11.18.2011 CMS Final Rule Mandates North Carolina Medicaid RAC Program by January 2012

Health care providers are already familiar with Medicare RACs (Recovery Audit Contractors) established by the Centers for Medicare and Medicaid Services (CMS) to identify overpayments of federal dollars to Medicare providers. But starting in January 2012, North Carolina will also have its own Medicaid RAC seeking to identify and recoup overpayments to Medicaid providers. Like the Medicare RACs, the Medicaid RAC will be paid based on the overpayments it identifies, so hospitals, long term care facilities, medical practices and other Medicaid providers can expect vigorous auditing by the RAC.

To supplement the existing Medicare RACs, CMS published a final rule on September 16, 2011 requiring the individual states to implement RAC contracts in connection with each state’s Medicaid program. The Medicaid RACs are to audit providers’ Medicaid claims to identify and recoup overpayments to providers, as authorized by Section 6411 of the Patient Protection and Affordable Care Act. (See States must implement Medicaid RACs by January 1, 2012 unless an extension is granted.

North Carolina Medicaid providers are already policed by several entities:

  • The Program Integrity Section of the NC Department of Health and Human Services, Division of Medical Assistance (DMA), and its contractor, Public Consulting Group, which already conducts post-payment claim reviews and recoupments;
  • The Medicaid Fraud Control Unit of the NC Attorney General’s Office; and
  • Medicaid Integrity Contractors (MICs) contracted by CMS.

The Medicaid RAC program is in addition to these existing audit entities, which are to continue despite the addition of Medicaid RACs. The Final Rule differentiates the RACs from other audit entities that are intended to discover fraud, and requires the Medicaid RACs to refer suspected fraud to the appropriate entities. The CMS Final Rule also requires states to coordinate the activities of Medicaid RACs with other auditing entities, but provides no concrete guidance for doing so.

The requirements of the Final Rule include:

  • Medcaid RACs must not review claims more than three years old (unless the State approves otherwise);
  • Medicaid RACs must accept electronic medical records from providers;
  • States must limit the number and frequency of medical records to be reviewed by the RACs.
  • State law or administrative procedure must provide appeal rights for providers.

North Carolina’s Medicaid State Plan was previously amended to establish the Medicaid RAC Program (see The update to the State Plan states that North Carolina has an existing contract of the type required by the Affordable Care Act which is being amended, suggesting that Public Consulting Group will also serve as North Carolina’s Medicaid RAC. Like Medicare RACs, the Medicaid RACs will be paid on a contingency basis. The State Plan Amendment provides for a contingency rate not to exceed the highest rate paid to Medicare RACs, but does not specify the exact contingency amount.

The State Plan Amendment also states that North Carolina “has an adequate appeal process in place for entities to appeal any adverse determination made by the Medicaid RAC(s).” Currently, DMA rules allow providers to request informal reconsideration by a DMA hearing officer (see 10A NCAC 22F.0402), in which providers may be represented by attorneys (but attorneys are not required). Providers dissatisfied with DMA’s decision on reconsideration may appeal DMA’s decision to the North Carolina Office of Administrative Hearings, in which Agency decisions are reviewed by an Administrative Law Judge, after which the decision is subject to judicial review by the Superior Court and Court of Appeals, in turn.

Throughout the appeals process, short deadlines and technical requirements for appealing DMA decisions can result in a waiver of a provider’s right to challenge repayment. Accordingly, providers are encouraged to determine their legal rights immediately if they are contacted by the RAC.

DMA is expected to establish agency rules governing the RAC program before the end of 2011, but the proposed rules have not yet been released. Providers and the public will be given an opportunity to comment on the proposed rules before their adoption.

In light of the economic incentives inherent in the RAC’s contingency-based structure, providers should expect vigorous auditing and recoupment efforts. Compliance programs are critical, and providers must be able to respond quickly to requests for voluminous records and adequately document all Medicaid Claims. Because of the short time for implementation, coordination between the RAC and other audit entities may not be well defined, and there is a risk of multiple, duplicative audits. Finally, as with government agencies themselves, RACs are not infallible. Providers are thus advised to be watchful for the first sign of audit activity, thoroughly review all alleged overpayments, and strongly defend their right to payment for services provided.

For more information about this topic, please contact the author or any member of the Williams Mullen Long Term Care Industry Service Group.

Please note:
This newsletter contains general, condensed summaries of actual legal matters, statutes and opinions for information purposes. It is not meant to be and should not be construed as legal advice. Readers with particular needs on specific issues should retain the services of competent counsel. For more information, please visit our website at or contact Joel R. Nied, 757.473.5342 or For mailing list inquiries or to be removed from this mailing list, please contact Julie Layne at or 804.420.6311.