Medicare audits can lead to severe financial penalties and compliance risks for healthcare providers. Without expert legal representation, your practice may face unwarranted sanctions or worse. At Health Law Alliance, we specialize in defending healthcare providers during Medicare audits. Our experienced team helps you navigate the audit process, mitigate risks, and defend your reputation.
As Seen On
In the meantime, why not find out more about us or visit our blog.
Alternatively, give us a call at (800) 345 - 4125
Healthcare Specialty Attorneys and Consultants - Health Law Alliance specializes in healthcare law and is dedicated to defending healthcare providers and their licenses from overreach.
Tenacious Defense - Health Law Alliance has gone after – and beaten – much bigger opponents. When faced with a seemingly daunting legal issue, our attorneys are the ones to call.
Proven Track Record - The attorneys at Health Law Alliance have a demonstrated track record of success against the most aggressive government regulators and industry behemoths.
Frequently Asked Questions About Medicare Audits
Do Medicare audits target specific business types?
Medicare auditors often unfairly focus on independent providers versus larger health systems. But all provider types must contend with aggressive Medicare audits. Having experienced legal advocates levels the playing field.
Can your guidance help prevent future unfair targeting by Medicare audits?
Absolutely. We provide tailored Medicare audit compliance recommendations so providers can reinforce areas prone to Medicare audit scrutiny. Proper documentation is critical to rebutting Medicare audit allegations.
Will filing Medicare appeals or settlements impact my network contracts?
Retaliation for exercising Medicare audit appeal rights is prohibited. We incorporate proper legal protections into Medicare audit responses and settlements. Maintaining existing contracts is always a priority.
What recourse exists if advance Medicare audit notice isn't provided?
Lack of 30-day written Medicare audit notice violates statute in many states. We leverage penalties around insufficient Medicare audit notice periods into negotiation leverage.
Can you help if my license or network participation is jeopardized by a Medicare audit?
Yes. We ensure that Medicare audit sanctions comply with applicable federal and state laws. Medicare auditors are prohibited from acting in bad faith or arbitrarily under applicable law and Medicare audit manuals.
What are the costs of legal representation for Medicare audits?
We offer flexible fee arrangements based on the scope of Medicare audit representation required and Medicare audit stage. The earlier we are involved the better, as we can shape and limit Medicare audit scope, making legal representation more effective and less costly.
Speak to an experienced attorney today at no-cost to evaluate your situation and discuss how we can help.
Legal challenges can be complex and stressful. Our experienced attorneys are dedicated to offering personalized guidance and effective solutions to help you navigate your legal journey with confidence
A Medicare audit is a review of your billing and claims to check if they comply with Medicare’s rules. These audits are carried out by government agencies or contractors, such as RACs (Recovery Audit Contractors) or UPICs (Unified Program Integrity Contractors).
Auditors look for issues like overpayments, incorrect billing, or even potential fraud. They’ll request detailed records to back up the claims you’ve submitted. If they find problems, you could face financial penalties, recoupments, or even legal action.
Medicare audits aren’t random. They’re often triggered by things like unusual billing patterns, frequent use of certain codes, or even whistleblower complaints. In many cases, audits are based on data analysis that flags providers who seem to be outliers compared to their peers.
The government’s goal is to recover improper payments and ensure program integrity. For providers, though, even an audit based on innocent errors can turn into a lengthy and costly ordeal.
Medicare audits can have serious consequences. If auditors find problems, you could be required to repay large sums of money. You might also face penalties or be excluded from participating in Medicare and Medicaid.
In more severe cases, audits can lead to further investigations by agencies like the Office of Inspector General (OIG) or the Department of Justice (DOJ). These investigations can bring civil or criminal charges. Beyond the financial risks, audits can harm your reputation and disrupt your ability to care for patients.
The best defense against a Medicare audit is preparation. Start by making sure your documentation is thorough and supports every claim you submit. Regularly review your billing practices to catch mistakes before they become problems.
Investing in compliance training for your staff can also make a big difference. Medicare rules are complex, and staying up-to-date on changes can help you avoid common pitfalls.
If you receive notice of a Medicare audit, don’t panic—but don’t delay either. Start by carefully reviewing the request and gathering the documentation auditors are asking for. Be sure to meet all deadlines and provide clear, accurate information.
This is also the time to get legal help. An experienced Medicare audit defense attorney can guide you through the process, help you understand what’s at stake, and build a strategy to protect your practice.
At Health Law Alliance, we’ve helped many healthcare providers navigate Medicare audits and enforcement actions. We work closely with you to understand the details of your case, review your documentation, and challenge any findings that could harm your practice.
Our goal is to protect your rights and minimize the impact of an audit on your business. Whether it’s negotiating with auditors, appealing findings, or preparing for litigation, we’ll be by your side every step of the way.
We also help providers strengthen their compliance programs to reduce the risk of future audits. With our support, you can focus on what matters most—caring for your patients—while we handle the legal challenges.
CVS Caremark one of the three major PBMs that control nearly 90% of the market for prescription claims processing.
Learn More
Optum is one of three major PBMs that control nearly 90% of the market for prescription claims processing.
Learn More
ESI is one of the three major PBMs that control nearly 90% of the market for prescription claims processing.
Learn More
Prime has a relationship with ESI that provides for joint provider networks and oversight by both companies.
Learn More
Medicare and Medicaid use agencies like OIG or OMIG and outside contractors to audit prescription drug claims.
Learn More
Humana is a payor that uses PBMs and other contractors to audit government and commercial drug claims.
Learn More
Qlarant is contracted with Medicare to perform fraud, waste, and abuse audits and investigations.
Learn More
Safeguard is contracted with Medicare to perform fraud, waste, and abuse audits and investigations.
Learn More
To design an effective PBM audit response strategy, providers must understand the chain of events both prior to the initiation of a PBM audit and afterwards. For example, Special Investigative Units (SIUs) are often the genesis of a pharmacy audit, and the presence or absence of "audit risk factors" is informative on potentially broader exposure beyond the claims under audit. Any decision to resolve an audit should be informed and result in a full and final settlement of all liability, but PBM audit settlements need to be structured carefully to achieve this goal.
CVS Caremark, OptumRx, and Express Scripts, control at least 80% of the market, making them the three biggest PBMs. Humana also ranks among the largest. In addition, these PBMs regulate access to networks for smaller competitors, such as ESI's partnership with Prime. Plan sponsors, such as United Health, Cigna and Aetna, are vertically integrated with these PBMs, increasing audit risk for pharmacies because network sanctions are more likely to affect a significant aspect of a pharmacy's business across both government and commercial claims.
PBMs and payors use artificial intelligence and data mining across medical and pharmacy claims to identify areas of potential inquiry. Among other areas, these inquiries typically involve high-reimbursing medicines, brand/generic substitution, inventory discrepancies, co-payment collection, prior authorization, and telehealth relations. Separately, DEA conducts audits and inspections for compliance to controlled substance regulations.
Common types of PBM audits include desk audits; on-site audits; invoice audits; and prescription audits. Irrespective of the type of PBM audit, all interactions with PBMs should be taken extremely seriously and can lead to severe consequences if not handled appropriately. For example, there has been a sharp increase in the federal prosecution of pharmacists for audit-related conduct, including answering PBM questions incorrectly. Accordingly, pharmacies should consider using outside audit counsel to avoid these pitfalls.
Pharmacies can take various steps to prepare to meet PBM audits, including routine self-audits. In fact, the government publishes comprehensive guidance and a checklist to assist pharmacies in their audit planning, including self-audits around prescribing practices, controlled substance management, invoice management, and billing practices. If you need assistance designing or implementing an audit protection plan, please do not hesitate to contact us.
Defending against a PBM audit requires comprehensive knowledge of the rights, responsibilities, and intricacies of pharmacies and their laws and regulations. If your pharmacy has been identified for a PBM audit, there are a number of potential defenses available to you. The first defense against a PBM audit is to be proactive, and audit planning can lessen the chance of unfavorable findings. That said, it is often necessary to involve an attorney to hold PBMs to their obligations under law and provider agreements. For this reason, national audit services and pharmacy audit consultants are often ineffective.
Audit discrepancies and findings can be appealed based on the specific procedures outlined in the provider manuals. It is important to follow these requirements exactly, within the timeframes established, or your appeal rights could be lost and further review denied. In an appeal, it is critically important to make a complete record of why the audit findings or sanctions should be reversed, including through documentation, legal arguments, and corrective actions, if any. Depending on the outcome of the appeal, you may have further legal recourse against the PBM.
PBM audits can have severe repercussions depending on the results of the pharmacy audit, including recoupments, network sanctions, and criminal, civil and administrative investigations involving jail time, significant fines, and license revocation or exclusion. We publish a 10-part PBM Audit Guide that discusses the overlap between PBM audits and government investigations and how to successfully manage audit risk. This resource is complimentary to subscribers HERE.
Government investigations may come in many forms, but criminal matters involving potential jail time, mandatory exclusion, loss of licensure, and reputational harm are the most severe and scary scenarios that anyone can face. Unfortunately, it often is not clear, particularly at the outset, whether an investigation involves criminal violations or what your status might be in the investigation. For example, our clients might be informed that the FBI is interviewing patients, or that their partners have received subpoenas. The uncertainty that results from these types of events is particularly difficult for our clients to manage, and typically involves sleepless nights, loss of appetite, anxiety and potential depression.
Our experienced healthcare defense attorneys understand what clients are going through, and focus on providing them with insight into the government’s investigation and how best to defend it. There are a variety of potential outcomes, many of them involving far less severe ramifications than might be contemplated. Indeed, in healthcare, parallel criminal, civil, and administrative laws provide an opportunity for potential resolution of government investigations under terms that do not involve loss of liberty or livelihood. The range of outcomes that might be available depends on the evidence available to the government, but cases involving patient harm typically receive more focus from a criminal perspective than run-of-the-mill billing irregularities, particularly when the federal government is involved.
That said, there are several notable exceptions. At Health Law Alliance, our healthcare defense attorneys have decades of federal and state prosecutorial experience, and we rely on that background to highlight areas of increased risk. In particular, the below agencies focus on the prosecution of criminal healthcare fraud.
The Medicare Fraud Strike Force, operated by the U.S. Department of Justice (DOJ) in regions across the country, is particularly adept at prosecuting healthcare fraud criminal matters. Medicare Fraud Strike Force Teams harness data analytics and the combined resources of federal, state, and local law enforcement entities to prevent and combat healthcare fraud, waste, and abuse. More specifically, the Strike Force uses advanced data analysis techniques to identify aberrant billing levels in healthcare fraud “hot spots” – cities with high levels of billing fraud – combined with traditional investigative techniques to target suspicious billing patterns in addition to emerging schemes and fraudulent practices that move from one location to another.First established in March 2007, prosecutors operate in 16 Strike Forces, including the National Rapid Response Strike Force based in Washington, DC. The Strike Force Model centers on a cross-agency collaborative approach, bringing together the investigative and analytical resources of DOJ’s Fraud Section, the Federal Bureau of Investigation (FBI), the U.S. Department of Health and Human Services Office of the Inspector General (HHS-OIG), the Centers for Medicare & Medicaid Services (CMS), Drug Enforcement Administration (DEA), Defense Criminal Investigative Service (DCIS), Federal Deposit Insurance Corporation Office of the Inspector General (FDIC-OIG), Internal Revenue Service (IRS), Department of Labor-OIG, United States Postal Service – Office of the Inspector General (USPS-OIG), Veterans Administration – Office of the Inspector General (VA-OIG), and other agencies. Strike Force Health Care Fraud and Prescription Opioid teams are located across the country, as depicted by the chart below:
The Medicare Strike Force has filed thousands of criminal actions and indictments and recovered billions of dollars in assets resulting from healthcare fraud. The Strike Force teams bring together the Office of Inspector General (OIG), the Department of Justice (DOJ), Offices of the United States Attorneys (USAOs), the Federal Bureau of Investigation (FBI), local law enforcement, and others. These attorneys and investigators have a proven record of success in analyzing data and investigative intelligence to quickly identify fraud and bring prosecutions. The interagency collaboration also enhances the effectiveness of the Strike Force model. For example, OIG refers credible allegations of fraud to the Centers for Medicare & Medicaid Services (CMS) so that it can suspend payments to the alleged healthcare fraud perpetrators, thereby preventing losses to federal programs. Finally, the Medicare Strike Force does not focus exclusively on healthcare fraud but also prosecutes wire fraud, mail fraud, bank fraud, money laundering offenses, violations of the Anti-Kickback Statute (AKS), false statements offenses, Title 42 offenses, Title 26 offenses, and Title 21 offenses, in the highest intensity regions.
The Medicare Strike Force is a specialized department within the DOJ’s Health Care Fraud Unit, based in Washington, D.C., with operations across the country. DOJ’s Health Care Fraud Unit is led by over 80 experienced white-collar prosecutors who focus solely on prosecuting the nation’s most complicated healthcare fraud matters and the illegal prescription, distribution, and diversion of opioids and other controlled substances. The Health Care Fraud Unit’s mission is to protect the public treasury from wide-scale healthcare fraud, protect patients from significant fraudulent schemes that result in patient harm, and to detect, limit, and deter fraud and illegal prescription, distribution, and diversion of controlled substance offenses. The Health Care Fraud Unit endeavors to prosecute defendants who orchestrate schemes that result in the loss of hundreds of millions or billions of dollars, the distribution of tens of millions of opioids or controlled substances, and complex money laundering, tax, and other financial crime offenses.
The Health Care Fraud Unit prides itself on conducting the most trials of any DOJ component, including the U.S. Attorney's Offices. DOJ prosecutors, referred to as “Trial Attorneys,” have participated in the largest and most complex healthcare fraud and opioid distribution trials in the country. Notably, the Health Care Fraud Unit is a leader in using advanced data analytics and algorithmic methods to identify newly emerging healthcare fraud schemes and to target the most egregious fraudsters. The Health Care Fraud Unit’s team of dedicated data analysts works with prosecutors to identify, investigate, and prosecute cases using data analytics. At the Health Law Alliance, our healthcare defense attorneys have extensive experience in the use of data analytics to identify potential fraud, waste, and abuse, having served as the Chief Compliance Officer and Executive Leadership Team member for UnitedHealth Group, with oversight of Optum and UnitedHealthcare, including Special Investigative Units (SIUs) within those platforms.
The Health Care Fraud Unit’s cases are complex and wide-reaching. In particular, the National Rapid Response Strike Force was created in 2020 to investigate and prosecute fraud cases involving major healthcare providers that operate in multiple jurisdictions. The National Rapid Response Strike Force coordinates with the Civil Division’s Fraud Section and Consumer Protection Branch, U.S. Attorneys’ Offices across the country, state Medicaid Fraud Control Units (MFCUs), the FBI, HHS-OIG, and other agency partners to investigate and prosecute multi-jurisdictional and corporate healthcare fraud. The National Rapid Response Strike Force’s recent successes include the conviction of owners of a multi-state network of rural hospitals in a $1 billion billing fraud matter; the $500 million global resolution with Tenet Healthcare Corporation and related individual prosecutions for a hospital kickback scheme; the prosecution of billions of dollars in telemedicine fraud; prosecution of over $1 billion in fraudulent addiction rehabilitation facility fraud as part of the Sober Homes Initiative; and leadership of the Unit’s efforts to prosecute those seeking to criminally exploit the COVID-19 pandemic, including the conviction at trial of the President of a Silicon Valley technology company for healthcare fraud, illegal kickback, and securities fraud related to the announcement of purportedly revolutionary testing for COVID-19 using only a few drops of blood, i.e., Elizabeth Holmes and associates.
In addition, in 2022, the DOJ Criminal Division announced the formation of the New England Prescription Opioid (NEPO) Strike Force, a joint law enforcement effort to investigate and prosecute healthcare fraud schemes in the New England region, and to prosecute individuals involved in the illegal distribution of prescription opioids and other controlled substances. NEPO leverages the success of the October 2018 formation of the Appalachian Regional Prescription Opioid (ARPO) Strike Force, a joint effort between DOJ, FBI, HHS-OIG, DEA, and state and local law enforcement to combat healthcare fraud and the opioid epidemic in locations that have been harmed significantly by addiction. ARPO has partnered with federal and state law enforcement and U.S. Attorneys’ Offices throughout Alabama, Kentucky, Ohio, Virginia, Tennessee, and West Virginia to prosecute medical professionals involved in the illegal prescription and distribution of opioids.
In addition to DOJ’s Strike Forces and Health Care Fraud Units, all of the U.S. Attorneys’ Offices are staffed by federal prosecutors, referred to as Assistant United States Attorneys (AUSAs), who investigate and prosecute healthcare fraud crimes in their respective jurisdictions. There are 93 U.S. Attorneys’ Offices in the country, and the U.S. Attorney in each district is the chief federal law enforcement officer, reporting to the Attorney General of the United States. The U.S. Attorneys’ Offices are coordinated by the Executive Office for U.S. Attorneys, which oversees the DOJ’s Health Care Fraud and Abuse Act Program, established as part of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). To most, HIPAA is better known for privacy and nondiscrimination rules, but the statute also created a number of healthcare offenses and enforcement tools, including the “HIPAA subpoena,” and mandated that the DOJ and HHS-OIG coordinate to support efforts to investigate and prosecute healthcare fraud.
To this end, HIPAA provided a funding source, specifically requiring that amounts equaling recoveries from healthcare fraud investigations be deposited in or transferred to the Federal Hospital Insurance Trust Fund. Recoveries are then appropriated from the Trust Fund to the Health Care Fraud and Abuse Control Account in an amount the Attorney General and HHS Secretary certify annually are necessary to finance healthcare fraud enforcement activities. Appropriations from the Control Account fund attorneys, investigators, and litigation support to combat healthcare fraud. Since 1997, over $57 billion has been collected by the DOJ and HHS. Of that, nearly $40 billion has been returned to the Medicare Trust Funds, an average of approximately $1.5 billion per year, and Medicaid, Tricare, the Veteran’s Administration, among others. In the same period, 13,628 defendants have been convicted of healthcare fraud offenses, an average of 545 every year. These numbers are startling, to be sure.
All states also operate Medicaid Fraud Control Units (MFCUs), typically within the State Attorney General’s Office, to investigate and prosecute Medicaid-related fraud. The Social Security Act (SSA) requires each state to effectively operate an MFCU unless the Secretary of Health and Human Services (HHS) determines that (1) the operation of a Unit would not be cost-effective because minimal Medicaid fraud exists in a particular state; and (2) the state has other adequate safeguards to protect enrollees from abuse or neglect. MFCUs are funded jointly by the federal and state governments. Each Unit receives a federal grant award equivalent to 90 percent of total expenditures for new Units and 75 percent for all other Units.
MFCU cases often begin as referrals from external sources or are generated from data mining. MFCU staff review referrals of possible fraud to determine the potential for criminal prosecution or civil action. If the Unit accepts a referral, the case may result in various outcomes. Criminal prosecutions may result in convictions; civil actions may result in civil settlements. Both criminal prosecutions and civil actions routinely include the assessment of monetary recoveries. The approach of the MFCUs varies state-by-state, with some offices, such as Pennsylvania’s MFCU, that pursue criminal cases exclusively. In other words, the Pennsylvania MFCU will either bring a criminal case or decline the matter completely; that office does not interpret its enabling statutes to permit the resolution of investigations on civil terms. Other state MFCUs, however, investigate and prosecute both criminal and civil cases. The OIG has the authority to exclude convicted individuals and entities from any federally funded healthcare program, such as Medicaid, on the basis of convictions referred from MFCUs. In addition to achieving these outcomes, MFCUs may also make recommendations to their state governments to strengthen program integrity.