Even though the Centers for Medicare and Medicaid Services (“CMS”) published final regulations to implement provisions to the Affordable Care Act (“ACA”) on February 2, 2011, it is likely that many Kentucky health care providers, including physicians, are not aware of the importance of the new requirements for revalidation of Medicare and Medicaid enrollment or the new and more burdensome requirements for initial enrollment. The requirements are aimed at strengthening provider and supplier screening procedures to reduce fraud, waste, and abuse in federal health care programs. Because CMS contractors and KY Medicaid have been slow to comply with these new requirements, it is likely that many providers have not noticed the enrollment/screening changes unless they have been asked to revalidate or have applied for new or additional provider/supplier numbers.
The requirements for revalidation, however, apply to all physicians and other providers/suppliers who were enrolled before March 25, 2011, which means that all physicians and physician groups must complete the re-enrollment process. Completing the revalidation of enrollment process is very important and a failure to do so means that CMS will de-activate payment until a successful re-enrollment process is completed. In some cases, CMS may even revoke participation. Having a validated enrollment and provider/supplier number is also important for ordering and referring items and services for patients as CMS rolls outs new payment requirements. At best, failing to comply with the requirements for re-validation will create cash flow problems; at worst, failing to comply will mean no reimbursement and revocation. And to make matters worse, the OIG just announced in its 2014 Work Plan that it will monitor the States’ progress toward re-screening and revalidating Medicaid providers.
Different Requirements for Different Types of Providers
The ACA requires that the Secretary of HHS categorize providers and suppliers by perceived level of risk of fraud, waste, and abuse for each and devise screening requirements for enrollment and revalidation for each category. Providers and suppliers are designated as “limited risk,” “moderate risk,” or “high risk.” The level of risk assigned to a provider determines the type and level of screening procedures that the Medicare enrollment contractor must use when processing the provider’s enrollment application.
“Limited Risk” includes physician or non-physician practitioners and medical groups or clinics except physical therapy providers, ambulatory surgical centers, federally qualified health centers, histocompatibility laboratories, hospitals (including critical access hospitals), mammography screening centers, pharmacies newly enrolling or revalidating, radiation therapy centers, religious non-medical health care institutions, rural health clinics, and skilled nursing facilities.
“Moderate Risk” includes ambulance suppliers, community mental health centers, comprehensive outpatient rehabilitation facilities, hospice organizations, independent diagnostic testing facilities, independent clinical laboratories, physical therapy including physical therapy groups, portable x-ray suppliers, and currently-enrolled home health agencies.
“High Risk” includes new home health agencies and newly-enrolling suppliers of durable medical equipment.
CMS may adjust an individual provider/supplier’s screening level from limited-risk or moderate-risk category to high-risk when:
- A payment suspension on a provider/supplier has been issued at any time in the last ten years.
- The provider/supplier has been excluded from Medicare by the OIG.
- The provider/supplier has had billing privileges revoked by a Medicare contractor within the previous ten years and is attempting to establish additional Medicare billing privileges by enrolling as a new provider/supplier or establishing a new practice location.
- The provider/supplier has been terminated from billing Medicaid.
- The provider/supplier has been excluded from any Federal healthcare program.
- The provider/supplier has been subject to any adverse action within the previous ten years.
Providers and suppliers categorized as “limited risk” have not noticed a significant change in the enrollment process with the exception of new 855 forms and filing requirements. Specifically, “limited risk” providers and suppliers are subject to the following screening techniques during the Medicare enrollment process:
- Verification that the provider/supplier meets all applicable Federal regulations and State requirements for the provider/supplier type.
- Licensure verifications, including licensure verifications across State lines for physicians or non-physician practitioners and providers/suppliers that obtain or maintain Medicare billing privileges as a result of State licensure.
- Database checks on pre- and post-enrollment basis to ensure that providers and suppliers continue to meet the enrollment criteria for their provider/supplier type.
Medicare contractors are required to conduct the following screening procedures when Medicare enrollment applications are submitted by “limited risk” providers and suppliers:
- Verification of any provider/supplier-specific requirements established by Medicare.
- License verifications.
- Database check (e.g., to verify Social Security Number; the National Provider Identifier; the National Practitioner Data Bank licensure; an OIG exclusion; tax payer identification number; tax delinquency; death of individual practitioner, owner, authorized official, delegated official, or supervising physician).
For providers and suppliers categorized as “moderate risk,” Medicare contractors are required to conduct unannounced pre-enrollment site visits in addition to performing the enrollment screening procedures applicable to the “limited risk” providers and suppliers. During the on-site pre-enrollment visits, the Medicare contractor determines whether the provider/supplier meets all Medicare enrollment requirements and is able to furnish the Medicare-covered items or services.
In addition to the enrollment screening tools applicable to the “limited risk” and “moderate risk” providers/suppliers, “high risk” providers/suppliers will eventually face fingerprinting and criminal background checks as a part of the Medicare enrollment process. All individuals who maintain a 5 percent or greater direct or indirect ownership interest in the provider or supplier are subject to the criminal record background checks and fingerprinting requirements. Although the majority of the enrollment screening rules promulgated under the ACA went into effect March 25, 2011, CMS continues to delay the effective date for the fingerprint-based criminal history background checks for high risk providers. This provision of the ACA will not take effect until 60 days following the publication of sub-regulatory guidance. The sub-regulatory guidance is expected to describe the process by which Medicare contractors will collect the required fingerprints from providers/suppliers. To date, CMS has yet to publish the sub-regulatory guidance implementing the fingerprinting procedures.
More to come including Medicaid requirements and Tips.