08.16.2019 Civil Investigative Demands and ZPIC Audits Can Be Traps for the Unwary
Many people reasonably expect that when the government is targeting a company or individual for some adverse action, they will know it—there will be a lawsuit, an indictment, or some other clear demarcating event. Unfortunately, the government does not always indicate its posture so clearly, and a failure to recognize the true nature of the situation is a trap for the unwary. Increasingly, the government relies on facially innocuous methods of data collection. What seems like a standard audit or document request actually may be the first overt indication that the government is investigating you or your company under the False Claims Act, Anti-Kickback Statute, Stark Law, or a dizzying array of other fraud and abuse statutes. In the healthcare field, ZPIC audits and civil investigative demands are key weapons in the government’s investigatory arsenal.
What are ZPIC audits?
ZPICs, or Zone Program Integrity Contractors, are charged specifically with identifying fraud and abuse among Medicare claims, durable medical equipment (“DME”), home health, and Medicare-Medicaid matching. The country is divided into seven program integrity zones, each one overseen by a private contractor charged with investigating suspected fraud. This distinguishes ZPIC from other forms of audits—like a RAC audit, for instance, the ZPIC audit is also conducted by a private contractor with a financial interest in recovering money from the provider. A ZPIC audit, though, is potentially more ominous—it indicates that there is at least a suspicion of fraudulent billing practices. Providers generally will become aware of a ZPIC audit when they receive a request for documents from the contractor. Based on its investigation, the contractor may find overpayments, upcoding or other types of fraudulent billing may have occurred. Such findings are appealable through an administrative process. The findings from the audit may also be shared with state or federal law enforcement for civil or criminal proceedings.
What are Civil Investigative Demands?
A civil investigative demand, like a ZPIC audit, is a means by which the government can obtain documentation regarding billing and other medical records that providers should maintain. The CID is a tool used by the Department of Justice. In March 2010, the Fraud Enforcement and Recovery Act authorized United States Attorneys to use CIDs in their investigations. In other words, the explicit idea of authorizing this investigative tool was to identify and investigate suspected fraud. Although called “civil,” these are potentially far-reaching tools that may be used in an investigation that is, or later becomes, criminal in nature.
What do these requests have in common?
Both ZPIC audit requests and CIDs are powerful tools for the government to gather detailed information about a business and its operations. They are often incredibly broad in scope and require a rapid response (usually 15 days for ZPIC audit requests). This gives the government leverage by imposing substantial costs on providers up front, and gives little time for a thoughtful response. Government investigators, and ZPIC auditors in particular, can be incredibly aggressive in pursuing their requests. AdvanceMed, one of the largest ZPIC auditors and the entity with the contract for Virginia and the Carolinas, was recently sued for what the plaintiff described as its “Gestapo” tactics. ZPIC document requests and CIDs only occur when fraud is suspected—by the time a provider is aware of what is happening, they are already in the crosshairs, and the government is going to be aggressive in pursuing its case.
What should a provider do in response to receiving a CID or ZPIC audit?
Providers who receive one of these document requests should take action immediately. It is important to work closely with any billing vendors or compliance services to ensure that all documentation is gathered promptly. Providers are also well-advised to retain experienced counsel to interact with the government. An attorney may be able to negotiate a narrower document production, saving time and money. An attorney can also help tell the provider’s side of the story in these relatively preliminary stages before an unhelpful narrative has solidified. If issues are uncovered, an attorney can also assist in negotiating a resolution with the government and taking remedial measures. Failure to return funds from an identified overpayment is itself considered healthcare fraud under the False Claims Act, so a careful assessment of the situation is critical.
After providing the documents, it is not uncommon for the government to take no action for months, or even years. Providers should not be lulled into complacency by any delays. For every dollar that the government spends investigating healthcare fraud, it receives a recovery of over $6. In 2018, the Department of Justice recovered $2.8 billion in settlements and judgments, of which $2.5 billion was from the healthcare industry. Pursuing healthcare fraud is big business for the government. These private contractors and fraud investigators would lose their livelihoods if they did not continue bringing these cases and recovering substantial funds. Any healthcare provider receiving a ZPIC audit request or civil investigative demand should treat the situation as potential bet-the-company litigation. Unless the provider treats its response with appropriate seriousness, it risks being on the losing side.