Medicare, Medicaid, and Children's Health Insurance Programs; Additional Screening Requirements, Application Fees, Temporary Enrollment Moratoria, Payment Suspensions and Compliance Plans for Providers and Suppliers, 5862-5971 [2011-1686]
Download as PDF
5862
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Centers for Medicare & Medicaid
Services
42 CFR Parts 405, 424, 447, 455, 457,
and 498
Office of Inspector General
42 CFR Part 1007
[CMS–6028–FC]
RIN 0938–AQ20
Medicare, Medicaid, and Children’s
Health Insurance Programs; Additional
Screening Requirements, Application
Fees, Temporary Enrollment Moratoria,
Payment Suspensions and Compliance
Plans for Providers and Suppliers
Centers for Medicare &
Medicaid Services (CMS); Office of
Inspector General (OIG), HHS.
ACTION: Final rule with comment period.
AGENCY:
This final rule with comment
period will implement provisions of the
ACA that establish: Procedures under
which screening is conducted for
providers of medical or other services
and suppliers in the Medicare program,
providers in the Medicaid program, and
providers in the Children’s Health
Insurance Program (CHIP); an
application fee imposed on institutional
providers and suppliers; temporary
moratoria that may be imposed if
necessary to prevent or combat fraud,
waste, and abuse under the Medicare
and Medicaid programs, and CHIP;
guidance for States regarding
termination of providers from Medicaid
and CHIP if terminated by Medicare or
another Medicaid State plan or CHIP;
guidance regarding the termination of
providers and suppliers from Medicare
if terminated by a Medicaid State
agency; and requirements for
suspension of payments pending
credible allegations of fraud in the
Medicare and Medicaid programs. This
final rule with comment period also
discusses our earlier solicitation of
comments regarding provisions of the
ACA that require providers of medical
or other items or services or suppliers
within a particular industry sector or
category to establish compliance
programs.
We have identified specific provisions
surrounding our implementation of
fingerprinting for certain providers and
suppliers for which we may make
changes if warranted by the public
comments received. We expect to
publish our response to those
rmajette on DSK29S0YB1PROD with RULES2
SUMMARY:
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
comments, including any possible
changes to the rule made as a result of
them, as soon as possible following the
end of the comment period.
Furthermore, we clarify that we are
finalizing the adoption of fingerprinting
pursuant to the terms and conditions set
forth herein.
DATES: Effective date: These regulations
are effective on March 25, 2011.
Comment date: We will consider public
comments only on the Fingerprinting
Requirements, contained in §§ 424.518
and 455.434 and discussed in section
II.A.5. of the preamble of this document,
if we receive them at one of the
addresses provided below, no later than
5 p.m. on April 4, 2011.
ADDRESSES: In commenting, please refer
to file code CMS–6028–FC. Because of
staff and resource limitations, we cannot
accept comments by facsimile (FAX)
transmission.
You may submit comments in one of
four ways (please choose only one of the
ways listed):
1. Electronically. You may submit
electronic comments on this regulation
to https://www.regulations.gov. Follow
the instructions for ‘‘submitting a
comment.’’
2. By regular mail. You may mail
written comments to the following
address ONLY: Centers for Medicare &
Medicaid Services, Department of
Health and Human Services, Attention:
CMS–6028–FC, P.O. Box 8013,
Baltimore, MD 21244–8013.
Please allow sufficient time for mailed
comments to be received before the
close of the comment period.
3. By express or overnight mail. You
may send written comments to the
following address ONLY: Centers for
Medicare & Medicaid Services,
Department of Health and Human
Services, Attention: CMS–6028–FC,
Mail Stop C4–26–05, 7500 Security
Boulevard, Baltimore, MD 21244–1850.
4. By hand or courier. If you prefer,
you may deliver (by hand or courier)
your written comments before the close
of the comment period to either of the
following addresses: a. For delivery in
Washington, DC—Centers for Medicare
& Medicaid Services, Department of
Health and Human Services, Room 445–
G, Hubert H. Humphrey Building, 200
Independence Avenue, SW.,
Washington, DC 20201.
(Because access to the interior of the
Hubert H. Humphrey Building is not
readily available to persons without
Federal government identification,
commenters are encouraged to leave
their comments in the CMS drop slots
located in the main lobby of the
building. A stamp-in clock is available
PO 00000
Frm 00002
Fmt 4701
Sfmt 4700
for persons wishing to retain a proof of
filing by stamping in and retaining an
extra copy of the comments being filed.)
b. For delivery in Baltimore, MD—
Centers for Medicare & Medicaid
Services, Department of Health and
Human Services, 7500 Security
Boulevard, Baltimore, MD 21244–1850.
If you intend to deliver your
comments to the Baltimore address,
please call telephone number (410) 786–
9994 in advance to schedule your
arrival with one of our staff members.
Comments mailed to the addresses
indicated as appropriate for hand or
courier delivery may be delayed and
received after the comment period.
FOR FURTHER INFORMATION CONTACT:
Frank Whelan (410) 786–1302 for
Medicare enrollment issues. Claudia
Simonson (312) 353–2115 for Medicaid
and CHIP enrollment issues. Lori Bellan
(410) 786–2048 for Medicaid payment
suspension issues and Medicaid
termination issues. Joseph Strazzire
(410) 786–2775 for Medicare payment
suspension issues. Laura MinassianKiefel (410) 786–4641 for compliance
program issues.
SUPPLEMENTARY INFORMATION: Due to the
many organizations and terms to which
we refer by acronym in this final rule
with comment period, we are listing
these acronyms and their corresponding
terms in alphabetical order below. In
addition, we are providing a table of
contents which follows the list of
acronyms to assist readers in referencing
sections contained in this preamble.
Acronyms
ABC American Board for Certification in
Orthotics and Prosthetics
A/B MAC Part A or Part B Medicare
Administrative Contractor
ACA ‘‘Affordable Care Act’’
APD Advance planning document
ASC Ambulatory surgical center
BBA Balanced Budget Act of 1997 (Pub. L.
105–33)
BIPA Medicare Medicaid, and SCHIP
Benefits Improvement Protection Act of
2000 (Pub. L. 106–544)
CAH Critical access hospital
CAP Competitive acquisition program
CBA Competitive bidding area
CFR Code of Federal Regulations
CHIP Children’s Health Insurance Program
CJIS Criminal Justice Information Services
CLIA Clinical laboratory improvement
amendments
CMHC Community mental health centers
CMS Centers for Medicare & Medicaid
Services
CON Certificate of Need
CoP Condition of participation
CORF Comprehensive outpatient
rehabilitation facility
CPI–U Consumer price index for all urban
consumers
DAB Department Appeal Board
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
DEA Drug Enforcement Agency
DHUD Department of Housing and Urban
Development
DME Durable medical equipment
DMEPOS Durable medical equipment
prosthetics, orthotics, and supplies
DOB Dates of birth
DOJ Department of Justice
EIN Employer Identification Number
EMTALA Emergency Medical Treatment
and Active Labor Act
VIN Vehicle Identifier Number
ESRD End-stage renal disease
EPLS General Service Administration’s
Excluded Parties List System
FBI Federal Bureau of Investigation
FFP Federal Financial Participation
FFS Medicare fee-for-service program
FQHC Federally qualified health center
GAO Government Accountability Office
HHAs Home health agencies
HHS [Department of] Health and Human
Services
HIO Health insuring organization
IAFIS Integrated Automated Fingerprint
Identification System
ICF/MR Intermediate care facilities for
persons with mental retardation
IDTF Independent diagnostic testing facility
IHCIA Indian Health Care Improvement Act
IHS Indian Health Service
IHSS In-home supportive services
IPF Inpatient psychiatric facility
IRF Inpatient rehabilitation facility
ISDEAA Indian Self-Determination and
Education Assistance Act
LEIE List of Excluded Individuals/Entities
MCEs Managed care entities
MFCU Medicaid fraud control unit
MAO Medicare Advantage organizations
MMA Medicare Prescription Drug,
Improvement, and Modernization Act of
2003 (Pub. L. 108–173)
NASDAQ National Association of
Securities Dealers Automated Quotation
System
NF Nursing facility
NPI National Provider Identifier
NPPES National Plan and Provider
Enumeration System
NSC National Supplier Clearinghouse
NTIS National Technical Information
Service
NPDB National Practitioner Data Bank
NYSE New York Stock Exchange
OIG Office of Inspector General
OMB Office of Management and Budget
OPO Organ procurement organization
PAHP Prepaid ambulatory health plan
PECOS Provider Enrollment, Chain, and
Ownership System
PIHP Prepaid inpatient health plan
PSC Program Safeguard Contractors
PTAN Provider transaction account number
RFA Regulatory Flexibility Act
RHC Rural health clinic
RNHCI Religious nonmedical health care
institution
SEC Securities and Exchange Commission
SMP Senior Medicare Patrol
SNFs Skilled nursing facilities
SPIA State Program Integrity Assessment
SSA Social Security Administration
SSA DMF Social Security Administration
Death Master File
SSN Social Security Number
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
TTAG Tribal Technical Advisory Group
WAN [FBI CJIS Division’s] Wide Area
Network
ZPIC Zone Program Integrity Contractors
Table of Contents
I. Background
II. Proposed Provisions and Responses to
Public Comments
A. Provider Screening Under Medicare,
Medicaid, and CHIP
1. Statutory Changes
2. Summary of Existing Screening
Measures
a. Licensure Requirements—Medicare and
Medicaid
b. Site Visits—Medicare
c. Database Checks—Medicare
d. Criminal Background Checks—Medicare
e. Medicare MAO Requirements
f. Fingerprinting—Medicare
g. Screening—Medicaid and CHIP
3. General Screening of Providers—
Medicare
a. Proposed Screening Requirements
(1) Limited
(2) Moderate
(3) High
b. Analysis of and Responses to Public
Comment on Medicare Screening
Categories
c. Final Screening Provision—Medicare
4. General Screening of Providers—
Medicaid and CHIP: Proposed Provisions
and Analysis of and Responses to Public
Comments
a. Database Checks—Medicaid and CHIP
b. Unscheduled and Unannounced Site
Visits—Medicaid and CHIP
c. Provider Enrollment and Provider
Termination—Medicaid and CHIP
d. Criminal Background Checks and
Fingerprinting—Medicaid and CHIP
e. Deactivation and Reactivation of
Provider Enrollment—Medicaid and
CHIP
f. Enrollment and NPI of Ordering or
Referring Providers—Medicaid and CHIP
g. Other State Screening—Medicaid and
CHIP
h. Final Screening Provisions—Medicaid
and CHIP
5. Solicitation of Additional Comments
Regarding the Implementation of the
Fingerprinting Requirements
B. Application Fee—Medicare, Medicaid,
and CHIP
1. Statutory Changes
2. Proposed Application Fee Provisions
C. Temporary Moratoria on Enrollment of
Medicare Providers and Suppliers,
Medicaid and CHIP Providers
1. Statutory Changes
2. Proposed Temporary Moratoria
Provisions
a. Medicare
b. Medicaid and CHIP
3. Analysis of and Responses to Public
Comment
4. Final Temporary Moratoria on
Enrollment of Medicare Providers and
Suppliers, Medicaid and CHIP
Provisions
D. Suspension of Payments
1. Medicare
a. Background
PO 00000
Frm 00003
Fmt 4701
Sfmt 4700
5863
b. Previous Medicare Regulations
c. Proposed Medicare Suspension of
Payments Requirements
2. Medicaid
a. Background
b. Previous Medicaid Regulations
c. Proposed Medicaid Suspension of
Payments Requirements
E. Proposed Approach and Solicitation of
Comments for Sections 6102 and 6401(a)
of the Affordable Care Act—Ethics and
Compliance Program
1. Statutory Changes
2. Proposed Ethics and Compliance
Program Provisions
3. Analysis of and Responses to Public
Comment
4. Final Provisions—Ethics and
Compliance Program
F. Termination of Provider Participation
Under the Medicaid Program and CHIP
if Terminated Under the Medicare
Program or Another State Medicaid
Program or CHIP
1. Statutory Change
2. Proposed Provisions for Termination of
Provider Participation Under the
Medicaid Program and CHIP if
Terminated Under the Medicare Program
or Another State Medicaid Program or
CHIP
3. Analysis of and Responses to Public
Comment
4. Final Provisions for Termination of
Provider Participation Under the
Medicaid Program and CHIP if
Terminated Under the Medicare Program
or Another State Medicaid Program or
CHIP
G. Additional Medicare Provider
Enrollment Provisions
1. Statutory Changes
2. Proposed Provisions for Additional
Medicare Provider Enrollment
3. Analysis of and Response to Public
Comments
4. Final Provisions for Additional Medicare
Provider Enrollment
H. Technical and General Comments
III. Collection of Information Requirements
A. ICRs Regarding Medicare Application
Fee Hardship Exception (§ 424.514)
B. ICRs Regarding Medicare Fingerprinting
Requirement (§ 424.518)
C. ICRs Regarding Medicaid Fingerprinting
Requirement (§ 455.434)
D. ICRs Regarding Suspension of Payments
in Cases of Fraud or Willful
Misrepresentation (§ 455.23)
E. ICRs Regarding Collection of SSNs and
DOBs for Medicaid and CHIP providers
(§ 455.104)
F. ICRs Regarding Site Visits for MedicaidOnly or CHIP-Only Providers (§ 455.450)
G. ICRs Regarding the Rescreening of
Medicaid Providers Every 5 Years
(§ 455.414).
IV. Response to Comments
V. Regulatory Impact Analysis
A. Statement of Need
B. Overall Impact
C. Anticipated Effects
1. Medicare
a. Enhanced Screening Procedures—
Medicare
b. Application Fee—Medicare
E:\FR\FM\02FER2.SGM
02FER2
5864
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
c. General Enrollment Framework
(1) New Enrollment
(2) Revalidation
2. Medicaid
a. Enhanced Screening Procedures
b. Application Fee—Medicaid
c. General Enrollment Framework
(1) New Enrollments
(2) Re-enrollment
3. Medicare and Medicaid
a. Moratoria on Enrollment of New
Medicare Providers and Suppliers and
Medicaid Providers
b. Suspension of Payments in Medicare
and Medicaid
D. Accounting Statement and Table
1. Medicare
2. Medicaid
E. Alternatives Considered
1. General Burden Minimization Efforts
2. Fingerprinting
3. Other Suggested Alternatives
F. Conclusion
Regulations Text
rmajette on DSK29S0YB1PROD with RULES2
I. Background
The Medicare program (title XVIII of
the Social Security Act (the Act)) is the
primary payer of health care for 47
million enrolled beneficiaries. Under
section 1802 of the Act, a beneficiary
may obtain health services from an
individual or an organization qualified
to participate in the Medicare program.
Qualifications to participate are
specified in statute and in regulations
(see, for example, sections 1814, 1815,
1819, 1833, 1834, 1842, 1861, 1866, and
1891 of the Act; and 42 CFR Chapter IV,
subchapter G, which concerns standards
and certification requirements).
Providers and suppliers furnishing
services must comply with the Medicare
requirements stipulated in the Act and
in our regulations. These requirements
are meant to ensure compliance with
applicable statutes, as well as to
promote the furnishing of high quality
care. As Medicare program expenditures
have grown, we have increased our
efforts to ensure that only qualified
individuals and organizations are
allowed to enroll or maintain their
Medicare billing privileges.
The Medicaid program (title XIX of
the Act) is a joint Federal and State
health care program for eligible lowincome individuals providing coverage
to more than 51 million people. States
have considerable flexibility in how
they administer their Medicaid
programs within a broad Federal
framework and programs vary from
State to State.
The Children’s Health Insurance
Program (CHIP) (title XXI of the Act) is
a joint Federal and State health care
program that provides health care
coverage to more than 7.7 million
otherwise uninsured children.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Historically, States, in operating
Medicaid and CHIP, have permitted the
enrollment of providers who meet the
State requirements for program
enrollment.
The Patient Protection and Affordable
Care Act (Pub. L. 111–148), as amended
by the Health Care and Education
Reconciliation Act of 2010 (Pub. L. 111–
152) (collectively known as the
Affordable Care Act or ACA) makes a
number of changes to the Medicare and
Medicaid programs and CHIP that
enhance the provider and supplier
enrollment process to improve the
integrity of the programs to reduce
fraud, waste, and abuse in the programs.
The following is an overview of some
of the statutory authority relevant to
enrollment in Medicare, Medicaid, and
CHIP:
• Sections 1102 and 1871 of the Act
provide general authority for the
Secretary of Health and Human Services
(the Secretary) to prescribe regulations
for the efficient administration of the
Medicare program. Section 1102 of the
Act also provides general authority for
the Secretary to prescribe regulations for
the efficient administration of the
Medicaid program and CHIP.
• Section 4313 of the Balanced
Budget Act of 1997 (BBA) (Pub. L. 105–
33) amended sections 1124(a)(1) and
1124A of the Act to require disclosure
of both the Employer Identification
Number (EIN) and Social Security
Number (SSN) of each provider or
supplier, each person with ownership or
control interest in the provider or
supplier, any subcontractor in which
the provider or supplier directly or
indirectly has a 5 percent or more
ownership interest, and any managing
employees including directors and
officers of corporations and non-profit
organizations and charities. The ‘‘Report
to Congress on Steps Taken to Assure
Confidentiality of Social Security
Account Numbers as required by the
Balanced Budget Act’’ was signed by the
Secretary and sent to the Congress on
January 26, 1999. This report outlines
the provisions of a mandatory collection
of SSNs and EINs effective on or after
April 26, 1999.
• Section 936(a)(2) of the Medicare
Prescription Drug, Improvement, and
Modernization Act of 2003 (MMA) (Pub.
L. 108–173) amended the Act to require
the Secretary to establish a process for
the enrollment of providers of services
and suppliers. We are authorized to
collect information on the Medicare
enrollment application (that is, the
CMS–855, (Office of Management and
Budget (OMB) approval number 0938–
0685)) to ensure that correct payments
are made to providers and suppliers
PO 00000
Frm 00004
Fmt 4701
Sfmt 4700
under the Medicare program as
established by title XVIII of the Act.
• Section 1902(a)(27) of the Act
provides general authority for the
Secretary to require provider agreements
under the Medicaid State Plans with
every person or institution providing
services under the State plan. Under
these agreements, the Secretary may
require information regarding any
payments claimed by such person or
institution for providing services under
the State plan.
• Section 2107(e) of the Act, which
provides that certain title XIX and title
XI provisions apply to States under title
XXI, including 1902(a)(4)(C) of the Act,
relating to conflict of interest standards.
• Section 1903(i)(2) of the Act
relating to limitations on payment.
• Section 1124 of the Act relating to
disclosure of ownership and related
information.
• Sections 6401, 6402, 6501, and
10603 of the ACA and 1304 of the
Health Care and Education
Reconciliation Act (Pub. L. 111–152)
amended the Act by establishing: (1)
Procedures under which screening is
conducted for providers of medical or
other services and suppliers in the
Medicare program, providers in the
Medicaid program, and providers in the
CHIP; (2) an application fee to be
imposed on providers and suppliers; (3)
temporary moratoria that the Secretary
may impose if necessary to prevent or
combat fraud, waste, and abuse under
the Medicare and Medicaid programs
and CHIP; (4) requirements that State
Medicaid agencies must terminate any
provider that is terminated by Medicare
or another State plan; (5) requirements
for suspensions of payments pending
credible allegations of fraud in both the
Medicare and Medicaid programs.
II. Proposed Provisions and Responses
to Public Comments
We received approximately 300
timely pieces of correspondence
containing multiple comments on the
Additional Screening Requirements,
Application Fees, Temporary
Enrollment Moratoria, Payment
Suspensions and Compliance Plans for
Providers and Suppliers proposed rule
published September 23, 2010 (75 FR
58204). We note that we received some
comments that were outside the scope
of the proposed rule. These comments
are not addressed in this final rule with
comment period. Summaries of the
public comments that are within the
scope of the proposals and our
responses to those comments are set
forth in the various sections of this final
rule with comment period under the
appropriate headings.
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
A. Provider Screening Under Medicare,
Medicaid, and CHIP
rmajette on DSK29S0YB1PROD with RULES2
1. Statutory Changes
Section 6401(a) of the ACA, as
amended by section 10603 of the ACA,
amends section 1866(j) of the Act to add
a new paragraph, paragraph ‘‘(2)
Provider Screening.’’ Section
1866(j)(2)(A) of the Act requires the
Secretary, in consultation with the
Department of Health of Human
Services’ Office of the Inspector General
(HHS OIG), to establish procedures
under which screening is conducted
with respect to providers of medical or
other items or services and suppliers
under Medicare, Medicaid, and CHIP.
Section 1866(j)(2)(B) of the Act requires
the Secretary to determine the level of
screening to be conducted according to
the risk of fraud, waste, and abuse with
respect to the category of provider of
medical or other items or services or
supplier. The provision states that the
screening shall include a licensure
check, which may include such checks
across State lines; and the screening
may, as the Secretary determines
appropriate based on the risk of fraud,
waste, and abuse, include a criminal
background check; fingerprinting;
unscheduled or unannounced site visits,
including pre-enrollment site visits;
database checks, including such checks
across State lines; and such other
screening as the Secretary determines
appropriate. Section 1866(j)(2)(C) of the
Act requires the Secretary to impose a
fee on each institutional provider of
medical or other items or services or
supplier that would be used by the
Secretary for program integrity efforts
including to cover the cost of screening
and to carry out the provisions of
sections 1866(j) and 1128J of the Act.
We discussed the fee in section II.B. of
the proposed rule.
Section 6401(b) of the ACA amends
section 1902 of the Act to add new
paragraph (a)(77) and (ii), which
requires States to comply with the
process for screening providers and
suppliers as established by the Secretary
under 1866(j)(2) of the Act.1 Note that
section 6401(b) of the ACA erroneously
added a duplicate section 1902(ii) to the
1 We believe that the reference to section
1886(j)(2) of the Act in section 6401(b)(1) of the
ACA is a scrivener’s error. We believe the Congress
intended to refer to section 1866(j)(2) of the Act,
which, as amended by section 6401(a) of the ACA,
requires the Secretary to establish a process for
screening providers and suppliers. Because the
drafting error is apparent, and a literal reading of
the reference to section 1886(j)(2) of the Act would
produce absurd results, we interpret the crossreference to section 1886(j)(2) in the new section
1902(kk) of the Act as if the reference were to
section 1866(j)(2).
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Act. Therefore, in the Medicare and
Medicaid Extenders Act of 2010 (Pub. L.
111–309), the Congress enacted a
technical correction to redesignate the
section 1902(ii) of the Act added by
section 6401(b) of ACA as section
1902(kk) of the Act. In this regulation,
we therefore reference section 1902(kk)
of the Act when referring to the
provisions added by section 6401(b) of
the ACA.
We noted in the proposed rule that
the statute uses the terms ‘‘providers of
medical or other items or services,’’
‘‘institutional providers,’’ and
‘‘suppliers.’’ The Medicare program
enrolls a variety of providers and
suppliers, some of which are referred to
as ‘‘providers of services,’’ ‘‘institutional
providers,’’ ‘‘certified providers,’’
‘‘certified suppliers,’’ and ‘‘suppliers.’’ In
Medicare, the term ‘‘providers of
services’’ under section 1861(u) of the
Act means health care entities that
furnish services primarily payable
under Part A of Medicare, such as
hospitals, home health agencies
(including home health agencies
providing services under Part B),
hospices, and skilled nursing facilities.
The term ‘‘suppliers’’ defined in section
1861(d) of the Act refers to health care
entities that furnish services primarily
payable under Part B of Medicare, such
as independent diagnostic testing
facilities (IDTFs), durable medical
equipment prosthetics, orthotics, and
supplies (DMEPOS) suppliers, and
eligible professionals, which refers to
health care suppliers who are
individuals, that is, physicians and the
other professionals listed in section
1848(k)(3)(B) of the Act. For Medicaid
and CHIP, we use the terms ‘‘providers’’
or ‘‘Medicaid providers’’ or ‘‘CHIP
providers’’ when referring to all
Medicaid or CHIP health care providers,
including individual practitioners,
institutional providers, and providers of
medical equipment or goods related to
care. The term ‘‘supplier’’ has no
meaning in the Medicaid program or
CHIP.
The new screening procedures
implemented pursuant to new section
1866(j)(2) of the Act are applicable to
newly enrolling providers and
suppliers, including eligible
professionals, beginning on March 25,
2011. These new procedures are
applicable to currently enrolled
Medicare, Medicaid, and CHIP
providers, suppliers, and eligible
professionals beginning on March 23,
2012. These new screening procedures
implemented pursuant to new section
1866(j)(2) of the Act are applicable
beginning on March 25, 2011 for those
providers and suppliers currently
PO 00000
Frm 00005
Fmt 4701
Sfmt 4700
5865
enrolled in Medicare, Medicaid, and
CHIP who revalidate their enrollment
information. Within Medicare, the
March 25, 2011 implementation date
will impact those current providers and
suppliers whose 5-year revalidation
cycle (or 3-year revalidation cycle for
DMEPOS suppliers) results in
revalidation occurring on or after March
25, 2011 and before March 23, 2012.
The requirements for revalidation are
discussed in § 424.515. It is important to
note that revalidation—for purposes of
both provider enrollment in general and
this final rule with comment period—
does not include routine changes of
information as described in § 424.516(d)
and (e), such as address changes or
changes in phone number.
2. Summary of Existing Screening
Measures
Before we outline the new measures
we are finalizing under the ACA, it may
be helpful to provide a summary of
some of the screening measures already
being utilized in Medicare, Medicaid,
and CHIP. Pursuant to other authority,
but with the notable exception of
background checks and fingerprinting,
Medicare, generally through private
contractors, already employs a number
of the screening practices described in
section 1866(j)(2)(B) of the Act to
determine if a provider or supplier is in
compliance with Federal and State
requirements to enroll or to maintain
enrollment in the Medicare program.
We also believe it important to note
that nothing in this rule is intended to
abridge our established screening
authority under existing statutes and
regulations or to diminish the screening
that providers and suppliers currently
undergo. To the contrary; the provisions
specified in this final rule with
comment period are intended to
enhance our existing authority. This
rule’s provisions, in other words, set
‘‘floors’’—not ceilings—on enrollment
requirements for each screening level.
a. Licensure Requirements—Medicare
and Medicaid
Over the past several years, we have
taken a number of steps to strengthen
our ability to deny or revoke Medicare
billing privileges when providers or
suppliers do not have or do not
maintain the applicable State licensure
requirements for their provider or
supplier type or profession. We
established reporting responsibilities for
all providers, suppliers, and eligible
professionals in earlier regulations at
§ 424.516(b) through (e). To ensure that
only qualified providers and suppliers
remain in the Medicare fee-for-service
(FFS) program, we require that Medicare
E:\FR\FM\02FER2.SGM
02FER2
5866
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
rmajette on DSK29S0YB1PROD with RULES2
contractors review State licensing board
data on a monthly basis to determine if
providers and suppliers remain in
compliance with State licensure
requirements. Medicare billing
privileges would be revoked for those
providers and suppliers who do not
report a final adverse action (for
example, license revocation or
suspension, felony conviction) within
the applicable reporting period, as
required in § 424.516(b) through (e).
Medicare suppliers of DMEPOS and
IDTFs are already subject to similar
provisions in § 424.57(c) and
§ 410.33(g), respectively. DMEPOS
suppliers are also subject to additional
requirements including accreditation
and surety bonding, pursuant to
§ 424.57(c)(22) through (26) and
§ 424.57(d).
Medicare Advantage organizations
(MAOs) are required to verify licensure
of providers and suppliers, including
physicians and other health care
professionals, in accordance with
§ 422.204.
For Medicaid and CHIP, most States
do some checking of in-State provider
licenses, but the extent of scrutiny
varies. For example, in some States, the
existence of the license may be verified,
but little attention might be given to any
restrictions on the license.
b. Site Visits—Medicare
Pursuant to § 424.517, Medicare
conducts the following site visits and
takes the following actions, generally
through private contractors under CMS
direction:
• The National Supplier
Clearinghouse (NSC) Medicare
Administrative Contractor (the Medicare
contractor that processes enrollment
applications for suppliers of DMEPOS)
conducts pre-enrollment site visits to
DMEPOS suppliers that are not
associated with a chain supplier of
DMEPOS (a chain supplier of DMEPOS
is a supplier with 25 or more distinct
practice locations.)
• The NSC also conducts
unannounced post-enrollment site visits
to DMEPOS suppliers for which CMS or
the NSC believes there is a likelihood of
fraudulent or abusive activities to
ensure those DMEPOS suppliers remain
in compliance with the supplier
standards found at § 424.57(c). CMS at
times exercises its right to—
• Have the NSC conduct ad hoc preand post-enrollment site visits to any
DMEPOS supplier;
• Have Medicare contractors conduct
pre-enrollment site visits to all IDTFs;
and
• Conduct ad hoc pre-and post
enrollment site visits to any prospective
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Medicare provider and supplier or any
enrolled Medicare provider or supplier.
In addition, under 42 CFR parts 488
and 489, a State survey agency or an
approved national accreditation
organization with deeming authority
conducts pre-enrollment surveys for
certified providers and suppliers to
determine whether they meet the
applicable Federal conditions and
requirements for their provider or
supplier type before they can participate
in the Medicare program.
We note that the site visits discussed
here and elsewhere within this
preamble and the final regulations are
separate and apart from the site visits
that are conducted pursuant to the
Clinical Laboratory Improvement
Amendments (CLIA). We will work with
our State survey agency partners in
coordinating these site visits so as to
avoid duplication and burden on
providers.
c. Database Checks—Medicare
Under existing regulation, Medicare
contractors employ database checks of
eligible professionals, owners,
authorized officials, delegated officials,
managing employees, medical directors,
and supervising physicians (at IDTFs
and laboratories) as part of the Medicare
provider and supplier enrollment
process. These include database checks
with the Social Security Administration
(SSA) (to verify an individual’s SSN),
the National Plan and Provider
Enumeration System (NPPES) to verify
the National Provider Identifier (NPI) of
an eligible professional, and State
licensing board checks to determine if
an eligible professional is appropriately
licensed to furnish medical services
within a given State. These checks also
include checking a provider or supplier
against the HHS OIG’s List of Excluded
Individuals/Entities (LEIE) and the
General Service Administration’s
Excluded Parties List System (EPLS).
All of the database checks have been
used to assess the eligibility and
qualifications of providers and suppliers
to enroll in the Medicare program, to
confirm the identity of an eligible
professional to ensure that he or she
may be considered for enrollment in the
Medicare program.
Also, on a monthly basis, CMS’
Medicare contractors systematically
compare enrolled providers, suppliers,
and eligible professionals against the
information in the Medicare Exclusions
Database. The Medicare Exclusions
Database identifies providers, suppliers,
and eligible professionals who have
been excluded from the Medicare and
Medicaid programs by the HHS OIG.
When a match is found, the HHS OIG
PO 00000
Frm 00006
Fmt 4701
Sfmt 4700
exclusion information is systematically
noted in the Medicare enrollment record
of the provider, supplier, or eligible
professional. In the Medicare program,
we deny or revoke the billing privileges
of providers, suppliers, and eligible
professionals who have been excluded
by the HHS OIG. If the HHS OIG lifts the
exclusion, the provider, supplier or
eligible professional must reapply for
enrollment in the Medicare program. In
addition, Medicare contractors also
review State licensure Web sites on a
monthly basis to ensure that eligible
professionals continue to meet State
licensing requirements.
In addition, since January 2009, we
have compared date of death
information obtained from the Social
Security Administration Death Master
File (SSA DMF) with the information
maintained in the National Plan and
Provider Enumeration System (NPPES),
the system that assigns an NPI to
individuals and organizations. Based on
this comparison and the subsequent
verification, we have deactivated the
NPIs of more than 11,500 individuals
who were previously assigned a type 1
(individual) NPI. We automatically
transfer this information from NPPES to
the Provider Enrollment, Chain, and
Ownership System (PECOS), CMS’
national Medicare enrollment repository
to deactivate a deceased individual’s
Medicare billing privileges. In addition,
Medicare contractors are required to
review and act upon monthly files that
contain a list of non-practitioner
individuals enrolled in the Medicare
program who have been reported to the
SSA as deceased. These individuals
include: Owners, authorized officials,
and delegated officials.
MAOs, as required by § 422.204,
generally use database checks to verify
licensure and licensure sanctions and
limitations with State licensing boards
and the Federation of State Medical
Boards, DEA certificates with the
National Technical Information Service
(NTIS), history of adverse professional
review actions and malpractice from the
National Practitioner Data Bank (NPDB),
accreditation status of institutional
providers and suppliers with national
accrediting boards, such as The Joint
Commission (TJC), and search for HHS
OIG exclusions using the HHS OIG Web
site https://oig.hhs.gov/fraud/exclusions/
exclusions_list.asp.
d. Criminal Background Checks—
Medicare
Section 6401(a) of the ACA amended
Section 1866(j) of the Act authorized the
Secretary to perform criminal
background checks. As described in
§ 424.530(a) and § 424.535(a), CMS or its
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
rmajette on DSK29S0YB1PROD with RULES2
designated Medicare contractor may
deny or revoke the Medicare billing
privileges of the owner of a provider or
supplier, a physician or non-physician
practitioner, and terminate any
corresponding provider or supplier
agreement for a number of reasons,
including an exclusion from the
Medicare, Medicaid, and any other
Federal health care program, a felony
within the preceding 10 years that is
considered detrimental to the Medicare
program, and/or submission of false or
misleading information on the Medicare
enrollment application. While we
require our Medicare contractors to
verify data submitted on, and as part of,
the Medicare provider/supplier
enrollment application, our contractors
are not able to verify information that
may have been purposefully omitted or
changed in a manner to obfuscate any
previous criminal activity. A 2005
report issued by the National Task Force
on the Criminal Backgrounding of
America, sponsored by the Bureau of
Justice Statistics and the U.S.
Department of Justice, defined a
Criminal History Record Check as a
check that returns records from official
criminal repositories (meaning State
repositories and the Federal Bureau of
Investigations (FBI) Interstate
Identification Index that links Federal
and State criminal record systems), and
the FBI uses the same terminology. For
purposes of responding to comments in
this document we use the term criminal
history record check to mean criminal
background checks when referring to
such fingerprint-based checks. Criminal
History Record Checks have not been
historically used in the FFS Medicare
enrollment screening process.
e. Medicare MAO Requirements
As mentioned earlier in this section,
MAOs already employ a number of
screening procedures in accordance
with regulations and CMS manual
instructions. Specifically, under
§ 422.204(b)(3) in the case of providers
meeting the definition of ‘‘provider of
services’’ in section 1861(u) of the Act,
basic benefits may only be provided
through providers if they have a
provider agreement with us permitting
them to furnish services under original
Medicare. With respect to other entities
like suppliers, § 422.204(b)(3) requires
that they ‘‘meet the applicable
requirements of title XVIII and Part A of
title XI of the Act.’’ Given these
requirements we considered to what
extent MAOs would be required to
apply the identical screening
requirements we proposed for the
original Medicare program or whether
substantively similar alternative
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
approaches adopted by MAOs would be
acceptable. Accordingly, we solicited
public comments on whether or to what
extent MAOs should be required to
implement the same enhanced
screening requirements for providers,
suppliers and physicians that we
proposed for the original Medicare
program.
f. Fingerprinting—Medicare
Previous to this final rule with
comment period fingerprinting and
fingerprint-based criminal history
record information from the FBI was not
used in the Medicare enrollment
screening process.
g. Screening—Medicaid and CHIP
States vary in the degree to which
they employ screening methods such as
unscheduled and unannounced site
visits and database checks, including
such checks across State lines, criminal
background checks, and fingerprinting.
However, at least a few States utilize
each of those methods.
States also varied in what they require
their managed care entities (MCEs) 2 to
do in terms of screening network-level
providers that are not also enrolled in
the Medicaid program as FFS providers.
We considered to what extent States
must require their MCEs to apply the
identical screening requirements we
proposed for the States or whether
substantively similar alternative
approaches adopted by MCEs are
acceptable. Accordingly, we solicited
public comments on whether or to what
extent MCEs should be required to
implement the same enhanced
screening requirements for Medicaid
and CHIP providers that we proposed
for State Medicaid and CHIP programs.
We again stress that the provider
enrollment verification tools that we are
currently using—including, but not
limited to, those described previously—
will not in any way be diminished as a
result of this final rule with comment
period. In other words, the validation
techniques in this rule do not supplant
those that are presently in use.
2 For purposes of this preamble and the final
regulations, ‘‘managed care entity’’ and ‘‘MCE’’ will
have the meaning Medicaid managed care
organization (MCO), primary care case manager
(PCCM), prepaid inpatient health plan (PIHP),
prepaid ambulatory health plan (PAHP), and health
insuring organization (HIO). This definition differs
from the meaning in section 1932(a)(1)(B) of the
Social Security Act, which limits MCEs to Medicaid
MCOs and PCCMs. We are using a more inclusive
definition for the regulation so that all those entities
in States’ managed care programs will provide
disclosure information.
PO 00000
Frm 00007
Fmt 4701
Sfmt 4700
5867
3. General Screening of Providers—
Medicare
a. Proposed Screening Requirements
Section 1866(j)(2)(B) of the Act
requires the Secretary to determine the
level of screening applicable to
providers and suppliers according to the
risk of fraud, waste, and abuse the
Secretary determines is posed by
particular provider and supplier
categories.
In considering how to establish
consistent screening standards, we
proposed to designate provider and
supplier categories that are subject to
certain screening procedures based on
CMS’ assessment of fraud, waste and
abuse risk of the provider or supplier
category, taking into consideration a
variety of factors. These factors include
our own experience with claims data
used to identify fraudulent billing
practices as well as the expertise
developed by our contractors charged
with investigating and identifying
instances of Medicare fraud across a
broad spectrum of providers. In
addition, CMS has relied on insights
gained from numerous studies
conducted by the HHS–OIG, GAO, and
other sources. We have designated
categories of providers or suppliers (for
example, ‘‘newly enrolling DME
suppliers’’ or ‘‘currently enrolled home
health agencies’’) that are subject to
screening procedures based on our
assessment of the level of screening
based on the risk presented by the
category of provider. There are three
levels of screening and associated risk:
‘‘limited,’’ ‘‘moderate’’ and ‘‘high,’’ and
each provider/supplier category is
assigned to one of these three screening
levels. The categories described below
and associated risk levels assigned are
designed to identify those categories of
providers and suppliers that pose a risk
of fraud, waste, and abuse.
The screening procedures applicable
to each screening level are set by us and
are included in this final rule with
comment period. Under this approach,
the relevant Medicare contractor (for
example, fiscal intermediary, regional
home health intermediary, carriers, Part
A or Part B Medicare Administrative
Contractor (A/B MAC), or the NSC
Administrative Contractor) would
utilize the screening tools mandated by
us for the screening level assigned to a
particular provider or supplier category.
We solicited comments on the
proposed assignment of specific
provider and supplier types to the
proposed risk screening levels,
including what criteria should be
considered in making such assignments,
whether such assignments should be
E:\FR\FM\02FER2.SGM
02FER2
5868
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
released publicly, whether they should
be subject to agency review and updated
according to an established schedule
(that is, annually, bi-annually), and the
extent to which they should be updated
according to evolving risks. We also
solicited comments on any additional
database checks that we should consider
as a type of screening.
Based on the level of screening
assigned, we proposed that the
Medicare contractors would establish
and conduct the following categorical
screenings.
TABLE 1—PROPOSED SCREENING LEVELS AND PROCEDURES FOR MEDICARE PHYSICIANS, NON-PHYSICIAN
PRACTITIONERS, PROVIDERS, AND SUPPLIERS
Type of screening required
Limited
Moderate
High
Verification of any provider/supplier-specific requirements established by Medicare ................
Conduct license verifications, (may include licensure checks across States) ............................
Database Checks (to verify Social Security Number (SSN), the National Provider Identifier
(NPI), the National Practitioner Data Bank (NPDB) licensure, an OIG exclusion; taxpayer
identification number; tax delinquency; death of individual practitioner, owner, authorized
official, delegated official, or supervising physician) ................................................................
Unscheduled or Unannounced Site Visits ...................................................................................
Criminal Background Check ........................................................................................................
Fingerprinting ...............................................................................................................................
X
X
X
X
X
X
X
........................
........................
........................
X
X
........................
........................
X
X
X
X
As described previously, we already
require Medicare contractors to ensure
that every provider or supplier meets
any applicable Federal regulations or
State requirements, including applicable
licensure requirements 3 for the provider
or supplier type prior to making an
enrollment determination. In addition,
we also require that Medicare
contractors conduct monthly reviews of
State licensing board actions to
determine if an individual practitioner,
such as a physician or non-physician
practitioner continues to meet State
licensing requirements. In the case of
organizational entities, we also require
our Medicare contractors to conduct
monthly or periodic checks to
determine if an organizational entity
continues to meet the Federal and State
requirements for its provider or supplier
type. Such verifications help ensure that
a prospective provider or supplier is
eligible to participate in the Medicare
program or that an existing provider or
supplier is eligible to maintain its
Medicare billing privileges.
Previous to this final rule with
comment period, in the Medicare
program, DMEPOS suppliers were
required to re-enroll every 3 years, and
other providers were required to
revalidate their enrollment every
5 years. The terms revalidation and re-
rmajette on DSK29S0YB1PROD with RULES2
3 We
note that under section 408 of the
reauthorized Indian Health Care Improvement Act,
‘‘[a]ny requirement for participation as a provider of
health care services under a Federal health care
program that an entity be licensed or recognized
under the State or local law where the entity is
located to furnish health care services shall be
deemed to have been met in the case of an entity
operated by the [Indian Health] Service, an Indian
tribe, tribal organization, or urban Indian
organization if the entity meets all the applicable
standards for such licensure or recognition,
regardless of whether the entity obtains a license or
other documentation under such State or local law.’’
25 U.S.C. 1647a.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
enrollment were often used
interchangeably, but are actually
specific to these provider types. To
eliminate any confusion about which
term applies to which provider or
supplier, we proposed language at
§ 424.57(e) to change all references from
re-enroll or re-enrollment to revalidate
or revalidation. In addition, the ACA
requires that no provider or supplier
shall be allowed to enroll in Medicare
or revalidate its enrollment in Medicare
after March 23, 2013 without being
screened pursuant to the authorities
covered by this final rule with comment
period. To assist us in assuring that the
statutory effective date is met, we
proposed at § 424.515 to permit us to
require that a provider or supplier
revalidate its enrollment at any time.
After the revalidation, the current cycle
for revalidation (3 years for DMEPOS,
and 5 years for all other providers)
would apply.
(1) Limited
Based on our own analysis of
historical trends and our own
experience with provider screening and
enrollment we proposed that, as a
category, the following providers and
suppliers pose a limited risk to the
Medicare program: Physician or nonphysician practitioners and medical
groups or clinics; providers or suppliers
that are publicly traded on the NYSE or
NASDAQ; ambulatory surgical centers
(ASCs); end-stage renal disease (ERSD)
facilities; Federally qualified health
centers (FQHCs); histocompatibility
laboratories; hospitals, including critical
access hospitals (CAHs); Indian Health
Service (IHS) facilities; mammography
screening centers; organ procurement
organizations (OPOs); mass
immunization roster billers, portable xray suppliers; religious nonmedical
PO 00000
Frm 00008
Fmt 4701
Sfmt 4700
health care institutions (RNHCIs); rural
health clinics (RHCs); radiation therapy
centers; skilled nursing facilities (SNFs),
and public or government-owned
ambulance services suppliers.
In § 424.518(a), we proposed that the
following screening tools will apply to
providers and suppliers in categories
designated as limited risk: (1)
Verification that a provider or supplier
meets any applicable Federal
regulations, or State requirements for
the provider or supplier type prior to
making an enrollment determination; (2)
verification that a provider or supplier
meets applicable licensure
requirements; and (3) database checks
on a pre- and post-enrollment basis to
ensure that providers and suppliers
continue to meet the enrollment criteria
for their provider/supplier type.
To assist readers in understanding the
type of providers and suppliers that we
proposed to include in the limited risk
screening level, we are providing the
following table.
TABLE 2—PROPOSED MEDICARE PROVIDERS AND SUPPLIERS DESIGNATED
AS A ‘‘LIMITED’’ CATEGORICAL RISK
FOR SCREENING PURPOSES
Provider/supplier category
Physician or non-physician practitioners and
medical groups or clinics.
Providers or suppliers that are publicly traded
on the NYSE or NASDAQ.
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
TABLE 2—PROPOSED MEDICARE PROVIDERS AND SUPPLIERS DESIGNATED
AS A ‘‘LIMITED’’ CATEGORICAL RISK
FOR SCREENING PURPOSES—Continued
Provider/supplier category
rmajette on DSK29S0YB1PROD with RULES2
Ambulatory surgical centers, end-stage renal
disease facilities, Federally qualified health
centers, histocompatibility laboratories,
hospitals, including critical access hospitals, Indian Health Service facilities,
mammography screening centers, organ
procurement organizations, mass immunization roster billers, portable x-ray supplier,
religious non-medical health care institutions, rural health clinics, radiation therapy
centers, skilled nursing facilities, and public
or government-owned or -affiliated ambulance service suppliers.
(2) Moderate
Based on our experience, we
proposed that community mental health
centers (CMHCs); comprehensive
outpatient rehabilitation facilities
(CORFs); hospice organizations;
independent diagnostic testing facilities
(IDTFs); independent clinical
laboratories; and non-public, nongovernment owned or affiliated
ambulance services suppliers pose a
moderate risk to the Medicare program.
However, we provided that any such
provider or supplier that is publicly
traded on the NYSE or NASDAQ would
be considered limited risk. Furthermore,
we proposed that currently enrolled
(revalidating) home health agencies
would be considered ‘‘moderate’’ risk,
except any such provider that is
publicly traded on the NYSE or
NASDAQ would be considered limited
risk. Finally, we proposed that currently
enrolled (re-validating) suppliers of
DMEPOS pose a moderate risk, except
that any such supplier that is publicly
traded on the NYSE or NASDAQ would
be considered ‘‘limited’’ risk. We
provide our rationale for these
categories in this section below.
For those provider and supplier
categories in the ‘‘moderate’’ screening
level, we proposed that Medicare
contractors would conduct
unannounced pre- and/or postenrollment site visits in addition to
those screening tools applicable to the
limited level of screening. Based on the
success of pre-and/or post enrollment
site visits conducted by the NSC during
the enrollment process for suppliers of
DMEPOS and a similar process
established by carriers and A/B MACs
during the enrollment of IDTFs, we
believe that unscheduled and
unannounced pre-and post-enrollment
site visits help ensure that suppliers are
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
operational and meet applicable
supplier standards or performance
standards. In addition, we believe that
unscheduled and unannounced pre-and
post-enrollment site visits are an
essential tool in determining whether a
provider or supplier is in compliance
with its reporting responsibilities,
including the requirement in § 424.516
to notify the Medicare contractor of any
change of practice location.
Moreover, § 424.530(a)(5) and
§ 424.535(a)(5) give us the authority to
deny or revoke Medicare billing
privileges for providers and suppliers if
the provider or supplier is not
operational or the provider does not
maintain the established provider or
supplier performance standards. And
while we do not believe that
unscheduled or unannounced site visits
are necessary for all providers and
suppliers, we do believe that a number
of businesses, like the ones mentioned
below, pose an increased risk to the
Medicare program, due at least in part
to the lack of individual professional
licensure.
In addition, as discussed below, we
have found that certain types of
providers and suppliers that easily enter
a line or business without clinical or
business experience—for example, by
leasing minimal office space and
equipment—present a higher risk of
possible fraud to our programs. As such,
we believe that because these types of
providers pose an increased risk of
fraud they should be subject to
substantial scrutiny before being
permitted to enroll and bill Medicare,
Medicaid, or CHIP. This type of preenrollment scrutiny will help us move
away from the ‘‘pay and chase’’
approach.
Most of the provider and supplier
categories in the moderate screening
level are generally highly dependent on
Medicare, Medicaid, or CHIP to pay
their salaries and other operating
expenses and are subject to less
additional government or professional
oversight than the providers and
suppliers in the limited risk screening
level. Accordingly, we believe it is
appropriate and necessary to conduct
unscheduled and unannounced preenrollment site visits to ensure that
these prospective providers and
suppliers meet our enrollment
requirements prior to enrolling in the
Medicare program. Moreover, we
believe that post-enrollment site visits
are also important to ensure that the
enrolled provider or supplier remains a
viable health care provider or supplier
in the Medicare program.
Accordingly, we proposed in
§ 424.518(b) that in addition to the
PO 00000
Frm 00009
Fmt 4701
Sfmt 4700
5869
categorical screening tools used with
respect to limited risk providers and
suppliers, Medicare contractors would
conduct unannounced and unscheduled
site visits prior to enrolling the
providers and suppliers assigned to the
moderate risk screening level, as set
forth earlier in this Section.
In the proposed rule, we set forth our
rationale for the assessment of risk
ascribed to the providers and suppliers
assigned to the ‘‘moderate’’ level of
screening. First, we noted that HHS OIG
and GAO have issued studies indicating
that several of the provider and supplier
types cited previously pose an elevated
risk of fraud, waste and abuse to the
Medicare and Medicare programs and
CHIP. In an October 2007 report titled,
‘‘Growth in Advanced Imaging Paid
under the Medicare Physician Fee
Schedule’’ (OEI–01–06–00260), the HHS
OIG recommended that CMS consider
conducting site visits to monitor IDTFs’
compliance with Medicare
requirements.’’ In addition, in an April
2007 report titled, ‘‘Medicare Hospices:
Certification and Centers for Medicare &
Medicaid Services Oversight’’ (OEI–06–
05–00260), the HHS OIG recommended
that CMS seek legislation to establish
additional enforcement remedies for
poor hospice performance. In response
to this recommendation, CMS stated
that it was considering whether to
pursue new enforcement remedies for
poor hospice performance. While the
Medicare enrollment process is not
designed to verify the conditions of
participation, we do believe that more
frequent onsite visits may help identify
those hospice organizations that are no
longer operational at the practice
location identified on the Medicare
enrollment application.
In a January 2006 report titled,
‘‘Medicare Payments for Ambulance
Transports’’ (OEI–05–02–000590), the
HHS OIG found that ‘‘25 percent of
ambulance transports did not meet
Medicare’s program requirements,
resulting in an estimated $402 million
in improper payments.’’
In an August 2004 report titled,
‘‘Comprehensive Outpatient
Rehabilitation Facilities: High Medicare
Payments in Florida Raise Program
Integrity Concerns’’ (GAO–04–709), the
GAO concluded that, ‘‘[s]izeable
disparities between Medicare therapy
payments per patient to Florida CORFs
and other facility-based outpatient
therapy providers in 2002—with no
clear indication of differences in patient
needs—raise questions about the
appropriateness of CORF billing
practices. After finding high rates of
medically unnecessary therapy services
to CORFs, CMS’s claims administration
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5870
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
contractor for Florida took steps to
ensure appropriate claim payments for a
small, targeted group of CORF patients.
Despite its limited success, billing
irregularities continued among some
CORFs and many CORFs continued to
receive relatively high payments the
following year. This suggests that the
contractor’s efforts were too limited in
scope to be effective with all CORF
providers.’’
In addition to GAO and HHS OIG
studies and reports, a number of Zone
Program Integrity Contractors (ZPIC)
and Program Safeguard Contractors
(PSC) used by CMS in helping to fight
fraud in Medicare, have taken a number
of administrative actions including
payment suspensions and increased
medical review, for the provider and
supplier types shown previously. For
example, the Zone 7 ZPIC contractor in
South Florida has conducted onsite
reviews at 62 CORFs since January 2010
and recommended revocation for 51
CORFs, or 82 percent of the CORFS in
the area. The same contractor has
conducted an onsite reviews at 38
CMHCs located in Dade, Broward, and
Palm Beach County since January 2010,
and recommended that 30 CMHCs be
revoked for noncompliance (79 percent
of the CMHCs in the area). In each
instance where the ZPIC requested a
revocation, the CMHC was also placed
on prepay review. We have also
conducted an analysis of IDTF licensure
requirements and have found several
circumstances that indicate irregularity
and potential risk of fraud. Although
independent clinical laboratories are
subject to survey against CLIA
requirements, there are nonetheless a
number of potentials for fraud, not the
least of which is the sheer volume of
service and associated billing generated
by these entities.
We believe that there is ample
evidence to support the use of postenrollment site visits as a reliable and
effective tool to ensure that a current
supplier of DMEPOS remains
operational and continues to meet the
supplier standards found in § 424.57(c).
In a March 2007 report titled, ‘‘Medical
Equipment Suppliers Compliance with
Medicare Enrollment Requirements’’
(OEI–04–05–00380), the HHS OIG
concluded that, ‘‘By helping to ensure
the legitimacy of DMEPOS suppliers,
out-of-cycle site visits may help to
prevent fraud, waste, and abuse in the
Medicare program. CMS may want to
consider the findings of our study as
they determine how and to what extent
out-of-cycle site visits of DMEPOS
suppliers will occur.’’ Today, the NSC
MAC utilizes post-enrollment site visits
as the primary screening to determine
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
ongoing compliance with the
enrollment criteria set forth in
§ 424.57(c). Therefore, we have included
currently enrolled DMEPOS suppliers in
the ‘‘moderate’’ category.
We also noted that, in addition to the
new screening measures proposed in the
proposed rule under the existing
regulation at § 424.517, a Medicare
contractor may conduct an
unannounced or unscheduled site visit
at any time for any provider or supplier
type prior to enrolling a prospective
provider or supplier or for any existing
provider or supplier enrolled in the
Medicare program. While the primary
purpose of an unannounced and
unscheduled site visit is to ensure that
a provider or supplier is operational at
the practice location found on the
Medicare enrollment application, a
Medicare contractor may also verify
established supplier standards or
performance standards other than
conditions of participation (CoP) subject
to survey and certification by the State
Survey agency, where applicable, to
ensure that the supplier remains in
compliance with program requirements.
To assist readers in understanding the
type of providers and suppliers that we
proposed to be in the ‘‘moderate’’ risk
screening level, we are providing the
following table.
background check; and (2) submission
of fingerprints using the FD–258
standard fingerprint card. (The FD–258
fingerprint card is recognized nationally
and can be found at local, county or
State law enforcement agencies where,
for a fee, agencies will supply the card
and take the fingerprints.) We proposed
that these tools would be applied to
owners, authorized or delegated officials
or managing employees of any provider
or supplier assigned to the ‘‘high’’ level
of screening. We believe that criminal
background checks will assist us in
determining if such individuals
submitted a complete and truthful
Medicare enrollment application and
whether an individual is eligible to
enroll in the Medicare program or
maintain Medicare billing privileges.
We believe that this position is
supported by testimony of the GAO
before the subcommittees for Health and
Oversight and Ways and Means within
the House of Representatives on June
15, 2010, stating in part that ‘‘[c]hecking
the background of providers at the time
they apply to become Medicare
providers is a crucial step to reduce the
risk of enrolling providers intent on
defrauding or abusing the program. In
particular, we have recommended
stricter scrutiny of enrollment processes
for two types of providers whose
services and items CMS has identified
TABLE 3—PROPOSED MEDICARE PRO- as especially vulnerable to improper
VIDERS AND SUPPLIERS DESIGNATED payments—home health agencies
AS A ‘‘MODERATE’’ CATEGORICAL (HHAs) and suppliers of durable
medical equipment, prosthetics,
RISK FOR SCREENING PURPOSES
orthotics, and supplies (DMEPOS).’’
In § 424.518(c)(1), we proposed that,
Provider/supplier category
unless they are publicly traded on the
NYSE or NASDAQ, newly enrolling
Community mental health centers; comprehensive outpatient rehabilitation faciliHHAs and suppliers of DMEPOS would
ties; hospice organizations; independent dibe assigned to the high risk screening
agnostic testing facilities; independent clinlevel. Based on our experience and on
ical laboratories; and non-public, non-govwork conducted by the HHS OIG and
ernment owned or affiliated ambulance
the GAO, and because we do not have
services suppliers. (Except that any such
the monitoring experience with newly
provider or supplier that is publicly traded
enrolling DMEPOS suppliers or HHAs
on the NYSE or NASDAQ is considered
that we have with those currently
‘‘limited’’ risk.)
enrolled, we assigned these providers
Currently enrolled (revalidating) home health
and suppliers to the ‘‘high’’ risk
agencies. (Except that any such provider
that is publicly traded on the NYSE or
screening level. We are especially
NASDAQ is considered ‘‘limited’’ risk.)
concerned about newly enrolling HHAs
Currently enrolled (re-validating) suppliers of
and suppliers of DMEPOS because of
DMEPOS. (Except that any such supplier
the high number of HHAs and suppliers
that is publicly traded on the NYSE or
of DMEPOS already enrolled in the
NASDAQ is considered ‘‘limited’’ risk.)
Medicare program and program
vulnerabilities that these entities pose to
(3) High
the Medicare program. Below is a list of
For those provider and supplier
HHS OIG and GAO reports identifying
categories assigned the ‘‘high’’ level of
home health agencies and suppliers of
screening, we proposed that, in addition DMEPOS as posing an elevated risk to
to the screening tools applicable to the
the Medicare program.
limited and moderate level of screening,
• In a December 2009 report titled,
Medicare contractors would use the
‘‘Aberrant Medicare Home Health
following screening tools in the
Outlier Payment Patterns in Miamienrollment process: (1) Criminal
Dade County and Other Geographic
PO 00000
Frm 00010
Fmt 4701
Sfmt 4700
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
rmajette on DSK29S0YB1PROD with RULES2
Areas in 2008’’ (OEI–04–08–00570), the
HHS OIG recommended that CMS
continue with efforts to strengthen
enrollment standards for home health
providers to prevent illegitimate HHAs
from obtaining billing privileges.
• In a February 2009 report titled,
‘‘Medicare: Improvements Needed to
Address Improper Payments in Home
Health’’ (GAO–09–185), the GAO
concluded that the Medicare enrollment
process does not routinely include
verification of the criminal history of
applicants, and without this information
individuals and businesses that
misrepresent their criminal histories or
have a history of relevant convictions,
such as for fraud, could be allowed to
enter the Medicare program. In addition,
the GAO recommended that CMS assess
the feasibility of verifying the criminal
history of all key officials named on the
Medicare enrollment application.
• In a February 2008 report titled,
‘‘Los Angeles County Suppliers’
Compliance with Medicare Standards:
Results from Unannounced Visits’’
(OEI–09–07–00550) and in a March
2007 report titled, ‘‘South Florida
Suppliers’ Compliance with Medicare
Standards: Results from Unannounced
Visits (OEI–03–07–00150), the HHS OIG
recommended that CMS strengthen the
Medicare DMEPOS supplier enrollment
process and ensure that suppliers meet
Medicare supplier standards. The HHS
OIG provided several options to
implement this recommendation
including: (1) Conducting more
unannounced site visits to suppliers; (2)
performing more rigorous background
checks on applicants; (3) assessing the
fraud risk of suppliers; and (4) targeting,
monitoring, and enforcement of high
risk suppliers.
• In a September 2005 report titled,
‘‘Medicare: More Effective Screening
and Stronger Enrollment Standards
Needed for Medical Equipment
Suppliers’’ (GAO–05–656), the GAO
concluded that,
CMS is responsible for assuring that
Medicare beneficiaries have access to the
equipment, supplies, and services they need,
and at the same time, for protecting the
program from abusive billing and fraud. The
supplier standards and NSC’s gate keeping
activities were intended to provide assurance
that potential suppliers are qualified and
would comply with Medicare rules.
However, there is overwhelming evidence—
in the form of criminal convictions,
revocations, and recoveries—that the
enrollment processes and the standards are
not strong enough to thoroughly protect the
program from fraudulent entities. We believe
that CMS must focus on strengthening the
standards and overseeing the supplier
enrollment process. It needs to better focus
on ways to scrutinize suppliers to ensure that
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
they are responsible businesses, analogous to
Federal standards for evaluating potential
contractors.
We recognize that there may also be
circumstances where a particular
provider or supplier or group of
providers and suppliers may pose a
higher risk of fraud, waste, and abuse
than the screening level assignment for
their category assessed. Therefore, in
§ 424.518(c)(3), we proposed specific
criteria that we would use to adjust the
classification of a provider or supplier
into a higher risk screening level than
would generally apply to the entire
category of provider or supplier, in
order to address specific program
vulnerabilities. We solicited comments
on specific additional circumstances
that might justify shifting a provider or
supplier into a higher screening level
than would generally apply to its
category. We also solicited comments on
the criteria that we could use to shift the
screening level back down.
In § 424.518(c)(3)(i), we proposed to
adjust a provider or supplier from the
limited or ‘‘moderate’’ risk screening
level to the ‘‘high’’ risk screening level
when we have evidence from or
concerning a physician or nonphysician practitioner that another
individual is using his or her identity
within the Medicare program. In
§ 424.518(c)(3)(ii) and (iii), which in this
final rule with comment period has
been redesignated § 424.518(c)(3)(i) and
(ii), we proposed to adjust a provider or
supplier from the ‘‘limited’’ or
‘‘moderate’’ level of screening to the
‘‘high’’ screening level when: The
provider or supplier has been placed on
a previous payment suspension within
the previous ten years; or the provider
or supplier has been excluded by the
HHS OIG or had its Medicare billing
privileges revoked by a Medicare
contractor within the previous 10 years
and is attempting to establish additional
Medicare billing privileges for a new
practice location or by enrolling as a
new provider or supplier. In addition,
we believe that providers that have been
terminated or otherwise precluded from
billing Medicaid should be adjusted
from the ‘‘limited’’ or ‘‘moderate’’
screening level to the ‘‘high’’ screening
level. We believe that such providers or
suppliers pose an elevated level of risk
to the Medicare program.
In § 424.518(c)(3)(iv), redesignated in
this final rule with comment period as
§ 424.518(c)(3)(iii), we proposed to
adjust providers or suppliers from the
‘‘limited’’ or ‘‘moderate’’ level of
screening to the ‘‘high’’ level of
screening for 6 months after we lift a
temporary moratorium (see section II.C.
of this final rule with comment period)
PO 00000
Frm 00011
Fmt 4701
Sfmt 4700
5871
applicable to such providers or
suppliers. This would include providers
and suppliers revalidating their
enrollment if the moratorium is
applicable to the provider or supplier
type. We solicited comments on criteria
that would justify reassignment of
providers or suppliers from the
‘‘limited’’ or ‘‘moderate’’ screening level
to the ‘‘high’’ screening level. We also
solicited comments on criteria
appropriate to the reassignment from
‘‘high’’ to ‘‘moderate’’ screening levels or
‘‘limited’’ screening levels. We also
solicited comment on the applicability
of geographical circumstances as a
possible criterion for adjusting
providers or suppliers from one
screening level to another. We also
solicited comment on whether nonpractitioner owned facilities and
suppliers should be subject to a higher
level of screening than their
practitioner-owned counterparts or,
whether there is an appropriate
corresponding trigger for nonpractitioner owned facilities and
suppliers. We solicited comment on
whether providers and suppliers should
be subject to higher levels of screening
when the provider specialty does not
match clinic type on an enrollment
application. We solicited comment on
what objective conditions might support
a broad set of circumstances or factors
that would allow us to determine that
provider screening levels by risk should
be based on ‘‘other conditions or factors
that CMS determines are necessary to
combat fraud, waste, and abuse.’’
We solicited public comment on the
appropriateness of using criminal
background checks in the provider
enrollment screening process, including
the instances when such background
checks might be appropriate, the
process of notifying a provider, supplier
or individual that a criminal
background check is to be performed,
and the frequency of such checks.
We solicited comment on the use of
fingerprinting as a screening measure in
our programs. We recognized that
requesting, collecting, analyzing, and
checking fingerprints from providers
and suppliers are complex and sensitive
undertakings that place certain burdens
on affected individuals. There are
privacy concerns and operational
concerns about how to assure individual
privacy, how to check fingerprints
against appropriate law enforcement
fingerprint databases, and how to store
the results of the query of the data bases
and also how to handle the subsequent
analysis of the results. As a result, we
solicited comments on how CMS or its
contractor should maintain and store
fingerprints, what security processes
E:\FR\FM\02FER2.SGM
02FER2
5872
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
rmajette on DSK29S0YB1PROD with RULES2
and measures are needed to protect the
privacy of individuals, and any other
issues related to the use of fingerprints
in the enrollment screening process. We
were interested in comments on
possible circumstances in which
fingerprinting would be potentially
useful in provider screening or other
fraud prevention efforts. Our proposed
screening approach contemplated
requesting fingerprints from providers
and suppliers designated as presenting
a ‘‘high’’ risk of fraud. We solicited
comment on this requirement, the
circumstances under which it is
appropriate, limitations on its use and
any alternatives to the proposed
approach regarding fingerprints. Our
proposed approach allowed denial of
billing privileges to newly enrolled
providers and suppliers and revocation
of billing privileges for revalidating
providers and suppliers if owners or
officials of providers or suppliers
refused to submit fingerprints when
requested to do so. We solicited
comments on this proposal including its
appropriateness and utility as a fraud
prevention tool. In addition, we also
solicited comment on the applicability
and appropriateness of using, in
addition to or in lieu of fingerprinting,
other enhanced identification
techniques and secure forms of
identification including but not limited
to other biological or biometric
techniques, passports, United States
Military identification, or Real ID
drivers licenses. As technology and
secure identification techniques change,
the tools we use may change to reflect
improvements or shifts in technology or
in risk identification. We solicited
comment on the appropriate uses of
these techniques.
We noted that any physician or nonphysician practitioner or organizational
provider or supplier that is denied
enrollment into the Medicare program
or whose Medicare billing privileges are
revoked is afforded due process rights
under § 405.874.
To assist readers in understanding the
type of providers and suppliers that we
proposed to include in the ‘‘high’’ risk
screening level, we are providing the
following table.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
TABLE 4—PROPOSED MEDICARE PROVIDERS AND SUPPLIERS DESIGNATED
AS A ‘‘HIGH’’ CATEGORICAL RISK
FOR SCREENING PURPOSES
Provider/supplier category
Prospective (newly enrolling) home health
agencies and suppliers of DMEPOS. (Except that any such provider or supplier that
is publicly traded on the NYSE or
NASDAQ is considered ‘‘limited’’ risk.)
The new screening procedures
implemented pursuant to new section
1866(j)(2) of the Act will be applicable
to newly enrolling categories providers
and suppliers beginning on March 25,
2011. These new screening procedures
will also be applicable beginning on
March 25, 2011 for those providers and
suppliers currently enrolled in
Medicare, Medicaid, and CHIP who
revalidate their enrollment information.
For Medicare, this will impact those
providers and suppliers whose
revalidation cycle results in revalidation
occurring between March 25, 2011 and
March 23, 2012. Finally, these new
procedures will be applicable to
currently enrolled Medicare, Medicaid,
and CHIP providers and suppliers
beginning on March 23, 2012, in
accordance with section 1866(j)(2)(ii) of
the Act. As such, some providers and
suppliers may be required to revalidate
their enrollment outside of their regular
revalidation cycle. However, the
additional screening procedures for
categories and individuals in the high
level of screening, namely, as discussed
below, fingerprint-based criminal
history record checks, will be
implemented 60 days following the
publication of subregulatory guidance.
b. Analysis of and Responses to Public
Comment on Medicare Screening
Categories
Below is a summary of the comments
we received regarding the screening
categories and the validation activities
contained within each category.
Comment: Several commenters
expressed concern that we differentiated
between publicly traded and nonpublicly traded entities. Many
commenters stated that CMS did not
specify how publicly traded companies
were any less of a fraud risk than
companies that are not publicly traded.
Several commenters suggested this
distinction was arbitrary and without
merit. One commenter stated that being
publicly traded does not offer immunity
from risk, and that having one set of
standards for all providers will make it
easier for governments, providers and
consumers to identify and address fraud
PO 00000
Frm 00012
Fmt 4701
Sfmt 4700
and abuse. One trade association argued
that it preferred an approach that would
elevate its members into a higher risk
screening level than to distinguish
among its members based upon whether
a particular entity was publicly traded.
Another commenter suggested that CMS
withdraw its proposal; and requested
that if CMS decides to implement it, it
should provide the data analysis it used
in creating this policy choice and
explain why large privately held
companies are a greater risk than
publicly traded companies.
Response: We agree with the
arguments the commenters made
regarding distinguishing among
screening levels based on a provider or
supplier’s publicly traded status, and
thus we have eliminated the distinction
between publicly traded and nonpublicly traded companies for purposes
of the screening levels. While it has
been our general experience that
publicly traded companies have not
posed the elevated risk of fraud, waste
or abuse as non-publicly traded
companies, we do not believe the risk
differential between publicly traded and
non-publicly traded entities is such as
to warrant the automatic assignment of
the former into a lesser screening level.
Comment: Similar to the distinction
between publicly traded versus nonpublicly traded, several comments
suggested that the distinction between
government-owned or affiliated versus
non-government owned or affiliated
ambulance service suppliers was not
based on any evidence. One commenter
stated that CMS furnished little or no
supporting data for the position that
publicly owned companies pose less of
a risk. Another commenter contended
that this distinction presented
challenges that would make it difficult
for states to operationalize. Another
commenter believes that the distinction
is arbitrary, and noted that private
ambulance companies are, like public
companies, held to the same strict
standards, such as the need for them
and their personnel to be State-licensed.
The commenter added that there is no
evidence to support the assertion that
private ambulance services pose a
greater risk of fraud, waste or abuse than
public companies, and that the OIG
report referred to in the proposed rule
entitled ‘‘Medicare Payments for
Ambulance Transports’’ (OEI–05–02–
000590) did not single out private
ambulance services as posing such a
risk. Another commenter was concerned
that assigning private ambulance
companies to a higher screening level
could put them at a competitive
`
disadvantage vis-a-vis their public
counterparts.
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
Response: We disagree that this
distinction would be difficult to
operationalize. The enrollment process
generally captures information on the
supplier’s ownership; this enables
contractors and States to distinguish
between government-owned and nongovernment owned entities. However,
we do agree with the arguments made
regarding the use of public ownership as
a criterion for making a distinction in
the level of screening as determined by
the risk of fraud, waste or abuse posed
to the programs, and we have
eliminated the distinction between
government-owned and nongovernment owned ambulance
companies for purposes of the screening
level assignments. The available
evidence does not suggest that the risk
differential between government-owned
and non-government owned ambulance
companies is such as to warrant the
automatic placement of the former into
a lower screening level. Moreover, we
note that the ACA requires levels of
screening according to the risk of fraud,
waste and abuse posed by categories of
providers and suppliers. The approach
taken in this final rule with comment
period whereby we assign specific
categories of providers and suppliers to
screening levels determined by a
categorical assessment of the risk of
fraud, waste or abuse to the programs—
rather than assessing individual’s risk—
is consistent with the requirements of
the statute. While we believe that a
more nuanced and precise approach for
classifying specific categories of
providers and suppliers into screening
levels, for example using a scoring
algorithm to create categories, could
also be consistent with the statute under
certain circumstances and were we able
to provide an adequate rationale for the
classification, we do not yet have
experience with such an approach, and
are therefore finalizing an approach
based on classifications by entire
provider and supplier types. We may
consider additional classifications in
future rulemaking.
Comment: A commenter supported
CMS’s designation of provider fraud and
abuse risk into three levels for Medicare,
Medicaid, and CHIP providers, and
stated that CMS appropriately assigned
hospitals (including critical access
hospitals) to the limited level.
Response: We appreciate this
commenter’s support.
Comment: A commenter expressed
support for CMS’s proposal to move a
provider type from one screening level
to another only if it has been found by
CMS to pose more or less of a fraud and
abuse risk. However, the commenter
suggested, that CMS: (1) Review a
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
provider class over pre-prescribed time
periods (for example, 24 months), and
(2) allow sufficient time for the provider
community to offer comment prior to
changing a provider’s screening level.
Response: Our proposal to reassign
providers or suppliers or provider or
supplier types to another level of
screening was based on changes in
circumstances that contribute to the risk
of fraud. We believe that to restrict
ourselves to reassigning providers and
suppliers only at specific, pre-defined
time intervals would not provide us
with the flexibility we need to quickly
address emerging program integrity
risks. If a situation arose where there
was an immediate risk of fraud that
required the imposition of enhanced
screening procedures, we must be able
to deal with it rapidly, rather than wait
until a particular prescribed time
interval arrives. We will periodically
reexamine screening level
classifications for provider and supplier
categories. Should a change in a
particular provider or supplier type’s
assignment be warranted and should it
necessitate a change in existing
regulatory language, we will publish
notice of the change in the Federal
Register.
Comment: A commenter expressed
support for CMS’ inclusion of
physicians, non-physician practitioners,
and medical groups or clinics in the
limited screening level. The commenter
stated that these suppliers submit the
CMS–855I to enroll in Medicare and are
subject to all of the penalties listed in
Section 14 of CMS–855I regarding
falsifying information.
Response: We appreciate the
commenter’s support.
Comment: A commenter requested
that CMS consider moving CMHCs and
CORFs from the ‘‘moderate’’ screening
level to the ‘‘limited’’ screening level.
With respect to CORFs, the commenter
stated that CMS’ studies regarding
program integrity concerns have been
limited to the State of Florida, and
contended that it is arbitrary to
extrapolate that experience to the rest of
the country.
Response: We disagree with the
commenter’s assessment of the risk of
fraud associated with CMHCs and
CORFs. These risks extend beyond any
single region of the country. As a result
we have decided to keep these provider
types assigned to the moderate level of
screening. We believe that the
assignment of CMHCs and CORFs into
the moderate screening level was
appropriate based on the information
we presented in the proposed rule.
Comment: A commenter expressed
support for background checks and
PO 00000
Frm 00013
Fmt 4701
Sfmt 4700
5873
fingerprinting, but requested that they
be limited to only providers and
suppliers assigned to the high risk level
because of the potential administrative
burden.
Response: The final rule with
comment period is clear that
fingerprint-based criminal background
checks are only applicable to providers
and suppliers assigned to the high
screening level.
Comment: A commenter stated that
CMS, in listing various provider types
and the levels of risk into which they
were assigned, did not provide the
documentation on which it based its
conclusions, therefore violating the
Administrative Procedure Act. The
commenter recommended that CMS
furnish the following information by
provider/supplier type to justify its
conclusions and to inform the public as
to why certain providers are a limited
risk to the Medicare program: (1)
Number of Medicare revocations; (2)
number of Medicare deactivations; (3)
Medicare payment suspensions; (4)
Medicare civil monetary penalties; (5)
OIG mandatory exclusions; (6) OIG
permissive exclusions; (7) indictments;
and (8) felony convictions.
Response: We based our risk
assessments on a variety of factors,
including some of those listed by the
commenter, as well as others. However,
because our conclusions were not based
on any one factor nor any specific
combination of factors, but rather on
CMS’s aggregate experience with each
provider and supplier type, providing
the data requested by the commenter
would not serve to clarify the
determinations of risk.
Comment: Several commenters stated
that CMS did not describe how it will
screen providers and suppliers with a
designated ‘‘other’’ category, or which
types of providers and suppliers fall
within this category and how many
there are. One commenter stated that
providers and suppliers in the ‘‘Other’’
category should be assigned to the high
risk level.
Response: The ‘‘other’’ category is
largely reserved for future situations in
which a statute is enacted that
authorizes a particular provider or
supplier type to bill the Medicare
program; it is designed as a placeholder
of sorts pending the revision of the
CMS–855 application to accommodate
the new provider or supplier type. Since
we cannot predict which new provider
or supplier types may be able to bill
Medicare in the future, we are unable to
assign them to a particular screening
level in this final rule with comment
period.
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5874
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
Comment: Several commenters stated
that CMS did not explain which risk
level outpatient physical therapy/
occupational therapy (PT/OT), speech
pathology, and rehabilitation agencies
would fall into.
Response: We received a number of
comments on this issue. We will assign
occupational therapists, speech
language pathology, and rehabilitation
agencies to the ‘‘limited’’ level of risk
because we do not have evidence of
program integrity risk that suggest that
these entities should be assigned to the
moderate or high levels of screening.
However, we will assign physical
therapists (including physical therapy
groups) to the moderate screening level.
We believe this classification is
supported, in part, by a recent OIG
report entitled ‘‘Questionable Billing for
Medicare Outpatient Therapy Services’’
(December 2010) (https://oig.hhs.gov/oei/
reports/oei-04-09-00540.pdf), which
found, among other things, that MiamiDade County had three times, and
nineteen other counties had at least
twice, the national level on five of six
questionable billing characteristics. Law
enforcement has also identified
fraudulent billing schemes involving
physical therapy.
Comment: One commenter stated that
CMS did not describe how it would
screen new providers or suppliers types
permitted to enroll in Medicare. Since
CMS excluded these providers and
suppliers from its discussion, the
commenter recommended that these
entities be considered a high risk.
Response: Since we cannot predict
which new provider or supplier types
may be able to bill Medicare in the
future, we are unable to assign them to
a particular screening level in this final
rule with comment period. When such
entities emerge, we will make an
appropriate determination based on the
data sources we have already described
in this final rule with comment period,
as to what screening level assignment is
most appropriate for such new entities.
As previously discussed, we will
publish notice of these new provider
category assignments in the Federal
Register prior to making final any such
assignment.
Comment: One commenter
recommended that non-physician
owned medical facilities and groups be
considered a higher risk than physicianowned medical facilities.
Response: In the proposed rule, we
solicited comments on whether nonpractitioner owned facilities and
suppliers should be subject to a higher
level of screening than practitionerowned facilities and suppliers. We
received several comments suggesting
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
that the former category should be
subject to higher screening than the
latter. We are declining to adopt this
suggestion in this final rule with
comment period, however. As
previously stated, the ACA requires
levels of screening according to the risk
of fraud, waste and abuse posed by
categories of providers and suppliers.
The approach taken in this final rule
with comment period whereby we
assign specific categories of providers
and suppliers to risk levels that
determine screening requirements—
rather than determining individual
risk—is consistent with the statute.
Comment: Several commenters stated
that extending the enhanced screening
requirements to MAOs will prove
duplicative and unnecessarily increase
costs for providers. Identifying those
providers participating in multiple
health programs and coordinating their
screening and monitoring could, the
commenters contended, avoid
unnecessary administrative burden for
all involved. Otherwise, by extending
the screening requirements to MAOs,
providers will be forced to undergo the
same screening process multiple times,
for each MAO with whom they contract.
One commenter stated that it would be
more efficient for CMS and the States to
perform the screenings and make that
data available to the MAO plans through
a centralized process. Another
commenter recommended that
fingerprinting and background checks
be restricted to State and Federal law
enforcement agencies, adding that there
is no legitimate purpose for MA or
Medicare managed care plans to collect
and maintain this information.
Another commenter opposed
applying the proposed requirements to
MAOs and other managed care
organizations (MCOs) for several
reasons. First, there are already
appropriate screening tools for MAOs
for their providers and suppliers
pursuant to § 422.204(b)(3). Second,
MAOs have other requirements, as
established in § 422.204, to access
certain data bases to verify licensure,
licensure sanctions and other
limitations. Third, traditional Medicare
has a greater population to serve and a
wider network of providers and
suppliers to process and screen than
individual MA plan networks.
Therefore, the processes should stem
from those with oversight and
administration of traditional Medicare,
with a trickledown effect and benefit for
MAOs. Fourth, if a limited, moderate or
high risk provider has an enrollment
verification letter from Medicare issued
after March 25, 2011, the provider has
been appropriately credentialed and
PO 00000
Frm 00014
Fmt 4701
Sfmt 4700
needs no further credentials for a MAO.
Fifth, Medicare’s enrollment application
captures certain elements that are not
currently captured by some insurers’
enrollment applications, such as
delegated representative, authorized
representative, and owners. This
information would be difficult to
capture and verify, and the workload
would increase substantially on the part
of MCOs to credential numerous
individuals who may not have a
significant role within the providers/
supplier entity.
Response: Because there are a large
number of other regulatory provisions
that form the framework for oversight of
managed care plans, and we do not
want to duplicate these requirements by
imposing additional screening and
enrollment criteria on these
organizations, we have decided not to
apply the provisions of this final rule
with comment period to managed care
plans and organizations.
Comment: A commenter stated that
MCOs design their anti-fraud initiatives
based on the risks they encounter,
which may be unique and different from
the risks faced by FFS programs.
Consequently, CMS should give MCOs
the flexibility to decide whether to
adopt any of the proposed new
screening requirements and, if so, how
to do so; CMS should not extend the
screening requirements to MCOs. The
commenter stated that MCOs should be
allowed to: (1) Assign providers and
suppliers to a level that is higher or
lower than the level assigned by
Medicare FFS or the State FFS Medicaid
programs, and (2) deem a provider as
having satisfied its screening
requirements if the provider is enrolled
in Medicare FFS and/or a Medicaid FFS
program, and has gone through their
screening procedures.
Response: As explained previously,
we are concerned that the application of
the screening provisions to MCOs
would duplicate existing oversight and
regulatory authority. We therefore have
decided not to apply the provisions of
this final rule with comment period to
managed care plans and organizations.
This will, as the commenter suggests,
allow MCOs to develop provider
screening requirements that are unique
to their circumstances, including (1)
assign providers and suppliers to a level
that is higher or lower than that
assigned by Medicare or the State
Medicaid program, and (2) deem a
provider as having satisfied their
screening requirements if the provider is
enrolled in Medicare and/or a State
Medicaid program.
Comment: A commenter stated that
applying consistent risk management
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
practices throughout an organization
fosters a culture of program integrity. As
such, the commenter recommended that
MAOs be required to implement the
same enhanced screening processes that
CMS is considering for the original
Medicare program.
Response: As mentioned earlier, we
have decided not to apply the
provisions of this final rule with
comment period to managed care plans
and organizations.
Comment: A commenter
recommended that CMS explain what
type of screening process will be used
for Medicare Advantage, managed care
organizations or health maintenance
organizations.
Response: As previously stated, there
are a large number of other regulatory
provisions that form the framework for
oversight of managed care plans. We do
not want to duplicate these
requirements by imposing additional
screening and enrollment criteria on
these organizations. We therefore have
decided not to apply the provisions of
this final rule with comment period to
managed care plans and organizations.
Comment: A commenter
recommended that CMS establish
screening criteria for slide preparation
facilities and competitive acquisition
program/Part B vendors.
Response: We will not be establishing
screening criteria or prescribing
screening levels for slide preparation
facilities in this final rule with comment
period. Slide preparation facilities do
not enroll in Medicare at this time; thus,
we do not believe it is appropriate to
assign a level of screening to such
entities. As for competitive acquisition
program/Part B vendors, these will be
assigned to the limited screening level.
It has not been our experience that this
supplier type poses an elevated risk of
fraud, waste or abuse to the Medicare
program.
In addition, we are adding portable xray suppliers to the moderate screening
level. In support of this classification,
we note that the OIG has analyzed
Medicare claims data to identify
suppliers with questionable billing
patterns. The unusual claims patterns
that were found raise concerns about the
integrity of payments to certain portable
x-ray suppliers. Based on this, and
combined with the fact that there are
low barriers to entry for this type of
supplier, portable x-ray suppliers will
be placed in the moderate screening
level.
Comment: A commenter
recommended that CMS establish higher
levels of screening when: (1) A provider
or supplier changes ownership on a
frequent basis; (2) a physician or non-
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
physician practitioner is enrolled in
different States; (3) a physician has a
large number of reassignments or when
reassignments cross States; (4) a
physician is engaging or billing in a
reciprocal billing or locum tenens
billing arrangement; (5) owners have
businesses in different States; and (6)
when owners establish banking
relationships in different States from
where their practice is located.
Response: In the proposed rule, we
sought comment on what factors should
permit us to elevate an individual
provider or supplier to a higher level of
screening. We appreciate the
commenter’s suggestion. While we are
not adopting these recommendations at
this time, such suggestions may form
the basis of future rulemaking. We
would first like to evaluate how the
factors we will finalize as part of this
rule will work prior to adopting new
factors such as the ones the commenter
has identified.
Comment: One commenter
recommended that CMS assign to the
higher screening level any owner or
physician who had an final adverse
action within the previous 10 years; has
an unrepaid overpayment with
Medicare, Medicaid or CHIP; has a
Medicare or Medicaid payment
suspension; exclusion or debarment; a
felony conviction; unpaid taxes; or a
Medicare revocation. Another
commenter stated that in Table 1, CMS
appears not to consider previous
payment suspensions, overpayments,
OIG exclusions, or Medicare revocations
in establishing higher risk levels. The
commenter recommended that CMS
explain why such actions are not an
indicator of higher program risk and the
need for enhanced screening.
Response: As in the proposed rule, we
state in § 424.518(c) of the final rule
with comment period that a provider or
supplier will be moved from the
‘‘limited’’ or ‘‘moderate’’ category to the
‘‘high’’ level if it has been excluded by
the OIG, or has had its Medicare billing
privileges revoked in the previous ten
years. We have added in the final rule
with comment that a provider or
supplier that has been subject to any
final adverse action as defined at
§ 424.502 would also be moved to the
high level of screening. With regard to
these commenters’ other proposals, we
are generally supportive of them, and
may examine the possibility of future
rulemaking to include some of them as
factors that may elevate a provider or
supplier to a higher level of risk. As
previously mentioned, however, we
would first like to evaluate how the
factors we will finalize as part of this
PO 00000
Frm 00015
Fmt 4701
Sfmt 4700
5875
rule will work prior to adopting new
factors.
Comment: A commenter
recommended that CMS propose a
definition for the term ‘‘tax
delinquency,’’ as it is used in Table 1 of
the proposed rule, and clarify whether
the term refers to Federal, State and/or
local taxes.
Response: We have removed tax
delinquency from the list of database
checks in this final rule with comment
period. Though we do have new
authorities to obtain tax information as
part of ACA and other recently enacted
statutes, we are not prepared to
operationalize this provision at this
time.
Comment: A commenter stated that
CMS’ categorical risk approach did not
address the individual risk associated
with certain owners and individual
practitioners. The commenter
recommended that CMS issue a new
proposed rule to establish specific risk
factors would increase/decrease a
provider or supplier’s screening level.
Response: The ACA requires levels of
screening according to the risk of fraud,
waste and abuse posed by categories of
providers and suppliers. The approach
taken in the final rule with comment
period whereby we assign specific
categories of providers and suppliers to
screening levels determined by risk of
fraud, waste and abuse is consistent
with the requirements of the statute.
Furthermore, we believe the approach
taken in this final rule with comment
period is objective and allows us to
avoid subjective assessments of a
provider’s or supplier’s risk to the
programs.
Comment: A commenter supported
the use of background checks to ensure
the identity and integrity of owners and
senior managers of home health and
hospice agencies. While supporting the
maintenance of the confidentiality of
this information, the commenter
believes it should be used to: (1) Target
agencies for special oversight, (2) alert
owners of patterns of criminal behavior
on the part of their managers, and (3)
disqualify owners or managers that have
criminal histories.
Response: We intend to use this tool
in a way that safeguards personal
information and also helps prevent
fraud, waste and abuse. The criminal
history record will verify whether a
provider, supplier, or an individual
with a 5 percent or greater direct or
indirect ownership interest in such
provider or supplier has been convicted
of certain types of felonies that could
result in the denial or revocation of
billing privileges under § 424.530 or
§ 424.535, respectively. We believe that
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5876
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
criminal history record checks will
confirm the accuracy of information
submitted in enrollment applications,
and the discovery of false or misleading
information could result in denial or
revocation of billing privileges under
§ 424.530 or § 424.535. Providers or
suppliers who have been denied on
these bases are afforded all applicable
appeals rights.
While in some instances, such a
denial may result in alerting a provider
or supplier of an individual’s criminal
history, this is not the purpose or
intention of this enrollment screening
tool. Rather we will use this authority
for the purpose of verifying eligibility
for Medicare enrollment. We will
disseminate guidance and instructions
to providers, suppliers and our
enrollment contractors shortly after the
publication of this final rule with
comment period regarding the
implementation of the criminal history
record check requirement.
Comment: A commenter opposed the
proposal to move those who have
previously been placed on a payment
suspension or subject to a denial or
revocation in the past year, into a higher
screening level. The commenter stated
that a payment suspension may be
imposed upon a mere or false suspicion
of wrongdoing, and that the denial or
revocation could have been based on an
innocent mistake.
Response: We agree with this
commenter with respect to the denial of
billing privileges. Many denials occur
simply because the provider does not
meet the requirements to enroll as a
particular provider type or other clerical
errors. We have therefore removed the
denial of billing privileges as a basis for
moving a provider or supplier into a
higher risk screening level. We have
retained revocations of Medicare billing
privileges as such a basis because we
believe that such a provider poses a
heightened risk of fraud, waste or abuse
to the Medicare Trust Fund.
Payment suspension is used as a fraud
fighting tool only in instances where
facts available point to possible fraud,
waste, or abuse. Consequently, because
of the risk to the program posed by
individuals and entities upon which a
payment suspension has been imposed,
we believe we are justified in placing
them in the high risk screening level.
Comment: One commenter suggested
that in lieu of fingerprinting, each
owner or physician should submit: (1) A
U.S. Passport or a Foreign Passport with
their enrollment application, and/or (2)
copies of their Federal Tax Returns.
Response: We agree with the
commenter that there may be
alternatives to fingerprint-based
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
criminal history record checks to verify
identity; however information on U.S.
or foreign passports and Federal Tax
Returns, such as name, date of birth and
Social Security number are duplicative
of information that is captured in the
Medicare enrollment application.
Information that would be obtained
from a U.S. or foreign passport or
Federal Tax Returns could only be used
to process a name-based criminal
history record check, and the FBI does
not process name-based requests for
non-criminal justice purposes. The
submission of fingerprints is the only
way to obtain a criminal history record
check from the FBI.
Additionally, the National Task Force
on the Criminal Backgrounding of
America concluded that fingerprintbased criminal history record checks are
more accurate than name-based checks
because ‘‘names tend to be unreliable
because: people lie about their names;
obtain names from false documents;
change their names; people have the
same name; people misspell names;
people use different versions of their
names * * * people use aliases * * * ’’
The suppliers assigned to the high
screening level have been so assigned
because, in CMS, and its law
enforcement partners’ experience, such
supplier types have, as a category, not
undergone sufficient scrutiny in the
enrollment process. Some may have
gained entry in the past through
falsification of an enrollment
application that may have passed a
name based check. As a result, the extra
level of screening provided by the
submission of fingerprints for the
purposes of an FBI database check has
the potential to deny enrollment to
individuals whose sole intent is to
defraud the Medicare program. We
believe fingerprint-based criminal
history record checks will be an
effective tool to prevent fraud, waste,
and abuse in Federal health care
programs by independently verifying
information provided on applications of
potential providers and suppliers in the
high screening level.
If, after a sufficient period of
evaluation, we conclude that
fingerprint-based FBI criminal history
record checks do not fulfill our program
integrity objective of identifying
applicants who pose a heightened risk
of fraud, waste, and abuse prior to
enrollment or we determine that
supplementary actions are needed, we
may pursue additional rulemaking that
seeks to adopt alternative or additional
safeguards consistent with authorities
given to the Secretary in the ACA.
Comment: A commenter stated the
screening process described by CMS
PO 00000
Frm 00016
Fmt 4701
Sfmt 4700
does little to ensure that a provider or
supplier is submitting legitimate claims
for eligible individuals, since there is no
linkage between the enrollment process
and claim submission process. The
commenter contended that it did not
appear that CMS considered the
alternative approach of linking its
proposed screening requirements to
section 1866(j)(3) of the Act. The
commenter recommended that CMS
establish a link between the screening
process and the payment process by
establishing payment caps and
prepayment claims review as described
in section 1866(j)(3) of the Act.
Response: The commenter references
new section 1866(j)(3) of the Act, which
addresses a provisional period of
enhanced oversight for new providers or
suppliers of services. We believe that
the payment caps and prepayment
claims processes should supplement,
but not be used in lieu of, the
procedures outlined in this proposed
rule. Payment caps and prepayment
claims processes will be addressed in
separate vehicles. Clearly, the
provisions of section 1866(j)(3) of the
Act are an important complement to the
pre-enrollment screening provisions in
this rule. We intend to use both to fight
fraud. However, this provision is not
part of this final rule with comment
period. In fact, the ACA authorizes the
Secretary to implement the provisions
of section 1866(j)(3) of the Act through
instruction or otherwise.
Comment: A commenter contended
that with respect to the limited risk
screening requirements, the language in
proposed § 424.518(a)(2)(i) may be
overly broad. The commenter believes
the intent of this provision is for the
contractor to verify that the provider or
supplier meets only the applicable
regulations or requirements that qualify
it for the appropriate provider or
supplier type. However, the commenter
stated that, as written, § 424.518(a)(2)(i)
could be construed to require the
Medicare contractor to verify the
provider or supplier’s compliance with
virtually every Federal regulation and
State requirement that applies to the
provider or supplier type. This, the
commenter argued, could subject
limited categorical risk providers and
suppliers to an overly broad,
burdensome, and time-consuming
verification process.
Response: As explained in the
proposed rule, the verification process
for limited risk providers and suppliers
will be that which is currently used for
most providers and suppliers. The
verification will be limited to
enrollment requirements, and will not
examine compliance with all other State
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
and Federal regulations unless the other
State and Federal regulations have an
impact on whether the provider or
supplier meets the requirements for
enrolling or revalidating enrollment in
Medicare. The table that describes the
types of screening to be performed for
each of the three screening levels
explains clearly the kinds of verification
processes that CMS contractors will be
using to verify a provider’s or supplier’s
eligibility to enroll or remain enrolled in
Medicare.
Comment: One commenter requested
that CMS explain why it did not
consider compliance plans in
establishing its screening criteria.
Response: We solicited comments
regarding the use of compliance plans in
combating fraud, waste, and abuse.
Because there are a several complex
policy and implementation issues we
are pursuing separate additional
rulemaking in this area.
Comment: One commenter stated that
CMS did not include a discussion of
low quality of care when it established
its screening criteria.
Response: Quality of care is the
subject of several other CMS
regulations. Accordingly, we did not
include quality consideration in our
development of levels of categorical
screening. We believe that the factors
we included in the proposed rule for
establishing the screening criteria
support our classifications.
Comment: A commenter
recommended that CMS increase the
level of screening for any provider using
a billing agent or clearinghouse
convicted of health care fraud. The
commenter also recommended that,
similar to the provisions found in
section 6503 of the ACA, CMS establish
enrollment standards for clearinghouses
and billing agents for Medicare. CMS,
the commenter stated, mentioned in the
proposed rule that ‘‘based on our data
analysis including analysis of historical
trends and CMS’ own experience with
provider screening and enrollment we
believe the following providers and
suppliers pose a limited risk.’’ The
commenter also recommended that CMS
furnish the data analysis used to assign
each provider type in the limited
screening levels and the moderate
screening levels.
Response: As for the commenter’s
recommendation regarding billing
agents and clearinghouses, the
commenter references section 6503 of
ACA, which calls for billing agents and
clearinghouses to register under
Medicaid. The implementation of 6503
of the ACA, is not part of this rule;
however, we will be addressing that
provision in the future. We do not
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
propose to screen billing agents and/or
clearinghouses as part of this rule
because such entities do not enroll in
Medicare as providers or suppliers.
With respect to the data analysis we
used, we furnished information in the
proposed rule regarding our reasons for
assigning certain provider and supplier
types to limited, moderate or high level
of screening. We relied on our
experience to identify categories of
providers with a higher incidence of
fraud as well as our familiarity with
types of fraudulent schemes that are
currently prevalent in Medicare. In
addition, we used the expertise of our
contractors charged with identifying
and investigating instances of
fraudulent billing practices in making
our decisions regarding the appropriate
risk assessment of various providers. In
some instances, we also relied on the
data analysis and expertise of the OIG,
GAO, and other sources to develop
screening levels designed to increase
scrutiny for specific categories of
providers and suppliers as the risk
posed to the Medicare and Medicaid
programs increases.
Comment: A commenter asked
whether CMS, in grouping all hospital
types—including specialty hospitals,
physician-owned hospitals, short-term
hospitals, and acute hospitals—into one
risk level, is stating that all hospitals
have the same risk. If so, the commenter
requested that CMS provide data to
support this assertion and to explain
why it believes that all hospitals pose
the same risk
Response: Our assignment of
hospitals to the limited screening level
should not be construed as meaning that
every type of hospital poses the same
exact degree of risk. We did, however,
base our assignment on the premise that
all hospital provider types have certain
features in common that make them less
likely to be a program integrity concern
on the whole. For example, such entities
have significant start up costs and
capital and infrastructure costs. In
addition, such entities are subject to
significant government oversight, at
both the State and Federal levels.
Finally, such entities often are subject to
oversight from other accrediting bodies
through deeming authority. These
features are, in general, less apparent
with other provider and supplier types.
We note that these are not the only
features we considered when evaluating
hospitals and that these features, by
themselves, are not sufficient to cause
us to place a provider or supplier type
in the limited screening category.
Comment: A commenter stated that in
Table 1, CMS appears not to consider
previous payment suspensions,
PO 00000
Frm 00017
Fmt 4701
Sfmt 4700
5877
overpayments, OIG exclusions, or
Medicare revocations in establishing
higher risk levels. The commenter
recommended that CMS explain why
such actions are not an indicator of
higher program risk and the need for
enhanced screening.
Response: As mentioned previously,
we state in this final rule with comment
period that a provider or supplier will
be placed into the high screening level
if the provider or supplier (or an
individual who maintains a 5 percent or
greater direct or indirect ownership
interest in such provider or supplier)
has had a final adverse action—as that
term is defined in § 424.502—imposed
against it within the previous 10 years.
Comment: A commenter stated that
because of the wide variation in
DMEPOS items and services and
differing levels of behavior, CMS should
subdivide the general category of
DMEPOS suppliers and assign
appropriate screening levels to each
product category, rather than to
DMEPOS suppliers as a whole.
Response: We think the commenter’s
suggestion might lead to an overly
complex system of provider screening
and related oversight tools. Accordingly,
we have decided not to create such a
distinction based on such subcategories. At this time, we are not
determining the risk of fraud, waste, and
abuse by product category.
Comment: Several commenters
requested CMS to change the proposed
rule to state that both publicly traded
entities and their wholly-owned
subsidiaries are afforded ‘‘limited
categorical risk’’ status.
Response: As stated previously,
publicly traded status is not being
included as a criterion for assigning
provider or supplier categories to
screening levels. The approach taken in
this final rule with comment period
whereby we assign specific categories of
providers and suppliers to screening
levels determined by the categorical risk
of fraud—rather than determining
individual risk—is consistent with the
requirements of the ACA.
Comment: One commenter supported
CMS’s proposal to place new HHAs into
the high screening level. The
commenter stated that much of the
fraud and abuse that has been detected
in the home health benefit is associated
with new providers, particularly in
areas not subject to certificate of need
(CON) or other State controls on
provider development.
Response: We appreciate this
commenter’s support.
Comment: One commenter
recommended that the proposed rules
for assigning screening levels for
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5878
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
existing home health and hospice
providers be modified so as to more
accurately focus enforcement efforts on
certain existing providers within a
particular category. More specifically,
the commenter stated that CMS can use
its ample data resources to more
precisely differentiate between agencies
with proven histories of good
performance and those that are either
untested or have demonstrated irregular
patterns of performance. The
commenter recommended that any
nonprofit home health or hospice
agency that was certified in Medicare or
Medicaid before October 1, 2000, and
has not been identified as having
program integrity problems, be placed
in the limited risk screening level. The
commenter added that CMS should also
create a scoring algorithm that would
identify those HHAs and hospices at
moderate risk based on criteria such as:
(1) Years of program participation; (2)
ownership type; (3) number of medical
review requests; (4) pattern of
selectively serving highly profitable
cases; (5) frequent changes in
ownership; (6) geographic location; (7)
relationship to other stable (for example,
hospital) or less stable provider types
(DMEPOS); and (8) current accreditation
status.
Response: We did not base our
development of levels of screening on
provider-specific risk assessments. As
described previously, the statutory
requirements set forth in ACA guided
our approach in assigning categories of
providers and suppliers to screening
levels appropriate to the risk of fraud,
rather than pre-screening individuals
prior to the assignment of a screening
level. Adopting the type of scoring
algorithm suggested by the commenter
would automatically provide for
individual breakdowns of each HHA’s
or hospice’s risk, which we believe
would be inconsistent with the statute
and constitute a pre-screening step in
the enrollment process. We do not rule
out the possibility of using scoring
algorithms in the future for other
program integrity functions or for
provider and supplier enrollment, but
we decline to adopt this suggestion for
enrollment screening purposes at this
time. For the reasons stated previously,
we believe that the moderate risk
screening level is appropriate for
currently enrolled HHAs and hospices.
Comment: A commenter did not
believe that site visits were necessary to
ensure that ambulance providers and
suppliers were in compliance with
applicable program requirements. The
commenter expressed concern that the
time associated with conducting preenrollment site visits could slow down
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
the enrollment process. The commenter
added that ambulance services are
already subject to site inspections by the
State licensing agency (as well as other
State and Federal requirements), and
that the existing procedures are
sufficient to ensure that ambulance
providers and suppliers are operating in
compliance with program requirements.
Another commenter stated that in this
proposed rule, CMS states that it only
conducts a limited number of
unscheduled or unannounced site visits
for certain provider types. If this is
based on a policy decision, the
commenter requested that CMS explain
why it now believes that unscheduled
or unannounced site visits will reduce
fraud, waste, and abuse. The commenter
also requested a cost/benefit analysis for
its previous onsite efforts to show the
effectiveness of this new strategy. If a
fiscal constraint, the commenter
requested that CMS explain: (1) Why it
is spending $9 million on grants to
Senior Medicare Patrol (SMP) and
millions in advertising to promote ‘‘Stop
Medicare Fraud’’ in lieu of conducting
unscheduled and unannounced site
visits, and (2) where the additional
funds will come from to conduct
thousands of unannounced site visits.
Response: We have been conducting
site visits of one kind or another for
years, and have found such visits to be
an extremely effective tool in fighting
fraud. We plan to conduct site visits
pursuant to the authorities provided in
the ACA and as outlined in this final
rule with comment period. We have
received many valuable tips and other
information from SMP volunteers across
the country. We believe that site visits
are appropriate for ambulance
companies, especially considering that
we have uncovered several instances
where an enrolling ambulance
company—contrary to the information it
furnished on the CMS–855B—had no
base of operations. Regarding the
commenters concern about the Senior
Medicare Patrol initiative, we believe
the SMP program is outside the scope of
this regulation.
Comment: With respect to whether
non-practitioner-owned facilities and
suppliers should be subject to a higher
level of screening than their
practitioner-owned counterparts, a
commenter urged CMS to exempt
dually-enrolled physicians from
enrollment screening requirements
applicable to entities only enrolling as
DMEPOS suppliers. The commenter
believes it would make no sense to
consider physicians ‘‘limited risk’’ while
simultaneously labeling them either
‘‘moderate risk’’ or ‘‘high risk’’ when they
provide DMEPOS to their own patients.
PO 00000
Frm 00018
Fmt 4701
Sfmt 4700
Response: We disagree. As stated
previously, the approach taken in this
final rule with comment period whereby
we assign specific categories of
providers and suppliers to screening
levels determines by the assessed
categorical risk of fraud—rather than
determining individual risk—is
consistent with the requirements of the
ACA. We believe that each provider and
supplier category must be considered on
its own merits as an entire class, rather
than be sub-categorized based on
whether or not a particular provider is
owned by provider subject to the
limited screening level. For reasons we
have stated, both in this final rule with
comment period and in the past, newly
enrolling DMEPOS suppliers are
currently subject to a higher level of
scrutiny and revalidating DMEPOS
suppliers are subject to the moderate
level of screening—such as through the
need to comply with the supplier
standards in § 424.57(c)—because of the
heightened risk posed by this class of
suppliers as a whole. We therefore
decline to exempt certain types of
DMEPOS suppliers from either the
moderate level of screening for
revalidating suppliers or the high level
of screening for newly enrolling
suppliers.
Comment: A commenter suggested
that CMS revise the enrollment
applications to include language in the
certification statement so that CMS’
contractors can conduct a criminal
background check on any owner,
authorized official, delegated official,
managing employees and individual
practitioners during the initial
enrollment process or subsequently
thereafter. The commenter believes that
CMS is needlessly limiting its ability to
conduct criminal background checks.
Response: We appreciate this
comment but decline to adopt this
approach. We will perform fingerprintbased criminal history record checks of
the FBI’s Integrated Automated
Fingerprint Identification System
consistent with the methodology
specified in this rule. We do not intend
to amend the CMS–855 to include
language that would expand the use of
such criminal history record checks
beyond the requirements set forth in
this final rule with comment period. We
think that to conduct the same screening
for all provider categories without
taking into account the variation in risk
of fraud, waste or abuse would be an
inappropriate allocation of resources
and would be inconsistent with the
provisions of the ACA. As stated
previously, if CMS re-assigns additional
categories of providers to the high level
of screening, or expands the use of FBI
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
criminal history record checks to the
other screening levels, CMS will publish
a notice in the Federal Register.
Comment: A commenter suggested
that Medicare, Medicaid, and CHIP
consider bankruptcy and credit report
scores during the screening process and
that CMS deny enrollment where an
owner, authorized official, or delegated
official has a credit score of less than
720 or has had a personal or business
bankruptcy within the last 5 or 10 years.
The commenter stated that credit score
is indicative a person’s ability to
manage financial assets.
Response: We decline to adopt this
approach in this final rule with
comment period. We would need to
perform additional study to determine
whether credit scores correlate with
program integrity risk. Because we do
not have evidence to support such a
relationship, we decline to adopt this
approach at this time.
Comment: Several commenters
requested clarification on whether a
Federal agency or a private company
will process the fingerprint card, how
CMS will safeguard this information,
and how much additional time
fingerprinting will add to the screening
process of new applicants. Another
commenter urged CMS to ensure that
documentation concerning fingerprints
be tracked from origination to delivery
to prevent loss, and that all information
be protected from FOIA disclosure.
Response: The FBI requires that
fingerprints be collected and submitted
by FBI-approved ‘‘authorized
channelers.’’ The FBI currently has
approved 15 such private companies to
collect and submit fingerprints to the
FBI CJIS Division’s Wide Area Network
(WAN), receive the criminal history
record information, and submit the
record to authorized recipients, in this
case CMS (or its FBI approved
outsourced contractors) for the
determination of eligibility for
enrollment. CMS will use of one or
more of the pre-approved authorized
channelers to collect and submit
fingerprints directly to the FBI, and
CMS will ensure the written proposal(s)
provided by the selected channeler(s)
contains the appropriate assurances of
compliance with privacy and security
considerations mandated by the
Compact Council (the national
independent authority that regulates
and facilitates the exchange of
noncriminal justice criminal history
record information) and as required by
28 CFR part 906. Additionally, CMS
will adhere to the Compact Council’s
Security and Management Control
Outsourcing Standard for Channelers.
The use of authorized channelers
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
effectively means CMS never has
custody of the submitted fingerprints,
only the resulting criminal history
record. CMS will, of course, protect the
information in the criminal history
record according to existing Federal
standards and procedures that govern
personally identifiable information.
After further consideration of the
proposed requirement that all required
applicants submit their fingerprints on
the FD–258 card, CMS has removed the
requirement to use only the FD–258
card from this final rule with comment
period. CMS strongly encourages all
required applicants to provide
electronic fingerprints to the CMSselected authorized channeler, but will
also accept the FD–258 card. As stated
previously, CMS and the authorized
channeler will safeguard the
information as required by the existing
requirements of the Compact Council,
and specifically the Compact Council’s
Security and Management Control
Outsourcing Standard for NonChannelers and Channelers and the
FBI’s Criminal Justice Information
System’s Security Policy.
We believe the additional time for a
contractor’s processing of the
application in light of the fingerprintbased criminal history record check will
be minimal for those applicants who
submit electronic fingerprints.
Applicants who submit the FD–258 card
will experience an extended processing
time as the authorized channeler
selected by CMS will have to convert
the paper print into a electronic
submission so that the FBI can quickly
process all requests. The FBI processing
of the electronic prints occurs within 24
hours of receipt from the authorized
channeler, and the authorized channeler
will receive and transmit the report to
CMS. The report will be reviewed for
disqualifying felonies and omitted
information as outlined in existing
regulations at § 424.530(a) for
enrollment and at § 424.535(a) for
revalidation and once the fitness
determination has been made, the
appropriate contractor will process the
enrollment application as before. CMS
believes this process will not cause
significant delays to the enrollment
process.
As stated previously, CMS and our
Medicare contractors will protect
individuals’ information under the
Privacy Act, 5 U.S.C. 552a and the
Privacy Act system of records notice for
this information. We recognize that the
safeguarding of individual privacy and
ensuring the security of fingerprints
collected under this regulation is a
serious concern. We will ensure that
these concerns are addressed and that
PO 00000
Frm 00019
Fmt 4701
Sfmt 4700
5879
all necessary safeguards are
implemented to protect this information
–from both privacy and security
standpoints—when we issue guidance
on fingerprint-based criminal history
record checks following the publication
of this final rule with comment period.
We will ensure that fingerprint
documentation is fully protected to the
extent required by Federal law.
As stated previously, the fingerprintbased criminal history record check will
be required 60 days following the
publication of subregulatory guidance.
All other screening requirements are
effective on March 25, 2011 for those in
the ‘‘high’’ screening level. The delay in
the effective date for the fingerprintbased criminal history check will permit
CMS to coordinate the implementation
of this new process with our law
enforcement partners, ensure that all
concerns related to privacy are
addressed, educate our providers and
suppliers about the new process, and
ensure that our contractors are
adequately prepared to implement this
new process so that the implementation
of this new process does not cause any
undue delay.
Comment: A commenter stated that
while CMS assigns CMHCs to the
moderate screening level, CMS has not
taken steps to implement section 1301
of the Health Care and Education
Reconciliation Act of 2010 (collectively,
the Affordable Care Act), which requires
that CMHCs provide at least 40 percent
of its services to individuals who are not
eligible for benefits. The commenter
recommended that CMS consider
CMHCs as a ‘‘high’’ categorical screening
risk until CMS implements section 1301
of the ACA.
Response: For reasons already
explained, we believe that CMHCs are
most appropriately assigned to the
moderate screening level. Section 1301
of ACA is not a part of this rule.
Comment: Several commenters
requested that CMS consider
establishing criteria for making
assignments to screening levels before
moving forward with this rule.
Response: We explain in the preamble
the criteria and factors we used for our
placement of various provider and
supplier types into particular levels.
These factors include our experience
with claims data used to identify
fraudulent billing practices, as well as
the expertise developed by our
contractors charged with investigating
and identifying instances of Medicare
fraud across multiple categories of
providers. In addition, we have relied
on insights gained from numerous
studies conducted by the HHS OIG,
GAO, and other sources.
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5880
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
Comment: A commenter requested
that a fourth level of ‘‘no risk’’ be
established. This is to reflect positively
on providers who have had no incidents
of fraud, waste or abuse.
Response: We do not believe it is
appropriate to create a ‘‘no risk’’ level as
the limited level of screening represents
the baseline screening requirements for
entry into the Medicare program. We
believe that fraud, waste and abuse can
occur at any time and among any
provider or supplier category. Our
screening methodology is designed to
match an appropriate level of screening
to provider or supplier categories based
on level of risk of fraud, waste or abuse
posed by the provider or supplier
category.
Comment: A commenter requested
clarification regarding whether CMS
will conduct TIN matches with the IRS
via an automated match or whether the
provider will be required to sign an I–
9 verification form. The commenter also
asked whether CMS will conduct tax
delinquency database matches with the
IRS and the authority for such a match.
In both cases, the commenter
recommended that CMS establish new
denial and revocation reasons if the TIN
does not match or there is a tax
delinquency.
Response: We currently verify the
provider’s TIN as part of the enrollment
process; if the TIN does not match the
provider’s legal business name, the
application will be denied, or, if
enrolled, the provider’s billing
privileges will be revoked. However, we
have removed references to tax
delinquencies as a component of the
screening methodology from this rule.
While we do plan to implement
provisions that will allow us to
coordinate enrollment decisions with
data obtained from the Internal Revenue
Service—for instance, potentially
denying an application based on tax
delinquency information from the IRS—
such an effort is not a part of this rule.
Comment: A commenter stated that
CMS’s proposed ‘‘limited risk’’
classification for publicly traded
companies does not explicitly afford the
same treatment to subsidiaries of
publicly traded providers and suppliers.
Several commenters recommended that
majority owned subsidiaries of publicly
traded providers and suppliers be
treated the same as their publicly traded
parents. Specifically, since subsidiaries
of publicly traded providers and
suppliers are subject to substantially
similar oversight and scrutiny, the
commenter proposed that all providers
and suppliers—regardless of whether
the parent is enrolled—that are at least
majority owned, directly or indirectly,
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
by a publicly traded provider or
supplier be assigned to the limited risk
level for screening. The commenter
suggested that proposed § 424.518(a)(2)
be revised to read as follows: ‘‘(2) When
CMS designates a provider or supplier
into the ’’limited’’ categorical level of
screening, the provider or supplier is
publicly traded on the New York Stock
Exchange (NYSE) or the National
Association of Securities Dealers
Automated Quotation System
(NASDAQ), or the provider or supplier
is majority owned, directly or indirectly,
by an organization publicly traded on
the NYSE or NASDAQ * * *.’’. Another
commenter stated that subjecting
different providers under a hospital to
different levels of scrutiny could cause
confusion and unnecessary hardship.
Response: For reasons already stated,
we have eliminated the distinction
between publicly traded and private
companies and have declined to
subcategorize individual providers and
suppliers based on their ownership.
Comment: A commenter stated that
while subjecting newly enrolling
DMEPOS suppliers to stringent
screening may be proper, an enrolled
DMEPOS supplier that reenrolls
following an ownership change should
not be subject to the same screening as
a newly established supplier. It should
instead be treated as moderate risk, just
as enrolled suppliers that revalidate
their enrollment information. The
commenter contended that the seller’s
business, much of which remains after
the purchase, has already been verified
and authenticated; if CMS and the NSC
subject the purchaser to stringent
enrollment screening, they will
duplicate the work that they have
already done to validate and inspect the
purchased business, wasting resources.
It could also delay the new owner’s
receipt of a Medicare number, which
could disrupt the continuity of business
and patient care. The commenter added
that if CMS does not agree that an
enrollment following an ownership
change of an enrolled DMEPOS supplier
should be moderate risk, CMS should
formally state that purchasers of
enrolled DMEPOS suppliers will receive
new Medicare numbers with billing
privileges retroactive to the purchase
date. In closing, the commenter stated
that the proposed rule is a dramatic
change to the existing methods of
Medicare enrollment; while change to
prevent fraud and abuse is advisable,
such change should not harm honest
providers and suppliers who strive to
provide high quality service to Medicare
beneficiaries. Another comment stated
the purchaser of an existing community
pharmacy DME supplier store should be
PO 00000
Frm 00020
Fmt 4701
Sfmt 4700
screened as a moderate (not a high) risk
supplier during reenrollment.
Response: We disagree that a
DMEPOS supplier undergoing a change
of ownership should be assigned to the
as moderate screening level. For
purposes of enrollment, a DMEPOS
supplier undergoing a change of
ownership is treated and must enroll as
a new supplier. Hence, since all newlyenrolling DMEPOS suppliers are subject
to a ‘‘high’’ level of screening, we believe
DMEPOS suppliers undergoing a change
of ownership should also be subject to
a ‘‘high’’ level of screening. Further, the
screening requirements in the high
screening level include a fingerprintbased criminal history record check of
any individual with direct or indirect
ownership of 5 percent or greater.
Therefore, enrollment screening after a
change in ownership has clear value to
the enrollment process, and we disagree
that it would be a waste of resources.
Currently-enrolled (revalidating)
DMEPOS suppliers are assigned to the
moderate level of screening.
Comment: A commenter stated that
certified orthotic and prosthetic
DMEPOS suppliers and American Board
for Certification in Orthotics and
Prosthetics (ABC)-accredited DMEPOS
suppliers should be assigned to the
limited screening level. The commenter
stated that accreditation is not an easy
standard to meet, and asked CMS to
investigate whether there are any
studies or other evidence that indicate
that ABC Accredited Facilities and/or
ABC Certified practitioners as a
DMEPOS subcategory pose an elevated
risk to the Medicare program. If there
are not, such suppliers should be
subject to limited screening.
Response: We believe the commenter
is asserting that accreditation bodies
perform a sufficient level of oversight to
ensure that the entities they accredit are
a low program integrity risk. We do not
believe this is true. The accreditation
bodies help verify the supplier’s
compliance with DMEPOS standards,
rather than assess the supplier’s risk of
fraud, waste and abuse. Accordingly, we
decline to assign entities accredited by
ABC or any other accrediting
organization to the limited screening
level solely on that basis.
Comment: A commenter contended
that in States without licensure, if a
DMEPOS supplier is practitioner-owned
and one or more of the practitioners is
certified by ABC (accrediting body
referenced in section 427 of the
Medicare, Medicaid, and SCHIP
Benefits Improvement and Protection
Act of 2000 (BIPA)), or if the facility
itself has been accredited by one of
these entities, it should be as assigned
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
to the limited screening level. The
practitioner being credentialed in either
of these ways has demonstrated a
commitment to quality.
Response: As already stated, we
decline to subcategorize individual
providers and suppliers based on their
ownership and do not believe
accreditation—standing alone—should
be the foremost indicator of fraud and
abuse risk.
Comment: One commenter stated that
chain pharmacies should be exempt
from the increased screening levels and
screening procedures, as they are
already subject to significant regulation
within their respective States.
Response: We disagree. For the same
reason that we cited for eliminating the
distinction between publicly traded and
non-publicly traded or public or nonpublic ownership status as a basis for
determining screening level, state
regulation of chain DMEPOS suppliers
is not in itself a sufficient indicator of
the risk of fraud, waste or abuse posed
by a particular category of provider or
supplier. The fact that a particular
provider or supplier type may be
regulated by the State is not adequate
grounds for placing it in a lower
screening level.
Comment: A commenter stated that
the proposed provisions punish
legitimate providers and that the most
egregious fraud is committed by scam
artists and organized crime. The
commenter expressed concern that
small practices will be driven out of
business. In light of CMS’s proposed
exemption for public companies, one or
two large national companies may be
the only ones ‘‘left standing’’ and will
have a monopoly. CMS, the commenter
argued, will then be unable to
objectively compare ‘‘best practices’’ or
to objectively evaluate trends in care,
and that patients will not have a choice
for their care.
Response: As already stated, we have
eliminated the distinction between
publicly held and private companies. In
addition, we believe that the proposed
provisions will help stem the fraud that
both the commenter and we are
concerned about.
Comment: A commenter
recommended that CMS provide the
analysis for which it based its risk
assignment decisions for limited and
moderate screening levels. The
commenter also recommended that CMS
consider the Medicare and Medicaid
error rates for each provider or supplier
in establishing its screening levels.
Finally, the commenter also requested
the following data for each type of
Medicare provider and supplier for
2008, 2009, and 2010:
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
• Number of Medicare revocations.
• Number of Medicare payment
suspension.
• Number of Medicare overpayment.
• Medicare error rate.
• Medicaid error rate.
• CMPs.
• Convictions by the Department of
Justice.
• HHS OIG mandatory exclusions
under 1128 of the Act.
• HHS OIG permissive exclusions
under 1128 of the Act.
Response: We based our risk
assessments on a variety of factors,
including some of those listed by the
commenter as well as others. However,
because our conclusions were not based
on any one factor nor any specific
combination of factors, but rather on
CMS’s aggregate experience with each
provider and supplier type, providing
the data requested by the commenter
would not serve to clarify the
determinations of risk.
Comment: A commenter stated that
the proposed screening approach in the
proposed rule is simplistic at best and
flawed at worst. The commenter did not
believe provider type is the only
measure of risk of fraud. To address
those individuals and organizations
who intend to enroll for the sole
purpose of committing fraud, CMS
must: (1) Consider the provider’s past
experience with Medicare, Medicaid, or
CHIP; (2) coordinate enrollment and
billing issues with commercial health
plans, Medicaid and CHIP; and (3)
establish more stringent program
requirements. The commenter believes
that CMS did not offer any enhanced
program requirements in the proposed
rule, the rule does not reduce the ‘‘pay
and chase’’ approach used by CMS and
OIG today.
Response: We disagree, and believe
that the program safeguard measures
outlined in this final rule with comment
period will greatly assist in reducing
fraudulent activity. We believe several
of the elements proposed by the
commenter are inherent in this rule.
First, under the final rule with comment
period, final adverse actions will lead to
a high screening level assignment and
the use of additional screening tools.
Second, with regard to more stringent
program safeguards, we believe there is
much in this final rule with comment
period to bolster our efforts at
combating fraud, waste, and abuse For
example, in this final rule with
comment period, we are expanding the
instances in which we can impose a
payment suspension. Furthermore, for
the first time in the history of the
programs, we will be able to impose an
enrollment moratorium in order to
PO 00000
Frm 00021
Fmt 4701
Sfmt 4700
5881
combat fraud, waste, and abuse.
Accordingly, we believe the new
authorities that we are implementing
under the ACA will assist us in
strengthening our program integrity
efforts.
Comment: A commenter
recommended that the following be
placed into the high screening level: (1)
Any provider or supplier that is not
State licensed, and (2) any owner,
authorized official, delegated official,
physician or non-physician practitioner
who has ever been excluded by the OIG,
revoked by Medicare, or had a State
license revocation or suspension.
Response: We stated previously that
merely because a particular provider or
supplier type may be regulated by the
State is not in and of itself adequate
grounds for placing it in a lower
screening level. By the same token, we
do not believe that a failure to be
licensed by the State should
automatically place the provider or
supplier in a high screening level, as the
State may not have licensure
requirements for that particular provider
or supplier type. In addition, the
standards for licensure vary among the
States and Territories such that these are
largely out of our control. With regard
to the commenter’s second suggestion,
we again note that § 424.518(c) of the
final rule with comment period states
that a provider or supplier will be
moved from the ‘‘limited’’ or ‘‘moderate’’
level to the ‘‘high’’ level if it has had
final adverse actions imposed against it.
Comment: A commenter
recommended that CMS explain why it
did not consider comments regarding
publicly traded companies in the final
rule with comment period; Home Health
Prospective Payment System Rate
Update for Calendar Year 2011; Changes
in Certification Requirements for Home
Health Agencies and Hospices, when
developing the proposed policy found
in the proposed rule to this final rule
with comment period.
Response: This rule and the rule that
the commenter references deal with
different issues. Each was developed
and considered on its own merits.
Comment: A commenter supported
CMS’s placement of hospitals and
physicians into the limited screening
level. However, the commenter
disagreed that publicly traded DMEPOS
suppliers or HHAs would have less risk.
The commenter also stated that the
providers and suppliers that are
designated as ‘‘high risk’’ or ‘‘moderate
risk’’ but which are members of, operate
as a part of, or are owned by a hospital
or a health system, should instead fall
under the same risk assignment as the
hospital. Such providers and suppliers
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5882
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
are part of larger established
organizations that have high levels of
accountability to their internal
governance structures and have
longstanding relationships with and
responsibility to their local
communities.
Response: For reasons already stated,
we have eliminated the distinction
between publicly traded and private
companies and have declined to
subcategorize individual providers and
suppliers based on their ownership.
Comment: Several commenters
requested greater specificity regarding
what level of managing employees
would be subject to the screening
requirements for high risk providers and
suppliers. Some of them requested that
for large provider organizations, only
the highest-level managing employees
who operate or manage, or who oversee
the operation of the entire healthcare
organization—and not lower-level
managers of individual departments or
functions—should be subject to the
enhanced screening procedures.
Response: In this final rule with
comment period, we will only apply the
screening requirements for high
screening level providers and suppliers
to individuals with a 5 percent or
greater direct or indirect ownership
interest. Officers, directors, and
managing employees—to the extent that
they do not have a 5 percent or greater
ownership interest—will not be subject
to fingerprint-based criminal
background checks. However, we intend
to monitor the situation and may seek
to extend the scope of fingerprint-based
criminal background checks in the
future if circumstances warrant.
Comment: A commenter stated that
hospitals should be exempted from all
screening levels—even the limited
screening level—if they are Statelicensed and accredited.
Response: We disagree with this
commenter. To exempt a provider or
supplier from any screening level would
be the equivalent of stating that the
provider need not undergo even the
most basic verification requirements
used under the limited risk level of
screening.
Comment: Several commenters
supported site visits as a tool to improve
program integrity, but believes that they
could disrupt or administratively
burden a legitimate provider or
supplier’s business operations. They
recommended that CMS limit the
purpose of these site visits to verifying
that the provider/supplier exists and is
operational; other matters that would
require significant management and
clinical staff time should be handled
through separately scheduled site visits.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Several other commenters believe that
site visits were appropriate, but said
that the number of such visits must be
reasonable for the circumstances and
should only increase if inappropriate
activity is suspected. In addition,
another commenter suggested that as
part of a DMEPOS site visit, the auditor
should confirm with the owner of the
warehouse or facility the terms of the
lease; for HHAs, the auditor should
confirm that the HHA has been using
the OASIS form and that a sample of
Patient Plan of Care medical records/
files can be directly linked to an OASIS
document.
Response: We decline to state that site
visits will always be limited to verifying
whether the provider or supplier is
operational. We must retain the
flexibility to conduct a closer on-site
review if warranted.
Comment: One commenter stated that
classifying DMEPOS suppliers that are
physician-owned as high risk could
pose a significant disincentive to officebased physicians to continue offering
DMEPOS supplies to their patients. The
commenter stated that there has been
little to no documentation of fraud,
waste, or abuse in this category of
DMEPOS, and that these suppliers
should be exempted from the high risk
level of screening.
Response: For reasons already stated,
we have declined to subcategorize
individual providers and suppliers
based on their ownership.
Comment: Several commenters stated
that the risk assessments of specific
providers should not be made public.
Response: To the extent allowed by
Federal law, we will not release to the
general public the risk assessment of an
individual provider or supplier. Thus
when an individual provider or supplier
is elevated in screening level as a result
of a triggering event in § 424.518 and
§ 455.450, we will not publish the
individual provider’s or supplier’s
name.
Comment: Several commenters
supported the creation of limited,
moderate, and high screening levels, as
well as the proposal to place physicians
into the limited screening levels. They
added that CMS should use public
notice and comment prior to modifying
the process or revising level
assignments based on new criteria.
Response: We appreciate the
commenters support and will publish
notice in the Federal Register regarding
changes in assignment or levels of
screening specified at § 424.518 and
§ 455. 450. However, as mentioned
previously, we will not publish
information about an individual
provider or supplier that meets certain
PO 00000
Frm 00022
Fmt 4701
Sfmt 4700
triggering events as described in these
sections.
Comment: A commenter opposed
‘‘geographical circumstances’’ as a
possible criterion for adjusting a
provider or supplier’s screening level.
This would deny all providers and
suppliers in the specified geographic
area basic due process and could
seriously damage beneficiary access to
health care providers and services in the
impacted area.
Response: We are not adopting
‘‘geographic circumstances’’ as a
criterion for adjusting a provider or
supplier’s screening level at this time.
We believe that should circumstances
arise where we have concerns about a
provider or supplier type in a
geographic area, the authority to impose
an enrollment moratorium, as detailed
in this rule, will provide program
integrity protection. However, we do
retain the authority to add geographic
location as a criterion for adjusting a
provider or supplier’s screening level
through future rulemaking.
Comment: Several commenters
opposed the proposal to re-assign
physicians from the ‘‘limited’’ or
‘‘moderate’’ screening level to the ‘‘high’’
screening level when CMS has evidence
from or concerning a physician that
another individual is using their
identity within the Medicare program.
Classifying physicians who have been
the victims of identity theft to the high
screening level would stigmatize the
physician and create a presumption that
he/she has engaged in conduct
warranting heightened scrutiny. They
urged CMS to establish a fourth level,
which signifies a heightened level of
risk to Federal health care programs as
a result of compromised physician
identity or identity theft. Another
commenter requested that CMS clarify
that it will be the offender who is
subjected to additional scrutiny and that
the victim will not be penalized for the
actions of the offender. Another
commenter, however, supported CMS’s
proposal to adjust the categorical
screening level if a practitioner notifies
CMS or its contractor that another
individual is using his or her identity
within the Medicare program, and to
require fingerprinting of high risk
provider and supplier types (but not of
individual practitioners who have been
the victim of identity or provider
number theft).
Response: We stress that we will work
closely with law enforcement against
those individuals who are perpetrating
Medicare identity theft. We do not plan
to use screening tools to address
identity theft concerns as it would not
be an adequate response. We believe
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
identity theft concerns are most
appropriately handled by our law
enforcement partners.
Comment: A commenter requested
clarification as to the screening level
assignment of in-home supportive
services (IHSS). If they fall into the
‘‘moderate’’ level, as do home health
agencies, the commenter expressed
concern that site visits could burden
program recipients.
Response: Medicare does not
recognize ‘‘in home supportive services’’
as a specific category of provider or
supplier. To the extent that the IHSS
supplier is or will be enrolling in
Medicare or Medicaid as a HHA, it will
be subject to the same requirements and
standards as all other HHAs. As for the
site visits, they will generally be
conducted at the HHA’s physical
locations.
Comment: Several commenters
expressed concern with the proposal to
re-assign physicians (and other
providers/suppliers) from the ‘‘limited’’
or ‘‘moderate’’ screening levels to the
‘‘high’’ screening level if a physician has
had billing privileges revoked by a
Medicare contractor within the previous
ten years. Billing privileges can be
revoked for a number of reasons
unrelated to fraud, waste, or abuse, such
as a failure to respond to a request for
revalidation documentation within
stringent contractor imposed deadlines.
They urged CMS to differentiate
between a temporary revocation of
billing privileges and revocations based
on actual misconduct by a provider or
supplier.
Response: As stated earlier,
revocation is undertaken as an
administrative remedy only if clearly
justified. Also, there is an appeals
process in place for provider
revocations. Should a revocation be
rescinded, the provider or supplier
would be restored to its previous
screening level.
Comment: A commenter urged CMS
to exercise the temporary moratorium
authority judiciously and to exempt
physicians from re-assignment from
level I (limited) to level III (high) if
physicians are ever subject to the
temporary moratorium; this would
include an exemption for physicians
enrolled as DMEPOS suppliers if the
latter are subject to a moratorium.
Response: We believe this commenter
is addressing a concern that if a
moratorium is imposed on a category of
providers that includes physicians or
physician-owned DMEPOS suppliers,
that when the moratorium is lifted the
provider or supplier category to which
the moratorium applied would be
moved to the high screening level for 6
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
months following the lifting of the
moratorium. The commenter is asking
for an exception to this proposal. A
moratorium may be imposed if there is
a heightened risk of fraud, waste or
abuse in a particular geographic area or
involving a certain provider or supplier
type. If a particular provider or supplier
type posed such a risk as to warrant a
moratorium, it would be inappropriate
for us to automatically exempt it from
enhanced screening once the
moratorium ends. In the event that we
were to impose a temporary moratorium
on physicians or physician-owned
DMEPOS suppliers, the moratorium
would be as narrowly tailored as
possible to address specific fraudulent
activity.
Comment: A commenter believes that
the moderate and high screening level
assignments for community pharmacies
are inappropriate and contended that:
(1) all existing community pharmacy
DME suppliers, as well as new locations
of existing community pharmacy DME
suppliers, should be designated as
limited risk, and (2) newly enrolling
community pharmacy DME suppliers
should be treated as posing a moderate
risk. The commenter stated that
community pharmacies are already
heavily regulated by the States and
Federal government through State
boards of pharmacy, CMS supplier
standards and surety bonds, and argued
that community pharmacies are not a
major source of fraud. The commenter
also urged CMS to incorporate into its
final rule the same exemption criteria
that CMS’s uses to exempt certain
community pharmacies from DME
supplier accreditation requirements. In
addition, the commenter stated that
CMS should designate community
pharmacies as limited risk suppliers if:
(1) They have had a supplier number for
at least 5 years; (2) their DME sales are
less than 5 percent of their total sales
over the last 3 years; and (3) they have
not received a final adverse action
against them in the past 5 years.
Another commenter stated that
DMEPOS sales are but a small portion
of genuine community pharmacy sales.
Accordingly, the proposal regarding
unannounced pre- and/or postenrollment site visits for moderate risk
suppliers and criminal background
checks and fingerprinting for high risk
suppliers may prove unbearably costly
and burdensome to community
pharmacies. The commenter added that
it could lead to community pharmacies
to stop supplying DME products,
causing access problems.
Response: As already stated, all
newly-enrolling DMEPOS suppliers,
regardless of sub-type or ownership,
PO 00000
Frm 00023
Fmt 4701
Sfmt 4700
5883
will be placed in the high level of
categorical screening. This includes new
DMEPOS locations, which have long
been treated as initial enrollments.
Moreover, we do not believe it is
appropriate to apply the community
pharmacy exemption for accreditation
to the risk classifications, as the
standards for accreditation are different
from the criteria we are using for the
risk classifications.
Comment: A commenter urged CMS
to more narrowly tailor its risk
assignments of provider or supplier
types by geography, so that DMEPOS
suppliers in many areas of the country
are not unfairly grouped into a higher
screening level merely because those
same DME supplier types pose major
fraud risks in other limited areas of the
country.
Response: We disagree. While some
areas of the country are undeniably
more prone to fraud than others,
fraudulent activity can occur anywhere.
Furthermore, we believe it most
objective to apply the same standard to
all parts of the country and use other
tools to narrowly tailor our approach
when necessary, including the
enrollment moratoria provision set forth
in this final rule with comment period.
Comment: A commenter requested
clarification on whether an existing
community pharmacy DME supplier
that seeks to add a new DMEPOS
supplier store would fall under the
moderate or high screening level under
the proposed rule. The commenter
believes this should fall within the
moderate screening level.
Response: As already stated, the
addition of a new DMEPOS location
would be subject to the level or
screening specified for providers and
suppliers assigned to the high screening
level.
Comment: A commenter expressed
concern that the Medicare contractor
may not know which companies are
publicly traded.
Response: We have eliminated the
distinction between publicly traded and
non-publicly traded companies; as such,
this comment is no longer applicable.
Comment: One commenter stated that
on June 23, 2010, the Director of the
Office of Management and Budget
published a memorandum titled,
‘‘Enhancing Payment Accuracy’’ through
a ‘‘Do Not Pay List’’; this Presidential
document stated that, ‘‘At a minimum,
agencies shall, before payment and
award, check the following existing
databases (where applicable and
permitted by law) to verify eligibility:
the Social Security Administration
Death Master File, the GSA’s EPLS, the
Department of the Treasury’s Debt
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5884
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
Check Database, the Department of
Housing and Urban Development’s
(DHUD) Credit Alert System or Credit
Alert Interactive Voice Response System
and the DHHS OIG LEIE.’’ The
commenter stated that CMS should
explain why the proposed rule does not
mention these verification sources.
Response: Medicare contractors have
long been required to review the EPLS
and the LEIE prior to enrolling a
provider or supplier in Medicare. In
addition, providers, suppliers and their
owners and managers are currently
reviewed against the SSA Death Master
File. As for the DHUD Credit Alert
System and the Department of the
Treasury’s Debt Check Database, we
understand the Presidential
memorandum requires review of these
systems prior to payment or award and
will integrate their use as appropriate in
our protocols.
Comment: Several commenters
supported the placement of hospitals in
the limited screening level. However,
they added that high risk or moderate
risk providers and suppliers that are
members of, operate as a part of, or are
owned by a hospital or a health system,
should instead fall under the same
limited risk assignment that CMS
proposes for hospitals.
Response: Again, for reasons already
mentioned, we have declined to
subcategorize individual providers and
suppliers based on their ownership.
Comment: Several commenters stated
that in States with orthotic and
prosthetic licensure, orthotic and
prosthetic DMEPOS suppliers should be
designated as limited risk, as there is no
evidence of significant elevated risk for
such licensed professionals. In States
without orthotic and prosthetic
licensure, several commenters stated
that the supplier should be treated as
limited risk if: (1) One or more of the
supplier’s practitioners are certified by
the American Board for Certification of
Orthotics, Prosthetics and Pedorthics or
the Board of Certification/Accreditation
International, or (2) the supplier itself
has been accredited by one of these
entities. Other commenters stated that if
the orthotic and prosthetic supplier is
not practitioner owned, but has been in
business at least 3 years, it should be
considered limited risk due to a
demonstrated lack of inappropriate
billings over time; if it is not
practitioner-owned and has not been in
business at least 3 years, it should be
rated as a moderate risk. Finally, the
commenters objected to the proposed
risk provision for this risk assignment
provision because: (1) Orthotics and
prosthetics is not part of DME, and has
significantly lower fraud and abuse
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
risks; and (2) there has not been
sufficient consideration of the impact of
number of years in business, or
accreditation/certification status as
factors that diminish risk.
Response: As stated earlier, we do not
believe certification or accreditation to
be dispositive of risk for fraud and
decline to adopt this suggestion. While
we appreciate the commenter’s
suggestion that we should look at length
of time in business as a means of
supporting the assessment of risk, we
believe that OIG and GAO reports and
experiences are instructive and rely on
those as well as our own data to support
the assignment to levels of screening
that we finalize in this rule.
Comment: A commenter expressed
concern that the time and cost necessary
to comply with the requirements in the
proposed rule is a significant burden on
small providers, in light of all of the
other requirements they are subjected
to. The commenter stated that for
reasons of reduced risk, time in business
and demonstrated commitment to
quality, no certified practitioner or
accredited orthotist or prosthetist
facility should be subject to background
checks and fingerprinting.
Response: We decline to adopt this
suggestion; to do so would foreclose the
possibility that any high risk
practitioner or orthotic or prosthetic
facility would be subject to enhanced
scrutiny.
Comment: A commenter questioned
whether requirements such as
fingerprinting will accomplish CMS’s
goal of tracking violators, since CMS
will have no way to ensure that the
person providing the fingerprints is the
person rendering the care. The
commenter also questioned whether
fingerprinting will help prevent identity
theft for physicians.
Response: We are confident that
fingerprint-based criminal history
record checks will enable us to identify
individuals who violate CMS existing
regulations at § 424.530(a) and
§ 424.535(a), and appropriately deny or
revoke Medicare billing privileges in
these circumstances. This screening tool
is intended to prevent individuals who
pose an elevated risk of fraud, waste,
and abuse from enrolling in the
programs. Physicians will not be subject
to the fingerprint-based criminal history
check if they are not in the high
screening level. Physicians as a category
are in the limited screening level and
providers and suppliers in the limited
screening level are not subject to
fingerprint-based requirements as are
individuals and entities in the high
screening level. The submission of
fingerprints for the purposes of an FBI
PO 00000
Frm 00024
Fmt 4701
Sfmt 4700
criminal history record check is not
intended to address identity theft
concerns.
Comment: A commenter stated that
raising a supplier’s screening level
seems reasonable only if the supplier
has come under a payment suspension
or if after investigation, the type of
provider and the services it will render
are not congruent on its enrollment
application.
Response: We disagree. There are, as
explained in this final rule with
comment period, a variety of final
adverse actions that we believe warrant
the placement of a provider or supplier
in a higher screening level. Payment
suspensions and inconsistent
information on the enrollment
application should not be the only two
grounds for elevating a provider’s
screening level.
Comment: A commenter stated that
with regard to the ‘‘high’’ screening
level, although government enforcement
efforts to date have shown fraud, waste
and abuse issues with HHAs and
DMEPOS suppliers in certain
geographical regions (for example,
South Florida, Texas, and California), it
is not clear that issues with such entities
are national. Because the criminal
background checks and fingerprints are
onerous requirements that are not
currently used by Medicare, the
commenter stated that CMS should limit
itself to introducing such requirements
in high risk geographic areas, rather
than nationally, at least at this stage.
Moreover, the commenter stated that
CMS has neither provided the data nor
made the convincing case that its
proposed changes will deliver results to
justify the extent to which the rules
would intrude on normal patient care
and business practices. With respect to
orthotic and prosthetic suppliers, the
commenter urged CMS to adopt a more
realistic approach that cracks down on
fraudulent providers, without either
considering every provider to be a
crook, or adding huge regulatory
burdens that could put honest,
legitimate, hard-working orthotic and
prosthetic suppliers out of business.
Response: We disagree that our
enhanced screening procedures should
initially be restricted to high risk
geographical areas. While some regions
of the country evidence fraud, waste
and abuse more than others, fraudulent
activity can occur anywhere. In
addition, we believe that a national
approach is most objective in
implementing the screening provisions
herein. We will rely on other program
integrity tools, including, without
limitation, the enrollment moratoria
authority contained within this rule, to
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
address concerns in particular locales.
Moreover, CMS will monitor
implementation of the final
requirements on provider and supplier
screening with respect to patient care
and business practices.
Comment: A commenter stated that
with respect to changing a health care
provider’s level of screening, the basis
for this determination should be on
information released during 2011 and
beyond.
Response: We disagree. We have
found that long-term trends (for
example, data from 2005 through 2009)
are often good indicators of potential
fraudulent activity.
Comment: A commenter suggested
that CMS establish certain exemptions
to DMEPOS suppliers prior to a
company being deemed a moderate or
high risk supplier, such as: (1) A
multiple year history as a DMEPOS
provider; (2) award of a DMEPOS
competitive bidding contract (where
CMS itself has extensively reviewed the
financials of contracted suppliers); and
(3) accreditation by a CMS-approved
third party.
Response: We did not base our
development of levels of screening and
the assignment of provider and supplier
categories to these levels of screening of
fraud, waste or abuse on the past
experience of specific individual
providers. Rather, it is based on
collective experience of provider and
supplier categories. Furthermore, we do
not believe length of time in business is
an appropriate determination of fraud
risk. Similarly, as described previously,
we do not believe accreditation is—in
and of itself—an indication that a
provider or supplier should be assigned
to the limited screening level. Finally,
we decline to accept the commenter’s
suggestion that the award of a DMEPOS
competitive bidding contract should
provide an exemption from the
assignment specified in this rule. The
criteria for competitive bidding are
different than those that we are using to
determine the appropriate screening
level appropriate to particular categories
of provider or supplier.
Comment: A commenter stated that
any criteria utilized by CMS to assign
screening levels should be made public,
and that CMS should regularly review
its assignment to screening levels. The
commenter questioned whether
automatically applying the proposed
additional screening measures for
providers and suppliers assigned to the
moderate and high levels will be
effective in shutting-out sham suppliers
and past violators from participating in
Medicare, particularly since these
safeguards do not protect Medicare
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
against criminals who use a shell as the
owner of record to avoid detection. The
commenter believes that the recently
implemented accreditation and bonding
requirements for DMEPOS suppliers are
a stronger deterrent in ensuring that
fraudulent suppliers are not able to
participate in Medicare, and
recommended that CMS first determine
whether these requirements adequately
deter fraud before imposing additional
and arguably less effective safeguards,
especially considering the cost and
burden of these new requirements.
Response: Criteria for the risk
assessments were discussed in the
proposed rule and this final rule with
comment period. The criteria will be
reviewed on a consistent and ongoing
basis, and in the event we decide to
update the assignment of screening
levels, we will publish a regulatory
document in the Federal Register. We
do not believe, though, that we should
wait for the results of the accreditation
and surety bond requirements before
taking additional steps to address
program integrity problems related to
DMEPOS suppliers. Indeed, it could
take several years for the full impact of
the surety bond and accreditation
requirements to take effect on our antifraud efforts. As such, we do not believe
it to be premature to assign newlyenrolling DMEPOS suppliers to the high
screening level and require enhanced
screening pursuant to this rule. It is our
expectation that all of these program
integrity protections together will lessen
the risk of fraud and abuse in the
Medicare program.
Comment: A commenter stated that
the language in § 424.500, et seq., does
not define ‘‘Medicare contractor,’’ and
the verbiage in the preamble is
somewhat vague. The commenter
requested clarification as to: (1) The
contractors that will be conducting the
on-site visits, (2) whether this approach
will be uniform across the country, and
(3) the training and experience the
individuals conducting these visits will
have.
Response: Since the term ‘‘Medicare
contractors,’’ as used strictly in the
provider enrollment context, is
generally understood and recognized by
the provider community to mean the
entities that process CMS–855 provider
enrollment applications, we do not
believe it is necessary to include a
formal definition of this term in this
final rule with comment period. The
contractors that will conduct site visits
will vary, as will the scope and breadth
of individual visits; however, such site
visits will be in accordance with
guidance issued by CMS. Those who
will conduct site visits will receive
PO 00000
Frm 00025
Fmt 4701
Sfmt 4700
5885
appropriate instructions and oversight
regarding the performance of the visits.
Comment: Several commenters stated
that HHAs and hospices are already
subject to a State survey prior to
enrollment—as well as on a periodic
basis thereafter—thus making a site visit
superfluous. As such, initially enrolling
HHAs and hospices should be included
in the limited screening level rather
than in the moderate screening level. A
commenter also stated that including all
revalidating HHAs, hospices and DME
suppliers in the moderate screening
level is unfair and inappropriate, as they
are already established providers; the
commenter believes it should be exempt
from the site visit requirement if it has
been in existence for at least 5 years and
there is no reason to suspect fraudulent
activity. The commenter added,
however, that additional site visits and
increased medical review during the
provider’s first 5 years of enrollment
could be performed to ensure
compliance. Another commenter stated
that it would be better to conduct HHA
site visits, if they had to be performed,
with existing or recent patients in their
homes, since most care is provided to
patients in their homes; care is not
provided in the HHA or hospice office.
Response: We do not believe that a
site visit is superfluous. Due to the
length of the enrollment, survey, and
certification processes, we believe it is
important for us to institute verification
activities at multiple points during this
period, and not to restrict its validation
efforts to the enrollment process and the
State survey. Moreover, we do not
believe that site visits should be limited
to providers who have been enrolled for
less than 5 years, as we do not have data
to suggest that those who have been
enrolled for 5 years or more present less
of a fraud, waste, and abuse concern
than newly enrolled providers and
suppliers. Finally, and as mentioned
earlier, provider enrollment site visits
will be conducted at the HHA’s physical
locations.
Comment: A commenter asked CMS
to describe the process the Medicare
contractors are using to review State
licensing data on a monthly basis. The
commenter also requested clarification
as to whether the reference to ‘‘nonpublic, non-government owned’’ applies
only to affiliated ambulance services
suppliers, or extends to the other
provider types listed in the moderate
level.
Response: The contractors use various
processes to review licensure data;
frequently, this is an automated process.
With regard to the clarification
requested, the term as used in the
NPRM applied only to ambulance
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5886
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
suppliers. However, as we have
eliminated the distinction between
public and non-public ambulance
service providers, this comment is no
longer applicable.
Comment: A commenter suggested
that CMS consider reclassifying
providers and suppliers in the
‘‘moderate’’ and ‘‘high’’ screening level to
the ‘‘limited’’ risk level if the provider or
supplier is subject to State licensure
requirements. In addition, the
commenter opposed reclassifying
providers or suppliers from one
screening level to another based strictly
on their geographical location. To do so
would be arbitrary, and would not
reflect the risk associated with
particular provider or supplier types.
Response: As already mentioned, we
do not believe that State licensure is, in
and of itself, indicative of a limited risk
of fraud. In addition, we do not plan to
reclassify providers or suppliers based
solely on geographical location. As
stated earlier, if we identify a concern
among provider and supplier categories
in a particular geographic location, our
authority to impose a temporary
moratorium will help to address those
concerns. However, we do retain the
authority to add geographic location as
a criterion for adjusting a provider or
supplier’s screening level through future
rulemaking.
Comment: A commenter expressed
concern that fingerprinting: (1) Could be
very costly; (2) raises privacy and
security concerns once an organization
begins to collect, maintain, administer
access and store a database of
fingerprints; and (3) is technologically
being replaced by much more modern
and reliable identification techniques.
The commenter urged CMS to avoid
requirements for fingerprinting in
screening requirements and to use more
modern techniques.
Response: As already mentioned, we
believe that fingerprint-based criminal
history record checks will be an
effective tool in combating Medicare
waste, fraud, and abuse. In our view,
such criminal history record checks—
more effectively than a name-based
background check—will prevent
ineligible individuals from enrolling in
the Medicare program. CMS believes
that the cost to both the applicants for
the collection of fingerprints, and to
CMS for the processing of the prints is
not unduly burdensome either to the
providers and suppliers or the agency.
We would like to clarify that CMS will
not be collecting and storing any
fingerprints. As mentioned earlier, the
selected authorized channeler will
collect and transmit the prints
electronically directly to the FBI CJIS
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Division’s Wide Area Network to check
against the IAFIS, the FBI maintained
database. CMS will only receive the
criminal history record information, and
will protect that information as the
Privacy Act requires—both from a
privacy and security standpoint. In
response to the commenter’s third
remark, while CMS is aware of the
advances in technology in the biometric
market, the FBI and State law
enforcement standard is currently the
fingerprint. Once the FBI or State law
enforcement requires a new standard of
identification to access the criminal
history record information, we will
comply with that standard.
Comment: A commenter suggested
that in implementing the screening
requirements, CMS should minimize
duplication of effort. Often the same
providers who participate in traditional
Medicare are also participating in other
plans, such as Medicaid. Having
separate screenings could be
burdensome and inefficient.
Response: We agree with the
commenter that every possible attempt
should be made to avoid duplication of
effort. To that end, we have attempted
to address this concern by providing
that the States may rely upon a
screening performed by the Medicare
program.
Comment: A commenter supported
the concept of applying geographical
circumstances when adjusting providers
or suppliers from one screening level to
another, and recommended that antifraud efforts be coordinated with other
payers—such as through information
sharing—because providers and
suppliers perpetrating fraud do so
across the spectrum of payers, and that
reality should be integrated into CMS’s
overall strategy.
Response: We agree that anti-fraud
efforts should be coordinated among
payors and we are taking steps to
promote greater coordination. As stated
previously, we believe our temporary
moratoria authority described later in
this rule will be an effective tool in
particular geographic locations. We may
revisit as a factor for enrollment
screening level in future rulemaking.
Comment: Several commenters stated
that new locations of currently enrolled
Medicare DMEPOS providers should be
distinguished from other providers that
do not have an established record with
the Medicare program. CMS should
therefore screen new locations of
Medicare enrolled suppliers in the same
manner as it proposes to screen
currently enrolled providers.
Response: We disagree. As previously
stated, the addition of a new location is
considered an initial enrollment.
PO 00000
Frm 00026
Fmt 4701
Sfmt 4700
Consequently, a new DMEPOS location
will be subject to the ‘‘high’’ level of
categorical screening.
Comment: Several commenters
requested that occupational and
physical therapists, including those
enrolled or applying to enroll as
DMEPOS suppliers, be placed in the
limited risk level.
Response: As stated earlier, all newlyenrolling DMEPOS suppliers (including
those with new practice locations),
regardless of sub-type, and including
those that are owned by occupational
and/or physical therapists, will be
subject to a high level of categorical
screening. For physical therapists
enrolling as individuals or group
practices via, respectively, the CMS–
855I and CMS–855B applications, these
suppliers will be placed in the moderate
level of screening. As we explained
earlier with respect to physical therapy
providers, we believe the classification
of physical therapists in the moderate
level is supported by a recent OIG report
entitled ‘‘Questionable Billing for
Medicare Outpatient Therapy Services’’
(December 2010) (https://oig.hhs.gov/oei/
reports/oei-04-09-00540.pdf), which
found, among other things, that MiamiDade County had three times, and
nineteen other counties had at least
twice, the national level on five of six
questionable billing characteristics.
Comment: A commenter asked
whether CMS will identify the
contractors that will perform these
screenings, or whether it will accept
screenings performed by commercial
screening services widely used by large
employers outside the health care
industry.
Response: We believe the commenter
is referring to criminal background
screenings. To comply with the FBI
requirements that only authorized
channelers submit fingerprints to the
Wide Area Network, and receive the
criminal history record information
from the FBI, CMS will contract with a
pre-approved FBI authorized channeler.
In the future guidance, CMS will
identify the selected authorized
channeler(s) where individuals may
have their fingerprints collected, or to
whom they may submit the FD–258 card
that was completed at a local law
enforcement agency. In addition to
ensuring compliance with FBI security
requirements, such authorized
channelers have vendors all over the
country where individuals can have
their fingerprints electronically
collected. In addition, individuals may
have their prints taken on the FD–258
paper card at a local law enforcement
agency, and then have it sent to the
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
authorized channeler to have it digitized
and submitted to the FBI.
Comment: A commenter had several
suggestions for screening levels. The
commenter recommended that the
limited screening level include
providers affiliated with non-profit
acute care hospitals or health systems;
any not-for-profit providers who have
been in existence for at least 20 years
and who have filed annual cost reports
(if required) for their line of business;
and any for-profit providers in business
for 20 years as a single site provider.
The moderate screening level should
include all other providers except those
indicated in the high screening level,
plus any provider who has entered into
a settlement with a government agency
(Federal, State or local) within the past
20 years, up through the most recent 5
years, where such settlement covered
any over-charge allegations. The high
screening level should include any
provider who has entered into a
settlement with a government agency
(Federal, State or local) for any
overpayment in the past 5 years; and
any provider or group of providers
which may currently be under review
for possible billing overcharges or other
violations who is seeking either a new
provider number or seeking a new
provider location.
Response: We appreciate these
suggestions, and may consider them as
part of a future rulemaking effort should
circumstances warrant. However, for
now, and for the reasons described
previously, we believe that the
screening level assignments discussed
in this preamble will best implement
the statute.
Comment: A commenter
recommended that CMS refrain from
publicly posting risk levels, particularly
as they relate to individual providers or
group practices. The commenter
believes that in some instances this
could give a false impression as to the
level of risk of any provider or supplier,
and that CMS has not clarified how this
action will assist the agency with fraud
prevention.
Response: To the extent permitted by
Federal law, we do not plan to publish
risk assessments and the corresponding
screening level of individual providers
or suppliers.
Comment: A commenter urged CMS
to provide contractors with sufficient
and targeted resources to handle
identity theft screening to ensure that
the additional screening precipitated by
identity theft will not delay processing
of new enrollment applications.
Response: As mentioned throughout
this rule, we do not plan to use
fingerprint-based criminal history
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
record checks to address identity theft
concerns. Identity theft is within the
purview of law enforcement and we will
make referrals to our law enforcement
partners whenever appropriate.
Comment: A commenter requested
clarification as to whether a revalidating
provider would need to resubmit
fingerprints with its application. The
commenter believes this would be
burdensome, costly, and unnecessary,
since fingerprints do not change.
Response: If an individual has
provided fingerprints on one occasion,
we will not ask such individual to
furnish fingerprints a second time
unless required by FBI protocols.
Comment: A commenter disagreed
that in all cases publicly traded entities
pose a ‘‘limited’’ risk while all HHA
companies that are not publicly traded
pose a ‘‘moderate’’ risk to the program.
The commenter supported the ‘‘high’’
risk assignment for those new to the
program, but stated that the proposed
rule does not consider that companies
that have operated successful and
compliant HHAs for years would fall
into the high screening level if they
were to open a new location or branch
simply based on the arbitrary
assignment of the screening level.
Response: As stated earlier, we
believe that newly enrolling HHA
locations (for which a CMS–855 is
submitted) should be subject to the
enhanced scrutiny of the high risk
screening level. Further, as stated
earlier, we have eliminated the
distinction between publicly traded and
non-publicly traded companies.
Comment: A commenter urged CMS
to expand the definition of limited risk
to include entities that file with the
Securities and Exchange Commission
(SEC), even though they do not have
securities traded on the NYSE or
NASDAQ. By reason of their debt
obligations, such entities are subject to
the same disclosure and reporting
requirements under Federal securities
laws as a company that is subject to
section 13 or 15(d) of the Securities
Exchange Act of 1934, as amended (the
‘‘Exchange Act’’).
Response: As stated earlier, we have
eliminated the distinction between
publicly traded and non-publicly traded
companies, and the comment is no
longer applicable.
Comment: A commenter stated that
adjusting HHAs from the ‘‘limited’’ or
‘‘moderate’’ screening level to ‘‘high’’ risk
simply because they reside in an area
for which CMS imposes a moratorium is
arbitrary and punishes good HHAs with
no consideration of their compliant
service to the Medicare beneficiaries
and the program.
PO 00000
Frm 00027
Fmt 4701
Sfmt 4700
5887
Response: As explained elsewhere in
this section and also later in the general
discussion regarding moratoria, a
moratorium may be imposed if there is
a heightened risk of fraud, waste, or
abuse in a particular area or involving
a certain provider or supplier category.
If a particular provider or supplier type
posed such a risk as to warrant a
moratorium, it would be inappropriate
for us to automatically exempt it from
enhanced screening once the
moratorium ends. To do so would, in
effect, require us to state that once the
moratorium ends, that provider or
supplier type no longer poses a risk, a
conclusion that we could not
necessarily draw.
Comment: A commenter stated that
the assignment of risk should be based
on defined criteria beyond those
proposed, such as compliance history
related to billings, medial review, and
history of negative audits from the
program safeguard contractors. The
commenter added that defined criteria
should also be used to identify when
providers are moved to different
screening levels. For instance, brand
new HHAs with no previous enrollment
history should be part of the high
screening level; however, upon 5 years
of compliant operation, they should be
moved to the moderate screening level.
If a company with a 5 year compliance
history opens a HHA, it should not be
assigned to the high screening level;
instead, it should be assigned to the
moderate screening level based on its
good history with Medicare. Agencies
that have a 7 year or more compliance
history should be assigned the limited
screening level.
Response: Though we do not at this
point believe that length of time as a
Medicare provider should be a criterion
for reducing a provider’s or supplier’s
screening level, we may consider this as
part of a future rulemaking effort should
circumstances warrant.
Comment: A commenter believes that
the phrase ‘‘Indian Health Service
facilities’’ should be deleted in favor of
‘‘health programs operated by an Indian
Health Program (as that term is defined
in section 4(12) of the Indian Health
Care Improvement Act) or an urban
Indian organization (as that term is
defined in section 4(29) of the Indian
Health Care Improvement Act) that
receives funding from the Indian Health
Service pursuant to Title V of the Indian
Health Care Improvement Act.’’ Such
language would encompass all Indian
and tribal programs that are carried out
pursuant to the Indian Health Care
Improvement Act (IHCIA) and Indian
Self-Determination and Education
Assistance Act (ISDEAA). Moreover, to
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5888
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
ensure that all Indian and tribal health
programs are treated as limited risk, the
exception in (b)(1) and (c)(1) should be
amended to refer to Indian and tribal
health programs. The commenter stated
that the burden on Indian and tribal
providers of meeting new screening
requirements would be significant and
duplicative of screening requirements
imposed already under the Indian Child
Protection and Family Violence Act on
many of the providers.
Response: We will revise the language
in the final regulation as requested by
the commenter to ensure that Indian
and tribal health programs are described
accurately and are assigned to the
limited screening level.
Comment: A commenter stated that
CMS should designate provider
screening levels in the final rule with
comment period, and should require
changes in the risk level for a provider
type to be subject to the rulemaking
process.
Response: We have specified the
different screening levels in this final
rule with comment period. Should a
change in a particular provider or
supplier type’s classification be
warranted and should it necessitate a
change in existing regulatory language,
we will publish notice of it in the
Federal Register. However, we will not
publish notice of the circumstances
under which an individual provider or
supplier has been moved to an elevated
level of screening as described in
§ 424.518(c) and § 455.450(e).
Comment: A commenter stated that
ophthalmologists, optometrists, and
opticians who only bill as DMEPOS
suppliers for post-cataract glasses and
lenses should fall into the limited
screening level.
Response: As detailed previously,
currently enrolled DMEPOS suppliers
will be placed in the moderate level of
categorical screening and newlyenrolling DMEPOS suppliers will be
assigned to the high level of screening.
Comment: A commenter opposed
CMS’ proposal to consider assigning all
providers or suppliers in a specific
geographic location to a higher level of
screening, solely because others in that
area may be considered moderate or
high risk. The commenter believes this
type of action was arbitrary, and could
cause new, limited risk providers to
think twice before entering a geographic
market, thus potentially blocking
beneficiary access to needed services.
Response: We did not assign any
provider or supplier category to a
screening level based on geography.
Comment: A commenter did not
believe independent laboratories should
be placed in the moderate screening
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
level, due to their high level of
regulation. The commenter stated that
the sheer volume has no bearing on risk
and that they are already subject to
regular site visits.
Response: We disagree. Based on our
experience, we believe that independent
laboratories are appropriately assigned
to the moderate screening level. We note
that newly-enrolling DMEPOS suppliers
are, too, subject to site visits, yet they
are assigned the high screening level.
Comment: A commenter stated that
all physicians should not be placed in
the limited screening level. Several
specialties are increasingly engaging in
abusive self-referral arrangements.
Response: For the reasons stated
previously, we believe that physicians
and non-physician practitioners are
appropriately classified in the limited
screening level. Moreover, we note that
the final rule with comment period
contains provisions for elevating a
particular physician’s or practitioner’s
screening level in certain circumstances.
Comment: One commenter disagreed
that geographical circumstances should
justify the adjustment of FQHC
providers and suppliers to elevated
screening levels based upon this
criterion alone. The commenter stated
that FQHC entities are in an entirely
different classification and should not
be subject to the same categorical
movement.
Response: We assume this commenter
is concerned about our ability to
reassign providers or suppliers after a
temporary moratorium is lifted such
that FQHCs could be classified as high
risk in the event they are located in an
area in which a temporary moratorium
is lifted. We intend to finalize the
elevated risk factors. We believe it
important to closely monitor all
providers and suppliers in the event a
temporary moratorium is imposed—and
for a period thereafter. We note that this
would only apply to providers and
suppliers to which the moratorium
applied. Unless the moratorium that
was lifted had applied to either all
providers and suppliers in a geographic
area or to a category of providers or
suppliers that included FQHCs or to
FQHC specifically, the elevation to the
high screening level would not apply to
FQHCs or any other provider or supplier
category not originally subject to the
moratorium.
Comment: A commenter: (1)
Expressed concern about potential
application delays if the Medicare
contractors have insufficient funds to
conduct these visits; (2) requested
assurances from CMS that adequate
funds will exist; and (3) recommended
that CMS provide guidance to the
PO 00000
Frm 00028
Fmt 4701
Sfmt 4700
Medicare contractors on the timeframes
within which enrollment inspections
shall occur.
Response: We believe that adequate
funds will exist to perform the required
site visits, and we will issue guidance
to our contractors regarding processing
times.
Comment: A commenter expressed
concern that tax-exempt, faith-based
HHAs will be subject to a higher level
of scrutiny than publicly traded forprofit HHAs. The commenter believes
that such faith-based HHAs should be
placed in the limited screening category.
Response: We have eliminated the
distinction between publicly traded and
non-publicly traded HHAs. We decline
to adopt the commenter’s suggestion to
assign faith-based HHAs in the limited
level of screening as it has not been our
experience that faith-based HHAs
present a different risk of fraud and
abuse than non-faith-based HHAs.
Comment: A commenter stated that
the inclusion of CMHCs in the
‘‘moderate’’ risk group seems
appropriate given the history of fraud in
‘‘for profit’’ CMHCs. The commenter
believes, however, that in the future,
‘‘not for profit’’ CMHCs be considered
for status as a ‘‘limited’’ screening level.
Response: We decline to adopt the
commenter’s suggestion, as it has not
been our experience that non-profit
CMHCs pose a different risk than forprofit CMHCs. We will monitor CMHCs
and other provider and supplier types
after this final rule with comment
period is implemented and, if need be,
make adjustments to various risk
classifications.
Comment: A commenter stated that
the fingerprint requirement is
problematic. The FD–258 fingerprint
card could be fairly easy to obtain and
complete without the involvement of
government officials or by manipulating
the form before forwarding it to the
concerned government representative
which could lead to fraudulent data
being accepted by CMS contactors. In
order to ensure the validity and
acceptability of fingerprint data, the
commenter stated that a clear chain of
custody will be required for the FD–258
cards, providing for uninterrupted and
secure forwarding of the completed
cards from an originating law
enforcement office to the CMS
contractor. The commenter believes that
consultation with the FBI and other
expert agencies on this subject could
prove valuable.
Response: CMS has consulted and
will continue to consult with the FBI
regarding the use of the FD–258 card. As
noted previously, CMS has found that in
addition to a longer processing time for
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
the FD–258, there is a higher cost to
CMS for the processing of such cards.
However, individuals who have their
prints collected by a local law
enforcement agency must use the FD–
258 card and submit it to CMS’
authorized channeler. The authorized
channeler will digitize such FD–258
cards obtained at a local law
enforcement agency for submission to
the FBI. The chain of custody will
conform to the FBI Security and
Management Control Outsourcing
Standard for Channelers and NonChannelers and the FBI’s Criminal
Justice Information Services (CJIS)
Division’s Security Policy.
Comment: A commenter
recommended that the proposed
screening procedures be applied across
the board for all providers and suppliers
in or being introduced into any aspect
of the Medicare, Medicaid or CHIP
system.
Response: We disagree with this
comment. Different categories of
providers and suppliers pose different
risks that must be addressed in distinct
ways.
Comment: A commenter
recommended that when determining
whether to adjust an individual
DMEPOS supplier’s screening level,
CMS should consider the supplier’s:
(1) Experience in furnishing services; (2)
experience in the geographic area; (3)
accreditation status and compliance
with quality standards; and (4)
compliance program, as well as any past
fraudulent activity by the supplier or its
employees and the category of DMEPOS
it furnishes.
Response: We decline to adopt this
approach. First, we believe that this
could be subject to inherently arbitrary
implementation. Second, as has been
described previously, we believe the
ACA requires us to assign categories of
providers and suppliers to a level of
screening based on the risk for fraud.
The criteria the commenter proposes
would necessitate a level of prescreening that is not feasible for every
applicant CMS must process.
Comment: A commenter stated that
providers and suppliers should be
individually notified of the screening
level into which they will be placed and
the reasons for such designation. The
categorizations should not be made
public because that could easily lead to
irreparable damage to reputations and
the companies’ business.
Response: The publication of this
final rule with comment period serves
as notification to suppliers and
providers of the assignment of their
category to a particular screening level.
The only new screening requirement
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
that requires action on the part of a
provider or supplier is the fingerprintbased criminal history record check. As
stated, there will be an additional 60
day period after the publication of
subregulatory guidance prior to its
implementation for DMEPOS and
HHAs. In instances where an individual
provider or supplier has been reassigned
to a higher level of scrutiny under
§ 424.518(c)(3), we anticipate that each
provider or supplier will be
individually notified of its newly
assigned screening level prior to
revalidation. This process will be
clarified in the subregulatory guidance
that CMS will issue as described in this
final rule with comment period.
Moreover, to the extent permitted by
Federal law, we do not intend to make
public a particular provider or
supplier’s screening level assignment.
Comment: A commenter requested
that CMS expand the limited screening
level defined in the proposed regulation
to include the term ‘‘non-physician
practitioner.’’ This term is frequently
used to describe nurse practitioners,
clinical nurse specialists, and
physicians’ assistants.
Response: This regulation uses the
term ‘‘non-physician practitioner’’ in
describing categories of providers
assigned to a level of screening. See
§ 424.518(a)(1)(i).
Comment: A commenter
recommended that, to the extent
allowed under law, CMS disclose
limited information about the risk
model so as to avoid reverse-engineering
by individuals intent on defrauding the
Medicare program.
Response: We appreciate this
comment, but believe it is important
that the provider and supplier
communities be made aware of what
will be required as part of the
enrollment process.
Comment: A commenter
recommended that reimbursement be
provided for the cost of the background
check and fingerprint card. With budget
cuts and regulatory mandates, providers
are struggling to meet the increasing
costs of delivering health care services
in an environment with decreasing
resources. Another commenter
suggested, however, that fingerprinting
be done at the cost of the provider prior
to the Medicare contractor receiving the
enrollment application.
Response: A fingerprint-based
criminal history record check is part of
the Medicare enrollment screening
process for specified applicants. The
cost of the having the fingerprints taken
and supplying the fingerprints to the
authorized channeler, whether
electronic or on the card, will be borne
PO 00000
Frm 00029
Fmt 4701
Sfmt 4700
5889
by the provider or supplier. There will
be no cost to the provider or supplier for
the subsequent processing of the prints
or the background check, as CMS will
pay for the processing of the prints and
the criminal history record check.
Comment: A commenter
recommended that providers be able to
have their fingerprints electronically
scanned with a vendor contracting with
the Federal government.
Response: Shortly after the
publication of this final rule with
comment period, we will be issuing
guidance to the provider and supplier
communities regarding the processes for
obtaining fingerprints. We anticipate
that CMS will contract with an FBIapproved authorized channeler for the
collection and transmission of
fingerprints. It is our understanding that
such authorized channelers use
electronic technology to collect and
process fingerprints. We will provide
more information regarding available
technologies and vendors prior to the
implementation of this requirement, as
announced 60 days prior to the effective
date through the publication of
subregulatory guidance.
Comment: A commenter stated that
CMS needs to ensure that information
used in the classification of suppliers is
correct and appropriate. Thus, CMS
should require that only final agency
actions be used as a basis for assigning
suppliers. Decisions overturned on
appeal should have no bearing or effect
on the supplier’s screening level.
Response: We do not believe it is
appropriate to wait until a particular
action is final before shifting a provider
into a different screening level. The
appeals process can take an extended
period, during which a provider intent
on defrauding the Medicare program
could have more time to do so if
permitted to remain in a lower
screening level. As already mentioned,
should a particular action be rescinded,
the provider will be restored to its
previous screening level.
Comment: A commenter stated that
pharmacies licensed by the State—
whether newly enrolling or as part of an
additional location—should be specified
as limited risk providers.
Response: As we mentioned earlier,
State licensure is not automatically
indicative of the screening level that
should be ascribed to a category of
provider or supplier.
Comment: A commenter questioned
whether hospice organizations are
correctly included within the moderate
screening level and should instead be
included in the limited screening level.
The commenter did not believe that
sufficient data exists to justify placing
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5890
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
hospices in the moderate screening
level.
Response: For the reasons we
explained, we believe that hospices are
most appropriately as assigned to the
moderate screening level.
Comment: A commenter stated that if
an enrollment moratorium were placed
on a particular geographic area and then
lifted, the Medicare contractor would be
required to conduct background checks
and fingerprints on all physicians in
that area. The commenter urged CMS to
reconsider the burdens and costs of
doing so for large groups of providers.
The delays in processing these
applications would deter physicians
from enrolling and revalidating their
enrollments. The commenter also stated
that CMS should limit those physicians
placed in the highest level of screening
to individuals previously found guilty
of crimes against Medicare or where
there is publicly available evidence to
justify such intrusions.
Response: The situation described in
the commenter’s first sentence would
only apply in the unlikely event that
physicians in that area were subject to
a moratorium. As stated earlier, CMS
does not believe that the collection of
the fingerprints for the FBI fingerprintbased criminal history record check will
substantially impact the time to process
an enrollment application by the
relevant Medicare contractor. If, as will
most likely be the case with any
temporary enrollment moratorium, the
moratorium only applies to nonphysician provider or supplier types,
physicians would not be affected by the
lifting of the moratorium. We believe we
have clarified this point in the final rule
with comment period.
Comment: Regarding fingerprinting
and background checks, a commenter
requested clarification regarding: (1)
How the information will be stored and
whether it will be destroyed after a
period of time; (2) how the information
will be used; (3) what constitutes
background information that rises to the
level of a threat to Medicare; (4) whether
the physician or non-physician
practitioner be afforded a copy of the
results; (5) the policies that will ensure
that the information is protected and
secure and, in the event of a security
lapse, whether the practitioner will be
notified; (6) who will be conducting the
background checks; (7) whether the
information will be added to State or
Federal databases for other purposes;
and (8) whether practitioners will know
prior to or at the time of application
submission that they will be subject to
these additional requirements.
Response: We have clarified in this
final rule with comment period that the
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
fingerprint requirement will be used in
the context of obtaining FBI criminal
history record information. This
information will be stored according to
all Federal requirements as well as the
FBI’s Security and Management Control
Outsourcing Standard for Channelers
and Non-Channelers and the CJIS
Security Policy. CMS will rely on
existing authority to deny and revoke
enrollment at § 424.530(a) and
§ 424.535(a) if an individual who
maintains a 5 percent or greater direct
or indirect ownership interest in a
provider or supplier has certain prior
felony convictions, or if an enrollment
application contains false or misleading
information. The FBI will send the
results of the criminal history record
check only to the authorized channeler,
who will be permitted to send the
results only to the authorized recipient,
or an FBI approved outsourced third
party. In the event of loss of the criminal
history record reports, CMS will follow
the established protocol for
communicating with the public and
individuals regarding the loss of
personally identifiable information. The
criminal history record information is
compiled when the FBI receives the
fingerprint and links it to an existing
record(s) of arrest and prosecution in
State and FBI databases. Individuals or
entities do not conduct criminal
background checks. CMS, through an
authorized channeler, will be accessing
existing law enforcement data on
fingerprinted individuals as required by
this final rule with comment period.
CMS will inform all relevant
individuals of their requirement to
submit fingerprints for the purposes of
an FBI criminal history check as a
condition of enrollment. While we are
finalizing this screening method, we do
not plan to implement this provision
upon the effective date. Instead, we will
be issuing additional guidance to
providers, suppliers, the general public,
and our contractors after the publication
of this final rule with comment period
to explain the operational aspects of the
fingerprint-based criminal history
record check requirement. As stated
previously, we will delay
implementation until 60 days after the
publication of subregulatory guidance.
Comment: A commenter asked who
will pay the fee for the fingerprinting
and, if the physician or practitioner
must pay it, whether he or she will be
reimbursed, given the restrictions on
application fees for certain noninstitutional providers.
Response: The relevant individuals
who are required to undergo the
criminal history record check will incur
the cost of having their fingerprints
PO 00000
Frm 00030
Fmt 4701
Sfmt 4700
taken. Providers and suppliers will not
be reimbursed by Medicare, Medicaid or
CHIP for the fingerprint collection costs.
CMS will bear the cost of processing the
fingerprint-based criminal history
record check for providers and suppliers
that enroll in Medicare. For Medicaidonly and CHIP-only providers, the
States and Federal government will
share these costs.
Comment: A commenter stated that
fingerprinting is generally limited to
certain hours of the day. Due to the
demands of physicians’ schedules, the
commenter asked how CMS will ensure
the availability of fingerprinting for
those physicians placed in the high
screening level.
Response: Physicians who are
enrolled in Medicare as practicing
physicians will generally not be subject
to fingerprinting. Fingerprint-based
criminal history record checks will only
be required in the case of providers or
suppliers that are assigned to the high
screening level. Physicians are generally
assigned to the limited screening level.
Comment: A commenter urged CMS
to ensure that fingerprinting and
background checks do not delay the
enrollment of legitimate and honest
physicians.
Response: Physicians are generally
assigned to the limited screening level
and, as such, will not be subject to
fingerprinting based on their enrollment
as a physician. Physicians who choose
to enroll as DMEPOS suppliers or HHAs
will be required to undergo a
fingerprint-based criminal history
record check as a requirement of the
high screening level but, as stated
previously, CMS does not believe this
requirement will significantly delay the
enrollment of any provider or supplier.
Comment: A commenter stated that
hospital-owned HHAs and hospices
should be designated as limited risk
and, therefore, should not be subject to
unannounced and unscheduled preenrollment and/or post-enrollment
onsite visits.
Response: For the reasons already
discussed, newly enrolling HHAs will
be placed in the high screening level,
regardless of ownership.
Comment: Several commenters stated
that implementing the new screening
procedures by March 23, 2011 is not
feasible due to the coordination efforts
required between Medicare and
Medicaid. They recommended that the
implementation date be moved to March
23, 2012.
Response: We disagree, and believe
that all screening procedures except the
fingerprint-based criminal history
record check required for those in the
high level of screening will be in place
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
beginning on March 25, 2011. As noted
previously, we will delay
implementation of such high screening
level until 60 days after the publication
of subregulatory guidance on how this
provision will be implemented. Further,
we believe the statute requires the
implementation dates that we have
specified.
Comment: A commenter
recommended that CMS reconsider the
risks associated with allowing existing
enrollees to be exempted from the new
screening procedures until March 23,
2012. The commenter believes this
creates a potential gap in program
integrity.
Response: The ACA specifies the
effective dates for the new screening
provisions. For newly enrolling
providers and suppliers, and for those
currently enrolled whose revalidation is
scheduled between March 25, 2011 and
March 23, 2012, the effective date is
March 23, 2011 or the date scheduled
for the revalidation. For providers and
suppliers assigned to the high screening
level, the fingerprint-based criminal
history record check requirement will
be implemented through subregulatory
guidance and will be effective 60 days
following the publication of the
guidance. All other screening
requirements are effective on March 25,
2011 for those in the high screening
level. For all other currently enrolled
providers and suppliers, the statute
established an effective date of March
23, 2012.
Comment: A commenter
recommended simplifying the screening
process such that all enrolling providers
and suppliers are put into the moderate
level, and then adjust screening
interventions based on specific
circumstances related to elevated risk of
fraud.
Response: We decline to base the
assignment of provider and supplier
types to a level of screening on the
assumption that every provider or
supplier is of equal risk upon
enrollment into the Medicare. We see
clear differences in risk among
categories of providers and suppliers.
Therefore, we do not plan to assign all
provider and supplier categories to the
same screening level. In response to the
suggestion that we adjust screening
interventions based on specific
circumstances, we believe this process
is both unwieldy and burdensome to
implement for every provider as the
baseline screening methods. Although
we have identified certain events that
will cause a provider to move from
‘‘limited’’ or ‘‘moderate’’ to ‘‘high’’
screening, we do not believe we should
conduct individual assessments. As
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
stated previously, CMS will assess an
individual provider’s risk and potential
actions based on the individual
provider’s enrollment application and
may continue to use existing program
integrity tools that are not addressed by
this rule. We believe this approach is
the most objective approach and is
consistent with the ACA.
Comment: A commenter requested
clarification on how States will be
notified of providers’ risk classifications
and any changes thereto.
Response: We will disseminate
guidance to the States on this topic
shortly after the publication of this final
rule with comment period.
Comment: A commenter
recommended that CMS explain
whether it is replacing or removing the
current revalidation basis in
§ 424.535(a)(6) with the proposed new
§ 424.535(a)(6).
Response: We are neither replacing
nor removing the current revalidation
basis. We simply proposed an
additional reason at § 424.535(a)(6)(i) for
the revocation of Medicare billing
privileges. Specifically, we proposed
that billing privileges may be revoked if
‘‘An institutional provider does not
submit an application fee or hardship
exception request that meets the
requirements set forth in § 424.514 with
the Medicare revalidation application,’’
or the hardship exception is not granted.
We will renumber the subsections in
§ 424.535(a) accordingly.
The commenter refers to the current
revalidation basis but cites to the
revocation regulation. To clarify, as
stated previously, the proposed rule
proposed to require that a provider or
supplier revalidate its enrollment at any
time pursuant to § 424.515. This new
authority to permit off-cycle
revalidations does not replace the
current cycle for revalidation (3 years
for DMEPOS and 5 years for all other
providers).
Comment: To reduce the paperwork
burden imposed on providers and
suppliers and to reduce the
administrative expense associated with
processing a revalidation application,
several commenters recommend that
CMS allow providers and suppliers in
good standing to submit an annual
attestation, rather than a full
revalidation application. The
attestation, in other words, would be
used in lieu of revalidation, and would
require the provider or supplier to
notify CMS of any changes or to attest
that there were no changes within the
prior year. This approach would
promote compliance without requiring
the provider or supplier to submit a full
revalidation application and a fee.
PO 00000
Frm 00031
Fmt 4701
Sfmt 4700
5891
Response: The burden associated with
submitting Medicare enrollment
applications A, B, I, R and CMS–855S
is currently approved under Office of
Management and Budget (OMB) control
numbers 0938–0685 and 0938–1057,
respectively. Such an attestation, as
proposed by the commenter, would not
fulfill the screening requirements of this
final rule with comment period, as rescreening is a condition of revalidation.
The screening requirement and
associated application fee are required
by the ACA to minimize the risk of
fraud, waste and abuse to the Medicare,
Medicaid programs and CHIP, and
cannot be circumvented by a process
that would limit the scope of such
screenings.
Comment: One commenter stated that
CMS did not furnish sufficient
justification or rationale for its proposal
in § 424.515 that CMS may require a
provider or supplier to revalidate its
enrollment at any time. The commenter
added that the proposed revision seems
punitive and overly broad because CMS
does not furnish ample discussion for
the public to fully evaluate the proposal.
The commenter recommended that CMS
remove its proposal because CMS did
not: (1) Justify its reasons for
establishing this new authority, (2)
describe its existing authorities and how
this proposal is different, and (3)
explain or justify the number of times
that CMS can require revalidation
within a given period of time.
Response: We proposed at § 424.515
that we have the ability to require that
a provider or supplier revalidate its
enrollment at any time, and stated that
this proposal was designed to help
ensure that the statutory effective date
of March 23, 2013 is met. We fully
intend to implement the new authorities
provided by the ACA by the deadlines
that have been set out by the Congress.
We stated in the proposed rule that
DMEPOS suppliers are required to reenroll every 3 years, and other providers
and suppliers are required to revalidate
their enrollment every 5 years. For
purposes of clarity, we also proposed
language at § 424.57(e) that changes all
references to ‘‘re-enroll’’ or ‘‘reenrollment’’ to ‘‘revalidate’’ or
‘‘revalidation.’’ We have existing
authority at § 424.515(d) to require offcycle validations in addition to the
regular 5 year revalidations and may
request that a provider or supplier
recertify the accuracy of the enrollment
information when warranted to assess
and confirm the validity of the
enrollment information maintained by
us. Such off-cycle revalidations may be
triggered as a result of random checks,
information indicating local health care
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5892
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
fraud problems, national initiatives,
complaints, or other reasons that cause
us to question the compliance of the
provider or supplier with Medicare
enrollment requirements. Off cycle
revalidations may be accompanied by
site visits. The new authority to conduct
off-cycle validations of providers and
suppliers will enable us to apply the
new screening requirements to all
currently enrolled providers and
suppliers by the statutory effective date.
The proposed rule stated that once a
provider has been subject to an off-cycle
validation under § 424.515(e), the
current cycle for revalidation would
apply. This means that if a provider
subject to the 5-year revalidation cycle
had to revalidate in 2013, the provider
or supplier would next have to
revalidate in 2018. However, a provider
or supplier may be required to
revalidate under § 424.515(d) during
that time period if there are indicators
of the noncompliance for a particular
provider.
Comment: A commenter stated that
CMS currently requires contractors to
review State licensing board data on a
monthly basis. As such, it would be
more efficient to access a centralized,
federated database to provide CMS with
the most comprehensive data on
physician licensure status.
Response: As previously mentioned,
we are currently in the process of reassessing the provider enrollment
process and systems that are used to
support screening and enrollment. We
are exploring a number of options to
take advantage of technological
advances to improve the provider
screening process. Increased automation
of the process is one of the areas on
which we are focusing.
Comment: A commenter stated that,
given the ongoing Medicare backlogs,
CMS should provide information
regarding: (1) The number of
revalidations started and completed by
CMS or its contractors in 2007, 2008,
2009, and 2010, (2) how an estimated
93,000 revalidations per year beginning
in 2010 will impact the processing of
new applications by providers and
suppliers, and (3) the amount of money
obligated on provider screening
activities for each fiscal year between
2005 and 2010, and (4) how much
money CMS expects to obligate for these
activities in 2011. Another commenter
recommended that CMS furnish the
number of revalidation applications
processed by the National Supplier
Clearinghouse, MACs, carriers, and
fiscal intermediaries for each of the last
5 years.
Response: This final rule with
comment period specifically increases
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
the number of providers and suppliers
that will be revalidated through the use
of off-cycle revalidations, for the
explicit purpose of applying the new
screening requirements to currently
enrolled providers. Therefore, the
number of revalidations processed in
the past 4 or 5 years and the money
obligated to that process is irrelevant to
the evaluation of our ability to process
additional revalidations as required by
this final rule with comment period.
Additionally, we have undertaken steps
to streamline the enrollment process,
both for newly enrolling and
revalidating providers and suppliers.
We recognize that there have been
challenges in implementing the new
authorities to safeguard the integrity of
Medicare, Medicaid and CHIP, and have
demonstrated a willingness to work
with providers and suppliers to reduce
unnecessary burdens and risks that may
have accompanied the enrollment
processes in the past. We have
communicated with providers via
Medicare Learning Networks and
provider Open Door Forums, and will
continue to do so throughout the
implementation of the ACA.
We believe that additional resources
will be available to enable the
processing of the increased numbers of
enrollment applications. We have
actively taken steps to reduce
processing times as much as feasible.
Furthermore, we have undertaken many
activities to streamline the enrollment
process to reduce the burden upon
providers and suppliers.
Comment: A commenter
recommended that CMS employ an
expanded data-driven screening process
by using open-source data during the
enrollment and re-enrollment business
processes. Such data could include the
current operational status of the firm;
chain of ownership or corporate family
linkages; identification of tax liens;
presence of open bankruptcies; and
records of government enforcement
actions. The commenter also suggested
that each provider and supplier be
registered for post-enrollment data
monitoring, which ‘‘pushes’’ one or more
high risk updates (for example,
bankruptcy filing; a criminal filing
involving a provider executive; or
sudden increase in the risk of financial
failure) to CMS automatically. CMS
could use such high risk alerts for the
selection and prioritization of
unscheduled and unannounced site
visits. Finally, the commenter
recommended additional database
checks that would vary by screening
level. These included, but were not
limited to, verifying: (1) Corporate chain
of ownership, (2) tax liens, (3) non-HHS
PO 00000
Frm 00032
Fmt 4701
Sfmt 4700
government enforcement actions, (4)
extent of any government contracting,
and (5) any open lawsuits.
Response: As stated previously, we
are continually exploring additional
improvements to our data systems. We
are committed to working with both
private and public partners to continue
to evaluate technologies that can
provide the scalability and safeguards to
beneficiary access that we need to
ensure accurate payments to legitimate
providers for appropriate services.
Comment: A commenter urged CMS
to release a proposal for comment that
provides additional detail regarding
what CMS believes should constitute
background information relevant to
Medicare provider enrollment that
would prevent a practitioner from
enrolling in the Medicare program.
Response: At some point it may be
necessary to modify our existing
regulations that address felonies that are
relevant to enrollment of billing
privileges. However, we have not yet
proposed expansion of our existing
authorities codified in the Code of
Federal Regulations. The requirements
for Medicare enrollment are established
in other regulations and manual
instructions, and are not—unless
otherwise stated herein—being modified
in this final rule with comment. The
criminal background check is intended
to verify certain information provided
on the Medicare enrollment application.
Under our existing regulatory authority,
we could impose a denial of enrollment
or a revocation of billing privileges
based upon the results of the
background check in certain instances.
Illustratively, if, through the background
check, CMS learned of a felony
conviction that met the criteria at
§ 424.530(a)(3) or § 424.535(a)(3), billing
privileges could be denied or revoked,
respectively.
Comment: One commenter stated that
in its FY 2011 performance budget, we
say that we will create a limited number
of MACs to carry out provider
enrollment, and that each contractor
would enroll providers for designated
regions of the country. Given the
publication of the proposed rule, the
commenter recommended that we
explain how reducing the number of
MACs and increasing the workload will
help providers and suppliers and reduce
Medicare fraud, waste, and abuse in the
Medicare program. The commenter also
requested that CMS furnish an update
on this consolidation effort. Another
commenter asked CMS to explain how
it will consolidate provider enrollment
activities, conduct 93,000 revalidations,
and handle initial applications without
disrupting the provider enrollment
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
process and creating additional backlogs
and processing delays for providers of
service and suppliers.
Response: We recognize that provider
enrollment is a large and complicated
task that requires not only internal
consistency but also understanding and
ease of interaction with the provider
and supplier community. As a result,
we are currently engaged in a thorough
assessment of the provider enrollment
process and in making improvements as
needed to eliminate delays in
enrollment and improve overall system
performance. As part of this process, we
are working toward consolidation of the
number of enrollment contractors as a
means to achieve economy of scale and
greater consistency in the enrollment
process. In developing the provisions of
this final rule with comment period and
other regulatory and subregulatory
policies, we are mindful of the overall
re-assessment of the provider
enrollment process and supporting
systems.
Comment: A commenter urged CMS
to refine its provider enrollment
specialty categories to accurately reflect
the existing varieties of practitioners—
particularly the categories for dentistry
and the dental specialties—in order to
reduce the likelihood that practitioners
such as dentists will be inappropriately
categorized and subject to unwarranted
higher levels of screening.
Response: We do not believe it is
necessary to further refine the provider
enrollment specialty. Dentists should
submit the CMS–855I if they intend to
submit claims directly to Medicare.
Further, dentists would be in the
limited screening level.
Comment: A commenter stated that
the proposed rule does little to prevent:
(1) Identity theft; (2) health care fraud;
(3) money laundering; and (4) bank
fraud. The commenter believes that the
screening levels were too broad and
simplistic. To prevent fraud and abuse,
the commenter recommended that CMS:
(1) Implement section 6401(a)(3) of the
ACA immediately; (2) consider and
adopt distinct screening criteria and
program requirements for non-physician
owners of medical clinics and that these
providers be placed into a high
screening level, and (3) use the statutory
authority in section 6401(a)(3) of the
ACA to make sure that the claims being
submitted are valid.
Response: We believe the commenter
is referring to new section 1866(j)(3) of
the Act, which addresses a provisional
period of enhanced oversight for new
providers of services or suppliers. We
will implement all authorities granted
under the ACA using the proper
procedures. We disagree with the
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
commenter that the proposed rule and
this final rule with comment period will
do little to prevent health care fraud,
and believe that issues of money
laundering and bank fraud are beyond
the scope of this final rule with
comment period. We strongly believe
that additional site visits, both
announced and unannounced, will help
to identify fraudulent providers and
suppliers before they are permitted to
enroll in Medicare, Medicaid or CHIP.
The temporary moratoria and payment
suspension provisions give us the
ability to act as soon as a problem is
detected, preventing money from being
paid while balancing the rights and
needs of providers, suppliers, and
beneficiaries.
Comment: One commenter stated that
CMS’s proposed ability to reenroll
DMEPOS suppliers more frequently
than every three years could be
burdensome for CMS and the DMEPOS
supplier, and suggested that CMS
revalidate every 3 years from the most
recent revalidation, rather than every 3
years from the date billing privileges
were granted.
Response: As stated previously, the
proposed rule and this final rule with
comment period permit us to require
revalidation of DMEPOS suppliers on or
after March 23, 2012 to meet the
statutory effective date for the screening
requirements; after that, DMEPOS
suppliers would then be subject to
revalidation every 3 years. DMEPOS
could be subject to off-cycle revalidation
under existing authority at § 424.515(d)
when CMS has reason to question the
compliance of the provider or supplier
with Medicare enrollment requirements.
Comment: One commenter stated that
identity theft is a huge problem in the
United States and that Medicare,
Medicaid and CHIP should do
everything possible to protect
physicians’ identities. The commenter
recommended that CMS provide data on
the number of physicians and nonphysician practitioners who have
practice locations in multiple States—
including States with connecting State
boundaries and States without
connecting State boundaries. The
commenter also suggested that CMS
explain what efforts, if any, are used to
verify a physician that is establishing a
practice location in multiple States and
that the individual’s identity is
authenticated. Another commenter
stated that it is unclear how
fingerprinting and background checks
will achieve the goal of preventing
identity theft for physicians.
Response: We agree with the
comment that Medicare, Medicaid and
CHIP should use all available
PO 00000
Frm 00033
Fmt 4701
Sfmt 4700
5893
authorities to protect physicians’
identities. However, as we have noted
previously, we will not use this
screening regulation to identify
instances of identity theft. We disagree
that the publication of the number of
physicians and non-physician
practitioners who have practice
locations in multiple States will address
the issue of identity theft. We also have
a process in place to verify a physician
is legitimately establishing practice
locations in multiple States, and have
found there are multiple legitimate
reasons why this may be the case.
We believe that criminal history
record checks will enable us to verify
information that has been submitted on
an enrollment application is accurate
and complete. As stated previously,
using fingerprints to perform such a
record check is the only accepted
method by the FBI for non-criminal
justice purposes, as it is believed to be
the most accurate link between an
individual and their criminal history
record.
Comment: A commenter stated that in
the proposed rule, CMS does not justify
or explain the rationale for many of its
positions, such as: (1) Placing providers
and suppliers into various screening
categories, and (2) its rationale for
creating a new revalidation reason (see
§ 424.515(e)). The commenter
recommended that CMS not finalize this
proposed rule, but rather publish a new
proposed rule using the information
from this rule.
Response: We disagree that the
proposed rule did not explain our
rationale for our approaches. As
mentioned earlier, we relied on our
extensive experience to identify
categories of providers with a higher
incidence of fraud, waste and abuse. In
addition, we used the expertise of our
contractors charged with identifying
and investigating instances of
fraudulent billing practices in making
our decisions regarding the appropriate
risk classification of various providers.
In some instances, we also relied on the
data analysis and expertise of the OIG,
GAO, and other sources to develop a
process designed to increase scrutiny for
specific categories of providers and
suppliers that represent a higher risk to
the Medicare program. Furthermore, we
stated the new reason for off-cycle
validation is to enable us to apply the
new screening requirements to all
applicable providers and suppliers by
the statutory effective date of March 23,
2013.
Comment: In response to a request for
comments, a commenter stated that
harmonization between Medicare,
Medicaid, and MA would be beneficial
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5894
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
only to the extent that the programs
have enrollment and re-validation
reciprocity and that adequate resources
and time were allocated to ensure that
harmonization does not wreak havoc
among state Medicaid programs and MA
plans. Reciprocity would ensure that
physicians are not subject numerous
times to the same or similar onerous
requirements; this would also represent
significant savings for Federal health
care programs.
Response: We agree that
harmonization between program
requirements will be beneficial for State
Medicaid agencies, providers, and CMS.
This final rule with comment period
implements several changes that
minimize the burden on States and
providers, including the reciprocity of
Medicare screening for dually enrolled
providers and State responsibility to
screen only Medicaid and CHIP-only
providers.
Comment: A commenter requested
special consideration and/or
exemptions for States with
comprehensive licensure statutes for
orthotists and prosthetists.
Response: We do not agree that
licensed orthotists and prosthetists
should receive special consideration or
exemptions as compared to orthotists
and prosthetists that happen to be
located in a State without what could be
deemed ‘non-comprehensive’ licensure
statutes. CMS did not make a distinction
based on licensure requirements for any
other category of provider.
Comment: A commenter opposed the
proposed language at § 424.515(e)
allowing CMS to require additional offcycle revalidations, stating it could
allow CMS to initiate revalidations
frequently and on a whim. At a
minimum, off-cycle revalidations
should be exempt from the $500
application fee.
Response: We disagree with this
comment. Section 424.515(e) was added
for a specific purpose and we could not
require a provider or supplier to
revalidate off-cycle pursuant to
§ 424.515(e) more than once. The
application fee was included in the
statute to cover exactly the type of
screenings that will be performed
during the revalidations, and we do not
believe it is appropriate or necessary to
exempt the revalidations from the fee.
Comment: A commenter suggested
that CMS tie an enrollment ban to those
who are trying to enroll in the Medicare
program and not just for those who are
already enrolled. That way, fraudulent
providers would never be allowed to
enter the program.
Response: We believe the commenter
is referring to an enrollment bar for
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
providers and suppliers whose
applications are denied, similar to that
which is currently in place for providers
and suppliers whose Medicare billing
privileges are revoked. We appreciate
this suggestion. We are currently not in
a position to adopt it, as additional
research is needed to determine its
potential effectiveness and the various
circumstances under which it might
apply. That said, we may consider it as
part of a future rulemaking effort.
c. Final Screening Provision—Medicare
This final rule with comment period
finalizes the provisions of proposed rule
in regards to the Medicare screening
requirements with the following
modifications:
• In § 424.518(a)(1), we are adding
Competitive Acquisition Program/Part B
Vendors to the limited risk screening
level.
• In § 424.518(a)(1), we are adding
pharmacies that are newly enrolling or
revalidating via the CMS–855B to the
‘‘limited’’ level of screening.
• In § 424.518(a)(1), in response to
comments, we have changed the
description for Indian health service
providers to state, ‘‘health programs
operated by an Indian Health Program
(as defined in section 4(12) of the Indian
Health Care Improvement Act) or an
urban Indian organization (as defined in
section 4(29) of the Indian Health Care
Improvement Act) that receives funding
from the Indian Health Service pursuant
to Title V of the Indian Health Care
Improvement Act, hereinafter (IHS
facilities).’’
• In 424.518(a)(2), we are clarifying
that occupational therapy and speech
pathology providers are assigned to the
limited screening level.
• In 424.518(a)(1), we are removing
physical therapists and physical
therapist groups from the category of
non-physician practitioners that are
within the limited screening level.
• In 424.518(a)(1), we are removing
non-public, non-government owned or
affiliated ambulance suppliers from the
limited screening level.
• In § 424.518(a)(2), we are adding
portable x-ray suppliers to the moderate
screening level.
• In 424.518(a)(2), we are adding
physical therapists and physical
therapist groups to the moderate
screening level.
• In 424.518(a)(2), we are assigning
all ambulance suppliers to the moderate
screening level, regardless of whether
they are public or government affiliated.
• In § 424.518(a)(1), we are adding
pharmacies that are newly enrolling or
revalidating via the CMS–855B to the
limited screening level.
PO 00000
Frm 00034
Fmt 4701
Sfmt 4700
• In § 424.518, we also eliminated the
distinction between: (1) Publicly traded
and non-publicly traded, and
(2) publicly owned and non-publicly
owned as criteria for assignment of any
provider type to a level of screening.
• In § 424.518(c)(2)(ii)(A), we have
removed the requirement that
fingerprints must be submitted using the
FD–258 fingerprint card. Also, the
fingerprints must be collected from all
individuals who maintain a 5 percent or
greater direct or indirect ownership
interest in the provider or supplier.
• In § 424.518(c)(2)(ii)(B), we have
replaced ‘‘conducts a criminal
background check’’ with ‘‘Conducts a
fingerprint-based criminal history report
check of the Federal Bureau of
Investigations Integrated Automated
Fingerprint Identification System on all
individuals who maintain a 5 percent or
greater direct or indirect ownership
interest in the provider or supplier.’’
• In § 424.518(d), we have identified
owners with a 5 percent or greater direct
or indirect ownership as responsible for
providing fingerprints, and the
methodology of how to submit the
fingerprints.
• § 424.518(c)(3), we have added
‘‘final adverse action’’ as a basis for
reassigning a provider or supplier to the
high screening level at
§ 424.518(c)(3)(iii)(B).
• In § 424.518(c)(3), we have added
six months as the length of time a
provider or supplier category will be
assigned to the high screening level
following the lifting of a temporary
enrollment moratorium.
• Finally, in § 424.518(c)(3), we have
removed denial of Medicare billing
privileges in the previous ten years as a
basis for reassigning a provider or
supplier to the high screening level at
§ 424.518(c)(3)(iii)(B).
As we have stressed throughout this
preamble, we will monitor these new
procedures and their effectiveness and
may reconsider or modify our approach
in the future as we gain experience with
these procedures. We further reiterate
that nothing in this rule is intended to
abridge our established screening
authority under existing statutes and
regulations, or to diminish the screening
that providers and suppliers currently
undergo. The provisions specified in
this final rule with comment period are
intended to enhance—not replace—our
existing authority. The screening laid
out here reflects the minimum
requirements. For example, a contractor
may undertake database checks in
addition to the ones listed below as
deemed appropriate. Nothing in this
rule should be interpreted as limiting
the amount of scrutiny CMS or its
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
contractors may give to an applicant.
Tables 5 through 8 below outline the
5895
levels of screening by category that we
are finalizing.
TABLE 5—FINAL LEVEL OF REQUIRED SCREENING FOR MEDICARE PHYSICIANS, NON-PHYSICIAN PRACTITIONERS,
PROVIDERS, AND SUPPLIERS
Type of screening required
Limited
Moderate
High
Verification of any provider/supplier-specific requirements established by Medicare ................
Conduct license verifications, (may include licensure checks across States) ............................
Database Checks (to verify Social Security Number (SSN); the National Provider Identifier
(NPI); the National Practitioner Data Bank (NPDB) licensure; an OIG exclusion; taxpayer
identification number; death of individual practitioner, owner, authorized official, delegated
official, or supervising physician ..............................................................................................
Unscheduled or Unannounced Site Visits ...................................................................................
Fingerprint-Based Criminal History Record Check of law enforcement repositories ..................
X
X
X
X
X
X
X
........................
........................
X
X
........................
X
X
X
TABLE 6—FINAL MEDICARE PROVIDERS AND SUPPLIERS CATEGORIES
DESIGNATED TO THE ‘‘LIMITED’’
LEVEL FOR SCREENING PURPOSES
Provider/supplier category
Physician or non-physician practitioners and
medical groups or clinics, with the exception of physical therapists and physical
therapist groups.
Ambulatory surgical centers, competitive acquisition
program/Part
B
vendors,
end-stage renal disease facilities, Federally
qualified health centers, histocompatibility
laboratories, hospitals, including critical access hospitals, Indian Health Service facilities, mammography screening centers,
mass immunization roster billers, organ
procurement organizations, pharmacies
newly enrolling or revalidating via the
CMS-855B, radiation therapy centers, religious non-medical health care institutions,
rural health clinics, and skilled nursing facilities.
TABLE 7—FINAL MEDICARE PROVIDERS AND SUPPLIERS CATEGORIES
DESIGNATED TO THE ‘‘MODERATE’’
LEVEL FOR SCREENING PURPOSES
Provider/supplier category
rmajette on DSK29S0YB1PROD with RULES2
Ambulance suppliers, community mental
health centers; comprehensive outpatient
rehabilitation facilities; hospice organizations; independent diagnostic testing facilities; independent clinical laboratories;
physical therapy including physical therapy
groups and portable x-ray suppliers.
Currently enrolled (revalidating) home health
agencies.
TABLE 8—FINAL MEDICARE PROVIDERS AND SUPPLIERS CATEGORIES
DESIGNATED TO THE ‘‘HIGH’’ LEVEL
FOR SCREENING PURPOSES
Provider/supplier category
Prospective (newly enrolling) home health
agencies and prospective (newly enrolling)
suppliers of DMEPOS.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
4. General Screening of Providers—
Medicaid and CHIP—Proposed
Provisions and Analysis of and
Responses to Public Comments
Section 1902(kk)(1) of the Act
requires that States comply with the
process for screening providers
established by the Secretary under
section 1866(j)(2) of the Act.4 Section
2107(e)(1) of the Act provides that all
provisions that apply to Medicaid under
sections 1902(a)(77) of the Act,5 the
State plan mandate for compliance with
provider and supplier screening,
oversight, and reporting requirements in
accordance with 1902(kk), and 1902(kk)
of the Act, the specific State plan
requirements regarding provider and
supplier screening, oversight, and
reporting, shall apply to CHIP. We
proposed in new § 457.990 that all the
provider screening, provider
application, and moratorium regulations
that apply to Medicaid providers will
apply to providers that participate in
CHIP. In addition, in this final rule with
comment period, we refer to State
Medicaid agencies as responsible for
screening Medicaid-only providers. In
some States, CHIP is not administered
by the Medicaid agency. Throughout
this final rule with comment period,
with respect to those instances, ‘‘State
Medicaid agency’’ should be read to
encompass ‘‘Children’s Health Insurance
Program agency’’ where the two are
separate entities.
Because it would be inefficient and
costly to require States to conduct the
same screening activities that Medicare
contractors perform for dually-enrolled
providers, we proposed that a State may
rely on the results of the screening
conducted by a Medicare contractor to
4 As noted previously, we believe that the
reference to section 1886(j)(2) of the Act in section
6401(b)(1) of the ACA is a scrivener’s error, and that
the Congress intended to refer instead to section
1866(j)(2) of the Act.
5 Section 1902(a)(77) is only broadly referenced in
the final regulations under section § 455.400, as a
statutory section being implemented by the
regulation.
PO 00000
Frm 00035
Fmt 4701
Sfmt 4700
meet the provider screening
requirements under Medicaid and CHIP.
Similarly, we proposed in § 455.410 that
State Medicaid agencies may rely on the
results of the provider screening
performed by the State Medicaid
programs and CHIP of other States. For
Medicaid-only providers or CHIP-only
providers, we proposed that States
follow the same screening procedures
that CMS or its contractors follow with
respect to Medicare providers and
suppliers.
As previously noted, section
1902(kk)(1) of the Act requires that State
screening methods follow those
performed under the Medicare program.
For the sake of brevity, we will not
restate those methods verbatim. We
proposed that States follow the rationale
that we have set forth for Medicare in
section II.A.3. of this final rule with
comment period, and that we use as the
basis for § 455.450. For the types of
providers that are recognized as a
provider or supplier under the Medicare
program, States will use the same
screening level that is assigned to that
category of provider by Medicare. For
those Medicaid and CHIP provider types
that are not recognized by Medicare,
States will assess the risk posed by a
particular provider or provider type.
States should examine their programs to
identify specific providers or provider
types that may present increased risks of
fraud, waste or abuse to their Medicaid
programs or CHIP. States are uniquely
qualified to understand issues involved
with balancing beneficiaries’ access to
medical assistance and ensuring the
fiscal integrity of the Medicaid programs
and CHIP. However, where applicable,
we expect that States will assess the risk
of fraud, waste, and abuse using similar
criteria to those used in Medicare. For
example, physicians and non-physician
practitioners, medical groups and
clinics that are State-licensed or Stateregulated would generally be
categorized as limited risk. Those
provider types that are generally highly
E:\FR\FM\02FER2.SGM
02FER2
5896
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
dependent on Medicare, Medicaid and
CHIP to pay salaries and other operating
expenses and which are not subject to
additional government or professional
oversight would be considered moderate
risk, and those provider types identified
by the State as being especially
vulnerable to improper payments would
be considered high risk. States will then
screen the provider using the screening
tools applicable to that risk assigned.
However, we did not propose to limit or
assignment of specific provider types to
established risk categories, including
whether such assignments should be
released publicly, whether they should
be reconsidered and updated according
to an established schedule, and what
criteria should be considered in making
such assignments.
Based on the level of screening
assigned to a provider or provider type,
we proposed that States conduct the
following screenings:
otherwise preclude the ability of States
to engage in provider screening
activities beyond those required under
section 1866(j)(2) of the Act, including,
but not limited to, assigning a particular
provider type to a higher screening level
than the level assigned by Medicare.
As with the proposed screening
provisions for Medicare, we solicited
comments on the applicability of these
proposals for Medicaid as well. We
solicited comment on the proposed
TABLE 9—PROPOSED LEVEL OF RISK AND REQUIRED SCREENING FOR MEDICAID AND CHIP PROVIDERS
Limited
Moderate
High
Verification of any provider/supplier-specific requirements established by Medicaid/CHIP .......
Conduct license verifications (may include licensure checks across State lines) ......................
Database Checks (to verify SSN and NPI, the NPDB, licensure, a HHS OIG exclusion, taxpayer identification, tax delinquency, death of individual practitioner, and persons with an
ownership or control interest or who are agents or managing employees of the provider) ...
Unscheduled or Unannounced Site Visits ...................................................................................
Criminal Background Check ........................................................................................................
Fingerprinting ...............................................................................................................................
rmajette on DSK29S0YB1PROD with RULES2
Type of screening required
X
X
X
X
X
X
X
........................
........................
........................
X
X
........................
........................
X
X
X
X
Not all States routinely require
persons with an ownership or control
interest or who are agents or managing
employees of the provider to submit
SSNs or dates of birth (DOBs). Without
such critical personal identifiers, it is
difficult to be certain of the identity of
persons with an ownership or control
interest or who are agents or managing
employees of the provider, and it may
be difficult for States to conduct the
screening proposed under this rule.
Accordingly, and to be consistent with
Medicare requirements, pursuant to our
general rulemaking authority under
section 1102 of the Act, we proposed in
§ 455.104 to require that States will
require submission of SSNs and DOBs
for all persons with an ownership or
control interest in a provider. In
addition to the amendment to § 455.104,
we proposed to revise that section for
the sake of clarity both for the disclosing
entities’ provision and the States’
collection of the disclosures. We
recognize that there may be privacy
concerns raised by the submission of
this personally identifiable information
as well as concerns about how the States
will assure individual privacy as
appropriate; however, we believe this
personally identifiable information is
necessary for States to adequately
conduct the provider screening
activities under this final rule with
comment period. We solicited comment
specifically on this issue.
Although the level of screening may
vary depending on the risk of fraud,
waste or abuse the provider represents
to the Medicaid program or CHIP, under
section 1866(j)(2)(B)(i) of the Act, all
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
providers would be subject to licensure
checks. Therefore, we proposed that
States be required to verify the status of
a provider’s license by the State of
issuance and whether there are any
current limitations on that license.
As stated previously, pursuant to
section 2107(e)(1) of the Act, all
provisions that apply to Medicaid under
sections 1902(a)(77) and 1902(kk) of the
Act apply to CHIP. Because we
proposed a new regulation in Part 457
under which all provider screening
requirements that apply to Medicaid
providers would apply to providers that
participate in CHIP, these requirements
for provider screening and assigning of
categories of risk of fraud, waste, or
abuse, as well as verification of
licensure, under § 455.412 and
§ 455.450 will apply in CHIP.
Comment: Commenters expressed
concerns about new and existing
disclosure requirements under
§ 455.104, including our proposal to add
to the disclosure requirements
collection of SSNs and DOBs of persons
with an ownership or control interest in
the disclosing entity. Some States
support the proposal, already having
instituted the disclosure requirement in
their enrollment application procedures.
Other States support the proposal but
request additional time for
implementation, including forms and
system changes. Two States expressed
concern about the impact the
requirement might have upon
beneficiary access to providers.
Response: We will not address the
comments directed at the existing
language of § 455.104. The regulation
PO 00000
Frm 00036
Fmt 4701
Sfmt 4700
was rearranged for ease of application
by States and disclosing entities, but
with the exception of the addition of
SSNs and DOBs, as well as changes
suggested by a few commenters
regarding corporate entity addresses and
familial relationships, the language is
substantially unchanged from the
language currently in effect. We
acknowledge the commenters’ concerns
about collection of SSNs and DOBs,
however, collection of SSNs and DOBs
is necessary to complete the screening
process and be certain of the identity of
the party being screened. We recognize
that the addition of SSNs and DOBs and
other improvements in disclosure
collection will require systems and
forms changes and States will need time
for implementation. We encourage
States to contact us about their specific
timeframes. Furthermore, we do not
believe that this requirement will have
an adverse impact on beneficiary access
as the majority of disclosure
requirements have not changed, and our
experience with the same requirement
in Medicare indicates that such a
requirement does not adversely impact
beneficiary access.
Comment: Other commenters made
recommendations on language changes
that would clarify § 455.104(b)(1)(i)
regarding the address of corporate
entities with ownership or control of
disclosing entities; § 455.104(b)(2)
regarding familial relationships; and
§ 455.104(b)(4) regarding SSNs and
DOBs of managing employees.
Response: We agree with the
commenters that § 455.104(b)(1)(i)
should be clarified regarding addresses
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
of corporate entities with ownership or
control of disclosing entities and
accordingly will revise § 455.104(b)(1)(i)
to clarify from whom the name and
address must be provided and to require
the disclosing entity to supply primary
business address as well as every
business location and P.O. Box address,
if applicable. We agree that
§ 455.104(b)(2) should be clarified
regarding to whom the spouse, parent,
child, or sibling is related, and we are
revising § 455.104(b)(2) accordingly. We
agree that § 455.104(b)(4) should be
clarified to require managing employees
to provide SSNs and DOBs, as that was
the intent of the proposal, and we are
revising § 455.104(b)(4) accordingly.
Comment: Several commenters
expressed concern regarding collection
of disclosures under § 455.104. One
commenter expressed concern about the
confidentiality and privacy of board
member identity and the protection
from disclosure to the general public.
Other commenters were concerned that
not-for-profit board members were
volunteers and might not serve were
they compelled to provide their SSNs
and DOBs as a condition of the entity
being enrolled.
Response: We have previously
provided guidance to States that
§ 455.104 requires disclosures from
persons with ownership and control
interests in the disclosing entity, which
includes officers and directors of a
disclosing entity that is organized as a
corporation, without regard to the forprofit or not-for-profit status of that
corporation. That guidance is available
at https://www.cms.gov/
FraudAbuseforProfs/Downloads/
bppedisclosure.pdf. We are sensitive to
the concerns related to confidentiality of
identifiable information such as SSNs.
We are also concerned about issues that
arise out of identity theft. We encourage
States to institute appropriate
safeguards to protect the information
they gather as required by these rules.
However, collection of disclosures
including the SSNs and DOBs of
persons with ownership and control
interests in a disclosing entity, and of
managing employees, is necessary to
protect the integrity of the State
Medicaid programs. Therefore, we are
finalizing the proposal requiring
provision of SSNs and DOBs.
Comment: One commenter sought
clarification whether the disclosure
requirements in § 455.104 apply to IHS
providers.
Response: This rule does not make
any changes about whom disclosures
must be provided, but rather simply
adds additional items of information
that must be disclosed. The boards of
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
IHS facilities were not previously
subject to the—disclosure requirements
in § 455.104, and accordingly, are not
subject to the additional disclosure
requirements imposed by this rule.
Comment: Commenters expressed
concern about the applicability of
§ 455.104 to public school districts.
Public schools deliver Medicaid school
based health services to Medicaid
eligible children and therefore are
enrolled as Medicaid providers. The
commenters objected to the proposed
requirement in § 455.104 that the
schools provide the SSNs and DOBs of
persons with controlling interests of the
provider, which they interpreted to
include the SSNs and DOBs of school
board members. The majority of the
commenters stated that the public
school districts were closely regulated
by numerous checks and balances and
there was a low likelihood that fraud
would be perpetrated in schools,
therefore, the collection of SSNs and
DOBs from public school districts was
unnecessary.
Response: As previously noted, this
rule does not change about whom
disclosures must be provided, but rather
what information must be disclosed.
Except to the extent that any public
school districts may be organized as
corporations, they were not previously
required to make disclosures about their
boards, nor are they required to under
this new rule.
Comment: Several commenters
expressed concern regarding the license
verification requirement in § 455.412.
One commenter noted that it would be
administratively inefficient, costly, and
unrealistic for States to verify each
provider applicant’s licensure status in
another State. Another commenter
offered that searching its database
containing multi-State licensure data
would be more efficient than requiring
States to search State by State.
Response: Holding a valid
professional license should be a
prerequisite in any State prior to
assignment of a Medicaid provider
identification number. Medicaid
beneficiaries have a right to be treated
only by those providers that have been
deemed by the licensing boards of their
States to be eligible to treat them. As a
matter of public policy, it is not
unreasonable to expect that licensure
status of all in-State and out-of-State
providers be checked prior to
enrollment, and that any limitations on
their licenses be checked as well. Outof-State provider applicants submit
licensure information including status
to the Medicaid agency with their
application. While verification of out-ofState licensure may be challenging, all
PO 00000
Frm 00037
Fmt 4701
Sfmt 4700
5897
those Medicaid agencies that enroll outof-State providers have the obligation to
verify licensure status of out-of-State
providers as well. We appreciate the
commenter’s suggestion of its database
of provider information. We are aware
that State licensing boards maintain
publicly available information that
neighboring States may access. It is
within the States’ discretion which
databases to check.
Comment: A commenter requested
clarification of whether license
verification was required when the chart
at 75 FR 58214 states that license
verification ‘‘may include licensure
checks across State lines’’ thereby
implying that licensure checks across
State lines are permissive, not
mandatory.
Response: The State Medicaid agency
must verify the licensure of a provider
applicant in the State in which the
provider applicant purports to be
licensed. If an out-of-State provider
submitted an application for enrollment,
the State Medicaid agency would be
required to verify license across State
lines.
a. Database Checks—Medicaid and CHIP
States employ several database
checks, including database checks with
the Social Security Administration and
the NPPES, to confirm the identity of an
individual or to ensure that a person
with an ownership or control interest is
eligible to participate in the Medicaid
program.
A critical element of Medicaid
program integrity is the assurance that
persons with an ownership or control
interest or who are agents or managing
employees of the provider do not
receive payments when excluded or
debarred from such payments.
Accordingly, in § 455.436, we proposed
that States be required to screen all
persons disclosed under § 455.104
against the OIG’s LEIE and the General
Services Administration’s EPLS. We
proposed that States be required to
conduct such screenings upon initial
enrollment and monthly thereafter for as
long as that provider is enrolled in the
Medicaid program.
We also proposed at § 455.450, as well
as § 455.436, that database checks be
conducted on all providers on a preand post-enrollment basis to ensure that
providers continue to meet the
enrollment criteria for their provider
type.
As previously stated, pursuant to
section 2107(e)(1) of the Act, all
provisions that apply to Medicaid under
sections 1902(a)(77) and 1902(kk) of the
Act also apply to CHIP. Because we
proposed a new regulation in Part 457
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5898
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
under which all provider screening
requirements that apply to Medicaid
providers will apply to providers that
participate in CHIP, this requirement for
database checks under § 455.436 and
§ 455.450 apply in CHIP.
We received many comments on the
database requirements in § 455.436 from
States concerned about the
administrative burden presented by
searching several databases upon
enrollment, and both the LEIE and the
EPLS on a monthly basis by the names
of both the provider and those with
ownership or control interests in the
provider and managing employees of
the provider.
Comment: Some commenters
questioned whether there were costs
associated with accessing the databases.
The commenters suggested that CMS
establish a centralized database that
States could access, including using an
automated, rather than manual, search,
all at no cost to States. One State
suggested that the databases be
accessible through automated data
exchanges and that any cost to the
States be waived to avoid barriers to
compliance with the rule. Two other
States questioned whether there were
costs associated with accessing the
databases that must be considered.
Other commenters suggested a delay or
elimination of the proposed requirement
at § 455.436(c)(2) until CMS established
such a centralized database.
Response: We are aware that there
may be costs to the State Medicaid
agency associated with checking some
databases. However, § 455.436
enumerates databases that most State
Medicaid agencies already check in
their routine provider enrollment
operations. In addition, we have
previously issued guidance to State
Medicaid Directors recommending
searching the LEIE on a monthly basis
by the names of enrolled providers and
for providers, by the names of their
employees and contractors. Those
guidance documents are available here:
https://www.cms.gov/smdl/downloads/
SMD061208.pdf and https://
www.cms.gov/SMDL/downloads/
SMD011609.pdf. Many States have
already adopted the recommendations
in their enrollment policies. More
recently, in September 2010, we
provided guidance to program integrity
directors on the availability of the LEIE
and EPLS for exclusion searches. That
guidance document is available here:
https://www.cms.gov/
FraudAbuseforProfs/Downloads/
bppedisclosure.pdf.
Accordingly, we are finalizing
§ 455.436 to require State Medicaid
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
agencies to conduct Federal database
checks.
Comment: A commenter questioned
whether other databases will be
prescribed in the final rule with
comment period or whether States will
be notified of requirements in another
fashion.
Response: In § 455.436(b), we
proposed that the States be required to
check ‘‘any such other databases as the
Secretary may prescribe.’’ We are not
prescribing additional databases in the
final rule with comment period.
However, in response to evolving
circumstances, the Secretary may issue
guidance to States regarding checking
specific databases.
Comment: One commenter sought
clarification on which of a provider’s
managing employees the State Medicaid
agency must search in the exclusions
databases. The commenter noted that
some large providers like hospitals have
many managing employees that may be
subject to the proposed database checks.
Response: We recognize the burden
that conduct of database checks of
managing employees may pose for
providers with managing employees at
multiple levels or locations in its
organizations. Nevertheless, database
checks must be conducted for all
persons disclosed under § 455.104,
including managing employees who
could compromise or place in jeopardy
a provider’s compliance with Medicare,
Medicaid, or CHIP requirements.
Comment: One commenter noted that
State vital statistics information may be
more accurate than the Social Security
Administration’s Death Master File. The
commenter suggested allowing States to
check against their own vital records
systems and not require the States to
check against the Social Security
Administration’s file.
Response: While on an anecdotal
basis State records may be more
accurate than the Social Security
Administration’s Death Master File, it is
the Death Master File that is the
national file of record. Therefore, we are
finalizing the requirement that State
Medicaid agencies check the Social
Security Administration’s Death Master
File. However, under § 455.436(c)(1) a
State may also consult other appropriate
databases to confirm identity upon
enrollment and reenrollment.
Comment: Another commenter noted
that the Social Security Administration
only allows SSN verification for W–2
purposes. The commenter
recommended removing the reference to
checks of ‘‘applicable’’ Social Security
Administration databases from the
database check requirement.
PO 00000
Frm 00038
Fmt 4701
Sfmt 4700
Response: We express no opinion as
to the accuracy of the commenter’s
statement regarding SSN verification,
but agree with the commenter that the
database check requirement in this rule
should be more explicit. Accordingly,
we are revising § 455.436 to indicate a
check of the ‘‘Social Security
Administration’s Death Master File’’
rather than ‘‘applicable databases’’.
Comment: A few commenters
requested clarification regarding which
database States must check for
verification of tax identifications and
tax delinquencies and how the States
would use that information as a tool for
screening providers.
Response: Although we believe that
verifying taxpayer identification and
checking for tax delinquencies may be
useful indicators of fraud to a State
Medicaid program, access to that
information is limited and may not be
feasible in the short term. Therefore, we
are not finalizing those requirements as
suggested by Table 5 under ‘‘Type of
Screening Required’’.
Comment: One commenter asked
whether it was our intention to require
providers also to check their employees
for exclusions on a monthly basis. The
proposed regulation at § 455.436 does
not require providers to check their
employees for exclusions.
Response: We issued guidance on
June 12, 2008, to State Medicaid
Directors recommending that they check
their enrolled providers for exclusions
on a monthly basis. We followed up that
guidance on January 16, 2009, with
guidance to State Medicaid Directors
recommending that they require their
enrolled providers to check the
providers’ employees and contractors
for exclusions on a monthly basis.
Those letters are available at: https://
www.cms.gov/smdl/downloads/
SMD061208.pdf and https://
www.cms.gov/SMDL/downloads/
SMD011609.pdf. Many States made our
recommendations their policy.
Section 455.436 does not mandate
that States require their providers to
check the LEIE and EPLS on a monthly
basis to determine whether the
providers’ employees and contractors
have been excluded. We do, however,
recommend that States consider making
this a requirement for all providers and
contractors, including managed care
contractors in their Medicaid programs
and CHIP.
b. Unscheduled and Unannounced Site
Visits—Medicaid and CHIP
Section 1866(j)(2)(B)(ii)(III) of the Act
states that the Secretary, based on the
risk of fraud, waste, and abuse, may
conduct unscheduled and unannounced
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
site visits, including pre-enrollment site
visits, for prospective providers and
those providers already enrolled in the
Medicare and Medicaid programs and
CHIP.
Some States already require site visits,
often for provider categories at
increased risk of fraud, waste or abuse
such as home health and nonemergency transportation. According to
FY 2008 State Program Integrity
Assessment (SPIA) data, at least 16
States report that they perform some
type of site visits. However, such efforts
vary widely across the country and are
subject to budget shortfalls.
We proposed to require in § 455.432
and § 455.450(b) that States must
conduct pre-enrollment and postenrollment site visits for those
categories of providers the State
designates as being in the ‘‘moderate’’ or
‘‘high’’ level of screening.
Further, in § 455.432, pursuant to our
general rulemaking authority under
section 1102 of the Act, we proposed
that any enrolled provider must permit
the State Medicaid agency and CMS,
including CMS’ agents or its designated
contractors, to conduct unannounced
on-site inspections to ensure that the
provider is operational at any and all
provider locations.
We maintain that site visits are
essential in determining whether a
provider is operational at the practice
location found on the Medicaid
enrollment agreement. We expect these
requirements to increase the number of
both pre-enrollment and postenrollment site visits for those provider
types that pose an increased financial
risk of fraud, waste, or abuse to the
Medicaid program.
We proposed that failure to permit
access for site visits would be a basis for
denial or termination of Medicaid
enrollment as specified in § 455.416.
As stated previously, pursuant to
section 2107(e)(1) of the Act, all
provisions that apply to Medicaid under
sections 1902(a)(77) and 1902(kk) of the
Act apply to CHIP. Because we
proposed a new regulation in Part 457
under which all provider screening
requirements that apply to Medicaid
providers will apply to providers that
participate in CHIP, this requirement for
site visits under § 455.432 apply in
CHIP.
Comment: Some commenters were
supportive of the proposal for preenrollment and post-enrollment site
visits in § 455.432, although they noted
that they would need additional funding
for travel or for contractors to conduct
the site visits. Some commenters stated
that the States should have the
discretion to define which providers are
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
subject to pre- and post-enrollment site
visits and when the site visits are
conducted, for example, by established
risk categories or an automatic flag that
demonstrates that billing has gotten to a
certain threshold thus requiring an
onsite visit. A few commenters stated
that the site visits were an undue
burden on States. One commenter stated
that the site visits were unnecessary
given that other more cost-effective
methods could prevent enrollment of
providers who are using fraudulent
identity, such as annual re-enrollment,
license verification, and follow-up when
a duplicate provider ID or address is
used. Another commenter noted that
pre-enrollment site visits could delay
enrollment as a result of inclement
weather.
Response: We recognize that conduct
of site visits will place a burden on State
budgets and staff time, and may be
difficult to accomplish in rural areas or
in inclement weather. However, site
visits are a requirement depending on
the risk the provider represents to the
Medicaid program. In response to the
commenters that suggested that States
should have the discretion to define
which providers are subject to pre- and
post-enrollment site visits: The site
visits are required for those providers
that are determined to be a moderate or
high categorical risk of fraud, waste, or
abuse. In addition to the required site
visits for providers in the moderate and
high screening levels, the State may also
conduct site visits at its discretion.
While there may be other means to
verify whether a provider is a going
concern or whether a provider has a
business location, conduct of site visits
is one method that is required by this
regulation. The State has the discretion
to utilize other additional methods to
prevent enrollment of non-existent
providers or to ensure that spurious
applications are not processed.
Comment: A few commenters sought
clarification on what the expectations
were for site visits when the provider
performed services in the beneficiary’s
home, for example, personal care
services; or for out-of-State providers or
rural providers.
Response: If a Medicaid-only provider
is in the moderate or high screening
level, the State Medicaid agency does
not have the discretion whether to
conduct a site visit: It is required under
§ 455.432(a) and § 455.450(b). However,
pursuant to § 455.452, States are
permitted to establish additional or
more stringent screening measures than
those required by this final rule with
comment period. Thus, for providers
that are in the limited screening level,
the State has the discretion to determine
PO 00000
Frm 00039
Fmt 4701
Sfmt 4700
5899
whether to conduct site visits, based on
whatever factors the State deems
appropriate. We recognize that the
appropriate location of the site visit may
differ based upon the provider type. For
example, the personal care services
agency is the enrolled provider, so its
location would likely be subject to a site
visit. While its employee the personal
care attendant may not be an enrolled
provider with the State Medicaid
agency, it may also be appropriate to
conduct a site visit in a beneficiary’s
home where the personal care attendant
is providing services to ensure that
services are in fact being provided
appropriately. It would be within the
discretion of the State Medicaid agency
to determine whether to conduct an
additional site visit for a provider in the
limited screening level. With respect to
providers in rural locations, the mere
fact that the provider is in a rural
location does not absolve the State
Medicaid agency of its responsibility to
conduct site visits. Similarly, for out-ofState providers, the mere fact that a
provider in the moderate or high
screening level is located in another
State would not negate the requirement
for a site visit, although we note that
§ 455.410 permits States to rely upon
the screening performed by Medicare
and by other State Medicaid programs
and CHIP. Therefore, no additional site
visit would be required if the provider
is also enrolled by Medicare or in
Medicaid or CHIP in its home State.
c. Provider Enrollment and Provider
Termination—Medicaid and CHIP
States may refuse to enroll or may
terminate the enrollment agreement of
providers for a number of reasons
related to a provider’s status or history,
including an exclusion from Medicare,
Medicaid, or any other Federal health
care program, conviction of a criminal
offense related to Medicare or Medicaid,
or submission of false or misleading
information on the Medicaid enrollment
application. Failure to provide
disclosures is another reason for
termination from participation in the
Medicaid program.
Federal regulations beginning at
§ 455.100 require certain disclosures by
providers to States before enrollment.
States require additional disclosures
prior to enrollment. Some States require
periodic re-enrollment and disclosure at
that time. However, States vary in the
frequency of such re-disclosures.
Providers are also inconsistent in
keeping their enrollment information
current, including items as elementary
as their address.
We proposed, at § 455.414, pursuant
to our general rulemaking authority
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5900
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
under section 1102 of the Act, that all
providers undergo screening pursuant to
the procedures outlined herein at least
once every 5 years, consistent with
current Medicare requirements for
revalidation.
In § 455.416, we proposed to establish
termination provisions, requiring States
to deny or terminate the enrollment of
providers: (1) Where any person with an
ownership or control interest or who is
an agent or managing employee of the
provider does not submit timely and
accurate disclosure information or fails
to cooperate with all required screening
methods; (2) that are terminated on or
after January 1, 2011 by Medicare or any
other Medicaid program or CHIP (see
section II.F. of this final rule with
comment period); and (3) where the
provider or any person with an
ownership or control interest or who is
an agent or managing employee of the
provider fails to submit sets of
fingerprints within 30 days of a State
agency or CMS request. We proposed to
permit States to deny enrollment to a
provider if the provider has falsified any
information on an application or if CMS
or the State cannot verify the identity of
the applicant. We also proposed to
require States to deny enrollment to
providers, unless States determine in
writing that denial of enrollment is not
in the best interests of the State’s
Medicaid program, in these
circumstances: (1) The provider or a
person with an ownership or control
interest or who is an agent or managing
employee of the provider fails to
provide accurate information; (2) the
provider fails to provide access to the
provider’s locations for site visits, or (3)
the provider, or any person with an
ownership or control interest, or who is
an agent or managing employee of the
provider has been convicted of a
criminal offense related to that person’s
involvement in Medicare, Medicaid, or
CHIP in the last 10 years. We believe
that providers can significantly reduce
the likelihood of fraud, waste or abuse
by providing and maintaining timely
and accurate Medicaid enrollment
information. We believe the Medicaid
program will be better protected by not
allowing persons with serious criminal
offenses related to Medicare, Medicaid,
and CHIP to serve as providers.
We proposed at § 455.416 that the
State be allowed to deny an initial
enrollment application or agreement
submitted by a provider or terminate the
Medicaid enrollment of a provider,
including an individual physician or
non-physician practitioner, if CMS or
the State is not able to verify an
individual’s identity, eligibility to
participate in the Medicaid program, or
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
determines that information on the
Medicaid enrollment application was
falsified.
In § 455.420, we proposed to require
that any providers whose enrollment
has been denied or terminated must
undergo screening and pay all
appropriate application fees again to
enroll or re-enroll as a Medicaid
provider.
We proposed at § 455.422 that in the
event of termination under § 455.416,
the State Medicaid agency must give a
provider any appeal rights available
under State law or rule.
As stated previously, pursuant to
section 2107(e)(1) of the Act, all
provisions that apply to Medicaid under
sections 1902(a)(77) and 1902(kk) of the
Act apply to CHIP. Because we
proposed a new regulation in Part 457
under which all provider screening
requirements that apply to Medicaid
providers will apply to providers that
participate in CHIP, these requirements
for provider enrollment, provider
termination, and provider appeal rights
under § 455.414, § 455.416, § 455.420,
and § 455.422 apply in CHIP.
Comment: Several commenters
expressed concern regarding the
requirement under § 455.414 related to
a 5 year re-screening process. Some
commenters stated that they already
required a periodic re-enrollment
process and CMS should take into
consideration the States’ existing
processes and grant the States the
flexibility to employ those existing
processes.
Other commenters noted that the
additional enrollments would place
administrative and fiscal burdens on the
States. Several commenters noted that
they would need an extended period to
implement the new requirements of the
proposed rule, including the
requirement set forth at § 455.414.
One commenter sought clarification
whether all providers currently enrolled
and that have been enrolled for 5 years
would be up for revalidation when the
regulation became effective; and
whether currently enrolled providers
could be revalidated over a 5-year
timeframe to diminish the
administrative burden on State
Medicaid agency staff.
Another commenter sought
clarification whether the requirement
was for re-screening or for re-enrollment
at least every 5 years; whether the
requirement would apply to all enrolled
providers including rendering
providers, or just to ordering or referring
physicians and other professionals who
are the subject of the requirements set
forth at § 455.410 and § 455.440; and
PO 00000
Frm 00040
Fmt 4701
Sfmt 4700
whether CMS would give affected
providers notice of the need to re-enroll.
Response: Periodic re-validation of
enrollment information affords States
the opportunity to ensure their provider
rolls do not contain providers that have
been excluded from participation in the
Federal health care programs. The State
Medicaid agencies can cull from their
provider rolls those providers that have
not submitted claims for payment or
referred claims for payment in several
years. Without removing those
providers’ numbers during a periodic reenrollment process, those providers’
numbers might be used at a later date in
a fraudulent scheme: The providers may
have been unwitting victims of identity
theft or may have participated in selling
their provider numbers.
The proposed requirement at
§ 455.414 describes screening of all
providers at least every 5 years.
Screening, as performed by the
Medicare Administrative Contractors for
all dually participating providers, and
by the State Medicaid agency or CHIP
for those providers that are not also
participating in the Medicare program,
should be distinguished from
enrollment, a function performed by the
State Medicaid agency or CHIP to
participate in the Medicaid program or
CHIP of a given State. Screening would
involve various assessments
commensurate to the risk the provider
posed to the Medicaid program or CHIP,
including license verification, database
checks, site visits, background checks,
and fingerprinting. Enrollment may
involve all of those, as well as collection
of disclosures required under § 455.104,
§ 455.105, and § 455.106, and a host of
State-specific requirements.
We applaud States that already
require periodic re-enrollment of
Medicaid providers. For the sake of
consistency with the Medicare program,
however, we are finalizing § 455.414 as
a 5 year re-validation of enrollment
information, which includes rescreening as well as the collection of
updated disclosure information, for
providers regardless of provider type,
including, but not limited to, rendering,
ordering, and referring physicians, and
other professionals. The screening
component of the 5 year re-validation
will be conducted by either the
Medicare Administrative Contractors
(for dually-participating providers) or by
the States (for Medicaid-only or CHIPonly providers). The collection of
updated enrollment information,
including, but not limited to, disclosure
information will be the province of the
State Medicaid agencies, and subject to
their existing procedures, therefore, we
will not issue notices of the need to
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
revalidate enrollment information to the
affected providers.
State Medicaid agencies should
complete the first re-validation cycle by
2015, with 20 percent of providers being
re-validated each year beginning 2011.
State Medicaid agencies have the
discretion to determine which providers
or provider types to re-validate
enrollment first. However, they may
want to consider re-validating
enrollment in the first years of the cycle
those providers or provider types that
pose the greatest risk of fraud, waste or
abuse to the Medicaid program and
CHIP.
Comment: We received comments
from States supportive of the proposed
bases for denial of enrollment or
termination of enrollment in § 455.416,
but concerned about the time they
would need for implementation to
amend State laws and rules and to
amend provider agreements. One State
commented that it would be
administratively inefficient, costly, and
unrealistic for each State to
independently confirm providers’
enrollment status or termination history
in another State’s Medicaid program or
CHIP.
Response: We believe that the bases
for denial of enrollment or termination
of enrollment in § 455.416 are necessary
to protect the integrity of the Medicaid
program. Therefore, prompt
implementation of these additional
bases for denial or termination will
serve each State and Medicaid programs
nationally. We acknowledge the
additional burden that new bases for
denial and termination will create for
State Medicaid programs, for example,
in changes to systems and forms, and
changes to provider agreements. We are
currently examining to what extent we
can support a centralized information
sharing solution for provider enrollment
across programs and across States.
However, we note that termination
based on termination by Medicare or by
another State’s Medicaid program is a
statutory requirement effective January
1, 2011.
Comment: One commenter
recommended that the reasons for
provider termination should be outlined
and given to the provider upon denial
or termination. The commenter noted
that the provider would then have the
ability to address or correct deficiencies
prior to resubmitting its enrollment
application. This requirement, the
commenter noted, would be in addition
to any appeal rights.
Response: We have provided for a
right of appeals to the extent they are
available under a State’s existing laws or
rules. While we recognize that the
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
commenter’s suggestion may be helpful,
and States may elect to adopt it, we will
not be disrupting a State’s procedures
under its existing laws or rules with this
regulation.
Comment: One State recommended an
addition to the language of
§ 455.416(g)(1) to recognize that a
provider’s omissions may be as
egregious as its falsified statements.
Response: We appreciate the
commenter’s suggestion to cover all
possible situations when a provider may
have misled the State in the application
process. However, § 455.416(d)
addresses termination for a failure to
submit timely and accurate information
which would include omissions to
provide information. Therefore we
decline to revise section § 455.416(g)(1).
Comment: A State requested
clarification on how rigorous the State’s
efforts must be to verify the identity of
the provider applicant or whether a
background check is sufficient.
Response: The State Medicaid
agencies have the discretion to
determine the steps that are appropriate
to verify the identity of the provider
applicant, which may include, but
would not be limited to, verification of
licensure, database checks, and criminal
background checks.
d. Criminal Background Checks and
Fingerprinting—Medicaid and CHIP
Section 1866(j)(2)(B)(ii)(II) of the Act
allows the Secretary to use
fingerprinting during the screening
process; and while several States have
implemented procedures to require
fingerprinting of physicians and nonphysician practitioners as a condition of
licensure, we maintain that if a State
designates a provider as within the high
level of screening as described
previously, each person with an
ownership interest in that provider
should be subject to fingerprinting.
Adding fingerprinting to State
screening processes for those providers
that pose the greatest risk to the
Medicaid program will allow CMS and
the State to: (1) Verify the individual’s
identity; (2) determine whether the
individual is eligible is participate in
the Medicaid program; (3) ensure the
validity of information collected during
the Medicaid enrollment process; and
(4) prevent and detect identity theft.
Ensuring the identity of ‘‘high’’ risk
Medicaid providers through
fingerprinting protects both the
Medicaid program and providers whose
identities might otherwise be stolen as
part of a scheme to defraud Medicaid.
In addition, while § 455.106 requires
providers to submit information to the
Medicaid agency on criminal
PO 00000
Frm 00041
Fmt 4701
Sfmt 4700
5901
convictions related to Medicare and
Medicaid and title XX, current
regulations do not require States to
verify data submitted as part of the
Medicaid enrollment application and
they are sometimes not able to verify
information that was purposefully
omitted or changed in a manner to
obfuscate any previous criminal
activity. According to fiscal year (FY)
2008 SPIA data, at least 20 States report
that they conduct some type of criminal
background check as part of their
Medicaid enrollment practices.
Elements of a robust criminal
background check could include, but
not are necessarily limited to: (1)
Conducting national and State criminal
records checks; and (2) requiring
submission of fingerprints to be used for
conducting the criminal records check
and verification of identity.
We proposed in § 455.434 and
§ 455.450 for those categories of
providers that a State Medicaid agency
determines is within the high level of
screening, the State must: (1) Conduct a
criminal background check of each
provider and each person with an
ownership or control interest or who is
an agent or managing employee of the
provider, and (2) require that each
provider and each person with an
ownership or control interest or who is
an agent or managing employee of the
provider to submit his or her
fingerprints. The State Medicaid agency
has the discretion to determine the form
and manner of submission of
fingerprints.
At § 455.434, we proposed that the
State Medicaid agency must require
providers or any person with an
ownership or control interest or who is
an agent or managing employee of the
provider to submit fingerprints in
response to a State’s or CMS’ request.
We solicited public comment on the
appropriateness of using criminal
background checks in the provider
enrollment screening process, including
the instances when such background
checks might be appropriate, the
process of notifying a provider or
individual that a criminal background
check is to be performed, and the
frequency of such checks.
We also solicited comment on the use
of fingerprinting as a screening measure.
We recognize that requesting, collecting,
analyzing, and checking fingerprints
from providers are complex and
sensitive undertakings that place certain
burdens on affected individuals. There
are privacy concerns and operational
concerns about how to assure individual
privacy, how to check fingerprints
against appropriate law enforcement
fingerprint data bases, and how to store
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5902
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
the results of the query of the databases
and also how to handle the subsequent
analysis of the results. As a result, we
solicited comments on how CMS or a
State Medicaid agency should maintain
and store fingerprints, what security
processes and measures are needed to
protect the privacy of individuals, and
any other issues related to the use of
fingerprints in the enrollment screening
process. We expressed interest in
comments on this and other possible
circumstances in which fingerprinting
would be potentially useful in provider
screening or other fraud prevention
efforts. Our proposed screening
approach contemplated requesting
fingerprints from providers assigned to
the high level for screening. We
solicited comments on whether this is
an appropriate requirement, the
circumstances under which it might be
appropriate or inappropriate, and any
alternatives to the proposed approach
regarding fingerprints. Our proposed
approach would allow States to deny
enrollment to newly enrolling providers
and to terminate existing providers if
the provider or if individuals who have
an ownership or control interest in the
provider or who are agents or managing
employees of the provider refuse to
submit fingerprints when requested to
do so. We solicited comments on this
proposal including its appropriateness
and utility as a fraud prevention tool.
In addition, we solicited comment on
the applicability and appropriateness of
using, in addition to or in lieu of
fingerprinting, other enhanced
identification techniques and secure
forms of identification including but not
limited to passports, United States
Military identification, or Real ID
drivers licenses. As technology and
secure identification techniques change,
the tools we or State Medicaid agencies
use may change to reflect changes in
technology or in risk identification. We
solicited comment on the appropriate
uses of these techniques and the ways
in which we should notify the public
about any tools CMS or State Medicaid
agencies would adopt. We also
welcomed comments on whether there
should be differences allowed between
Federal and State techniques, or among
States, and if so, on what basis.
As stated previously, pursuant to
section 2107(e)(1) of the Act, all
provisions that apply to Medicaid under
sections 1902(a)(77) and 1902(kk) of the
Act apply to CHIP. Because we
proposed a new regulation in Part 457
under which all provider screening
requirements that apply to Medicaid
providers will apply to providers that
participate in CHIP, these requirements
for criminal background checks and
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
fingerprinting under § 455.434 will
apply in CHIP.
Comment: A number of commenters
noted the undue and significant burden
on the States and providers that the
criminal background check requirement
in § 455.434, and specifically the
fingerprint requirement, would pose.
These commenters noted that State
Medicaid agencies do not have the staff
or expertise to conduct the checks. One
commenter stated that enforcement of
this provision will have deleterious
effects on the Medicaid provider
network and act as a barrier to care, and
recommended removing the
fingerprinting and background check
requirements for high risk providers.
Other commenters were supportive of
the proposal to conduct criminal
background checks and collection of
fingerprints, noting that the proposal
was intended to screen out
unscrupulous providers. One
commenter recognized that the proposal
to add fingerprinting of high risk
entities was a way to evaluate the
background of potential providers, to
identify fraud and prevent individuals
with known criminal backgrounds from
participating in Medicaid.
Other commenters were concerned
about the relative cost and efficiency of
conducting the criminal background
checks. Several commenters suggested
that the background checks be at the
States’ discretion. One commenter
suggested that CMS conduct any
necessary fingerprinting, regardless of
whether the person or entity is enrolled
in Medicare. Another commenter
recommended that CMS consider
limiting FBI criminal background
checks to cases in which there is
reasonable cause to believe the subject
may have a criminal record in another
State.
Response: We have considered all the
comments received and are sensitive to
the burden the criminal background
checks and fingerprinting will pose to
the State Medicaid agencies and the
affected providers. However, we believe
that criminal background checks are an
effective means of evaluating a high risk
provider. Furthermore, we believe that
fingerprinting high risk providers and
their owners are worthwhile endeavors
to determine identity and whether the
provider and other individuals have
been involved in criminal activities that
would adversely impact the Medicaid
program. While we are finalizing the
requirement to conduct criminal
background checks and collect
fingerprints for high risk providers, the
requirement will be limited to providers
and persons with a five percent or more
direct or indirect ownership interest in
PO 00000
Frm 00042
Fmt 4701
Sfmt 4700
the provider. There will be no
requirement to conduct criminal
background checks on, or collect the
fingerprints of, persons with a control
interest in the provider or the agents or
managing employees of high risk
providers. However, we intend to
monitor the situation and may seek to
extend the scope of fingerprint-based
criminal background checks in the
future if circumstances warrant. We are
making the appropriate changes to
§ 455.434. States will not be required to
implement criminal background checks
and fingerprinting until we issue
additional guidance. To the extent that
States have the ability to conduct
background checks and collect
fingerprints at this time, it is within
their discretion to do so prior to the
delayed implementation date. States
have the discretion to impose more
stringent requirements for Medicaidonly and CHIP-only providers than
those we are requiring.
Comment: One commenter asked how
results of criminal background checks
would be communicated in data
available to States from CMS.
Response: We are currently examining
to what extent we can support a
centralized information sharing solution
for provider screening results across
programs and across States. The
individual results of a criminal
background checks performed, however,
would likely be sent directly to the
agency requesting the background check
from the entity that performed the
check.
Comment: One commenter asked
whether there would be standard
criteria that define the types of
convictions that warrant denial of a
provider’s application.
Response: Whether to deny
enrollment or to terminate enrollment
are decisions that are within the
discretion of each State Medicaid
agency in accord with § 455.416. Thus,
the types of convictions that warrant
denial of enrollment would be at the
discretion of the State Medicaid agency.
Comment: Some commenters asked
what level of background check was
required, for example, were State
Medicaid agencies expected to do a
Federal criminal background check or a
State criminal background check.
Response: While it is within the State
Medicaid agency’s discretion to decide
whether to conduct State or Federal
background checks for Medicaid-only
providers, we recommend that the State
conduct Federal criminal background
checks which would provide
information that is national in scope
and therefore would be more complete.
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
rmajette on DSK29S0YB1PROD with RULES2
Comment: A few commenters
questioned which databases a States
should consult to compare fingerprints
against in order to do the screening
under this provision, in the event that
law enforcement is not available to
review the fingerprints?
Response: We are not aware of
databases that the State Medicaid
agencies might search, however, there
are vendors that provide the service for
a fee.
Comment: One commenter questioned
whether the State Medicaid agency must
perform a criminal background check in
its State only or in the neighboring State
for a provider applicant that only
provides services in the neighboring
State.
Response: The States have the
discretion to decide, however, we
would recommend conducting a FBI
criminal history record check, which
would provide information that is
national in scope and therefore would
be more complete and would be
preferable to a State background check
in either the enrolling State or the
neighboring State.
Comment: Some commenters noted
that fingerprints created a logistical
concern for the State Medicaid agencies.
Once they have obtained the fingerprint
cards from the providers, should the
States maintain the files, how should
they maintain the cards, and for how
long? If electronic files, how should the
States maintain those files?
Response: The State Medicaid
agencies should follow their existing
records retention laws and procedures,
however we recommend that the State
Medicaid agencies retain the files for at
least 5 years, until the provider’s
revalidation. To the extent that a State
Medicaid agency itself receives the
fingerprints submitted, we expect them
to maintain those files in a secure
manner to protect the privacy of the
individual who submitted the
fingerprints.
Comment: One commenter suggested
that the provision be revised so that it
does not require two copies of the
fingerprint card but allows for collection
of two copies if the State determines
that two copies are needed.
Response: We agree, and are making
that change to § 455.434.
e. Deactivation and Reactivation of
Provider Enrollment—Medicaid and
CHIP
Section 1902(kk)(1) of the Act
requires the screening of Medicaid
providers to ensure they are eligible to
provide services and receive payments.
In an effort to further protect the
Medicaid program and to be consistent
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
with longstanding Medicare
requirements, we proposed in § 455.418
that any Medicaid provider that has not
submitted any claims or made a referral
that resulted in a Medicaid claim for a
period of 12 consecutive months must
have its Medicaid provider enrollment
deactivated. Further, under § 455.420,
we proposed that any such provider
wishing to be reinstated to the Medicaid
program must first undergo all
disclosures and screening required of
any other applicant. In addition, we
proposed that the provider must pay
any associated application fees under
§ 455.426.
As stated previously, pursuant to
section 2107(e)(1) of the Act, all
provisions that apply to Medicaid under
sections 1902(a)(77) and 1902(kk) of the
Act apply to CHIP. Because we
proposed a new regulation in Part 457
under which all provider screening
requirements that apply to Medicaid
providers will apply to providers that
participate in CHIP, the proposed
requirements for deactivation and
reactivation of provider enrollment
under § 455.418 and § 455.420 would
apply in CHIP.
Comment: A few commenters
supported the proposed requirement as
written. A number of commenters were
supportive of the spirit of this proposed
requirement but suggested that we
lengthen the timeframe to 24 months.
Other commenters expressed concern
regarding the applicability of the
application fee when reactivating
enrollment and suggested that Medicaid
follow a streamlined reactivation
process similar to what occurs in the
Medicare program.
One State commenter expressed
concern that the requirement to
deactivate providers would necessitate
deactivating one third of the State’s
enrolled providers. Other State
commenters noted that out-of-State
providers would routinely be
deactivated because their billings are so
infrequent.
Response: We recognize that many
out-of-State providers provide
occasional emergency treatment to
Medicaid beneficiaries, and that
requiring States to deactivate those
providers after a year without billings
would cause administrative burdens for
the States and the providers. We believe
States should have the discretion to
police their own provider enrollment,
although we recommend that States
deactivate provider numbers that have
not been used for an extended period of
time.
After reviewing the comments
received and other operational
considerations we are not finalizing the
PO 00000
Frm 00043
Fmt 4701
Sfmt 4700
5903
requirement for deactivation of provider
numbers after 12 months in § 455.418 at
this time.
f. Enrollment and NPI of Ordering or
Referring Providers—Medicaid and
CHIP
Section 1902(kk)(7) of the Act
provides that States must require all
ordering or referring physicians or other
professionals to be enrolled under a
Medicaid State plan or waiver of the
plan as a participating provider.
Further, the NPI of such ordering or
referring provider or other professional
must be on any Medicaid claim for
payment based on an order or referral
from that physician or other
professional.
Providers and suppliers under
Medicare and providers in the Medicaid
program are already subject to the
requirement that the NPI be on
applications to enroll and on all claims
for payment, pursuant to section 6402(a)
of the ACA, amending section 1128J of
the Act, and under § 424.506, § 424.507,
and § 431.107, as amended by the May
5, 2010 interim final rule with comment
period (75 FR 24437).
In § 455.410, we proposed that any
physician or other professional ordering
or referring services for Medicaid
beneficiaries must be enrolled as a
participating provider by the State in
the Medicaid program. We proposed
that this would apply equally to fee for
service providers or MCE network-level
providers.
Additionally, we proposed to amend
§ 438.6 to require that States must
include in their contracts with MCEs a
requirement that all ordering and
referring network-level MCE providers
be enrolled in the Medicaid program, as
are fee for service providers, and thus
are screened directly by the State.
Although the NPI requirements in
section 6402(a) of the ACA did not
extend to CHIP providers, section 6401
of the ACA does apply equally to CHIP,
and the proposed requirement for
ordering and referring physicians or
other professionals under the Medicaid
program apply equally under CHIP.
In addition, in § 455.440, we proposed
that all claims for payment for services
ordered or referred by such a physician
or other professional must include the
NPI of the ordering or referring
physician or other professional. We
proposed that this would apply equally
to fee for service providers or MCE
network-level providers.
It is essential that all such claims have
the ordering or referring NPI and that
the State has properly screened the
ordering or referring physician or other
professional. Without such assurances,
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5904
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
it is difficult for CMS or the State to
determine the validity of individual
claims for payment or to conduct
effective data mining to identify
patterns of fraud, waste, and abuse.
As stated previously, pursuant to
section 2107(e)(1) of the Act, all
provisions that apply to Medicaid under
sections 1902(a)(77) and 1902(kk) of the
Act apply to CHIP. Because we
proposed a new regulation in Part 457
under which all provider screening
requirements that apply to Medicaid
providers will apply to providers that
participate in CHIP, these requirements
for provider enrollment and NPI under
§ 455.410 and § 455.440 apply in CHIP.
Comment: Many commenters
expressed concern regarding whether
the ordering and referring requirements
in the proposed rule applied in the
managed care environment. Many State,
MCO, and association commenters also
expressed concern regarding the impact
that mandatory enrollment under
§ 455.410 would have upon Medicaid
beneficiary access to providers. These
commenters stated concerns about the
ability to contract with providers and
other professionals if there was a
requirement for those providers to be
enrolled with the State as participating
providers. The MCO and association
commenters also cited their concerns
about network level providers wanting
to control their practices and not being
mandated to participate in the Medicaid
program when their preference was to
serve in a Medicaid MCO. In addition,
a State commenter expressed the
concern that they be able to attract
MCOs to their programs to provide
choice to beneficiaries.
Several State commenters also noted
that adding managed care ordering and
referring providers to their rolls in
addition to the proposed requirement
for re-enrollment every 5 years, as well
as the other proposed screening
requirements would impose
administrative and fiscal burden on
State resources.
A few association commenters
suggested that States implement a
registration process whereby MCO
network level providers would engage
in a process short of full enrollment
with the Medicaid agency, solely for the
purpose of screening. Several
commenters also expressed concerned
related to: (1) Consistency of screening
across Medicare and Medicaid, and
across the MAOs and Medicaid
managed care; and (2) who would
conduct the screening. There was some
confusion about whether the MAOs and
MCOs would conduct the screening of
the network level providers, or whether
Medicare contractors and State
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Medicaid agencies would conduct the
screening. There was also the issue of
MAO providers not being specifically
required to be enrolled to order or refer
for the items and services they ordered
or referred for Medicare beneficiaries to
be paid.
A few commenters noted the
adequacy of current credentialing
performed by Medicaid MCOs and the
absence of any statement to the contrary
justifying enrollment of network level
ordering and referring providers.
Several State commenters questioned
how the NPI requirement would apply
in a managed care environment, when
risk-based health plans file claims for
payment for the services of their
subcontracted network level providers
based on the contract between the State
and the risk-based health plan. The
network level providers ordering or
referring items or services do not file
claims for payment as fee-for-service
providers do.
Response: After careful consideration
of the comments we received, as well as
the statutory language, we have
determined that the new requirements
for ordering and referring physicians
should not apply in a risk based
managed care context. We do not
believe it was the intent of the Congress
to impose stricter requirements on the
Medicaid program than are imposed in
Medicare. To require Medicaid managed
care providers that order or refer items
or services for Medicaid beneficiaries to
enroll as Medicaid participating
providers when MAO providers are not
also required to enroll in the Medicare
program to order or refer items or
services for Medicare beneficiaries
would be to treat the programs
unequally.
In consideration of the concerns for
beneficiary access and the
administrative burden that enrollment
of MCO ordering and referring
physicians and other professionals
would impose on State Medicaid
agencies, and in consideration of the
parity of requirements for the Medicaid
and Medicare programs, we are not
requiring that ordering and referring
physicians and other professionals in
managed care risk based health plans
enroll as participating providers by
State Medicaid programs. Consequently,
we are not finalizing the proposed
change to § 438.6 that would have
required State managed care contracts to
require network level providers enroll
with the Medicaid agency as
participating providers.
We are limiting the exemption to risk
based managed care. Section 1902(kk)(7)
requires that States must require all
ordering or referring physicians or other
PO 00000
Frm 00044
Fmt 4701
Sfmt 4700
professionals to be enrolled under a
Medicaid State plan or waiver of the
plan as a participating provider. We
want to give the greatest effect to the
statute while creating the least adverse
impact on beneficiaries. Had we
extended the exemption to all forms of
managed care, for example, we would
have allowed physicians or other
professionals that participate in primary
care case management programs that
operate under State plan waivers to
avoid enrollment with a State’s
Medicaid program; or we would have
allowed home and community based
services program providers that order or
refer to avoid enrollment, to the extent
that a State requires such enrollment.
We also gave consideration to the
comments we received regarding access,
burden on State processes, and
credentialing. The State and managed
care organization commenters expressed
concerns about beneficiary access to
managed care networks and providers,
which would be likely to occur in the
risk-based forms of managed care, but
not in primary care case management,
for example. The States also expressed
concerns about the burden of enrolling
as participating providers those
physicians and other professionals in
managed care. Again, we interpret their
concerns to be about risk-based forms of
managed care, rather than forms of
managed care in which the provider or
entity bears no risk, because in the vast
majority of States network level
providers in risk-based forms of
managed care are not enrolled with the
Medicaid agency. Primary case care
managers, however, are already enrolled
with the Medicaid agency as fee-forservice providers. In addition, riskbased managed care entities conduct
credentialing required under Federal
regulations and subject to the terms of
the contracts between the States and the
MCOs, PIHPs, or PAHPs. Providers that
participate in non-risk-based forms of
managed care are subject to the various
enrollment requirements that each State
may designate.
Given that managed care services are
recorded in encounter claims, we
recognize that it is not always possible
for such an ordering or referring
physician’s or other professional’s NPI
to be reflected on such a claim. We
leave it to the State’s discretion, based
in part on the capability of the State’s
systems, to require entrance of the NPI
on the encounter record.
Comment: A commenter requested
clarification on whether the requirement
for ordering and referring physicians or
other professionals to be enrolled with
a State Medicaid agency would apply to
professionals who may not be eligible to
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
enroll in a State’s Medicaid program but
who provide services under the
supervision of an enrolled provider and
whose services are billed under the
provider identification number of that
eligible Medicaid enrolled provider.
Response: The requirement for other
ordering or referring professionals to
enroll with a State’s Medicaid program
as a participating provider would
depend on whether a State’s Medicaid
program recognized the professional as
a Medicaid provider. If it did not, there
would be no requirement to enroll.
Comment: Several commenters
expressed concern about the
applicability of § 455.410 and § 455.440
to public school districts. Public schools
deliver Medicaid school based health
services to Medicaid eligible children
and therefore are enrolled as Medicaid
providers. Commenters expressed
concern about public school-based
providers, for example, speech language
therapists, school psychologists,
occupational therapists, and physical
therapists, employed by public school
districts being required to enroll with
the Medicaid agency as ordering and
referring physicians or other
professionals. The commenters noted
that public school based providers are
able, but have not been required in the
past, to get an NPI. Public school
districts have included their NPI on
claims and the clinicians are assigned
unique provider identification numbers
to facilitate identification of providers
and services. Therefore, the commenters
encourage an exemption for public
school based providers from the NPI
requirement.
Response: Public school based
providers are subject to the ordering and
referring requirements set forth in
§ 455.410 and § 455.440. However, as a
way to minimize the administrative
burden of enrolling additional
providers, State Medicaid agencies may
implement a streamlined enrollment
process for those providers who only
order or refer, that is, who do not bill
for services, similar to the CMS–855–O
process in the Medicare program.
Additionally, State Medicaid agencies
may delegate to State or local
governmental agencies, such as public
school districts, the responsibility to
screen public school based providers
and to assign unique provider
identification numbers for claims
identification.
Comment: Several commenters noted
that the regulations at § 455.410 do not
address whether CMS will provide a
reliable mechanism or national database
in which screening results can be
shared. Without a method to obtain
results from these other entities, States
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
will have to screen all Medicaid
providers at considerable cost. One
commenter noted that Medicare and
CHIP do not define providers the same
way which will lead to confusion over
who has been screened through
Medicare and the sister agencies.
Response: We are currently examining
to what extent we can support a
centralized information sharing solution
for provider enrollment across programs
and across States.
Comment: Several commenters
responded that the proposed regulation
would be burdensome on both States
and providers, requiring providers who
do not normally work with the
Medicaid program and new groups of
providers to enroll. One commenter
suggested that rather than being
required to enroll with the Medicaid
program, providers be permitted to use
the NPI as evidence of successful
Medicare screening and enrollment.
Response: We are sensitive to the
additional burden that obtaining an NPI
will pose, however, inclusion of the NPI
on all Medicaid claims is a statutory
requirement. The commenter suggested
that providers enroll with Medicare and
use the NPI as evidence of successful
screening and enrollment. Providers
should be aware that the NPI is not
evidence of successful Medicare
screening and enrollment, but providers
who are actually enrolled in Medicare
will not have to be screened again by
the States to be enrolled in the Medicaid
programs. The States may implement a
streamlined enrollment process for
those providers who only order or refer,
that is, who do not bill for services,
similar to the CMS–855–O process in
the Medicare program.
Comment: One commenter described
a scenario of a salaried hospital
physician who was not enrolled by the
State Medicaid agency, but the hospital
that employed the physician was an
enrolled, participating Medicaid
provider. The commenter questioned
whether the referral rule applied to the
physician.
Response: Yes, the salaried hospital
physician must enroll with the State
Medicaid agency to order or refer for
Medicaid beneficiaries.
Comment: A commenter sought
clarification whether the order or
referral rule applied when an order or
referral was made prior to the Medicaid
beneficiary being eligible for Medicaid.
Response: No, if the order or referral
was made before the beneficiary was
Medicaid eligible, then the beneficiary
may have the order filled or the referral
fulfilled and the claim for the order or
referral will be paid.
PO 00000
Frm 00045
Fmt 4701
Sfmt 4700
5905
Comment: A commenter asked
whether the ordering and referring rule
applied to Medicare crossover claims.
Response: Yes, the beneficiary’s
claims would be Medicaid claims,
therefore the provider who ordered or
referred the Medicaid beneficiary’s
services would be required to be
enrolled as a Medicaid participating
provider.
Comment: One commenter requested
clarification on whether CMS will be
changing claims forms to accommodate
the collection of information regarding
ordering and referring providers.
Response: To the extent it is necessary
for the State Medicaid agencies to make
changes to their claim forms to
accommodate the new requirement
regarding ordering and referring
providers, and then the States should
make those changes.
Comment: Several commenters sought
clarification on whether the terms
‘‘ordering and referring physicians or
other professionals’’ included
prescribing providers.
Response: We interpret the statutory
terms ‘‘ordering’’ and ‘‘referring’’ to
include prescribing (either drugs or
other covered items) or sending a
beneficiary’s specimens to a laboratory
for testing or referring a beneficiary to
another provider or facility for covered
services.
Comment: Some of the commenters
sought clarification on the definition of
the term ‘‘other professional.’’ For
example, does it include rendering
providers, non-professional providers,
or providers in waiver programs?
Response: Under § 455.410(b) and
section 1902(kk) of the Act, the phrase
‘‘ordering and referring physicians and
other professionals’’ does not include
rendering providers, as these authorities
impose a new enrollment requirement
with respect to physicians and other
professionals that order or refer items or
services for Medicaid beneficiaries.
Other professionals include any person
or entity recognized to be enrolled by a
State Medicaid agency, and that may
order or refer. Of course, to be able to
submit a claim to a State Medicaid
agency, for services rendered or items
supplied to a Medicaid beneficiary, a
provider must be enrolled as a
participating provider with that State
Medicaid agency.
Comment: One commenter sought
clarification whether the requirement
for all ordering and referring physicians
or other professionals to be enrolled
with the Medicaid agency as
participating providers applied to IHS
providers.
Response: IHS providers are required
to comply with § 455.410(b). However,
E:\FR\FM\02FER2.SGM
02FER2
5906
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
rmajette on DSK29S0YB1PROD with RULES2
as a way to minimize the administrative
burden of enrolling additional
providers, State Medicaid agencies may
implement a streamlined enrollment
process for those providers who only
order or refer, that is who do not bill for
services, similar to the CMS–855–O
process in the Medicare program.
Comment: A commenter questioned
whether a provider that has enrolled as
a participating provider to comply with
§ 455.410(b) must submit fee-for-service
claims to the Medicaid agency, or is the
provider’s status as an enrolled provider
sufficient for compliance.
Response: Under § 455.410(b), a
physician or other professional need not
submit fee-for-service claims to the State
Medicaid agency to remain enrolled as
a Medicaid provider.
Comment: With respect to § 455.440,
one State asked whether the provider’s
NPI must be on each and every claim or
whether it is sufficient for the provider’s
NPI to be on file with the State
Medicaid agency, and whether the
prescribing provider’s NPI would be
required on pharmacy claims.
Response: Under § 455.440, ‘‘all
claims for payment for items and
services that were ordered or referred’’
must contain the NPI. This is based
upon the statutory requirement in
section 1902(kk)(7)(B) of the Act that
States require the NPI ‘‘of any ordering
and referring physician or other
professional to be specified on any
claim for payment that is based upon an
order or referral of the physician or
other professional.’’ Therefore, the
provider’s NPI must be on every claim,
including pharmacy claims; it is not
sufficient for the provider’s NPI to be on
file.
g. Other State Screening—Medicaid and
CHIP
Section 1902(kk)(8) of the Act
establishes that States are not limited in
their abilities to engage in provider
screening beyond those required by the
Secretary. Accordingly, in § 455.452, we
proposed that States may utilize
additional screening methods, in
accordance with their approved State
plan.
As stated previously, pursuant to
section 2107(e)(1) of the Act and
specified in our regulations in Part 457,
all provisions that apply to Medicaid
under sections 1902(a)(77) and 1902(kk)
of the Act apply to CHIP. Because we
proposed a new regulation under which
all provider screening requirements that
apply to Medicaid providers will apply
to providers that participate in CHIP,
this requirement for other State
screening under § 455.452 applies in
CHIP.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
h. Final Screening Provisions—
Medicaid and CHIP
We are adopting the Medicaid and
CHIP provider screening requirements
as proposed with the following
modifications:
• We clarified § 455.104(b)(1)
regarding the elements of corporate
addresses.
• We clarified § 455.104(b)(2) with
regard to whom the spouse, parent,
child, or sibling is related.
• We clarified § 455.104(b)(4) to
require managing employees to provide
SSNs and DOBs.
• We clarified § 455.104(c)(1), and
§ 455.104(c)(1)(i) and (ii) to include
submission of disclosures from
disclosing entities as well as providers.
• We clarified § 455.104(c)(1)(iii) to
require submission of disclosures upon
the request of the Medicaid agency
during the revalidation of enrollment
process.
• We are adopting § 455.450 with
modifications, having clarified that the
State agency must screen applications
both in re-enrollment and re-validation
of enrollment in the introductory
paragraph; deleted the reference to
publicly traded companies in
§ 455.450(a); deleted reference to
persons with controlling interests,
agents and managing employees who
are required to provide fingerprints in
§ 455.450(d); and clarified the basis for
adjusting a screening level related to
moratoria § 455.450(e)(2).
• At § 455.414 we clarified that States
must revalidate the enrollment
information of all providers at least
every 5 years.
• We are adopting § 455.416 with
modifications clarifying terminations of
persons with 5 percent of more direct or
indirect ownership interests in the
provider; and deleting reference to
persons with controlling interests,
agents and managing employees under
bases for termination for failure to
provide fingerprints.
• We clarified § 455.434 to require
criminal background checks from
providers or persons with a five percent
or more direct or indirect ownership
interest in the provider who meet the
State Medicaid agency’s criteria as a
high risk to the Medicaid program; and
to require fingerprints from providers
and person with a five percent or more
direct or indirect ownership interest in
the provider, upon the State Medicaid
agency’s or CMS’ request.
• We are not finalizing the proposed
provision that States deactivate the
enrollment of any provider that has not
billed for 12 months.
• And finally, we are not finalizing
the proposed requirement at
PO 00000
Frm 00046
Fmt 4701
Sfmt 4700
§ 438.6(c)(5)(vi) that required all
ordering and referring Medicaid
Managed Care network providers to be
enrolled as participating providers
based on commenters’ concerns
regarding access to services for
beneficiaries.
5. Solicitation of Additional Comments
Regarding the Implementation of the
Fingerprinting Requirements
While this final rule with comment
period is effective on the date indicated
herein, we strongly believe that certain
issues warrant further discussion.
Accordingly, we will continue to seek
comment limited to our implementation
of the fingerprinting provisions
contained in § 424.518 and § 455.434 of
this rule.
Specifically, we seek comment on
methods that we can use to ensure the
privacy and confidentiality of the
records that will be generated pursuant
to adopting the criminal history records
check provisions specified herein. As
described, we will adopt all protocols
issued by the FBI. However, we are
interested in any other privacy concerns
that interested parties may have in
addition to thoughts on how best to
address these concerns.
In addition, we seek comment on the
means by which we can measure the
effectiveness of our adoption of criminal
history records checks. That is, we are
seeking comments on tangible,
measureable methods we should use to
demonstrate the effectiveness of these
provisions.
In addition, we seek comment on
whether we should adopt additional
technology to identify providers and
suppliers that are enrolling in the
program. In the proposed rule, we
solicited specific comments on this
topic. However, we are interested in
receiving additional input from
providers, suppliers, and other
interested parties in light of the
provisions set forth in this final rule
with comment period.
As noted, we are only seeking
comment on the limited areas
previously described. We will accept
public comment for 60 days following
publication of this final rule with
comment period. To reiterate, we are
finalizing the requirement that
providers and suppliers will be subject
to criminal history records checks in the
event they are considered within the
‘‘high’’ level of risk as described in this
rule. Providers and suppliers, and all
other commenters, are encouraged to
submit comments within the 60-day
window to assist us in best
implementing the requirements that we
are finalizing surrounding this
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
technology. We are interested in hearing
input from all stakeholders, including
the beneficiary advocacy community,
law enforcement, providers, and
suppliers that are subject to the
requirements set forth in this final rule
with comment period, and any other
interested parties.
rmajette on DSK29S0YB1PROD with RULES2
B. Application Fee—Medicare,
Medicaid, and CHIP
1. Statutory Changes
Section 6401(a) of the ACA, as
amended by section 10603 of the ACA,
amended section 1866(j) of the Act and
requires the Secretary of DHHS to
impose a fee on each ‘‘institutional
provider of medical or other items or
services or supplier.’’ The fee would be
used by the Secretary to cover the cost
of screening and to carry out screening
and other program integrity efforts,
including those under section 1866(j)
and section 1128J of the Act. Since
section 10603 of the ACA excludes
eligible professionals, such as
physicians and nurse practitioners, from
paying an enrollment application fee,
we maintain that an ‘‘institutional
provider’’ would be any provider or
supplier that submits a paper Medicare
enrollment application using the CMS–
855A, CMS–855B (not including
physician and non-physician
practitioner organizations), CMS–855S
or associated Internet-based PECOS
enrollment application.
Section 1866(j)(2)(D)(i) of the Act
states that the new screening procedures
implemented pursuant to section 6401
of the ACA would be applicable to
newly enrolling providers, suppliers,
and eligible professionals who are not
enrolled in Medicare, Medicaid, or CHIP
by March 25, 2011. Accordingly, the
enrollment application fees for newly
enrolling institutional providers and
suppliers would be applicable on that
date as well.
Section 1866(j)(2)(D)(ii) of the Act
states that the new screening procedures
will apply to currently enrolled
Medicare, Medicaid, and CHIP
providers, suppliers, and eligible
professionals beginning on March 23,
2012. However, because the new
procedures are applicable beginning on
March 25, 2011 for those providers,
suppliers, (and eligible professionals)
currently enrolled in Medicare,
Medicaid, and CHIP that revalidate their
enrollment information, we will begin
collecting the application fee for those
revalidating entities for all revalidation
activities beginning after March 25,
2011.
Section 1866(j)(2)(C)(ii) of the Act
permits the Secretary, acting through
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
CMS, to, on a case-by-case basis, exempt
a provider or supplier from the
imposition of an application fee if CMS
determines that the imposition of the
enrollment application fee would result
in a hardship. It also permits the
Secretary to waive the enrollment
application fee for Medicaid providers
for whom the State demonstrates that
imposition of the fee would impede
Medicaid beneficiaries’ access to care.
Section 1866(j)(2)(C)(i)(I) of the Act
establishes a $500 application fee for
providers and suppliers in 2010. For
2011 and each subsequent year, the
amount of the fee would be the amount
for the preceding year, adjusted by the
percentage change in the consumer
price index for all urban consumers (all
items; United States city average), (CPI–
U) for the 12-month period ending with
June of the previous year. To ease the
administration of the fee, if the
adjustment sets the fee at an uneven
dollar amount, we will round the fee to
the nearest whole dollar amount.
2. Proposed Application Fee Provisions
In § 424.502, we also proposed to
establish a definition for an
‘‘institutional provider’’ as it relates to
the submission of an application fee. We
proposed that an ‘‘institutional
provider’’ means any provider or
supplier that submits a paper Medicare
enrollment application using the CMS–
855A, CMS–855B (but not physician
and nonphysician practitioner
organizations), or CMS–855S or
associated Internet-based PECOS
enrollment application.
For purposes of Medicare, Medicaid,
and CHIP, we interpret the statutory
reference to ‘‘institutional provider[s] of
medical or other items or services or
supplier’’ to include, but not be limited
to: The range of ambulance service
suppliers; ASCs; CMHCs; CORFs;
DMEPOS suppliers; ESRD facilities;
FQHCs; histocompatibility laboratories;
HHAs; hospices; hospitals, including
but not limited to acute inpatient
facilities, inpatient psychiatric facilities
(IPFs), inpatient rehabilitation facilities
(IRFs), and physician-owned specialty
hospitals; CAHs; independent clinical
laboratories; IDTFs; mammography
centers; mass immunizers (roster
billers); OPOs; outpatient physical
therapy/occupational therapy/speech
pathology services, portable x-ray
suppliers; SNFs; radiation therapy
centers; RNHCIs; and RHCs.
In addition to the providers and
suppliers listed previously, for purposes
of Medicaid and CHIP, we proposed that
a State may impose the application fee
on any institutional entity that bills the
State Medicaid program or CHIP on a
PO 00000
Frm 00047
Fmt 4701
Sfmt 4700
5907
fee-for-service basis, such as: Personal
care agencies, non-emergency
transportation providers, and residential
treatment centers, in accordance with
the approved Medicaid or CHIP State
plan.
We proposed that an application fee
will not be required from an eligible
professional who reassigns Medicare
benefits to another individual or
organization, since it would not create
a new enrollment of an institutional
provider or supplier that would result in
an application fee. In addition, we
proposed that in no case would the
application fee be required from any
individual physician or Part B medical
group/clinic.
We proposed that an application fee
will be required with the submission of
an initial enrollment application, the
application to establish a new practice
location, as a part of revalidation, or in
response to a CMS revalidation request.
We proposed that prospective
institutional providers and suppliers as
well as currently enrolled providers
who are revalidating their enrollment in
Medicare must submit the applicable
application fee or submit a request for
a hardship exception to the application
fee at the time of filing a Medicare
enrollment application on or after
March 25, 2011 in the case of
prospective providers or suppliers, and
in the case of revalidations. We believe
that it is essential that we are able to
receive and deposit the application fee
or consider the institutional provider’s
request for a hardship exception prior to
initiating an application review.
Therefore, we would not begin
processing an application for either a
new provider or supplier, or for a
provider or supplier that is currently
enrolled, until the enrollment
application fee is received and is
credited to the United States Treasury.
The fee would accompany the
certification statement that the provider
or supplier signs, dates, and mails to
CMS via the appropriate Medicare
contractor if the provider or supplier
uses Internet-based PECOS to enroll or
revalidate. The fee would accompany
the paper CMS–855 provider enrollment
application if the provider or supplier
enrolls or revalidates by paper. Because
the statutory provisions are effective for
newly enrolling providers and suppliers
effective March 25, 2011 institutional
providers and suppliers will not be
required to furnish the application fee
with applications submitted before that
date. However, because the ACA
provides that the new procedures will
be applicable beginning on March 25,
2011 for those providers and suppliers,
(and eligible professionals) currently
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5908
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
enrolled in Medicare, Medicaid, and
CHIP that revalidate their enrollment
information, we will begin collecting
the application fee for those revalidating
entities for all revalidation activities
beginning after March 25, 2011. We will
not collect the fee from individual
physicians and eligible professionals.
We proposed that CMS reject and
return to the provider or supplier an
initial enrollment application submitted
by a provider or supplier, without
further review as to whether the
provider or supplier qualifies to enroll
in the Medicare program, when the
Medicare enrollment application or the
Certification Statement is received by
the Medicare contractor and the
provider or supplier did not include a
request for hardship exception to the
application fee, did not include the
application fee or the appropriate
number of application fees, if
applicable. We do not believe that it is
appropriate for CMS to begin the
application review process without first
having received the application fee.
We proposed that the CMS reject any
initial enrollment applications
submitted after March 23, 2011, if a
provider or a supplier did not furnish
the application fee at the time of filing,
using § 424.525(a)(3) as the legal basis
for the rejection.
In § 424.525(a)(3), we proposed
adding a new reason why CMS could
reject an initial enrollment application
or an application to establish a new
practice location. Specifically, we
proposed a new § 424.525(a)(3) to state,
‘‘The prospective institutional provider
or supplier does not submit an
application fee in the appropriate
amount or a hardship exception request
with the Medicare enrollment
application at the time of filing.’’
We also believe CMS should be
allowed to reject an initial enrollment
application received from a provider or
supplier on or after March 25, 2011,
using § 424.525(a)(1) as the legal basis,
if, for any reason, CMS is not able to
deposit the full application amount into
a government-owned account or the
funds are not able to be credited to the
U.S. Treasury. In the case where a
provider or supplier did not submit the
application fee because they requested a
hardship exception that is not granted,
a provider or supplier has 30 days from
the date on which the contractor sends
notice of the rejection of the hardship
exception request to send in the
required application fee and application
forms.
In § 424.535, we proposed adding a
new reason why a CMS can revoke
Medicare billing privileges. Specifically,
we proposed a new § 424.535(a)(6)(i) to
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
state that billing privileges may be
revoked if ‘‘An institutional provider
does not submit an application fee or
hardship exception request that meets
the requirements set forth in § 424.514
with the Medicare revalidation
application or the hardship exception is
not granted.’’
In addition, in § 424.535, we proposed
a new § 424.535(a)(6)(ii) to state that
billing privileges shall be revoked if
‘‘CMS is not able to: deposit the full
application amount into a governmentowned account or the funds are not able
to be credited to the U.S. Treasury.’’
In § 424.514(b), we proposed that
currently enrolled institutional
providers and suppliers that are subject
to CMS revalidation efforts must submit
the applicable application fee or submit
a request for a hardship exception to the
application fee at the time of filing a
Medicare enrollment application on or
after March 23, 2011.
In § 424.514(d)(2)(iii), we proposed
that institutional providers submit the
application fee with each initial
application, application to establish a
new practice location, or with the
submission of an application in
response to a CMS revalidation request.
In § 424.514(d)(2), we proposed that
the application fee be based on the
amount calculated by CMS using the
CPI–U for the 12-month period ending
June 30 of the previous year and
adjusted annually to be effective January
1st of the following year. In
§ 424.514(d)(2)(v), we proposed that the
application fee be non-refundable.
Neither the Federal government, its
Medicare contractors, State Medicaid
agencies or CHIP should be liable for
reimbursement of the application fee to
the provider or supplier if the
application fee has been received by the
Medicare contractor and deposited into
a government-owned account and, later,
during the course of verifying,
validating, and processing the
information in the enrollment
application, CMS appropriately denies
the enrollment application. Appropriate
denial requires a substantive reason and
applications will not be denied over
inconsequential errors or omissions or
over errors or omissions corrected
timely.
In § 424.514(d)(4)(vi), we proposed
that a provider or supplier must submit
a new application fee if the provider or
supplier resubmits a Medicare
enrollment application because a
previously submitted enrollment
application was appropriately denied or
rejected. In some cases, a rejected
application would be returned to the
provider or supplier along with the
application fee; in other cases, the
PO 00000
Frm 00048
Fmt 4701
Sfmt 4700
application would be denied and the
application fee retained by the Federal
government because the processing of
the application would have already
begun. In those latter cases, CMS funds
would have been expended for some or
all of the required screening involved in
processing the application. For example,
if a home health agency enrollment
application is rejected because the
enrollment application, or the
certification statement generated by
Internet-based PECOS, was not signed,
the enrollment application would be
rejected and it and the check for the
application fee would both be returned
to the home health agency. If a home
health agency enrollment application is
denied based on non-compliance with a
provider enrollment requirement or
because the HHA did not meet the
conditions of participation for its
provider type, the enrollment would be
denied and the application fee would be
retained by the Federal government. If
the HHA wishes to send a new
enrollment application, it would have to
include another application fee with
that new enrollment application.
Similarly, we propose that a provider or
supplier would be required to submit to
the Medicare contractor a new
application fee with a subsequent
enrollment application if, among other
things, the previous enrollment
application was rejected because the
provider or supplier did not timely
furnish the Medicare contractor with the
applicable supporting documentation or
information necessary to complete its
review and verification of the previous
enrollment application.
In § 424.514(d)(6)(vii), we proposed
that the application fee must be able to
be deposited into a government-owned
account before an enrollment
application will be approved.
Because we proposed that a State may
rely on the results of the screening
conducted by the Medicare contractor to
meet the screening requirements for
participation in a State Medicaid
program or CHIP, we proposed that, for
dually participating providers, the
application fee would be imposed at the
time of the Medicare enrollment
application, consistent with the
procedures described previously.
Additionally, because the purpose of the
application fee is to, in part, cover the
costs of conducting the provider and
supplier screening activities, we
proposed that a provider or supplier
enrolled in more than one program (that
is, Medicare and Medicaid or CHIP, or
all three programs) would only be
subject to the application fee under
Medicare and that the fee would cover
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
screening activities for enrollment in all
programs.
Section 1866(j)(2)(C)(iii) of the Act
also permits the Secretary to grant, on
a case-by-case basis, exceptions to the
application fee for institutional
providers and suppliers enrolled in the
Medicare and Medicaid programs and
CHIP if the Secretary determines that
imposition of the fee would result in a
hardship. One instance that might
support a request for hardship exception
is in the event of a national public
health emergency where a provider or
supplier is enrolling for purposes of
furnishing services required as a result
of the national public health emergency
situation. Such requests will be
considered on a case-by-case basis, as
required by the statute. In addition, we
solicited comments on the appropriate
objective criteria that should be used in
making a hardship determination and if
there are any other circumstances in
which such exemptions should be
allowed. We also solicited comment on
the kinds of documents to be submitted
to CMS or its contractor to exhibit
hardship, including any comments on
the financial or legal records that might
be needed to make a determination of
hardship. Section 1866(j)(2)(C)(iii) of the
Act also permits the Secretary to waive
the application fee for providers
enrolled in a State Medicaid program for
whom the State demonstrates that
imposition of the fee would impede
beneficiary access to care. We solicited
comments on how waivers from the
application fee should be implemented
for Medicaid-only or duallyparticipating Medicare and Medicaid
providers and suppliers specifically
those seeking to furnish services where
beneficiary access issues are prevalent,
either geographically or in the provision
of the services.
We are committed to assuring access
to care for program beneficiaries. We are
in the process of developing promising
practices related to ensuring access in
the Medicaid program and CHIP. We
also solicited comments on the
appropriate criteria that we should
consider for purposes of the proposed
fee. We were particularly interested in
hearing from States, providers,
advocates, and other stakeholders
relating to concrete examples based on
experiences in using specific access
criteria.
Based on the statutory requirements
for calculating the application fee, we
offer the following example for purely
illustrative purposes. The initial
application fee beginning in 2010 is
established by law at $500. However, for
the following year, when the annual
Consumer Price Index (CPI–U) is
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
calculated for the period ending June
2010, we would recalculate the
application fee using the CPI–U. Thus,
if the CPI increased by 2.34 percent for
the 12 month period ending June 2010,
the application fee would be calculated
by multiplying the fee for the year by
the CPI–U. The $500 application fee
established by law on in 2010 would be
multiplied by 1.0234 to give $511.70.
We would then round to the nearest
dollar amount of $512.00. This would
be the amount of the fee in effect for
2011, and would apply to applications
received after the effective date of the
statute—March 25, 2011 for newly
enrolling providers and suppliers and
for revalidating providers and suppliers.
A similar process, based on the CPI–U
for the period of July 1, 2010 through
June 30, 2011 would be used to
calculate the fee that would become
effective on January 1, 2012, and that
would apply to new and currently
enrolled providers or suppliers that
submit applications on or after March
23, 2012. In § 424.514(d)(2), we
proposed that the annually recalculated
application fee amount would be
effective for the calendar year during
which the application for enrollment is
being submitted.
The amount of the application fee that
is required of enrolling providers or
suppliers, would be the amount that is
in effect on the day the provider or
supplier mails an enrollment
application or Certification Statement,
postmarked by the USPS, or if mailed
though a private mail service the date of
receipt by the Medicare contractor.
Because the application fee will become
an integral part of the enrollment
process, we believe that it is essential
that we notify State Medicaid Agencies
and the public about any changes in the
application fee prior to implementing a
change in the fee. Accordingly, we
would afford States and the public with
at least 30 days’ notice of any
impending change in the application
fee. We will make such notification
annually in the Federal Register and by
issuing guidance to the State Medicaid
and CHIP Directors, issuing CMS
provider and supplier listserv messages,
making announcements at CMS Open
Door Forums, and placing information
on the CMS Provider/Supplier
Enrollment Web page (https://
www.cms.gov/
MedicareProviderSupEnroll).
We proposed that a provider or
supplier that believes it is entitled to a
hardship exception from the application
fee enclose a letter with the enrollment
application or, if using Internet-based
PECOS, with the Certification
Statement, explaining the nature of the
PO 00000
Frm 00049
Fmt 4701
Sfmt 4700
5909
hardship. Further, we proposed that we
would not begin to process an
enrollment application submitted with a
letter requesting a hardship exception
from the application fee until it makes
a decision on whether to grant the
exception. Further, we proposed that we
a make hardship exception
determination within 60 days from
receipt of the request from an
institutional provider and CMS
contractor notify the applicant or
enrolled institutional provider or
supplier by letter approving or denying
the request for a hardship exception.
Moreover, if we deny the request for
hardship exception, we would provide
our reason(s) for denying the hardship
exception.
In § 424.530(a)(9), we proposed
adding a new reason why CMS can deny
Medicare billing privileges. Specifically,
we proposed a new § 424.530(a)(9) to
state, ‘‘An institutional provider’s or
suppliers ‘‘hardship exception’’ request
is not granted and the provider or
supplier does not submit the application
fee within 30 days of notification that
the hardship exception request was not
approved.’’
In § 424.535(a)(6)(i), we proposed
adding a new reason why CMS can
revoke Medicare billing privileges.
Specifically, we proposed a new
§ 424.535(a)(6)(i) to state, ‘‘An
institutional provider does not submit
an application fee or ‘‘hardship
exception’’ request that meets the
requirements set forth in § 424.514 with
the Medicare revalidation application or
the hardship exception request is not
granted and the institutional provider
does not submit the applicable
application form or the application fee
within 30 days of being notified that the
hardship exception request was denied.’’
We also proposed that an institutional
provider may appeal the determination
not to grant a hardship exception from
the application fee using the provider
enrollment appeals process established
in § 405.874 and found in 1866(j)(2) of
the Act.
In § 455.460, we proposed that, for
those providers who do not participate
in Medicare, the State may collect the
fee established by the Secretary as
outlined previously as the State will be
responsible for conducting the provider
screening activities for these providers.
Total fees collected will be used to
offset the cost of the Medicaid and CHIP
screening programs. The fees represent
an applicable credit under OMB
Circular A–87, entitled ‘‘Cost Principles
for State, Local, and Indian Tribal
Governments’’ (August 31, 2005 (70 FR
51910)), codified at 2 CFR part 225, and
made applicable to States by 45 CFR
E:\FR\FM\02FER2.SGM
02FER2
5910
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
rmajette on DSK29S0YB1PROD with RULES2
92.22(b). The cost principles require
that the costs a State claims must be
reduced by ‘‘applicable credits,’’ or
‘‘those receipts or reduction of
expenditure-type transactions that offset
or reduce expense items allocable to
Federal awards as direct or indirect
costs’’, (Paragraphs C.1.i., C.4.a. and D.1.
of Appendix A to 2 CFR part 225). If the
fees collected by a State agency exceed
the cost of the screening program, the
State agency must return that portion of
the fees to the Federal government. CMS
will direct these fees to support program
integrity efforts as permitted by the
ACA.
3. Analysis of and Responses to Public
Comments
Below is a summary of the comments
we received regarding the proposed
enrollment application fee.
Comment: Through section 6401 of
the ACA, CMS is authorized to collect
and retain an application fee. Some
commenters stated that CMS did not
explain or justify the purpose behind
the enrollment application fee, for
enrolled providers of service and
suppliers, beyond stating that the
Congress mandated it. The commenters
urged CMS to explain whether the
revalidation/enrollment fee is meant to
ensure compliance with a provider’s or
supplier’s reporting responsibilities or
to collect monies for the Federal
Government.
Response: The ACA authorizes the
collection of an application fee to cover
costs of screening, including screening
required for providers and suppliers
that are revalidating their enrollment.
The ACA specifies that the fees are to
be collected from institutional providers
and are to be used for program integrity
efforts, including the costs of screening.
Comment: Several commenters
questioned whether CMS has the
statutory authority to exempt medical
clinics and group practices from the
application fee. They contended that
while section 10603 of the ACA strikes
the provision found in section 6401 of
the ACA relating to individual provider
application fees, section 10603 of the
ACA does not establish a waiver for
organizational suppliers, such as groups
or clinics. They also stated that CMS
furnished only a limited discussion of
why it decided to give medical groups
and clinics an application fee waiver.
They stated that CMS should explain
why it is giving medical groups and
clinics a significant financial benefit by
excluding them from the application
fee. Another commenter stated that if
CMS retains its policy to exempt
medical groups and clinics from the
application fee, CMS should estimate
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
the annual loss in revenue to the
Federal government and explain what
this will mean to CMS’ efforts to fight
fraud, waste and abuse. Another
commenter stated that if CMS retains
this provision, it should exclude the
reference to physician and nonphysician practitioner organizations in
the proposed definition of institutional
provider.
Response: Section 6401(a) of the ACA
that adds section 1866(j)(2) of the Act
specifically excluded physicians from
paying the application fee. Physicians
and non-physician practitioners in
medical groups and clinics reassign
their Medicare billing privileges to those
medical group and clinics. As such they
would be exempt from the fees.
Comment: One commenter asked if a
small group practice would be
considered institutional, and whether
every practice location would need to
submit a separate application fee.
Response: We will clarify that the
application fee is not applicable to
physicians and non-physician
practitioners, regardless if the physician
or non-physician practitioner is
organized in a small group practice.
Comment: A commenter urged CMS
to consider exceptions to the required
application fee, which, the commenter
stated, could impose a hardship on
small home and community based
service providers.
Response: We are committed to
ensuring access to care and services for
beneficiaries and will clarify that a
State, in consultation with the
Secretary, may waive the application fee
for Medicaid-only or CHIP-only
providers if the State demonstrates that
imposition of such a fee will impede
beneficiary access to care.
Comment: A commenter suggested
that CMS develop and issue a standard
enrollment fee ‘‘hardship exception
form’’ that a provider can use when
requesting an exception to the fee.
Response: Whereas a standard form
might be useful, there could be many
situations that justify exception from the
fee. We do not want to limit the basis
for fee exceptions for providers and
suppliers to a pre-established list of
circumstances. Accordingly we have not
listed options for providers and
suppliers to request hardship exceptions
from application fees. As indicated in
the preamble to the proposed rule, each
request will be considered on its own
merit on a case-by-case basis.
Comment: A commenter suggested
that to avoid processing delays
associated with depositing the
application fee into a governmentowned account, CMS should allow
newly-enrolling Medicare, Medicaid
PO 00000
Frm 00050
Fmt 4701
Sfmt 4700
and CHIP providers to submit the
application fee in advance of submitting
a new enrollment application.
Response: We disagree with the
commenter’s suggestion. We think
payments should be clearly associated
with the CMS–855 application form. We
believe that payments submitted before
the CMS–855 could have a greater
likelihood of being disassociated with
the appropriate CMS–855.
Comment: One commenter stated that
since the application fee must be
credited to the United States Treasury,
CMS should explain how long it will
take before the application fee is paid by
a provider or supplier and when CMS
will receive this money to fight fraud,
waste and abuse.
Response: The Treasury Department
has existing regulations in place
governing the time frame in which
received funds must be deposited and
made available in the U.S. Treasury. We
will be working with the Office of
Management and Budget and
Department of HHS budget officials to
assure that the full amount collected
from application fees will accrue to
CMS for HHS’s program integrity work
as required by section 1866(j)(2)(C)(iii)
of the Act.
Comment: A commenter requested
that CMS explain why an application
fee is required by a Competitive
Acquisition Program (CAP) Part B Drug
Vendor, since this entity does not bill
the Medicare program.
Response: Only institutional
providers, as defined in the proposed
rule, are subject to the application fee.
Providers and suppliers that do not bill
Medicare on a fee-for-service basis are
not subject to the application fee.
Comment: A commenter stated that in
exempting medical groups/clinics from
the application fee, CMS does not
distinguish between clinics owned by
physicians/practitioners and nonphysicians/non-practitioners.
Response: We did not distinguish
between medical groups/clinics on the
basis of ownership. Medical groups and
clinics are exempt from the fee because
as noted previously, they are paid
through reassignment of payments from
physicians and non-physician
practitioners. Physicians, non-physician
practitioners and other individual
practitioners are not subject to the fee by
statute.
Comment: A commenter stated that
FQHCs should be exempted from the
application fees for two reasons. First,
FQHCs, unlike other providers, are not
permitted to submit one Medicare
enrollment application for all sites, and
that consequently, these low-risk
entities would pay the majority of the
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
application fees. Second, a significant
portion of an FQHC’s budget includes
section 330 grant funds. These funds are
primarily intended for the care of
uninsured and indigent patients. The
application fees would take a significant
portion of those funds away from the
neediest individuals.
Response: While we understand the
commenter’s concerns, the statute did
not exempt FQHCs from the application
fee requirement. However, FQHCs can
request a hardship exception to the fee.
Comment: A commenter
recommended that CMS update the
CMS–855A, CMS–855B, and CMS–855S
forms to add information about the
application fee, including the basis for
this fee, the amount of the fee, and
where the fee should be mailed.
Response: We agree that providers
and suppliers need additional
information about the process for
submitting the application fee, its basis
and intended use. We plan to have such
materials available by the effective date
of the final regulation. We will make
these materials available through our
Web site, listservs, open door forums,
and other communication methods. We
will also share these documents with
professional and provider and supplier
associations in an effort to provide
additional information.
Comment: A commenter noted that
section 1866(j)(2)(D)(ii) of the Act states
that the application fee would not apply
to current providers or suppliers until
two years after enactment. However, the
commenter argued, CMS was silent on
this statutory provision in the proposed
rule. The commenter recommended that
CMS explain why section
1866(j)(2)(D)(ii) of the Act does not
apply to current providers and suppliers
and why CMS has decided to apply the
provisions in section 1866(j)(2)(D)(iii) of
the Act instead.
Response: Section 1866(j)(2)(D) of the
Act contains conflicting effective dates
for currently enrolled providers and
suppliers. In 1866(j)(2)(D)(iii), providers
and suppliers that are revalidating are
subject to the fee and the other
provisions of the proposed rule 180
days after enactment, or September 19,
2010. In section 1866(j)(2)(D)(ii) of the
Act the new screening provisions
including the fee are effective for
currently enrolled providers and
suppliers on March 23, 2012. For newly
enrolling providers and suppliers the
provisions are effective on March 25,
2011. We recognize the conflicting
effective dates for the same group of
currently enrolled providers and
suppliers. As a result, in an effort to
promote consistency in the application
of the rule, we proposed two effective
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
dates for the provisions of the rule for
currently enrolled providers and
suppliers. On March 25, 2011, the fees
and other requirements of the regulation
are applicable for currently enrolled
providers that are revalidating their
enrollment in the period between March
25, 2011 and March 23, 2012. For all
other currently enrolled providers and
suppliers, the fees and other provisions
of the proposed rule are effective on
March 23, 2012, as specified in the
statute. The statute authorizes us to
begin collecting fees from providers and
suppliers that are revalidating as early
as September 23, 2010.
Comment: A commenter
recommended that—consistent with
section 10603 of the ACA–CMS
establish an application fee exemption
for physicians who are sole
proprietorships or sole owners and who
provide DMEPOS ‘‘incident to’’ their
medical service.
Response: Physicians who are
enrolled in Medicare as physicians are
exempt from the fee. DMEPOS
suppliers, whether owned by physicians
or otherwise, are institutional suppliers
and as such, are subject to the
application fee.
Comment: Several commenters urged
an exception from the enrollment fee
for: (1) Existing providers, or (2) new
providers in under-served areas. A
commenter added, however, that such
exceptions should be limited to
nonprofit and governmental entities
with low overall margins. The
commenter also stated that CMS should
allow enrollment fee exceptions: (1) For
existing providers when it is clearly
equitable and in the public’s interest—
since to do otherwise simply transfers
limited resources needed for patient
care to the enrollment process and
constitutes a tax on an otherwise
nontaxable entity—and (2) for any new
nonprofit or public provider that is
proposing to establish services in an
underserved area. The commenter did
not believe that for-profit providers
should qualify for fee waivers because
their business model is based on their
capacity to generate sufficient capital to
start a business and operate profitably.
Response: We recognize that the
application fees are a new financial
obligation on nonprofit and public
providers and suppliers; however, the
statute provides no blanket exception
for providers and suppliers by financial
status. However, the law and rule
contain provisions that would allow
institutional providers and suppliers to
apply for hardship exception to the fees
for circumstances that are appropriate to
their respective situations. We
encourage any provider or supplier that
PO 00000
Frm 00051
Fmt 4701
Sfmt 4700
5911
cannot pay the fee to notify us and
provide us with justification for the
exception.
Comment: A commenter stated that
the application fee should be waived for
providers that routinely update their
Medicare enrollment information more
than once in a five-year period (3 years
for DMEPOS).
Response: While we do not
discourage providers and suppliers from
submitting revalidation applications
more frequently than the regulatoryprescribed timeframes, we do not
believe that the fee should be waived for
providers that do so. As stated in the
preamble, the application fee is to be
used by the Secretary to cover the cost
of screening. If the provider or supplier
submits a revalidation application on its
own volition, we believe it is
appropriate to require a fee that would
cover the cost of processing that
application.
Comment: A commenter, expressing
concern about the time it can take for
Medicare contractors to process
applications, recommended that
payment of the enrollment fee be tied to
a corresponding obligation of the
Medicare contractor to complete the
enrollment process within a specified
period of time. Specifically, the
commenter requested that CMS create a
hardship category that would permit an
enrollment fee to be refunded to the
provider or supplier if the Medicare
contractor fails to process the
application within a specified period of
time (for example, 30 days from the date
a completed enrollment is received by
the Medicare contractor). The
commenter stated that such a policy
would create the proper incentive for
Medicare contractors to process these
applications in a timely fashion. Other
commenters, too, stated that the fee
should be refunded if the Medicare
contractor does not process the
application in a timely manner.
Response: We are concerned about
any delay in processing enrollment
applications. Our enrollment
contractors have clear standards in their
contracts regarding processing
enrollment applications. In fact, we are
currently in the process of strengthening
such performance standards for all of
our contractors. However, the ACA
provides that a provider may be
exempted from the fee only when the
imposition of the fee itself would result
in a hardship. We do not interpret the
ACA as linking the application fee to
contractor performance standards.
Comment: One commenter stated that
it appears that physicians who also
enroll as DMEPOS suppliers so they can
furnish DMEPOS to their own patients
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5912
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
would be expected to pay an enrollment
fee. The commenter believes that this
would be inconsistent with the
congressional decision to exempt
physicians and other health
professionals from the enrollment fee. It
might also cause some physicians and
other health professionals to decide
against enrolling as DMEPOS suppliers,
thus they would no longer be in a
position to provide their patients with
Medicare-covered DMEPOS. The
commenter also stated that CMS should
modify its enrollment procedures so
that physicians who also wish to
provide DMEPOS to their own patients
would only need to enroll once, not
twice. This approach would simplify
the enrollment process for both
physicians and CMS.
Response: Physicians that supply
DMEPOS services to patients are
currently required to enroll as both a
physician (for medical services) and as
a DMEPOS supplier. The screening
required of any DMEPOS supplier, even
one that is incident to a physician’s
practice, is more resource intensive than
screening for physicians. Accordingly,
we think applying the fee to all
DMEPOS suppliers is justified.
Moreover, we think it is a necessary
component of our efforts to assure
overall benefit integrity in Medicare to
have all DMEPOS suppliers meet the
supplier standards for DMEPOS
suppliers. Accordingly, we have no
plans to change the requirements as
suggested by the commenter. We note in
addition that a decision to make any
such changes would be outside the
scope of this rule.
Comment: A commenter asked why
CMS is proposing to exempt a physician
or non-physician practitioner
organizations from the application fee
when they submit a CMS–855B
application, but the same physician or
non-physician practitioner organization
would be required to pay an application
fee if they enrolled using the CMS–
855S.
Response: The ACA specifically
excluded physicians and nonphysician
practitioners from paying the
application fee. Physicians or nonphysician practitioner organizations that
elect to apply to enroll in Medicare as
an institution or other entity, for
example, submitting an CMS–855S to
enroll as a DMEPOS supplier, are
applying to enroll as an institutional
provider not a physician or nonphysician practitioner. Accordingly,
applications to enroll as institutional
providers are subject to submitting the
application fee.
Comment: Several commenters stated
that a $500 application fee for DMEPOS
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
suppliers who are orthotists and
prosthetists is not reasonable, especially
on top of the required annual payment
for a surety bond, accreditation and to
maintain licensure. One of these
commenters opposed the proposed rule
because it seems redundant in light of
other requirements such as
accreditation, licensure, non-mandatory
OIG compliance plans, and HIPAA. The
commenter stated that with
reimbursements being cut, expenses
increasing, and the government
constantly imposing new, unnecessary
fees, it is becoming difficult for small
businesses to survive in this economy.
Several other commenters stated that
the fee should be waived for the
smallest providers. For community
pharmacies, another commenter urged
CMS to either: (1) Impose a $500 fee
upon initial enrollment and in the case
of the addition of new practice locations
without imposing any fees for
revalidation, or (2) impose a lower fee
of $200 if the fee will apply to
revalidation, as well as initial
enrollment and adding new locations.
Response: The ACA sets the initial fee
at $500.00 for all types of institutional
providers or suppliers and for
revalidating providers. Because the ACA
specifies that the money be used for
program integrity activities, including
screening, we believe it is reasonable
and appropriate to impose a fee on new
practice location applications which
require us to expend resources to screen
for example onsite visits or background
checks may be required. Also, the ACA
specifies the formula for updating the
fee. Affected providers and suppliers
can request an exception from the fee if
they can demonstrate that it poses a
hardship.
Comment: A commenter requested
clarification as to whether a returned,
rejected, or denied application would
trigger the need for a provider to resend
another fee when it resubmits its
application. The commenter also asked
whether a provider going from one state
to another within Medicare would only
be required to submit the fee once.
Response: The proposed rule itemized
circumstances when additional fees
would be required. The answer to the
commenter’s question about returned,
rejected, or denied applications and
whether these actions would trigger a
requirement for a new fee will vary
depending upon the circumstances.
Providers and suppliers that submitted
applications that were denied because
the provider or supplier did not meet
the requirements to enroll would be
subject to an additional fee for any new
application they submit. Providers and
suppliers that submitted an application
PO 00000
Frm 00052
Fmt 4701
Sfmt 4700
that could not be processed because of
a temporary moratorium would not be
required to submit an additional fee.
Applications that were accompanied by
a request for hardship exception waiver
to the fee and for which the hardship
waiver request was denied would be
required to submit a fee in order for the
application to be processed. If, in this
latter circumstance, the provider or
supplier submitted the fee with the
application and the hardship exception
waiver request, and the fee was not
returned, the provider or supplier
would not be required to submit a new
fee payment. Providers establishing a
new practice location in a different
enrollment jurisdiction or as a new
provider type would be required to
submit a fee for each new practice
location or provider type.
Comment: A commenter stated that
CMS should allow application fees to be
held in escrow when an application is
denied.
Response: We think it is important for
the fee to be associated clearly and
specifically with the application for new
enrollment or revalidation at the time
the application for enrollment or
revalidation is being processed. In this
way we avoid any administrative errors
involved in associating a fee held in
escrow with an instant application.
There are a number of reasons it might
be complicated to associate an escrowed
fee with an application, particularly if
the provider or supplier has a different
name or identifier, or a large amount of
time has elapsed between applying for
enrollment or revalidation.
Comment: A commenter believes it
was inequitable that institutional
providers in the limited level of
screening are still subject to the same
$500 application fee as providers in the
high level of screening. The commenter
recognized that this is a matter of
statute, but stated that a more equitable
policy would be to link the application
fee amount to the assigned level of
screening, with a zero or minimal fee
applicable for facilities in the limited
screening level and higher scaled fees
applied to the moderate and high
screening levels. The commenter also
recommended that CMS use the
application fee collected from ‘‘limited
risk’’ providers to develop prioritized
and expedited processes and timeframes
for contractor review and approval of
initial enrollment applications and
revalidations for ‘‘limited risk’’
providers.
Response: The ACA established a flat
rate of $500 for application fees to be
imposed upon institutional providers
and suppliers. In addition, the ACA
does not include provisions to link the
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
fee to assigned screening level.
Accordingly, the proposed rule
implementing the statute did not link
the fee to assigned screening level.
Comment: A commenter stated that
for DMEPOS suppliers, requiring a $500
application fee at the time of submission
of an enrollment application for each
Medicare PTAN is unsupported and
improper. A simple $500 fee per
company, or paying for up to four
facility locations (but not more) per
company, or $500 for the first location
and $50 for the next 10 makes sense. A
flat $500 per location does not make
sense according to the commenter, since
clearly larger companies with multiple
locations pose lower risk.
Response: As mentioned previously,
the fee amount is included in the ACA.
In addition, the ACA requires each
institutional provider to pay the fee.
Providers and suppliers will be charged
the fee for each form CMS–855 they
submit for enrollment or revalidation.
Comment: A commenter stated that
CMS should not allow contractors to
revoke a provider’s billing privileges if
an application fee or hardship waiver
does not accompany a revalidation
application.
Response: We disagree. We believe
that the failure to submit an application
fee or hardship waiver with a
reenrollment or revalidation application
should be treated as the equivalent of
the non-submission of the application,
which is grounds for revocation under
regulation § 424.535(a)(6). However, we
understand the concern expressed and
will instruct our enrollment contractors
to contact any enrolling or revalidating
provider or supplier that does not
submit the fee with the enrollment
application and afford an opportunity to
submit the fee. Thirty days after the date
of the notification, the enrollment
contractor would reject the application
and revoke the billing privileges of the
enrolled provider or supplier that has
not submitted the fee. We have modified
the regulation provisions in § 424.514(g)
to include the 30 day period.
Comment: Several commenters
requested clarification that changes of
information, reactivations, and
contractor-solicited, off-cycle
revalidations do not require an
application fee.
Response: The ACA authorizes fees
for new enrollment and revalidation of
enrollment. Simple changes in the
CMS–855, for example, new phone
numbers, new bank account
information, new billing address(es),
change in name of provider or supplier,
or other such updates, do not constitute
a new enrollment or a revalidation of an
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
enrollment and therefore would not be
subject to an additional fee.
Comment: A commenter stated that
there is no justification to assess new
fees to providers to support CMS
enforcement activities that should be
ongoing in any event. Moreover, CMS’
proposed actions, the commenter
contended, ignore the much more
practical and effective measures to stem
fraud and abuse outlined in H.R. 2479,
and instead of stopping the fraud at the
outset (as seems to be the stated
objective) rely unduly on
straightforward delays in delivering
payments to all providers. This
punishes all legitimate providers, and
without any assurance that delays will
solve the fraud problem.
Response: Section 1866(j)(2)(C) of the
Act authorizes the the Secretary to
collect application fees from
institutional providers and suppliers.
This section also specifies that ‘‘the
amounts collected as a result of the
imposition of a fee under this
subparagraph shall be used by the
Secretary for program integrity efforts,
including to cover the costs of
conducting screening under this
paragraph and to carry out this
subsection and section 1128J of the
Act.’’ We are implementing the
provisions of the statute. The
application fees collected will be used
for program integrity efforts as specified
in the statute.
Comment: A commenter stated that
imposition of the fee on physicians who
are enrolled as DMEPOS suppliers is
unambiguously beyond the scope of
CMS’s statutory authority, would
frustrate congressional intent, and is not
warranted, since the vast majority of
physicians would not be subject to
additional screening.
Response: The fees are only paid by
institutional providers and suppliers. If
a physician is enrolled as a physician
and also as a DMEPOS supplier, the fee
is required only for the DMEPOS
supplier enrollment.
Comment: A commenter supported
CMS’s proposal to exempt physicians
and non-physician practitioners from
the application fee. The commenter
stated that with a potential Medicare
provider shortage on the horizon,
introducing an application fee to these
suppliers would only serve to drive
more providers out of the Medicare
system.
Response: The ACA exempts
physicians and non-physician
practitioners from paying the
application fee.
Comment: A commenter stated that an
appropriate course would be to process
the application and require that if the
PO 00000
Frm 00053
Fmt 4701
Sfmt 4700
5913
application is accepted but the hardship
waiver is denied, the application fee
will be deducted from future payments.
This certainly creates the risk that some
applications would be considered for
which no application fee payment was
ultimately available, but that outcome is
offset by the need to avoid draconian
requirements with illusory protections.
Response: The ACA requires
institutional providers and suppliers
that submit an application to enroll in
or revalidate their enrollment in
Medicare to pay the fee. Contractors
should not process applications for new
enrollment or revalidation of enrollment
without a fee accompanying the
application. In the case of an
application that is accompanied by a
request for a hardship waiver that is
denied, the contractor will notify the
provider or supplier that a fee is
required for further processing. The
provider or supplier has the option to
submit the fee with the application and
waiver request as a contingency to
expedite processing should the hardship
waiver be denied and the provider or
supplier is concerned about delays
associated with the time required to
provide the fee.
Comment: A commenter expressed
concern that there was no exception for
governmental providers, including those
that are funded by Federal agencies. To
permit Medicare and Medicaid, for
instance, to impose enrollment fees on
Indian and tribal providers merely
transfers funds from one health system
to Medicare and Medicaid.
Response: Neither the ACA nor the
proposed rule provide a blanket
exemption from the fee for Federal
institutional providers. Accordingly, we
are unable to grant such an exception.
However, Federal health care providers
have the option to seek a hardship
exception to the fee, and could request
such an exception with any applications
submitted to enroll in Medicare as an
institutional provider.
Comment: A commenter stated that if
an application fee or hardship waiver
request is missing from an application,
the contractor should—consistent with
§ 424.520—treat this as a request for
additional information and give the
provider 30 days to furnish the missing
items.
Response: We agree. Consistent with
§ 424.514(g)(3)(ii), contractors will be
instructed to give providers and
suppliers 30 days after the provider or
supplier receives notification that the
request for a hardship waiver is denied
to submit the enrollment fee.
Comment: A commenter stated that
requiring two enrollment fees for a
provider enrolling as two different
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5914
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
Medicare provider types—such as
DMEPOS suppliers and mass
immunizers—would be inconsistent
with CMS’ proposed one-fee policy for
dually enrolled providers, that is those
enrolled in Medicare and Medicaid.
Similarly, a commenter stated that if
physicians functioning as DMEPOS
suppliers for their patients are subjected
to the additional screening mechanisms
in the ‘‘Moderate’’ and ‘‘High’’ screening
levels, many physicians will simply
relinquish the services they provide as
DMEPOS suppliers with minimal to no
benefit to CMS’s anti-fraud efforts.
Response: The ACA specifically
excludes physicians and nonphysician
practitioners from paying the
application fee. Physicians or nonphysician practitioner organizations that
elect to apply to enroll in Medicare as
something other than a physician or
nonphysician practitioner, for example,
submitting an CMS–855S to enroll as a
DMEPOS supplier, are applying to
enroll as an institutional provider not as
a physician or nonphysician
practitioner. Accordingly, applications
to enroll as institutional providers are
subject to submitting the application
fee. Individual institutional providers
that enroll in Medicare and Medicaid
will be required to pay only one
application fee per enrollment. Entities
or individuals that enroll only in
Medicare or only in Medicaid as more
than one kind of institutional provider,
for example, a DMEPOS supplier and a
home health agency, will be required to
submit the fee for each enrollment.
Comment: A commenter suggested
that providers submit one application
for all commonly-owned entities, with
addenda to address each specific entity
as needed. A single fee for each provider
would be paid by the parent. The
commenter added that if multiple
application fees are required for
providers and suppliers wholly owned
by the parent entity, a cap of $5,000.00
per year in application fees should be
instituted.
Response: The ACA requires each
institutional provider to pay the fee, in
the amount specified in the statute. In
general, most providers and suppliers
must report each practice location on
the enrollment Form CMS–855;
however, the provider or supplier may
list multiple practice locations on one
Form CMS–855. The rules for DMEPOS
suppliers, FQHCs and IDTFs are
different; these entities must enroll each
practice site separately—with separate
for CMS–855. Because of these
differences among the different
categories of providers and suppliers,
we believe it is most prudent to rely
upon the requirement that a provider or
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
supplier will simply pay the application
fee whenever a Form CMS–855 is
submitted.
Comment: A commenter suggests that
CMS specifically exempt physical
therapists in private practice from
paying an enrollment fee when
enrolling as a DMEPOS supplier with
NSC. The commenter acknowledges that
physical therapists in private practice
are listed under ‘‘eligible professionals.’’
Response: As with physicians,
physical therapists that enroll as
individual practitioners will be exempt
from the fee. DMEPOS suppliers that are
owned by a physical therapist are
institutional providers and as a result
are subject to the fee.
Comment: A commenter stated that
CMS should exempt recertification, reenrollment, or other actions not related
to a change in ownership from the
application fee.
Response: The ACA specifically
provides for the fee to be paid for
revalidating institutional providers,
section 1866(j)(2)(C) of the Act.
Comment: A commenter suggested
that a provider or supplier enrolled in
more than one program (that is,
Medicare, Medicaid or CHIP) be subject
to only one application fee.
Response: We agree. Duallyparticipating providers and suppliers
will only be subject to the application
fee at the time of Medicare enrollment
or revalidation.
Comment: A commenter requested
clarification on whether a fee is charged:
(1) For each individual provider
associated with a facility or institution,
or (2) per facility. The commenter
recommended a sliding fee based on the
size and number of employees the
facility has.
Response: Under the ACA, a fee is
required only from institutional
providers. Therefore, if the commenter
is referring to individual physicians or
non-physician practitioners who are
associated with an institutional provider
or supplier, the individual physician or
non-physician practitioner would not be
required to submit an application fee.
Only the facility or institutional
provider with which they are associated
would be required to submit the fee. If
the commenter was referring to
affiliated entities that would be
considered institutional providers, then
each of those institutional providers
would be required to submit the fee as
would the institutional provider with
which they are associated.
Comment: The same commenter also
recommended a sliding scale for the fee
that would be based on the size of the
provider or facility and the number of
employees.
PO 00000
Frm 00054
Fmt 4701
Sfmt 4700
Response: The application fee is
derived from a statutorily-mandated
formula. Neither CMS nor the States
have the discretion to change the
amount of the fee.
Comment: A number of commenters
requested clarification regarding
whether a State is required to collect the
application fee for Medicaid-only or
CHIP-only providers, or if the collection
of this fee is at a State’s discretion. One
commenter stated that it should
continue to be at a State’s discretion.
Response: Section 1866(j)(2)(C)(ii) of
the Act requires that the fee be imposed
for institutional providers, and the State
will be required to collect the fee in the
case of Medicaid-only and CHIP-only
institutional providers. In addition to
the providers and suppliers subject to
the application fee under Medicare,
Medicaid-only and CHIP-only
institutional providers would include
nursing facilities, intermediate care
facilities for persons with mental
retardation (ICF/MR), psychiatric
residential treatment facilities, and may
include other institutional provider
types designated by a State in
accordance with their approved State
plan. Under section 1866(j)(2)(C)(iii) of
the Act, we may grant case-by-case
exceptions to the application fee, based
upon a demonstration of hardship, and
in those instances, the State would not
be required to collect the fee from
Medicaid-only and CHIP-only
institutional providers. Additionally,
section 1866(j)(2)(C)(iii) of the Act
permits the Secretary to waive the
application fee for providers enrolled in
a State Medicaid program for whom the
State demonstrates the imposition of the
fee would impede beneficiary access to
care. If a State is concerned that the
imposition of the application fee may
adversely impact beneficiary access to
care, we encourage them to seek a
waiver of the fee in those circumstances.
Comment: One commenter asked
whether a State could choose to lower
the fee from $500 to a different amount,
for example, $250.
Response: The amount of the
application fee is derived from a
statutorily-mandated formula. States do
not have discretion to change the
amount of the fee that is collected from
Medicaid-only or CHIP-only
institutional providers.
Comment: One commenter asked that
if a State elects not to collect the
application fee, would the cost of
screening be eligible for FFP.
Response: As stated previously,
Section 1866(j)(2)(C)(ii) of the Act
requires that the fee be imposed for
institutional providers, and the State
will be required to collect the fee in the
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
case of Medicaid—only and CHIP—only
institutional providers. However, to the
extent that the costs associated with
performing the screening exceed the
amounts collected as a result of the
application fees, these costs would be
eligible for FFP.
Comment: One commenter requested
that CMS describe the process for
determining whether the Medicaid and
CHIP application fee exceeds the cost of
provider screening.
Response: States will be required to
account for the costs of the provider
screening program and measure it
against total fees collected. If the cost of
the program exceeds fees collected, then
the State can claim FFP for excess cost.
Note, that this requires that principles of
OMB Circular A–87 be properly applied
and that total fees collected serve as an
applicable credit to the Medicaid
program.
Comment: One commenter requested
that CMS confirm whether the
application fee is intended to cover both
State and Federal share of the costs.
Response: The application fees
collected by the State must be used to
offset the total cost, both State and
Federal share, of the screening program.
As stated in the proposed rule, if the
fees collected by a State agency exceed
the cost of the State’s screening
program, the State agency must return
that portion of the fees to the Federal
Government.
Comment: One commenter asked if
States would be eligible for enhanced
Federal match for changes to provider
enrollment and claims processing
systems that implement reporting and
screening requirements.
Response: If the changes are to the
MMIS for purposes of Medicaid
provider enrollment and Medicaid
claims processing, then States may be
eligible for the enhanced match rate
(either 90 percent for enhancements/
new functionality or 75 percent for
ongoing maintenance and operations).
States must contact their CMS Regional
Office to determine whether an advance
planning document (APD) is required.
Comment: One commenter requested
clarification on how the state should
record expenditures on necessary MMIS
changes to implement the rule, prior to
collecting the application fee.
Response: All State share costs
including those involving the
enhancement and operation of the
MMIS in addition to administrative
costs related to provider screening and
reporting as specified in the proposed
regulation (§ 455.460) are to be included
in the screening program costs and
offset by the application fees collected
by the State. We understand that the
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
MMIS costs may be matched at higher
rates (90 percent for development and
75 percent for operation). States will be
required to report the 10 percent and 25
percent State share of the MMIS costs
associated with the screening program
and offset the application fee against
such costs. In the event that the
application fees are greater than the
costs for the screening program for any
reporting period, the State will refund
the difference to CMS. Please refer to
OMB Circular A–87, ‘‘Cost Principles for
State, Local, and Indian Tribal
Governments’’ for guidance in the
reporting of the application fees as an
applicable credit.
Comment: One commenter asked if
the application fee is an allowable cost
report expense for Medicaid and CHIP
providers.
Response: If a Medicaid-only or CHIPonly institutional provider is subject to
the application fee, this could be
considered an allowable cost report
expense. This determination would be
governed by the State’s approved
reimbursement methodology within its
State plan.
Comment: One commenter asked if
the amount of the fee could be included
in determining a government provider’s
cost based rates.
Response: Yes, if the application fee
is imposed on a government
institutional provider, then the amount
of the fee could be included in
determining the government provider’s
cost-based rates.
Comment: A few commenters asked if
a State is permitted to have the
applicant/provider pay the fees
associated with fingerprinting and
conducting criminal history checks.
Response: The application fee is
intended to cover the costs associated
with the State’s Medicaid or CHIP
provider screening program. It is
permissible for the State to require the
provider to pay the costs associated
with capturing fingerprints. However,
we expect that the amount of funds
collected by imposition of the
application fee should be used by the
State to fund the costs incurred by the
State associated with processing the
fingerprints and conducting the
criminal background checks.
Comment: A number of commenters
stated that local education agencies (that
is, public schools) should be exempt
from having to pay the application fee.
Response: To the extent that a State
determines, consistent with the
approved State plan, that a local
education agency is an institutional
provider for purposes of this provision,
then it would be subject to the
application fee.
PO 00000
Frm 00055
Fmt 4701
Sfmt 4700
5915
Comment: A few commenters
requested that CMS clarify whether the
application fee applies to institutional
providers only under Medicaid and/or
CHIP, and what types of Medicaid and
CHIP providers are considered
institutional.
Response: We will clarify in the
regulation that the application fee does
not apply to physicians or other
individual non-physician practitioners
such as nurse practitioners under
Medicaid and/or CHIP. Medicaid-only
and CHIP-only institutional providers
that would be subject to the application
fee include: Medicaid-only nursing
facilities, intermediate care facilities for
persons with mental retardation (ICF/
MR), and psychiatric residential
treatment facilities. Additionally, a State
may impose the application fee on other
types of Medicaid-only or CHIP-only
institutional providers, consistent with
their approved State plan.
Comment: One commenter asked if
pharmacies are considered institutional
providers for purposes of the
application fee.
Response: In the Medicare program,
pharmacies are generally enrolled as
DMEPOS suppliers, and thus are
considered institutional providers for
the purposes of the application fee.
Therefore, pharmacies would be subject
to the application fee, and it would
likely be imposed at the time of
Medicare enrollment or revalidation.
Comment: One commenter suggested
that the application fee requirement
should provide an exception for
providers that are required to pay a preexisting State-level application or
certification fee to enroll in the
Medicaid program.
Response: The enrollment screening
activities are distinct from Statelicensing and certification activities that
seek to address conditions of
participation or structures, processes
and outcomes to support quality of care
for the beneficiaries. The application fee
is intended to support provider
screening activities as part of
enrollment.
Comment: A number of commenters
requested that CMS provide further
guidance regarding the manner in which
States will be expected to report the
costs associated with screening. One
commenter specifically requested
whether CMS will want screening costs
detailed per screening, per provider (for
example, detailed travel expenses for
site visits) or if a more generic reporting
of screening cost is expected.
Response: We anticipate that a State
will be required to report the costs
associated with its provider screening
program on a semi-annual or annual
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5916
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
basis. Although we do not anticipate
requiring States to routinely report very
detailed information such as detailed
travel expenses for a site visit, this
information should be maintained by
the State and be made available upon
request if necessary for conducting an
audit or other oversight activities.
Additional guidance for States will be
forthcoming regarding the specific form
and manner of reporting.
Comments: One commenter requested
that CMS clarify whether the
application fee be designed to include
current program integrity activities, or
whether the State will be expected to
track the increased expenditures of PI
activities resulting from this regulation
separate from historic PI activities.
Response: The application fee may
only be used by the State to offset the
cost of the provider screening program.
It is not permissible for a State to design
the fee in any manner that would
include current program integrity
activities. If the fees collected by a State
agency exceed the cost of the screening
program, the State agency must return
that portion of fees to the Federal
Government.
Comment: One commenter
recommended that CMS provide a
comprehensive exception for out-ofState providers providing emergency
services to managed care members,
stating that such an exception would
allow for timely access to critical
services for managed care enrollees.
Response: After considering the
comment, we are not inclined to
provide a comprehensive exception to
the application fee in this circumstance.
We believe that the overwhelming
majority of providers that provide
emergency services to out-of-State MCO
members are dually-participating
providers, and would thus be subject to
the application fee at the time of
Medicare enrollment. Furthermore,
there are additional Federal laws that
exist to safeguard beneficiary well-being
in emergency situations, such as, the
Emergency Medical Treatment and
Active Labor Act (EMTALA).
Comment: A few commenters stated
that each State should have the
flexibility to waive the application fee,
for particular providers or a class of
providers, if it determines that this
would help assure access to services for
beneficiaries.
Response: We agree and will clarify
that a State, in consultation with the
Secretary, may waive the application fee
for Medicaid-only or CHIP-only
providers if the State demonstrates that
imposition of such a fee will impede
beneficiary access to care.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Comment: One commenter stated that
providers who have already paid the fee
to their own State’s Medicaid or CHIP
program should also be exempt, if the
provider is already enrolled in one and
applies to the other.
Response: We agree that providers
enrolled in more than one program, be
it Medicare, Medicaid, and CHIP,
including Medicaid and CHIP in
multiple States must only be required to
pay the application fee once.
Comment: One commenter urged
CMS to expand the exemption
provisions to allow an exemption for
providers in medically underserved
areas as well as those whose patient
population are overwhelmingly
Medicaid beneficiaries.
Response: We are committed to
assuring access to care and services for
program beneficiaries and will clarify
that a State, in consultation with the
Secretary, may waive the application fee
for Medicaid-only or CHIP-only
providers if the State demonstrates that
imposition of such a fee will impede
beneficiary access to care.
Comment: A few commenters
expressed concern that requiring
providers to pay a non-refundable
application fee to participate in the
Medicaid program will decrease the
likelihood that providers will choose to
participate.
Response: We are committed to
assuring access to care and services for
program beneficiaries and will clarify
that a State, in consultation with the
Secretary, may waive the application fee
for Medicaid-only or CHIP-only
providers if the State demonstrates that
imposition of such a fee will impede
beneficiary access to care.
Comment: A number of commenters
requested clarification as to the process
that a Medicaid agency would use to
determine if a provider has paid an
application fee to Medicare or another
State. One commenter specifically
requested clarification on whether the
Medicare revalidation fee is applicable
to payments made in one calendar year
only when considered for Medicaid
program(s). Will waiver programs honor
fees made to Medicare? How will
Medicaid honor a Medicare fee when
the revalidation is a different time
period?
Response: The basic concept of the
screening and enrollment provisions
included in this regulation is that
Medicaid will accept Medicare
screening for providers that receive
payments from both Medicare and
Medicaid. For dually-participating
providers, the application fee is
imposed at the time of Medicare
enrollment and no additional screening
PO 00000
Frm 00056
Fmt 4701
Sfmt 4700
fee is imposed by the State regardless of
the time period or revalidation cycle.
For institutional providers that
participate only in Medicaid, the State
Agency is responsible for assuring that
the provisions of the regulation are met.
Institutional providers will be required
to submit the application fee to only one
program. We believe these operational
logistics are more appropriately
addressed in subregulatory guidance.
We will be issuing subregulatory
guidance to assist States with the
operational aspect of implementing this
provision in the near future.
Comment: One commenter supported
the proposal that for dually
participating providers, the application
fee would be imposed at the time of
Medicare enrollment.
Response: We agree and are finalizing
this provision accordingly.
Comment: One commenter
encouraged CMS to consider
establishing a lower price point or
expedited review for providers in the
lower risk group.
Response: The amount of the
application fee is derived from a
statutorily-mandated formula. Neither
CMS nor the States have discretion to
change the amount of the fee that is
collected from Medicaid-only or CHIPonly institutional providers.
Comment: One commenter requested
clarification that ongoing resubmissions
do not trigger the application fee and
that the fee will merely be levied
through the actual recertification
process.
Response: The ACA authorizes fees
for new enrollment and revalidation of
enrollment. Simple changes to the
provider enrollment information, that is,
new phone numbers, new bank account
information, new billing address,
change in name of provider or other
such updates are not subject to the fee.
They will apply to newly-enrolling
providers, revalidating providers and
creation of new practice locations.
Comment: A commenter noted that
the application fee and other provisions
are effective on March 23, 2011. The
commenter stated, however, that CMS
must first complete the notice and
comment rulemaking process. The
commenter recommended that CMS
implement the application fee only after
a final regulation has been issued and
the public has been given at least 60
days notice.
Response: We agree with the
commenter and we are finalizing the
regulation in regard to the application
fee. It will be displayed for 60 days prior
to the effective date on March 25, 2011.
Comment: A commenter stated that
some of the provider types listed under
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
the definition of ‘‘institutional provider’’
do not bill Medicare on a fee-for-service
basis. For example, RHCs and FQHCs
bill Medicare on a cost-based, allinclusive rate basis. The commenter
believes this distinction is significant
because on past occasions when the
Congress authorized certain incentive
payments and linked those payments to
the ‘‘fee-for-service’’ payment, RHCs and
FQHCs were excluded from those
incentive payment programs. The
commenter believes it was unfair to
deny certain providers from
participating in programs because they
are not ‘‘fee-for-service,’’ but then
mandate their inclusion in other
initiatives reserved for ‘‘fee-for-service’’
providers. Moreover, the commenter
stated that RHCs and FQHCs are by
definition located in areas designated as
underserved or serving populations
with a demonstrated problem accessing
the healthcare delivery system.
Imposing an application fee on these
providers will only serve as a further
barrier to access to care. The commenter
believes that the term ‘‘institutional
providers’’ should exclude new entities
seeking designation as RHCs and FQHCs
and include only those providers that
bill Medicare on a fee-for-service basis.
Another commenter believes that the
term ‘‘institutional provider’’ refers to
providers whose beneficiaries are
institutionalized; the proposed rule’s
envisioned use of the term is therefore
inappropriate. The commenter
suggested using the term ‘‘noninstitutional provider.’’
Response: In the NPRM, we proposed
a definition of institutional provider
that does not distinguish among
providers or suppliers based on which
version of the form 855 they submit, or
whether they submit the form
electronically. We are finalizing this
definition. The distinction on payment
methods the commenter suggests is not
related to the definition of institutional
provider used in this rule. Physician
and practitioner organizations are
exempt from the application fee by
statute; the exemption is not affected by
how they are reimbursed. In addition,
the inpatient status of patients has no
bearing on whether a provider or
supplier is considered an institutional
provider in this rule. For example,
hospitals are institutional providers as
are home health agencies and DMEPOS
suppliers.
If certain institutional providers and
suppliers such as FQHCs and RHCs may
face financial obstacles to paying the
application fee, they can seek a waiver
of the fee based upon a request for a
hardship exception for Medicare or a
request for a hardship waiver for
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Medicaid. Newly enrolling institutional
providers and suppliers that are seeking
such a waiver must submit a request for
the hardship exception at the time of
filing a Medicare enrollment application
on or after March 25, 2011.
Comment: A commenter stated that
the proposed rule indicates that the fee
will be applied only to those providers
that bill ‘‘Medicare, Medicaid, or CHIP
on a fee-for-service basis.’’ The
commenter stated that most Indian and
tribal providers are reimbursed either on
the encounter rates established annually
by CMS and IHS for Indian health
programs or on FQHC encounter rates.
The commenter requested clarification
as to whether Indian and tribal
providers will therefore be exempt from
the application fee. The commenter
added that the proposed rate of increase
in the fee has often exceeded the
increase in funding for Indian and tribal
programs. Finally, the commenter stated
that CMS failed to seek an exchange of
views, information, or advice from the
Tribal Technical Advisory Group
(TTAG) or to consult directly with
Tribes or confer with urban Indian
organizations. Unless Indian and tribal
health programs are exempt from these
rules, the commenter believes that the
effective date should be delayed,
discussions with the TTAG and
consultation with Tribes held, after
which the proposed rules with any
changes that result from the advice and
consultation be published with a new
comment period.
Response: We are statutorily unable to
exempt IHS, Tribal, and Urban (I/T/U)
Indian health programs from these rules
or to delay the effective date. Moreover,
we do understand Tribal concerns about
not having the opportunity to provide
advice on this regulation. All I/T/U’s are
eligible to apply for the hardship
exception to the application fee and
CMS is committed to working with
Tribes, the TTAG and I/T/Us in
implementing requests for hardship
exceptions.
4. Final Application Fee Provisions—
Medicare, Medicaid, and CHIP
This final rule with comment period
finalizes the provision of the proposed
rule in regards to the application fees
with the following exceptions:
In § 424.514, we modified our
proposal as follows:
• Added language to clarify that a
provider or supplier may submit both an
application fee and hardship exception
waiver to avoid delays in the processing
of the application if the hardship
exception is not approved at
§ 424.514(a) and (b).
PO 00000
Frm 00057
Fmt 4701
Sfmt 4700
5917
• Added language at § 424.514(d)(2)
clarifying that the application fee is
non-refundable except in the
circumstance where the provider or
supplier opts to submit both an
application fee and a hardship waiver
request and the waiver request is
subsequently approved.
• Added language to clarify that if a
provider submits a hardship exception
request without an application fee, and
CMS does not approve the hardship
exception request, CMS will notify the
provider or supplier and allow the
provider or supplier thirty (30) days
from the date of notification to submit
the application fee at § 424.514(h).
• Added language that specifies that
States must collect the applicable
application fee from Medicaid-only and
CHIP-only providers and suppliers at
§ 455.460.
C. Temporary Moratoria on Enrollment
of Medicare Providers and Suppliers,
Medicaid and CHIP Providers
1. Statutory Changes
Section 6401(a) of the ACA amended
section 1866(j) of the Act by adding a
new section 1866(j)(7) of the Act, which
provides that the Secretary may impose
temporary moratoria on the enrollment
of new Medicare, Medicaid, or CHIP
providers and suppliers, including
categories of providers and suppliers, if
the Secretary determines such moratoria
are necessary to prevent or combat
fraud, waste, or abuse under the
programs.
Section 6401(b)(1) of the Act adds
specific moratorium language applicable
to Medicaid at section 1902(kk)(4) of the
Act, requiring States to comply with any
temporary moratorium imposed by the
Secretary unless the State determines
that the imposition of such moratorium
would adversely affect Medicaid
beneficiaries’ access to care. Section
1902(kk)(4)(B) of the Act further permits
States to impose temporary enrollment
moratoria, numerical caps, or other
limits, for providers identified by the
Secretary as being at high risk for fraud,
waste, or abuse, if the State determines
that the imposition of such moratorium,
cap, or other limits would not adversely
impact Medicaid beneficiaries’ access to
care.
Section 1866(j)(7) of the Act uses the
term ‘‘providers of services and
suppliers.’’ Although, as noted
previously, the Medicaid program does
not use the term ‘‘suppliers,’’ section
1902(kk)(4) of the Act refers to
‘‘providers and suppliers.’’ In this
regulation, for uniformity with sections
II A. and B. of this final rule with
comment period, we are using the term
E:\FR\FM\02FER2.SGM
02FER2
5918
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
‘‘providers and suppliers’’ in lieu of the
term ‘‘provider of services and
suppliers.’’ We are using the term
‘‘provider’’ or ‘‘Medicaid provider’’ or
‘‘CHIP provider’’ in lieu of the term
‘‘provider or supplier’’ when referring to
all Medicaid or CHIP health care
providers, including, but not limited to,
providers and suppliers of Medicaid
items or services, individual
practitioners, and institutional
providers.
rmajette on DSK29S0YB1PROD with RULES2
2. Proposed Temporary Moratoria
Provisions
a. Medicare
We proposed at § 424.570(a) that we
may impose a temporary moratorium on
the enrollment of new Medicare
providers and suppliers in 6 month
increments in situations where—
(1) CMS, based on its review of existing
data, without limitation, identifies a
trend that appears to be associated with
a high risk of fraud, waste or abuse,
such as highly disproportionate number
of providers or suppliers in a category
relative to the number of beneficiaries or
a rapid increase in enrollment
applications within a category suggests
that there is a significant potential for
fraud, waste or abuse with respect to a
particular provider or supplier type or
particular geographic area or both; (2) a
State has imposed a moratorium on
enrollment in a particular geographic
area or on a particular provider of
supplier type or both; or (3) CMS, in
consultation with the HHS OIG or the
Department of Justice (DOJ) or both and
with the approval of the CMS
Administrator identifies either or both
of the following as having a significant
potential for fraud, waste or abuse in the
Medicare program:
• A particular provider or supplier
type.
• Any particular geographic area.
As part of the CMS decision making
process, we will consider any
recommendation from the DOJ, HHS
OIG, or the GAO to impose a temporary
moratorium for a specific provider or
supplier type in a specific geographic
area.
We believe that imposing moratoria
will, among other things, allow us to
review and consider additional
programmatic initiatives, including the
development of additional regulatory
and sub regulatory provisions to ensure
that Medicare providers and suppliers
are meeting program requirements,
beneficiaries receive quality care, and
that an adequate number of providers of
suppliers exists to furnish services to
Medicare beneficiaries.
We also proposed that enrollment
moratoria be limited to: (1) Newly
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
enrolling providers and suppliers (that
is, initial enrollment applications); and
(2) the establishment of new practice
locations, not to a change of practice
locations. The temporary moratoria will
not apply to existing providers or
suppliers of services unless they were
attempting to expand operations to new
practice locations where a temporary
moratorium was imposed. Moreover, the
temporary moratoria would not apply in
situations involving changes in
ownership of existing providers or
suppliers, mergers, or consolidations.
We also proposed at § 424.570(b) that
a temporary enrollment moratorium
would be imposed for a period of 6
months, and such moratorium could be
extended by CMS in 6 month
increments if we continue to believe
that a moratorium is needed to prevent
or combat fraud, waste, or abuse. The
Secretary will re-evaluate whether a
moratorium should continue prior to
each 6 month expiration date.
We also proposed at § 424.570(c) that
we will deny enrollment applications
received from providers or suppliers
covered by an existing moratorium. We
noted that denial of Medicare billing
privileges is subject to the
administrative review process
established in § 405.874. Accordingly,
we believe that a provider or supplier
also is afforded the right to appeal a
Medicare contractor determination to
deny enrollment into the Medicare
program.
In § 424.530(a)(10), we proposed
adding a new reason why we can deny
Medicare billing privileges. Specifically,
we proposed a new § 424.530(a)(10) to
state, ‘‘A provider or supplier submits an
enrollment application for a practice
location in a geographic area where
CMS has imposed a temporary
moratorium.’’ Further, in § 498.5(l)(4),
we proposed that the scope of review for
appeals of denials under
§ 424.530(a)(10) based upon a provider
or supplier being subject to a temporary
moratorium will be limited to whether
the temporary moratoria applies to that
particular provider or supplier.
We noted that section 1866(j)(7) of the
Act provides that there shall be no
judicial review of a temporary
moratorium. Accordingly, we proposed
that a provider or supplier may
administratively appeal an adverse
determination based on the imposition
of a temporary moratorium up to and
including the Department Appeal Board
(DAB) level of review.
Finally, we proposed at § 424.570(d)
that we may lift a moratorium in the
following circumstances: (1) In the case
of a Presidentially declared disaster
under the Robert T. Stafford Disaster
PO 00000
Frm 00058
Fmt 4701
Sfmt 4700
Relief and Emergency Assistance Act,
42 U.S.C. 5121 through 5206 (Stafford
Act); (2) circumstances warranting the
imposition of a moratorium have abated
or CMS has implemented program
safeguards to address any program
vulnerability that was the basis for the
moratorium; or (3) in the judgment of
the Secretary, the moratorium is no
longer needed.
We also recognized that in a limited
number of circumstances a State
Medicaid agency may enroll a provider
or supplier into Medicaid during the
temporary moratorium period
established by Medicare. If this occurs
and the prospective Medicare provider
or supplier applies to enroll in the
Medicare program after the temporary
moratorium is lifted, we would use the
screening tools described in section II.A.
of this final rule with comment period.
We also solicited public comment on
specific exemptions to the temporary
moratoria criteria proposed previously.
Prior to imposing a moratorium, we
would assess Medicare beneficiary
access to the type(s) of services that are
furnished by the provider or supplier
type and/or within the geographic area
to which the moratorium would apply.
We would announce the
implementation of a moratorium at any
time when it is being imposed. The
announcement would be made in the
Federal Register and we would also
address it in other methods or forums,
such as Press Releases, at CMS Provider
Open Door Forums, in CMS provider
listservs, and on the CMS Provider/
Supplier Enrollment web page (https://
www.cms.gov/MedicareProviderSup
Enroll). We would also require our
Medicare contractors to post the
moratorium announcement or note the
expiration of a moratorium on their Web
sites. Our Federal Register
announcement would explain in detail
the rationale for the moratorium and the
rationale for the geographic area(s) in
which it would apply.
b. Medicaid and CHIP
Pursuant to section 1902(kk)(4)(A) of
the Act, we proposed at § 455.470(a)(2)
and (3) that a State Medicaid agency
will comply with a temporary
moratorium imposed by the Secretary
unless it determines that the imposition
of such a moratorium would adversely
affect beneficiaries’ access to medical
assistance.
Where the Secretary has imposed a
temporary moratorium in accordance
with § 424.570, and the State has
determined that compliance with such a
moratorium would adversely impact
Medicaid beneficiaries’, or CHIP
participants’, as the case may be, access
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
rmajette on DSK29S0YB1PROD with RULES2
to medical assistance, section
1902(kk)(4)(A)(ii) of the Act creates an
exception for the State from complying
with the moratorium. We proposed that
the State provide the Secretary with
written details of the moratorium’s
adverse impact on Medicaid
beneficiaries. Prior to the Secretary
imposing such a moratorium in any
State, we proposed at § 455.470(a)(1)
that the Secretary consult with the State,
so that the State may have an
opportunity to seek an exception from
the moratorium.
Pursuant to section 1902(kk)(4)(B) of
the Act, States have authority to impose
moratoria, numerical caps, or other
limits for providers that are identified
by the Secretary as being at ‘‘high’’ risk
for fraud, waste, or abuse. We proposed,
at § 455.470(b) that where the State
identifies a category of providers as
posing a significant risk of fraud, waste,
or abuse, the State must seek our
concurrence with that determination
and provide us with written details of
the proposed moratorium, including the
anticipated duration, and with a
substantial justification explaining why
disallowing newly enrolling providers
would reduce the risk of fraud. We
proposed at § 455.470(c) that States’
moratoria would be imposed for a
period of 6 months and may be
extended in 6 month increments.
Section 2107(e)(1) of the Act provides
that all provisions that apply to
Medicaid under sections 1902(a)(77)
and 1902(kk) of the Act apply to CHIP.
Accordingly, we proposed in new
regulation § 457.990 that all the
provider screening, provider
application, and moratorium regulations
that apply to Medicaid providers also
apply in providers that participate in
CHIP.
3. Analysis of and Responses to Public
Comment
Below is a summary of the comments
we received regarding the temporary
enrollment moratoria.
Comment: A commenter expressed
support for our proposal to establish a
moratorium on new providers or new
practice locations only when it is
believes through the agency’s review
that a risk of fraud and abuse is
detected. The commenter, however,
requested CMS to: (1) To review the
proposed 6-month timeframe for the
moratoria, (2) add more flexibility to the
standard if it is determined that 6
months is too long, and (3) give the
provider community an opportunity to
comment prior to its effective date.
Another commenter stated that a
moratorium is a drastic remedy that
should only be used when CMS can
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
clearly articulate the basis for imposing
such an extreme measure. CMS must, in
such cases, publish: (1) The data it used
to determine a moratorium was
necessary, (2) the steps it will take to
resolve the issues that gave rise to the
need for the moratorium, and (3) when
it expects to lift the suspension in new
enrollments.
Response: We believe that the rule as
proposed directly addressed the
timeframe, standards, and process for
imposing, explaining the rationale for,
and lifting an enrollment moratorium;
because we received multiple related
comments, this response should be read
in conjunction with the discussion of
those comments. The ACA gives the
Secretary broad authority to impose a
temporary moratorium on the
enrollment of new providers and
suppliers if the Secretary determines
that a moratorium is necessary to
prevent fraud, waste or abuse in
Medicare, Medicaid or CHIP. After
considerable discussion within CMS
and HHS, the proposed rule was
published proposing that an initial
temporary enrollment moratorium
would be imposed for a period of
6 months, with possible extensions in 6month increments should the Secretary
determine that the moratorium was still
needed. The 6-month duration was
proposed in the NPRM because it was
sufficiently long to enable an
assessment of its impact on the
circumstances that the moratorium was
designed to address. The proposed rule
also included criteria for when the
Secretary would consider imposition of
a temporary enrollment moratorium,
and the circumstances under which
such a temporary enrollment
moratorium would be lifted. The
proposed rule also indicated that we
would announce the implementation of
a moratorium at any time, that the
announcement would be made in the
Federal Register, and that the
announcement would explain in detail
the rationale for the moratorium and the
rationale for the geographic area(s) in
which it would apply.
Comment: A commenter stated that
advance public notice in the Federal
Register of a moratorium should be
given. The commenter recognized that
this may lead to a rush to apply prior
to the effective date, but stated that this
could be fixed by limiting the length of
time for the advance notice to 30–60
days.
Response: A temporary moratorium
on enrollment is an action that will only
be used if necessary to fight fraud, waste
or abuse in Medicare, Medicaid, or
CHIP. Moratoria will be imposed only if
based on detailed information
PO 00000
Frm 00059
Fmt 4701
Sfmt 4700
5919
indicating a problem that can be
addressed through a temporary
enrollment moratorium. Although not
required by the ACA to do so, we will
announce the imposition of a
moratorium in the Federal Register. The
announcement would explain in detail
the rationale for the moratorium and the
rationale for the geographic area(s) in
which it would apply. We will not be
providing advance notice of any
planned moratorium as such a notice
would likely cause a rush of
enrollments of the type posing the
problem that would be addressed by the
moratorium.
Comment: Several commenters stated
that applying a moratorium to providers
whose enrollment applications are
pending would be unfair and could—in
light of the efforts and cost the provider
incurred in attempting to enroll—prove
financially harmful. They requested that
CMS limit moratoria to new
applications, not those already
submitted. Another commenter
requested that the moratorium not apply
to applications submitted prior to public
notice of the moratorium being given in
the Federal Register. Another
commenter recommended that CMS
explain: (1) What will happen to an
application submitted by a new
provider when CMS imposes a
temporary moratorium, and (2) whether
pending applications will be processed
when a temporary moratorium is
imposed or whether the application will
be automatically denied using
§ 424.530(a)(10).
Response: In the NPRM, we indicated
both in the preamble and the proposed
regulations that an application to enroll
in Medicare from a provider or supplier
that is subject to a temporary enrollment
moratorium would be denied. With
regard to pending applications, we
interpret the ACA as applying to
pending applications. If a temporary
enrollment moratorium is deemed
necessary for any provider or supplier
type, or for any geographic area, then all
enrollment applications from
unenrolled providers and suppliers of
the type subject to the temporary
enrollment moratorium or in the
geographic area subject to the
moratorium would be denied. However,
we will not deny any enrollment for
which the Medicare enrollment
contractor has completed review of the
application and has determined that the
provider or supplier meets all the
requirements for enrollment and all that
remains is to assign appropriate billing
number(s) and enter the provider or
supplier into PECOS.
Comment: A commenter stated that in
CMS’s manual instructions, it describes
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5920
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
a provider enrollment fraud detection
program for high-risk areas, but that this
process is not discussed in the proposed
rule. The commenter requested that
CMS explain the nexus, if any, between
this fraud detection program and the
policy described in the temporary
moratorium provisions contained in this
proposed rule. The commenter also
requested that CMS explain whether it
will use data submitted or obtained
from its contractors in determining
whether to impose a temporary
moratorium.
Response: We plan to revise our
manuals to be consistent with the
provisions of the final rule with
comment period. We plan to use data
from many sources in making a decision
about imposing a temporary
moratorium—including data from our
contractors.
Comment: One commenter
recommended that CMS: (1) Explain
why it is not using section 1866(j)(3) of
the Act, related to a provisional period
of enhanced oversight for new providers
and suppliers, in the process of
establishing a temporary moratorium,
and (2) publish a Federal Register
Notice explaining its reasons and
rationale for establishing a temporary
moratorium for a provider or supplier.
Response: Section 1866(j)(3) of the
Act is not a part of this final rule with
comment period. Moreover, its
provisions can be implemented by
subregulatory instructions. We plan to
implement the provisions in that
fashion and in concert with the
provisions of this rule and other CMS
regulations governing program integrity.
As stated in a response to a previous
comment, we will publish a notice of
imposition of a temporary enrollment
moratorium in the Federal Register.
Comment: One commenter expressed
concern that the language associated
with the temporary moratoria provision:
(1) Is vague, (2) does not provide
sufficient information on the specific
triggers that would cause CMS to
suspect that a provider or group of
providers is committing fraud, and (3)
does not identify the situations in which
the moratoria would be applied. The
commenter feared that certain providers
or suppliers could be prevented from
providing services in a particular area
without sufficient grounds and that
patient access to care could be hindered
in the process. The commenter
recommended that CMS specifically
define the parameters and triggers that
CMS intends to use in imposing or
enforcing a moratorium on the
enrollment of new Medicare providers
or suppliers. Another commenter
expressed concern with the general
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
nature of the proposed temporary
moratoria provisions because it could
lead to an abuse of discretion or
arbitrary and capricious decisionmaking with little recourse beyond the
internal review process. The commenter
was also concerned with the proposed
length of the moratorium, stating that a
6 month period: (1) Cannot be
reasonably inferred from the Congress
having authorized ‘‘temporary’’
moratoria, (2) cannot be considered
‘‘temporary,’’ (3) would have significant
consequences for new physicians
interested in enrolling in the Medicare
program, and (4) should not be extended
because there is no congressional
authority to do so.
Response: As stated previously, the
Affordable Care Act gives the Secretary
broad authority to impose a temporary
moratorium. After considerable
discussion within CMS and HHS, the
proposed rule was published proposing
that an initial temporary enrollment
moratorium would be imposed for a
period of 6 months, with possible
extensions in six month increments
should the Secretary determine that the
moratorium was still needed. The 6
month duration was proposed in the
NPRM because it was sufficiently long
to enable an assessment of its impact on
the circumstances that the moratorium
was designed to address, and would
afford us the opportunity to determine
whether the circumstances warranting
the imposition of a temporary
enrollment moratorium have abated or
we have implemented program
safeguards to address program
vulnerabilities. With regard to the
temporary nature of a moratorium, we
would note that the NPRM explicitly
indicated that an initial moratorium
would be for a 6 month period, not an
indefinite period. Regarding the impact
a temporary enrollment moratorium
would have on beneficiary access to
care, we stated in the NPRM that we
will assess Medicare and Medicaid
beneficiaries’ and CHIP participants
access’ to the types of services that are
furnished by the provider or supplier
type and/or within the geographic area
to which the moratorium would apply.
We take seriously our responsibility to
assure that all Medicare beneficiaries
have access to the services and supplies
they need. With regard to extending
moratoria, we would note that, as stated
previously, the Secretary has broad
authority to impose a moratorium. The
statute confers on the Secretary the
responsibility and authority to make the
judgment about the need for moratoria—
whether initial or an extension—if the
PO 00000
Frm 00060
Fmt 4701
Sfmt 4700
circumstances requiring the moratorium
are still present.
Comment: A commenter stated that
CMS failed to outline the criteria it will
use to make the determination that a
moratorium is to be extended.
Response: We would not impose a
temporary enrollment moratorium
without an adequate rationale. Should it
be necessary to impose a temporary
enrollment moratorium on any provider
or supplier type, we will discuss the
issues associated with the decision to
impose a temporary enrollment
moratorium in a public notice in the
Federal Register.
In the NPRM, we listed some
examples of circumstances that could
lead to the imposition of a temporary
enrollment moratorium in situations
where: (1) CMS, based on its review of
existing data, identifies a trend that
appears to be associated with a high risk
of fraud, waste or abuse, such as highly
disproportionate number of providers or
suppliers in a category relative to the
number of beneficiaries or a rapid
increase in enrollment applications
within a category determines that there
is a significant potential for fraud, waste
or abuse with respect to a particular
provider or supplier type or particular
geographic area or both, (2) a State has
imposed a temporary enrollment
moratorium, or (3) CMS in consultation
with the Department of HHS Office of
Inspector General or the Department of
Justice or both identifies either or both
a particular provider or supplier type or
a particular geographic area as having
significant potential for fraud, waste, or
abuse. We also included in the NPRM
the reasons a temporary enrollment
moratorium could be lifted. The
decision to extend a moratorium would
be based on the proposals in the NPRM
and would take into account the extent
to which the conditions necessitating
the moratorium were still present.
Comment: A commenter requested
clarification regarding the term
‘‘geographic area’’ as it is used in
proposed § 424.530(a)(10).
Response: The geographic area
referred to in § 424.530(a)(10) is the
region that is under a temporary
enrollment moratorium. For example,
this may constitute a county, a number
of counties, state, a number of states,
regions, or MSAs.
Comment: A commenter expressed
support for CMS’s proposal to impose a
temporary moratorium on the
enrollment of new providers or provider
types in a geographic location to prevent
fraud and abuse. However, the
commenter urged CMS to ensure that
such moratoria do not prevent health
care providers in the geographic
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
location from enrolling as an ordering/
referring provider, as a moratorium may
impair these practitioners from
providing Medicare beneficiaries with
needed care.
Response: We take seriously our
responsibility to assure that all
Medicare beneficiaries have access to
the services and supplies they need. As
a part of this assurance, we would
consider the implications of a temporary
enrollment moratorium for physicians
and other eligible professionals who
order and refer services for Medicare.
However, enrollment moratoria imposed
on provider types will not distinguish
between the enrollment purpose, that is,
enrollment for the right to bill Medicare
versus enrollment solely to order and
refer, unless otherwise specified in the
Federal Register. As stated previously,
the notice in the Federal Register will
both discuss the issues associated such
the decision, and identify the provider
types subject to the temporary
enrollment moratoria. We believe the
rationale that supports a decision to put
a temporary enrollment moratorium in
place for those who bill Medicare
should extend to those same types of
providers who seek to enroll to order
and refer. In addition, the enrollment
process solely to order and refer was
established by us for those provider
types that do not typically enroll in
Medicare, such as dentists, other
government agency employees (such as
the Department of Veterans Affairs), and
pediatricians. Therefore, it will be
highly unlikely that those who were
seeking to enroll in order to bill
Medicare will similarly seek to enroll
solely to order and refer. Regarding the
impact a temporary enrollment
moratorium may have on beneficiary
access to needed care, we stated in the
NPRM that we will assess Medicare
beneficiary access to the types of
services that are furnished by the
provider or supplier type and/or within
the geographic area to which the
moratorium would apply.
Comment: A commenter supported
CMS’s statement in the preamble to the
proposed rule that a moratorium shall
not apply to a change of practice
location or to changes of ownership of
existing providers or suppliers.
Response: We agree and plan to
finalize these provisions.
Comment: A commenter
recommended that CMS establish a
temporary moratorium on the
enrollment of slide preparation
Facilities, since these organizations are
not authorized by the Congress to enroll
in or bill the Medicare program.
Response: It would be premature to
identify in this rule any provider or
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
supplier type that might be subject to
imposition of a temporary enrollment
moratorium. Should it be necessary to
impose a temporary enrollment
moratorium on any provider or supplier
type, we will explain the reasons for the
temporary enrollment moratorium in a
public notice in the Federal Register.
Comment: A commenter
recommended that CMS develop and
implement a regulatory-defined process
to utilize when determining whether or
not to mandate a moratorium. The
process should effectively prevent any
negative impact in quality of and access
to care for Medicare beneficiaries or
Medicaid program enrollees.
Response: We would consider a
number of factors in deciding whether
to impose a temporary enrollment
moratorium. These are spelled out in
the proposed rule and include:
situations where: (1) CMS, based on its
review of existing data, identifies a
trend that appears to be associated with
a high risk of fraud, waste or abuse,
such as highly disproportionate number
of providers or suppliers in a category
relative to the number of beneficiaries or
a rapid increase in enrollment
applications within a category
determines that there is a significant
potential for fraud, waste or abuse with
respect to a particular provider or
supplier type or particular geographic
area or both, (2) a State has imposed a
temporary enrollment moratorium, or
(3) CMS in consultation with the
Department of HHS Office of Inspector
General or the Department of Justice or
both identifies either or both a
particular provider or supplier type or a
particular geographic area as having
significant potential for fraud, waste, or
abuse.
As mentioned elsewhere, we
indicated in the NPRM that prior to
imposing a temporary enrollment
moratorium we would assess Medicare
beneficiary access to the type(s) of
services that are furnished by the
provider or supplier type and/or within
the geographic area to which the
moratorium would apply. We also
indicated that if a State has determined
that compliance with a Medicare
imposed moratorium would adversely
impact Medicaid beneficiaries’ or CHIP
participants’ access to care, the State
would not be required to comply with
the moratorium. We and the States take
the assurance of adequate access
seriously.
Comment: A commenter requested
clarification as to the mechanism—for
instance, via the Federal Register—by
which it will announce the lifting of a
temporary moratorium.
PO 00000
Frm 00061
Fmt 4701
Sfmt 4700
5921
Response: We will announce the
imposition of any temporary enrollment
moratorium via a notice published in
the Federal Register. We would also
provide notice on our Web sites,
listservs, and through open door forums.
Similarly, we would provide notice of
the lifting of a moratorium in the
Federal Register. We would also
provide notice on our Web sites,
listservs, and through open door forums.
Comment: A commenter mentioned
that while the preamble of the proposed
rule states that CMS will announce a
moratorium in the Federal Register, the
regulation text does not include a
reference to Federal Register. The
commenter recommended that the
regulation text match the preamble
language.
Response: We agree. We will ensure
that the regulation text matches the
preamble and other portions of this
document.
Comments: A commenter urged CMS
to immediately impose the proposed 6
month moratorium on the new
certification of HHAs and hospices in its
final rule with comment period, stating
that there is a clear relationship between
rapid development of new home health
and hospice providers and the growth in
fraud, abuse and waste. The commenter
added that this will allow some time for
other initiatives and proposals in the
proposed rule to reduce fraud and abuse
before hundreds of more providers enter
the already saturated home health and
hospice programs. For home health, the
commenter stated that the moratorium
should be maintained until new home
health conditions of participation (CoPs)
are implemented by CMS and other
protections against referral abuse can be
implemented by the OIG. For hospices,
the commenter recommended that the
moratorium be maintained until
standardized hospice quality measures
and payment system reforms are
implemented by CMS.
Response: It would be premature to
identify any provider or supplier type
that might be subject to imposition of a
temporary enrollment moratorium, or
the circumstances necessitating such an
action. Should it be necessary to impose
a temporary enrollment moratorium on
any provider or supplier type, we will
explain the reasons for the temporary
enrollment moratorium in a public
notice in the Federal Register. We
specified in the NPRM examples of why
a moratorium would be imposed.
‘‘Revisions to the HHA Conditions of
Participation’’ is not among the
examples we cited for the reason that
moratoria are focused on specific kinds
of problems or areas, and are to be
temporary.
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5922
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
Comments: A commenter requested
that CMS clarify the process for timely
notifying the State Medicaid agency of
a moratorium imposition, and whether
the process will include advance notice.
Response: We will be issuing
subregulatory guidance to assist States
with the operational aspect of
implementing this provision in the near
future.
Comments: A commenter stated that
while a temporary moratorium might be
reasonable in some limited situations,
CMS should make such decisions based
on specialty, not on provider type; for
instance, it would be inappropriate for
all DMEPOS suppliers to be put under
such a moratorium when fraud concerns
do not include orthotists and
prosthetists.
Response: The ACA gives the
Secretary broad authority to impose a
temporary enrollment moratorium. We
believe that circumstances could justify
imposing a temporary enrollment
moratorium on a category of providers
or suppliers and not a subset within a
provider or supplier type. As stated
previously, the Secretary would explain
the reasons for the moratorium in a
Federal Register notice.
Comment: A commenter stated that
the proposed policies need to be
modified to accommodate newly
enrolling physicians (and physicians
establishing new practice locations) in
cases where a moratorium relates to
DMEPOS suppliers. In other words, if
CMS or a State imposes a moratorium
on DMEPOS suppliers, the moratorium
should not apply to newly enrolling
physicians (or physicians establishing a
new practice location) who are now also
required to enroll as DMEPOS suppliers
if they wish to furnish DMEPOS to their
own patients.
Response: In the example cited by the
commenter, physicians enrolled as
physicians to provide medical care
would not be subject to a moratorium on
DMEPOS suppliers. Only the new
DMEPOS suppliers would be subject to
the temporary enrollment moratorium.
Physicians would be able to enroll in
Medicare as physicians for the purpose
of providing medical care (or ordering
or referring medical care or services).
The moratorium would only apply to
the physician if he or she were newly
applying to be a DMEPOS supplier in
the geographic area covered by the
moratorium.
Comment: A commenter suggested
that CMS specify that a moratorium will
not be imposed unless: (1) There is
significant risk of widespread fraud,
waste, or abuse in a specified and
discrete geographic region, and (2) clear
and documented agency analysis
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
showing that the moratorium will not
exacerbate health disparities or create
additional barriers for underserved
communities. Also, CMS should include
greater specificity as to what conditions
would warrant the imposition of a
moratorium and what factors would be
considered to ensure that the harm does
not outweigh the benefit and will not
have a disparate adverse impact on
racially and ethnically diverse
beneficiaries and physicians.
Response: We appreciate the concerns
expressed by the commenter and we are
also concerned about the issues of
access and disparities. As mentioned
previously, we indicated in the
proposed rule that prior to imposing a
temporary enrollment moratorium we
will assess Medicare beneficiary access
to the type(s) of services that are
furnished by the provider or supplier
type and/or within the geographic area
to which a moratorium would apply.
We also indicated that if a State has
determined that compliance with a
Medicare imposed moratorium would
adversely impact Medicaid
beneficiaries’ or CHIP participants’
access to care, the State would not be
required to comply with the
moratorium. CMS and the States take
the assurance of adequate access
seriously. We do not intend to impose
a moratorium that would impede access
to needed services.
Comment: A commenter expressed
concern that CMS’s proposed standards
for implementing a temporary
moratorium on new enrollment of
potentially high risk providers and
suppliers is too broad, and that CMS
could impose a moratorium on new
enrollment of all DMEPOS suppliers,
even though only a subset of suppliers
or a particular region or State poses a
high risk of fraud. CMS should specify
that it will narrowly limit the moratoria
to those provider types or those narrow
geographic regions that generate the
fraud concerns. In particular, the
commenter stated that community
pharmacies face the danger that, in the
midst of preparing to open up, CMS will
impose a moratorium. The commenter
urged that the expansion of an existing
community pharmacy DMEPOS
supplier does not pose a fraud risk and
such an expansion should not be subject
to a possible moratorium. Another
commenter stated that CMS should
adopt a more targeted approach to
moratoria that takes other relevant
factors into consideration, such as the
history or trend in proven fraud and/or
abusive practices for specific types or
categories of providers or suppliers. The
commenter believes that painting all
providers and suppliers in a particular
PO 00000
Frm 00062
Fmt 4701
Sfmt 4700
geographic area with the same broad
brush is too extreme a measure, and that
CMS should not use geography, by
itself, as a determining factor in
imposing a temporary enrollment
moratorium on all providers and
suppliers.
Response: As stated elsewhere in this
document, we will publish a notice in
the Federal Register announcing
imposition of a temporary enrollment
moratorium. This notice would contain
a discussion of the factors associated
with the moratorium. Although there
are clear differences in the levels of
fraud in different geographic areas of the
United States, geography by itself
without any indication of a risk of fraud,
waste or abuse would not be a cause for
a moratorium. Community pharmacies
generally enroll in Medicare as roster
billers for purposes of immunizations,
and as such are listed in the limited risk
level. DMEPOS suppliers that are
owned by a community pharmacy are
enrolled in Medicare as DMEPOS
suppliers and are subject to the supplier
standards for DMEPOS suppliers
(except accreditation under certain
circumstances). If we, on behalf of the
Secretary, determine that a moratorium
is needed for any particular provider or
supplier type or geographic area or both,
we would publish our rationale for the
moratorium in our Federal Register
notice. Decisions to impose a temporary
enrollment moratorium would be made
based on presenting circumstances. It
would not be appropriate to exclude any
provider or supplier category, for
example, DMEPOS suppliers owned by
community pharmacies, from being
subject to a moratorium if the
circumstances warrant the imposition of
a temporary enrollment moratorium.
Comment: Several commenters
recommended that CMS also be
permitted to lift a moratorium if the
Secretary of HHS declares a public
health emergency in an area.
Response: The ACA gives the
Secretary broad authority to impose
temporary enrollment moratoria as a
means to combat fraud, waste or abuse.
The Secretary has considerable
discretion to consider all aspects of the
impact of a possible temporary
moratorium. In the NPRM we proposed
that the Secretary may lift a moratorium
in the following three circumstances: (1)
The President declares an area a disaster
under the Robert T. Stafford Disaster
Relief and Emergency Assistance Act,
(2) circumstances warranting imposition
of moratorium have abated or we have
implemented safeguards to address the
issue that was the cause of such
moratorium, or (3) in the judgment of
the Secretary, the moratorium is no
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
longer needed. Based on the comments
received in response to the NPRM, and
consistent with the broad authority
provided to the Secretary in the
Affordable Care Act, we have decided to
add a public health emergency declared
by the Secretary under section 319 of
the Public Health Service Act to the list
of circumstances the Secretary could
cite in lifting a moratorium. We would
closely evaluate these circumstances in
the decision to continue a temporary
enrollment moratorium.
Comment: A commenter suggested
that CMS include the restrictions listed
in the preamble regarding temporary
moratoria in the regulation text at
§ 424.570.
Response: It is unclear which
provisions included in the preamble of
the NPRM are of concern to the
commenter. However, we will include
any provisions dealing with imposition
of temporary enrollment moratoria at
§ 424.570.
Comment: A commenter asserted that
new § 424.570 is inconsistent with the
DMEPOS competitive bidding program.
Under competitive bidding, a company
might win a contract in a competitive
bidding area (CBA) where a moratorium
exists. If so, the company could not alter
its geographic locations to best serve the
CBA. The commenter requested that
CMS in the final rule with comment
period carefully delineate how the
competitive bidding program and the
proposed temporary moratoria
requirements will intersect.
Response: All winners of DMEPOS
competitive bidding contracts are
required to be enrolled in Medicare as
a condition of their contract. As a result,
these suppliers would not likely be
subject to a moratorium on enrollment
after they were awarded a contract, as
they would already be enrolled.
However, in a situation where a
competitive bid winner applied to
expand to a new practice location, the
new location would need to be enrolled
in Medicare. If a moratorium were
imposed on DMEPOS suppliers in the
area where the competitive bid winner
was attempting to enroll a new practice
location, the application would in all
likelihood be denied based on the
existence of a moratorium.
Comment: The same commenter also
suggested that: (1) Suppliers with 10 or
more provider transaction account
numbers (PTANs) be exempt from
§ 424.570 and (2) CMS allow exceptions
for bona fide acquisitions of assets
belonging to an existing provider in the
area for the protection of the
beneficiaries served by the selling
provider.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Response: We will be applying the
provisions of this rule to all enrolled
physicians, individual practitioners,
providers and suppliers regardless of
the number of PTANs. In addition, as
stated in the NPRM, changes in
ownership are not subject to moratoria.
Moreover, the provisions of this rule do
not address the conditions under which
a provider or supplier can complete a
bona fide acquisition of assets.
Comment: Several commenters stated
that new locations of enrolled suppliers
should not be subject to a moratorium.
Existing suppliers with no history of
fraud should not be constrained in their
ability to adjust their businesses to best
meet the needs of beneficiaries; indeed,
beneficiary access could be impaired if
new locations were affected by a
moratorium. Another commenter stated
that applying a moratorium to a new
location should only occur when the
supplier has an objectively
demonstrated history of fraud or for
whom CMS has credible evidence of
fraud.
Response: As mentioned elsewhere in
this document, a temporary enrollment
moratorium would not be imposed
without adequate rationale. The
decision to impose a temporary
enrollment moratorium would not be
made lightly and would only be
pursued should one or more of the
conditions for imposing a temporary
moratoria exist—as described in the
proposed rule. One factor for imposing
a moratorium could be that—as stated in
the NPRM—there are a disproportionate
number of providers or suppliers
relative to the number of beneficiaries.
For example, currently enrolled
providers and suppliers that are trying
to enroll in or establish new practice
locations in areas subject to a
moratorium that has been imposed
because there is a disproportionate
number of a particular provider category
relative to beneficiaries, should not be
exempt from the moratorium.
Comment: A commenter stated that
given that the intensity of a Certificate
of Need program is designed to limit the
number of providers to match
beneficiary need, an exception to a
temporary moratorium should be
granted in the presence of such a
program. Another commenter agreed
that an exemption to the moratorium
should be given if the State has a
Certificate of Need program and the
State determines that there is a need for
additional providers. Several
commenters also recommended
exceptions to a moratorium when a
provider is establishing a branch
location within its geographic service
area. Branch locations are subject to the
PO 00000
Frm 00063
Fmt 4701
Sfmt 4700
5923
oversight of the established parent
location and operate under the same
Medicare provider number. Another
commenter stated that the addition of a
branch office to an HHA is not the
equivalent of ‘‘establishing a new
practice location.’’
Response: We have decided not to
provide a link to State CON programs
because these programs vary in
effectiveness and are subject to different
standards, coverage and regulations and
are not focused on fraud, waste or abuse
prevention as would be a temporary
enrollment moratorium that is
authorized in the ACA. To provide an
exemption in States with CON programs
would require considerable effort to
assure that all provider types are
afforded due process and equal
treatment. Accordingly, we did not
propose an exemption from temporary
enrollment moratoria in States with
CON programs. We plan to take into
account the impact a CON has on
provider supply and beneficiary access
when deciding to impose a moratorium.
Regarding the HHA branch offices, we
note that the extent to which the branch
office is subject to a moratorium
depends on whether the branch office is
to be enrolled separately.
Comment: A commenter stated that
the proposal to allow unlimited 6 month
extensions without thorough
documentation of supporting data
hardly makes the moratoria temporary
and could pose a significant risk to
access to quality care for Medicare
beneficiaries.
Response: The ACA gives the
Secretary broad authority to impose a
temporary moratorium on the
enrollment of new providers and
suppliers if the Secretary determines
that a moratorium is necessary to
prevent fraud, waste or abuse in
Medicare, Medicaid or CHIP. The
statute did not provide a specific time
period for the duration of a moratorium.
After considerable discussion within
CMS and HHS, the proposed rule was
published proposing that an initial
temporary enrollment moratorium
would be imposed for a period of 6
months, with possible extensions in 6
month increments should the Secretary
determine that the moratorium was still
needed. We proposed the 6 month
duration because it would be
sufficiently long to enable an
assessment of its impact on the
circumstances that the moratorium was
designed to address, and would afford
us the opportunity to determine
whether the circumstances warranting
the imposition of a temporary
enrollment moratorium have abated or
whether we have implemented program
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5924
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
safeguards to address program
vulnerabilities. The 6 month period
would also afford the Secretary
reasonable opportunity to determine
whether the moratorium was no longer
needed. With regard to the temporary
nature of a moratorium, we would note
that the NPRM explicitly indicated that
an initial moratorium would be for a 6
month period, not an indefinite period.
Regarding the impact a temporary
enrollment moratorium would have on
beneficiary access to needed care, we
stated in the NPRM that we will assess
Medicare beneficiary access to the types
of services that are furnished by the
provider or supplier type and/or within
the geographic area to which the
moratorium would apply. We take
seriously our responsibility to assure
that all Medicare beneficiaries have
access to the services and supplies they
need. With regard to extending
moratoria, the statute confers on the
Secretary the responsibility and
authority to make the judgment about
the need for moratoria—whether initial
or an extension—if the circumstances
requiring the moratorium are still
present.
Comment: A commenter stated that as
part of the implementation of a
temporary moratorium and any
extension thereof, CMS should publish
data and research that support their
decision to impose the moratorium. The
data should be thorough and indicate
the ‘‘actual increased’’ risk rather than
perceived risk for fraud and abuse, in
addition to supportive material data.
Another commenter added that CMS
should ensure that beneficiary access is
not curtailed in an area where a
moratorium is imposed.
Response: As stated earlier, the ACA
gives the Secretary broad authority to
impose temporary enrollment moratoria
when necessary to prevent or combat
fraud, waste or abuse. We will announce
any temporary enrollment moratoria in
the Federal Register, including a
discussion of the issues associated with
the decision to impose a temporary
enrollment moratorium. We are
concerned about the effect imposition of
a temporary enrollment moratorium
would have on beneficiary access, and
would consider access to care as one
possible factor related to imposition of
a moratorium. The ACA specifically
mentions access to Medicaid services as
a reason that States should consider in
making decisions to implement
moratoria.
Comment: A commenter stated that
the proposed rule should be amended to
state that a moratorium does not apply
to instances where the new provider is
a result of a merger, change of
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
ownership, or consolidation. Also, the
fact that the moratorium would not
apply where there is a change in
practice location should be stated
directly in the rule.
Response: We agree. All of these
instances are addressed in the final rule
with comment period.
Comment: A commenter requested
that FQHCs be exempt from any
geographical moratoria established by
CMS. FQHCs are required to contract
with State Medicaid and CHIP programs
within certain specified locations.
Inclusion in a moratorium would force
these FQHCs to provide services
without compensation.
Response: The ACA gives the
Secretary authority to impose a
moratorium when necessary to combat
fraud waste and abuse in Medicare,
Medicaid, or CHIP. Should there ever be
a reason to impose a temporary
enrollment moratorium on FQHCs, we
would need to be able to do so. As
mentioned previously, we indicated in
the NPRM that prior to imposing a
temporary enrollment moratorium we
would assess Medicare beneficiary
access to the type(s) of services that are
furnished by the provider or supplier
type and/or within the geographic area
to which the moratorium would apply.
We also indicated that if a State has
determined that compliance with a
Medicare imposed moratorium would
adversely impact Medicaid
beneficiaries’ or CHIP participants’
access to care, the State would not be
required to comply with the
moratorium. We and the States take the
assurance of adequate access seriously.
Comment: The commenter also stated
that Indian and Tribal providers should
be exempt from the temporary moratoria
provisions, as their programs are not
viable without third-party revenue
(especially Medicare and Medicaid) and
that a moratorium could impede the
programs and harm access to care.
Response: The ACA gives the
Secretary authority to impose a
temporary enrollment moratorium when
necessary to combat fraud, waste and
abuse in Medicare, Medicaid, or CHIP.
Should there ever be a reason to impose
a temporary enrollment moratorium on
Indian or Tribal providers, we would
need to be able to do so. As mentioned
previously, we indicated in the NPRM
that prior to imposing a temporary
enrollment moratorium we would assess
Medicare beneficiary access to the
type(s) of services that are furnished by
the provider or supplier type and/or
within the geographic area to which the
moratorium would apply. We also
indicated that if a State has determined
that compliance with a Medicare
PO 00000
Frm 00064
Fmt 4701
Sfmt 4700
imposed moratorium would adversely
impact Medicaid beneficiaries’ or CHIP
participants’ access to care, the State
would not be required to comply with
the moratorium. We and the States take
the assurance of adequate access
seriously.
Comment: A commenter stated that
the moratorium exceptions should be
very limited. The commenter agreed
with CMS’s proposal for an exemption
for health crisis situations related to, for
example, a natural disaster. The
commenter also recommended that
exceptions should be granted in areas:
(1) With active CON programs, (2) not
being served by any provider or
(3) where the provider(s) (other than the
applicant for the exception) attest that
they lack the capacity to meet current
demand. Still, the commenter stated
that exemptions should only be granted
in such exceptional circumstances and
not become a vehicle for routine
circumvention of the moratorium.
Response: We agree with the intent of
these comments. Temporary enrollment
moratoria must be considered carefully
and the reasons for their imposition
must be clear. Prior to imposing a
moratorium, we will consider a number
of factors, such as, any potential effect
on access to care for beneficiaries. CON
programs are not factored in to CMS
decisions regarding exceptions.
Comment: A commenter requested
clarification as to whether the
temporary moratoria provisions apply to
managed care organizations.
Response: This provision does not
apply to Medicaid managed care
entities. Medicaid risk based managed
care is subject to contracts between
States and the managed care entities,
and the States rely upon those contracts
to ensure that Medicaid beneficiaries
have access to providers and a choice of
networks within the managed care
programs the State maintains. We would
not impose moratoria on managed care
programs that could restrict the ability
of States to ensure beneficiary access
and choice.
Comment: A commenter stated that an
enrollment moratorium should not
apply to publicly traded companies,
since CMS can look to the board of
directors and similar organizational
structures to provide appropriate
oversight and accountability. Moreover,
after a moratorium is lifted, publicly
traded providers and suppliers that
were subject to the moratorium should
not be lifted to a high screening level;
to do so would be inconsistent with
CMS’s own statements in the preamble
that publicly traded providers and
suppliers pose a limited risk.
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
Response: It would be inappropriate
for us to identify any one provider or
supplier characteristic, such as being
publicly traded, as a basis for not being
subject to a temporary enrollment
moratorium. In addition, as noted
below, in the screening portion of this
final rule with comment period, we
have decided not to draw a distinction
between publicly traded and other
providers and suppliers. Should there
ever be a reason to impose a temporary
enrollment moratorium in a geographic
area or on a particular provider or
supplier category; we would need to be
able to do so. We cannot state that there
will never be circumstances that
warrant imposition of a temporary
enrollment moratorium that will affect
providers and suppliers that are
publicly traded or that these providers
and suppliers will never be subject to a
temporary enrollment moratorium. We
have in response to many comments on
this issue, has decided to eliminate the
distinction between publicly traded and
non-publicly traded status as a
determinant of assignment of provider
or supplier types to risk levels.
Temporary enrollment moratoria will
not be imposed without adequate
rationale for how the moratorium would
address fraud, waste and abuse in
Medicare, Medicaid and CHIP. Such
moratoria would be imposed based on
careful analysis and assessment of
circumstances that are present.
Comment: CMS, according to one
commenter, states repeatedly that the
application of the temporary moratoria
could be to either a particular provider
or supplier type or a particular
geographic area. The commenter urged
CMS to reconsider whether it is
appropriate to ever apply moratoria on
particular geographic areas for all
provider and supplier types—such as
physicians, whom CMS assigns to the
limited level of screening. The
commenter believes that physicians
should be exempt from geographic
provider/supplier enrollment moratoria.
Response: We would not likely
impose a temporary enrollment
moratorium on all provider and supplier
types in a particular geographic area
particularly given the potential impact
on beneficiary access. However, if
circumstances were to be such that a
temporary enrollment moratorium in a
particular geographic area should apply
to all provider and supplier types in that
area, we would need to be able to
impose such a moratorium. As stated
elsewhere in this document, we would
publish notice of any moratorium and
would include in the notice the
rationale for the imposition of a
temporary enrollment moratorium.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Also, as stated earlier, we would
consider access issues as well.
Comment: A commenter urged that
the final rule with comment period be
revised to clarify that it is only to be
used as an option of last resort, when
less onerous enforcement efforts have
failed to reduce program abuse by a
significant number of providers or
suppliers of the same type. The
commenter also stated that it should be
imposed only if there is irrefutable
evidence of fraud, waste or program
abuse by a significant portion of the
population of providers that are targeted
by the moratorium.
Response: The ACA gives the
Secretary broad authority to impose
temporary enrollment moratoria in
instances where the Secretary has
determined that the moratorium is
necessary to combat fraud, waste or
abuse in Medicare, Medicaid or CHIP. A
moratorium would not be imposed
without adequate justification. We
would announce in the Federal Register
the imposition of any temporary
enrollment moratorium and would
include a discussion of the issues
associated with the decision to impose
the temporary enrollment moratorium.
In the NPRM, we did list
circumstances that could lead to the
imposition of a temporary enrollment
moratorium in situations where: (1)
Based on our review of existing data,
identifies a trend that appears to be
associated with a high risk of fraud,
waste or abuse, such as when a highly
disproportionate number of providers or
suppliers in a category relative to the
number of beneficiaries or a rapid
increase in enrollment applications
within a category is associated with a
significant potential for fraud, waste or
abuse with respect to a particular
provider or supplier type or particular
geographic area or both, (2) a State has
imposed a temporary enrollment
moratorium, or (3) CMS in consultation
with the Department of HHS Office of
Inspector General or the Department of
Justice or both identifies either or both
a particular provider or supplier type or
a particular geographic area as having
significant potential for fraud, waste, or
abuse. We also included in the NPRM
the reasons a temporary enrollment
moratorium could be lifted. The
decision to extend a moratorium would
be based on the proposals in the NPRM
and would take into account the extent
to which the conditions necessitating
the moratorium were still present.
Comment: A commenter stated that
CMS and Medicaid should be permitted
to extend a temporary moratorium by a
maximum of one additional 6 month
period. Twelve months is more than a
PO 00000
Frm 00065
Fmt 4701
Sfmt 4700
5925
sufficient amount of time for CMS to
consider additional programmatic
initiatives. The commenter added that
CMS’s statement in the preamble that it
‘‘would assess Medicare beneficiary
access to the type(s) of services that are
furnished by the provider or supplier
type and/or within the geographic area
to which the moratorium would apply’’
before imposing a moratorium, should
be included in the regulatory text.
Response: We reserve the option to
extend a temporary moratorium if
circumstances warrant the continuation.
We do not want to limit our ability to
keep a temporary enrollment
moratorium in place if necessary.
Conversely, if the Secretary determines
that a moratorium is no longer needed,
consistent with the provisions of the
proposed rule, the moratorium could be
lifted at any time. We have modified the
regulation text to make this clarification.
We will consider safeguards for
beneficiary access related to the
imposition of an enrollment moratorium
at § 424.570.
Comment: A commenter stated that
CMS should exempt new practice
locations from the moratoria and should
limit the moratorium to newly-enrolling
providers and suppliers.
Response: Currently enrolled
providers and suppliers that are trying
to establish additional new practice
locations as a means to enroll in areas
that are subject to a moratorium, and the
provider is of the type for which the
temporary enrollment moratorium is
imposed, should not be exempt from the
moratorium. However, if an enrolled
provider or supplier is merely changing
its practice location from a current
location to a new location—not an
additional new location—then that new
location would not be subject to a
temporary enrollment moratorium.
Comment: A commenter stated that
CMS should establish an administrative
appeals mechanism to address adverse
determinations based on the imposition
of a temporary moratorium that would
also permit providers and suppliers to
question whether CMS has an
appropriate statutory or evidentiary
basis for imposing a temporary
moratorium.
Response: The ACA specifies that
there is no judicial review under
sections 1869 and 1878 of the Act, or
otherwise of the decision to impose a
temporary enrollment moratorium
However, as stated in the NPRM, we
note that a provider or supplier may use
the existing appeal procedures at 42
CFR part 498 to administratively appeal
a denial of billing privileges based on
the imposition of a temporary
moratorium.
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5926
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
Comment: One commenter stated that
CMS should allow exceptions to the
moratorium, such as: (1) A low ratio of
the provider or supplier type to the
number of beneficiaries in the targeted
area, (2) pandemics and other threats to
beneficiary health that would be served
by the provider or supplier type, and (3)
other circumstances as the Secretary or
the State Medicaid director determine
are in the best interests of the program.
Response: As discussed previously,
the ACA gives the Secretary broad
authority to impose temporary
enrollment moratoria. We also stated
earlier that we listed in the NPRM
circumstances that could lead to the
imposition of a temporary enrollment
moratorium in situations. We also
indicated in the NPRM that prior to
imposing a temporary enrollment
moratorium we would assess Medicare
beneficiary access issues. And we
indicated that if a State has determined
that compliance with a Medicare
imposed temporary enrollment
moratorium would adversely impact
Medicaid beneficiaries’, or CHIP
participants’ access to care, the State
would not be required to comply with
the temporary enrollment moratorium.
We and the States take the assurance of
adequate access seriously.
Comment: A commenter believes that
CMS moratoria authority was openended to the point where CMS could,
towards the end of a fiscal year,
announce the suspension of provider
enrollment in a variety of categories not
to stem fraud and abuse, but rather to
achieve some budgetary goal of reducing
Medicare expenditures. The commenter
requested that CMS clarify: (1) Who will
decide what constitutes a highly
disproportionate number of providers
relative to the number of beneficiaries,
(2) the standards that will be used to
determine the number of providers
necessary relative to the number of
beneficiaries, and (3) whether this is a
de facto return of the certificate of need
process.
Response: We proposed and sought
comments on factors that would have to
be in place to impose a temporary
enrollment moratorium, including
identifiable trends in CMS data, State
imposition of a moratoria, or
consultation with the Office of Inspector
General or the Department of Justice.
The ACA requires that any moratorium
imposed be implemented to reduce
fraud, waste and abuse in the Medicare,
Medicaid and CHIP programs.
Additionally, we will not deny any
enrollment for which the Medicare
enrollment contractor has completed
review of the application and has
determined that the provider or supplier
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
meets all the requirements for
enrollment and all that remains is to
assign appropriate billing number(s) and
enter the provider or supplier into
PECOS. Actively enrolled providers and
suppliers will still be reimbursed for
claims for services that are provided,
and reimbursement would be at levels
preceding the moratoria. The process for
imposing a moratorium in this rule
provides no opportunity for us to use
the temporary enrollment moratoria to
stop payments to enrolled providers and
suppliers, and there is no intention for
us to use temporary moratoria for
purposes other than the ones authorized
under the ACA.
Additionally, as stated previously, we
would provide notice in the Federal
Register of the imposition of a
temporary enrollment moratorium and
would include a discussion of the issues
associated with the decision to impose
a temporary enrollment moratorium. We
will decide what constitutes a
disproportionate number of providers
relative to beneficiaries. We indicated in
the NPRM that prior to imposing a
temporary enrollment moratorium we
would assess Medicare beneficiary
access to the type(s) of services that are
furnished by the provider or supplier
type and/or within the geographic area
to which the temporary enrollment
moratorium would apply. As a part of
this process, we would examine the
levels of providers in a given area and
make a judgment about whether any
temporary enrollment moratorium
would adversely affect the delivery of
needed services to beneficiaries.
Regarding Certificate of Need processes,
we would note that a number of States
use the CON process. We have stated
elsewhere in this document that we
have not linked this proposed rule to
the CON process. The CON programs
vary in effectiveness and coverage and
are subject to different standards and
regulations. If there were a need to
impose a temporary enrollment
moratorium in any part of a State that
has a CON requirement, we would
impose the temporary enrollment
moratorium in that part of the State, as
needed.
Comment: A commenter stated that
CMS should exclude from any moratoria
those providers and suppliers:
(1) Assigned to the limited level of
screening, and (2) that have completed
and passed a State licensure process.
Another commenter urged that a
moratorium be applied only to
providers included within the moderate
or high screening levels, and then only
after: (1) Appropriate appeals measures
have been established, and (2) CMS has
PO 00000
Frm 00066
Fmt 4701
Sfmt 4700
addressed any beneficiary access to care
issues.
Response: The ACA provides that the
Secretary can impose a moratorium if
she decides that it is necessary to
combat fraud, waste or abuse.
Accordingly the decision to impose a
temporary enrollment moratorium will
be based on a variety of factors,
including the potential risk of fraud in
the Medicare program that could be
posed by a particular category of
provider or supplier in a specific
geographic area. The ACA gives the
Secretary authority to impose a
moratorium when necessary to combat
fraud waste and abuse in Medicare,
Medicaid, or CHIP. Should there ever be
a reason to impose a temporary
enrollment moratorium on any category
of providers or suppliers, we would
need to be able to do so—regardless of
the screening level to which they were
assigned as part of the provider and
supplier screening process described in
this regulation. We cannot state that
providers and suppliers in the ‘‘limited’’
screening level will never be subject to
a temporary enrollment moratorium.
Nor are we prepared to state that
providers or suppliers that are licensed
would never be subject to a temporary
enrollment moratorium. With regard to
access to care, we indicated in the
NPRM that prior to imposing a
temporary enrollment moratorium we
would assess Medicare beneficiary
access to the type(s) of services that are
furnished by the provider or supplier
type and/or within the geographic area
to which the temporary enrollment
moratorium would apply. We also
indicated that if a State has determined
that compliance with a Medicare
imposed temporary enrollment
moratorium would adversely impact
Medicaid beneficiaries’, or CHIP
participants’ access to care, the State
would not be required to comply with
the temporary enrollment moratorium.
We and the States take the assurance of
adequate access seriously.
Comment: A commenter stated that
while the preamble mentions that
advanced notice of a moratorium will be
given, this is not specified in the
regulation text. The commenter stated
that the text should be amended to
reflect the advanced notice requirement.
Response: The preamble to the
proposed rule says that we will
announce the imposition of a temporary
enrollment moratorium in the Federal
Register. The preamble does not say we
will give advance notice. We have stated
in response to other comments that we
do not think we should provide advance
notice as this may foster an increase in
applications for enrollment in an
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
attempt to circumvent the intent of the
temporary enrollment moratorium.
Accordingly, we did not include any
language about advance notice in the
regulation text.
Comment: A commenter requested
clarification as to what the term
‘‘significant potential for fraud’’ means
in the context of the moratorium and the
datasets that will be used to determine
whether such a trend exists.
Response: We offered examples in the
NPRM of the kinds of circumstances
that might warrant imposition of a
temporary enrollment moratorium. We
plan to draw on data and information
from many sources in coming to a
decision about imposition of temporary
enrollment moratoria—including
existing CMS claims and enrollment
data as well as other public data as well
as data from our contractors or from law
enforcement entities.
Comment: A commenter noted that
CMS proposes to allow a Medicare
enrollment moratorium where a State
Medicaid program has imposed a
moratorium on a group of providers
who are also eligible to enroll in
Medicare. The commenter stated that
the proposal does not clarify whether
CMS intends for such a moratorium to
apply only to those providers within the
affected State or whether that
moratorium could apply nationwide in
the event that the moratorium pertains
to provider type. The commenter
believes that for a State-imposed
moratorium to have such a drastic effect
across the country without evidence of
a nationwide problem would be an
overly broad and unnecessary
imposition of CMS authority, and urged
CMS to craft this provision more
narrowly.
Response: We agree that imposing a
moratorium on a national level based on
one State’s action in its State would be
an unnecessarily broad action for us to
take. The intent of that provision in the
NPRM was to afford Medicare the
option to adopt a State moratorium in a
State or part of a State if appropriate.
Comment: A commenter stated that in
the case of a moratorium, CMS and the
States should explain their actions and
provide an opportunity for notice and
comment.
Response: We have said that we plan
to provide notice of imposition of a
temporary enrollment moratorium in
the Federal Register, explaining the
rationale for the imposition. We will not
be providing an opportunity for
comment prior to the imposition of a
temporary enrollment moratorium,
because it is not a rulemaking effort.
Moreover, we think that providing
advance notice of a temporary
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
enrollment moratorium might foster a
spike in enrollment applications from
providers or suppliers that would be
subject to the moratorium. If we
determine that a temporary enrollment
moratorium is needed, we would not
want to provide opportunities for
providers and suppliers to circumvent
the moratorium’s purpose.
Comment: A commenter
recommended that CMS impose a
temporary moratorium nationally on
any Medicare-certified HHAs. As an
alternative, the commenter suggested a
moratorium in any State without either
HHA licensure or a certificate of need,
or in any State where the growth in new
HHAs in the most recent 4 years has
exceeded 15 percent.
Response: At this time, we are not
contemplating the imposition of
national moratoria. Moreover, it would
be premature to identify any provider or
supplier type that might be subject to
imposition of a temporary enrollment
moratorium. Should it be necessary to
impose a temporary enrollment
moratorium on any provider or supplier
type, we will explain the reasons for the
temporary enrollment moratorium in a
public notice in the Federal Register.
Comment: One commenter stated that
while they are in agreement with the
proposal that State Medicaid agencies
should have the authority to impose
temporary moratoria on the enrollment
of new providers or impose numerical
caps or other limits on the providers
assigned to the high screening level by
the Secretary, the State Medicaid agency
should also be allowed the discretion to
identify providers that are high risk by
State standards.
Response: We agree that the State
Medicaid agency has the discretion to
identify providers that are high risk by
State standards. However, section
1902(kk)(4)(B) of the Act explicitly
states that the designation of ‘‘high risk’’
providers for purposes of this provision
must be made by the Secretary. Thus,
we are finalizing the requirement that
when a State Medicaid agency identifies
a category of providers that are high risk
of fraud, waste or abuse by State
standards, the State must seek our
concurrence with that assignment prior
to imposing any type of moratoria,
numerical caps or other limits on the
enrollment of these providers.
Comment: One commenter requested
that the rule be clarified to allow a State
to complete any provider enrollment
initiated prior to a Federally imposed
moratorium.
Response: If a moratorium is deemed
necessary, then we believe that all
unenrolled providers should be subject
to the moratorium. However, we would
PO 00000
Frm 00067
Fmt 4701
Sfmt 4700
5927
not require the State to deny any
enrollment for which the State has
completed its review of the enrollment
application and has made a
determination that the provider meets
all requirements for enrollment.
Comment: A few commenters
requested additional information
regarding the process that should be
used by State Medicaid agencies to
notify CMS that imposition of a
temporary moratorium would adversely
impact beneficiaries’ access to medical
assistance, including the documentation
that will be required and the standards
CMS will use for its review.
Response: We believe that additional
information regarding the operational
processes that should be used by States
regarding temporary moratorium are
more appropriately addressed in
subregulatory guidance. We will be
issuing subregulatory guidance to assist
States with the operational impact of
implementing this provision in the near
future.
Comment: Regarding State
‘‘identification’’ of providers with a
‘‘significant potential for fraud, waste or
abuse,’’ one commenter asked that
documentation of the significant risk be
required, as well as a description of the
rationale used to arrive at numerical
caps or other limits on enrollment of
that provider type.
Response: Consistent with section
1902(kk)(4)(B) of the Act, when a State
Medicaid agency identifies a category of
providers that is high risk by State
standards, the State must seek our
concurrence with that designation prior
to imposing any type of moratorium,
numerical cap or other limit on the
enrollment of these providers. We will
expect the State to provide rationale and
justification for assigning providers to
the high screening level when seeking
our concurrence. We will be issuing
subregulatory guidance to assist States
with the operational aspect of
implementing this provision in the near
future. We agree a temporary enrollment
moratorium should be imposed only
with adequate rationale. A temporary
enrollment moratorium on any category
of provider that a State identifies as
posing a significant potential for fraud,
waste, or abuse, should be supported by
adequate rationale to justify the
imposition of a temporary moratorium,
numerical caps or other limits on
enrollment of that provider type.
Comment: One commenter requested
that CMS add an exception where the
State has other measures in place that
adequately control for the potential
fraud, waste, and abuse that is the basis
for the proposed moratorium.
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5928
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
Response: The ACA does not allow us
to grant such an exception to States
even when the State has other fraud
controls in place. Additionally, we
believe this additional program integrity
safeguard is necessary to prevent loss to
Medicare, Medicaid and CHIP programs
when existing safeguards have not
prevented an emergent trend in
fraudulent, wasteful, or abusive
practices. We believe the authority to
impose temporary enrollment
moratorium when appropriate will be a
useful tool for both CMS and the States.
Comment: Several commenters
requested clarification regarding
whether this requirement applies to
Medicaid managed care. These
commenters specifically asked CMS to
provide an explicit exception to
temporary moratoria for Medicaid
managed care entities so to ensure that
the adequacy of these plans’ provider
networks is not compromised and in
turn, impede beneficiary access to care.
Response: As stated previously, this
provision does not apply to Medicaid
managed care entities. Medicaid risk
based managed care is subject to
contracts between States and the
managed care entities, and the States
rely upon those contracts to ensure that
Medicaid beneficiaries have access to
providers and a choice of networks
within the managed care programs the
State maintains. We would not impose
moratoria on managed care programs
that could restrict the ability of States to
ensure beneficiary access and choice.
Comment: One commenter requested
the development of a process for an
individual provider exemption from a
moratorium or, in the alternative, the
establishment of a more focused process
for imposing any necessary moratoria.
Response: As mentioned previously,
we will take action to impose a
temporary moratorium only if justified.
Accordingly, the decision to impose a
temporary enrollment moratorium will
be based on the potential risk of fraud,
waste or abuse in the Medicare or
Medicaid programs.
Comment: A commenter stated that
CMS, should it proceed with this
proposed rule, must introduce much
better controls to limit over-reaching
and to assure providers due process
rights. The commenter cited CMS’s
proposed ability to impose a temporary
enrollment moratorium on potentially
high risk providers and suppliers with
no rights of judicial review of the
agency’s decision. The commenter
stated that the absence of defined rights
for orthotic and prosthetic suppliers in
the proposed rule could, in some
instances, appear to be a Federal
‘‘taking’’ without due process.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Response: As stated previously, we
will provide a discussion of the factors
for imposing a moratorium on a case by
case basis when the notice of such a
moratorium is published in the Federal
Register. If a provider or supplier’s
billing privileges are denied due to the
imposition of a temporary enrollment
moratorium, the denial of billing
privileges can be challenged
administratively through the existing
enrollment appeal procedures at 42 CFR
part 498. Further, we disagree with the
commenter’s characterization of a
temporary moratoria of newly-enrolling
providers and suppliers as a Federal
‘‘taking.’’
4. Final Temporary Moratoria on
Enrollment of Medicare Providers and
Suppliers, Medicaid and CHIP
Provisions
This final rule with comment period
finalizes the provision of the proposed
rule in regards to the temporary
enrollment moratoria with the following
exceptions:
In § 424.570, we modified our
proposal as follows:
• Added language to clarify that we
will fully assess the impact of a
temporary enrollment moratorium
would have on beneficiary access to
services that will be subject to the
temporary enrollment moratorium at
§ 424.570(a).
• Added language that specifies we
will announce any temporary
enrollment moratorium in a notice in
the Federal Register that will include
the rational for the imposition of the
moratorium, the particular provider or
supplier type or the establishment of
new practice locations of a particular
type in a particular geographic area at
§ 424.570(a).
• Added language to clarify that
Medicare contractor will deny
enrollment applications from a provider
or supplier subject to a moratorium
specified in paragraph (a) including
providers and suppliers with pending
enrollment applications, EXCEPT such
applications that have been approved by
the enrollment contractor before the
imposition of a moratorium at
§ 424.530(a)(10).
• Added language that adopts a
public commenter’s proposal that the
Secretary may lift a temporary
enrollment moratorium in the event of
a public health emergency in the
affected geographic area at § 424.570(d).
• Added language that specifies we
will publish notice of lifting the
moratorium in the Federal Register at
§ 424.570(d).
PO 00000
Frm 00068
Fmt 4701
Sfmt 4700
D. Suspension of Payments
1. Medicare
a. Background
In section 6402(h) of the ACA, the
Congress amended section 1862 of the
Act by adding a new paragraph (o),
under which the Secretary may suspend
payments to a provider or supplier
pending an investigation of a credible
allegation of fraud unless the Secretary
determines that there is good cause not
to suspend payments. This section
requires that the Secretary consult with
the HHS OIG in determining whether
there is a credible allegation of fraud
against a provider or supplier. For
purposes of this Medicare payment
suspension regulation, we will refer to
providers and suppliers collectively as
‘‘providers’’.
b. Previous Medicare Regulations
We have long been authorized to
suspend payments in cases of suspected
fraudulent activity. On December 2,
1996, we finalized regulations § 405.370
through § 405.379 that provides for
suspension of payments to providers for
several scenarios, including when we
possess reliable information that fraud
or willful misrepresentation exists. The
rule provides that we may suspend
payments to a provider in whole or in
part based upon possession of reliable
information that an overpayment or
fraud or willful misrepresentation exists
or that the payments to be made may
not be correct, although additional
evidence may be needed for a
determination.
The existing rule provides that a
suspension of payments is limited to
180 days, unless it meets one of several
exceptions. A Medicare contractor may
request a one-time only extension of the
suspension period for up to 180
additional days if it is unable to
complete its examination of the
information that serves as the basis for
the suspension. Also, OIG or a law
enforcement agency may request a onetime only extension for up to 180
additional days to complete its
investigation in cases of fraud and
willful misrepresentation. The rule
provides that these time limits do not
apply if the case has been referred to
and is being considered by the OIG for
administrative action, such as civil
monetary penalties. We may also grant
an extension beyond the 180 additional
days if DOJ requests that the suspension
of payments be continued based on the
ongoing investigation and anticipated
filing of criminal or civil actions. The
DOJ extension is limited to the amount
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
rmajette on DSK29S0YB1PROD with RULES2
of time needed to implement the
criminal or civil proceedings.
c. Proposed Medicare Suspension of
Payments Requirements
Section 6402(h) of the ACA requires
that the Secretary consult with the OIG
in determining whether there is a
credible allegation of fraud against a
provider. If a credible allegation of fraud
exists, the Secretary may impose a
suspension of payments pending an
investigation of the allegations, unless
the Secretary determines that there is
good cause not to suspend payments.
We proposed to revise § 405.370 to add
a definition of what constitutes a
‘‘credible allegation of fraud,’’ to include
an allegation from any source, including
but not limited to fraud hotline
complaints, claims data mining,
patterns identified through provider
audits, civil False Claims Act, and law
enforcement investigations. Allegations
are considered to be credible when they
have indicia of reliability. Many issues
related to this definition will need to be
determined on a case-by-case basis by
looking at all the factors, circumstances
and issues at hand. We continue to
believe that CMS or its contractors must
review all allegations, facts, and
information carefully and act
judiciously on a case-by-case basis
when contemplating a payment
suspension, mindful of the impact that
payment suspension may have upon a
provider.
We received the following comments:
Comment: We received numerous
comments suggesting that the proposed
definition of ‘‘credible allegation of
fraud’’ was ambiguous and fails to detail
a precise evidentiary standard that CMS
and OIG will employ in determining if
a payment suspension is warranted.
Commenters were also concerned that
including fraud hotline complaints as a
source of allegations would inevitably
lead to disingenuous allegations from
competitors and/or disgruntled former
employees that would lead to
unjustified payment suspensions.
Response: We did not intend to detail
a precise evidentiary standard in this
definition; rather we intended to give
examples of the typical sources of
allegations of fraud and explain that
assessing the reliability of an allegation
is a process that will occur on a caseby-case basis. CMS and OIG fully
understand the need to act judiciously
when corroborating information and
investigating allegations of fraud,
especially when the source of the
allegation is an anonymous fraud
hotline complaint. The statutorily
required consultation between CMS and
the OIG prior to implementing a
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
payment suspension will provide ample
opportunity for the credibility of an
allegation to be assessed and for a
preliminary investigation into the
allegation of fraud to occur sufficient to
meet a reasonable evidentiary standard.
We additionally proposed modifying
the existing § 405.370 to add a
definition for ‘‘resolution of an
investigation.’’ The ACA provides for
the suspension of payments pending the
investigation of a credible allegation of
fraud, and we believe that this provision
necessitates defining when an
investigation has concluded and the
basis for the suspension of payments no
longer exists. The definition proposed
in the proposed rule and finalized here
is that a resolution of an investigation
occurs when legal action is terminated
by settlement, judgment, or dismissal, or
when the case is closed or dropped
because of insufficient evidence. We
solicited comments on an alternative
definition of the term ‘‘resolution of an
investigation’’ which is that it occurs
when a legal action is initiated or the
case is closed or dropped because of
insufficient evidence to support the
allegations of fraud. We did not receive
any comments that specifically
addressed a preference for either of
these definitions.
We proposed modifying the existing
§ 405.371(a) to differentiate between
suspensions based on either reliable
information that an overpayment exists
or that payments to be made may not be
correct, and suspensions based upon a
credible allegation of fraud. As required
by the ACA, we proposed in this section
that CMS or its contractor must consult
with the OIG, and as appropriate, the
Department of Justice (DOJ) in
determining whether a credible
allegation of fraud exists prior to
suspending payments on the basis of
alleged fraud.
We also proposed in accordance with
the ACA that we retain discretion
regarding whether or not to impose a
suspension or continue a suspension, as
there may be good cause not to suspend
payments or not to continue to suspend
payments to providers or suppliers in
certain circumstances. We proposed to
add a new § 405.371(b) to describe
circumstances that may qualify as good
cause not to suspend payments or not to
continue to suspend payments despite
credible allegations of fraud.
In paragraph (b)(1), we proposed a
good cause exception based upon
specific requests by law enforcement
that CMS not suspend payments. There
are numerous reasons for which law
enforcement personnel might make such
a request, including that imposing a
payment suspension might alert a
PO 00000
Frm 00069
Fmt 4701
Sfmt 4700
5929
potential perpetrator to an investigation
at an inopportune or particularly
sensitive time, jeopardize an undercover
investigation, or potentially expose
whistleblowers or confidential sources.
In paragraph (b)(2), we proposed a
good cause exception not to suspend
payments if we determine that
beneficiary access to necessary items or
services may be jeopardized. We
envision there may be scenarios in
which a payment suspension to a
provider might jeopardize a provider’s
ability to continue rendering services to
Medicare beneficiaries whose access to
items or services would be so
jeopardized as to cause a danger to life
or health.
In paragraph (b)(3) of the proposed
rule, we proposed a good cause
exception not to suspend payments if
CMS determines that other available
remedies implemented by or on behalf
of CMS more effectively or quickly
protect Medicare funds than would
implementing a payment suspension.
For example, law enforcement
personnel might request that a court
immediately enjoin potentially unlawful
conduct or prevent the withdrawal,
removal, transfer, disposal, or
dissipation of assets, either or both of
which might protect Medicare funds
more fully or quickly than would
imposition of a payment suspension.
More generally, in paragraph (b)(4) of
the proposed rule, we proposed a good
cause exception based upon a
determination by us that a payment
suspension or continuation of a
payment suspension is not in the best
interests of the Medicare program. We
further proposed that we will conduct
an evaluation of whether there is good
cause not to continue a suspension
every 180 days after the initiation of a
suspension based on credible
allegations of fraud. We believe that
circumstances surrounding a specific
case may change as an investigation
progresses, and it may become in the
best of interests of the Medicare
program to terminate a payment
suspension prior to the resolution of an
investigation. As part of this ongoing
evaluation, we will request a
certification from the OIG or other law
enforcement agency as to whether that
agency continues to investigate the
matter.
We considered additional specific
circumstances and scenarios that may
qualify as good cause not to continue a
payment suspension prior to the
resolution of an investigation, and
solicited comments on this approach.
For example, one scenario that we
considered as additional good cause not
to continue a suspension is when a
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5930
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
suspension has been in place for a
specific length of time, such as 2 years
or 3 years, and the investigation has not
been resolved. We anticipated that on a
case by case basis, we would evaluate
the status of a particular investigation
and the nature of the alleged fraud in
determining whether keeping a payment
suspension in effect beyond a certain
length of time may not be in the best
interests of the Medicare program. We
chose not to propose specific language
on duration in the regulatory text.
However, we solicited comment on this
approach.
Comment: Numerous commenters
supported an additional good cause
exception not to continue a payment
suspension when the accompanying
investigation continued beyond a
certain length of time. Several
commenters supported this exception,
however most believe that 2 years or 3
years was much too long for a
suspension to be in effect and the length
of time associated with this good cause
exception should be much shorter.
Response: We agree with the
commenters who support the additional
good cause exception not to continue a
payment suspension when an
investigation has continued beyond a
certain length of time, in certain cases.
We believe that 18 months is the
appropriate timeframe for a good causebased exception beyond which a
payment suspension ought not continue
except under certain limited
circumstances. Therefore, good cause
not to continue a payment suspension
beyond 18 months shall be deemed to
exist unless one of two specific criteria
is met. The first of these criteria is if the
case has been referred to, and is being
considered by, the OIG for
administrative action (for example, civil
money penalties) or such administrative
action is pending. The second of these
criteria is if the Department of Justice
submits a written request to CMS that
the suspension of payments be
continued based on the ongoing
investigation and anticipated filing of
criminal and/or civil actions or based on
a pending criminal and/or civil action.
We are adopting these two law
enforcement specific scenarios that will
serve as the criteria for extending a
payment suspension beyond 18 months
and are based upon the longstanding
criteria for extending suspensions found
in the Medicare payment suspension
regulations.
We proposed modifying the existing
§ 405.372 to reflect the changes made in
§ 405.371 which divides the payment
suspension authority into situations
involving overpayments and situations
involving allegations of fraud. In
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
§ 405.372(c) we clarify the subsequent
action requirements to distinguish
between suspensions based on credible
allegations of fraud and those that are
based on other factors, such as
overpayments. For suspensions that are
not based on credible allegations of
fraud, CMS and its contractors will
continue to take timely action to obtain
additional information needed to make
an overpayment determination and
make all reasonable efforts to expedite
the determination. Once the
determination is made, notice of the
determination will be given to the
provider or supplier and the payment
suspension will be terminated. If the
payment suspension is based on
credible allegations of fraud, CMS and
its contractors will take subsequent
action to determine if an overpayment
exists or if the payments may be made,
however the termination of the
suspension and the issuance of a final
determination notice to the provider or
supplier may be delayed until
resolution of the investigation. At the
end of the fraud investigation, it is
possible that the Medicare contractor
will not have completed its
overpayment determination, but will
have reliable evidence of an
overpayment or will have evidence that
the payments to be made may not be
correct. This typically occurs when a
law enforcement investigation results in
civil or criminal resolution prior to the
Medicare contractor having had
sufficient time to complete its
overpayment determination. In such a
situation, we would allow the
suspension to continue as an
overpayment suspension.
We proposed modifying the existing
§ 405.372(d) concerning the duration of
suspension of payment. In
§ 405.372(d)(3) we except suspensions
based on credible allegations of fraud
from the established time limits
specified in paragraphs (d)(1) and (d)(2).
We believe the strict time constraints
found in paragraphs (d)(1) and (d)(2)
should only be applied to suspensions
based on reliable information of an
overpayment or where payments to be
made may not be correct, both of which
require a speedy overpayment
determination. When credible
allegations of fraud are present, we
believe we should have the flexibility to
maintain a suspension beyond these
established time limits in order for an
investigation to be completed or the
matter to be resolved. However, we
noted that by excepting suspensions
based on credible allegations of fraud
from these previously established
timeframes, we do not intend to
PO 00000
Frm 00070
Fmt 4701
Sfmt 4700
suspend payments to providers and
suppliers indefinitely. We will be
actively evaluating the progress of any
investigation to determine if good cause
exists to no longer continue the
suspension of payments, as suspensions
are designed to be a temporary measure.
As part of this recurring evaluation, we
will request a certification from the OIG
or other law enforcement agency that
the matter continues to be under
investigation.
We also proposed eliminating the two
other existing scenarios in paragraph
(d)(3) for extending payment
suspensions beyond the time limits in
paragraphs (d)(1) and (d)(2), which are
when the OIG is considering
administrative action such as civil
monetary penalties and also when the
DOJ requests an extension based on an
ongoing investigation and the
anticipated filing of criminal and/or
civil actions. We have removed these
two scenarios from the existing duration
provisions in § 405.372(d), however we
have added similar criteria for
extending suspensions to the good cause
criteria at § 405.371 (b)(3), based on
these law enforcement scenarios.
Comment: We received numerous
comments raising concern over the
perceived lack of due process afforded
to the provider community in this
proposed rule and numerous comments
suggesting that more attention needs to
be paid to establishing clear criteria for
suspensions and basic due process
rights before implementing this
provision. Commenters also pointed out
that the ACA does not mandate a
deadline for implementing this policy
and commenters recommend we
withdraw the suspension provision
from the final rule with comment period
and work to develop defined standards
with meaningful due process
protections.
Response: We believe that the
proposed rule affords providers who
have had their payments suspended
based on credible allegations of fraud
ample opportunity to submit
information to us in the established
rebuttal statement process to
demonstrate their case for why a
suspension is unjustified. We believe
that the criteria for suspension of
payments are clear. We reiterate that
this authority will be exercised
judiciously by CMS, in consultation
with the OIG, and that only in the most
egregious cases will payment
suspensions last longer than the
previously established timeframes for
payment suspensions. We will not
withdraw the suspension provision
from the final rule with comment period
as we believe the due process
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
protections are more than adequate and
the evidentiary standards for payment
suspensions cannot be more precisely
defined.
Comment: A commenter suggested
that the proposed rule lacks specificity
around the required consultation
between CMS and the OIG and the DOJ
and asked which entity ultimately
decides whether an allegation is
credible and whether a unanimous
determination is required.
Response: We retain the ultimate
authority regarding whether or not a
payment suspension will be
implemented in a given case. The
mechanics of the consultation between
CMS and our law enforcement partners
to determine the credibility of
allegations will be detailed in a
Memorandum of Understanding
between the respective agencies and we
do not believe it is appropriate to detail
this process in the final rule with
comment period.
Comment: A commenter questions
why there is no defined time
requirement for CMS to provide written
notice of a suspension that was imposed
without prior notice, similar to the time
limits required of States in the Medicaid
payment suspension rule.
Response: The Medicare and
Medicaid payment suspension rules
need not mirror each other in every
respect. We have long suspended
payments without prior notice to
providers in cases of suspected fraud
and have an established track record for
providing written notice to providers as
soon as is practicable after
implementing a suspension. We do not
believe it is necessary to impose a
strictly defined time period for
providing notice to providers who were
suspended without prior notice based
on credible allegations of fraud, and we
do not believe that a 30, 60, or 90 day
limit is necessary as in nearly all
historical cases we have provided notice
to providers well within these suggested
time limits.
Comment: One commenter expressed
concern over CMS treatment of payment
suspensions in the cases of
overpayments without credible
allegations of fraud and pointed out that
there are a multitude of scenarios under
which physicians might be overpaid
due to inadvertent billing errors or
Medicare contractor claims processing
errors that are no fault of the provider.
Response: We believe that we must
retain the ability to suspend payments
in both cases of potential fraud and
cases that do not involve potential fraud
but are based solely on potential
overpayments. We have long had the
authority to suspend payments without
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
evidence of fraud but historically have
not often used the suspension tool in
these cases. We will determine on a
case-by-case basis whether a suspension
of payments is appropriate in cases that
do not involve fraud, and factors such
as Medicare contractor claims
processing errors and provider billing
history are certainly considered.
Comment: One commenter requested
that CMS provide clarification on
whether the proposed rule’s suspension
provisions apply to the Medicare Part D
program and suggested that the
proposed rule seems to conflict with
legislation and CMS promulgated rules
regarding prompt payment of Medicare
Part D claims.
Response: The Medicare payment
suspension authority is applicable to
providers under both the Part A and
Part B programs. Separate authorities
are available to address potential fraud
by plans participating in the Part C and
D programs.
Comment: One commenter believes
that Federally Qualified Health Centers
(FQHCs) should be exempted from the
potential application of the suspension
of payments because payment to FQHCs
is premised on reimbursement of
reasonable costs and FQHCs are subject
to an annual reconciliation process
under which surplus payments in
excess of reasonable Medicare costs are
returned to the CMS contractor.
Response: All providers in Medicare
Part A and Part B are subject to the
payment suspension provisions,
regardless of the method of
reimbursement. The annual
reconciliation process under which
surplus payments are returned does not
necessarily account for credible
allegations of fraud and we reserve the
right to impose a payment suspension
on any provider for whom there is a
credible allegation of fraud.
We are adopting the provisions of the
proposed rule, with one exception. In
§ 405.371(b)(3), we state that good cause
shall be deemed to exist to not continue
to suspend payments if a payment
suspension has been in effect for a
period of 18 months unless certain
conditions are met.
2. Medicaid
a. Background
In section 6402(h) of the ACA, the
Congress amended section 1903(i)(2) of
the Act to provide that Federal
Financial Participation (FFP) in the
Medicaid program shall not be made
with respect to any amount expended
for items or services (other than an
emergency item or service, not
including items or services furnished in
PO 00000
Frm 00071
Fmt 4701
Sfmt 4700
5931
an emergency room of a hospital)
furnished by an individual or entity to
whom a State has failed to suspend
payments under the plan during any
period when there is pending an
investigation of a credible allegation of
fraud against the individual or entity as
determined by the State in accordance
with these regulations, unless the State
determines in accordance with these
regulations that good cause exists not to
suspend such payments.
b. Previous Medicaid Regulations
State Medicaid agencies have long
been authorized to withhold payments
in cases of fraud or willful
misrepresentation. On December 28,
1987, DHHS finalized regulations at
§ 455.23 that they described as
specifically encouraging State Medicaid
agencies to withhold program payments
to providers without first granting
administrative review where the State
agency has reliable evidence of
fraudulent activity by the provider. The
regulations were issued by the HHS OIG
based on a concern that State
administrative hearings could interfere
with investigations conducted by HHS
OIG’s Office of Investigations or by the
State’s Medicaid fraud control unit
(MFCU). The requirements of an
administrative hearing could jeopardize
criminal cases and investigators were
reluctant to agree to a State’s
withholding payment, thus risking
additional overpayments. (See the
December 28, 1987 final rule (52 FR
48814)). The December 28, 1987 final
rule remains in effect and has remained
unchanged since it was promulgated.
At the time the rule was proposed, the
Department was in the process of
reorganizing its fraud and abuse
regulations to reflect authorities
transferred to HHS OIG in 1983, as well
as those retained by CMS. HHS OIG
authorities were transferred to a new 42
CFR chapter V, while CMS’ Medicaid
program integrity authorities were
retained at 42 CFR part 455. (See the
September 30, 1986 final rule (51 FR
34764)).
This current rule provides that a State
Medicaid agency may withhold
payments to a provider in whole or in
part based upon receipt of reliable
evidence that the need for withholding
payments involves fraud or willful
misrepresentation under the Medicaid
program. At the time this rule was
published, commenters questioned what
constituted ‘‘reliable evidence of fraud.’’
The HHS OIG declined to provide a
specific definition, noting that what
constitutes ‘‘reliable evidence’’ is not
easily and readily definable. The HHS
OIG noted that while the existence of an
E:\FR\FM\02FER2.SGM
02FER2
5932
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
rmajette on DSK29S0YB1PROD with RULES2
ongoing criminal or civil investigation
against a provider may be a factor in
determining whether reliable evidence
exists, that reliable evidence should be
determined on a case-by-case basis with
the State agency looking at all the
factors, circumstances, and issues at
hand, and acting judiciously on this
information.
The 1987 regulations also permitted
payments to be suspended in whole or
in part. Commenters had suggested that
‘‘clean claims’’ continue to be processed
without delay, and that any withholding
ought to be targeted to only the type of
Medicaid claims under investigation.
The HHS OIG responded that it is
usually difficult to determine which
claims are ‘‘clean’’ until after an
investigation has been completed, but
noted that where an investigation is
solely and definitively centered upon a
specific type of claim that a State could,
at its discretion, withhold payments on
just those types of claims. The HHS OIG
also agreed to commenters’ requests to
clarify that the withholding provisions
apply only to alleged fraud or willful
misrepresentation related to improperly
received Medicaid payments and not to
ancillary unrelated matters such as
deceptive advertising.
c. Proposed Medicaid Suspension of
Payments Requirements
The current regulation at § 455.23
formed the framework for these final
regulations. State Medicaid agencies
have long had the authority to withhold
payments in cases of alleged fraud or
willful misrepresentation. Section
6402(h)(2) of the ACA now mandates
that States not receive FFP in cases
where they fail to suspend Medicaid
payments during any period when there
is pending an investigation of a credible
allegation of fraud against an individual
or entity as determined by the State in
accordance with these proposed
regulations unless the State determines
that good cause exists for a State not to
suspend such payments. To conform the
existing regulation to the terminology of
the ACA, we proposed to change the
phrase ‘‘withhold payments’’ to
‘‘suspend payments,’’ a change we
believe is merely semantic.
We proposed to implement section
6402(h)(2) of the ACA by modifying the
existing § 455.23(a) to make payment
suspensions mandatory where an
investigation of a credible allegation of
fraud under the Medicaid program
exists. Based on the ACA’s use of just
the term ‘‘fraud,’’ we did not propose to
retain the existing term ‘‘willful
misrepresentation.’’ We believe that
fraud encompasses willful
misrepresentation as well as other acts
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
that may constitute civil or criminal
fraud; thus we do not believe this
proposal represents a substantive
change nor do we intend it to have a
substantive effect insofar as reducing or
limiting a State’s authority to suspend
Medicaid payments. We solicited
comments on this approach.
To conform the proposed regulation
to the requirements of the ACA, we
proposed to modify terminology in the
existing § 455.23(a) that now refers to
‘‘receipt of reliable evidence’’ to instead
refer to a ‘‘pending investigation of a
credible allegation of fraud.’’ In contrast
to the semantic change from ‘‘withhold
payments’’ to ‘‘suspend payments,’’ in
this case we believe that there is a
substantive difference between the
threshold level of certainty or proof
necessary to identify a ‘‘credible
allegation’’ versus the heightened
requirement of ‘‘reliable evidence’’ in the
current regulation.
We do not believe that the phrase
‘‘when there is pending an investigation
of a credible allegation of fraud’’
necessarily demands that an
investigation originate in or with a law
enforcement agency. Rather, State
Medicaid agencies have program
integrity units that, in the normal course
of business, receive, and conduct
investigations based upon, tips alleging
fraud, and which also conduct proactive
investigations based upon internal data
analyses and other fraud detection
techniques. We believe that State agency
investigations, though they may be
preliminary in the sense that they lead
to a referral to a law enforcement agency
for continued investigation, are
adequate vehicles by which it may be
determined that a credible allegation of
fraud exists sufficient to trigger a
payment suspension to protect
Medicaid funds.
This threshold by which a State
agency investigation may give rise to a
payment suspension is a somewhat
lesser threshold than that in the current
regulation. The preamble to the current
regulation specified that it was
anticipated the State agency would
confer with, and receive the
concurrence of, investigative or
prosecuting authorities prior to
imposing a withholding action.
However, that preamble also stated that
it was establishing mere minimum
requirements, and that States could
exercise broader power where State law
or regulation so provided. Most States
have availed themselves of the existing
Federal authority (or broader state
authority) to withhold payments, and
we believe that experience over the past
20 years offers no indication this
authority has been misused against
PO 00000
Frm 00072
Fmt 4701
Sfmt 4700
providers. Moreover, we believe this
proposed threshold is consistent with
the phrase ‘‘pending investigation of a
credible allegation of fraud’’ of the ACA.
We do anticipate that payment
suspension authority will be used more
frequently because the ACA dictates
that where there is a pending
investigation of credible allegations of
fraud against a provider, a State that
fails to suspend payments to that
provider will not receive FFP with
respect to such payments unless good
cause exists not to suspend them.
We proposed to adopt at § 455.2 the
same broad definition of ‘‘credible
allegation’’ proposed previously in the
context of the Medicare program. In
many cases, what constitutes a ‘‘credible
allegation’’ must be determined on a
case-by-case basis with the State agency
looking at all the factors, circumstances,
and issues at hand. Guided by the
experience of more than 20 years, we
are aware that States have been able to
identify ‘‘reliable evidence’’ through a
variety of means including, but not
limited to, fraud hotline complaints,
Medicaid claims data mining, and
patterns identified through provider
audits, along with the appropriate level
of additional investigation that
accompanies each of these. Moreover,
States have received referrals from State
MFCUs, other law enforcement
agencies, and other State benefits
program investigative units. We
continue to believe that State agencies
must review all allegations, facts, and
evidence carefully and act judiciously
on a case-by-case basis when
contemplating a payment suspension,
mindful of the impact that payment
suspension may have upon a provider.
We proposed at § 455.23(b) that the
State agency notify a provider of a
payment suspension in a way very
similar to the mechanism currently
specified in regulation, by which the
State agency is required to notify a
provider, specifying certain details,
within 5 days of taking such action.
However, we did propose to provide for
a 30-day period, renewable in writing
up to twice for a total not to exceed 90
days, by which law enforcement may, in
writing, request the State agency to
delay notification to a provider. We
proposed this because we believe that
occasionally an investigation may be at
a sensitive stage, perhaps involving
undercover personnel or a confidential
informant, where required notification
to the provider at a particular time
might jeopardize the investigation. We
do not believe we should extend the
delay notification beyond 90 days out of
fairness to a provider and, in any event,
a provider deriving any significant
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
revenue stream from Medicaid is likely
to itself discern the fact of a payment
suspension well in advance of 90 days.
We proposed only minor changes to
the current provisions in § 455.23(c) on
the duration of a suspension. To
comport with the ACA, we change the
term ‘‘withholding’’ to ‘‘suspension’’; this
is a semantic change that, as noted
previously, has been made throughout.
In the new § 455.23(c)(2), we propose to
require a State to notify a provider of the
termination of a payment suspension
and, where applicable, to specify the
availability to a provider of any appeal
rights under State law and regulation.
Substantively, we did not propose
significant change to the existing
duration provisions, which specify that
withholding (now, suspension) will be
temporary and will not continue after:
(1) Authorities discern that there is
insufficient evidence of fraud upon
which to base a legal action; or (2) legal
proceedings related to the alleged fraud
are completed.
We believe that maintaining the
existing duration provisions is
consistent with the ACA that requires
that FFP not be made when a State fails
to suspend payments ‘‘during any period
when there is pending an investigation
of a credible allegation of fraud against
an individual or entity.’’ We further
recognized that the Act applies a very
similar standard to the Medicare
program. We solicited comments on our
proposal to maintain the existing
duration provisions.
In § 455.23(d) of the proposed rule,
we proposed to require a State to make
a formal, written suspected fraud
referral to its MFCU or, where a State
does not have a MFCU to an appropriate
law enforcement agency, for each
instance of payment suspension as the
result of a State agency’s preliminary
investigation of a credible allegation of
fraud. This will ensure that an
appropriate full investigation by a law
enforcement agency timely ensues. If
the MFCU or other law enforcement
agency declines to accept the referral,
we proposed to require the State to
immediately release the payment
suspension unless the State refers the
matter to another law enforcement
entity or unless the State has alternative
Federal or State authority by which it
may impose a suspension. In the latter
case, the requirements of that alternative
authority, including any notice and due
process or other safeguards, will be
applicable.
We proposed to require that a State’s
formal, written suspected fraud referral
meets fraud referral performance
standards issued by the Secretary. The
currently applicable fraud referral
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
performance standards were issued by
CMS on September 30, 2008.
In § 455.23(d)(3), we proposed that on
a quarterly basis a State must request a
certification from the MFCU or other
law enforcement agency that any matter
accepted on the basis of a referral
continues to be under investigation or in
the course of enforcement proceedings
warranting continuation of the payment
suspension. We recognized that due to
various constraints, law enforcement
agencies may not be able to provide
specific updates on matters under
investigation. In recognition of the fact
that payment suspensions are only
temporary, however, we proposed to
require such quarterly certifications to
ensure, for example, that a suspension
will not be continued long after a law
enforcement agency has closed an
investigation but neglected to alert a
State agency of that fact. To maximize
State flexibility to implement this
requirement, we are not prescribing the
precise format such certifications must
take.
Consistent with the new ACA
provision, we also proposed to create
several ‘‘good cause’’ exceptions by
which States may determine good cause
exists not to suspend payments or to
suspend payments only in part. In new
§ 455.23(e) we included several
circumstances that we believe constitute
‘‘good cause’’ for a State to determine not
to suspend payments, or not to continue
a payment suspension previously
imposed, to an individual or entity
despite a pending investigation of a
credible allegation of fraud. In
§ 455.23(e)(1), we proposed a good
cause exception based upon specific
requests by law enforcement that State
officials not suspend (or continue to
suspend) payment. There are numerous
reasons for which law enforcement
personnel might make such a request,
including that imposing a payment
suspension might alert a potential
perpetrator to an investigation at an
inopportune or particularly sensitive
time, jeopardize an undercover
investigation, or potentially expose
whistleblowers or confidential sources.
In § 455.23(e)(2), we proposed a good
cause exception if a State determines
that other available remedies
implemented by the State could more
effectively or quickly protect Medicaid
funds than would implementing (or
continuing) a payment suspension. For
example, law enforcement personnel
might request that a court immediately
enjoin potentially unlawful conduct or
prevent the withdrawal, removal,
transfer, disposal, or dissipation of
assets, either or both of which might
protect Medicaid funds more fully or
PO 00000
Frm 00073
Fmt 4701
Sfmt 4700
5933
quickly than would imposition of a
payment suspension.
Paragraph (e)(3) proposed a good
cause exception based upon a
determination by the State agency that
a payment suspension is not in the best
interests of the Medicaid program. It is
conceivable that a State may, in rare
situations, face exigent circumstances
with respect to a suspension situation
not addressed by the other good cause
exceptions specified here but where it
otherwise determines suspension would
not be in the State Medicaid program’s
best interests. This broad standard is
intended to reflect that payment
suspension is a very serious action that
can potentially lead to dire
consequences, but that it is impossible
to specify detailed contingencies with
respect to every possible scenario that
might arise. We did not anticipate that
States will frequently make use of this
exception; however where this
exception is utilized we do require that
States document their use of this
exception, and will closely monitor its
implementation to determine whether
further regulation is necessary. We
solicited comments on this approach.
In paragraph (e)(4), we proposed a
good cause exception based upon a
determination by the State of an adverse
effect of the suspension on beneficiary
access to necessary items or services.
We envision there may be scenarios in
which a payment suspension to a
provider might jeopardize a provider’s
ability to continue rendering services to
Medicaid beneficiaries, thus threatening
Medicaid beneficiaries’ access to care.
Utilizing a standard identical to that
which CMS and the HHS OIG apply in
assessing requests for waivers of
exclusion at Parts 402 and 1001 of Title
42, for example, we posit one basis for
a good cause exception from payment
suspension is if a provider under
investigation is a sole community
physician or the sole source of
specialized services available in a
community. Likewise, in Federallydesignated medically underserved areas
the potential impact of a payment
suspension upon a large provider might
equally threaten recipient access, thus
this underlies a second access
exception. We welcomed comments on
this approach, including comments with
respect to other metrics by which to
assess potential beneficiary jeopardy in
terms of access to necessary items or
services.
Finally, in paragraph (e)(5) we
proposed a good cause exception that
would permit (but not require) a State
to discontinue an existing suspension to
the extent law enforcement declines to
cooperate in certifying under the
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5934
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
requirements of paragraph (d)(3) that a
matter continues to be under
investigation and therefore warrants
continuing the suspension.
We do not interpret the new provision
in the ACA as mandating that a State
must always suspend all payments to a
provider in cases of an investigation of
a credible allegation of fraud. In general,
we continue to believe a payment
suspension should apply to all of a
provider’s claims consistent with the
HHS OIG’s responses to comments in
the 1987 regulations that it is usually
difficult to determine which claims are
clean claims until after an investigation
is completed, and one purpose of
payment suspension is to build a type
of escrow account out of which any
overpayments can be deducted when an
investigation is concluded.
With certain new constraints,
however, we have chosen to continue to
allow States the flexibility to suspend
payments in part. For example, as stated
in the preamble to the current
regulation, there may be times where an
investigation is solely and definitively
centered on only a specific type of claim
in which case a State may determine it
is appropriate to impose a payment
suspension on only that type of claim.
Likewise, a State might determine that
an investigation of a credible allegation
of fraud is limited to a particular
business unit or component of a
provider such that a suspension need
not apply to certain business units or
components of a provider.
Balancing these approaches, we
proposed to allow States to implement
a partial payment suspension, or, where
appropriate, to convert a previously
imposed full payment suspension to a
partial payment suspension, if justified
via a good cause exception. The good
cause exceptions for partial suspension
at paragraphs (f)(1) and (2) mirror those
at paragraphs (e)(4) and (3),
respectively, and allow the State to
adopt a partial payment suspension
where suspension in whole would so
jeopardize a recipient’s access to items
or services as to endanger the recipient’s
life or health, or where the State deems
it in the best interests of the Medicaid
program. At paragraph (f)(3), we
proposed that a State may avail itself of
the good cause exception to suspend
payments only in part if the nature of
the credible allegation is focused solely
and definitively on only a specific type
of claim or arises from only a specific
business unit of a provider, and the
State determines and documents in
writing that a payment suspension in
part would effectively ensure that
potentially fraudulent claims were not
continuing to be paid. Many such cases
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
will still demand suspension in full, but
this provision, which we anticipate
States would exercise sparingly, gives
States flexibility to act otherwise in
those limited circumstances where
appropriate. Finally, at paragraph (f)(4),
we proposed that a State may avail itself
of the good cause exception to convert
a payment suspension in whole to one
only in part to the extent law
enforcement declines to cooperate in
certifying under the requirements of
paragraph (d)(3) that a matter continues
to be under investigation. We solicited
comment on these proposed
approaches.
We proposed in new paragraph (g) to
add several reporting and document
retention guidelines to § 455.23.
Payment suspension authority is
critically important to protect Medicaid
funds, but payment suspension can
have dire consequences to a provider.
Payment suspension authority,
including a State’s exercise of a good
cause exception to otherwise address a
suspension situation, must be exercised
responsibly by a State at all stages, from
the inception to the termination of the
suspension. Through, among other
things, our State Program Integrity
Reviews, we expect to maintain close
oversight of State utilization of
suspension authority. However, to be
clear, we expressly and explicitly do not
expect State compliance (or
noncompliance) with these
documentation or retention provisions
to give rise to any enforceable right of
a provider aggrieved by any real or
perceived failures with respect to these
requirements to seek any form of redress
(administratively, judicially, or
otherwise).
Under these final reporting and
retention guidelines, States are required
to maintain for a minimum of 5 years
from the date of issuance all materials
documenting the life cycle of a payment
suspension that is imposed, including:
(1) All notices of suspension of payment
in whole or part; (2) all fraud referrals
to MFCUs or other law enforcement
agencies; (3) all quarterly certifications
by law enforcement that a matter
continues to be under investigation; and
(4) all notices documenting the
termination of a suspension. Likewise,
we proposed to require States to
maintain for the same period all
documentation justifying the exercise of
the good cause exceptions. Finally, we
proposed to require States to annually
report to the Secretary information
regarding the life cycle of each payment
suspension imposed and any
determinations to exercise the good
cause exceptions not to suspend
payment, to suspend payment only in
PO 00000
Frm 00074
Fmt 4701
Sfmt 4700
part, or to discontinue a payment
suspension.
To effectuate section 6402(h)(2) of the
ACA’s prohibition on expenditure of
FFP where a State fails to suspend
payments that should, by virtue of the
ACA standard and this proposed rule,
have been suspended, we proposed to
add a new § 447.90. Paragraph (a) of
proposed § 447.90 specifies the basis
and purpose for the new provision,
while paragraph (b) specifies the general
rule that FFP would not be available
with respect to items or services
furnished by an individual or entity to
whom the State has failed to suspend
Medicaid payments during any period
where there is pending an investigation
of a credible allegation of fraud against
the individual or entity except in
specified circumstances that include
certain emergency circumstances, or if
good cause exists as specified at
§ 455.23(e) or (f).
As mentioned, we anticipate that
CMS’ enforcement and monitoring of
these provisions will largely be
accomplished through measures such as
State Program Integrity reviews
conducted by CMS. Such reviews will,
among other things, evaluate States’
complaint intake and investigation
efforts, and assess whether States have
an effective process to move matters
where there are found to be credible
allegations of fraud to the point where
they are evaluated for payment
suspension. However, we do not believe
it is viable to require States to report
and document to CMS every instance of
where any allegation of fraud arises and
further qualify which ones rise to the
level of credible allegation. We want to
foster effective and efficient State
program integrity efforts with respect to
which payment suspension is an
integral component, but we do not want
to create a system so procedurally
onerous that it overwhelms a State’s
ability to substantively perform this
critical work. Nevertheless, we will
thoroughly investigate and act by,
among other things, deferring and/or
disallowing FFP in accordance with
§ 430.40 and § 430.42, if program
integrity reviews or other methods of
ensuring State compliance with
Medicaid program requirements reveal a
State is failing to suspend payments (or
inappropriately applying a good cause
exception) where pending investigations
of credible allegations of fraud do exist.
A State may not claim (on its Form
CMS–64) FFP for payments that are
suspended. Any State that does not
suspend payments, or that suspends
payments but continues to claim FFP
with respect to what would have been
paid had no suspension been in place,
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
puts that FFP at risk. In such cases, we
would pursue a deferral and/or
disallowance to reclaim the Federal
portion of such payment. We solicited
comments on CMS’ proposed oversight
approach.
Finally, three provisions were
proposed to be added to the regulations
at § 1007.9 that specify the State
MFCU’s relationship to, and agreement
with, the State Medicaid agency. These
proposed revisions were necessary to
effectuate the proposed revisions under
§ 455.23. The regulations at 42 CFR part
1007 are enforced by HHS OIG as part
of its delegated authority to certify and
fund the State MFCUs. (See August 15,
1979 final rule (44 FR 47811). However,
we are including amendments to part
1007 here to ensure a comprehensive
regulatory package that sets forth in one
location the Department’s
implementation of the suspension
provisions of section 6402(h) of the
ACA.
The first of these provisions proposes
to add a new paragraph (e) to § 1007.9
that specifies that the MFCU may refer
to the State agency any provider against
which there is pending an investigation
of a credible allegation of fraud for
purposes of payment suspension in
accord with § 455.23. Allegations of
potential fraud may first be identified by
the MFCU rather than by the State
agency, so this provision merely
formalizes a path from the MFCU to the
State agency so a payment suspension
may be implemented where appropriate.
This provision also proposed that any
referral to the State agency for
consideration of a payment suspension
be in writing. The written referral need
not be extensive, but must include
information adequate to enable the State
agency to identify the provider and a
brief explanation of the credible
allegations forming the grounds for the
payment suspension. The second
proposed addition to § 1007.9 proposed
to add a new paragraph (f) providing
that any request by the unit to the State
agency to delay notification of
suspension to a provider pursuant to the
provisions of the proposed
§ 455.23(b)(1)(ii) come in writing.
Requiring that such requests be made in
writing (which could take the form of an
email) provides for an audit trail to
ensure that proper procedures are
followed. However, we expressly do not
intend for this requirement to create any
substantive right upon which a provider
might lodge objection or other legal
challenge to the extent the proper
procedures were not followed. Last, a
new paragraph (g) was proposed to
require the unit to notify the State
agency in writing when it has accepted
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
or declined a case referred by the State
agency. Aside from also creating an
audit trail, this proposed provision is
important in that it would alert the State
agency as to the status of a referral,
which would shape how the State
agency would handle a suspension
under the proposed revisions to
§ 455.23.
We received the following comments:
Comment: Several commenters
expressed concern regarding the
definition of ‘‘credible allegation of
fraud.’’ Specifically, several commenters
requested that CMS provide an exact
definition of ‘‘credible allegation of
fraud’’ as well as specific standards and
guidelines for providers to follow to
make a determination regarding what is
a credible allegation of fraud. One
commenter suggested removing the
word ‘‘fraud’’ from the term. Other
commenters indicated that the
definition of what is credible or reliable
under the proposed rule is circular, that
is, an allegation is credible if it has
‘‘indicia of reliability.’’ In addition,
several commenters have suggested that
the new evidentiary threshold is too
low.
Response: The term ‘‘credible
allegation of fraud’’ is a statutory term as
reflected in section 6402(h) of the ACA.
Accordingly, we do not have the
authority to change the term. We have
considered these comments but decline
to provide a more exact definition,
recognizing that different States may
have different considerations in
determining what may be a ‘‘credible
allegation of fraud.’’ Accordingly, we
believe that States should have the
flexibility to determine what constitutes
a ‘‘credible allegation of fraud’’
consistent with individual State law.
We will neither seek to limit what States
may determine qualifies as a ‘‘credible
allegation of fraud’’ nor will we require
States to consult with HHS in making
such a determination.
Comment: One commenter suggested
that CMS should update its policies and
procedures and develop consistent and
standard guidance to State Medicaid
programs regarding the determination of
credible allegations of fraud.
Response: We will review our current
policies and procedures in light of the
regulatory changes contained in this
rule, and will provide updated guidance
to States as necessary.
Comment: Several commenters
expressed concern that the evidentiary
standard is too low and urged CMS to
retain the current standard, by which
they suggested defining a ‘‘credible
allegation of fraud’’ as ‘‘reliable
information that fraud or willful
misrepresentation exists’’ as a
PO 00000
Frm 00075
Fmt 4701
Sfmt 4700
5935
component of the basis for suspension
of payments under § 455.23(a).
Response: In the proposed rule, we
acknowledged that the proposed
threshold for triggering a payment
suspension is lower than what is
contemplated in current regulations, but
we also indicated that we believe this
result is dictated by the ACA. However,
in this final rule with comment period,
we are amending the definition of
‘‘credible allegation of fraud’’ at § 455.2,
which in the proposed rule read, in
pertinent part, ‘‘[a]llegations are
considered to be credible when they
have indicia of reliability’’ to include the
following: ‘‘and the State Medicaid
agency has reviewed all allegations,
facts, and evidence carefully and acts
judiciously on a case-by-case basis.’’ Due
to use of just the word ‘‘fraud’’ in section
6402(h)(2) of the ACA, we proposed to
remove the term ‘‘willful
misrepresentation’’ from existing
regulation, though as we noted in the
proposed rule, we take the position that
‘‘fraud’’ includes ‘‘willful
misrepresentation.’’
Comment: A few commenters
suggested that the final regulation
should include a requirement and a
discussion to provide technical
guidance to State Medicaid programs
that clarifies the term ‘‘fraud’’ as a legal
term and one that carries evidence of a
willful intent to deceive.
Response: The definition of fraud, for
purposes of Medicaid program integrity,
is reflected in existing regulations at
§ 455.2 and reads as follows: ‘‘an
intentional deception or
misrepresentation made by a person
with the knowledge that the deception
could result in some unauthorized
benefit to himself or some other person.
It includes any act that constitutes fraud
under applicable Federal or State law.’’
Medicaid fraud is addressed through,
for example, civil remedies imposed
under Federal and State false claims
acts, as well as through criminal
prosecutions.
Comment: Numerous commenters
expressed concerns regarding the list of
potential sources of credible allegations
of fraud. Specifically, several
commenters expressed concern about
false reports of fraud that may be
generated by competitors or disgruntled
employees. In addition, there were
numerous comments that expressed
concern over allegations received
through a fraud hotline and whether
such allegations could be considered to
be reliable. Another commenter
suggested that anonymous hotlines
should refer to State-operated Medicaid
fraud hotlines as well as specify to
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5936
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
whom or what entity the fraud hotline
complaints are being made.
Response: First, we will not seek to
limit the potential sources from which
States may derive credible allegations of
fraud. We provided examples of sources
for States to consider and will clarify in
the final regulation that we are not
limiting such sources. We recognize that
credible allegations may come from a
variety of sources. Second, with respect
to identifying fraud hotlines as a
potential source of a credible allegation
of fraud, we recognize that there may be
irrelevant or false reports made through
hotlines. Due to the potential for not just
false allegations, but also the equal
possibility of honest mistakes and the
like, we encourage States to not solely
rely on a singular allegation without
considering the total facts and
circumstances surrounding such
allegations. In the proposed rule, we
indicated that States ‘‘must review all
allegations, facts, and evidence carefully
and act judiciously on a case-by-case
basis * * *’’. As noted previously, we
are including this language in the final
rule with comment period in the
definition of ‘‘credible allegation of
fraud’’ at § 455.2. We take the position
that States should have the flexibility to
determine what they deem to be reliable
sources for credible allegations of fraud.
Finally, we will not identify which
specific fraud hotlines States may use.
We are aware that there may be a variety
of hotlines. For example, States may
have different components within their
respective agencies that utilize hotlines
or State law enforcement agencies may
also utilize hotlines from which credible
allegations may be generated.
Accordingly, we will not seek to limit
the type of hotline States use as sources
for credible allegations of fraud.
Comment: Commenters indicated that
discussions of investigations and
credible allegations of fraud need to
defer to State and Federal legal
definitions of ‘‘fraud.’’ In addition,
commenters suggested that existing
Federal regulations indicate that
investigating fraud is the responsibility
of State Medicaid Fraud Control Units
(MFCU). Accordingly, MFCUs should be
the designated investigators of
allegations of fraud.
Response: First, as noted previously,
‘‘fraud’’ is defined in existing regulations
at § 455.2. Second, we disagree that only
the MFCU may investigate allegations of
fraud. While MFCUs clearly play a key
role in investigating and prosecuting
Medicaid fraud, most, if not all, States
have program integrity units that, in the
normal course of business, receive
hotline and other tips about potential
fraud, and conduct proactive
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
investigations based upon internal data
analyses and other fraud detection
techniques. Program integrity units have
the responsibility under existing Federal
regulations at § 455.14 and
§ 455.15(a)(1) and the proposed
regulation at § 455.23(d) of determining
whether allegations constitute fraud,
and if they do, referring the matter to
the MFCU or an appropriate law
enforcement agency for further
investigations. Thus, we do not believe
MFCUs are the sole investigators of
fraud.
Comment: Several commenters
requested that CMS clarify whether a
finding of billing errors during an audit
that are not related to allegations of
fraud would trigger a payment
suspension.
Response: Irrespective of the
circumstances, absent pending
investigations of credible allegations of
fraud, payment suspensions would not
be triggered under these regulations,
although that does not preclude the
possibility that a State may exercise its
own broader suspension authority in
other circumstances.
Comment: Several commenters
requested clarification regarding
whether States should determine the
credibility of an allegation of fraud prior
to initiating a suspension action.
Response: Due to the potential for not
just false allegations, but also for good
faith mistakes, misunderstandings, and
misinterpretations regarding reports of
alleged fraud as well as data analysis
errors, we encourage States not to rely
on any singular allegation or data run
but rather States should review all
allegations, facts, and data carefully and
act judiciously on a case-by-case basis,
mindful of the potential impact a
payment suspension may have on a
provider.
Comment: One commenter suggested
that we include the term ‘‘abuse’’ as a
basis for payment suspension and not
limit such suspensions to investigations
of ‘‘credible allegations of fraud.’’
Response: We decline to add the term
‘‘abuse’’ to Federal regulations in the
context of payment suspensions, as the
phrase we have adopted, ‘‘credible
allegation of fraud’’ has a statutory basis
reflected in section 6402(h) of the ACA.
As a practical matter, however, conduct
that constitutes abuse as opposed to
fraud (we note that both terms are
defined at § 455.2) may be
indistinguishable not just at the outset
of an investigation but even through the
course of an investigation and
enforcement proceedings and may hinge
on fine factual distinctions or legal
points including knowledge and intent,
and this regulation would not preclude
PO 00000
Frm 00076
Fmt 4701
Sfmt 4700
the imposition of a suspension in such
a circumstance so long as there is a
credible allegation of fraud. Moreover,
this regulation presents a floor for
protection of Medicaid funds and does
not bar a State from setting a higher bar
allowing for imposition of suspensions
in other circumstances.
Comment: One commenter expressed
concern regarding Federal oversight and
whether such oversight will amount to
second-guessing a State’s determination
of what constitutes a credible allegation
of fraud.
Response: We do not intend to
second-guess State determinations
regarding credible allegations of fraud.
We intend to work collaboratively with
States to prevent critical Medicaid
funds. The purpose of Federal oversight
is to ensure that States have effective
processes in place in order to make
determinations regarding credible
allegations of fraud.
Comment: Several commenters
expressed concern regarding the lack of
a definition for the phrase ‘‘indicia of
reliability’’ and requested CMS to
provide one.
Response: We have considered the
concerns of commenters, but decline in
this final rule with comment period to
define ‘‘indicia of reliability.’’ We
recognize the possibility that there may
be differing standards among States
with respect to what may be considered
‘‘indicia of reliability,’’ but also, as we
have noted several times in these
responses, we expect States to gauge the
credibility of allegations through a lens
after reviewing all allegations, facts,
data, and evidence carefully and that
State action will be exercised
judiciously on a case-by-case basis.
Comment: Several commenters want
CMS to define ‘‘investigation’’ of a
credible allegation of fraud. One
commenter inquired whether a State
may rely on its MFCU to determine if
an allegation of fraud is credible. Other
commenters suggested that the State and
its investigators are in the best position
to determine when credible allegations
of fraud should lead to a payment
suspension, such that CMS should rely
on the judgment of these individuals in
deciding whether to withhold FFP.
Certain commenters also wanted to
know if the process of determining
whether an allegation of fraud is
credible is sufficient to trigger a
payment suspension.
Response: We recognize that the
process to determine whether an
allegation of fraud is credible may vary
among States, and we defer to States—
applying the principles of careful
review and judicious action to which
we refer several times in these responses
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
and which we now include in the final
rule with comment period—to
determine whether an allegation or
complaint rises to the level of a credible
allegation of fraud. We do not want to
limit a State’s due diligence process or
preliminary investigations with respect
to its assessment of credibility. Nor do
the proposed regulations specify or limit
who, or what other agency, may assist
the State agency with the investigation
or validation of credible allegations of
fraud. Nevertheless, if it is determined
that an allegation is credible, a State
must still submit a formal written
referral to its MFCU irrespective of
whether the MFCU assisted in
validating an allegation’s credibility.
Finally, the mere fact of an investigation
to assess the credibility of a fraud
allegation is insufficient to trigger a
payment suspension. Rather, a payment
suspension is triggered when that there
is, in fact, a pending investigation of a
credible allegation of fraud. We will
clarify this in the regulation.
Comment: One commenter suggested
that the notice of suspension to
providers should be sent by certified
mail, set forth the specific (not general)
allegations and inform the providers of
the State’s administrative review
process and provide appropriate
citation. Another commenter suggested
revising the language in § 455.23(b)(2)(v)
regarding notice of suspension to
include information about any
administrative appeal procedures that
are available under State law. Other
commenters suggested that notice be
furnished to providers prior to the
implementation of an adverse action
such as payment suspensions. One
commenter suggested giving States more
discretion regarding when notices of
suspension should be furnished to
providers. One commenter in particular
indicated that bi-weekly remittance
advisories are issued to providers that
would, in effect, disclose the State’s
actions.
Response: We believe that we should
afford States the flexibility to determine
the best method of delivery of notices of
suspension so we decline to take an
overly prescriptive approach in this
regulation. However, we agree that a
notice of suspension furnished to a
provider should appropriately reference
the general allegations upon which a
suspension is based as well as any
existing State appeals process.
Accordingly, we will revise the
proposed language to reflect the
inclusion of State administrative appeal
procedures in the notice of suspension
to providers. We do not agree that
providers should be given notice of a
payment suspension prior to such
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
action being taken. We recognize the
sensitive nature of a fraud investigation
which may be jeopardized by such
notice, and expect that State agencies
will act appropriately so as not to
jeopardize any investigation.
Comment: Commenters suggested that
if a provider or supplier who is subject
to a payment suspension submits an
acceptable written rebuttal statement as
to why the suspension should be
removed, then this should qualify as
‘‘good cause’’ as currently permitted
under § 405.372(b). In other words, a
rebuttal could establish a good cause
exception to end a payment suspension.
Several other commenters suggested
that in cases of economic hardship, a
provider should be able to submit
evidence of this fact for consideration
by the State in determining whether to
terminate a payment suspension, and
requested that CMS create an expedited
review process. Commenters also
suggested that the regulations should
acknowledge the severe financial impact
of a payment suspension and should
limit the scope of the suspension to the
services under review.
Response: We believe that the
proposed regulation as written allows a
State to account for a provider’s rebuttal
statement. Specifically, as proposed at
§ 455.23(e), States have the flexibility to
make a determination that a payment
suspension is not in the best interests of
the Medicaid program. States also have
the option to suspend payments only in
part if there is good cause. Therefore, we
do not believe that an additional good
cause exception is necessary. Moreover,
as the existing Medicaid suspension has
for more than 20 years, we continue to
defer to any State administrative (or
judicial) review processes, and therefore
decline to require States to adopt an
expedited review process. Nevertheless,
we are including new good cause
exceptions in this final rule with
comment period at § 455.23(e)(3) and
(f)(2) to allow a State to terminate a
whole payment suspension or impose a
payment suspension only in part if a
provider furnishes written evidence that
persuades the State that a payment
suspension should be terminated or
imposed only in part. Furthermore, the
preamble acknowledges and requests
States to be mindful of the impact that
suspensions may have upon providers.
Comment: One commenter inquired
whether ‘‘good cause’’ is established if
the items or services are furnished as an
emergency.
Response: Section 1903(i)(2) of the
Act provides for a limited exception for
payment to be made with respect to
emergency items or services, though not
including items or services furnished in
PO 00000
Frm 00077
Fmt 4701
Sfmt 4700
5937
the emergency room of a hospital. We
believe this statutory exception speaks
for itself and we do not need to
otherwise address or expand upon it in
these regulations.
Comment: Commenters have
suggested that the proposed ‘‘good
cause’’ regulatory provisions should
include the language contained in the
preamble acknowledging that ‘‘reliable
evidence should be determined on a
case-by-case basis with the State agency
looking at all the factors, circumstances,
and issues at hand * * * ’’ (75 FR
58224).
Response: We disagree that this
language belongs in the ‘‘good cause’’
regulatory provisions. Instead, we have
revised the definition of ‘‘credible
allegation of fraud’’ to reflect that States
must carefully review all allegations,
facts and evidence on a case-by-case
basis. Accordingly, we do not see the
need to include this language in the
‘‘good cause’’ regulatory provisions.
Comment: One commenter suggested
that CMS consider placing the catchall
of ‘‘not in the best interests of the
Medicaid program’’ reflected in
§ 455.23(e)(3) and similarly the catchall
reflected at subparagraph (f)(2) of
‘‘* * * payment suspension in part is in
the best interests of the Medicaid
program’’ at the end of the respective
subparagraphs.
Response: We agree and will make
such changes in the final regulation.
Comment: One of the good cause
exceptions not to suspend payments to
Medicaid providers is when ‘‘an
individual or entity is the sole
community physician or the sole source
of essential specialized services in a
community.’’ (emphasis added) One
commenter suggested replacing ‘‘in a
community’’ with ‘‘for a particular
beneficiary population.’’
Response: We disagree. We are
concerned about negatively impacting
beneficiary access to care so this
exception does not turn on whether a
provider serves a particular beneficiary
population, but on whether a
beneficiary’s access to necessary care is
impeded. Thus, the good cause
exception may be applied when a
beneficiary’s access to care is
jeopardized because he/she cannot
obtain necessary services from a
particular provider type.
Comment: Several commenters
questioned whether the requirements of
this section would apply to Medicaid
managed care, including whether the
term ‘‘provider’’ includes managed care
entities, whether managed care
capitation payments are included in
suspensions when an individual
network provider is under investigation;
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5938
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
and what would be the process for
notifying a managed care entity of a
credible allegation of fraud.
Response: The rules governing
payment suspensions based upon
pending investigations of credible
allegations of fraud apply to Medicaid
managed care entities. If there is a
pending investigation of a credible
allegation of fraud against a Medicaid
managed care organization (MCO),
prepaid inpatient health plan (PIHP),
prepaid ambulatory health plan (PAHP),
or health insuring organization (HIO) at
the plan level, the State should address
the issue either through imposing a
payment suspension or through other
authorities that may be available to
them under State law or as part of the
State’s negotiated agreement with the
Medicaid MCO, PIHP, PAHP, or HIO.
The same would hold true for pending
investigations of credible allegations of
fraud regarding individual network
providers. Managed care capitation
payments may be included in a
suspension when an individual network
provider is under investigation based
upon credible allegations of fraud,
depending on the allegations at issue.
We would expect the process regarding
the notice of suspension to a Medicaid
MCO, PIHP, PAHP, or HIO to follow the
criteria as outlined in this final rule
with comment period.
Comment: Some commenters
requested clarification regarding
whether FFP extends to managed care
entities’ capitation payment.
Response: FFP extends to Medicaid
MCOs’, PIHPs’, PAHPs’, and HIOs’
capitation payments. Accordingly, if a
State fails to suspend payments to such
an entity for which there is a pending
investigation of a credible allegation of
fraud, without good cause, FFP may be
disallowed with regard to such
payments to the managed care entity.
Comment: Several commenters
requested that CMS clarify whether
interest accrued on suspended
payments to providers is eligible for
FFP.
Response: FFP is not available for
interest accrued on suspended
payments to providers.
Comment: Commenters asked how
CMS will notify a State that FFP is to
be suspended as a result of payment to
an entity for items or services for which
the State has received a credible
allegation of fraud. Will the State
receive advanced notice of the FFP
suspension and be given the
opportunity to correct or will the
suspension be immediate?
Response: The process for deferring
and disallowing FFP is governed by
§ 430.40 and § 430.42, respectively.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Generally, we take action to defer the
claim (by excluding the claimed amount
from the grant award) within 60 days
after the receipt of a Quarterly
Statement of Expenditures (prepared in
accordance with our instructions) that
includes that claim. The notice of
deferral to the State is provided by CMS
within 15 days of such deferral. The
notice should identify the type and
amount of the deferred claim and
specify the reason for deferral. The State
is also requested to make available all
the documents and materials that CMS
believes are necessary to determine the
allow-ability of the claim. However,
prior to taking action to defer or
disallow FFP, we may engage States to
request that impermissible claims for
FFP are removed from the Quarterly
Medicaid Statement of Expenditures for
the Medicaid Assistance Program (Form
CMS–64).
Comment: One commenter asked, if
CMS suspends a State’s FFP, and the
allegations of fraud are cleared after the
fact, what the process will be to restore
FFP.
Response: When we determine claims
associated with deferred or disallowed
FFP are permissible, we will release the
deferred or disallowed funds to the
State by providing FFP for the subject
claims.
Comment: One commenter expressed
concern regarding what the commenter
saw as a ‘‘shift in evaluation of the
appropriateness of suspensions away
from the Medicaid agency and entities
investigating the allegations of fraud to
the exclusive and unilateral discretion
of CMS’’ as well as a broad and
sweeping increase in CMS’s ability to
impose a deferral of FFP.
Response: We have long had the
authority to withhold FFP and the
payment suspension rule is not an
attempt to inappropriately withhold
FFP from States. Instead, the rule is
intended to protect precious Medicaid
dollars from fraudulent providers, an
effort in which we view the States as
partners. Generally, we will withhold
FFP only where a State has
unreasonably or repeatedly failed to
suspend payments or otherwise
terminate a payment suspension where
there are credible allegations of fraud.
Comment: One commenter suggested
that the proposed rule regarding
suspension of payments to Medicaid
providers gives Medicaid agencies an
improper incentive to aggressively deny
payments to providers or risk losing
FFP.
Response: We disagree. As we
explained in the proposed rule, State
Medicaid agencies have long had the
authority to suspend payments to
PO 00000
Frm 00078
Fmt 4701
Sfmt 4700
providers based upon suspected
fraudulent conduct. Our goal is to
ensure that State agencies appropriately
suspend payments from potentially
fraudulent providers, in order to protect
critical Medicaid dollars from falling
into the hands of such providers. In this
rule we encourage State agencies to
suspend payment based upon pending
investigations of credible allegations of
fraud only after reviewing all of the facts
and circumstances surrounding a
particular case and making a
determination that such suspension is
in fact warranted.
Comment: One commenter suggested
that the suspension of payments could
be interpreted to have retroactive
application to providers who have
already been referred to MFCUs or other
law enforcement agencies:
Response: We will not require States
to retroactively apply the law regarding
suspension of payments based on
pending investigations of credible
allegations of fraud. However, upon the
effective date of this final rule with
comment period, we expect States; to
the extent they have not already done
so, to suspend payments to providers
against whom there exist pending
investigations of credible allegations of
fraud.
Comment: Commenters have sought
clarification regarding whether the
proposed rule applies to individual
providers who are employed or
contracted by institutional providers.
Response: The payment suspension
rule applies to institutional providers as
well as enrolled providers who are
employed or contracted by such
institutional providers.
Comment: One commenter wanted
CMS to clarify whether the ‘‘individual
or entity’’ under investigation is the
same ‘‘individual or entity’’ subject to
the payment suspension.
Response: Yes, the ‘‘individual or
entity’’ under investigation is the same
‘‘individual or entity’’ that is subject to
the payment suspension.
Comment: Several commenters
expressed concern with States’
compliance dates with the Medicaid
payment suspension rule because some
States may require State law or
regulatory changes in order to be able to
implement the rule. Certain commenters
also expressed similar concerns that the
proposed document retention
requirements exceed time frames
currently required by their State laws.
Response: We encourage the State
Medicaid or program integrity director
of any State that faces State legislative,
regulatory, or administrative
implementation obstacles to contact us
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
in order to work out a plan of
resolution.
Comment: One commenter suggested
that the process for quarterly reporting
and certification at § 455.23(d) is
onerous to the State and the MFCU. The
commenter further indicated that
reporting is already addressed in
Memoranda of Understanding between
the States and the MFCUs, and
therefore, additional reporting
requirements would be burdensome on
the State.
Response: We disagree, and in the
proposed rule stated that we would not
prescribe the format that such
certifications must take to maximize
State flexibility. The Memoranda of
Understanding between the States and
the MFCUs routinely do not address
reporting and documentation to the
degree that will be required by
§ 455.23(d). Moreover, in the proposed
rule we emphasized that payment
suspensions should be temporary and
we noted the profound impact that a
payment suspension can have upon a
provider. We believe that the quarterly
reporting and certification process is an
important protection for providers to
ensure that suspensions do not continue
after law enforcement has concluded its
investigation but did not report this
information to the State Medicaid
agency.
Comment: Some commenters
suggested that documentation and
record retention in instances regarding
the decision to not suspend payments is
expensive and unnecessary given the
high volume of unfounded allegations.
These commenters also suggested that
the requirement to report summary
information to the Secretary is
duplicative given that CMS will be
reviewing State actions on suspension
of payment during periodic on-site
program integrity reviews.
Response: We disagree. As we
generally discuss in both these
responses and in the proposed rule, we
are balancing a number of interests
including: (1) A statutory directive from
the ACA that FFP not be paid in certain
circumstances; (2) a payment
suspension provision that, if not
rigorously and carefully administered,
can detrimentally impact honest
providers; and (3) CMS’ intent to
maintain its appropriate oversight role
but at the same time not to arbitrarily or
unreasonably second-guess State
decision-making. As such, we believe
rigorous documentation requirements
that go beyond what may be reviewed
during on-site program integrity reviews
actually serve to protect everyone’s
interests. Moreover, we believe it is
particularly important that States
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
carefully document those processes that
require special judgment calls, such as
with respect to exercising the various
good cause exceptions, so that, upon
CMS review, FFP is not inappropriately
withheld.
Comment: One commenter
recommended that Medicaid State
agencies should be allowed to share
potentially helpful information with
their MFCUs without following the
requirements in the proposed rule
regarding documentation and timing of
the referral of a credible allegation of
fraud.
Response: We fully agree with the
notion that States may share
information or otherwise consult with
their MFCUs, recognizing that States
may need to consult and/or exchange
information with their respective
MFCUs prior to making a formal
referral, and do not seek to limit or
otherwise define the circumstances by
which States make such
communications. We disagree, however,
with the proposition that States should
not need to follow our proposed MFCU
documentation/referral requirements,
which we believe are important for
reasons similar to those addressed in the
previous response, thus we will not
alter the proposed documentation and
timing requirements.
Comment: Certain commenters have
suggested that it will be cumbersome to
require the State to obtain a written
certification from the MFCU or other
law enforcement agency that any matter
that is accepted on the basis of a referral
continues to be under investigation or in
the course of enforcement proceedings
warranting continuation of the payment
suspension every 90 days. In addition,
these commenters expressed concern
that this requirement will result in a
substantial increase in workload and
could result in increased staffing levels.
Commenters also suggested that existing
methods of communication regarding
caseload and referrals between the
States and the MFCUs should be
sufficient.
Response: We disagree with the
proposition that the quarterly law
enforcement certification requirement is
overly cumbersome or that the
documentation requirements finalized
here will result in substantial increases
in workload. As we have indicated
previously in these responses and in the
proposed rule, we believe rigorous
documentation requirements are in
everyone’s interest. Moreover, to
maintain State flexibility, we are not
prescriptive with respect to the format
of the quarterly certification. States have
long had authority to implement
payment suspensions and, though we
PO 00000
Frm 00079
Fmt 4701
Sfmt 4700
5939
formalize certain documentation and
referral requirements here, we believe
that most States that have used
suspension authority likely have
rigorous documentation requirements
already in place to ensure they are able
to adequately justify suspension actions
and withstand any provider challenges.
Comment: With regard to formal fraud
referrals issued by the State to the
MFCU or other law enforcement agency,
one commenter suggested combining
the relevant NPIs of the affected
providers into one referral instead of
referring individual cases.
Response: This is outside the scope of
the proposed rule and therefore we will
not address this issue at this time.
Comment: One commenter suggested
that the regulation at § 455.23(g)
proposing to require States to annually
report to the Secretary information
regarding the life cycle of each payment
suspension imposed and any
determinations to exercise the good
cause exceptions not to suspend
payment, to suspend payment only in
part, or to discontinue a payment
suspension, be modified. Specifically,
the commenter suggested that such
annual report be filed only if such
information is shared by law
enforcement.
Response: We disagree with the
commenter’s proposition for two
reasons. First, a number of the elements
the commenter points out are not
contingent on any response from law
enforcement. Second, we certainly
appreciate that States can only report on
the information that is in their
possession, but believe that annual
reporting should not be contingent on
whether law enforcement has shared
such information. Importantly, to the
extent that annual reporting reveals gaps
where law enforcement has neglected or
refused to share information it will
illustrate where CMS may have to
exercise additional oversight authority
to attempt to close such gaps. Likewise,
law enforcement’s ‘‘failure to
communicate’’ may be a significant
factor in a State’s decision to exercise
certain of the rule’s good cause
exception authorities.
Comment: One commenter suggested
that CMS include in the final regulation
at § 455.23(d)(4), as reflected in the
preamble to the proposed rule, a
requirement for States to immediately
release the payment suspension ‘‘unless
the State has alternative Federal or State
authority by which it may impose a
suspension.’’ (75 FR 58225). The
proposed regulation does not reflect this
additional language governing the
immediate release of a payment
suspension when MFCU or law
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5940
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
enforcement declines to accept the fraud
referral.
Response: We agree, and are
including this language in the final rule
with comment period.
Comment: Certain commenters
suggested revising the proposed
language to include a 180 day time limit
for the duration of a suspension of
payment in the Medicaid program,
similar to the proposed process under
Medicare.
Response: Aside from the general
constraints and protections built in to
the rule around the notion that
suspensions are intended to be
temporary, we believe that States need
the flexibility to decide the duration of
payment suspensions in order to
accommodate State laws and legal
processes. Because Medicare is a
national program there is more
uniformity surrounding the disposition
of Medicare program suspensions. So
while a specific time limit may be
adequate there, we believe a more
flexible approach, nearly identical to the
approach used with respect to Medicaid
payment suspensions for more than 20
years, is necessary to address the needs
of 50 plus States and territories.
Comment: One commenter suggested
that the duration of a payment
suspension by States should be
permanent where the provider is later
convicted of the offense.
Response: Payment suspensions are
intended to stem the flow of Medicaid
dollars to providers against whom there
are credible allegations of fraud, during
the pendency of the investigation,
which includes any related proceedings.
Separate authorities, some administered
by other agencies, including possible
exclusion from participation in Federal
health care programs, may be
implemented upon a provider’s
conviction.
Comment: One commenter indicated
that while the proposed rule gives States
authority to immediately release
payment suspensions if a timely
investigation by law enforcement does
not ensue, that ‘‘timely,’’ is not clearly
defined.
Response: We believe that when a
State learns that law enforcement has
declined to investigate a fraud referral
from the State in connection with a
payment suspension or otherwise
discontinues a pending investigation,
the State should immediately take steps
to terminate a payment suspension. As
discussed several times in these
responses, we proposed a requirement
for States to obtain quarterly
certifications from law enforcement to
help address this type of scenario so
that providers are not subject to a
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
continuing payment suspension based
upon a fraud referral that was declined
by law enforcement or an investigation
that has been concluded without the
State’s knowledge.
Comment: Certain commenters
requested clarification regarding the
resolution of an investigation for
purposes of terminating a payment
suspension.
Response: Generally, a payment
suspension is temporary and will not
continue after the State Medicaid
agency or the prosecuting authorities
determine that there is insufficient
evidence of fraud by the provider or
legal proceedings related to the alleged
fraud are completed.
Comment: One commenter suggested
that the proposed rule be changed to
defer to State law to dictate how long
and under what circumstances a
payment suspension can be imposed.
Response: As we noted in an earlier
response, this rule presents a floor for
protection of Medicaid funds and does
not bar a State from setting a higher bar
allowing for imposition of suspensions
with other conditions or in other
circumstances.
Comment: Several commenters
suggested that the proposed rule does
not provide adequate due process for
providers facing suspension of
payments. Certain commenters also
suggested that the proposed rule could
result in a de facto termination from the
Medicaid program without any
meaningful due process. Commenters
expressed concern that non-fraudulent
providers may effectively be terminated
by lengthy suspensions. Commenters
also suggested shortening the length of
suspensions or in the alternative,
maintaining the current permitted
duration without extension. Another
commenter indicated that the proposed
rule does not create a right to challenge
the ongoing validity of a payment
suspension.
Response: Under the proposed rule,
providers have an opportunity to submit
written evidence for consideration by
the Medicaid agency regarding payment
suspensions. Based upon this written
evidence, a State may determine
whether there is good cause to terminate
a suspension of payment. Accordingly,
we believe there are adequate due
process protections in place pursuant to
which a provider may establish good
cause to terminate a payment
suspension. In addition, this process
was already accounted for in existing
Medicaid regulations and we did not
change the process. We are not aware of
any issues associated with this process
which has been in existence for more
than 20 years. Moreover, we expressed
PO 00000
Frm 00080
Fmt 4701
Sfmt 4700
in the proposed rule that suspensions,
because of their significant impact upon
providers, are only temporary. We
provided in the rule several protections
(such as the quarterly law enforcement
certification and State documentation
requirements) and also various ‘‘good
cause’’ exceptions. Moreover, the
duration of suspension provisions of the
proposed rule, finalized here, are
essentially the same as have been in
place for more than 20 years with the
existing Medicaid payment suspension
rule. We believe that the significant
built-in protections, in conjunction with
the fact that we are not aware that the
current Medicaid suspension process
has caused significant undue hardship
with providers having payments
wrongly suspended, lend adequate
safeguards to the process. CMS will also
monitor States’ implementation of the
Medicaid payment suspension rule
through the various documentation
requirements and State program
integrity reviews, to ensure that there
are no marked shortcomings with regard
to States’ processes.
Comment: One commenter suggested
that the final regulation should require
State Medicaid programs to establish
and codify a Medicaid administrative
review process with regard to the review
of payment suspensions.
Response: We recognize that
individual State laws vary with regard
to their respective administrative review
processes, and believe that most or all
States have established such processes.
As previously stated, we will revise the
proposed language in the regulations to
reflect the inclusion of State
administrative appeal procedures in the
notice of suspension furnished to
providers. In addition, we believe the
notice should also include relevant
citations to State law, where applicable.
Comment: A couple of commenters
suggested that CMS develop a system or
process for exposing and penalizing
those who make false fraud complaints.
Response: This is outside the scope of
the proposed rule and therefore we will
not consider this suggestion at this time.
Comment: One commenter requested
clarification regarding the fraud referral
standards established by CMS as a result
of an OIG January 2007 report entitled
‘‘Suspected Medicaid Fraud Referrals’’
(OEI 07–04–00181).
Response: We issued fraud referral
standards on September 30, 2008. The
link to CMS’ Web site where the fraud
referral standards may be found is:
https://www.cms.gov/
FraudAbuseforProfs/downloads/fraud
referralperformancestandardsstate
agencytomfcu.pdf.
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
Comment: One commenter suggested
that the content of a fraud referral
should be left to the discretion of each
State. This commenter suggested that a
continuing collaborative environment
will fulfill the regulatory provisions
regarding content of fraud referrals.
Response: We encourage States to
collaborate with their MFCU. A fraud
referral must contain, at a minimum, the
elements as outlined in the proposed
regulation and finalized here, but it is
within a State’s discretion to the extent
it wishes to add additional information.
Comment: One commenter suggested
that FQHCs should be exempted from
the application of payment suspensions.
Response: We disagree. There is no
statutory requirement to carve out an
exception for any particular category of
provider. We believe that payment
suspensions apply to fraudulent
conduct regardless of provider type.
Comment: One commenter suggested
that payment suspensions should only
apply to providers in the limited
screening level, as that term is defined
and used in connection with the
provider screening rules, under only the
most extraordinary circumstances.
Response: We decline to carve out an
exception for providers in the limited
screening level in the context of a
payment suspension. This assignment to
the limited level applies in the context
of provider screening, not for
suspension of payments. The
determination regarding whether to
impose a payment suspension is driven
by credible allegations of fraudulent
conduct and not whether a provider is
assigned to a certain level for purposes
of screening.
Comment: One commenter requested
clarification regarding the application of
payment suspensions to billing
providers as opposed to prescribing
providers. Another commenter
requested a guarantee that payment
suspensions will not be imposed against
a billing provider.
Response: We understand that there
are circumstances in which the
prescribing provider may be different
from the furnishing provider and/or
billing provider. Generally, we believe
that payment suspension is not the
appropriate mechanism to recover
Medicaid funds from one provider who
inescapably, but innocently, happens to
be associated with the fraudulent
conduct of another provider. Because
payment suspensions only apply based
upon credible allegations of fraud,
payment suspensions are generally not
the appropriate vehicle by which to
recover reimbursement for items and/or
services furnished by a provider against
whom there are no allegations of fraud.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Nevertheless, there is no guarantee that
a payment suspension will only be
imposed against the billing provider as,
particularly at the outset of an
investigation of a credible allegation of
fraud, it may be impossible to precisely
determine the locus of the fraud or
whether it involved collusion or
conspiracy.
Comment: One commenter requested
clarification regarding whether States
with authority under existing State law
may impose suspensions for reasons
other than where there is a credible
allegation of fraud. This commenter
suggested that where such authority
exists, the requirements proposed under
§ 455.23, including those concerning
referrals to the MFCU and the duration
of suspension should not apply.
Response: The requirements for
payment suspensions under the
proposed rule are based upon credible
allegations of fraud. As we have noted
several times in both these responses
and in the proposed rule, nothing in
these rules bar a State from exercising
other broader authorities to suspend
payments to providers.
We are adopting the provisions of the
proposed rule with the exception of the
following changes:
• In § 455.2, we have revised the
definition of ‘‘credible allegation of
fraud’’ to address the issue of the State’s
verification of the allegation.
• In § 455.23(a)(1), we have added the
verbiage ‘‘after the agency determines
there is a credible allegation of fraud for
which’’ after the term ‘‘provider.’’
• In § 455.23(b)(2), we have added a
new subsection (vi) that reads: ‘‘Set forth
the applicable State administrative
appeals process and corresponding
citations to State law.’’
• In § 455.23(d), we have added the
verbiage ‘‘has alternative Federal or
State authority by which it may impose
a suspension or’’ before ‘‘makes a fraud
referral to another law enforcement
agency.’’
• In § 455.23(e), we have revised
subsection (3) to state: ‘‘The State
determines, based upon the submission
of written evidence by the individual or
entity that is the subject of the payment
suspension, that the suspension should
be removed.’’
• In § 455.23(e), we have added a new
subsection (6) that states: ‘‘The State
determines that payment suspension is
not in the best interests of the Medicaid
program.’’
• In § 455.23(f), we have revised
subsection (2) to read: ‘‘The State
determines, based upon the submission
of written evidence by the individual or
entity that is the subject of a whole
payment suspension, that such
PO 00000
Frm 00081
Fmt 4701
Sfmt 4700
5941
suspension should be imposed only in
part.’’
• In § 455.23(f), we have added a new
subsection (5) that states: ‘‘The State
determines that payment suspension
only in part is in the best interests of the
Medicaid program.’’
E. Proposed Approach and Solicitation
of Comments for Sections 6102 and
6401(a) of the Affordable Care Act
—Ethics and Compliance Program
1. Statutory Changes
Under section 6102 of the ACA which
established new section 1128I of the
Act, a nursing facility (NF) or SNF shall
have in operation a compliance and
ethics program that is effective in
preventing and detecting criminal, civil,
and administrative violations and in
promoting quality of care, consistent
with regulations developed by the
Secretary, working jointly with the HHS
OIG. The regulations to establish the
compliance and ethics program for
operating organizations may include a
model compliance program. The statute
requires that in the case of an
organization that has five or more
facilities, the formality or specific
elements of the program vary with the
size of the organization. The statute also
requires that not later than 3 years after
the effective date of the regulations, the
Secretary shall complete an evaluation
of the programs to determine if such
programs led to changes in deficiency
citations, changes in quality
performance, or changes in the quality
of resident care. The Secretary shall
submit to the Congress a report on such
evaluation with recommendations for
changes in the requirements, as the
Secretary deems appropriate.
Similarly, under section 6401(a) of the
ACA, which established a new section
1866(j)(8) of the Act, a provider of
medical or other items or services or a
supplier shall, as a condition of
enrollment in Medicare, Medicaid or
CHIP, establish a compliance program
that contains certain ‘‘core elements.’’
The statute requires the Secretary, in
consultation with the HHS OIG, to
establish the core elements for providers
or suppliers within a particular industry
or category. The statute allows the
Secretary to determine the date that
providers and suppliers need to
establish the required core elements as
a condition of enrollment in Medicare,
Medicaid, and CHIP. The statute
requires the Secretary to consider the
extent to which the adoption of
compliance programs by providers or
suppliers is widespread in a particular
industry sector or particular provider or
supplier category. Please note, NFs and
E:\FR\FM\02FER2.SGM
02FER2
5942
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
rmajette on DSK29S0YB1PROD with RULES2
SNFs are subject to both compliance
plan requirements under sections 6102
and 6401(a) since section 6401(a) of the
ACA includes all providers and
suppliers enrolling into Medicare,
Medicaid and CHIP. We intend to
establish compliance program core
elements per section 6401(a) of the ACA
for NFs and SNFs that closely match the
required components of a compliance
program per section 6102 of the ACA.
2. Proposed Ethics and Compliance
Program Provisions
In order to consider the views of
industry stakeholders, we solicited
comments on compliance program
requirements included in the ACA. We
do not intend to finalize compliance
plan requirements in this final rule with
comment period; rather, we intend to do
further rulemaking on compliance plan
requirements and will advance specific
proposals at some point in the future.
We were most interested in receiving
comments on the following:
The use of the seven elements of an
effective compliance and ethics program
as described in Chapter 8 of the U.S.
Federal Sentencing Guidelines Manual
(https://www.ussc.gov/2010guid/
20100503_Reader_Friendly_Proposed_
Amendments.pdf, pp. 31–35) as the
basis for the core elements of the
required compliance programs for
Medicare, Medicaid and CHIP
enrollment. These elements instill a
commitment to prevent, detect and
correct inappropriate behavior and
ensure compliance with all applicable
laws, regulations and requirements, and
include:
• The development and distribution
of written policies, procedures and
standards of conduct to prevent and
detect inappropriate behavior;
• The designation of a chief
compliance officer and other
appropriate bodies (for example a
corporate compliance committee)
charged with the responsibility of
operating and monitoring the
compliance program and who report
directly to high-level personnel and the
governing body;
• The use of reasonable efforts not to
include any individual in the
substantial authority personnel whom
the organization knew, or should have
known, has engaged in illegal activities
or other conduct inconsistent with an
effective compliance and ethics
program;
• The development and
implementation of regular, effective
education and training programs for the
governing body, all employees,
including high-level personnel, and, as
appropriate, the organization’s agents;
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
• The maintenance of a process, such
as a hotline, to receive complaints and
the adoption of procedures to protect
the anonymity of complainants and to
protect whistleblowers from retaliation;
• The development of a system to
respond to allegations of improper
conduct and the enforcement of
appropriate disciplinary action against
employees who have violated internal
compliance policies, applicable statutes,
regulations or Federal health care
program requirements;
• The use of audits and/or other
evaluation techniques to monitor
compliance and assist in the reduction
of identified problem areas; and
• The investigation and remediation
of identified systemic problems
including making any necessary
modifications to the organization’s
compliance and ethics program.
In addition, we are particularly
interested in comments about the
following:
• The extent to which, and the
manner in which, providers and
suppliers already incorporate each of
the seven U.S. Federal Sentencing
Guidelines elements into their
compliance programs or business
operations. We are interested in how
and to what degree each element has
been incorporated effectively into the
compliance programs of different types
of providers and suppliers considering
their risk areas, business model and
industry sector or particular provider or
supplier category.
• Any other suggestions for
compliance program elements beyond,
or related to, the seven elements
referenced previously considering
provider or supplier risk areas, business
model and industry sector or particular
provider or supplier category including
whether external and/or internal quality
monitoring should be a required for
hospitals and long-term care facilities.
• The costs and benefits of
compliance programs or operations
including aggregate or component costs
and benefits of implementing particular
elements and how these costs and
benefits were measured.
• The types of systems necessary for
effective compliance, the costs
associated with these systems and the
degree to which providers and suppliers
already have these systems including,
but not limited to, tracking systems,
data capturing systems and electronic
claims submission systems. We
anticipate having providers and
suppliers evaluate the effectiveness of
their compliance plans using electronic
data.
• The existence of and experience
with State or other compliance
PO 00000
Frm 00082
Fmt 4701
Sfmt 4700
requirements for various providers and
suppliers and foreseeable conflicts or
duplication from multiple requirements.
• The criteria we should consider
when determining whether, and if so,
how to divide providers and suppliers
into groupings that would be subject to
similar compliance requirements
including whether individuals should
have different compliance obligations
from corporations.
• Available research or individual
experience regarding the current rate of
adoption and level of sophistication of
compliance programs for providers or
suppliers based on their business model
and industry sector or particular
provider or supplier category.
• How effective compliance programs
have been for varied providers and
suppliers and how the level of
effectiveness was measured.
• The extent to which providers and
suppliers currently use third party
resources, such as consultants, review
organizations, and auditors, in their
compliance efforts.
• The extent to which providers and
suppliers have already identified staff
responsible for compliance and, for
those who already have staff responsible
for compliance, the positions of these
staff.
• A reasonable timeline for
establishment of a required compliance
program for various types and sizes of
providers and suppliers, assuming the
compliance program core elements were
based on the aforementioned U.S.
Federal Sentencing Guidelines’ seven
elements of an effective compliance and
ethics program, considering business
model and industry sector or particular
provider or supplier category.
We welcomed any information
concerning how the industry views
compliance program elements and how
we can establish required compliance
program elements to protect Medicare,
Medicaid, and CHIP from fraud and
abuse.
3. Analysis of and Responses to Public
Comment
We received numerous comments on
compliance program elements in
response to this request. Though we will
not respond to those comments within
this final rule with comment period,
these will be considered for further
rulemaking on compliance plan
requirements.
4. Final Provisions—Ethics and
Compliance Program
We are not finalizing these provisions
in this final regulation. We are in the
process of developing a new Notice of
Proposed Rule Making incorporating the
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
compliance plan provisions and
comments received that will be
published at a later date. The proposed
rule will also have an opportunity for
further public comment.
rmajette on DSK29S0YB1PROD with RULES2
F. Termination of Provider Participation
Under the Medicaid Program and CHIP
if Terminated Under the Medicare
Program or Another State Medicaid
Program or CHIP
1. Statutory Change
Section 6501 of the ACA amends
section 1902(a)(39) of the Act to require
a State Medicaid program to terminate
any provider, be it an individual or
entity, participating in that program,
subject to the limitations on exclusions
in sections 1128(c)(3)(B) and
1128(d)(3)(B) of the Act, if the
provider’s participation has been
terminated under title XVIII of the Act
or another State’s Medicaid program.
Effective provider screening prevents
excluded providers from enrolling in
government health care programs and
being paid with Federal and State funds.
Effective screening of providers barred
from participation can reduce the risk of
fraud, waste, and abuse in the Medicare
and Medicaid programs and CHIP
When a State terminates a provider
but does not share that information with
any other State, all other States become
vulnerable to potential fraud, waste, and
abuse committed by that provider.
Similarly, a provider, supplier, or
eligible professional that has been
terminated from Medicare or has had
Medicare billing privileges revoked may
enroll with a State Medicaid program or
with CHIP when a State is not aware of
the Medicare termination or revocation.
We may terminate or revoke the billing
privileges of a provider, supplier, or
eligible professional under Medicare for
a number of reasons, as set forth at
§ 424.535, including exclusion from
health care programs, government-wide
debarment, and conviction of certain
violent felonies and financial crimes.
Section 6501 of the ACA requires a
State’s Medicaid program to terminate
an individual or entity’s participation in
the program (subject to certain
limitations on exclusions in sections
1128(c)(3)(B) and 1128(d)(3)(B) of the
Act), if the individual or entity has been
terminated under Medicare or another
State’s Medicaid program. Although the
term ‘‘termination’’ only applies to
providers under Medicare whose billing
privileges have been revoked (and does
not apply to Medicare suppliers or
eligible professionals), we believe it was
the intent of the Congress that this
requirement also be applicable to
suppliers and eligible professionals that
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
have had their billing privileges under
Medicare revoked as well. Therefore, we
proposed that ‘‘termination’’ be inclusive
of situations where an individual’s or
entity’s billing privileges have been
revoked. The requirement for States to
terminate would only apply in cases
where providers, suppliers, or eligible
professionals were terminated or had
their billing privileges revoked for
cause. ‘‘For cause’’ may include fraud,
integrity or quality, but not cases where
the providers, suppliers, or eligible
professionals were terminated or had
their billing privileges revoked based
upon voluntary action taken by the
provider to end its participation in the
program, except where that voluntary
action is taken to avoid a sanction, or
where a State removes inactive
providers from its enrollment files.
In addition, State Medicaid programs
would terminate a provider only after
the provider had exhausted all available
appeal rights in the Medicare program
or in the State that originally terminated
the provider or the timeline for such
appeal has expired.
Section 6501 of the ACA builds upon
the requirements in section 6401(b)(2) of
the ACA, which requires that we
establish a process to make available
Medicare provider, supplier, and
eligible professional and CHIP provider
termination information to State
Medicaid programs. Section 1902(kk)(6)
of the Act also requires States to report
adverse provider actions to CMS,
including criminal convictions,
sanctions, and negative licensure
actions.
When States are apprised of the
terminations or revocations of billing
privileges, as the case may be, of
providers, suppliers, and eligible
professionals that have occurred in
other State Medicaid programs, CHIP, or
in Medicare, States have the information
they need to protect their programs.
2. Proposed Provisions for Termination
of Provider Participation Under the
Medicaid Program and CHIP if
Terminated Under the Medicare
Program or Another State Medicaid
Program or CHIP
We proposed at § 455.416(c) that a
State Medicaid program must deny
enrollment or terminate the enrollment
of a provider that is terminated on or
after January 1, 2011 under Medicare, or
has had its billing privileges revoked, or
is terminated on or after January 1, 2011
under any other State’s Medicaid
program or CHIP.
While section 6501 of the ACA does
not expressly require that individuals or
entities that have been terminated under
Medicare or Medicaid also be
PO 00000
Frm 00083
Fmt 4701
Sfmt 4700
5943
terminated from CHIP, we also
proposed, under our general rulemaking
authority pursuant to section 1102 of
the Act, to require in CHIP regulations
that CHIP take similar action to
terminate a provider terminated or
revoked under Medicare, or terminated
under any other State’s Medicaid
program or CHIP.
We also proposed to add a definition
at § 455.101 for termination for purposes
of this section. That definition
distinguishes between Medicaid
providers and Medicare providers,
suppliers, and eligible professionals and
specifies that termination means a State
Medicaid program or the Medicare
program has taken action to revoke the
Medicaid provider’s or Medicare
provider, supplier or eligible
professional’s billing privileges and the
provider, supplier or eligible
professional has exhausted all
applicable appeal rights. There is no
expectation on the part of the provider,
supplier, or eligible professional or the
State or Medicare program that the
termination or revocation is temporary.
The provider, supplier or eligible
professional would be required to
reenroll with the applicable program if
they wish billing privileges to be
reinstated.
3. Analysis of and Responses to Public
Comment
We received the following comments:
Comment: One commenter stated that
while there is value to the States to have
additional authority under which to
deny or terminate Medicaid providers, it
will be necessary to amend current
statute and regulations to include new
reasons for denials and terminations,
and additional time will be required.
Response: In accordance with section
6508(b) of the ACA, a State may delay
implementation of this provision if the
Secretary determines that State
legislation is required.
Comment: Commenters asked for
clarification regarding ACA section
6401(b)(2) that requires CMS to
establish a process to make available
Medicare provider, supplier, and
eligible professional and CHIP
termination information to State
Medicaid programs. Commenters asked
if a mechanism was in place for States
to check for terminated providers
starting January 1, 2011. One
commenter requested clarification as to
how State Medicaid programs would
communicate with Medicare contractors
when the States had revoked or
suspended a Medicaid enrollment.
Another commenter asked if the
Provider Enrollment, Chain, and
Ownership System (PECOS) would be
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5944
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
used. Another commenter stated it
would be ‘‘next to impossible’’ to carry
out this provision without an effective
way to obtain information from
Medicare regarding terminated
providers. One commenter urged CMS
to establish a national database that
contains Medicare, CHIP termination
and exclusion information as well as
information on terminations from all
State Medicaid programs.
Response: We are in the process of
establishing a secure web-based portal
that will allow States to share
information regarding terminated
providers. Using this web-based portal,
a State will be able to upload as well as
download information regarding its
terminated providers and download
information regarding terminated
providers in other States and Medicare.
States will not be required to report
those providers who were terminated
prior to January 1, 2011. Access to the
information-sharing portal is limited to
users that we have approved.
Comment: Some commenters
requested that CMS clarify the
timeframes for State reporting of
terminations.
Response: States should report
terminations on a monthly basis in
order to assist other States and the
Medicare program in protecting
themselves from providers who pose an
increased risk to government health care
programs.
Comment: One commenter requested
that States be granted real time access to
the exclusion database. Another
commenter suggested that CMS consider
leveraging existing Federal databases
such as the NPI and NPPES.
Response: We are in the process of
exploring potential opportunities to
leverage existing databases and
infrastructure that would enable timely
access to provider enrollment data
across programs. We are currently
examining to what extent we can
support such a centralized information
sharing solution.
Comment: One commenter requested
clarification that Medicaid termination
should only last as long as the Medicare
termination, especially in States where
‘‘terminate’’ means ‘‘permanent
exclusion.’’
Response: When a State terminates a
provider based on the fact that the
provider was terminated by Medicare,
the duration of the State’s termination
action should be consistent with State
law, and not necessarily driven by the
length of the Medicare termination. The
same would hold true when a State
terminates a provider based on a
termination action in another State. We
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
do not wish to dictate to States the
duration of their terminations.
Comment: One commenter contended
that the proposed rule did not detail the
parameters of the termination process.
Specifically, it did not state what would
happen if a provider is wrongfully
terminated from participation in
Medicare or another public benefit, or
the different termination scenarios—
such as the effect on a group practice if
a provider in that group is suspected of
fraud. The commenter also requested
further explanation and clarification
regarding the timeline and parameters
for termination of provider participation
in Medicare, Medicaid, and CHIP.
Response: For purposes of the
Medicaid program, the parameters of the
termination process would be governed
by the terminating State’s administrative
appeals processes. Accordingly, the
timeline and parameters for termination
will vary depending on the State in
which the termination occurs. State
Medicaid agencies and CHIP must deny
enrollment or terminate the enrollment
of any provider that is terminated by
Medicare or another State’s Medicaid
program or CHIP on or after January 1,
2011. If a provider is wrongfully
terminated from Medicare or another
State’s Medicaid program or CHIP, and
a subsequent State has already
terminated such provider from its
Medicaid program or CHIP, the
subsequent State should reinstate the
provider once the subsequent State has
evidence demonstrating that the
provider was wrongfully terminated.
When an individual provider is
terminated by a State Medicaid program
or CHIP, the effect on a group practice
would be that the individual provider
who is terminated may not participate
in the Medicaid or CHIP programs until
that provider is eligible to, and does reenroll. Therefore, neither the individual
provider, nor the group practice would
be able to bill Medicaid or CHIP for care
and/or services provided by the
individual provider that has been
terminated.
Comment: One commenter stated that
termination is defined to be inclusive of
situations where an individual or
entity’s billing privileges have been
revoked. The commenter requested
clarification because not all providers
have billing privileges. For example, a
particular pharmacist may be denied
participation in a State’s Medicaid
program; however, because the
pharmacist does not have direct billing
privileges, another State would not have
to also terminate that provider.
Response: The requirement for
termination is not limited to situations
in which a provider is billing the
PO 00000
Frm 00084
Fmt 4701
Sfmt 4700
Medicaid program. The requirement for
termination applies to enrolled
providers generally, not just billing
providers. An enrolled provider that has
had its billing privileges revoked by
Medicare must be terminated by the
States’ Medicaid programs, regardless of
whether the provider is submitting
claims.
Comment: One commenter requested
clarification for States regarding
termination when a provider has more
than one NPI or Medicare ID number. A
commenter inquired if CMS will
terminate a provider’s NPI, Medicare
legacy number or both. This commenter
also asked if a provider has multiple
NPIs and/or Medicare numbers, does
Medicare terminate a provider under
one number but allow them to continue
to participate under other NPI/Medicare
numbers. This commenter indicated
that if the response is yes, would a State
be expected to follow suit, that is,
terminate only the NPI that Medicare
has terminated. Finally, the commenter
asked what States should do in cases
where providers have multiple legacy
Medicaid numbers that crosswalk to a
single NPI.
Response: It is the provider, not the
provider’s identifiers, which are to be
terminated under this provision. Thus,
to the extent that Medicare terminated
one or multiple NPIs/Medicare legacy
numbers for cause that are tied to one
provider we generally expect that State
Medicaid agencies will follow suit.
Accordingly, if one provider has
multiple Medicaid identification
numbers, then the State would be
required to terminate such provider
numbers if the State determines there is
cause for such termination and the
provider has exhausted its appeal rights.
Comment: Several commenters
expressed concern over the potential for
terminations of affiliated providers
when one provider had been terminated
in another State. One commenter asked
if other State Medicaid agencies will be
compelled to terminate affiliates that
have a common corporate parent. A
commenter asked if terminations for a
corporation apply to any branches or
franchises of that corporation.
Response: Section 6501 of the ACA
does not require the termination of
affiliates of terminated entities.
Accordingly, we are not requiring States
at this time to terminate affiliates of
those individuals or entities that have
been terminated by another Medicaid
program or had their billing privileges
revoked by the Medicare program.
Comment: One commenter stated that
it is a common State statutory
requirement or best practice for a
provider to form a legal corporate entity
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
unique to the State. The commenter
requested clarification for the legal basis
for Federal enforceability of termination
from or denied enrollment into a State’s
program based upon the termination or
denial status in another State where the
provider and its principals are the same
individuals but the ‘‘provider’’ is a
separate legally incorporated entity
under State law.
Response: Section 1902(a)(39) of the
Act requires State Medicaid agencies to
terminate the participation of any
individual or entity that has been
terminated under Medicare or another
State’s Medicaid program. When a State
is contemplating a termination as a
result of a termination that was initiated
by another State’s Medicaid program,
and there is a question regarding the
identity of the provider who is the
subject of the termination, it is generally
up to the subsequent terminating State
to determine whether a provider in their
State is the same provider that was
initially terminated by another State’s
Medicaid program. In order to
determine whether a provider in one
State is the same provider that was
terminated in another State, a State
could look at a variety of factors,
including, but not limited to, NPI and
correspondence address. The State
could also communicate with the
Medicaid agency that originally
terminated the provider to help resolve
the question of the provider’s identity.
If the State believes that background
checks are required to verify the identity
of a provider, then States should
conduct such background checks. We
believe the States should have flexibility
to determine the best method for
identity verification.
Comment: One commenter suggested
that the regulatory definition of
termination at § 455.101 should be
revised to include the termination of
persons or entities with an ownership or
control interest or who is an agent or
managing employee of a provider.
Response: The ACA does not
contemplate termination based upon
ownership or control. The statute
requires termination of the same
individual or entity that was terminated
by Medicare or another State’s Medicaid
program.
Comment: A few commenters
requested that CMS clarify in the final
rule with comment period that
termination from the Medicaid program
must only occur when a provider has
had billing privileges revoked or
terminated by Medicare for cause.
Response: The requirement for States
to terminate would only apply in cases
where providers, suppliers or eligible
professionals were terminated or had
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
their billing privileges revoked for cause
which may include, but is not limited
to, fraud, integrity or quality issues. In
addition, we have defined ‘‘termination’’
in the final rule with comment period
as occurring when a State Medicaid
program has taken action to terminate a
provider and the provider has exhausted
all applicable appeal rights that are
available in the State or the Medicare
program, or the timeline for appeal has
expired, whichever is applicable.
Comment: One commenter requested
information regarding how managed
care organizations will be able to access
provider termination information.
Response: We encourage States to
share such information with their
managed care entities.
Comment: One commenter requested
that an appeals process be established
for providers and suppliers that would
permit a provider/supplier to continue
to provide care under a program if they
can demonstrate ‘‘good cause
exemptions.’’
Response: While we appreciate the
commenter’s suggestion, section 6501 of
the ACA requires States to terminate the
participation of any provider that has
been terminated under Medicare or
another State’s Medicaid program, and
allows for exceptions only as permitted
under sections 1128(c)(3)(B) and
1128(d)(3)(B) of the Act.
Comment: Commenters expressed
concern that the proposed rule allows
for the imposition of sanctions based
upon findings made outside the agency.
For example, if Medicare revokes a
provider’s billing privileges and a State
initiates a termination action as a result
of such revocation, then, in the
commenter’s view, the proposed rule
gives the provider a right to use the
State administrative appeal process to
challenge anew the Medicare
revocation.
Response: We disagree. The provider
is not provided a new forum in which
to litigate the Medicare termination
action. The ACA does not give a State
the authority to review a Medicare
termination action. The statute requires
a State to terminate a provider that was
terminated by Medicare or another
State’s Medicaid program, with certain
limited exceptions.
Comment: A few commenters
indicated that the proposed regulation
fails to state that termination from the
Medicaid program must only occur in
situations in which the provider or
supplier had its billing privileges
terminated or revoked for cause, that is,
fraud, integrity or quality issues.
Response: We agree. In the regulatory
definition for ‘‘termination,’’ we will
state that the requirement for States to
PO 00000
Frm 00085
Fmt 4701
Sfmt 4700
5945
terminate would only apply in cases
where providers, suppliers or eligible
professionals were terminated or had
their billing privileges revoked for cause
which may include, but is not limited
to, fraud, integrity or quality issues.
Comment: Certain commenters
requested a specific timeline for due
process in connection with the appeal of
termination actions and the parameters
of the termination process in Medicaid.
Response: As we have indicated
previously in these responses, we
believe that States should have the
flexibility to decide termination actions
consistent with their individual State
administrative appeals process. In
addition, since State law and
regulations may vary with regard to this
issue, we defer to the States regarding
their existing termination processes.
Comment: One commenter suggested
that reciprocal termination must be
limited to revocations of privileges due
to fraud and where the physician has
exhausted all possible appeal rights.
Response: We agree. As stated in the
proposed rule, the requirement for
States to terminate would only apply in
cases where providers, suppliers or
eligible professionals were terminated
or had their billing privileges revoked
for cause. In addition, we defined
‘‘termination’’ as occurring when a State
Medicaid program has taken action to
revoke a Medicaid provider’s billing
privileges and the provider has
exhausted all applicable appeal rights
that are available in that State, or the
timeline for appeal has expired, or when
the Medicare program has revoked the
provider or supplier’s billing privileges
and the provider or supplier has
exhausted all applicable appeal rights,
or the timeline for appeal has expired.
Comment: One commenter requested
a definition of ‘‘eligible professional.’’
Response: In the context of
terminations, ‘‘eligible professional’’ is a
term that is specific to the Medicare
program. For purposes of the Medicare
program, an eligible professional may
include a physician assistant, nurse
practitioner, or clinical nurse specialist,
certified nurse-midwife, clinical social
worker, clinical psychologist, registered
dietitian or nutrition professional. See
section 1842(b)(18) of the Act.
Comment: Certain commenters
requested clarification regarding when a
termination is triggered under the
statute.
Response: A termination in a
subsequent State is triggered when
Medicare or a State Medicaid program
has taken action to revoke a provider’s
billing privileges for cause and the
provider has exhausted all applicable
appeal rights that are available in
E:\FR\FM\02FER2.SGM
02FER2
5946
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
Medicare or the originally-terminating
State or the timeline for appeal has
expired.
Comment: A commenter stated that
section 6 of Executive Order 13132
requires that: (1) Each agency have an
accountable process to ensure
meaningful and timely input by State
officials in the development of
regulatory policies that have Federalism
implications, and (2) no agency shall
promulgate any regulation that has
Federalism implications that imposes
substantial direct compliance cost on
State governments. The commenter
recommended that CMS explain the
process that was used to ensure that
meaningful and timely input was
received from the States prior to the
development of this proposed rule.
Response: We have worked closely
with State Medicaid agencies on the
proposed rule and in the development
of the final rule with comment period.
Comment: One commenter requested
clarification regarding the process of
how Medicare reinstatements will be
communicated to States and whether
States will be required to automatically
reinstate a provider in the Medicaid
program once a provider ‘‘finishes the
Medicare termination/revocation
period.’’
Response: Presumably, States will be
notified by providers who are seeking
re-enrollment or reinstatement in the
Medicaid program. It is the
responsibility of the States to validate
the status of a provider’s termination
with Medicare. When a provider may
seek re-enrollment is up to the
discretion of the States and should be
consistent with State law. Similarly, the
duration of termination should be
consistent with existing State law.
rmajette on DSK29S0YB1PROD with RULES2
4. Final Provisions for Termination of
Provider Participation Under the
Medicaid Program and CHIP if
Terminated Under the Medicare
Program or Another State Medicaid
Program or CHIP
15:39 Feb 01, 2011
Jkt 223001
1. Statutory Changes
Section 6501 of the ACA requires
States to terminate a provider or
supplier under the Medicaid program
when the provider or supplier has been
terminated by Medicare or by another
State’s Medicaid program. We believe
that permitting CMS to revoke Medicare
billing privileges when a State Medicaid
agency terminates, revokes, or suspends
a provider or supplier’s Medicaid
enrollment or billing privileges works in
tandem with section 6501 of the ACA.
2. Proposed Provisions for Additional
Medicare Provider Enrollment
In § 424.535(a)(11), we proposed
allowing CMS, directly or through its
contractor, to revoke Medicare billing
privileges when a State Medicaid
agency terminates, revokes, or suspends
a provider or supplier’s Medicaid
enrollment or billing privileges.
Moreover, we believe that providers and
suppliers whose enrollment has been
terminated by a State Medicaid program
may pose an increased risk to the
Medicare program.
3. Analysis of and Response to Public
Comments
We received one comment on the
proposed provision related to Medicare
termination.
Comment: A commenter stated that
proposed § 424.535(a)(11) contains an
editorial error that makes the language
of the proposed rule difficult to
understand.
Response: Section 424.535(a) lists
reasons for revocation of Medicare
enrollment. § 424.535(a)(12) is one such
reason—if a State has terminated a
provider from Medicaid, Medicare can
terminate the provider from Medicare.
We will reword the language in
§ 424.535(a)(12) to clarify the
circumstances being addressed.
4. Final Provisions for Additional
Medicare Provider Enrollment
We have retained the provisions of
the proposed rule, with the exception of
the following:
• In § 455.101, we have added the
following subsection (3) to the
definition of termination: ‘‘The
requirement for termination applies in
cases where providers, suppliers, or
eligible professionals were terminated
or had their billing privileges revoked
for cause which may include, but is not
limited to: (i) Fraud; (ii) integrity; or (iii)
quality.’’
VerDate Mar<15>2010
G. Additional Medicare Provider
Enrollment Provisions
This final rule with comment period
finalizes the provisions of the proposed
rule in regards to our discretion to
revoke a provider or supplier’s Medicare
billing privileges when terminated,
revoked or suspended by a State
Medicaid agency with no modifications.
H. Technical and General Comments
Comment: A commenter stated that
the definition of ‘‘provider of services’’
in section 1861(u) of the Act and
‘‘supplier’’ in section 1861(d) of the Act
differs from the meaning of ‘‘provider of
services’’ and ‘‘supplier,’’ respectively, in
PO 00000
Frm 00086
Fmt 4701
Sfmt 4700
the proposed rule. The commenter also
was unclear as to whether the proposed
rule’s references to ‘‘providers’’ refer to
‘‘provider of services.’’ The commenter
requested clarification on both issues.
Response: The proposed rule stated
that in Medicare, the term provider of
services under section 1861(u) of the
Act means health care entities that
furnish services primarily payable
under Part A of Medicare, such as
hospitals, home health agencies
(including home health agencies
providing services under Part B),
hospices, and skilled nursing facilities.
The term ‘‘suppliers’’ defined in section
1861(d) of the Act refers to health care
entities that furnish services primarily
payable under Part B of Medicare, such
as independent diagnostic testing
facilities (IDTFs), durable medical
equipment prosthetics, orthotics, and
supplies (DMEPOS) suppliers, and
eligible professionals, which refers to
health care suppliers who are
individuals, that is, physicians and the
other professionals listed in section
1848(k)(3)(B) of the Act. For Medicaid
and CHIP, we use the terms ‘‘providers’’
or ‘‘Medicaid providers’’ or ‘‘CHIP
providers’’ when referring to all
Medicaid or CHIP health care providers,
including individual practitioners,
institutional providers, and providers of
medical equipment or goods related to
care. The term ‘‘supplier’’ has no
meaning in the Medicaid program or
CHIP.
Comment: A commenter suggested
that to avoid misinterpretation, nonphysician practitioners should be
clearly defined in the final rule with
comment period.
Response: The proposed and final
rule with comment period refer to nonphysician practitioners to mean any
non-physician practitioner who is
eligible to enroll in Medicare, Medicaid
or CHIP under existing regulations and
statutes. In addition, this term is already
defined at section 1848(b)(18)(C) of the
Act.
Comment: A commenter stated that
with the issuance of CMS–1510–F on
November 2, 2010, CMS should
renumber the denial and revocation
reasons found in this proposed rule. In
CMS–1510–F, CMS finalized a new
denial reason in § 424.530(a)(8) and a
new revocation reason in
§ 424.535(a)(12).
Response: We have revised these
provisions in the regulatory text.
Comment: A commenter stated that
CMS violated section 6(a) of Executive
Order 12866 by not giving the public a
60 day review period for this rule and
that CMS only allowed a 55 day review
period. The commenter also could not
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
find a CMS Press Release or information
on the CMS Web site indicating that
CMS notified the public that it placed
this rule on display and began the
public comment period in advance of
the publication of the proposed rule in
the Federal Register. The commenter
recommended that CMS reissue a new
proposed rule or extend the comment
period for this proposed rule by
additional 60 days.
Response: The Department of Health
and Human Services released a press
release on September 20, 2010
accessible on its Web site that
announced the display of the proposed
rule at the Federal Register. The press
release is accessible at: https://
www.hhs.gov/news/press/2010pres/09/
20100920e.html. Additional media
outlets reported the proposed rule
display on September 17th, 2010. We do
not believe it is appropriate to extend
the comment period for an additional 60
days, and we have taken into account all
comments received during the comment
period.
Comment: Several commenters stated
that the proposed timeframe for
implementation and compliance is
extremely aggressive. First, smaller,
rural providers and suppliers may not
be organizationally able to fully comply
without significant cost and effort, thus
impacting access to care. Second, the
DME MACs and the NSC will have to be
able to identify suppliers and
implement payment edits, both by
specialty code.
Response: As stated previously, the
timeline is a required under the ACA.
We have been working closely with our
contractors and with providers and
suppliers to ensure that compliance
with this final rule with comment
period will not affect patients’ access to
health care.
Comment: Several commenters stated
that the implementation timetables for
this proposed rule were too ambitious,
and that sufficient lead time is
necessary for CMS to have operational
computer programs in place to
administer these requirements correctly
and consistently.
Response: This final rule with
comment period is implementing
provisions of the ACA which sets forth
deadlines for implementation of the
screening provisions.
Comment: A commenter stated that in
its manual instructions, CMS describes
the verification of legalized status for
physicians and non-physician
practitioners. However, the commenter
stated that the proposed rule is silent
regarding the verification or screening
process that will be used to determine
legal status of an owner, authorized
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
official, delegated official, managing
employee, physician or non-physician.
The commenter recommended that CMS
explain this process in the proposed
rule. Another commenter urged CMS to
revise its existing CMS–855 enrollment
applications to include questions on
residency, legal status, and/or
citizenship, arguing that this would
help reduce fraud.
Response: Information collected on
the CMS–855 enrollment applications
are used to verify residency, including
the Social Security Number and the
Date of Birth. This process is a part of
the general screening process, and is
applied to all screening levels,
including limited.
Comment: A commenter stated that
since illegal immigrants are not legally
authorized to work in the United States
or own or operate a business in the
United States, CMS should: (1)
Coordinate and verify both the identity
and work status of any individual
practitioner or owner with the United
States Citizenship and Immigration
Services, and (2) establish new
Medicare, Medicaid and CHIP denial
and revocation reasons when an
individual is not authorized to work in
the United States legally and that CMS
refer any individuals to the appropriate
authorities for expulsion from the
United States.
Response: As stated previously, we
have existing procedures in place that
verify an applicant’s eligibility to work
in the United States.
Comment: One commenter
recommended that CMS furnish the
number of providers and suppliers by
specialty type that have or do not have
an enrollment record in PECOS. This
will, the commenter believes, help
clarify the impact of this rule on
providers and suppliers.
Response: This final rule with
comment period does not impact the
enrollment requirements related to
PECOS for providers and suppliers. In
May of 2010, we published CMS—
6010–IFC which required all physicians
and eligible professionals who order
and refer home health services or Part
B items and services (excluding Part B
drugs) to Medicare to be enrolled in
PECOS. Additional communications
have been published with regard to that
interim final rule with comment period,
and do not impact the provisions
finalized here. This final rule with
comment period established the
screening requirements for providers
under Medicare, Medicaid and CHIP,
and application fees for newly enrolling
or revalidating providers. All newly
enrolling or revalidating providers must
establish records in PECOS as this is the
PO 00000
Frm 00087
Fmt 4701
Sfmt 4700
5947
only available enrollment option at this
time.
Comment: A commenter stated that
Medicare, Medicaid and CHIP must
work in tandem to assure compliance,
so that bad actors cannot move from one
program to another and shelter
themselves through the lack of
coordinated data, standards,
information and enforcement.
Response: We concur with this
comment. This final rule with comment
period implements the ACA provision
that requires State Medicaid Agencies,
to terminate a provider when a provider
has been terminated by Medicare added
at § 455.416. This final rule with
comment period also implements
regulations at § 455.470 that authorizes
State Medicaid agencies to impose a
temporary moratoria when Medicare
imposes such a moratoria, except when
the State Medicaid agency determines
an imposition would affect
beneficiaries’ access. These provisions
are directly aimed at eliminating the
type of program abuses addressed by the
commenter.
Comment: A commenter stated that
despite the additional burdens it will
create, it supported the proposed rule
because there is no alternative. The
commenter stated that if fraud, abuse
and waste are not eliminated and
quality improvement is not made
central to home health and hospice, it
feared for the future of home-based care
when it is needed most.
Response: We agree with the
commenter. We believe that these
provisions are intended to protect the
integrity of these programs for future
generations.
Comment: A commenter suggested
that CMS should change its contractors’
claims processing system to a system
similar to that used by credit card
companies. This will help ensure that
fraud and abuse can be detected in real
time, rather than later.
Response: We are continually
exploring additional improvements to
our data systems, but disagree with the
commenter’s suggestion that we must
change all of our contractors systems to
implement real time data analysis. We
are committed to working with both
private and public partners to evaluate
technologies that can provide the
scalability and safeguards to beneficiary
access that are necessary to ensure
accurate payments to legitimate
providers for appropriate services
supplied to enrolled beneficiaries.
Comment: A commenter stated that
CMS should establish a new
requirement that organized medical
staffs and hospitals report the provision
of (but not the results of) peer review as
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5948
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
a quality indicator, and that CMS
should post the quality indicator for
each hospital department on its Hospital
Compare Web site, together with an
explanation of the importance of peer
review to assure patient safety, quality,
and identification of medically
unnecessary services.
Response: This comment is beyond
the scope of this rule. This final rule
with comment period does not address
the reporting of quality indicators or the
Hospital Compare Web site.
Comment: A commenter stated that
MACs should no longer accept certain
CPT codes for laboratory test payments.
Response: This comment is beyond
the scope of this rule. This final rule
with comment period does not address
our coverage and payment decisions for
CPT codes.
Comment: A commenter stated that
CMS should consider bidding out
laboratory coding to a contractor,
similar to the manner in which the
PDAC operates for DME coding.
Response: This comment is beyond
the scope of this rule. This final rule
with comment period does not address
the bidding of laboratory coding to a
contractor.
Comment: A commenter expressed
support for many of the details and
provisions contained within the
proposed rule and requested that CMS
continue to seek input from all
stakeholders about matters related to
hospitals and health systems.
Response: We concur with the
commenter’s request to continue to seek
input from all stakeholders, and fully
intend to do so in regard to the
requirements of this final rule with
comment, as well as annual payment
regulations.
Comment: A commenter expressed
concern that anti-fraud laws and
regulations, adopted to root out
unscrupulous activity resulting from
criminal intent, are increasingly used to
impose harsh penalties for inadvertent
mistakes and contribute to the
escalating costs of health care as
providers attempt to comply with
increasingly voluminous and
sophisticated systems and requirements.
Response: We continually balance the
necessity to eliminate fraud, waste, and
abuse with reducing the burden on
legitimate providers, suppliers, and
beneficiaries. Section 6401 of the ACA
requires that the Secretary determine
the level of screening according to the
risk of fraud, waste, and abuse. This
final rule with comment period
implements this provision by instituting
levels of screening based on risk of
fraud, waste, and abuse, and has the
flexibility to adapt to future
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
developments by adjusting the
categories as appropriate. We will use
this new authority to prevent just such
situations as described by the
commenter, and will reduce the burden
on legitimate providers who may make
mistakes, and target fraud prevention
resources appropriately.
Comment: A commenter stated that
serial number tracking should be
considered for much of the equipment
provided by DMEPOS suppliers, similar
to the Vehicle Identifier Number (VIN)
system used in the transportation
manufacturing industry.
Response: While we appreciate this
comment, it appears to be outside the
scope of this rule. Also, this comment
would require a thorough evaluation of
the cost of such a requirement on
DMEPOS suppliers, the access issues it
could potentially cause to beneficiaries
if we mandated that only serial
numbered equipment must be provided
to beneficiaries, the additional system
requirements that we would need to
enhance to track such equipment, and
the estimated benefit from such a
requirement.
Comment: A commenter stated that
the fight against health care fraud would
be bolstered if Medicare, Medicaid and
private insurers would share
information about providers’ enrollment
and billing patterns. The commenter
therefore recommended that CMS: (1)
Revise its regulations and the CMS–855
to collect information about all other
health care payers, and (2) share the
information it collects via the
enrollment and payment process with
private payers, Medicaid, and Medicare
Advantage Organizations.
Response: We would have to carefully
evaluate the commenter’s proposal. We
must go through notice of rulemaking
and comment period before revising any
regulation. Additionally, we would have
to carefully consider the privacy issues
that accompany increased data sharing,
especially with private payers, and
weigh the potential concerns of
providers and suppliers with the
expected benefit of such a measure.
However, we have been working closely
with private and public partners
regarding strategies to effectively work
together to have a broad view of the
health care claim landscape, and will
continue to evaluate opportunities to
collaborate on the improved detection of
health care fraud.
Comment: A commenter urged CMS
to consider ways to enhance Medicare
CoPs for home health and hospice
providers to achieve more lasting
changes. The commenter stated that
CMS withdrew the proposed CoPs
changes for home health in 1997 and
PO 00000
Frm 00088
Fmt 4701
Sfmt 4700
has not taken further action. The
commenter recommended that CMS
consult with provider groups to revise
and finalize the CoPs for home health as
quickly as possible.
Response: This comment is outside of
the scope of the final rule with comment
period.
Comment: A commenter
recommended that CMS: (1) Provide the
direct savings that have resulted from
provider screening activities between
2000 and 2010, (2) calculate the savings
to the Medicare Trust Funds and the
General Fund based on this proposed
rule, and (3) explain whether the
estimated savings will result in fewer
actual dollars spent on health care or
whether the changes proposed will only
slow the expenditure growth.
Response: We believe that all of the
agency’s program integrity activities
have resulted in savings to the Trust
Fund and the General Fund. We are not
required to report a return on
investment regarding historical
screening initiatives, or project savings
regarding the statutory requirements.
The fact that we have in the past denied
any application means that we have
prevented an unqualified provider or
supplier from providing services and/or
care to Medicare beneficiaries that could
have resulted in physical harm or
financial loss to such a beneficiary.
Comment: One commenter stated that
this proposed rule will be ineffective in
halting fraud because it is reactive, and
it is impossible for any government
entity to react in a timely manner.
Response: We disagree with the
comment that the new authorities in
this final rule with comment period are
reactive. Particularly, the screening
requirements for newly enrolling
providers which will proactively
prevent individuals from entering the
Medicare, Medicaid and CHIP programs
for the sole purpose of defrauding
taxpayers. Temporary moratoria will
also permit the agency to develop a
strategy to mitigate the risk of fraud
while stopping the pace of potentially
fraudulent enrolling providers. We
believe these new tools will enable us
to become a more proactive gatekeeper
of the Medicare Trust Fund.
Comment: A commenter
recommended that all providers and
suppliers be subject to the provisions
associated with section 6401(a)(3) of the
ACA.
Response: This comment is outside of
the scope of this final rule with
comment period.
Comment: A commenter contended
that CMS’s statement in the preamble
that Medicare is the primary payer of
health care for 45 million enrolled
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
beneficiaries is incorrect. The correct
number should be more than 47 million.
The commenter also recommended that
CMS provide the number of Medicare
beneficiaries that are enrolled in
Medicare Advantage plans.
Response: We will address this
correction in the preamble. The
provisions of this final rule with
comment period do not apply to
Medicare Advantage plans, so the
number of Medicare Advantage-enrolled
beneficiaries would not be relevant to
the preamble.
Comment: A commenter questioned
whether CMS could implement the
provisions of this proposed rule when
information on its provider enrollment
Web site is not regularly updated.
Response: We are implementing
provisions of this proposed rule, and are
working with the provider community
in various outlets, including its provider
Web site. The provider enrollment Web
site will reflect the requirements of this
final rule with comment period.
Comment: Several commenters stated
that the Federal and State programs will
be more efficient if they recognize
another program’s enrollment
determinations, decisions to suspend
payments, and imposition of moratoria.
To handle the complexity and
coordination of monitoring participation
and appropriately suspending payments
or terminating contracts with providers
and suppliers, the commenter
recommended CMS develop and
maintain a central, consolidated
database for housing participation
status, suspension of payments and
imposed moratoria for all three
programs. The commenters stated that
CMS should also strengthen and expand
efforts to coordinate data sharing
between government health programs
across the various Federal agencies, as
well sharing of information with MAOs,
MCOs and CHIP sponsors.
Response: We agree with the previous
comment that we should seek to become
more efficient by sharing screening
determinations, decisions to suspend
payments and imposition of enrollment
moratoria to the extent possible under
applicable laws. We are continually
evaluating and strengthening efforts to
coordinate data sharing between health
programs across various agencies.
Comment: A commenter stated that
regulators and industry need to work
together to minimize the impact of sham
companies and other instances of fraud,
and that this proposed regulation is a
step in the right direction.
Response: We agree with this
comment.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
III. Collection of Information
Requirements
Under the Paperwork Reduction Act
of 1995, we are required to provide 60day notice in the Federal Register and
solicit public comment before a
collection of information requirement is
submitted to the Office of Management
and Budget (OMB) for review and
approval. In order to fairly evaluate
whether an information collection
should be approved by OMB, section
3506(c)(2)(A) of the Paperwork
Reduction Act of 1995 requires that we
solicit comment on the following issues:
• The need for the information
collection and its usefulness in carrying
out the proper functions of our agency.
• The accuracy of our estimate of the
information collection burden.
• The quality, utility, and clarity of
the information to be collected.
• Recommendations to minimize the
information collection burden on the
affected public, including automated
collection techniques.
We solicited public comment on each
of these issues for the following sections
of this document that contain
information collection requirements
(ICRs):
For this final rule with comment
period, we will be retaining the
Collection of Information estimates in
the proposed rule, in accordance with
the discussion below.
A. ICRs Regarding Medicare Application
Fee Hardship Exception (§ 424.514)
Section 424.514(e) states that a
provider or supplier that believes it has
a hardship that justifies a waiver
exception of the application fee must
include with its enrollment application
a letter that describes the hardship and
why the hardship justifies a waiver
exception. The burden associated with
this requirement is the time and effort
necessary to submit a Medicare
enrollment application, which is
required currently of any individual or
entity enrolling in Medicare. In addition
to the enrollment application, a
provider or supplier would have the
new burden of drafting and submitting
a letter to justify its hardship waiver
request should it choose to submit one.
The burden associated with submitting
Medicare enrollment applications A, B,
I, R and CMS–855S, are currently
approved under Office of Management
and Budget (OMB) control numbers
0938–0685 and 0938–1057,
respectively). Although we have no way
of knowing for certain how many
entities will actually submit an
application with a letter requesting a
waiver, we know that there are likely to
PO 00000
Frm 00089
Fmt 4701
Sfmt 4700
5949
be more such requests in the early years
of implementation than in later years.
We estimated that in the first year,
12,000 providers or suppliers—or
slightly over 50 percent of the total
number of providers and suppliers that
we believe will be subject to the
application fee—will submit waiver
request letters as part of their
application packages. (As stated in the
preamble, the application fee does not
apply to individual eligible
professionals nor to group practices of
these individual professionals.) We also
estimated that it will take each provider
or supplier 1 hour to develop the letter.
The total estimated annual burden
associated with this requirement is
therefore 12,000 hours at a cost of
$600,000, or $50.00 per waiver request.
B. ICRs Regarding Medicare
Fingerprinting Requirement (§ 424.518)
Consistent with § 424.518 we will
require the submission of a set of
fingerprints—either electronically
collected by CMS’ authorized channeler
or using the FD–258 standard
fingerprint card obtained from the local
law enforcement agency that collected
the fingerprints—from all individuals
who maintain a 5 percent or greater
direct or indirect ownership interest in
a prospective HHA or DMEPOS supplier
that is enrolling in Medicare. We
estimate that CMS or its designated
contractors will make 7,000 such
requests per year. This is predicated on
our projection that—based on 2009
statistics—roughly 7,000 DMEPOS
suppliers and HHAs will annually
enroll in Medicare. For purposes of this
ICR statement only, and to ensure that
we do not underestimate the possible
burden, we estimate that all of these
providers and suppliers will be required
to submit fingerprints. We further
estimate that an average of five
individuals per provider or supplier
will be required to comply with this
request. (It must be noted that for
purposes of this ICR and the RIA below,
we sought comments on whether the
estimate of five individuals per
applicant is accurate. No comments
were received.) Additionally, we
estimate that it will take each of the
35,000 respondents (7,000 provider
requests × 5 respondents per provider
request) an average of 2 hours to obtain
and submit fingerprints. Consequently,
the total estimated annual burden
associated with this requirement is
70,000 hours (35,000 responses × 2
hours per response) at a cost of $3.5
million (70,000 hours × $50 per hour).
Sections 424.518(c)(3)(ii) and (iii) call
for the submission of a set of
fingerprints for a national background
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5950
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
check from all individuals who
maintain a 5 percent or greater direct or
indirect ownership interest in a
provider or supplier that has moved into
the ‘‘high’’ risk category based on an
adverse action or the lifting of a
moratorium. The burden associated
with this requirement is the time and
effort necessary for the individual to
submit the required information upon
request. We estimate that CMS or its
designated contractors will make 2,000
requests per year. This is based on the
number of providers and suppliers that
we estimate will attempt to enroll in
Medicare: (1) After the lifting of a
moratorium for their respective provider
or supplier type, or (2) that have had
one of the adverse actions in
§ 424.518(c)(3)(ii) imposed against it.
This estimate of course, cannot be
conclusively quantified because it is
impossible for us to say with certainty
which provider and supplier types will
be subject to a moratorium. To ensure
that we do not underestimate the
potential burden, we also calculated
projections should 5,000 or 10,000
requests be made.
We estimate that an average of five
individuals per provider or supplier
will be required to comply with this
request. We further project that it will
take each of the 10,000 respondents
(2,000 provider or suppliers requests ×
5 respondents per provider or supplier
request) an average of 2 hours to obtain
and submit the fingerprints. The
estimated annual burden associated
with this requirement, based on 2,000
requests is 20,000 hours (10,000
respondents × 1 response per
respondent × 2 hours per response) at a
cost of $1 million (20,000 hours × $50
per hour). If 5,000 requests are made,
the burden is 50,000 hours at a cost of
$2.5 million (5,000 requests × 5
responses per request × 2 hours per
response × $50 per hour.) If 10,000
requests are made, the burden is
100,000 hours at a cost of $5 million
(10,000 requests × 5 responses per
request × 2 hours per response × $50 per
hour).6
In addition, there are some limited
circumstances when CMS could ask a
physician to submit fingerprints. For
example, a provider or supplier that is
being enrolled in Medicare after the
lifting of a temporary moratorium could
automatically be classified as ‘‘high’’ risk
and, as such, would be subject to
criminal background checks and
fingerprinting of owners of the
company. If a physician were to have a
6 Note that these figures pertain only to
individuals who are not physicians. Physicians are
addressed in the following paragraph.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
5 percent or greater direct or indirect
ownership interest in the provider or
supplier, CMS would have the authority
to request fingerprints from him or her.
Other circumstances might include
when a physician has had an adverse
action imposed against him or her and,
in accordance with § 424.518(c)(3)(ii),
has been placed in the ‘‘high’’ risk
category. We estimate that CMS or its
designated contractors will make 500
such requests for fingerprints per year.
We further estimate that it will take
each of the 500 respondents a total of 2
hours to obtain and submit the
fingerprints. The total estimated annual
burden associated with this requirement
is 1,000 hours (500 respondents × 1
response per respondent × 2 hours per
response) at a cost of $50,000 (1,000
hours × $50 per hour).
Therefore, assuming that 2,000 postmoratorium requests for fingerprints are
made, the total estimated annual burden
associated with the Medicare
requirements in this ICR is 103,000
hours at a cost of $5,150,000. If 5,000
post-moratorium requests are made, the
estimated annual burden is 133,000
hours at a cost of $6,650,000. If 10,000
post-moratorium requests are made, the
estimated annual burden is 183,000
hours at a cost of $9,150,000.
Comment: In the collection of
information requirements section of this
proposed rule, CMS used 2009 statistics
for estimating the number of individuals
that will need to undergo fingerprinting.
A commenter recommended that CMS
update these estimates using 2010 data.
Response: We believe it is more
appropriate to use the most recent full
year’s data.
Comment: A commenter contended
that CMS’s estimate that it will take 2
hours to obtain a set of fingerprints
using the FD–258 standard fingerprint
card seems low. The commenter
recommended that CMS provide the
analysis used, including literature
review, to estimate the time it will take
to obtain a set of fingerprints using the
FD–258 fingerprint card. The
commenter also asked that CMS explain
whether there are any alternatives to the
FD–258 standard fingerprint card and, if
there are, the costs associated with these
alternatives.
Response: We believe that the 2 hour
figure, which was based on our analysis
of a number of materials, is accurate.
Since the FD–258 is the standard
fingerprint card, we focused primarily
on the use of this format in the proposed
rule. However, as explained in the
preamble to this final rule with
comment period, electronic fingerprints
will be an alternative—and one that we
will encourage—to the FD–258.
PO 00000
Frm 00090
Fmt 4701
Sfmt 4700
C. ICRs Regarding Medicaid
Fingerprinting Requirement (§ 455.434)
Section 455.434 states that when a
State Medicaid agency determines that a
provider is ‘‘high’’ risk, the State
Medicaid agency will require that
provider to submit fingerprints. We
anticipate that States will be collecting
fingerprints on a significantly smaller
number of providers. However, as with
our estimates of the potential burden for
the Medicare requirements, we
preferred to overestimate the potential
burden rather than underestimate it.
Therefore, we anticipate that States may
require an additional 26,000 individuals
to submit fingerprints prior to enrolling
in a State’s Medicaid program or CHIP.
The total estimated annual burden
associated with this requirement for
Medicaid and CHIP is 52,000 hours
(26,000 respondents × 1 response per
respondent × 2 hours per response) at a
cost of $2.6 million (52,000 hours × $50
per hour).
D. ICRs Regarding Suspension of
Payments in Cases of Fraud or Willful
Misrepresentation (§ 455.23)
As stated in § 455.23(a), a State
Medicaid agency must suspend all
Medicaid payments to a provider when
there is pending an investigation of a
credible allegation of fraud under the
Medicaid program against an individual
or entity unless it has good cause to not
suspend payments or to suspend
payment only in part. The State
Medicaid agency may suspend
payments without first notifying the
provider of its intention to suspend
such payments. A provider may request,
and must be granted, administrative
review where State law so requires.
The burden associated with this
requirement is the time and effort
necessary for a provider to request
administrative review where State law
so requires. While this requirement is
subject to the PRA, we believe the
associated burden is exempt in
accordance with 5 CFR 1320.4.
E. ICRs Regarding Collection of SSNs
and DOBs for Medicaid and CHIP
Providers (§ 455.104)
As stated in § 455.104(b)(1), the State
Medicaid agency must require that all
persons with an ownership or control
interest in a provider submit their SSN
and DOB. The burden associated with
the Medicaid requirements in
§ 455.104(b)(1) is the time and effort
necessary for a provider to report the
SSN and DOB for all persons with an
ownership or control interest in a
provider.
Although our data on Medicaid
provider enrollment at the national level
E:\FR\FM\02FER2.SGM
02FER2
5951
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
is very limited, we do collect annual
data on State Medicaid program
integrity activities. This annual data
collection, known as the State Program
Integrity Assessment (SPIA) program,
approved under OCN 0938–1033,
consists of self-reported data by States
regarding a variety of program integrity
related activities. The information is
self-reported and has not been
independently verified by CMS, and it
undoubtedly represents some unknown
degree of duplication among providers
across States. Consequently, the
estimated number of Medicaid
providers nationally is likely overstated.
According to SPIA data for FFYs 2007
and 2008, there has been an average of
1,855,070 existing Medicaid providers
nationally over the 2 year period of FFY
2007 and FFY 2008. We estimate that
one-fifth or 371,014 (1,855,070 × 20
percent) of existing Medicaid providers
would be required to re-enroll each
year. Additionally, we estimate that
there will be 56,250 newly enrolling
Medicaid providers each year, for a total
of 427,264 Medicaid providers that will
be subject to the SSN and DOB reporting
requirements each year. We further
estimate that it will take each provider
an average of 2 minutes to report the
SSN and DOB for all persons with an
ownership or control interest. Thus, the
estimated annual burden associated
with this requirement for Medicaid
providers is 14,242 hours (427,264 × (2
minutes, divided by 60 minutes per
hour)) at a cost of $712,100 (14,242
hours × $50 per hour).
F. ICRs Regarding Site Visits for
Medicaid-Only or CHIP-Only Providers
(§ 455.450)
As stated in § 455.450(b), a State
Medicaid agency must conduct on-site
visits for providers it determines to be
‘‘moderate’’ or ‘‘high’’ categorical risk.
We anticipate that Medicare contractors
will perform the screening activities for
the overwhelming majority of providers
that are dually enrolled in both
Medicare and Medicaid and thus, we
estimate that State Medicaid agencies
will conduct approximately 5,000 site
visits for Medicaid-only providers
nationally per year. We further estimate
that it will take one individual 8 hours
to perform each on-site visit (including
travel time). Thus, the total estimated
annual burden associated with this
requirement for Medicaid is 40,000
hours (5,000 site visits × 8 hours) at a
cost of $2,000,000 (40,000 hours × $50
per hour).
G. ICRs Regarding the Rescreening of
Medicaid Providers Every 5 Years
(§ 455.414)
As stated in § 455.414, a State
Medicaid agency must screen all
providers at least every 5 years. This
requirement is consistent with the
Medicare requirement that providers,
suppliers, and eligible professionals
must re-enroll at least every 5 years
(more often for certain types of
suppliers). The burden associated with
this requirement would be the time and
effort necessary for Medicaid-only
providers to re-enroll in Medicaid, and
the time and effort necessary for a State
to conduct the provider screening,
Although our data on Medicaid
provider enrollment at the national level
is very limited, we do collect annual
data on State Medicaid program
integrity activities. As previously
explained, this annual data collection,
known as the State Program Integrity
Assessment (SPIA) program, consists of
self-reported data by States regarding a
variety of program integrity related
activities. The information is selfreported and has not been
independently verified by CMS, and it
undoubtedly represents some unknown
degree of duplication among providers
across States. Consequently, the
estimated number of Medicaid
providers nationally is likely overstated.
According to SPIA data for FFYs 2007
and 2008, there has been an average of
1,855,070 existing Medicaid providers
nationally over the 2 year period of FFY
2007 and FFY 2008. We estimate that
one fifth, or 371,014 (1,855,070 × 20
percent), of existing Medicaid providers
would be required to re-enroll each
year. Although provider enrollment
requirements vary by State, we further
estimate that it will take each provider
an average of 2 hours to complete the
Medicaid re-enrollment requirements.
Thus, the estimated annual burden
associated with this requirement for
Medicaid providers is 742,028 hours
(371,014 responses × 2 hours per
response) at a cost of $37,101,400
(742,028 hours × $50 per hour).
In addition, we estimate that 80
percent of Medicaid providers also
participate in Medicare, and thus would
have provider screening activities
performed by the Medicare contractors.
Thus, we estimate that States would be
required to conduct provider screening
activities for 74,203 (371,014 × 20
percent) re-enrolling Medicaid-only
providers each year. We further estimate
that it will take States, on average, 4
hours to perform the required provider
screening activities—noting that
currently enrolled providers would
generally be categorized as lower risk
than newly-enrolling providers. The
estimated burden associated with this
requirement for State Medicaid agencies
is 296,812 hours (74,203 responses × 4
hours per response) at a cost of
$14,840,600 (296,812 hours × $50 per
hour). We believe that the burden on
States will be in large part offset by the
application fees collected and by the
Federal share for the amounts not
covered by the application fee.
The total estimate annual burden
associated with the Medicaid
prescreening requirement is 1,038,840
hours at a cost of $51,942,000
($37,101,400 + $14,840,600).
TABLE 10—ESTIMATED ANNUAL REPORTING/RECORDKEEPING BURDEN
OMB
Control
No.
Regulation section(s)
rmajette on DSK29S0YB1PROD with RULES2
§ 424.514(e)** ............................................
§ 424.518(c)(2)(b) and (d) .........................
§ 424.518(c)(3)(iv) and (d) ........................
§ 455.434 ...................................................
§ 455.104 ...................................................
§ 455.450 ...................................................
§ 455.414 (Providers) ................................
§ 455.414 (State Medicaid Agencies) .......
VerDate Mar<15>2010
15:39 Feb 01, 2011
Total annual burden
(hours)
Hourly
labor cost
of
reporting
($)
Total labor
cost of
reporting
($)
Total
capital/
maintenance
costs
($)
Respondents
Responses
12,000
12,000
1
12,000
50
600,000
0
600,000
35,000
10,500
26,000
427,264
5000
371,014
74,203
35,000
10,500
26,000
427,264
5000
371,014
74,203
2
2
2
70,000
21,000
52,000
14,242
40,000
742,028
296,812
50
50
50
50
50
50
50
3,500,000
1,050,000
2,600,000
712,100
2,000,000
37,101,400
14,840,600
0
0
0
0
0
0
..................
3,500,000
1,050,000
2,600,000
712,100
2,000,000
37,101,400
14,840,600
0938–
0685;
0938–1057
0938–New
0938–New
0938–New
0938–New
0938–New
0938–New
0938–New
Jkt 223001
Burden per
response
(hours)
PO 00000
Frm 00091
Fmt 4701
.033
8
2
4
Sfmt 4700
E:\FR\FM\02FER2.SGM
02FER2
Total cost
($)
5952
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
TABLE 10—ESTIMATED ANNUAL REPORTING/RECORDKEEPING BURDEN—Continued
OMB
Control
No.
Regulation section(s)
Total ...................................................
Respondents
960,981
..................
Responses
Burden per
response
(hours)
Total annual burden
(hours)
Hourly
labor cost
of
reporting
($)
Total labor
cost of
reporting
($)
Total
capital/
maintenance
costs
($)
Total cost
($)
960,981
....................
1,248,082
..................
..................
..................
62,404,100
** Denotes that we will be submitting revisions of the currently approved information collection requests for OMB review and approval.
Comment: A commenter requested
clarification on whether the dollar
figure of $62 million in Table 6 of the
proposed rule (entitled ‘‘Estimated
Annual Reporting/Recordkeeping
Burden’’) is the cost shared by the
Federal Medicare programs as well as
all of the State Medicaid agencies
collectively.
Response: It includes Medicare costs,
and those of the State Medicaid
agencies.
IV. Response to Comments
Because of the large number of public
comments we normally receive on
Federal Register documents, we are not
able to acknowledge or respond to them
individually. We will consider all
comments we receive by the date and
time specified in the ‘‘DATES’’ section of
this preamble, and, when we proceed
with a subsequent document, we will
respond to the comments in the
preamble to that document.
V. Regulatory Impact Analysis
rmajette on DSK29S0YB1PROD with RULES2
A. Statement of Need
This final rule with comment period
is needed to implement the following
provisions of the ACA: (1) Section
6401(a) and section 6401(b) of the ACA
added section 1866(j)(2) to the Act and
requires the establishment of screening
procedures for providers and suppliers
in the Medicare, Medicaid and CHIP
programs; (2) section 6401(a) of the ACA
added section 1866(j)(2)(C) to the Act
and requires the establishment of
application fees for institutional
providers and suppliers; (3) section
6401(a) of the ACA added a new section
1866(j)(7) to the act establishing the use
of temporary moratoria regarding the
enrollment of providers and suppliers in
Medicare, and section 6401(b)(1) of the
ACA added a new section 1902(kk)(4) of
the Act for a parallel requirement in the
Medicaid and CHIP programs; (4)
section 6501 of the ACA added section
1902(a)(39) to the Act establishing
guidance for States regarding the
termination of providers from Medicaid
and CHIP if terminated by Medicare or
another Medicaid State plan or CHIP;
and permitting guidance regarding the
termination of providers and suppliers
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
from Medicare if terminated by a
Medicaid State agency; and (5) Section
6402(h) of the ACA added 1862(o) to the
Act establishing the requirements for
the suspension of payments pending
credible allegations of fraud in the
Medicare and Medicaid programs. As
previously explained, we believe these
provisions are necessary to assist us in
preventing fraud, waste and abuse in the
Medicare, Medicaid and CHIP programs.
B. Overall Impact
We have examined the impact of this
rule as required by Executive Order
12866 on Regulatory Planning and
Review (September 1993), the
Regulatory Flexibility Act (RFA)
(September 19, 1980, Pub. L. 96–354),
section 1102(b) of the Social Security
Act, section 202 of the Unfunded
Mandates Reform Act of 1995 (Pub. L.
104–4), Executive Order 13132 on
Federalism (August 4, 1999), and the
Congressional Review Act (U.S.C.
804(s)).
Executive Order 12866 directs
agencies to assess all costs and benefits
of available regulatory alternatives and,
if regulation is necessary, to select
regulatory approaches that maximize
net benefits (including potential
economic, environmental, public health
and safety effects, distributive impacts;
and equity). A regulatory impact
analysis (RIA) must be prepared for
rules with economically significant
effects ($100 million or more in any 1
year). This final rule with comment
period does reach the economic
threshold and thus is considered an
economically significant rule.
The RFA requires agencies to analyze
options for regulatory relief for small
businesses. Under the RFA, we must
either prepare an Initial Regulatory
Flexibility Analysis or certify that the
final rule with comment period will not
have a significant impact on a
substantial number of small entities. For
purposes of the RFA, small entities
include small businesses, nonprofit
organizations, and government agencies.
Most hospitals and most other providers
and suppliers are small entities, either
by nonprofit status or by having
revenues of less than $7.0 to $34.5
million (depending on provider type) in
PO 00000
Frm 00092
Fmt 4701
Sfmt 4700
any one year. Individuals and States are
not included in the definition of a small
entity. We do not believe that our
application fees will have a significant
impact on any small entities. Likewise,
we do not believe that other screening
provisions, such as the provision of
fingerprints or accommodating
unannounced visits, will have a
significant impact on any small entities.
We believe this final rule with comment
period could have significant impact on
a relatively small proportion of small
businesses in terms of restrictions on
federal health monies paid to small
businesses participating in the Medicare
or Medicaid programs or CHIP. Clearly,
imposition of an enrollment moratorium
would have an impact on a small
business that is attempting to do
business with any of the Federal health
programs. Similarly, suspension of
payments to any small entity could
create a significant impact on that
entity. However, we have no basis for
estimating how many entities might be
affected by these provisions. Finally, we
believe that this final rule with
comment period will reduce fraud and
abuse among potential providers.
We believe there will be a significant
impact on their ability to defraud the
taxpayer in several ways. First, closer
screening of certain high-risk providers
and suppliers will better enable CMS to
detect those individuals and entities
that pose a risk to the Medicare
program. We expect that the prevention
of unqualified providers and suppliers
from enrolling in Medicare will protect
the Medicare Trust Fund and save the
taxpayers millions of dollars. Second,
the temporary moratoria provisions will
enable CMS to restrict the entry of
certain providers and suppliers into
Medicare in order to prevent or combat
fraud, waste, and abuse, thus, again,
saving millions of Federal dollars.
While we cannot quantify with
exactitude the amount of money that the
Medicare program will save as a result
of these measures, we do believe that
the figure will exceed the costs outlined
in this RIA. We solicited comment on
the overall proposed screening
processes of the proposed rule,
including how the risk of fraud is
determined, the administrative
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
interventions proposed to address the
risk, and the criteria for exceptions to
the enrollment application fee and any
temporary enrollment moratoria. We
requested that small businesses
comment on these provisions and offer
suggestions about how to mitigate what
they might see as adverse administrative
or financial impacts. This RIA, taken
together with the remainder of the
preamble, constitutes an Initial
Regulatory Flexibility Analysis under
the RFA.
In addition, section 1102(b) of the Act
requires us to prepare a regulatory
impact analysis if a rule may have a
significant impact on the operations of
a substantial number of small rural
hospitals. This analysis must conform to
the provisions of section 604 of the
RFA. For purposes of section 1102(b) of
the Act, we define a small rural hospital
as a hospital that is located outside of
a Metropolitan Statistical Area and has
fewer than 100 beds. We did not prepare
an analysis for section 1102(b) of the
Act because we have determined that
this final rule with comment period will
not have a significant impact on the
operations of a substantial number of
small rural hospitals.
Section 202 of the Unfunded
Mandates Reform Act of 1995 also
requires that agencies assess anticipated
costs and benefits before issuing any
rule that may result in expenditure in
any 1 year by State, local, or tribal
governments, in the aggregate, or by the
private sector, of $135 million. This rule
does mandate expenditures by State and
local governments, in order to enforce
the Medicaid-related provisions, but we
believe that those expenditures will be
relatively minor. The mandated costs on
providers—primarily for application
fees—may approach or exceed the
threshold for the private sector.
Accordingly, this RIA constitutes the
required assessment of costs and
benefits under UMRA.
Executive Order 13132 establishes
certain requirements that an agency
must meet when it promulgates a
proposed rule (and subsequent final
rule) that imposes substantial direct
requirement costs on State and local
governments, preempts State law, or
otherwise has Federalism implications.
Since this final rule with comment
period would not impose any
substantial direct requirement costs on
State or local governments, preempt
State law, or otherwise have Federalism
implication, the requirements of E.O.
13132 are not applicable.
We received several comments on the
RIA. They are as follows:
Comment: A commenter noted that,
under the proposed rule, Medicare
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
contractors will not begin processing an
enrollment application until the
application fee is received and credited
to the United States Treasury. The
commenter recommended that CMS
estimate the increase in enrollment
application processing times due to the
fee requirement and the impact this
additional time will have on private
sector.
Response: It is not possible to qualify
the additional time, if any, that this
requirement would have on processing
times. Moreover, we do not believe that
a minor delay in processing would
result in any quantifiable and definable
monetary cost to a particular provider.
Comment: Several commenters
contended that CMS did not comply
with section 6(a)(3)(C)(i) of Executive
Order 12866. Specifically, CMS: (1) Did
not include an assessment or
quantification of benefits associated
from this regulatory action; (2) the
underlying analysis of the costs and
benefits of potentially effective and
reasonably feasible alternatives to the
planned regulation; (3) explain why the
planned regulatory action is preferable
to the identified potential alternatives;
(4) include any feasible alternatives to
the planned screening process; (5)
include alternatives to the payment
suspension portions; (6) include the cost
impact on health care providers due to
increased processing times; (7) solicit
comments on or consider the costs or
benefits of reasonably feasible
alternatives, such as assessing the
application fee by NPI or TIN or
assessing the risk based on as past
experience with the Medicare program
or other health plans; or (8) consider the
Medicare error rate in determining the
category of risk. The commenter stated
that CMS should therefore not finalize
the provisions of this proposed rule
until a new proposed rule is published.
Response: The proposed rule and the
final rule with comment period both
contain a Regulatory Impact Analysis as
required by Executive Order 12866. As
explained in section IV.E. and
throughout this final rule with comment
period, we believe that this regulation
will have a significant benefit by
reducing the ability of potential
providers to defraud taxpayers. The
proposed rule solicited comments on
the proposed screening categories, on
the use of fingerprinting and other
alternatives to identity verification, on
the kind of documentation that must be
submitted to assert a hardship exception
to the application fee, an alternative
definition of the term ‘‘resolution of an
investigation,’’ on criteria that would
justify the reclassification of a provider
from one risk category to another, on the
PO 00000
Frm 00093
Fmt 4701
Sfmt 4700
5953
applicability of geography in the
determination of a risk category, and on
additional triggers that would move a
provider into a different risk category.
We did not believe the use of NPIs or
TINs in the assessment of the
application fee was appropriate because
the requirement to submit an enrollment
application is separate from the
requirement to have an NPI or a TIN.
We believe that basing the fee on the
submission of an application is most
consistent with the statute. With respect
to the Medicare error rate, an
erroneously paid claim does not
necessarily mean that the claim was
fraudulently submitted. For this reason,
we believe it would be improper to use
it in our placement of providers into
risk categories when there were other
factors—including comprehensive
studies of fraudulent behavior, such as
OIG and GAO reports—that were more
conclusive. We have solicited comments
on proposals and potential alternatives,
and have considered such comments in
the development of this final rule with
comment period.
Comment: A commenter stated that
the proposed rule contained a number
of internal inconsistencies between the
preamble and regulation impact
statement, such as: (1) use of 2.34
percent as the CPI in preamble and 3.0
percent as the CPI in the regulation
impact section; (2) the lack of an
‘‘Alternatives Considered’’ section in the
regulation impact section, and (3) a
failure to account for the cost or impact
of the additional off-cycle revalidations
in the regulation impact section. The
commenter recommended that CMS
publish a new proposed rule.
Response: The use of 2.34 percent in
the preamble was simply for illustrative
purposes. Having said that we have
revised the 3 percent figure to more
accurately reflect actual and projected
CPI–U statistics we have received.
Specifically, the rates we used for 2011,
2012, 2013, 2014 and 2015 are,
respectively, 1.0 percent, 2.0 percent,
2.0 percent, 2.0 percent and 2.0 percent.
The figure for 2011 is based on data
obtained from the Bureau of Labor
Statistics, while the data for years 2012
through 2015 represent the estimated
CPI–U figures offered in the Budget of
the U.S. Government, Fiscal Year 2011.
The CPI–U figures reflect the percentage
change in the consumer price index for
all urban consumers (all items; United
States city average), for the 12-month
period ending with June of the previous
year. Moreover, we have added an
‘‘Alternative Considered’’ section to the
RIA.
As stated previously, we solicited
comments on multiple issues in the
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5954
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
proposed rule. Additionally, we are
implementing provisions of the ACA
that had already outlined certain
requirements for the regulations. The
ACA, for example, required that we
determine the level of screening to be
conducted with respect to the category
of provider or supplier, to require an
application fee of $500 adjusted after
2010 for the consumer price index, and
to suspend payments pending an
investigation of credible allegations of
fraud.
The RIA took into account the cost of
revalidations beginning on March 25,
2011, prior to the date at which CMS
could begin off-cycle validations under
§ 424.515(e), but the same date at which
the new screening requirements will go
into effect. Any provider validated after
March 25, 2011 but before March 23,
2012 will not be subject to off-cycle
revalidation and any provider that is
revalidated will begin a new cycle of
revalidation requirements. Therefore,
any off-cycle revalidations that occur
after March 23, 2012 will restart the
revalidation cycle, and only DMEPOS
suppliers who are on 3 year validations
will be revalidated, in cycle, prior to the
end of CY 2015. We believe the RIA is
valid.
Comment: A commenter noted that,
under the proposed rule, Medicare
contractors will not begin processing an
enrollment application until the
application fee is received and credited
to the United States Treasury. The
commenter recommended that CMS
estimate the increase in enrollment
application processing times due to the
fee requirement and the impact this
additional time will have on private
sector.
Response: It is not possible to qualify
the additional time, if any, that this
requirement would have on processing
times. Moreover, we do not believe that
a minor delay in processing would
result in any quantifiable and definable
monetary cost to a particular provider.
Comment: One commenter stated that
the preamble of this proposed regulation
uses 2.34 percent as the Consumer Price
Index (CPI) for the application fee,
while the regulatory impact section uses
3 percent as the CPI for the application
fee. The commenter recommended that
CMS: (1) Use the official percentage by
the Bureau of Labor Statistics in
calculating the change in application fee
year by year, (2) explain if a negative
CPI will result in a decrease in the
application fee, and (3) use the actual
CPI for 2010 in developing the final rule
with comment period and establishing
the application fee that must be paid by
providers and suppliers in 2011.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Response: We agree and, as
previously explained, have incorporated
more accurate CPI–U rates into this final
rule with comment period. A negative
CPI would result in a fee decrease;
however, the RIA projects a continued
increase in the CPI.
Comment: A commenter noted that
CMS states in the RIA that 400,000
providers and suppliers would need to
revalidate their enrollment over a 5 year
period. However, CMS excluded groups
and clinics from the impact of the
application fee. The commenter did not
believe there are 400,000 providers and
suppliers to revalidate, since a large
number of providers and suppliers are
designated as medical groups/clinics.
The commenter recommended that CMS
furnish a breakdown of the providers
and suppliers that would be required to
revalidate their enrollment in Medicare
and adjust, if necessary, the amount
collected via the application fee. The
commenter also suggested that CMS
provide the number of providers and
suppliers by year that were subject to
revalidation since 2006.
Response: We do not believe that a
specific breakdown by provider type
and year is necessary, and maintain our
view that approximately 400,000
providers and suppliers will revalidate
their enrollment over a 5 year period—
even accounting for medical groups/
clinics. This figure, admittedly, may be
a little high, but we would prefer to
overestimate the potential burden than
underestimate it.
In light of these comments, we have
revised our calculations based on new
and more accurate CPI–U rates and have
added an ‘‘Alternative Considered’’
section.
C. Anticipated Effects
1. Medicare
a. Enhanced Screening Procedures—
Medicare
Based on statistics obtained from
PECOS and our Medicare contractors,
there are approximately 400,000
providers and suppliers currently
enrolled in the Medicare program. (This
does not include eligible professionals.)
This figure includes ambulance service
suppliers; ambulatory surgical centers;
community mental health centers;
comprehensive outpatient rehabilitation
facilities; suppliers of DMEPOS; endstage renal disease facilities; federally
qualified health centers;
histocompatibility laboratories; home
health agencies; hospices; hospitals,
including physician-owned specialty
hospitals; critical access hospitals;
independent clinical laboratories;
independent diagnostic testing facilities;
PO 00000
Frm 00094
Fmt 4701
Sfmt 4700
Indian health service facilities;
mammography centers; mass
immunizers (roster billers); medical
groups/clinics, including single and
multi-specialty clinics; organ
procurement organizations; outpatient
physical therapy/occupational therapy/
speech pathology services; portable xray suppliers; skilled nursing facilities;
radiation therapy centers; religious nonmedical health care institutions; and
rural health clinics. We note the
following in section III. of this final rule
with comment period:
• Based on 2009 experience we
estimated that there will be 7,000
DMEPOS suppliers and HHAs that will
submit an application to become a new
Medicare enrolled provider in 2011. We
would require approximately 35,000
individuals (7,000 providers/suppliers x
5 individuals per applicant) to undergo
fingerprinting to participate in the
Medicare program as an owner of an
HHA or supplier of DMEPOS. We have
found that the cost of having a set (two
prints) of fingerprints done through law
enforcement is approximately $50.00
per individual. (This includes the time
spent in obtaining the fingerprints.) The
cost of this fingerprinting requirement
would therefore be $1.75 million per
year (35,000 individuals x $50).
• We estimated that 10,000
individuals (2,000 providers or
suppliers × 5 individuals per applicant)
would undergo fingerprinting following
the lifting of a moratorium on a
particular provider or supplier type, at
a cost of $500,000 per year (10,000 ×
$50). Should requests be made of 5,000
providers or suppliers, the annual figure
would be $1,250,000 (5,000 × 5
individuals per applicant × $50). Should
requests be made of 10,000 providers or
suppliers, the annual figure would be
$2.5 million (10,000 × 5 × $50).
• We estimate that 500 physicians
would undergo fingerprinting per year,
at a cost of $25,000.
This results in a total cost of the
fingerprinting requirement of
$2,275,000 per year ($1,750,000 +
$500,000 + $25,000), or $11,375,000
over 5 years. If 5,000 post-moratorium
requests are made, the annual cost is
$3,025,000, with a 5 year cost of
$15,125,000. Should 10,000 postmoratorium requests be made, the
annual cost is $4,275,000, with a 5 year
cost of $21,375,000.
As we believe that 2,000 postmoratorium requests is the most likely
scenario, we will hereafter use the
$2,275,000 amount as the annual cost of
this requirement. This results in an
estimated 5 year cost of $11,375,000.
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
b. Application Fee—Medicare
c. General Enrollment Framework
The Secretary shall impose an
application fee on each institutional
provider. The amount of the fee is $500
per provider or supplier for 2010. For
2011 and each subsequent year, the fee
amount will be determined by the
statutorily required formula using the
consumer price index for all urban
consumers (CPI–U). The enrollment
application fee does not apply to
individual eligible professionals (for
example, physicians). The fee is to be
paid by institutional providers only.
The new screening provisions are
applicable to new and revalidating
providers and suppliers effective March
25, 2011, and to currently enrolled
providers and suppliers as of March 23,
2012. We will to begin collecting the
enrollment application fee for new
providers and suppliers and for
currently enrolled providers
revalidating enrollment effective March
25, 2011.
(1) New Enrollment
Medicare contractors report that over
the last several years, approximately
32,000 is the annual number of newly
enrolling providers and suppliers that
would—without accounting for the
possible granting of waivers—be subject
to the enrollment application fee—
(approximately 20,000 for Medicare Part
B, approximately 7,000 DMEPOS
suppliers and HHAs (as explained in the
Collection of Information section), and
approximately 5,000 non-HHA
Medicare Part A providers).7
We assumed that no more than 2.5
percent of these 32,000 providers and
suppliers—or 800—will receive a
hardship exception; as indicated earlier,
exceptions will only be approved
infrequently.
In CY 2011, we reduced the estimate
number of institutional providers
subject to the application fee by 25
percent because the application fee will
not begin until March 25, 2011.
Accordingly, the number of institutional
providers that we anticipate paying the
application fee will be 23,400 (or 31,200
5955
× .75) in CY 2011. Therefore, the
impacts of the enrollment application
fee are as follows. If we use 23,400 as
the number of newly enrolling providers
and suppliers in 2011 and multiply this
number by an application fee of $505 (or
$500 × 1.0 percent), we get $ 11,817,000
collected for the first year (that is, CY
2011). If we assume that the number of
newly enrolling providers and suppliers
will remain constant at 31,200 for years
2012 through 2015, the cost to the
number of newly enrolling providers
and suppliers would be $78,054,600.
Although we have no way to predict
that the number of new enrollments will
change in future years, it is possible that
the number of enrolling providers and
suppliers vary from what has been the
norm. If our estimate of the number of
newly enrolling providers is inaccurate
and we enroll a different number of
providers and suppliers after the
effective date of the new screening and
other provisions contained in the ACA,
we estimate based on the $500
enrollment application fee—a rough
difference of $1 million for each
increment of 2,000 new enrollments,
whether fewer or greater.
TABLE 11—CUMULATIVE APPLICATION FEES FOR NEWLY ENROLLING MEDICARE PROVIDERS AND SUPPLIERS FOR THE
FIRST 5 YEARS OF THE PROVISION
Calendar year
2011
2012
2013
2014
2015
Newly enrolling
institutional
providers and
suppliers
Newly enrolling institutional
providers and
suppliers paying
the application fee
(based on a 2.5%
hardship exception rate)
CPI–U increase
(%)
Consumer price
index adjusted
fee in dollars *
Total fees for
each year in
dollars
Cumulative fees
in dollars
...............................
...............................
...............................
...............................
...............................
24,000
32,000
32,000
32,000
32,000
23,400
31,200
31,200
31,200
31,200
1.0
2.0
2.0
2.0
2.0
505
515
525
536
547
11,817,000
16,068,000
16,380,000
16,723,200
17,066,400
11,817,000
27,885,000
44,265,000
60,988,200
78,054,600
Total ........................
............................
..............................
............................
............................
78,054,600
78,054,600
rmajette on DSK29S0YB1PROD with RULES2
* As already mentioned, section 6401(a)(3) of the ACA called for a $500 application fee for institutional providers in 2010. Since the effective
date of this final rule with comment period is March 25, 2011, we have added a 1.0 percent increase to the $500 fee for 2011. Moreover, each
fee amount in this category was rounded up to the nearest dollar.
(2) Revalidation
There are approximately 100,000
currently enrolled suppliers of DMEPOS
who are required to revalidate their
enrollment every 3 years and 300,000
additional providers and suppliers that
do not provide DMEPOS that are
required to revalidate their enrollment
every 5 years. On a yearly basis, we
estimate that approximately 33,000
DMEPOS suppliers (one-third of the
total) and 60,000 other, non-DMEPOS
providers/suppliers (one-fifth of the
total) would revalidate their enrollment
in Medicare, for an annual total of
93,000. Since, as explained earlier, we
estimate that no more than 2.5 percent
of these providers and suppliers will
receive a waiver from the application
fee, we project that 90,675 such
providers and suppliers will be subject
to the fee.
This final rule with comment period
contemplates collecting the application
fee for currently enrolled providers that
revalidate their enrollment on or after
7 For purposes of the calculations in this RIA,
newly-enrolling Medicare providers and suppliers
March 25, 2011—almost 3 months into
CY 2011. Therefore, we have adjusted
the number of existing Medicare
institutional providers subject to an
application fee by 25 percent, from
90,675 to 68,006 (or 90,675 × .75) in CY
2011. With respect to the period
between CY 2012 and 2015, it is
possible that, as previously alluded to in
the preamble, we may perform an
elevated number of revalidations early
in this 4-year timeframe—specifically,
in CY 2012. This would be done
include those that were once enrolled, departed,
and are now seeking to enroll again.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
PO 00000
Frm 00095
Fmt 4701
Sfmt 4700
E:\FR\FM\02FER2.SGM
02FER2
5956
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
pursuant to our authority under
§ 424.515(e) to require off-cycle
revalidations. We cannot say for certain
how many will be performed in CY
2012. For purposes of this RIA only,
however, we will estimate that 111,000
will be conducted in CY 2012, with
87,000 performed in each of the
remaining 3 years. Further accounting
for projected annual CPI–U rate
increases, we estimate that the cost
associated with these fees for
revalidating providers and suppliers
would be approximately $226,477,505
over the first 5 years that the ACA
provisions are in effect, as shown in
Table 12.
TABLE 12—CUMULATIVE APPLICATION FEES FOR REVALIDATING MEDICARE PROVIDERS AND SUPPLIERS FOR THE FIRST 5
YEARS OF THE PROVISION
Calendar year
2011
2012
2013
2014
2015
Revalidating
institutional
providers and
suppliers
Revalidating
institutional
providers &
suppliers paying
application fee
(based on 2.5%
hardship
exception rate)
CPI–U increase
Consumer price
index adjusted
fee in dollars
Total fees for
each year
(in dollars)
Cumulative fees
(in dollars)
.................................
.................................
.................................
.................................
.................................
69,750
111,000
87,000
87,000
87,000
68,006
108,225
84,825
84,825
84,825
1.0%
2.0%
2.0%
2.0%
2.0%
505
515
525
536
547
34,343,030
55,735,875
44,533,125
45,466,200
46,399,275
34,343,030
90,078,905
134,612,030
180,078,230
226,477,505
Total ..........................
............................
............................
............................
............................
226,477,505
226,477,505
Therefore, we estimate that the total
impact of the provisions for the
application fee to be approximately
$304,532,105 over the next 5 years. This
number was approximated by adding
the cumulative application fees for
newly enrolling providers and suppliers
($78,054,600 as shown in Table 11) to
the cumulative application fees for
revalidating providers and suppliers
($226,477,505).
2. Medicaid
rmajette on DSK29S0YB1PROD with RULES2
a. Enhanced Screening Procedures
Although our data on Medicaid
provider enrollment at the national level
is very limited, we do collect annual
data on State Medicaid program
integrity activities. This annual data
collection, known as the State Program
Integrity Assessment (SPIA) program,
consists of self-reported data by States
regarding a variety of program integrity
related activities. The information is
self-reported and has not been
independently verified by CMS, and it
undoubtedly represents some unknown
degree of duplication among providers
across States. Consequently, the
estimated number of Medicaid
providers nationally is likely overstated.
According to SPIA data for FFYs 2007
and 2008, there has been an average of
1,855,070 existing Medicaid providers
nationally over the 2-year period of FFY
2007 and FFY 2008. This universe of
Medicaid providers includes all
provider types, both institutional
providers and individual practitioners.
In the Medicare program, eligible
practitioners make up approximately 70
percent of the total universe of
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
providers, suppliers, and eligible
practitioners. Because we do not have
detailed information regarding the
breakdown of Medicaid providers by
type nationally, we will apply the same
ratio to determine the percentage of
institutional Medicaid providers.
Therefore, we estimate that there are
approximately 556,521 Medicaid-only
providers nationally that are not
individual practitioners.
We also estimate almost all CHIP
providers are also Medicaid providers.
So, for purposes of this section, we are
considering CHIP providers to also be
Medicaid providers and will
subsequently refer to them only as
Medicaid providers.
As previously stated in the Medicare
section of the analysis, we estimated
that we would require the following:
• Approximately 35,000 individuals
will undergo fingerprinting to enroll in
the Medicare program as owners, of a
home health agency or supplier of
DMEPOS. Based on data collected as
part of the State survey and certification
activities for home health agencies, less
than 1 percent of home health agencies
are Medicaid-only. And, although there
is no data available on the number of
Medicaid-only suppliers of DMEPOS,
we estimated that the number is
minimal as well, as a number of States
require suppliers of DMEPOS to be
enrolled in Medicare prior to enrolling
in Medicaid. Therefore, we estimated
that States may require approximately
1,000 additional individuals with
ownership interests in suppliers of
DMEPOS or home health agencies, to
undergo fingerprinting for enrollment in
the Medicaid program. The cost of this
PO 00000
Frm 00096
Fmt 4701
Sfmt 4700
fingerprinting requirement would be
approximately $50,000 (1,000 × $50 =
$50,000), though we solicited comments
on the accuracy of this figure.
• We anticipated that Medicare
contractors will perform the screening
activities for the overwhelming majority
of providers following the lifting of a
Secretary-imposed temporary
moratorium and for the limited
circumstances in which physicians may
be fingerprinted. However, given that
States may also classify certain
Medicaid-only providers as ‘‘high’’
categorical risks, we are estimating that
States may require approximately
25,000 additional individuals to
undergo fingerprinting prior to enrolling
in a State’s Medicaid program, at a cost
of $1,250,000 (25,000 × $50 =
$1,250,000).
Consequently, we estimated that
fingerprinting individuals for purposes
of Medicaid enrollment will cost
$1,300,000. When averaged across 50
States, the District of Columbia and
Puerto Rico, the annual cost of
fingerprinting per State will be $26,000.
b. Application Fee—Medicaid
For those providers not screened by
Medicare, the State may impose a fee on
each institutional provider being
screened. The amount of the fee is $500
per provider for 2010. For 2011 and
each subsequent year, the amount will
be determined by the statutorilyrequired formula using the consumer
price index for all urban consumers
(CPI–U).
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
c. General Enrollment Framework
For purposes of this section, we
assume that 80 percent of institutional
Medicaid providers will be dually
participating in both Medicare and
Medicaid, and thus will be subject to
the application fee as part of the
Medicare screening and enrollment.
Therefore we estimated that 20 percent,
or 111,304 (556,521 × 20 percent), of the
institutional Medicaid-only providers
will not be screened by Medicare and
thus will be subject to the application
fee under Medicaid. We project that a
significant number of existing and
future Medicaid providers will request a
hardship exception, or that a State will
request a waiver of the application fee
for certain Medicaid provider types of
the application fee on the basis of
ensuring access to care. For purposes of
this section, although we have no way
to estimate the exact number of
providers that will ultimately request
and be approved for a hardship
exception, or the number of States that
will request a waiver of the fee for
certain Medicaid provider types, we
predict that 25 percent of all Medicaid
providers subject to the fee will receive
the hardship exception or be granted a
waiver of the fee on the basis of
ensuring beneficiary access to care. We
recognize that this 25 percent figure is
significantly higher than the 2.5 percent
waiver rate we are using for Medicare
application fees. Yet we believe the
difference is justified because of the
greater access to care issues that may
arise in Medicaid. Consequently, we
estimated that 83,478 existing Medicaid
providers will be required to pay the
application fee (111,304 existing
Medicaid providers that are not dually
enrolled less 25 percent or 27,826
existing providers).
(1) New Enrollments
We apply the 80 percent rate for
newly-enrolling Medicaid institutional
providers that will be dually
participating in both Medicare and
Medicaid and thus not subject to the fee
under Medicaid, and 25 percent
hardship exception rate to the annual
number of newly-enrolling Medicaid
institutional providers not dually
enrolled. The 45,000 newly-enrolling
Medicare institutional providers
annually represent 80 percent of the
total newly-enrolling Medicaid
institutional providers annually.
Therefore, we estimate that there will be
11,250 newly-enrolling Medicaid
5957
institutional providers annually that are
subject to the application fee under
Medicaid (45,000 providers divided by
80 percent, ¥ 45,000 = 11,250). We
project another 25 percent will be
exempted for hardship or be granted a
waiver of the fee on the basis of
ensuring beneficiary access to care,
resulting in 8,438 newly-enrolling
Medicaid institutional providers being
subject to the application fee each year
nationally.
Consistent with the Medicare
analysis, in CY 2011, we reduced the
estimated number of institutional
providers subject to the application fee
by 25 percent because the application
fee will not begin until March 25, 2011.
Accordingly, the number of institutional
providers that we anticipate paying the
application fee will be 6,329 in CY
2011. Consequently, we projected the
dollars due from application fees for
newly-enrolling Medicaid institutional
providers who are not dually enrolled to
be $21,110,019 for the first 5 years in
total. When averaged across 50 States,
the District of Columbia and Puerto
Rico, the total application fees for the 5
years in total per State will be
approximately $405,962.
TABLE 13—CUMULATIVE APPLICATION FEES FOR NEWLY ENROLLED MEDICAID PROVIDERS FOR THE FIRST 5 YEARS OF
THE PROVISION
New Medicaid
providers not exempted from the
application fee
Calendar year
2011
2012
2013
2014
2015
CPI–U increase
Consumer price
index adjusted
fee
(in dollars)
Total fees for
each year
(in dollars)
Cumulative fees
(in dollars)
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
6,329
8,438
8,438
8,438
8,438
1.0%
2.01.1%
2.0%
2.0%
2.0%
505
515
525
536
547
3,196,145
4,345,570
4,429,950
4,522,768
4,615,586
3,196,145
7,541,715
11,971,665
16,494,433
21,110,019
Total ..........................................................
............................
............................
............................
21,110,019
21,110,019
(2) Re-enrollment
rmajette on DSK29S0YB1PROD with RULES2
This rule contemplates that States
would require Medicaid providers to reenroll every 5 years. On a yearly basis,
we estimate that approximately 16,696
Medicaid institutional providers (one
fifth of the total) would re-enroll with
the State Medicaid agency. We
contemplate collecting the application
fee for currently enrolled providers
beginning on March 24, 2011. States
would not collect an application fee
with any re-enrollments until that
time—almost 3 months into CY 2011.
Therefore, we have adjusted the number
of existing Medicaid institutional
providers subject to an application fee
by 25 percent, from 16,696 to 12,522 in
CY 2011. Consequently, we project the
dollars due from application fees for
currently-enrolled Medicaid
institutional providers who are not
dually enrolled is $41,769,218 for the
first 5 years in total. When averaged
across 50 States, the District of
Columbia and Puerto Rico, the total
application fees for the 5 years in total
per State will be approximately
$803,254.
TABLE 14—CUMULATIVE APPLICATION FEES FOR RE-ENROLLING MEDICAID PROVIDERS FOR THE FIRST 5 YEARS OF THE
PROVISION
Existing Medicaid
providers not exempted from the
application fee
Calendar year
2011 .............................................................
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
PO 00000
CPI–U increase
12,522
Frm 00097
1.0%
Fmt 4701
Sfmt 4700
Consumer price
index adjusted
fee in dollars
Total fees for
each year in
dollars
505
E:\FR\FM\02FER2.SGM
6,323,610
02FER2
Cumulative fees in
dollars
6,323,610
5958
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
TABLE 14—CUMULATIVE APPLICATION FEES FOR RE-ENROLLING MEDICAID PROVIDERS FOR THE FIRST 5 YEARS OF THE
PROVISION—Continued
Existing Medicaid
providers not exempted from the
application fee
Calendar year
2012
2013
2014
2015
CPI–U increase
Consumer price
index adjusted
fee in dollars
Total fees for
each year in
dollars
Cumulative fees in
dollars
.............................................................
.............................................................
.............................................................
.............................................................
16,696
16,696
16,696
16,696
2.0%
2.0%
2.0%
2.0%
515
525
536
547
8,598,440
8,765,400
8,949,056
9,132,712
14,922,050
23,687,450
32,636,506
41,769,218
Total ......................................................
............................
............................
............................
41,769,218
41,769,218
3. Medicare and Medicaid
a. Moratoria on Enrollment of New
Medicare Providers and Suppliers and
Medicaid Providers
Although we have no way of
predicting the exact cost savings
associated with enrollment moratoria,
we expect there will be program savings
achieved by implementation of this
section. As stated previously, these
provisions will enable us to restrict the
entry of certain providers and suppliers
into Medicare in order to prevent or
combat fraud, waste, and abuse.
However, there are no cost burdens to
the public or to the provider
community. Therefore, we have not
estimated the cost impacts of this
provision.
rmajette on DSK29S0YB1PROD with RULES2
b. Suspension of Payments in Medicare
and Medicaid
As with payment moratoria, although
we have no way of predicting the exact
cost savings to Medicare and Medicaid
associated with implementation of the
provisions contained in this final rule
with comment period, we certainly
expect that there will be program
savings that result from implementation
of this provision. CMS and its law
enforcement partners already have a
process for payment suspension when
possible fraud is involved. The changes
finalized in this rule will strengthen the
existing process and its applicability to
Medicaid, but it will not create any
different impact or burden on the
provider community in circumstances
of payment suspension. There are no
new cost burdens to the public or the
provider community associated with
this provision.
D. Accounting Statement and Table
As required by OMB Circular A–4
(available at https://www.whitehouse.
gov/sites/default/files/omb/assets/omb/
circulars/a004/a-4.pdf), we have
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
prepared an accounting statement. This
statement only addresses: (1) The costs
of the fingerprinting requirement, and
(2) the monetary transfer associated
with the application fee. It does not
address the potential financial benefits
of these two requirements from the
standpoint of their possible
effectiveness in deterring certain
unscrupulous providers and suppliers
from enrolling in or maintaining their
enrollment in Medicare and Medicaid.
This is because it is impossible for us to
quantify these benefits in monetary
terms. Moreover, we cannot predict how
many potentially fraudulent providers
and suppliers will be kept out of the
Medicare and Medicaid programs due to
these requirements.
1. Medicare
As stated previously, we estimate a
total cost of the fingerprinting
requirement of $2,275,000 per year
($1,750,000 + $500,000 + $25,000), or
$11,375,000 over 5 years, if 2,000 postmoratorium requests are made. If 5,000
post-moratorium requests are made, the
annual cost is $3,025,000, with a 5 year
cost of $15,125,000. Should 10,000 postmoratorium requests be made, the
annual cost is $4,275,000, with a 5 year
cost of $21,375,000. We also stated in
the RIA that the expected total
application fees:
• For newly enrolling providers and
suppliers would be $11,817,000 in 2011,
$16,068,000 in 2012, $16,380,000 in
2013, $16,723,200 in 2014, and
$17,066,400 in 2015. This results in a 5
year total of $78,054,600.
• For revalidating providers and
suppliers would be $34,343,030 in 2011,
$55,735,875 in 2012, $44,533,125 in
2013, $45,466,200 in 2014, and
$46,399,275 in 2015. This results in a 5year total of $226,477,505.
The accounting statement reflects the:
(1) Annual cost of the fingerprinting
PO 00000
Frm 00098
Fmt 4701
Sfmt 4700
requirement, and (2) the application of
the 3 percent and 7 percent discount
rate to the combined amounts of the
application fees for CY 2012—that is,
$16,068,000 (newly enrolling) plus
$55,735,875 (revalidations), for a total of
$71,803,875; this constitutes a transfer
of funds to the Federal government. We
chose the CY 2012 figures so as to
reflect the maximum amount of
transferred funds in a given year during
the initial 5-year period.
2. Medicaid
As stated in the RIA, we estimate that
the annual cost of the fingerprint
requirement for Medicaid will be
$1,300,000, or $6,500,000 over a 5 year
period. We also stated in the RIA that
the expected total application fees:
• For newly enrolling providers and
suppliers would be $3,196,145 in 2011,
$4,345,570 in 2012, $4,429,950 in 2013,
$4,522,768 in 2014, and $4,615,586 in
2015. This results in a 5-year total of
$21,110,019.
• For revalidating providers and
suppliers would be $6,323,610 in 2011;
$8,598,440 in 2012; $8,765,400 in 2013;
$8,949,056 in 2014; and $9,132,712 in
2015. This results in a 5-year total of
$41,769,218.
The accounting statement reflects:
(1) The annual cost of the fingerprinting
requirement: And (2) the application of
the 3 percent and 7 percent discount
rate to the combined amounts of the
application fees for CY 2015—
specifically, $4,615,586 (new
applicants) plus $9,132,712
(revalidations), for a total of
$13,748,298. This constitutes a transfer
of funds to the Federal government. We
chose the figures from CY 2015 for
Medicaid so as to reflect the maximum
amount of transferred funds in a given
year during the initial 5-year period.
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
5959
TABLE 15—ACCOUNTING STATEMENT: CLASSIFICATION OF ESTIMATED EXPENDITURES AND COSTS FROM CY 2011 TO CY
2015 (IN MILLIONS)
Medicare Fingerprint Requirement
COSTS
Annualized Monetized Costs (2,000 post-moratorium requests) ............................................
3 percent Discount Rate
$2.275
7 percent Discount Rate
$2.275
Annualized Monetized Costs (5,000 post-moratorium requests) ............................................
$3.025
$3.025
Annualized Monetized Costs (10,000 post-moratorium requests) ..........................................
$4.275
$4.275
Who is Affected?
Providers and Suppliers
Medicare Application Fee
TRANSFERS
Annualized Monetized Transfers (through 2015) ....................................................................
3 percent Discount Rate
$48.2
7 percent Discount Rate
$47.3
From Whom to Whom?
Providers and Suppliers to Federal Government
Medicaid Fingerprint Requirement
COSTS
Annualized Monetized Costs ...................................................................................................
3 percent Discount Rate
$1.3
7 percent Discount Rate
$1.3
Who is Affected?
Providers and Suppliers
Medicaid Application Fee
TRANSFERS
Annualized Monetized Costs ...................................................................................................
From Whom to Whom?
3 percent Discount Rate
$10.1
7 percent Discount Rate
$10.0
Providers and Suppliers to Federal Government
BENEFITS
Qualitative: The above-referenced requirements will: (1) Allow CMS to more closely screen providers and suppliers that pose risks to the Medicare and Medicaid programs; (2) help offset the costs of administering the Medicare and Medicaid programs; (3) limit, via the imposition of
moratoria, the entry of certain categories of providers and suppliers into Medicare if this is deemed necessary to protect the Medicare Trust
Fund; and (4) suspend payments to certain providers and suppliers that pose a risk to the Trust Fund. We believe these and other financial
benefits outlined in this rule will exceed the costs outlined above.
E. Alternatives Considered
rmajette on DSK29S0YB1PROD with RULES2
1. General Burden Minimization Efforts
The RFA requires agencies to analyze
options for the regulatory relief of small
entities. In compliance with section 604
of the RFA, we have incorporated
several options designed to minimize
the burden of the requirements in this
final rule with comment period.
First, we have waived the application
fee for individual physicians, nonphysician practitioners, and physician
and non-physician practitioner groups,
which are generally small businesses.
We believe this is consistent with
congressional intention as expressed in
section 6401(a) of ACA. We also believe
this will ease the financial burden on
this large category of small businesses.
Second, the high-risk category is
limited to relatively few types of
providers and suppliers. We could have
elected to include many more providers
and supplier types within this category
and, subsequently, subjected them to
the enhanced screening requirements of
fingerprint-based criminal background
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
checks. However, in part so as not to
overly burden these entities, many of
which are small businesses, we chose to
restrict the high-risk category to a
limited number of provider types.
2. Fingerprinting
We received several comments
proposing alternatives to fingerprinting
as a screening mechanism. The two
principal suggested alternatives were
the submission of a: (1) U.S. or foreign
passport; and (2) copies of the
individual’s Federal tax returns.
However, we explained in the preamble,
we are adopting fingerprint-based
criminal background checks.
There are several reasons for our
decision to proceed with fingerprinting
as opposed to passports and tax returns.
First, we are, to a large extent,
combining the fingerprinting and
criminal background check processes
for providers and suppliers. These will
be done though the FBI IAFIS, which
we believe is the most reliable and
appropriate avenue available. The
submission of fingerprints is the only
PO 00000
Frm 00099
Fmt 4701
Sfmt 4700
way to obtain a criminal history record
check from the FBI IAFIS. Information
from a U.S. or foreign passport or a
Federal tax return, on the other hand,
could only be used to process a namebased criminal history record check—
and the FBI does not process namebased requests for non-criminal justice
purposes.
Second, we believe that
fingerprinting—more than any other
mechanism—will allow us to
conclusively identify the individuals
that will be participating in the
Medicare program. Indeed, a tax return,
while containing certain identifying
information, does not—in our view—
produce the level of assurance in this
area that fingerprinting does.
Finally, the use of passports or tax
returns would require CMS to forgo the
unified approach of the FBI IAFIS and
instead have two separate processes—
one for verifying identify and another
for analyzing the person’s criminal
history. This would result in: (1) A
verification process that is not as
reliable as fingerprinting, and (2) a
E:\FR\FM\02FER2.SGM
02FER2
5960
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
rmajette on DSK29S0YB1PROD with RULES2
distinct and potentially costly process
for criminal background checks through
private entities that, we believe, will
probably not involve access to the scope
of data that the FBI has.
We believe that the overall costs
involved in maintaining such a two-part
approach would, in the end, exceed that
of the FBI IAFIS approach, especially
if—as we expect—the overwhelming
majority of individuals subject to the
fingerprinting requirement submit them
electronically. Indeed, with respect to
the cost differential between the paper
and electronic fingerprinting processes,
we stated earlier in the RIA that we
estimate an average annual cost of the
fingerprinting requirement of
$2,275,000 (if 2,000 post-moratorium
requests are made), based on: (1) The
fingerprinting of 45,500 individuals;
and (2) a $50 cost per person for
obtaining a set of fingerprints via the
FD–258. We believe that the per person
cost for submitting fingerprints
electronically will be approximately
$35. If we assume that 40,000 of the
45,500 individuals submit fingerprints
electronically and the remaining 5,500
use the FD–258, this results in an
annual cost of $1,675,000, or $600,000
less than $2,275,000. This leads to a
savings over 5 years of $3,000,000
($600,000 × 5).
It is not possible for us to quantify the
costs involved in having the FBI IAFIS
perform the criminal background
checks. However, we can estimate that
it would cost approximately $40 per
person to perform a criminal
background check via private entities.
This would result in an annual cost of
$1,820,000, or $9,100,000 over 5 years.
With the efficiency furnished through
the use of the FBI–IAFIS, we do not
believe the cost of these checks would
ultimately exceed $9,100,000.
We concede that the submission of a
passport or tax return would not involve
the processing costs that would come
with fingerprinting. But the ability to
verify one’s identity via fingerprinting
is, we believe, sufficiently greater than
with the latter two documents, such that
the overall program integrity savings
would substantially exceed any
additional cost incurred in using
fingerprints in lieu of passports and tax
returns.
3. Other Suggested Alternatives
We received several other suggested
alternatives to our proposed provisions.
One was to assess the application fee
based on the NPI or TIN. As stated
earlier in this RIA, we did not believe
this approach was appropriate because
the requirement to submit an enrollment
application is separate from the
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
requirement to have an NPI or a TIN.
We believe that basing the fee on the
submission of an application is most
consistent with the statute. Another
involved taking into account factors
such as: (1) Error rates; (2) past history
with Medicare, Medicaid and other
health plans; and (3) ownership, when
assessing a provider or supplier’s risk.
In section II of this final rule with
comment period, we stated that the
ACA requires levels of screening
according to the risk of fraud, waste,
and abuse posed by categories of
providers and suppliers as a whole. The
approach taken in this final rule with
comment period whereby we assign
specific categories of providers and
suppliers to screening levels determined
by risk of fraud, waste, and abuse is
consistent with the requirements of the
statute. Therefore, in general, we chose
to use a categorical approach to our
classifications, rather than assign
individual providers within a particular
provider type to certain risk levels.
F. Conclusion
This final rule with comment period
contains provisions that are of critical
importance in the transition of CMS’
antifraud activities from ‘‘pay and
chase’’ to fraud prevention. ‘‘Pay and
chase’’ refers to the traditional approach
under which we met our obligations to
provide beneficiaries access to qualified
providers and suppliers and to pay
claims quickly by making it relatively
easy for providers to sign up to bill
Medicare, Medicaid or CHIP, paying
their claims rapidly, and then detecting
overpayments or fraudulent bills and
pursuing recoveries of overpayments
after the fact. That system functions
reasonably well when the problems
arise with legitimate providers and
suppliers that will be solvent and in
business when CMS seeks to recover
overpayments or law enforcement
pursues civil or criminal penalties. It is
not adequate when the fraud is
committed by sham operations that
provide no services or supplies and
exist simply to steal from Medicare or
Medicaid and thrive on stealing or
subverting the identities of beneficiaries
and providers.
This final rule with comment period
strikes a balance that will permit us to
continue to assure that eligible
beneficiaries receive appropriate
services from qualified providers whose
claims are paid on a timely basis while
implementing enhanced measures to
prevent outright fraud. The new and
strengthened provisions in the ACA that
are the subject of this final rule with
comment period will help assure that
only legitimate providers and suppliers
PO 00000
Frm 00100
Fmt 4701
Sfmt 4700
are enrolled in Medicare, Medicaid, and
CHIP, and that only legitimate claims
will be paid. These provisions are
applied according to the level of risk of
fraud, waste, and abuse posed by
different provider and supplier types.
We will use screening tools for a
particular provider or supplier type
based on 3 distinct categories of risk: (1)
Limited; (2) moderate; and (3) high.
Limited risk providers will have
enrollment requirements, license and
database verifications; moderate risk
will have those verifications plus
unscheduled site visits; high risk will
have verifications, unscheduled site
visits, criminal background check and
fingerprinting. CMS and the States will
impose moratoria on the enrollment of
new providers in situations when doing
so is necessary to protect against a high
risk of fraud. Working in conjunction
with the OIG, CMS and States will
suspend payments pending an
investigation of a credible allegation of
fraud and legitimate providers will be
assisted in avoiding problems by
implementing effective compliance
programs.
This final rule with comment period
is an essential tool in protecting public
resources and assuring that they are
devoted to providing health care rather
than enriching fraudulent actors.
In accordance with the provisions of
Executive Order 12866, this regulation
was reviewed by the Office of
Management and Budget.
List of Subjects
42 CFR Part 405
Administrative practice and
procedure, Health facilities, Health
professions, Kidney diseases, Medical
devices, Medicare, Reporting and
recordkeeping requirements, Rural
areas, X-rays.
42 CFR Part 424
Emergency medical services, Health
facilities, Health professions, Medicare,
and Reporting and recordkeeping
requirements.
42 CFR Part 438
Grant programs—health, Medicaid,
Reporting and recordkeeping
requirements.
42 CFR Part 447
Accounting, Administrative practice
and procedure, Drugs, Grant programs—
health, Health facilities, Health
professions, Medicaid, Reporting and
recordkeeping requirements, and Rural
areas.
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
42 CFR Part 455
Fraud, Grant programs—health,
Health facilities, Health professions,
Investigations, Medicaid, and Reporting
and recordkeeping requirements.
42 CFR Part 457
Administrative practice and
procedure, Grant programs—health,
Health insurance, and Reporting and
recordkeeping requirements.
§ 405.370
42 CFR Part 498
Administrative practice and
procedure, Health facilities, Health
professions, Medicare, Reporting and
recordkeeping requirements.
42 CFR Part 1007
Administrative practice and
procedure, Fraud, Grant programs—
health, Medicaid, and Reporting and
recordkeeping requirements.
For the reasons set forth in the
preamble, the Centers for Medicare &
Medicaid Services amends 42 CFR
chapter IV and the Office of the
Inspector General amends 42 CFR
chapter V, as set forth below:
CHAPTER IV—CENTERS FOR MEDICARE &
MEDICAID SERVICES, DEPARTMENT OF
HEALTH AND HUMAN SERVICES
PART 405—FEDERAL HEALTH
INSURANCE FOR THE AGED AND
DISABLED
1. The authority citation for part 405
continues to read as follows:
■
Authority: Secs. 205(a), 1102, 1861,
1862(a), 1869, 1871, 1874, 1881, and 1886(k)
of the Social Security Act (42 U.S.C. 405(a),
1302, 1395x, 1395y(a), 1395ff, 1395hh,
1395kk, 1395rr and 1395ww(k)), and sec. 353
of the Public Health Service Act (42 U.S.C.
263a).
Subpart C—Suspension of Payment,
Recovery of Overpayments, and
Repayment of Scholarships and Loans
2. The authority citation for subpart C
is revised to read as follows:
■
Authority: Secs. 1102, 1815, 1833, 1842,
1862, 1866, 1870, 1871, 1879 and 1892 of the
Social Security Act (42 U.S.C. 1302, 1395g,
1395l, 1395u, 1395y, 1395cc, 1395gg,
1395hh, 1395pp and 1395ccc) and 31 U.S.C.
3711.
3. In subpart C, remove the phrase
‘‘intermediary or carrier’’ wherever it
appears and add the phrase ‘‘Medicare
contractor’’ in its place.
rmajette on DSK29S0YB1PROD with RULES2
■
4. Section 405.370 is amended as
follows:
■ A. In paragraph (a), adding the
definitions of ‘‘Credible allegation of
fraud,’’ ‘‘Medicare contractor,’’ and
■
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
‘‘Resolution of an investigation’’ in
alphabetical order.
■ B. In paragraph (a), revising the
definitions of ‘‘Offset,’’ ‘‘Recoupment,’’
and ‘‘Suspension of payment’’.
The additions and revisions read as
follows:
Definitions.
(a) * * *
Credible allegation of fraud. A
credible allegation of fraud is an
allegation from any source, including
but not limited to the following:
(1) Fraud hotline complaints.
(2) Claims data mining.
(3) Patterns identified through
provider audits, civil false claims cases,
and law enforcement investigations.
Allegations are considered to be
credible when they have indicia of
reliability.
Medicare contractor. Unless the
context otherwise requires, includes,
but is not limited to the any of
following:
(1) A fiscal intermediary.
(2) A carrier.
(3) Program safeguard contractor.
(4) Zone program integrity contractor.
(5) Part A/Part B Medicare
administrative contractor.
Offset. The recovery by Medicare of a
non-Medicare debt by reducing present
or future Medicare payments and
applying the amount withheld to the
indebtedness. (Examples are Public
Health Service debts or Medicaid debts
recovered by CMS).
Recoupment. The recovery by
Medicare of any outstanding Medicare
debt by reducing present or future
Medicare payments and applying the
amount withheld to the indebtedness.
Resolution of an investigation. An
investigation of credible allegations of
fraud will be considered resolved when
legal action is terminated by settlement,
judgment, or dismissal, or when the
case is closed or dropped because of
insufficient evidence to support the
allegations of fraud.
Suspension of payment. The
withholding of payment by a Medicare
contractor from a provider or supplier of
an approved Medicare payment amount
before a determination of the amount of
the overpayment exists, or until the
resolution of an investigation of a
credible allegation of fraud.
*
*
*
*
*
5. Section 405.371 is revised to read
as follows:
■
§ 405.371 Suspension, offset, and
recoupment of Medicare payments to
providers and suppliers of services.
(a) General rules. Medicare payments
to providers and suppliers, as
PO 00000
Frm 00101
Fmt 4701
Sfmt 4700
5961
authorized under this subchapter
(excluding payments to beneficiaries),
may be—
(1) Suspended, in whole or in part, by
CMS or a Medicare contractor if CMS or
the Medicare contractor possesses
reliable information that an
overpayment exists or that the payments
to be made may not be correct, although
additional information may be needed
for a determination;
(2) In cases of suspected fraud,
suspended, in whole or in part, by CMS
or a Medicare contractor if CMS or the
Medicare contractor has consulted with
the OIG, and, as appropriate, the
Department of Justice, and determined
that a credible allegation of fraud exists
against a provider or supplier, unless
there is good cause not to suspend
payments; or
(3) Offset or recouped, in whole or in
part, by a Medicare contractor if the
Medicare contractor or CMS has
determined that the provider or supplier
to whom payments are to be made has
been overpaid.
(b) Good cause exceptions applicable
to payment suspensions.
(1) CMS may find that good cause
exists not to suspend payments or not
to continue to suspend payments to an
individual or entity against which there
are credible allegations of fraud if—
(i) OIG or other law enforcement
agency has specifically requested that a
payment suspension not be imposed
because such a payment suspension
may compromise or jeopardize an
investigation;
(ii) It is determined that beneficiary
access to items or services would be so
jeopardized by a payment suspension in
whole or part as to cause a danger to life
or health;
(iii) It is determined that other
available remedies implemented by
CMS or a Medicare contractor more
effectively or quickly protect Medicare
funds than would implementing a
payment suspension; or
(iv) CMS determines that a payment
suspension or a continuation of a
payment suspension is not in the best
interests of the Medicare program.
(2) Every 180 days after the initiation
of a suspension of payments based on
credible allegations of fraud, CMS
will—
(i) Evaluate whether there is good
cause to not continue such suspension
under this section; and
(ii) Request a certification from the
OIG or other law enforcement agency
that the matter continues to be under
investigation warranting continuation of
the suspension.
(3) Good cause not to continue to
suspend payments to an individual or
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5962
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
entity against which there are credible
allegations of fraud must be deemed to
exist if a payment suspension has been
in effect for 18 months and there has not
been a resolution of the investigation,
except CMS may extend a payment
suspension beyond that point if —
(i) The case has been referred to, and
is being considered by, the OIG for
administrative action (for example, civil
money penalties); or such
administrative action is pending or
(ii) The Department of Justice submits
a written request to CMS that the
suspension of payments be continued
based on the ongoing investigation and
anticipated filing of criminal or civil
action or both or based on a pending
criminal or civil action or both. At a
minimum, the request must include the
following:
(A) Identification of the entity under
suspension.
(B) The amount of time needed for
continued suspension in order to
conclude the criminal or civil
proceeding or both.
(C) A statement of why or how
criminal or civil action or both may be
affected if the requested extension is not
granted.
(c) Steps necessary for suspension of
payment, offset, and recoupment.
(1) Except as provided in paragraph
(d) of this section, CMS or the Medicare
contractor suspends payments only after
it has complied with the procedural
requirements set forth at § 405.372.
(2) The Medicare contractor offsets or
recoups payments only after it has
complied with the procedural
requirements set forth at § 405.373.
(d) Suspension of payment in the case
of unfiled cost reports. (1) If a provider
has failed to timely file an acceptable
cost report, payment to the provider is
immediately suspended in whole or in
part until a cost report is filed and
determined by the Medicare contractor
to be acceptable.
(2) In the case of an unfiled cost
report, the provisions of § 405.372 do
not apply. (See § 405.372(a)(2)
concerning failure to furnish other
information.)
■ 6. Section 405.372 is amended as
follows:
■ A. Remove the phrase ‘‘intermediary,
carrier’’ wherever it appears and adding
the phrase ‘‘Medicare contractor’’ in its
place.
■ B. Revising paragraphs (a)(4), (c), and
(d)(3).
■ C. In paragraph (e), removing the
cross-reference ‘‘§ 405.371(b)’’ and
adding the cross-reference ‘‘§ 405.371(a)’’
in its place.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
§ 405.372 Proceeding for suspension of
payment.
(a) * * *
(4) Fraud. If the intended suspension
of payment involves credible allegations
of fraud under § 405.371(a)(2), CMS—
(i) In consultation with OIG and, as
appropriate, the Department of Justice,
determines whether to impose the
suspension and if prior notice is
appropriate;
(ii) Directs the Medicare contractor as
to the timing and content of the
notification to the provider or supplier;
and
(iii) Is the real party in interest and is
responsible for the decision.
*
*
*
*
*
(c) Subsequent action. (1) If a
suspension of payment is put into effect
under § 405.371(a)(1), CMS or the
Medicare contractor takes timely action
after the suspension to obtain the
additional information it may need to
make a determination as to whether an
overpayment exists or the payments
may be made.
(i) CMS or the Medicare contractor
makes all reasonable efforts to expedite
the determination.
(ii) As soon as the determination is
made, CMS or the Medicare contractor
informs the provider or supplier and, if
appropriate, the suspension is rescinded
or any existing recoupment or offset is
adjusted to take into account the
determination.
(2)(i) If a suspension of payment is
based upon credible allegations of fraud
in accordance with § 405.371(a)(2),
subsequent action must be taken by
CMS or the Medicare contractor to make
a determination as to whether an
overpayment exists.
(ii) The rescission of the suspension
and the issuance of a final overpayment
determination to the provider or
supplier may be delayed until
resolution of the investigation.
(d) * * *
(3) Exceptions to the time limits. (i)
The time limits specified in paragraphs
(d)(1) and (d)(2) of this section do not
apply if the suspension of payments is
based upon credible allegations of fraud
under § 405.371(a)(2).
(ii) Although the time limits specified
in paragraphs (d)(1) and (d)(2) of this
section do not apply to suspensions
based on credible allegations of fraud,
all suspensions of payment in
accordance with § 405.371(a)(2) will be
temporary and will not continue after
the resolution of an investigation, unless
a suspension is warranted because of
reliable evidence of an overpayment or
that the payments to be made may not
PO 00000
Frm 00102
Fmt 4701
Sfmt 4700
be correct, as specified in
§ 405.371(a)(1).
*
*
*
*
*
PART 424—CONDITIONS FOR
MEDICARE PAYMENT
7. The authority citation for part 424
continues to read as follows:
■
Authority: Secs. 1102 and 1871 of the
Social Security Act (42 U.S.C. 1302 and
1395hh).
8. Section 424.57 is amended by
revising paragraph (e) to read as follows:
■
§ 424.57 Special payment rules for items
furnished by DMEPOS suppliers and
issuance of DMEPOS supplier billing
privileges.
*
*
*
*
*
(e) Revalidation of billing privileges. A
supplier must revalidate its application
for billing privileges every 3 years after
the billing privileges are first granted.
(Each supplier must complete a new
application for billing privileges 3 years
after its last revalidation.)
*
*
*
*
*
■ 9. Section 424.502 is amended by
adding the definition of ‘‘Institutional
provider’’ in alphabetical order to read
as follows:
§ 424.502
Definitions.
*
*
*
*
*
Institutional provider means any
provider or supplier that submits a
paper Medicare enrollment application
using the CMS–855A, CMS–855B (not
including physician and nonphysician
practitioner organizations), CMS–855S
or associated Internet-based PECOS
enrollment application.
*
*
*
*
*
■ 10. Section 424.514 is added to read
as follows:
§ 424.514
Application fee.
(a) Application fee requirements for
prospective institutional providers.
Beginning on or after March 25, 2011,
prospective institutional providers that
are submitting an initial application or
currently enrolled institutional
providers that are submitting an
application to establish a new practice
location must submit either or both of
the following:
(1) The applicable application fee.
(2) A request for a hardship exception
to the application fee at the time of
filing a Medicare enrollment
application.
(b) Application fee requirements for
revalidating institutional providers.
Beginning March 25, 2011, institutional
providers that are subject to CMS
revalidation efforts must submit either
or both of the following:
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
(1) The applicable application fee.
(2) A request for a hardship exception
to the application fee at the time of
filing a Medicare enrollment
application.
(c) Hardship exception for disaster
areas. CMS will assess on a case-by-case
basis whether institutional providers
enrolling in a geographic area that is a
Presidentially-declared disaster under
the Robert T. Stafford Disaster Relief
and Emergency Assistance Act, 42
U.S.C. 5121–5206 (Stafford Act) should
receive an exception to the application
fee.
(d) Application fee. The application
fee and associated requirements are as
follows:
(1) For 2010, $500.00.
(2) For 2011 and subsequent years—
(i) Is adjusted by the percentage
change in the consumer price index for
all urban consumers (all items; United
States city average) for the 12-month
period ending with June of the previous
year;
(ii) Is effective from January 1 to
December 31 of a calendar year;
(iii) Is based on the submission of an
initial application, application to
establish a new practice location or the
submission of an application in
response to a CMS revalidation request;
(iv) Must be in the amount calculated
by CMS in effect for the year during
which the application for enrollment is
being submitted;
(v) Is nonrefundable, except if
submitted with one of the following:
(A) A request for hardship exception
that is subsequently approved;
(B) An application that is rejected
prior to initiation of screening
processes;
(C) An application that is
subsequently denied as a result of the
imposition of a temporary moratorium;
(e) Denial or revocation based on
application fee. A Medicare contractor
may deny or revoke Medicare billing
privileges of a provider or supplier
based on noncompliance if, in the
absence of a written request for a
hardship exception from the application
fee that accompanies a Medicare
enrollment application, the bank
account on which the check that is
submitted with the enrollment
application is drawn does not contain
sufficient funds to pay the application
fee.
(f) Information needed for submission
of a hardship exception request. A
provider or supplier requesting an
exception from the application fee must
include with its enrollment application
a letter that describes the hardship and
why the hardship justifies an exception.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
(g) Failure to submit application fee
or hardship exception request. A
Medicare contractor may—
(1) Reject an enrollment application
from a newly-enrolling institutional
provider that, with the exceptions
described in § 424.514(b), is not
accompanied by the application fee or
by a letter requesting a hardship
exception from the application fee.
(2) Revoke the billing privileges of a
currently enrolled institutional provider
that, with the exceptions described in
§ 424.514(b), is not accompanied by the
application fee or by a letter requesting
a hardship exception from the
application fee.
(3)(i) Notwithstanding the foregoing,
the contractor must first inform the
provider that the application fee was not
submitted in accordance with this
section.
(ii) Within 30 days after the date of
the notification, the contractor may
reject the application of the newlyenrolling institutional provider or
revoke the billing privileges of the
currently enrolled institutional provider
that has not submitted the fee.
(h) Consideration of hardship
exception request. CMS has 60 days in
which to approve or disapprove a
hardship exception request. If a
provider submits a request for hardship
exception to the fee and the provider or
supplier has not already submitted the
fee consistent with provisions in
§ 424.514(a) and (b), and the request for
hardship exception is not approved,
CMS notifies the provider or supplier
that the hardship exception request was
not approved and allows the provider or
supplier 30 days from the date of
notification to submit the application
fee.
(1) A Medicare contractor does not—
(i) Begin processing an enrollment
application that is accompanied by a
hardship exception request until CMS
has made a decision to approve or
disapprove the hardship exception
request; and
(ii) Deny an enrollment application
that is accompanied by a hardship
exception request unless the hardship
exception request is denied by CMS and
the provider or supplier fails to submit
the required application fee within 30
days of being notified that the request
for a hardship exception was denied.
(2) A hardship exception
determination made by CMS is
appealable using § 405.874 of this
chapter.
■ 11. Section 424.515 is amended by
adding a new paragraph (e) to read as
follows:
PO 00000
Frm 00103
Fmt 4701
Sfmt 4700
5963
§ 424.515 Requirements for reporting
changes and updates to, and the periodic
revalidation of Medicare enrollment
information.
*
*
*
*
*
(e) Additional off-cycle revalidation.
On or after March 23, 2012, Medicare
providers and suppliers, including
DMEPOS suppliers, may be required to
revalidate their enrollment outside the
routine 5-year revalidation cycle (3-year
DMEPOS supplier revalidation cycle).
(1) CMS will contact providers or
suppliers to revalidate their enrollment
for off-cycle revalidation.
(2) As with all revalidations,
revalidations described in this
paragraph are conducted in accordance
with the screening procedures specified
at § 424.518.
■ 12. Section 424.518 is added to read
as follows:
§ 424.518 Screening levels for Medicare
providers and suppliers.
A Medicare contractor is required to
screen all initial applications, including
applications for a new practice location,
and any applications received in
response to a revalidation request based
on a CMS assessment of risk and
assignment to a level of ‘‘limited,’’
‘‘moderate,’’ or ‘‘high.’’
(a) Limited categorical risk. (1)
Limited categorical risk: Provider and
supplier categories. CMS has designated
the following providers and suppliers as
‘‘limited’’ categorical risk:
(i) Physician or nonphysician
practitioners (including nurse
practitioners, CRNAs, occupational
therapists, speech/language
pathologists, and audiologists) and
medical groups or clinics.
(ii) Ambulatory surgical centers.
(iii) Competitive Acquisition
Program/Part B Vendors.
(iv) End-stage renal disease facilities.
(v) Federally qualified health centers.
(vi) Histocompatibility laboratories.
(vii) Hospitals, including critical
access hospitals, Department of
Veterans Affairs hospitals, and other
federally owned hospital facilities.
(viii) Health programs operated by an
Indian Health Program (as defined in
section 4(12) of the Indian Health Care
Improvement Act) or an urban Indian
organization (as defined in section 4(29)
of the Indian Health Care Improvement
Act) that receives funding from the
Indian Health Service pursuant to Title
V of the Indian Health Care
Improvement Act.
(ix) Mammography screening centers.
(x) Mass immunization roster billers
(xi) Organ procurement organizations.
(xii) Pharmacies newly enrolling or
revalidating via the CMS–855B
application.
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5964
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
(xiii) Radiation therapy centers.
(xiv) Religious non-medical health
care institutions.
(xv) Rural health clinics.
(xvi) Skilled nursing facilities.
(2) Limited screening level: Screening
requirements. When CMS designates a
provider or supplier as a ‘‘limited’’
categorical level of risk, the Medicare
contractor does all of the following:
(i) Verifies that a provider or supplier
meets all applicable Federal regulations
and State requirements for the provider
or supplier type prior to making an
enrollment determination.
(ii) Conducts license verifications,
including licensure verifications across
State lines for physicians or
nonphysician practitioners and
providers and suppliers that obtain or
maintain Medicare billing privileges as
a result of State licensure, including
State licensure in States other than
where the provider or supplier is
enrolling.
(iii) Conducts database checks on a
pre- and post-enrollment basis to ensure
that providers and suppliers continue to
meet the enrollment criteria for their
provider/supplier type.
(b) Moderate categorical risk. (1)
Moderate categorical risk: Provider and
supplier categories. CMS has designated
the following providers and suppliers as
‘‘moderate’’ categorical risk:
(i) Ambulance service suppliers.
(ii) Community mental health centers.
(iii) Comprehensive outpatient
rehabilitation facilities.
(iv) Hospice organizations.
(v) Independent clinical laboratories.
(vi) Independent diagnostic testing
facilities.
(vii) Physical therapists enrolling as
individuals or as group practices.
(viii) Portable x-ray suppliers.
(ix) Revalidating home health
agencies.
(x) Revalidating DMEPOS suppliers.
(2) Moderate screening level:
Screening requirements. When CMS
designates a provider or supplier as a
‘‘moderate’’ categorical level of risk, the
Medicare contractor does all of the
following:
(i) Performs the ‘‘limited’’ screening
requirements described in paragraph
(a)(2) of this section.
(ii) Conducts an on-site visit.
(c) High categorical risk. (1) High
categorical risk: Provider and supplier
categories. CMS has designated the
following home health agencies and
suppliers of DMEPOS as ‘‘high’’
categorical risk:
(i) Prospective (newly enrolling) home
health agencies.
(ii) Prospective (newly enrolling)
DMEPOS suppliers.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
(2) High screening level: Screening
requirements. When CMS designates a
provider or supplier as a ‘‘high’’
categorical level of risk, the Medicare
contractor does all of the following:
(i) Performs the ‘‘limited’’ and
‘‘moderate’’ screening requirements
described in paragraphs (a)(2) and (b)(2)
of this section.
(ii)(A) Requires the submission of a
set of fingerprints for a national
background check from all individuals
who maintain a 5 percent or greater
direct or indirect ownership interest in
the provider or supplier; and
(B) Conducts a fingerprint-based
criminal history record check of the
Federal Bureau of Investigation’s
Integrated Automated Fingerprint
Identification System on all individuals
who maintain a 5 percent or greater
direct or indirect ownership interest in
the provider or supplier.
(3) Adjustment in the categorical risk.
CMS adjusts the screening level from
‘‘limited’’ or ‘‘moderate’’ to ‘‘high’’ if any
of the following occur:
(i) CMS imposes a payment
suspension on a provider or supplier at
any time in the last 10 years.
(ii) The provider or supplier—
(A) Has been excluded from Medicare
by the OIG; or
(B) Had billing privileges revoked by
a Medicare contractor within the
previous 10 years and is attempting to
establish additional Medicare billing
privileges by—
(1) Enrolling as a new provider or
supplier; or
(2) Billing privileges for a new
practice location;
(C) Has been terminated or is
otherwise precluded from billing
Medicaid;
(D) Has been excluded from any
Federal health care program; or
(E) Has been subject to any final
adverse action, as defined at § 424.502,
within the previous 10 years.
(iii) CMS lifts a temporary
moratorium for a particular provider or
supplier type and a provider or supplier
that was prevented from enrolling based
on the moratorium, applies for
enrollment as a Medicare provider or
supplier at any time within 6 months
from the date the moratorium was lifted.
(d) Fingerprinting requirements. An
individual subject to the fingerprintbased criminal history record check
requirement specified in paragraph
(c)(2)(ii)(B) of this section—
(1) Must submit a set of fingerprints
for a national background check.
(i) Upon submission of a Medicare
enrollment application; or
(ii) Within 30 days of a Medicare
contractor request.
PO 00000
Frm 00104
Fmt 4701
Sfmt 4700
(2) In the event the individual(s)
required to submit fingerprints under
paragraph (c)(2) of this section fail to
submit such fingerprints in accordance
with paragraph (d)(1) of this section, the
provider or supplier will have its billing
privileges—
(i) Denied under § 424.530(a)(1); or
(ii) Revoked under § 424.535(a)(1).
■ 13. Section 424.525 is amended by:
■ A. Revising paragraph (a) introductory
text.
■ B. Adding a new paragraph (a)(3).
The revision and addition read as
follows:
§ 424.525 Rejection of a provider or
supplier’s enrollment application for
Medicare enrollment.
(a) Reasons for rejection. CMS may
reject a provider’s or supplier’s
enrollment application for any of the
following reasons:
*
*
*
*
*
(3) The prospective institutional
provider or supplier does not submit the
application fee in the designated
amount or a hardship waiver request
with the Medicare enrollment
application at the time of filing.
*
*
*
*
*
■ 14. Section 424.530 is amended by
adding new paragraphs (a)(9) and (a)(10)
to read as follows:
§ 424.530 Denial of enrollment in the
Medicare program.
(a) * * *
(9) Application fee/hardship
exception. An institutional provider’s or
supplier’s hardship exception request is
not granted, and the provider or
supplier does not submit the application
fee within 30 days of notification that
the hardship exception request was not
approved.
(10) Temporary moratorium. A
provider or supplier submits an
enrollment application for a practice
location in a geographic area where
CMS has imposed a temporary
moratorium.
*
*
*
*
*
■ 15. Section 424.535 is amended as
follows:
■ A. Revising paragraph (a)(6).
■ B. Adding a new paragraph (a)(12).
■ C. Revising paragraph (c).
§ 424.535 Revocation of enrollment billing
and billing privileges in the Medicare
program.
(a) * * *
(6) Grounds related to provider and
supplier screening requirements. (i)(A)
An institutional provider does not
submit an application fee or hardship
exception request that meets the
requirements set forth in § 424.514 with
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
the Medicare revalidation application;
or
(B) The hardship exception is not
granted and the institutional provider
does not submit the applicable
application form or application fee
within 30 days of being notified that the
hardship exception request was denied.
(ii)(A) Either of the following occurs:
(1) CMS is not able to deposit the full
application amount into a governmentowned account.
(2) The funds are not able to be
credited to the U.S. Treasury.
(B) The provider or supplier lacks
sufficient funds in the account at the
banking institution whose name is
imprinted on the check or other banking
instrument to pay the application fee; or
(C) There is any other reason why
CMS or its Medicare contractor is
unable to deposit the application fee
into a government-owned account.
*
*
*
*
*
(12) Medicaid termination. (i)
Medicaid billing privileges are
terminated or revoked by a State
Medicaid Agency.
(ii) Medicare may not terminate
unless and until a provider or supplier
has exhausted all applicable appeal
rights.
*
*
*
*
*
(c) Reapplying after revocation. (1)
After a provider, supplier, delegated
official, or authorizing official has had
its billing privileges revoked, it is barred
from participating in the Medicare
program from the effective date of the
revocation until the end of the reenrollment bar.
(2) The re-enrollment bar is a
minimum of 1 year, but not greater than
3 years depending on the severity of the
basis for revocation.
(3) CMS may waive the re-enrollment
bar if it has revoked a provider or
supplier under § 424.535(a)(6)(i) based
upon the failure of the provider or
supplier to submit an application fee or
a hardship exception request with an
enrollment application upon
revalidation.
*
*
*
*
*
■ 16. A new § 424.570 is added to read
as follows:
rmajette on DSK29S0YB1PROD with RULES2
§ 424.570 Moratoria on newly enrolling
Medicare providers and suppliers.
(a) Temporary moratoria. (1) General
rules. (i) CMS may impose a moratorium
on the enrollment of new Medicare
providers and suppliers of a particular
type or the establishment of new
practice locations of a particular type in
a particular geographic area.
(ii) CMS will announce the temporary
enrollment moratorium in a Federal
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Register document that includes the
rationale for imposition of the
temporary enrollment moratorium.
(iii) The temporary moratorium does
not apply to changes in practice
location, changes in provider or
supplier information such as phone
number, address or changes in
ownership (except changes in
ownership of home health agencies that
would require an initial enrollment
under § 424.550).
(iv) The temporary enrollment
moratorium does not apply to any
enrollment application that has been
approved by the enrollment contractor
but not yet entered into PECOS at the
time the moratorium is imposed.
(2) Imposition of a temporary
moratoria. CMS may impose the
temporary moratorium if—
(i) CMS determines that there is a
significant potential for fraud, waste or
abuse with respect to a particular
provider or supplier type or particular
geographic area or both. CMS’s
determination is based on its review of
existing data, and without limitation,
identifies a trend that appears to be
associated with a high risk of fraud,
waste or abuse, such as a—
(A) Highly disproportionate number
of providers or suppliers in a category
relative to the number of beneficiaries;
or
(B) Rapid increase in enrollment
applications within a category;
(ii) A State Medicaid program has
imposed a moratorium on a group of
Medicaid providers or suppliers that are
also eligible to enroll in the Medicare
program;
(iii) A State has imposed a
moratorium on enrollment in a
particular geographic area or on a
particular provider or supplier type or
both; or
(iv) CMS, in consultation the HHS
OIG or the Department of Justice or both
and with the approval of the CMS
Administrator identifies either or both
of the following as having a significant
potential for fraud, waste or abuse in the
Medicare program:
(A) A particular provider or supplier
type.
(B) Any particular geographic area.
(b) Duration of moratoria. A
moratorium under this section may be
imposed for a period of 6 months and,
if deemed necessary by CMS, may be
extended in 6-month increments. CMS
will publish a document in the Federal
Register when it extends a moratorium.
(c) Denial of enrollment: Moratoria. A
Medicare contractor denies the
enrollment application of a provider or
supplier if the provider or supplier is
PO 00000
Frm 00105
Fmt 4701
Sfmt 4700
5965
subject to a moratorium as specified in
paragraph (a) of this section.
(d) Lifting moratoria. CMS will
publish a document in the Federal
Register when a moratorium is lifted.
CMS may lift a temporary moratorium at
any time after imposition of the
moratorium if one of the following
occur:
(1) The President declares an area a
disaster under the Robert T. Stafford
Disaster Relief and Emergency
Assistance Act, 42 U.S.C. 5121–5206
(Stafford Act).
(2) Circumstances warranting the
imposition of a moratorium have abated
or CMS has implemented program
safeguards to address the program
vulnerability.
(3) The Secretary has declared a
public health emergency under section
319 of the Public Health Service Act in
the area subject to a temporary
moratorium.
(4) In the judgment of the Secretary,
the moratorium is no longer needed.
PART 447—PAYMENT FOR SERVICES
19. The authority citation for part 447
continues to read as follows:
■
Authority: Sec. 1102 of the Social Security
Act (42 U.S.C. 1302).
20. A new § 447.90 is added to subpart
A to read as follows:
■
§ 447.90 FFP: Conditions related to
pending investigations of credible
allegations of fraud against the Medicaid
program.
(a) Basis and purpose. This section
implements section 1903(i)(2)(C) of the
Act which prohibits payment of FFP
with respect to items or services
furnished by an individual or entity
with respect to which there is pending
an investigation of a credible allegation
of fraud except under specified
circumstances.
(b) Denial of FFP. No FFP is available
with respect to any amount expended
for an item or service furnished by any
individual or entity to whom a State has
failed to suspend payments in whole or
part as required by § 455.23 of this
chapter unless—
(1) The item or service is furnished as
an emergency item or service, but not
including items or services furnished in
an emergency room of a hospital; or
(2) The State determines and
documents that good cause as specified
at § 455.23(e) or (f) of this chapter exists
not to suspend such payments, to
suspend payments only in part, or to
discontinue a previously imposed
payment suspension.
E:\FR\FM\02FER2.SGM
02FER2
5966
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
PART 455—PROGRAM INTEGRITY:
MEDICAID
21. The authority citation for part 455
continues to read as follows:
■
Authority: Sec. 1102 of the Social Security
Act (42 U.S.C. 1302).
22. Section 455.2 is amended by
adding the definition of ‘‘Credible
allegation of fraud’’ to read as follows:
■
§ 455.2
Definitions.
*
*
*
*
*
Credible allegation of fraud. A
credible allegation of fraud may be an
allegation, which has been verified by
the State, from any source, including
but not limited to the following:
(1) Fraud hotline complaints.
(2) Claims data mining.
(3) Patterns identified through
provider audits, civil false claims cases,
and law enforcement investigations.
Allegations are considered to be
credible when they have indicia of
reliability and the State Medicaid
agency has reviewed all allegations,
facts, and evidence carefully and acts
judiciously on a case-by-case basis.
*
*
*
*
*
■ 23. Section 455.23 is revised to read
as follows:
rmajette on DSK29S0YB1PROD with RULES2
§ 455.23 Suspension of payments in cases
of fraud.
(a) Basis for suspension. (1) The State
Medicaid agency must suspend all
Medicaid payments to a provider after
the agency determines there is a
credible allegation of fraud for which an
investigation is pending under the
Medicaid program against an individual
or entity unless the agency has good
cause to not suspend payments or to
suspend payment only in part.
(2) The State Medicaid agency may
suspend payments without first
notifying the provider of its intention to
suspend such payments.
(3) A provider may request, and must
be granted, administrative review where
State law so requires.
(b) Notice of suspension. (1) The State
agency must send notice of its
suspension of program payments within
the following timeframes:
(i) Five days of taking such action
unless requested in writing by a law
enforcement agency to temporarily
withhold such notice.
(ii) Thirty days if requested by law
enforcement in writing to delay sending
such notice, which request for delay
may be renewed in writing up to twice
and in no event may exceed 90 days.
(2) The notice must include or
address all of the following:
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
(i) State that payments are being
suspended in accordance with this
provision.
(ii) Set forth the general allegations as
to the nature of the suspension action,
but need not disclose any specific
information concerning an ongoing
investigation.
(iii) State that the suspension is for a
temporary period, as stated in paragraph
(c) of this section, and cite the
circumstances under which the
suspension will be terminated.
(iv) Specify, when applicable, to
which type or types of Medicaid claims
or business units of a provider
suspension is effective.
(v) Inform the provider of the right to
submit written evidence for
consideration by State Medicaid
Agency.
(vi) Set forth the applicable State
administrative appeals process and
corresponding citations to State law.
(c) Duration of suspension. (1) All
suspension of payment actions under
this section will be temporary and will
not continue after either of the
following:
(i) The agency or the prosecuting
authorities determine that there is
insufficient evidence of fraud by the
provider.
(ii) Legal proceedings related to the
provider’s alleged fraud are completed.
(2) A State must document in writing
the termination of a suspension
including, where applicable and
appropriate, any appeal rights available
to a provider.
(d) Referrals to the Medicaid fraud
control unit. (1) Whenever a State
Medicaid agency investigation leads to
the initiation of a payment suspension
in whole or part, the State Medicaid
Agency must make a fraud referral to
either of the following:
(i) To a Medicaid fraud control unit
established and certified under part
1007 of this title; or
(ii) In States with no certified
Medicaid fraud control unit, to an
appropriate law enforcement agency.
(2) The fraud referral made under
paragraph (d)(1) of this section must
meet all of the following requirements:
(i) Be made in writing and provided
to the Medicaid fraud control unit not
later than the next business day after the
suspension is enacted.
(ii) Conform to fraud referral
performance standards issued by the
Secretary.
(3)(i) If the Medicaid fraud control
unit or other law enforcement agency
accepts the fraud referral for
investigation, the payment suspension
may be continued until such time as the
investigation and any associated
enforcement proceedings are completed.
PO 00000
Frm 00106
Fmt 4701
Sfmt 4700
(ii) On a quarterly basis, the State
must request a certification from the
Medicaid fraud control unit or other law
enforcement agency that any matter
accepted on the basis of a referral
continues to be under investigation thus
warranting continuation of the
suspension.
(4) If the Medicaid fraud control unit
or other law enforcement agency
declines to accept the fraud referral for
investigation the payment suspension
must be discontinued unless the State
Medicaid agency has alternative Federal
or State authority by which it may
impose a suspension or makes a fraud
referral to another law enforcement
agency. In that situation, the provisions
of paragraph (d)(3) of this section apply
equally to that referral as well.
(5) A State’s decision to exercise the
good cause exceptions in paragraphs (e)
or (f) of this section not to suspend
payments or to suspend payments only
in part does not relieve the State of the
obligation to refer any credible
allegation of fraud as provided in
paragraph (d)(1) of this section.
(e) Good cause not to suspend
payments. A State may find that good
cause exists not to suspend payments,
or not to continue a payment
suspension previously imposed, to an
individual or entity against which there
is an investigation of a credible
allegation of fraud if any of the
following are applicable:
(1) Law enforcement officials have
specifically requested that a payment
suspension not be imposed because
such a payment suspension may
compromise or jeopardize an
investigation.
(2) Other available remedies
implemented by the State more
effectively or quickly protect Medicaid
funds.
(3) The State determines, based upon
the submission of written evidence by
the individual or entity that is the
subject of the payment suspension, that
the suspension should be removed.
(4) Recipient access to items or
services would be jeopardized by a
payment suspension because of either of
the following:
(i) An individual or entity is the sole
community physician or the sole source
of essential specialized services in a
community.
(ii) The individual or entity serves a
large number of recipients within a
HRSA-designated medically
underserved area.
(5) Law enforcement declines to
certify that a matter continues to be
under investigation per the
requirements of paragraph (d)(3) of this
section.
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
(6) The State determines that payment
suspension is not in the best interests of
the Medicaid program.
(f) Good cause to suspend payment
only in part. A State may find that good
cause exists to suspend payments in
part, or to convert a payment
suspension previously imposed in
whole to one only in part, to an
individual or entity against which there
is an investigation of a credible
allegation of fraud if any of the
following are applicable:
(1) Recipient access to items or
services would be jeopardized by a
payment suspension in whole or part
because of either of the following:
(i) An individual or entity is the sole
community physician or the sole source
of essential specialized services in a
community.
(ii) The individual or entity serves a
large number of recipients within a
HRSA-designated medically
underserved area.
(2) The State determines, based upon
the submission of written evidence by
the individual or entity that is the
subject of a whole payment suspension,
that such suspension should be imposed
only in part.
(3)(i) The credible allegation focuses
solely and definitively on only a
specific type of claim or arises from
only a specific business unit of a
provider; and
(ii) The State determines and
documents in writing that a payment
suspension in part would effectively
ensure that potentially fraudulent
claims were not continuing to be paid.
(4) Law enforcement declines to
certify that a matter continues to be
under investigation per the
requirements of paragraph (d)(3) of this
section.
(5) The State determines that payment
suspension only in part is in the best
interests of the Medicaid program.
(g) Documentation and record
retention. State Medicaid agencies must
meet the following requirements:
(1) Maintain for a minimum of 5 years
from the date of issuance all materials
documenting the life cycle of a payment
suspension that was imposed in whole
or part, including the following:
(i) All notices of suspension of
payment in whole or part.
(ii) All fraud referrals to the Medicaid
fraud control unit or other law
enforcement agency.
(iii) All quarterly certifications of
continuing investigation status by law
enforcement.
(iv) All notices documenting the
termination of a suspension.
(2)(i) Maintain for a minimum of 5
years from the date of issuance all
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
materials documenting each instance
where a payment suspension was not
imposed, imposed only in part, or
discontinued for good cause.
(ii) This type of documentation must
include, at a minimum, detailed
information on the basis for the
existence of the good cause not to
suspend payments, to suspend
payments only in part, or to discontinue
a payment suspension and, where
applicable, must specify how long the
State anticipates such good cause will
exist.
(3) Annually report to the Secretary
summary information on each of
following:
(i) Suspension of payment, including
the nature of the suspected fraud, the
basis for suspension, and the outcome of
the suspension.
(ii) Situation in which the State
determined good cause existed to not
suspend payments, to suspend
payments only in part, or to discontinue
a payment suspension as described in
this section, including describing the
nature of the suspected fraud and the
nature of the good cause.
■ 24. Section 455.101 is amended by
adding the definitions of ‘‘Health
insuring organization (HIO),’’ ‘‘Managed
care entity (MCE),’’ ‘‘Prepaid ambulatory
health plan (PAHP),’’ ‘‘Prepaid inpatient
health plan (PIHP),’’ ‘‘Primary care case
manager (PCCM),’’ and ‘‘Termination’’ in
alphabetical order to read as follows:
§ 455.101
Definitions.
*
*
*
*
*
Health insuring organization (HIO)
has the meaning specified in § 438.2.
*
*
*
*
*
Managed care entity (MCE) means
managed care organizations (MCOs),
PIHPs, PAHPs, PCCMs, and HIOs.
*
*
*
*
*
Prepaid ambulatory health plan
(PAHP) has the meaning specified in
§ 438.2.
Prepaid inpatient health plan (PIHP)
has the meaning specified in § 438.2.
Primary care case manager (PCCM)
has the meaning specified in § 438.2.
*
*
*
*
*
Termination means—
(1) For a—
(i) Medicaid or CHIP provider, a State
Medicaid program or CHIP has taken an
action to revoke the provider’s billing
privileges, and the provider has
exhausted all applicable appeal rights or
the timeline for appeal has expired; and
(ii) Medicare provider, supplier or
eligible professional, the Medicare
program has revoked the provider or
supplier’s billing privileges, and the
provider has exhausted all applicable
PO 00000
Frm 00107
Fmt 4701
Sfmt 4700
5967
appeal rights or the timeline for appeal
has expired.
(2)(i) In all three programs, there is no
expectation on the part of the provider
or supplier or the State or Medicare
program that the revocation is
temporary.
(ii) The provider, supplier, or eligible
professional will be required to reenroll
with the applicable program if they
wish billing privileges to be reinstated.
(3) The requirement for termination
applies in cases where providers,
suppliers, or eligible professionals were
terminated or had their billing
privileges revoked for cause which may
include, but is not limited to—
(i) Fraud;
(ii) Integrity; or
(iii) Quality.
*
*
*
*
*
■ 25. Section 455.104 is revised to read
as follows:
§ 455.104 Disclosure by Medicaid
providers and fiscal agents: Information on
ownership and control.
(a) Who must provide disclosures. The
Medicaid agency must obtain
disclosures from disclosing entities,
fiscal agents, and managed care entities.
(b) What disclosures must be
provided. The Medicaid agency must
require that disclosing entities, fiscal
agents, and managed care entities
provide the following disclosures:
(1)(i) The name and address of any
person (individual or corporation) with
an ownership or control interest in the
disclosing entity, fiscal agent, or
managed care entity. The address for
corporate entities must include as
applicable primary business address,
every business location, and P.O. Box
address.
(ii) Date of birth and Social Security
Number (in the case of an individual).
(iii) Other tax identification number
(in the case of a corporation) with an
ownership or control interest in the
disclosing entity (or fiscal agent or
managed care entity) or in any
subcontractor in which the disclosing
entity (or fiscal agent or managed care
entity) has a 5 percent or more interest.
(2) Whether the person (individual or
corporation) with an ownership or
control interest in the disclosing entity
(or fiscal agent or managed care entity)
is related to another person with
ownership or control interest in the
disclosing entity as a spouse, parent,
child, or sibling; or whether the person
(individual or corporation) with an
ownership or control interest in any
subcontractor in which the disclosing
entity (or fiscal agent or managed care
entity) has a 5 percent or more interest
is related to another person with
E:\FR\FM\02FER2.SGM
02FER2
rmajette on DSK29S0YB1PROD with RULES2
5968
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
ownership or control interest in the
disclosing entity as a spouse, parent,
child, or sibling.
(3) The name of any other disclosing
entity (or fiscal agent or managed care
entity) in which an owner of the
disclosing entity (or fiscal agent or
managed care entity) has an ownership
or control interest.
(4) The name, address, date of birth,
and Social Security Number of any
managing employee of the disclosing
entity (or fiscal agent or managed care
entity).
(c) When the disclosures must be
provided.
(1) Disclosures from providers or
disclosing entities. Disclosure from any
provider or disclosing entity is due at
any of the following times:
(i) Upon the provider or disclosing
entity submitting the provider
application.
(ii) Upon the provider or disclosing
entity executing the provider agreement.
(iii) Upon request of the Medicaid
agency during the re-validation of
enrollment process under § 455.414.
(iv) Within 35 days after any change
in ownership of the disclosing entity.
(2) Disclosures from fiscal agents.
Disclosures from fiscal agents are due at
any of the following times:
(i) Upon the fiscal agent submitting
the proposal in accordance with the
State’s procurement process.
(ii) Upon the fiscal agent executing
the contract with the State.
(iii) Upon renewal or extension of the
contract.
(iv) Within 35 days after any change
in ownership of the fiscal agent.
(3) Disclosures from managed care
entities. Disclosures from managed care
entities (MCOs, PIHPs, PAHPs, and
HIOs), except PCCMs are due at any of
the following times:
(i) Upon the managed care entity
submitting the proposal in accordance
with the State’s procurement process.
(ii) Upon the managed care entity
executing the contract with the State.
(iii) Upon renewal or extension of the
contract.
(iv) Within 35 days after any change
in ownership of the managed care
entity.
(4) Disclosures from PCCMs. PCCMs
will comply with disclosure
requirements under paragraph (c)(1) of
this section.
(d) To whom must the disclosures be
provided. All disclosures must be
provided to the Medicaid agency.
(e) Consequences for failure to
provide required disclosures. Federal
financial participation (FFP) is not
available in payments made to a
disclosing entity that fails to disclose
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
ownership or control information as
required by this section.
26. A new subpart E is added to part
455 to read as follows:
■
Subpart E—Provider Screening and
Enrollment
Sec.
455.400 Purpose.
455.405 State plan requirements.
455.410 Enrollment and screening of
providers.
455.412 Verification of provider licenses.
455.414 Revalidation of enrollment.
455.416 Termination or denial of
enrollment.
455.420 Reactivation of provider
enrollment.
455.422 Appeal rights.
455.432 Site visits.
455.434 Criminal background checks.
455.436 Federal database checks.
455.440 National Provider Identifier.
455.450 Screening levels for Medicaid
providers.
455.452 Other State screening methods.
455.460 Application fee.
455.470 Temporary moratoria.
Subpart E—Provider Screening and
Enrollment
§ 455.400
Purpose.
This subpart implements sections
1866(j), 1902(a)(39), 1902(a)(77), and
1902(a)(78) of the Act. It sets forth State
plan requirements regarding the
following:
(a) Provider screening and enrollment
requirements.
(b) Fees associated with provider
screening.
(c) Temporary moratoria on
enrollment of providers.
§ 455.405
State plan requirements.
A State plan must provide that the
requirements of § 455.410 through
§ 455.450 and § 455.470 are met.
§ 455.410 Enrollment and screening of
providers.
(a) The State Medicaid agency must
require all enrolled providers to be
screened under to this subpart.
(b) The State Medicaid agency must
require all ordering or referring
physicians or other professionals
providing services under the State plan
or under a waiver of the plan to be
enrolled as participating providers.
(c) The State Medicaid agency may
rely on the results of the provider
screening performed by any of the
following:
(1) Medicare contractors.
(2) Medicaid agencies or Children’s
Health Insurance Programs of other
States.
§ 455.412
Verification of provider licenses.
The State Medicaid agency must—
PO 00000
Frm 00108
Fmt 4701
Sfmt 4700
(a) Have a method for verifying that
any provider purporting to be licensed
in accordance with the laws of any State
is licensed by such State.
(b) Confirm that the provider’s license
has not expired and that there are no
current limitations on the provider’s
license.
§ 455.414
Revalidation of enrollment.
The State Medicaid agency must
revalidate the enrollment of all
providers regardless of provider type at
least every 5 years.
§ 455.416 Termination or denial of
enrollment.
The State Medicaid agency—
(a) Must terminate the enrollment of
any provider where any person with a
5 percent or greater direct or indirect
ownership interest in the provider did
not submit timely and accurate
information and cooperate with any
screening methods required under this
subpart.
(b) Must deny enrollment or terminate
the enrollment of any provider where
any person with a 5 percent or greater
direct or indirect ownership interest in
the provider has been convicted of a
criminal offense related to that person’s
involvement with the Medicare,
Medicaid, or title XXI program in the
last 10 years, unless the State Medicaid
agency determines that denial or
termination of enrollment is not in the
best interests of the Medicaid program
and the State Medicaid agency
documents that determination in
writing.
(c) Must deny enrollment or terminate
the enrollment of any provider that is
terminated on or after January 1, 2011,
under title XVIII of the Act or under the
Medicaid program or CHIP of any other
State.
(d) Must terminate the provider’s
enrollment or deny enrollment of the
provider if the provider or a person with
an ownership or control interest or who
is an agent or managing employee of the
provider fails to submit timely or
accurate information, unless the State
Medicaid agency determines that
termination or denial of enrollment is
not in the best interests of the Medicaid
program and the State Medicaid agency
documents that determination in
writing.
(e) Must terminate or deny enrollment
if the provider, or any person with a 5
percent or greater direct or indirect
ownership interest in the provider, fails
to submit sets of fingerprints in a form
and manner to be determined by the
Medicaid agency within 30 days of a
CMS or a State Medicaid agency
request, unless the State Medicaid
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
agency determines that termination or
denial of enrollment is not in the best
interests of the Medicaid program and
the State Medicaid agency documents
that determination in writing.
(f) Must terminate or deny enrollment
if the provider fails to permit access to
provider locations for any site visits
under § 455.432, unless the State
Medicaid agency determines that
termination or denial of enrollment is
not in the best interests of the Medicaid
program and the State Medicaid agency
documents that determination in
writing.
(g) May terminate or deny the
provider’s enrollment if CMS or the
State Medicaid agency—
(1) Determines that the provider has
falsified any information provided on
the application; or
(2) Cannot verify the identity of any
provider applicant.
§ 455.420 Reactivation of provider
enrollment.
After deactivation of a provider
enrollment number for any reason,
before the provider’s enrollment may be
reactivated, the State Medicaid agency
must re-screen the provider and require
payment of associated provider
application fees under § 455.460.
§ 455.422
Appeal rights.
The State Medicaid agency must give
providers terminated or denied under
§ 455.416 any appeal rights available
under procedures established by State
law or regulations.
§ 455.432
Site visits.
The State Medicaid agency—
(a) Must conduct pre-enrollment and
post-enrollment site visits of providers
who are designated as ‘‘moderate’’ or
‘‘high’’ categorical risks to the Medicaid
program. The purpose of the site visit
will be to verify that the information
submitted to the State Medicaid agency
is accurate and to determine compliance
with Federal and State enrollment
requirements.
(b) Must require any enrolled provider
to permit CMS, its agents, its designated
contractors, or the State Medicaid
agency to conduct unannounced on-site
inspections of any and all provider
locations.
rmajette on DSK29S0YB1PROD with RULES2
§ 455.434
Criminal background checks.
The State Medicaid agency—
(a) As a condition of enrollment, must
require providers to consent to criminal
background checks including
fingerprinting when required to do so
under State law or by the level of
screening based on risk of fraud, waste
or abuse as determined for that category
of provider.
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
(b) Must establish categorical risk
levels for providers and provider
categories who pose an increased
financial risk of fraud, waste or abuse to
the Medicaid program.
(1) Upon the State Medicaid agency
determining that a provider, or a person
with a 5 percent or more direct or
indirect ownership interest in the
provider, meets the State Medicaid
agency’s criteria hereunder for criminal
background checks as a ‘‘high’’ risk to
the Medicaid program, the State
Medicaid agency will require that each
such provider or person submit
fingerprints.
(2) The State Medicaid agency must
require a provider, or any person with
a 5 percent or more direct or indirect
ownership interest in the provider, to
submit a set of fingerprints, in a form
and manner to be determined by the
State Medicaid agency, within 30 days
upon request from CMS or the State
Medicaid agency.
§ 455.436
Federal database checks.
The State Medicaid agency must do
all of the following:
(a) Confirm the identity and
determine the exclusion status of
providers and any person with an
ownership or control interest or who is
an agent or managing employee of the
provider through routine checks of
Federal databases.
(b) Check the Social Security
Administration’s Death Master File, the
National Plan and Provider
Enumeration System (NPPES), the List
of Excluded Individuals/Entities (LEIE),
the Excluded Parties List System
(EPLS), and any such other databases as
the Secretary may prescribe.
(c)(1) Consult appropriate databases to
confirm identity upon enrollment and
reenrollment; and
(2) Check the LEIE and EPLS no less
frequently than monthly.
§ 455.440
National Provider Identifier.
The State Medicaid agency must
require all claims for payment for items
and services that were ordered or
referred to contain the National Provider
Identifier (NPI) of the physician or other
professional who ordered or referred
such items or services.
§ 455.450 Screening levels for Medicaid
providers.
A State Medicaid agency must screen
all initial applications, including
applications for a new practice location,
and any applications received in
response to a re-enrollment or
revalidation of enrollment request based
on a categorical risk level of ‘‘limited,’’
‘‘moderate,’’ or ‘‘high.’’ If a provider
PO 00000
Frm 00109
Fmt 4701
Sfmt 4700
5969
could fit within more than one risk level
described in this section, the highest
level of screening is applicable.
(a) Screening for providers designated
as limited categorical risk. When the
State Medicaid agency designates a
provider as a limited categorical risk,
the State Medicaid agency must do all
of the following:
(1) Verify that a provider meets any
applicable Federal regulations, or State
requirements for the provider type prior
to making an enrollment determination.
(2) Conduct license verifications,
including State licensure verifications
in States other than where the provider
is enrolling, in accordance with
§ 455.412.
(3) Conduct database checks on a preand post-enrollment basis to ensure that
providers continue to meet the
enrollment criteria for their provider
type, in accordance with § 455.436.
(b) Screening for providers designated
as moderate categorical risk. When the
State Medicaid agency designates a
provider as a ‘‘moderate’’ categorical
risk, a State Medicaid agency must do
both of the following:
(1) Perform the ‘‘limited’’ screening
requirements described in paragraph (a)
of this section.
(2) Conduct on-site visits in
accordance with § 455.432.
(c) Screening for providers designated
as high categorical risk. When the State
Medicaid agency designates a provider
as a ‘‘high’’ categorical risk, a State
Medicaid agency must do both of the
following:
(1) Perform the ‘‘limited’’ and
‘‘moderate’’ screening requirements
described in paragraphs (a) and (b) of
this section.
(2)(i) Conduct a criminal background
check; and
(ii) Require the submission of a set of
fingerprints in accordance with
§ 455.434.
(d) Denial or termination of
enrollment. A provider, or any person
with 5 percent or greater direct or
indirect ownership in the provider, who
is required by the State Medicaid agency
or CMS to submit a set of fingerprints
and fails to do so may have its—
(1) Application denied under
§ 455.434; or
(2) Enrollment terminated under
§ 455.416.
(e) Adjustment of risk level. The State
agency must adjust the categorical risk
level from ‘‘limited’’ or ‘‘moderate’’ to
‘‘high’’ when any of the following
occurs:
(1) The State Medicaid agency
imposes a payment suspension on a
provider based on credible allegation of
fraud, waste or abuse, the provider has
E:\FR\FM\02FER2.SGM
02FER2
5970
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
an existing Medicaid overpayment, or
the provider has been excluded by the
OIG or another State’s Medicaid
program within the previous 10 years.
(2) The State Medicaid agency or CMS
in the previous 6 months lifted a
temporary moratorium for the particular
provider type and a provider that was
prevented from enrolling based on the
moratorium applies for enrollment as a
provider at any time within 6 months
from the date the moratorium was lifted.
§ 455.452
Other State screening methods.
Nothing in this subpart must restrict
the State Medicaid agency from
establishing provider screening methods
in addition to or more stringent than
those required by this subpart.
§ 455.460
Application fee.
(a) Beginning on or after March 25,
2011, States must collect the applicable
application fee prior to executing a
provider agreement from a prospective
or re-enrolling provider other than
either of the following:
(1) Individual physicians or
nonphysician practitioners.
(2)(i) Providers who are enrolled in
either of the following:
(A) Title XVIII of the Act.
(B) Another State’s title XIX or XXI
plan.
(ii) Providers that have paid the
applicable application fee to—
(A) A Medicare contractor; or
(B) Another State.
(b) If the fees collected by a State
agency in accordance with paragraph (a)
of this section exceed the cost of the
screening program, the State agency
must return that portion of the fees to
the Federal government.
rmajette on DSK29S0YB1PROD with RULES2
§ 455.470
Temporary moratoria.
(a)(1) The Secretary consults with any
affected State Medicaid agency
regarding imposition of temporary
moratoria on enrollment of new
providers or provider types prior to
imposition of the moratoria, in
accordance with § 424.570 of this
chapter.
(2) The State Medicaid agency will
impose temporary moratoria on
enrollment of new providers or provider
types identified by the Secretary as
posing an increased risk to the Medicaid
program.
(3)(i) The State Medicaid agency is
not required to impose such a
moratorium if the State Medicaid
agency determines that imposition of a
temporary moratorium would adversely
affect beneficiaries’ access to medical
assistance.
(ii) If a State Medicaid agency makes
such a determination, the State
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
Medicaid agency must notify the
Secretary in writing.
(b)(1) A State Medicaid agency may
impose temporary moratoria on
enrollment of new providers, or impose
numerical caps or other limits that the
State Medicaid agency identifies as
having a significant potential for fraud,
waste, or abuse and that the Secretary
has identified as being at high risk for
fraud, waste, or abuse.
(2) Before implementing the
moratoria, caps, or other limits, the
State Medicaid agency must determine
that its action would not adversely
impact beneficiaries’ access to medical
assistance.
(3) The State Medicaid agency must
notify the Secretary in writing in the
event the State Medicaid agency seeks
to impose such moratoria, including all
details of the moratoria; and obtain the
Secretary’s concurrence with imposition
of the moratoria.
(c)(1) The State Medicaid agency must
impose the moratorium for an initial
period of 6 months.
(2) If the State Medicaid agency
determines that it is necessary, the State
Medicaid agency may extend the
moratorium in 6-month increments.
(3) Each time, the State Medicaid
agency must document in writing the
necessity for extending the moratorium.
PART 457—ALLOTMENTS AND
GRANTS TO STATES
27. The authority citation for part 457
continues to read as follows:
■
Authority: Section 1102 of the Social
Security Act (42 U.S.C. 1302).
28. Section 457.900 is amended by
adding a new paragraph (a)(2)(x) to read
as follows:
■
§ 457.900
Basis, scope and applicability.
(a) * * *
(2) * * *
(x) Sections 1902(a)(77) and 1902(kk)
of the Act relating to provider and
supplier screening, oversight, and
reporting requirements.
*
*
*
*
*
■ 29. A new § 457.990 is added to
subpart I to read as follows:
§ 457.990 Provider and supplier screening,
oversight, and reporting requirements.
The following provisions and their
corresponding regulations apply to a
State under title XXI of the Act, in the
same manner as these provisions and
regulations apply to a State under title
XIX of the Act:
(a) Part 455, Subpart E, of this
chapter.
(b) Sections 1902(a)(77) and 1902(kk)
of the Act pertaining to provider and
PO 00000
Frm 00110
Fmt 4701
Sfmt 4700
supplier screening, oversight, and
reporting requirements.
PART 498—APPEALS PROCEDURES
FOR DETERMINATIONS THAT AFFECT
PARTICIPATION IN THE MEDICARE
PROGRAM AND FOR
DETERMINATIONS THAT AFFECT THE
PARTICIPATION OF ICFs/MR AND
CERTAIN NFs IN THE MEDICAID
PROGRAM
30. The authority citation for part 498
continues to read as follows:
■
Authority: Secs. 1102 and 1871 of the
Social Security Act (42 U.S.C. 1302 and
1395hh).
31. Section 498.5 is amended by
adding a new paragraph (l)(4) to read as
follows:
■
§ 498.5
Appeal rights.
*
*
*
*
*
(l) * * *
(4) Scope of review. For appeals of
denials based on § 424.530(a)(9) of this
chapter related to temporary moratoria,
the scope of review will be limited to
whether the temporary moratorium
applies to the provider or supplier
appealing the denial. The agency’s basis
for imposing a temporary moratorium is
not subject to review.
CHAPTER V-OFFICE OF INSPECTOR
GENERAL-HEALTH CARE, DEPARTMENT
OF HEALTH AND HUMAN SERVICES
PART 1007—STATE MEDICAID FRAUD
CONTROL UNITS
32. The authority citation for part
1007 continues to read as follows:
■
Authority: 42 U.S.C. 1320 and 1395hh.
33. Section 1007.9 is amended by
adding paragraphs (e) through (g) to
read as follows:
■
§ 1007.9 Relationship to, and agreement
with, the Medicaid agency.
*
*
*
*
*
(e)(1) The unit may refer any provider
with respect to which there is pending
an investigation of a credible allegation
of fraud under the Medicaid program to
the State Medicaid agency for payment
suspension in whole or part under
§ 455.23 of this title.
(2) Referrals may be brief, but must be
in writing and include sufficient
information to allow the State Medicaid
agency to identify the provider and to
explain the credible allegations forming
the grounds for the payment
suspension.
(f) Any request by the unit to the State
Medicaid agency to delay notification to
the provider of a payment suspension
under § 455.23 of this title must be in
writing.
E:\FR\FM\02FER2.SGM
02FER2
Federal Register / Vol. 76, No. 22 / Wednesday, February 2, 2011 / Rules and Regulations
(g) When the unit accepts or declines
a case referred by the State Medicaid
agency, the unit notifies the State
Medicaid agency in writing of the
acceptance or declination of the case.
Program) (Catalog of Federal Domestic
Assistance Program No. 93.773, Medicare—
Hospital Insurance; and Program No. 93.774,
Medicare—Supplementary Medical
Insurance Program)
Catalog of Federal Domestic Assistance
Program No. 93.778, Medical Assistance
5971
Dated: January 14, 2011.
Donald Berwick,
Administrator, Centers for Medicare &
Medicaid Services.
Approved: January 21, 2011.
Kathleen Sebelius,
Secretary, Department of Health and Human
Services.
[FR Doc. 2011–1686 Filed 1–24–11; 12:15 pm]
rmajette on DSK29S0YB1PROD with RULES2
BILLING CODE 4120–01–P
VerDate Mar<15>2010
15:39 Feb 01, 2011
Jkt 223001
PO 00000
Frm 00111
Fmt 4701
Sfmt 9990
E:\FR\FM\02FER2.SGM
02FER2
Agencies
[Federal Register Volume 76, Number 22 (Wednesday, February 2, 2011)]
[Rules and Regulations]
[Pages 5862-5971]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2011-1686]
[[Page 5861]]
Vol. 76
Wednesday,
No. 22
February 2, 2011
Part II
Department of Health and Human Services
-----------------------------------------------------------------------
Centers for Medicare & Medicaid Services
-----------------------------------------------------------------------
42 CFR Parts 405, 424, 447 et al.
-----------------------------------------------------------------------
Office of Inspector General
-----------------------------------------------------------------------
42 CFR Part 1007
Medicare, Medicaid, and Children's Health Insurance Programs;
Additional Screening Requirements, Application Fees, Temporary
Enrollment Moratoria, Payment Suspensions and Compliance Plans for
Providers and Suppliers; Final Rule
Federal Register / Vol. 76 , No. 22 / Wednesday, February 2, 2011 /
Rules and Regulations
[[Page 5862]]
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Centers for Medicare & Medicaid Services
42 CFR Parts 405, 424, 447, 455, 457, and 498
Office of Inspector General
42 CFR Part 1007
[CMS-6028-FC]
RIN 0938-AQ20
Medicare, Medicaid, and Children's Health Insurance Programs;
Additional Screening Requirements, Application Fees, Temporary
Enrollment Moratoria, Payment Suspensions and Compliance Plans for
Providers and Suppliers
AGENCY: Centers for Medicare & Medicaid Services (CMS); Office of
Inspector General (OIG), HHS.
ACTION: Final rule with comment period.
-----------------------------------------------------------------------
SUMMARY: This final rule with comment period will implement provisions
of the ACA that establish: Procedures under which screening is
conducted for providers of medical or other services and suppliers in
the Medicare program, providers in the Medicaid program, and providers
in the Children's Health Insurance Program (CHIP); an application fee
imposed on institutional providers and suppliers; temporary moratoria
that may be imposed if necessary to prevent or combat fraud, waste, and
abuse under the Medicare and Medicaid programs, and CHIP; guidance for
States regarding termination of providers from Medicaid and CHIP if
terminated by Medicare or another Medicaid State plan or CHIP; guidance
regarding the termination of providers and suppliers from Medicare if
terminated by a Medicaid State agency; and requirements for suspension
of payments pending credible allegations of fraud in the Medicare and
Medicaid programs. This final rule with comment period also discusses
our earlier solicitation of comments regarding provisions of the ACA
that require providers of medical or other items or services or
suppliers within a particular industry sector or category to establish
compliance programs.
We have identified specific provisions surrounding our
implementation of fingerprinting for certain providers and suppliers
for which we may make changes if warranted by the public comments
received. We expect to publish our response to those comments,
including any possible changes to the rule made as a result of them, as
soon as possible following the end of the comment period. Furthermore,
we clarify that we are finalizing the adoption of fingerprinting
pursuant to the terms and conditions set forth herein.
DATES: Effective date: These regulations are effective on March 25,
2011. Comment date: We will consider public comments only on the
Fingerprinting Requirements, contained in Sec. Sec. 424.518 and
455.434 and discussed in section II.A.5. of the preamble of this
document, if we receive them at one of the addresses provided below, no
later than 5 p.m. on April 4, 2011.
ADDRESSES: In commenting, please refer to file code CMS-6028-FC.
Because of staff and resource limitations, we cannot accept comments by
facsimile (FAX) transmission.
You may submit comments in one of four ways (please choose only one
of the ways listed):
1. Electronically. You may submit electronic comments on this
regulation to https://www.regulations.gov. Follow the instructions for
``submitting a comment.''
2. By regular mail. You may mail written comments to the following
address ONLY: Centers for Medicare & Medicaid Services, Department of
Health and Human Services, Attention: CMS-6028-FC, P.O. Box 8013,
Baltimore, MD 21244-8013.
Please allow sufficient time for mailed comments to be received
before the close of the comment period.
3. By express or overnight mail. You may send written comments to
the following address ONLY: Centers for Medicare & Medicaid Services,
Department of Health and Human Services, Attention: CMS-6028-FC, Mail
Stop C4-26-05, 7500 Security Boulevard, Baltimore, MD 21244-1850.
4. By hand or courier. If you prefer, you may deliver (by hand or
courier) your written comments before the close of the comment period
to either of the following addresses: a. For delivery in Washington,
DC--Centers for Medicare & Medicaid Services, Department of Health and
Human Services, Room 445-G, Hubert H. Humphrey Building, 200
Independence Avenue, SW., Washington, DC 20201.
(Because access to the interior of the Hubert H. Humphrey Building
is not readily available to persons without Federal government
identification, commenters are encouraged to leave their comments in
the CMS drop slots located in the main lobby of the building. A stamp-
in clock is available for persons wishing to retain a proof of filing
by stamping in and retaining an extra copy of the comments being
filed.)
b. For delivery in Baltimore, MD--Centers for Medicare & Medicaid
Services, Department of Health and Human Services, 7500 Security
Boulevard, Baltimore, MD 21244-1850.
If you intend to deliver your comments to the Baltimore address,
please call telephone number (410) 786-9994 in advance to schedule your
arrival with one of our staff members.
Comments mailed to the addresses indicated as appropriate for hand
or courier delivery may be delayed and received after the comment
period.
FOR FURTHER INFORMATION CONTACT: Frank Whelan (410) 786-1302 for
Medicare enrollment issues. Claudia Simonson (312) 353-2115 for
Medicaid and CHIP enrollment issues. Lori Bellan (410) 786-2048 for
Medicaid payment suspension issues and Medicaid termination issues.
Joseph Strazzire (410) 786-2775 for Medicare payment suspension issues.
Laura Minassian-Kiefel (410) 786-4641 for compliance program issues.
SUPPLEMENTARY INFORMATION: Due to the many organizations and terms to
which we refer by acronym in this final rule with comment period, we
are listing these acronyms and their corresponding terms in
alphabetical order below. In addition, we are providing a table of
contents which follows the list of acronyms to assist readers in
referencing sections contained in this preamble.
Acronyms
ABC American Board for Certification in Orthotics and Prosthetics
A/B MAC Part A or Part B Medicare Administrative Contractor
ACA ``Affordable Care Act''
APD Advance planning document
ASC Ambulatory surgical center
BBA Balanced Budget Act of 1997 (Pub. L. 105-33)
BIPA Medicare Medicaid, and SCHIP Benefits Improvement Protection
Act of 2000 (Pub. L. 106-544)
CAH Critical access hospital
CAP Competitive acquisition program
CBA Competitive bidding area
CFR Code of Federal Regulations
CHIP Children's Health Insurance Program
CJIS Criminal Justice Information Services
CLIA Clinical laboratory improvement amendments
CMHC Community mental health centers
CMS Centers for Medicare & Medicaid Services
CON Certificate of Need
CoP Condition of participation
CORF Comprehensive outpatient rehabilitation facility
CPI-U Consumer price index for all urban consumers
DAB Department Appeal Board
[[Page 5863]]
DEA Drug Enforcement Agency
DHUD Department of Housing and Urban Development
DME Durable medical equipment
DMEPOS Durable medical equipment prosthetics, orthotics, and
supplies
DOB Dates of birth
DOJ Department of Justice
EIN Employer Identification Number
EMTALA Emergency Medical Treatment and Active Labor Act
VIN Vehicle Identifier Number
ESRD End-stage renal disease
EPLS General Service Administration's Excluded Parties List System
FBI Federal Bureau of Investigation
FFP Federal Financial Participation
FFS Medicare fee-for-service program
FQHC Federally qualified health center
GAO Government Accountability Office
HHAs Home health agencies
HHS [Department of] Health and Human Services
HIO Health insuring organization
IAFIS Integrated Automated Fingerprint Identification System
ICF/MR Intermediate care facilities for persons with mental
retardation
IDTF Independent diagnostic testing facility
IHCIA Indian Health Care Improvement Act
IHS Indian Health Service
IHSS In-home supportive services
IPF Inpatient psychiatric facility
IRF Inpatient rehabilitation facility
ISDEAA Indian Self-Determination and Education Assistance Act
LEIE List of Excluded Individuals/Entities
MCEs Managed care entities
MFCU Medicaid fraud control unit
MAO Medicare Advantage organizations
MMA Medicare Prescription Drug, Improvement, and Modernization Act
of 2003 (Pub. L. 108-173)
NASDAQ National Association of Securities Dealers Automated
Quotation System
NF Nursing facility
NPI National Provider Identifier
NPPES National Plan and Provider Enumeration System
NSC National Supplier Clearinghouse
NTIS National Technical Information Service
NPDB National Practitioner Data Bank
NYSE New York Stock Exchange
OIG Office of Inspector General
OMB Office of Management and Budget
OPO Organ procurement organization
PAHP Prepaid ambulatory health plan
PECOS Provider Enrollment, Chain, and Ownership System
PIHP Prepaid inpatient health plan
PSC Program Safeguard Contractors
PTAN Provider transaction account number
RFA Regulatory Flexibility Act
RHC Rural health clinic
RNHCI Religious nonmedical health care institution
SEC Securities and Exchange Commission
SMP Senior Medicare Patrol
SNFs Skilled nursing facilities
SPIA State Program Integrity Assessment
SSA Social Security Administration
SSA DMF Social Security Administration Death Master File
SSN Social Security Number
TTAG Tribal Technical Advisory Group
WAN [FBI CJIS Division's] Wide Area Network
ZPIC Zone Program Integrity Contractors
Table of Contents
I. Background
II. Proposed Provisions and Responses to Public Comments
A. Provider Screening Under Medicare, Medicaid, and CHIP
1. Statutory Changes
2. Summary of Existing Screening Measures
a. Licensure Requirements--Medicare and Medicaid
b. Site Visits--Medicare
c. Database Checks--Medicare
d. Criminal Background Checks--Medicare
e. Medicare MAO Requirements
f. Fingerprinting--Medicare
g. Screening--Medicaid and CHIP
3. General Screening of Providers--Medicare
a. Proposed Screening Requirements
(1) Limited
(2) Moderate
(3) High
b. Analysis of and Responses to Public Comment on Medicare
Screening Categories
c. Final Screening Provision--Medicare
4. General Screening of Providers--Medicaid and CHIP: Proposed
Provisions and Analysis of and Responses to Public Comments
a. Database Checks--Medicaid and CHIP
b. Unscheduled and Unannounced Site Visits--Medicaid and CHIP
c. Provider Enrollment and Provider Termination--Medicaid and
CHIP
d. Criminal Background Checks and Fingerprinting--Medicaid and
CHIP
e. Deactivation and Reactivation of Provider Enrollment--
Medicaid and CHIP
f. Enrollment and NPI of Ordering or Referring Providers--
Medicaid and CHIP
g. Other State Screening--Medicaid and CHIP
h. Final Screening Provisions--Medicaid and CHIP
5. Solicitation of Additional Comments Regarding the
Implementation of the
Fingerprinting Requirements
B. Application Fee--Medicare, Medicaid, and CHIP
1. Statutory Changes
2. Proposed Application Fee Provisions
C. Temporary Moratoria on Enrollment of Medicare Providers and
Suppliers, Medicaid and CHIP Providers
1. Statutory Changes
2. Proposed Temporary Moratoria Provisions
a. Medicare
b. Medicaid and CHIP
3. Analysis of and Responses to Public Comment
4. Final Temporary Moratoria on Enrollment of Medicare Providers
and Suppliers, Medicaid and CHIP Provisions
D. Suspension of Payments
1. Medicare
a. Background
b. Previous Medicare Regulations
c. Proposed Medicare Suspension of Payments Requirements
2. Medicaid
a. Background
b. Previous Medicaid Regulations
c. Proposed Medicaid Suspension of Payments Requirements
E. Proposed Approach and Solicitation of Comments for Sections
6102 and 6401(a) of the Affordable Care Act--Ethics and Compliance
Program
1. Statutory Changes
2. Proposed Ethics and Compliance Program Provisions
3. Analysis of and Responses to Public Comment
4. Final Provisions--Ethics and Compliance Program
F. Termination of Provider Participation Under the Medicaid
Program and CHIP if Terminated Under the Medicare Program or Another
State Medicaid Program or CHIP
1. Statutory Change
2. Proposed Provisions for Termination of Provider Participation
Under the Medicaid Program and CHIP if Terminated Under the Medicare
Program or Another State Medicaid Program or CHIP
3. Analysis of and Responses to Public Comment
4. Final Provisions for Termination of Provider Participation
Under the Medicaid Program and CHIP if Terminated Under the Medicare
Program or Another State Medicaid Program or CHIP
G. Additional Medicare Provider Enrollment Provisions
1. Statutory Changes
2. Proposed Provisions for Additional Medicare Provider
Enrollment
3. Analysis of and Response to Public Comments
4. Final Provisions for Additional Medicare Provider Enrollment
H. Technical and General Comments
III. Collection of Information Requirements
A. ICRs Regarding Medicare Application Fee Hardship Exception
(Sec. 424.514)
B. ICRs Regarding Medicare Fingerprinting Requirement (Sec.
424.518)
C. ICRs Regarding Medicaid Fingerprinting Requirement (Sec.
455.434)
D. ICRs Regarding Suspension of Payments in Cases of Fraud or
Willful Misrepresentation (Sec. 455.23)
E. ICRs Regarding Collection of SSNs and DOBs for Medicaid and
CHIP providers (Sec. 455.104)
F. ICRs Regarding Site Visits for Medicaid-Only or CHIP-Only
Providers (Sec. 455.450)
G. ICRs Regarding the Rescreening of Medicaid Providers Every 5
Years (Sec. 455.414).
IV. Response to Comments
V. Regulatory Impact Analysis
A. Statement of Need
B. Overall Impact
C. Anticipated Effects
1. Medicare
a. Enhanced Screening Procedures--Medicare
b. Application Fee--Medicare
[[Page 5864]]
c. General Enrollment Framework
(1) New Enrollment
(2) Revalidation
2. Medicaid
a. Enhanced Screening Procedures
b. Application Fee--Medicaid
c. General Enrollment Framework
(1) New Enrollments
(2) Re-enrollment
3. Medicare and Medicaid
a. Moratoria on Enrollment of New Medicare Providers and
Suppliers and Medicaid Providers
b. Suspension of Payments in Medicare and Medicaid
D. Accounting Statement and Table
1. Medicare
2. Medicaid
E. Alternatives Considered
1. General Burden Minimization Efforts
2. Fingerprinting
3. Other Suggested Alternatives
F. Conclusion
Regulations Text
I. Background
The Medicare program (title XVIII of the Social Security Act (the
Act)) is the primary payer of health care for 47 million enrolled
beneficiaries. Under section 1802 of the Act, a beneficiary may obtain
health services from an individual or an organization qualified to
participate in the Medicare program. Qualifications to participate are
specified in statute and in regulations (see, for example, sections
1814, 1815, 1819, 1833, 1834, 1842, 1861, 1866, and 1891 of the Act;
and 42 CFR Chapter IV, subchapter G, which concerns standards and
certification requirements).
Providers and suppliers furnishing services must comply with the
Medicare requirements stipulated in the Act and in our regulations.
These requirements are meant to ensure compliance with applicable
statutes, as well as to promote the furnishing of high quality care. As
Medicare program expenditures have grown, we have increased our efforts
to ensure that only qualified individuals and organizations are allowed
to enroll or maintain their Medicare billing privileges.
The Medicaid program (title XIX of the Act) is a joint Federal and
State health care program for eligible low-income individuals providing
coverage to more than 51 million people. States have considerable
flexibility in how they administer their Medicaid programs within a
broad Federal framework and programs vary from State to State.
The Children's Health Insurance Program (CHIP) (title XXI of the
Act) is a joint Federal and State health care program that provides
health care coverage to more than 7.7 million otherwise uninsured
children.
Historically, States, in operating Medicaid and CHIP, have
permitted the enrollment of providers who meet the State requirements
for program enrollment.
The Patient Protection and Affordable Care Act (Pub. L. 111-148),
as amended by the Health Care and Education Reconciliation Act of 2010
(Pub. L. 111-152) (collectively known as the Affordable Care Act or
ACA) makes a number of changes to the Medicare and Medicaid programs
and CHIP that enhance the provider and supplier enrollment process to
improve the integrity of the programs to reduce fraud, waste, and abuse
in the programs.
The following is an overview of some of the statutory authority
relevant to enrollment in Medicare, Medicaid, and CHIP:
Sections 1102 and 1871 of the Act provide general
authority for the Secretary of Health and Human Services (the
Secretary) to prescribe regulations for the efficient administration of
the Medicare program. Section 1102 of the Act also provides general
authority for the Secretary to prescribe regulations for the efficient
administration of the Medicaid program and CHIP.
Section 4313 of the Balanced Budget Act of 1997 (BBA)
(Pub. L. 105-33) amended sections 1124(a)(1) and 1124A of the Act to
require disclosure of both the Employer Identification Number (EIN) and
Social Security Number (SSN) of each provider or supplier, each person
with ownership or control interest in the provider or supplier, any
subcontractor in which the provider or supplier directly or indirectly
has a 5 percent or more ownership interest, and any managing employees
including directors and officers of corporations and non-profit
organizations and charities. The ``Report to Congress on Steps Taken to
Assure Confidentiality of Social Security Account Numbers as required
by the Balanced Budget Act'' was signed by the Secretary and sent to
the Congress on January 26, 1999. This report outlines the provisions
of a mandatory collection of SSNs and EINs effective on or after April
26, 1999.
Section 936(a)(2) of the Medicare Prescription Drug,
Improvement, and Modernization Act of 2003 (MMA) (Pub. L. 108-173)
amended the Act to require the Secretary to establish a process for the
enrollment of providers of services and suppliers. We are authorized to
collect information on the Medicare enrollment application (that is,
the CMS-855, (Office of Management and Budget (OMB) approval number
0938-0685)) to ensure that correct payments are made to providers and
suppliers under the Medicare program as established by title XVIII of
the Act.
Section 1902(a)(27) of the Act provides general authority
for the Secretary to require provider agreements under the Medicaid
State Plans with every person or institution providing services under
the State plan. Under these agreements, the Secretary may require
information regarding any payments claimed by such person or
institution for providing services under the State plan.
Section 2107(e) of the Act, which provides that certain
title XIX and title XI provisions apply to States under title XXI,
including 1902(a)(4)(C) of the Act, relating to conflict of interest
standards.
Section 1903(i)(2) of the Act relating to limitations on
payment.
Section 1124 of the Act relating to disclosure of
ownership and related information.
Sections 6401, 6402, 6501, and 10603 of the ACA and 1304
of the Health Care and Education Reconciliation Act (Pub. L. 111-152)
amended the Act by establishing: (1) Procedures under which screening
is conducted for providers of medical or other services and suppliers
in the Medicare program, providers in the Medicaid program, and
providers in the CHIP; (2) an application fee to be imposed on
providers and suppliers; (3) temporary moratoria that the Secretary may
impose if necessary to prevent or combat fraud, waste, and abuse under
the Medicare and Medicaid programs and CHIP; (4) requirements that
State Medicaid agencies must terminate any provider that is terminated
by Medicare or another State plan; (5) requirements for suspensions of
payments pending credible allegations of fraud in both the Medicare and
Medicaid programs.
II. Proposed Provisions and Responses to Public Comments
We received approximately 300 timely pieces of correspondence
containing multiple comments on the Additional Screening Requirements,
Application Fees, Temporary Enrollment Moratoria, Payment Suspensions
and Compliance Plans for Providers and Suppliers proposed rule
published September 23, 2010 (75 FR 58204). We note that we received
some comments that were outside the scope of the proposed rule. These
comments are not addressed in this final rule with comment period.
Summaries of the public comments that are within the scope of the
proposals and our responses to those comments are set forth in the
various sections of this final rule with comment period under the
appropriate headings.
[[Page 5865]]
A. Provider Screening Under Medicare, Medicaid, and CHIP
1. Statutory Changes
Section 6401(a) of the ACA, as amended by section 10603 of the ACA,
amends section 1866(j) of the Act to add a new paragraph, paragraph
``(2) Provider Screening.'' Section 1866(j)(2)(A) of the Act requires
the Secretary, in consultation with the Department of Health of Human
Services' Office of the Inspector General (HHS OIG), to establish
procedures under which screening is conducted with respect to providers
of medical or other items or services and suppliers under Medicare,
Medicaid, and CHIP. Section 1866(j)(2)(B) of the Act requires the
Secretary to determine the level of screening to be conducted according
to the risk of fraud, waste, and abuse with respect to the category of
provider of medical or other items or services or supplier. The
provision states that the screening shall include a licensure check,
which may include such checks across State lines; and the screening
may, as the Secretary determines appropriate based on the risk of
fraud, waste, and abuse, include a criminal background check;
fingerprinting; unscheduled or unannounced site visits, including pre-
enrollment site visits; database checks, including such checks across
State lines; and such other screening as the Secretary determines
appropriate. Section 1866(j)(2)(C) of the Act requires the Secretary to
impose a fee on each institutional provider of medical or other items
or services or supplier that would be used by the Secretary for program
integrity efforts including to cover the cost of screening and to carry
out the provisions of sections 1866(j) and 1128J of the Act. We
discussed the fee in section II.B. of the proposed rule.
Section 6401(b) of the ACA amends section 1902 of the Act to add
new paragraph (a)(77) and (ii), which requires States to comply with
the process for screening providers and suppliers as established by the
Secretary under 1866(j)(2) of the Act.\1\ Note that section 6401(b) of
the ACA erroneously added a duplicate section 1902(ii) to the Act.
Therefore, in the Medicare and Medicaid Extenders Act of 2010 (Pub. L.
111-309), the Congress enacted a technical correction to redesignate
the section 1902(ii) of the Act added by section 6401(b) of ACA as
section 1902(kk) of the Act. In this regulation, we therefore reference
section 1902(kk) of the Act when referring to the provisions added by
section 6401(b) of the ACA.
---------------------------------------------------------------------------
\1\ We believe that the reference to section 1886(j)(2) of the
Act in section 6401(b)(1) of the ACA is a scrivener's error. We
believe the Congress intended to refer to section 1866(j)(2) of the
Act, which, as amended by section 6401(a) of the ACA, requires the
Secretary to establish a process for screening providers and
suppliers. Because the drafting error is apparent, and a literal
reading of the reference to section 1886(j)(2) of the Act would
produce absurd results, we interpret the cross-reference to section
1886(j)(2) in the new section 1902(kk) of the Act as if the
reference were to section 1866(j)(2).
---------------------------------------------------------------------------
We noted in the proposed rule that the statute uses the terms
``providers of medical or other items or services,'' ``institutional
providers,'' and ``suppliers.'' The Medicare program enrolls a variety
of providers and suppliers, some of which are referred to as
``providers of services,'' ``institutional providers,'' ``certified
providers,'' ``certified suppliers,'' and ``suppliers.'' In Medicare,
the term ``providers of services'' under section 1861(u) of the Act
means health care entities that furnish services primarily payable
under Part A of Medicare, such as hospitals, home health agencies
(including home health agencies providing services under Part B),
hospices, and skilled nursing facilities. The term ``suppliers''
defined in section 1861(d) of the Act refers to health care entities
that furnish services primarily payable under Part B of Medicare, such
as independent diagnostic testing facilities (IDTFs), durable medical
equipment prosthetics, orthotics, and supplies (DMEPOS) suppliers, and
eligible professionals, which refers to health care suppliers who are
individuals, that is, physicians and the other professionals listed in
section 1848(k)(3)(B) of the Act. For Medicaid and CHIP, we use the
terms ``providers'' or ``Medicaid providers'' or ``CHIP providers''
when referring to all Medicaid or CHIP health care providers, including
individual practitioners, institutional providers, and providers of
medical equipment or goods related to care. The term ``supplier'' has
no meaning in the Medicaid program or CHIP.
The new screening procedures implemented pursuant to new section
1866(j)(2) of the Act are applicable to newly enrolling providers and
suppliers, including eligible professionals, beginning on March 25,
2011. These new procedures are applicable to currently enrolled
Medicare, Medicaid, and CHIP providers, suppliers, and eligible
professionals beginning on March 23, 2012. These new screening
procedures implemented pursuant to new section 1866(j)(2) of the Act
are applicable beginning on March 25, 2011 for those providers and
suppliers currently enrolled in Medicare, Medicaid, and CHIP who
revalidate their enrollment information. Within Medicare, the March 25,
2011 implementation date will impact those current providers and
suppliers whose 5-year revalidation cycle (or 3-year revalidation cycle
for DMEPOS suppliers) results in revalidation occurring on or after
March 25, 2011 and before March 23, 2012.
The requirements for revalidation are discussed in Sec. 424.515.
It is important to note that revalidation--for purposes of both
provider enrollment in general and this final rule with comment
period--does not include routine changes of information as described in
Sec. 424.516(d) and (e), such as address changes or changes in phone
number.
2. Summary of Existing Screening Measures
Before we outline the new measures we are finalizing under the ACA,
it may be helpful to provide a summary of some of the screening
measures already being utilized in Medicare, Medicaid, and CHIP.
Pursuant to other authority, but with the notable exception of
background checks and fingerprinting, Medicare, generally through
private contractors, already employs a number of the screening
practices described in section 1866(j)(2)(B) of the Act to determine if
a provider or supplier is in compliance with Federal and State
requirements to enroll or to maintain enrollment in the Medicare
program.
We also believe it important to note that nothing in this rule is
intended to abridge our established screening authority under existing
statutes and regulations or to diminish the screening that providers
and suppliers currently undergo. To the contrary; the provisions
specified in this final rule with comment period are intended to
enhance our existing authority. This rule's provisions, in other words,
set ``floors''--not ceilings--on enrollment requirements for each
screening level.
a. Licensure Requirements--Medicare and Medicaid
Over the past several years, we have taken a number of steps to
strengthen our ability to deny or revoke Medicare billing privileges
when providers or suppliers do not have or do not maintain the
applicable State licensure requirements for their provider or supplier
type or profession. We established reporting responsibilities for all
providers, suppliers, and eligible professionals in earlier regulations
at Sec. 424.516(b) through (e). To ensure that only qualified
providers and suppliers remain in the Medicare fee-for-service (FFS)
program, we require that Medicare
[[Page 5866]]
contractors review State licensing board data on a monthly basis to
determine if providers and suppliers remain in compliance with State
licensure requirements. Medicare billing privileges would be revoked
for those providers and suppliers who do not report a final adverse
action (for example, license revocation or suspension, felony
conviction) within the applicable reporting period, as required in
Sec. 424.516(b) through (e). Medicare suppliers of DMEPOS and IDTFs
are already subject to similar provisions in Sec. 424.57(c) and Sec.
410.33(g), respectively. DMEPOS suppliers are also subject to
additional requirements including accreditation and surety bonding,
pursuant to Sec. 424.57(c)(22) through (26) and Sec. 424.57(d).
Medicare Advantage organizations (MAOs) are required to verify
licensure of providers and suppliers, including physicians and other
health care professionals, in accordance with Sec. 422.204.
For Medicaid and CHIP, most States do some checking of in-State
provider licenses, but the extent of scrutiny varies. For example, in
some States, the existence of the license may be verified, but little
attention might be given to any restrictions on the license.
b. Site Visits--Medicare
Pursuant to Sec. 424.517, Medicare conducts the following site
visits and takes the following actions, generally through private
contractors under CMS direction:
The National Supplier Clearinghouse (NSC) Medicare
Administrative Contractor (the Medicare contractor that processes
enrollment applications for suppliers of DMEPOS) conducts pre-
enrollment site visits to DMEPOS suppliers that are not associated with
a chain supplier of DMEPOS (a chain supplier of DMEPOS is a supplier
with 25 or more distinct practice locations.)
The NSC also conducts unannounced post-enrollment site
visits to DMEPOS suppliers for which CMS or the NSC believes there is a
likelihood of fraudulent or abusive activities to ensure those DMEPOS
suppliers remain in compliance with the supplier standards found at
Sec. 424.57(c). CMS at times exercises its right to--
Have the NSC conduct ad hoc pre- and post-enrollment site
visits to any DMEPOS supplier;
Have Medicare contractors conduct pre-enrollment site
visits to all IDTFs; and
Conduct ad hoc pre-and post enrollment site visits to any
prospective Medicare provider and supplier or any enrolled Medicare
provider or supplier.
In addition, under 42 CFR parts 488 and 489, a State survey agency
or an approved national accreditation organization with deeming
authority conducts pre-enrollment surveys for certified providers and
suppliers to determine whether they meet the applicable Federal
conditions and requirements for their provider or supplier type before
they can participate in the Medicare program.
We note that the site visits discussed here and elsewhere within
this preamble and the final regulations are separate and apart from the
site visits that are conducted pursuant to the Clinical Laboratory
Improvement Amendments (CLIA). We will work with our State survey
agency partners in coordinating these site visits so as to avoid
duplication and burden on providers.
c. Database Checks--Medicare
Under existing regulation, Medicare contractors employ database
checks of eligible professionals, owners, authorized officials,
delegated officials, managing employees, medical directors, and
supervising physicians (at IDTFs and laboratories) as part of the
Medicare provider and supplier enrollment process. These include
database checks with the Social Security Administration (SSA) (to
verify an individual's SSN), the National Plan and Provider Enumeration
System (NPPES) to verify the National Provider Identifier (NPI) of an
eligible professional, and State licensing board checks to determine if
an eligible professional is appropriately licensed to furnish medical
services within a given State. These checks also include checking a
provider or supplier against the HHS OIG's List of Excluded
Individuals/Entities (LEIE) and the General Service Administration's
Excluded Parties List System (EPLS). All of the database checks have
been used to assess the eligibility and qualifications of providers and
suppliers to enroll in the Medicare program, to confirm the identity of
an eligible professional to ensure that he or she may be considered for
enrollment in the Medicare program.
Also, on a monthly basis, CMS' Medicare contractors systematically
compare enrolled providers, suppliers, and eligible professionals
against the information in the Medicare Exclusions Database. The
Medicare Exclusions Database identifies providers, suppliers, and
eligible professionals who have been excluded from the Medicare and
Medicaid programs by the HHS OIG. When a match is found, the HHS OIG
exclusion information is systematically noted in the Medicare
enrollment record of the provider, supplier, or eligible professional.
In the Medicare program, we deny or revoke the billing privileges of
providers, suppliers, and eligible professionals who have been excluded
by the HHS OIG. If the HHS OIG lifts the exclusion, the provider,
supplier or eligible professional must reapply for enrollment in the
Medicare program. In addition, Medicare contractors also review State
licensure Web sites on a monthly basis to ensure that eligible
professionals continue to meet State licensing requirements.
In addition, since January 2009, we have compared date of death
information obtained from the Social Security Administration Death
Master File (SSA DMF) with the information maintained in the National
Plan and Provider Enumeration System (NPPES), the system that assigns
an NPI to individuals and organizations. Based on this comparison and
the subsequent verification, we have deactivated the NPIs of more than
11,500 individuals who were previously assigned a type 1 (individual)
NPI. We automatically transfer this information from NPPES to the
Provider Enrollment, Chain, and Ownership System (PECOS), CMS' national
Medicare enrollment repository to deactivate a deceased individual's
Medicare billing privileges. In addition, Medicare contractors are
required to review and act upon monthly files that contain a list of
non-practitioner individuals enrolled in the Medicare program who have
been reported to the SSA as deceased. These individuals include:
Owners, authorized officials, and delegated officials.
MAOs, as required by Sec. 422.204, generally use database checks
to verify licensure and licensure sanctions and limitations with State
licensing boards and the Federation of State Medical Boards, DEA
certificates with the National Technical Information Service (NTIS),
history of adverse professional review actions and malpractice from the
National Practitioner Data Bank (NPDB), accreditation status of
institutional providers and suppliers with national accrediting boards,
such as The Joint Commission (TJC), and search for HHS OIG exclusions
using the HHS OIG Web site https://oig.hhs.gov/fraud/exclusions/exclusions_list.asp.
d. Criminal Background Checks--Medicare
Section 6401(a) of the ACA amended Section 1866(j) of the Act
authorized the Secretary to perform criminal background checks. As
described in Sec. 424.530(a) and Sec. 424.535(a), CMS or its
[[Page 5867]]
designated Medicare contractor may deny or revoke the Medicare billing
privileges of the owner of a provider or supplier, a physician or non-
physician practitioner, and terminate any corresponding provider or
supplier agreement for a number of reasons, including an exclusion from
the Medicare, Medicaid, and any other Federal health care program, a
felony within the preceding 10 years that is considered detrimental to
the Medicare program, and/or submission of false or misleading
information on the Medicare enrollment application. While we require
our Medicare contractors to verify data submitted on, and as part of,
the Medicare provider/supplier enrollment application, our contractors
are not able to verify information that may have been purposefully
omitted or changed in a manner to obfuscate any previous criminal
activity. A 2005 report issued by the National Task Force on the
Criminal Backgrounding of America, sponsored by the Bureau of Justice
Statistics and the U.S. Department of Justice, defined a Criminal
History Record Check as a check that returns records from official
criminal repositories (meaning State repositories and the Federal
Bureau of Investigations (FBI) Interstate Identification Index that
links Federal and State criminal record systems), and the FBI uses the
same terminology. For purposes of responding to comments in this
document we use the term criminal history record check to mean criminal
background checks when referring to such fingerprint-based checks.
Criminal History Record Checks have not been historically used in the
FFS Medicare enrollment screening process.
e. Medicare MAO Requirements
As mentioned earlier in this section, MAOs already employ a number
of screening procedures in accordance with regulations and CMS manual
instructions. Specifically, under Sec. 422.204(b)(3) in the case of
providers meeting the definition of ``provider of services'' in section
1861(u) of the Act, basic benefits may only be provided through
providers if they have a provider agreement with us permitting them to
furnish services under original Medicare. With respect to other
entities like suppliers, Sec. 422.204(b)(3) requires that they ``meet
the applicable requirements of title XVIII and Part A of title XI of
the Act.'' Given these requirements we considered to what extent MAOs
would be required to apply the identical screening requirements we
proposed for the original Medicare program or whether substantively
similar alternative approaches adopted by MAOs would be acceptable.
Accordingly, we solicited public comments on whether or to what extent
MAOs should be required to implement the same enhanced screening
requirements for providers, suppliers and physicians that we proposed
for the original Medicare program.
f. Fingerprinting--Medicare
Previous to this final rule with comment period fingerprinting and
fingerprint-based criminal history record information from the FBI was
not used in the Medicare enrollment screening process.
g. Screening--Medicaid and CHIP
States vary in the degree to which they employ screening methods
such as unscheduled and unannounced site visits and database checks,
including such checks across State lines, criminal background checks,
and fingerprinting. However, at least a few States utilize each of
those methods.
States also varied in what they require their managed care entities
(MCEs) \2\ to do in terms of screening network-level providers that are
not also enrolled in the Medicaid program as FFS providers. We
considered to what extent States must require their MCEs to apply the
identical screening requirements we proposed for the States or whether
substantively similar alternative approaches adopted by MCEs are
acceptable. Accordingly, we solicited public comments on whether or to
what extent MCEs should be required to implement the same enhanced
screening requirements for Medicaid and CHIP providers that we proposed
for State Medicaid and CHIP programs.
---------------------------------------------------------------------------
\2\ For purposes of this preamble and the final regulations,
``managed care entity'' and ``MCE'' will have the meaning Medicaid
managed care organization (MCO), primary care case manager (PCCM),
prepaid inpatient health plan (PIHP), prepaid ambulatory health plan
(PAHP), and health insuring organization (HIO). This definition
differs from the meaning in section 1932(a)(1)(B) of the Social
Security Act, which limits MCEs to Medicaid MCOs and PCCMs. We are
using a more inclusive definition for the regulation so that all
those entities in States' managed care programs will provide
disclosure information.
---------------------------------------------------------------------------
We again stress that the provider enrollment verification tools
that we are currently using--including, but not limited to, those
described previously--will not in any way be diminished as a result of
this final rule with comment period. In other words, the validation
techniques in this rule do not supplant those that are presently in
use.
3. General Screening of Providers--Medicare
a. Proposed Screening Requirements
Section 1866(j)(2)(B) of the Act requires the Secretary to
determine the level of screening applicable to providers and suppliers
according to the risk of fraud, waste, and abuse the Secretary
determines is posed by particular provider and supplier categories.
In considering how to establish consistent screening standards, we
proposed to designate provider and supplier categories that are subject
to certain screening procedures based on CMS' assessment of fraud,
waste and abuse risk of the provider or supplier category, taking into
consideration a variety of factors. These factors include our own
experience with claims data used to identify fraudulent billing
practices as well as the expertise developed by our contractors charged
with investigating and identifying instances of Medicare fraud across a
broad spectrum of providers. In addition, CMS has relied on insights
gained from numerous studies conducted by the HHS-OIG, GAO, and other
sources. We have designated categories of providers or suppliers (for
example, ``newly enrolling DME suppliers'' or ``currently enrolled home
health agencies'') that are subject to screening procedures based on
our assessment of the level of screening based on the risk presented by
the category of provider. There are three levels of screening and
associated risk: ``limited,'' ``moderate'' and ``high,'' and each
provider/supplier category is assigned to one of these three screening
levels. The categories described below and associated risk levels
assigned are designed to identify those categories of providers and
suppliers that pose a risk of fraud, waste, and abuse.
The screening procedures applicable to each screening level are set
by us and are included in this final rule with comment period. Under
this approach, the relevant Medicare contractor (for example, fiscal
intermediary, regional home health intermediary, carriers, Part A or
Part B Medicare Administrative Contractor (A/B MAC), or the NSC
Administrative Contractor) would utilize the screening tools mandated
by us for the screening level assigned to a particular provider or
supplier category.
We solicited comments on the proposed assignment of specific
provider and supplier types to the proposed risk screening levels,
including what criteria should be considered in making such
assignments, whether such assignments should be
[[Page 5868]]
released publicly, whether they should be subject to agency review and
updated according to an established schedule (that is, annually, bi-
annually), and the extent to which they should be updated according to
evolving risks. We also solicited comments on any additional database
checks that we should consider as a type of screening.
Based on the level of screening assigned, we proposed that the
Medicare contractors would establish and conduct the following
categorical screenings.
Table 1--Proposed Screening Levels and Procedures for Medicare Physicians, Non-Physician Practitioners,
Providers, and Suppliers
----------------------------------------------------------------------------------------------------------------
Type of screening required Limited Moderate High
----------------------------------------------------------------------------------------------------------------
Verification of any provider/supplier[dash]specific X X X
requirements established by Medicare........................
Conduct license verifications, (may include licensure checks X X X
across States)..............................................
Database Checks (to verify Social Security Number (SSN), the X X X
National Provider Identifier (NPI), the National
Practitioner Data Bank (NPDB) licensure, an OIG exclusion;
taxpayer identification number; tax delinquency; death of
individual practitioner, owner, authorized official,
delegated official, or supervising physician)...............
Unscheduled or Unannounced Site Visits....................... ............... X X
Criminal Background Check.................................... ............... ............... X
Fingerprinting............................................... ............... ............... X
----------------------------------------------------------------------------------------------------------------
As described previously, we already require Medicare contractors to
ensure that every provider or supplier meets any applicable Federal
regulations or State requirements, including applicable licensure
requirements \3\ for the provider or supplier type prior to making an
enrollment determination. In addition, we also require that Medicare
contractors conduct monthly reviews of State licensing board actions to
determine if an individual practitioner, such as a physician or non-
physician practitioner continues to meet State licensing requirements.
In the case of organizational entities, we also require our Medicare
contractors to conduct monthly or periodic checks to determine if an
organizational entity continues to meet the Federal and State
requirements for its provider or supplier type. Such verifications help
ensure that a prospective provider or supplier is eligible to
participate in the Medicare program or that an existing provider or
supplier is eligible to maintain its Medicare billing privileges.
---------------------------------------------------------------------------
\3\ We note that under section 408 of the reauthorized Indian
Health Care Improvement Act, ``[a]ny requirement for participation
as a provider of health care services under a Federal health care
program that an entity be licensed or recognized under the State or
local law where the entity is located to furnish health care
services shall be deemed to have been met in the case of an entity
operated by the [Indian Health] Service, an Indian tribe, tribal
organization, or urban Indian organization if the entity meets all
the applicable standards for such licensure or recognition,
regardless of whether the entity obtains a license or other
documentation under such State or local law.'' 25 U.S.C. 1647a.
---------------------------------------------------------------------------
Previous to this final rule with comment period, in the Medicare
program, DMEPOS suppliers were required to re-enroll every 3 years, and
other providers were required to revalidate their enrollment every 5
years. The terms revalidation and re-enrollment were often used
interchangeably, but are actually specific to these provider types. To
eliminate any confusion about which term applies to which provider or
supplier, we proposed language at Sec. 424.57(e) to change all
references from re-enroll or re-enrollment to revalidate or
revalidation. In addition, the ACA requires that no provider or
supplier shall be allowed to enroll in Medicare or revalidate its
enrollment in Medicare after March 23, 2013 without being screened
pursuant to the authorities covered by this final rule with comment
period. To assist us in assuring that the statutory effective date is
met, we proposed at Sec. 424.515 to permit us to require that a
provider or supplier revalidate its enrollment at any time. After the
revalidation, the current cycle for revalidation (3 years for DMEPOS,
and 5 years for all other providers) would apply.
(1) Limited
Based on our own analysis of historical trends and our own
experience with provider screening and enrollment we proposed that, as
a category, the following providers and suppliers pose a limited risk
to the Medicare program: Physician or non-physician practitioners and
medical groups or clinics; providers or suppliers that are publicly
traded on the NYSE or NASDAQ; ambulatory surgical centers (ASCs); end-
stage renal disease (ERSD) facilities; Federally qualified health
centers (FQHCs); histocompatibility laboratories; hospitals, including
critical access hospitals (CAHs); Indian Health Service (IHS)
facilities; mammography screening centers; organ procurement
organizations (OPOs); mass immunization roster billers, portable x-ray
suppliers; religious nonmedical health care institutions (RNHCIs);
rural health clinics (RHCs); radiation therapy centers; skilled nursing
facilities (SNFs), and public or government-owned ambulance services
suppliers.
In Sec. 424.518(a), we proposed that the following screening tools
will apply to providers and suppliers in categories designated as
limited risk: (1) Verification that a provider or supplier meets any
applicable Federal regulations, or State requirements for the provider
or supplier type prior to making an enrollment determination; (2)
verification that a provider or supplier meets applicable licensure
requirements; and (3) database checks on a pre- and post-enrollment
basis to ensure that providers and suppliers continue to meet the
enrollment criteria for their provider/supplier type.
To assist readers in understanding the type of providers and
suppliers that we proposed to include in the limited risk screening
level, we are providing the following table.
Table 2--Proposed Medicare Providers and Suppliers Designated as a
``Limited'' Categorical Risk for Screening Purposes
------------------------------------------------------------------------
Provider/supplier category
-------------------------------------------------------------------------
Physician or non[dash]physician practitioners and medical groups or
clinics.
Providers or suppliers that are publicly traded on the NYSE or NASDAQ.
[[Page 5869]]
Ambulatory surgical centers, end[dash]stage renal disease facilities,
Federally qualified health centers, histocompatibility laboratories,
hospitals, including critical access hospitals, Indian Health Service
facilities, mammography screening centers, organ procurement
organizations, mass immunization roster billers, portable x[dash]ray
supplier, religious non[dash]medical health care institutions, rural
health clinics, radiation therapy centers, skilled nursing facilities,
and public or government[dash]owned or [dash]affiliated ambulance
service suppliers.
------------------------------------------------------------------------
(2) Moderate
Based on our experience, we proposed that community mental health
centers (CMHCs); comprehensive outpatient rehabilitation facilities
(CORFs); hospice organizations; independent diagnostic testing
facilities (IDTFs); independent clinical laboratories; and non-public,
non-government owned or affiliated ambulance services suppliers pose a
moderate risk to the Medicare program. However, we provided that any
such provider or supplier that is publicly traded on the NYSE or NASDAQ
would be considered limited risk. Furthermore, we proposed that
currently enrolled (revalidating) home health agencies would be
considered ``moderate'' risk, except any such provider that is publicly
traded on the NYSE or NASDAQ would be considered limited risk. Finally,
we proposed that currently enrolled (re-validating) suppliers of DMEPOS
pose a moderate risk, except that any such supplier that is publicly
traded on the NYSE or NASDAQ would be considered ``limited'' risk. We
provide our rationale for these categories in this section below.
For those provider and supplier categories in the ``moderate''
screening level, we proposed that Medicare contractors would conduct
unannounced pre- and/or post-enrollment site visits in addition to
those screening tools applicable to the limited level of screening.
Based on the success of pre-and/or post enrollment site visits
conducted by the NSC during the enrollment process for suppliers of
DMEPOS and a similar process established by carriers and A/B MACs
during the enrollment of IDTFs, we believe that unscheduled and
unannounced pre-and post-enrollment site visits help ensure that
suppliers are operational and meet applicable supplier standards or
performance standards. In addition, we believe that unscheduled and
unannounced pre-and post-enrollment site visits are an essential tool
in determining whether a provider or supplier is in compliance with its
reporting responsibilities, including the requirement in Sec. 424.516
to notify the Medicare contractor of any change of practice location.
Moreover, Sec. 424.530(a)(5) and Sec. 424.535(a)(5) give us the
authority to deny or revoke Medicare billing privileges for providers
and suppliers if the provider or supplier is not operational or the
provider does not maintain the established provider or supplier
performance standards. And while we do not believe that unscheduled or
unannounced site visits are necessary for all providers and suppliers,
we do believe that a number of businesses, like the ones mentioned
below, pose an increased risk to the Medicare program, due at least in
part to the lack of individual professional licensure.
In addition, as discussed below, we have found that certain types
of providers and suppliers that easily enter a line or business without
clinical or business experience--for example, by leasing minimal office
space and equipment--present a higher risk of possible fraud to our
programs. As such, we believe that because these types of providers
pose an increased risk of fraud they should be subject to substantial
scrutiny before being permitted to enroll and bill Medicare, Medicaid,
or CHIP. This type of pre-enrollment scrutiny will help us move away
from the ``pay and chase'' approach.
Most of the provider and supplier categories in the moderate
screening level are generally highly dependent on Medicare, Medicaid,
or CHIP to pay their salaries and other operating expenses and are
subject to less additional government or professional oversight than
the providers and suppliers in the limited risk screening level.
Accordingly, we believe it is appropriate and necessary to conduct
unscheduled and unannounced pre-enrollment site visits to ensure that
these prospective providers and suppliers meet our enrollment
requirements prior to enrolling in the Medicare program. Moreover, we
believe that post-enrollment site visits are also important to ensure
that the enrolled provider or supplier remains a viable health care
provider or supplier in the Medicare program.
Accordingly, we proposed in Sec. 424.518(b) that in addition to
the categorical screening tools used with respect to limited risk
providers and suppliers, Medicare contractors would conduct unannounced
and unscheduled site visits prior to enrolling the providers and
suppliers assigned to the moderate risk screening level, as set forth
earlier in this Section.
In the proposed rule, we set forth our rationale for the assessment
of risk ascribed to the providers and suppliers assigned to the
``moderate'' level of screening. First, we noted that HHS OIG and GAO
have issued studies indicating that several of the provider and
supplier types cited previously pose an elevated risk of fraud, waste
and abuse to the Medicare and Medicare programs and CHIP. In an October
2007 report titled, ``Growth in Advanced Imaging Paid under the
Medicare Physician Fee Schedule'' (OEI-01-06-00260), the HHS OIG
recommended that CMS consider conducting site visits to monitor IDTFs'
compliance with Medicare requirements.'' In addition, in an April 2007
report titled, ``Medicare Hospices: Certification and Centers for
Medicare & Medicaid Services Oversight'' (OEI-06-05-00260), the HHS OIG
recommended that CMS seek legislation to establish additional
enforcement remedies for poor hospice performance. In response to this
recommendation, CMS stated that it was considering whether to pursue
new enforcement remedies for poor hospice performance. While the
Medicare enrollment process is not designed to verify the conditions of
participation, we do believe that more frequent onsite visits may help
identify those hospice organizations that are no longer operational at
the practice location identified on the Medicare enrollment
application.
In a January 2006 report titled, ``Medicare Payments for Ambulance
Transports'' (OEI-05-02-000590), the HHS OIG found that ``25 percent of
ambulance transports did not meet Medicare's program requirements,
resulting in an estimated $402 million in improper payments.''
In an August 2004 report titled, ``Comprehensive Outpatient
Rehabilitation Facilities: High Medicare Payments in Florida Raise
Program Integrity Concerns'' (GAO-04-709), the GAO concluded that,
``[s]izeable disparities between Medicare therapy payments per patient
to Florida CORFs and other facility-based outpatient therapy providers
in 2002--with no clear indication of differences in patient needs--
raise questions about the appropriateness of CORF billing practices.
After finding high rates of medically unnecessary therapy services to
CORFs, CMS's claims administration
[[Page 5870]]
contractor for Florida took steps to ensure appropriate claim payments
for a small, targeted group of CORF patients. Despite its limited
success, billing irregularities continued among some CORFs and many
CORFs continued to receive relatively high payments the following year.
This suggests that the contractor's efforts were too limited in scope
to be effective with all CORF providers.''
In addition to GAO and HHS OIG studies and reports, a number of
Zone Program Integrity Contractors (ZPIC) and Program Safeguard
Contractors (PSC) used by CMS in helping to fight fraud in Medicare,
have taken a number of administrative actions including payment
suspensions and increased medical review, for the provider and supplier
types shown previously. For example, the Zone 7 ZPIC contractor in
South Florida has conducted onsite reviews at 62 CORFs since January
2010 and recommended revocation for 51 CORFs, or 82 percent of the
CORFS in the area. The same contractor has conducted an onsite reviews
at 38 CMHCs located in Dade, Broward, and Palm Beach County since
January 2010, and recommended that 30 CMHCs be revoked for
noncompliance (79 percent of the CMHCs in the area). In each instance
where the ZPIC requested a revocation, the CMHC was also placed on
prepay review. We have also conducted an analysis of IDTF licensure
requirements and have found several circumstances that indicate
irregularity and potential risk of fraud. Although independent clinical
laboratories are subject to survey against CLIA requirements, there are
nonetheless a number of potentials for fraud, not the least of which is
the sheer volume of service and associated billing generated by these
entities.
We believe that there is ample evidence to support the use of post-
enrollment site visits as a reliable and effective tool to ensure that
a current supplier of DMEPOS remains operational and continues to meet
the supplier standards found in Sec. 424.57(c). In a March 2007 report
titled, ``Medical Equipment Suppliers Compliance with Medicare
Enrollment Requirements'' (OEI-04-05-00380), the HHS OIG concluded
that, ``By helping to ensure the legitimacy of DMEPOS suppliers, out-
of-cycle site visits may help to prevent fraud, waste, and abuse in the
Medicare program. CMS may want to consider the findings of our study as
they determine how and to what extent out-of-cycle site visits of
DMEPOS suppliers will occur.'' Today, the NSC MAC utilizes post-
enrollment site visits as the primary screening to determine ongoing
compliance with the enrollment criteria set forth in Sec. 424.57(c).
Therefore, we have included currently enrolled DMEPOS suppliers in the
``moderate'' category.
We also noted that, in addition to the new screening measures
proposed in the proposed rule under the existing regulation at Sec.
424.517, a Medicare contractor may conduct an unannounced or
unscheduled site visit at any time for any provider or supplier type
prior to enrolling a prospective provider or supplier or for any
existing provider or supplier enrolled in the Medicare program. While
the primary purpose of an unannounced and unscheduled site visit is to
ensure that a provider or supplier is operational at the practice
location found on the Medicare enrollment application, a Medicare
contractor may also verify established supplier standards or
performance standards other than conditions of participation (CoP)
subject to survey and certification by the State Survey agency, where
applicable, to ensure that the supplier remains in compliance with
program requirements.
To assist readers in understanding the type of providers and
suppliers that we proposed to be in the ``moderate'' risk screening
level, we are providing the following table.
Table 3--Proposed Medicare Providers and Suppliers Designated as a
``Moderate'' Categorical Risk for Screening Purposes
------------------------------------------------------------------------
Provider/supplier category
-------------------------------------------------------------------------
Community mental health centers; comprehensive outpatient rehabilitation
facilities; hospice organizations; independent diagnostic testing
facilities; independent clinical laboratories; and non-public, non-
government owned or affiliated ambulance services suppliers. (Except
that any such provider or supplier that is publicly traded on the NYSE
or NASDAQ is considered ``limited'' risk.)
Currently enrolled (revalidating) home health agencies. (Except that any
such provider that is publicly traded on the NYSE or NASDAQ is
considered ``limited'' risk.)
Currently enrolled (re[dash]validating) suppliers of DMEPOS. (Except
that any such supplier that is publicly traded on the NYSE or NASDAQ is
considered ``limited'' risk.)
---------------------------------------------