To design an effective Medicare audit response strategy, providers must understand the chain of events both prior to the initiation of a Medicare audit and afterwards. For example, Special Investigative Units (SIUs) are often the genesis of a Medicare audit, and the presence or absence of "audit risk factors" is informative on potentially broader exposure beyond the Medicare claims under audit. Any decision to resolve a Medicare audit should be informed and result in a full and final settlement of all liability, but Medicare audit settlements need to be structured carefully to achieve this goal.

CVS Caremark, OptumRx, and Express Scripts, control at least 80% of the market, making them the three biggest PBMs. Humana also ranks among the largest. In addition, these PBMs regulate access to networks for smaller competitors, such as ESI's partnership with Prime. Plan sponsors, such as United Health, Cigna and Aetna, are vertically integrated with these PBMs, increasing Medicare audit risk for providers because network sanctions are more likely to affect a significant aspect of a provider's business across both Medicare and commercial claims.

PBMs and payors use artificial intelligence and data mining across medical and pharmacy claims to identify areas of potential Medicare audit inquiry. Among other areas, these Medicare audit inquiries typically involve high-reimbursing medicines, brand/generic substitution, inventory discrepancies, co-payment collection, prior authorization, and telehealth relations. Separately, DEA conducts audits and inspections for compliance to controlled substance regulations.  

Common types of Medicare audits include desk audits; on-site audits; invoice audits; and prescription audits. Irrespective of the type of Medicare audit, all interactions with Medicare auditors like Qlarant and Safeguard should be taken extremely seriously and can lead to severe consequences if not handled appropriately. For example, there has been a sharp increase in the federal prosecution of pharmacists for audit-related conduct, including answering Medicare audit questions incorrectly. Accordingly, providers should consider using Medicare audit counsel to avoid these pitfalls.

Providers can take various steps to prepare to meet Medicare audits, including routine self-audits. In fact, the government publishes comprehensive guidance and a checklist to assist pharmacies in their Medicare audit planning, including self-audits around prescribing practices, controlled substance management, invoice management, and billing practices. If you need assistance designing or implementing a Medicare audit protection plan, please do not hesitate to contact us.

Defending against a Medicare audit requires comprehensive knowledge of the rights, responsibilities, and intricacies of Medicare auditors like Qlarant and Safeguard. If your business has been identified for a Medicare audit, there are a number of potential defenses available to you. The first defense against a Medicare audit is to be proactive, and Medicare audit planning can lessen the chance of unfavorable Medicare audit findings. That said, it is often necessary to involve an attorney to hold Medicar auditors like Qlarant and Safeguard to their obligations under law and provider agreements.

Medicare audit discrepancies and findings can be appealed based on the specific procedures outlined in the applicable manuals. It is important to follow these requirements exactly, within the timeframes established, or your Medicare audit appeal rights could be lost and further review denied. In a Medicare audit appeal, it is critically important to make a complete record of why the Medicare audit findings or sanctions should be reversed, including through documentation, legal arguments, and corrective actions, if any. Depending on the outcome of the Medicare audit appeal, you may have further legal recourse against CMS.

Medicare audits can have severe repercussions depending on the results of the audit, including recoupments, network sanctions, and criminal, civil and administrative investigations involving jail time, significant fines, and license revocation or exclusion. We publish a 10-part PBM Audit Guide that discusses the overlap between PBM audits and government investigations and how to successfully manage Medicare audit risk. This resource is complimentary to subscribers HERE.