Not all Medicare reviews are created equal, and knowing which Centers for Medicare and Medicaid Services (”CMS”) contractor is looking into your business operations determines how you respond. In DME, a routine education-oriented probe from your Medicare Administrative Contractor (”MAC”) looks nothing like a UPIC fraud investigation that can trigger payment suspension and law-enforcement referrals. Treating every letter the same is how suppliers lose revenue and momentum. Instead, you should match the response to each government probe into your business operations with the amount of attention that it deserves.

Targeted Probe and Educate (”TPE”)

TPE is the MAC’s coaching tool, not a criminal referral. CMS instructs MACs to pull a small sample, typically 20–40 claims per round, for up to three rounds, deliver one-on-one education after each round, and stop the review if your error rate improves. If problems persist, the MAC can escalate you to tougher actions (additional rounds, 100% prepayment review, extrapolation, or referral to another contractor). A supplier who organizes records, accepts education, and corrects process gaps usually exits TPE without long-term damage.

Supplemental Medical Review Contractor (”SMRC”) Review

The SMRC runs national, CMS-directed projects that target specific issues with high improper-payment risk across all jurisdictions. The current SMRC, Noridian Healthcare Solutions, issues Additional Documentation Requests, inquires regarding medical necessity and coverage criteria against CMS policy, and reports findings back to CMS for potential recoupment or broader action. Your response should read like a appeal: complete medical records, coverage citations, proof of delivery, supplier-standard compliance, and a clean index that ties each document to the claim line under review.

Unified Program Integrity Contractor (”UPIC”) Audits

UPIC Audits are serious. UPICs investigate suspected fraud, waste, and abuse across Medicare and Medicaid, coordinate with the office of the Inspector General (”OIG”) and DOJ, and can move CMS to suspend payments when there’s “reliable information” of an overpayment or a credible allegation of fraud. UPIC work ranges from broad data mining and record pulls to field work and referrals; it is designed to protect the Trust Funds, not to tutor billing staff. If a UPIC notice lands, preserve records, stop ad-hoc phone calls, and engage counsel to manage communications and frame the legal issues before the case hardens.

Why the distinctions matter in DME

A TPE letter means fixable documentation or coverage gaps (think proof-of-delivery, medical necessity, or supplier-standards alignment) often solvable through education and process changes. An SMRC project signals a national focus area where CMS wants consistent rules applied; your submission must be detailed and technical. A UPIC inquiry is different and demands much greater detail and preparation in response: payment suspension rules under 42 C.F.R. § 405.371 are in play, timelines accelerate, and missteps (like informal admissions or incomplete productions) can snowball into extrapolated recoupments or law-enforcement referrals. Calibrate your tone, content, and escalation path to the contractor that reached out to you.

A proactive strategy for any audit

Keep delivery evidence and medical records retrievable by claim number; and practice “audit drills” so your team can assemble a TPE packet in days and an SMRC packet in weeks. Reserve UPIC communications for your legal counsel, who can coordinate with the contractor, manage deadlines, and position the record for any payment-suspension or referral decisions spelled out in CMS’s Program Integrity Manual. The contractor who reached out to your business will certainly vary, from MAC to SMRC to UPIC, but disciplined documentation and filing procedures, and legal counsel support can protect your billing privileges and your DME enrollment

Health Law Alliance represents DME suppliers in TPE, SMRC, and UPIC matters nationwide. If you’ve received a request or notice, we can triage the contractor, stabilize the timeline, and build the defense appropriate to that review, before small problems become program-threatening ones.