknowledges states are "uniquely qualified" to understand the issues of providing services to beneficiaries and maintaining the fiscal integrity of medicaid and chip.
cms gives states considerable flexibility in establishing screening and disclosure requirements for all providers "in addition to or more stringent than" those established by cms. therefore, providers should always check with their sma to find out what the enrollment and screening requirements are in their state.
next, let's discuss resources cms makes available to smas and providers to explain and strengthen the after cms adopted the new disclosure regulations, hhs-oig studied the implementation of the new requirements by a number of smas. based on the sample period from december 2013
through april 2014, hhs-oig often found the names of owners furnished by providers in their applications to medicaid did not match names furnished by the same providers to oig, or to medicare. hhs-oig also found some providers did not notify smas of changes in ownership within 35 days as required. hhs-oig recommends that cms work
with smas to educate providers on the requirement to report changes of ownership, and on the actions smas may take for noncompliance. after the sample period, but before the hhs-oig report was published, cms already had taken significant steps to address these and other issues regarding disclosure of ownership interests. in september 2014, cms
posted a toolkit titled "disclosures of ownership and control" on the internet. this tool explains the background of the rule on ownership disclosure, breaks down the rule down into subparts, and provides examples useful to providers. in march 2016, before the hhs-oig report was published, cms posted a document titled "medicaid provider
enrollment compendium" (or mpec). smas should use these and other cms resources to educate providers on the ownership disclosure requirements. as noted in the mpec, smas have discretion to decide on the means of dissemination, but "examples may include provider enrollment websites, provider information bulletins, and
exclusion in provider agreements." cms plans to update and expand the mpec, so smas should check the website regularly. the 2014 toolkit explains the purpose of the ownership and control requirements is to capture the interests parties such as owners, officers, partners, or managing employees have in the disclosing provider entities.
such interests would otherwise remain "behind the scenes" or undisclosed. the mpec includes: a definition and examples of disclosing entities, non-technical definitions of other terms that might be unclear to an enrolling provider, such as "indirect ownership interest" and "other disclosing entity" examples of how to calculate the
percentage of ownership interest a company or fiscal agent might have in a disclosing entity, and information on the consequences of failure to disclose or providing false information. in addition to containing information smas can use to educate providers regarding enrollment requirements, the toolkit and the mpec contain guidance
to smas to ensure they obtain and verify the required information. in addition to recommending cms work requirement to report changes of ownership, hhs-oig's 2016 report also recommends cms take steps to ensure smas request and verify all required ownership information and check required databases.
hhs-oig found most smas did not request or verify all required ownership information and databases required under the affordable care act and cms regulations. several cms documents provide guidance to smas in this regard. in a 2008 medicaid directors letter, cms recommended smas refuse to process applications that do not appear to be
complete or do not "include information on individuals with ownership or control interests in the provider [disclosing] entity, including managing employees, until the state verifies the accuracy and completeness of the information." guidance from the 2014 disclosure toolkit mentioned previously, and from a 2010 collection of best practices,
indicates if smas include the following in application forms and contracts, it will improve the information collected: a dedicated space for the applicant to use in submitting disclosures, separate spaces dedicated to ssns and dob on each individual whose interest is being disclosed, spaces for multiple addresses for corporate entities,
spaces for percentages of ownership for each person with an ownership interest, instructions to attach additional pages if needed to identify all parties with ownership or control interests, and a reminder the provider must submit updated ownership information upon a change of ownership. to ensure these and other steps
necessary to capturing disclosures take place, program integrity staff and enrollment staff need to meet regularly, develop an enrollment policy together, and develop management controls ensuring adherence to policy. this advice is reinforced by the 2014 toolkit's suggestion that the sma component, or the contractor
responsible, for procuring contracts should consult the program integrity staff on contract language ensuring the incorporation of all disclosure requirements. additionally, the mpec suggests it could be helpful for state program integrity and enrollment staff to train procurement staff
on the disclosure requirements. to verify ownership information, smas have a variety of tools at their disposal. in its 2016 report, hhs-oig recommended cms encourage smas to use cms' provider enrollment, chain and ownership system, that's 'pecos' to verify provider ownership information. dedicated users from each state have
read-only access to pecos. they also have access to a monthly pecos data-extract file. other tools include the websites of the relevant states' secretary of state offices, or the equivalent, where corporations, limited liability companies, and other business entities must register. these sites offer information such as
whether the business is still active, and whether it operates under other names. these sites may also provide the names of owners, officers, and directors. to verify physical addresses, smas may use the website of the u.s. postal service (usps) or a local assessor. for the postal service, smas can go to www.usps.com and click on the "look up a
zip code" link, enter an address, and click "find." if the usps database recognizes the address, the website will return the address in standard usps format. smas can search addresses on online assessor websites to find ownership information, assessed property value, and current property tax obligations.
before we go on to discuss screening of moderate and high-risk category providers, let's pause for a knowledge check. smas are responsible for: (select all that apply) a. obtaining disclosure information, b. obtaining a signature on a provider agreement, c. checking eligibility against federal databases, or
d. collecting a fee from each applicant. the answer is: a, b, and c. states do not collect a fee from every applicant. the fee does not apply to individual practitioners or providers that are not institutions. states do not collect a fee from institutional providers enrolled in medicare or another state's
medicaid program. next let's look at screening requirements for moderate and high-risk providers. in addition to undergoing the same screening steps required for limited-risk category providers, moderate-risk category providers must undergo an on-site visit. the purpose of the visit is
to verify the accuracy of the information submitted to the sma and determine compliance with federal and state enrollment requirements. while an on-site visit is required for providers with a moderate categorical risk level, authorities can make unannounced site visits to any enrolled provider (regardless of risk category) at
any provider location. cms, its agents or designated contractors, or the sma, or its agents or designated contractors, can perform these inspections. some of the providers assigned to the moderate-risk category are ambulance suppliers, community mental health centers, hospice organizations, physical
therapists, physical therapist groups, and portable x-ray providers. high-risk category provider screening includes all of the same screening steps for both limited and moderate-risk category providers. these providers, and those who own five percent or more of such providers, face the most
intensive screening. since august 16, 2014, medicare has required fingerprint-based criminal background checks (fcbc) for high-risk category providers and owners. smas that had not implemented fcbcs for high-risk category providers by june 1, 2016, were required by then to have in place a cms-approved plan
to implement such checks. under the regulations, before an sma enrolls or revalidates a high-risk category provider, the sma must collect fingerprints from the provider and all persons who maintain a five percent or greater direct or indirect ownership interest in the provider or supplier. the five-percent threshold applies to all
forms for business organization, including partnerships. then the sma must use the fingerprints to conduct an fcbc using federal and state databases to verify whether the fingerprinted person has a criminal record. if the sma's search reveals a criminal record, the sma must determine
the impact of that record on the enrollment or revalidation. if the record includes a conviction for any offense related to the under medicare, medicaid, or chip in the last 10 years, the sma must deny or terminate enrollment unless it determines such action is not in the best interests of the program and documents
such determination. if there is a record of such a conviction more than 10 years old, the sma has discretion to deny or terminate enrollment. state rules may exclude persons for other convictions. providers should check with their sma to learn how their states handle other convictions. each sma must designate the types of
providers that come within the high-risk category and are subject to fcbcs. for provider types listed in the medicare regulations, smas must apply the same risk category applied by medicare. thus, newly enrolling home health agencies (hhas), which are listed as categorically high-risk in the medicare regulations, must be designated as categorically
high-risk by smas and are subject to the fcbc requirement. for provider types not listed in the medicare regulations, smas should follow the cms guidance discussed on the next slide. in establishing risk categories for provider types not listed in medicare regulations, such as non-emergency
transportation providers and personal care assistants, smas must use criteria similar to those used by medicare. cms gives the following guidance: those provider types that are generally highly dependent on medicare, medicaid, and chip to pay salaries and other operating expenses and which are not subject to additional government or
professional oversight would be considered moderate-risk, and those provider types identified by the state as being especially vulnerable to improper payments would be considered high-risk. cms also suggests that the sma consider gao and oig reports, law enforcement appraisals, congressional testimony, the level of administrative
enforcement actions and oversight by the government and accrediting bodies, and the sma's experience with the provider type. the south carolina department of health and human services (scdhhs) designated the following non-medicare types of providers as moderate-risk: private mental health centers, community long-term care, and
private rehabilitative behavioral health. a list of medicare provider types and some medicaid provider types, by categorical risk level, is available in the "medicaid provider enrollment requirements" booklet on the cms website. providers not recognized by medicare should be sure which categorical risk screening level applies to them by
contacting the sma in each state where they do business. now let's discuss adjustments smas may need to make to provider categorical risk levels. smas are required to adjust the provider categorical risk category from limited or moderate to high when any of the following occurs: the sma has imposed a
payment suspension based on a credible allegation of fraud, there is an existing qualifying medicaid overpayment, hhs-oig or another sma has excluded the provider from medicaid in the last 10 years, the provider is enrolling within six months of the date of the lifting of a temporary moratorium that would then have barred the provider's enrollment.
before proceeding, let's take a moment to talk briefly about the first three items on this list. under the affordable care act, smas are required to suspend payments upon finding there has been a credible allegation of fraud and that there is a pending investigation by the sma or another agency.
although the regulation does not set any limit on how long a past suspension will require an increase in the risk category, cms' medicaid provider enrollment compendium fixes a time limit of 10 years. to comply with the regulation, it is important that smas capture information on all suspensions that are less than 10 years old.
even though the regulations only require that smas keep records of such suspensions for five years, in light of the sub regulatory guidance smas should keep them for at least 10 years. as to medicaid overpayments, cms' medicaid provider enrollment compendium gives sub regulatory guidance on which ones qualify and thus
require raising a provider's categorical risk level to high. qualifying overpayments are those $1,500 or more and which also: are more than 30 days old, have not been repaid at the time of the application, are not currently the subject of an appeal, and are not part of an sma-approved extended repayment schedule. finally, as to excluded providers,
it is important to remember that authority to exclude is not limited to hhs-oig. smas have authority to exclude providers for any reason for which hhs-oig could exclude them. since sma exclusion triggers a rise in the categorical risk level, it is important the sma's check on exclusions cover both hhs-
oig and sma exclusions. let's review by doing some knowledge checks. cms classifies providers into one of three categorical risk levels based on their risk of fraud, waste, and abuse. which of the following is not one of the three risk levels? a. no risk,
b. limited risk, c. moderate risk, or d. high risk. the answer is: a. the three categorical risk levels are limited, moderate, and high. all provider types are classified into one of the three categorical risk levels. which new requirements apply to all providers enrolling in medicaid?
a. disclosure of names and addresses of all individuals or entities, b. verification that licenses are in good standing, c. on-site visits, and d. submission of fingerprints. the answer is: a and b. regulations only require on-site visits for moderate- and high-risk category providers,
and fingerprinting for high-risk all new medicaid and chip enrolling providers are required to submit fingerprints under the affordable care act. true or false? the answer is: false. only high-risk category fingerprints as part of the enrollment
process under the affordable care act. medicare phased in high-risk category provider fingerprint submission during 2014. more information on the fingerprinting requirement for medicaid high-risk category providers is available in a state medicaid directors letter issued on june 1, 2015, and sub regulatory guidance issued january 11, 2016,
which we discuss later in this presentation. the enrollment screening discussed during the presentation strengthens the overall integrity of medicaid and chip. high-risk category providers must undergo criminal background checks. the answer is: true. high-risk category providers undergo the most intensive screening.
now, let's take a look at how enrollment in medicaid is coordinated with enrollment in medicare. providers that intend to bill both medicaid and medicare are required to enroll in both programs. in 2011, cms estimated that 80 percent of institutional medicaid providers would enroll in medicare.
in instances where a provider is dually enrolled in the medicare and medicaid programs, the regulations provide that the sma, rather than duplicating efforts, "may rely on the results of the screening conducted by a medicare contractor." reliance is authorized if the provider is in an "approved" medicare
enrollment status and the sma verifies: a positive match in the medicare provider enrollment, chain, and ownership system (pecos) between the information in the medicaid application and in medicare's enrollment record, the provider's medicare screening risk category, and that medicare's most recent
revalidation of the provider occurred on or after march 25, 2011. if the provider's sma screening risk category is higher than the provider's medicare screening risk category, the sma may still rely on specific screening activities conducted by medicare so long as the sma verifies these activities.
for revalidation, an sma may rely on medicare screening if the following conditions are met: the date of medicare's last screening of the provider occurred on or after march 25, 2011, the identity of the provider is verified by a match of applicable data elements identified by cms, the provider must be in an "approved"
enrollment status in medicare, and the provider's medicare risk category is the same as or higher than the provider's medicaid risk category. for both enrollment and revalidation, an sma may also rely on screening performed by the sma of another state under the following conditions: the provider is enrolled and in good
standing with the other state, the sma documents that it has verified the other sma performed each required screening activity, and the provider was enrolled or revalidated by the other state within the past five years. sma enrollment screening is not necessarily limited
to the actions required by the federal regulations. next let's look at some state screening requirements. section 6401(b) of the affordable care act made clear the new enrollment requirements put in place by the affordable care act were not intended "to preclude or limit the ability of a state to engage in provider and supplier
screening or enhanced provider and supplier oversight activities beyond those required by the secretary of hhs." many states have added their own requirements to the federal requirements. different states have screening requirements including additional disclosures, screening levels, background checks for providers at
moderate categorical risk levels, and expanded site visits. let's review some of the state requirements. screening requirements in the federal regulations are "floors, not ceilings" on enrollment requirements for each screening level." under the regulations,
states may impose additional screening methods "in addition to or more stringent than" those in the regulations. for example, the texas health and human services commission (thhsc) may set higher initial categorical risk levels than those required by the federal regulations. thhsc makes these determinations depending on its
assessment of the categorical risk level associated with the type of provider or geographical area, changes in business structure, past practices, or access to care in a geographical area. texas regulations allow appeals from denial of enrollment. the south carolina department of health and human services
(scdhhs) moves providers into a higher categorical risk level when the provider has been subject to a payment suspension, has an existing medicaid overpayment, has been excluded by hhs-oig, scdhhs, or another state's medicaid program within the past 10 years, or was prevented from enrolling because of a moratorium lifted within 6 months
from the date of application. as noted by cms, smas have the authority to require site visits for providers in the limited-risk category and may add to the requirements of such a site visit. for example, thhsc's on-site reviews may go beyond the minimum required by federal regulations.
the texas regulation provides that the site visit may include interviews, recording reviews, and determination of the provider's ability to deliver the proposed services and meet compliance with physical requirements under state and federal law. it is important to note that some states go beyond what federal
regulations require. for example, scdhhs requires that both moderate- and high-risk category providers undergo criminal record checks in federal and state databases. next let's look at some other state enrollment requirements. as noted by cms, enrollment and screening are not the same thing.
in addition to screening, enrollment requires compliance with "a host of state-specific requirements." these state-specific requirements can include additional disclosures. for example, applicants for enrollment in texas medicaid are required to disclose the identity of persons with certain prior ownership interests.
applicants identified as having a significant history or potential for fraud, waste, or abuse are required to obtain a surety bond of at least $50,000 for each enrollment location. if the provider uses a third-party billing vendor to submit claims, that vendor is required to register with the sma. we previously discussed the federal
reasons for enrollment denials. states can add to these reasons. for example, new york's local departments of social services, which are responsible for medicaid enrollment in the state of new york, may deny an enrollment application for a number of reasons not listed in the federal regulations.
these reasons include failure to correct deficiencies in the operation of a business or enterprise after having received written notice from a state or federal licensing or auditing agency, and indictment for any crime relating to the furnishing of medical care, services, or supplies which is considered an offense involving theft
or fraud or an offense against public administration of public health or morals. next let's look at the regulatory provisions governing denial or termination of enrollment by smas. if a person with a five percent or greater ownership interest in the provider fails to submit timely and accurate information the sma is required to
terminate the provider's enrollment. the sma must deny or terminate enrollment if the provider was terminated on or after january 1, 2011, by the medicare program or under the medicaid program or chip of another state. the regulations specify certain situations in which the sma must deny
or terminate enrollment unless the sma determines that such action is not in the best interests of the medicaid program. the sma must document that determination in writing. these situations are: any person with a five percent or greater direct or indirect ownership interest in a provider has been convicted of a criminal offense related to that
person's involvement with medicare, medicaid, or chip in the last 10 years. a person with any ownership interest (even if less than five percent) or control interest, or who is an agent or managing employee of the provider, fails to submit timely or accurate information. the provider or any person with a five percent or greater direct or indirect
ownership in the provider fails to submit fingerprints within 30 days of a cms or sma request. the provider fails to permit access to provider locations for any site visits, the sma is required to terminate or deny enrollment. there is no specific federal right to appeal a medicaid or chip enrollment
denial or termination. however, the federal regulations require that the sma give providers such appeal rights established under state law. let's pause for a knowledge check. if a provider's medicaid enrollment is denied or terminated, which of the following is true?
a. there are no appeal rights available to the provider, b. the provider can appeal directly to cms, c. the provider can appeal under any procedures available under state law or regulations, or d. none of the above. the answer: c. federal regulations require
the sma to give providers such process as may be due under state law for medicaid enrollment denials or terminations. there is no specific federal right to appeal. next let's discuss moratoria. the affordable care act gives cms the authority to temporarily prohibit the enrollment of new providers of services
and supplies in medicare, medicaid, or chip as necessary to prevent or combat fraud, waste, and abuse. such prohibitions are called moratoria. under federal medicare regulations, cms may impose moratoria on providers and suppliers of a particular type or location if such type or location presents a significant potential for fraud, waste,
or abuse. if cms imposes such a moratorium on enrollment of new medicare providers, the sma is required to impose the same moratorium on enrollment of medicaid or chip providers unless the action would adversely affect beneficiaries' access to care. such moratoria may be imposed for a period of six months and extended in six-
month increments. cms publishes announcements of its moratoria in the federal register. on the next slide, we will discuss several of the cms-issued moratoria. cms has exercised its moratorium authority several times after the passage of
the affordable care act in 2010. in july 2013, cms imposed moratoria on the medicare, medicaid, and chip enrollment of hhas in miami-dade county (florida) and cook county (illinois) and surrounding counties. in february 2014, cms extended these moratoria and added moratoria on hhas in broward county (florida), dallas and
harris counties (texas), wayne county (michigan), and surrounding counties and ground ambulance suppliers in philadelphia (pennsylvania) and surrounding counties. in august 2014, february 2015, july 2015, and january 2016, cms extended all of these moratoria. in august 2016,
cms lifted the moratoria on emergency ground ambulance suppliers, but retained the moratoria on non-emergency ground ambulance suppliers and on hhas. cms also expanded the geographic reach of the retained moratoria. as of august 2016, cms moratoria on new provider enrollment covered non- emergency ground ambulance suppliers
and hhas located anywhere in florida, illinois, michigan, texas, pennsylvania, or new jersey. as discussed, cms can impose moratoria for 6 months at a time. their sma for current information on what moratoria may be in force in their state. states also have the authority to impose
moratoria on enrollment of new providers. the sma, with cms concurrence, has the authority to temporarily prohibit enrollment of new providers in certain categories or geographic areas. smas may impose moratoria on new providers identified as having significant potential for fraud, waste, or abuse, and that have been identified by cms as posing a high
risk for fraud, waste, or abuse. as with the cms moratoria, smas may impose moratoria for a period of six months and may extend them in six- the sma also has the authority to impose numerical caps and other limits on enrollment of new medicaid and chip providers. cms will not, however, agree to a
moratorium on enrollment of providers participating in medicaid managed care plans. cms believes such moratoria could "restrict the ability of states to ensure beneficiary access and choice." smas have exercised their moratorium authority under the affordable care act. on march 6, 2016, upon concurrence by cms, the scdhhs imposed a
moratorium on medicaid targeted case management providers. in the past, states have imposed other moratoria as shown in the following examples: in march 2014 the alaska imposed a six-month moratorium on the enrollment of personal care service providers, including both consumer directed personal care agencies and agency-
based personal care assistant agencies. in april 2015, the california department of health care services imposed a six- month moratorium on the enrollment of all clinical laboratories in the medi-cal program. in february 2015, scdhhs imposed a six-month moratorium on enrollment of rehabilitative behavioral health services providers.
these examples are not exhaustive. other states may have imposed other moratoria, and these moratoria are subject to change. usually moratorium information is posted on sma websites. providers should check with the sma in their states to find out what moratoria are in place.
as we have seen, the power to impose moratoria is just one of the changes that the affordable care act made to better protect medicaid from fraud, waste, and abuse. the next slide recaps the ways the new enrollment process achieves this goal. there is no medicaid program without providers
providers are critical partners in delivering quality care. they are also critical partners in maintaining the integrity of medicaid and chip. honest providers protect beneficiaries from harm and preserve the solvency of the medicaid program. the vast majority of providers are honest and ethical. ethical providers
suffer when a fraudulent provider competes with them directly or orders or refers items or services for a beneficiary. the new medicaid enrollment requirements are intended to ensure only qualified and legitimate providers enroll. providers that have defrauded federal health care programs
in the past or pose an unacceptable risk are not allowed to participate. enhanced provider enrollment and screening reduces improper payments and saves medicaid and chip funds for use by beneficiaries that need the care. this presentation was current at the time it was published or uploaded onto the web. medicaid and medicare policies
change frequently so links to the source documents have been provided within the document for your reference. this presentation was prepared as a service to the public and is not intended to grant rights or impose obligations. this presentation may contain references or links to statutes, regulations, or other policy materials.
the information provided is only intended to be a general summary. use of this material is voluntary. inclusion of a link does not constitute cms endorsement of the material. we encourage readers to review the specific statutes, regulations, and other interpretive materials for a full and accurate statement of their contents.
0 komentar:
Posting Komentar