The Six Aspects of Understanding ZPIC Audits

Dr. Nick Oberheiden

Email

888-680-1745

Bio and Articles

6 Aspects to Understanding ZPIC Audits

by: Dr. Nick Oberheiden of Oberheiden P.C. - Our Insights

Tuesday, December 15, 2020

Print Mail Download

i

I. Introduction

Zone Program Integrity Contractors (“ZPICs”) are charged with the responsibility of investigating alleged instances of fraud, waste, or abuse by health care providers. They are authorized to conduct massive and detailed audits on behalf of the Centers for Medicare and Medicaid Services (“CMS”) in order to reveal such fraud, waste, or abuse. These audits are powerful tools used by the government to scrutinize the businesses of health care providers. Most often, providers are investigated for improper billing. ZPIC audits often require a quick response by the health care provider because they can be very invasive and lead to massive administrative, civil, and criminal penalties.

II. What Are ZPICs and ZPIC Audits?

Zone Program Integrity Contractors (“ZPICs”) are defined as companies that are contracted by the Centers for Medicare and Medicaid Services (“CMS”) to conduct detailed and investigative audits of health care providers. ZPICs concentrate on investigating suspected fraud, waste, abuse, or other irregularities at a health care provider. Specifically, their purpose is to identify such fraud and abuse involving Medicare or Medicaid systems.

A ZPIC audit is an investigation of the practices of a medical provider or other health care entity for suspicion of fraud—especially fraudulent billing practices. Entities are targeted for these audits based on a variety of factors such as complaints by patients, employees, beneficiaries, or whistleblowers; referrals from law enforcement or a federal agency, or other data analysis that reveals to the auditors that the entity is engaging in some form of fraud.

Health care providers usually become aware of a ZPIC audit upon receiving a request for documents from the ZPIC. With respect to the authority of the ZPIC, the ZPIC has very broad powers to seek information from health care providers and has very little restriction on this authority. The audit process itself consists of a detailed examination of the health care provider’s records to confirm all patient billings or Medicare billings, for example. These audits can be quite serious for some providers because they have the potential to lead to federal Medicare fraud charges and criminal prosecution.

Once the audit investigation is completed, the ZPIC may identify instances of fraudulent billing practices, overpayments, upcoding, or other types of health care fraud. Based on the investigation, the ZPIC makes its recommendations, which are appealable. Additionally, the ZPIC often shares the results of the audit with state or federal agencies or law enforcement for civil or criminal lawsuits.

III. What Are the Red Flags that ZPICs Look For?

ZPIC audits are not chance occurrences. They are based on detailed analyses that reveal that the health care provider is or has engaged in fraud, waste, or other abuse. Some providers are targeted more often than others. For instance, pain management services, Medicare Part A and B providers, clinical laboratories, ambulance services, durable medical equipment (“DME”) companies, home healthcare agencies, and hospices are targeted to a greater extent and are especially at risk of a ZPIC audit.

Examples of red flags that alert ZPICs to specific instances of fraud include the following:

Unusual billing practices;
Billing practices that are inaccurate;
Entries in the books or records that are incomplete or inconsistent;
Complaints by individuals or entities to governmental agencies or referrals from other government contractors;
The provider’s notes are not dated, not completed, missing, erased, or otherwise in disarray.

The above are just a few examples of red flags that may be indicative of fraud to the ZPIC auditor. It is important to note that intent is not needed when considering liability and penalties. Liability can be found based on careless medical billing, filing, and recordkeeping.

“Many health care providers often believe that if there was no intent to defraud or no intent to engage in misconduct, then they have nothing to worry about. However, this is far from the truth. In reality, health care providers and other health care entities can face administrative penalties, license revocation, and civil and criminal charges for inattentive record-keeping, errors, and mistakes. This emphasizes the need to retain experienced ZPIC defense counsel as early as possible” – Dr. Nick Oberheiden, Founding Attorney of Oberheiden P.C.

IV. What Can the ZPIC Auditor Do?

The ZPIC will first notify the health care provider that they are under an investigation. Having said that, ZPICs will sometimes conduct audits without any notice. As a part of the audit, they can interview individuals connected with the health care provider. They can also request all documentation and medical records to determine the billing process of the health care provider. Once the audit is completed, the ZPIC will compile a recommendation of findings based on their audit. This will include conclusions as to whether the health care provider is guilty of fraud, waste, or other abuse.

If fraud is identified during the course of the audit, the ZPIC may do any one—or more—of the following:

Issuing warnings to the health care provider;
Demanding overpayment recoupment;
Suspending payments;
Reporting the health care provider to the state licensing board for review;
Revoking the health care provider’s privileges and/or licenses;
Referring the matter to the Office of Inspector General, law enforcement, federal agencies for possible civil litigation or criminal prosecution.

V. What to Do After Receiving a ZPIC Audit

Receiving notice of a ZPIC audit either in advance or suddenly can be a daunting experience. Nevertheless, it is vital that health care providers take immediate action to defend against these audits and protect themselves against potential civil and criminal liability. Below are a few guidelines on how to navigate the effects of a ZPIC audit:

Retain an experienced team of defense attorneys. An attorney can advise its clients on the process of a ZPIC audit and negotiate with the government on the provider’s behalf.
Maintain an open communication channel with billing vendors. This helps health care providers gather their documentation as soon as possible to deliver to the ZPIC for review.
Ensure proper risk assessment and due diligence procedures for high-risk areas. High-risk areas typically include medical billing and coding, as these are the areas most often targeted by ZPIC due to their high potential for fraud, abuse, or waste. As a result, it is imperative that health care providers always seek to improve their review and assessment policies surrounding these high-risk transactions.
Evaluate, record, and document. A crucial part of the ZPIC’s job is to determine whether the health care provider’s records were properly documented and that everything is consistent in the record. Failure to timely supply the ZPIC with the requested documentation can be devastating to the provider’s situation, negatively impact its credibility, and hamper its possibility of a positive resolution.
Health care providers should develop a detailed compliance program that identifies, monitors, and immediately remedies instances of misconduct within the business. Compliance programs help to prevent fraud from occurring and serve as an important layer of evidence that the provider is in full compliance with the law.

VI. Conclusion

Health care providers and other health care entities face intense scrutiny from ZPICs as a result of ZPIC audits for alleged fraud. Time is of the essence. ZPIC audits have the potential of resulting in significant threats to the business' future.