Medicaid fraud: An unhealthy prescription

Fraud examiners are aided by numerous laws and regulations plus many detection methods when there are suspicions that Medicaid fraud is afoot. 

In June of 2002, California Deputy Attorney General Hardy Gold, on behalf of the state's Attorney General Bill Lockyer, filed a 114-page complaint against the largest-ever Medicaid/ Medicare crime ring. By 2004, 16 individual defendants and 13 corporations were successfully prosecuted with several serious sentences imposed including the largest sentence anywhere for Medicaid fraud - 18 years and 8 months.

______________________________________________

In April of 2003, Bayer Corporation pled guilty for inflating prescription drug prices for Medicaid patients. Evidently, the pharmaceutical giant concealed discounts resulting from selling re-labeled drugs at substantial discounts and dodged Medicaid by failing to provide millions of dollars in rebates.(1) Bayer Corporation paid more than $257 million in restitution to Medicaid, making it the largest fraud-related payment to Medicaid in history.(2)
_______________________________________________

In March of 2005, in a 288-count indictment, a U.S. District Court grand jury in Georgia indicted eight individuals and two corporate defendants with conspiracy, money laundering, wire and mail fraud, and transporting stolen goods. The charges arise from a $45 million Medicaid fraud scheme involving BioMed Plus, Inc., its owners, and several workers. The U.S. Attorney's office claims that the defendants were involved in the unlawful purchase and sale of prescription drugs - primarily blood derivatives used in the treatment of cancer, AIDS, hemophilia, and other ailments.(3) As of publication, the case hasn't been set for trial.

By 2014, $20.6 million to fight Medicaid fraud?
These cases offer a mere indication of the plethora of Medicaid fraud to be exposed. In 2003, the U.S. federal government convicted 437 defendants for healthcare fraud-related crimes, housed 1,277 civil matters in the courts, and collected more than $1.8 billion in healthcare fraud-related settlements and judgments.(4) In 2004, Medicaid expenditures exceeded $300 billion per year. Approximately $10 million of that was allotted to fight Medicaid fraud.(5) In addition, the Department of Health and Human Services (HHS) and the Department of Justice's Healthcare Fraud and Abuse Control Program (HCFAC) predict that by 2014, nationwide healthcare spending will exceed $3.6 trillion.(6) If the current rate continues, by 2014, the government will be spending more than $20.6 million annually to fight Medicaid fraud.

In response to the enormous increase in Medicaid fraud, the federal government has established departments, programs, statutes, and funds for deterring, investigating, and prosecuting such types of fraud. Unlike Medicare, which is wholly funded by the federal government for the benefit of the elderly, states administer sovereign Medicaid programs, subsidized by the federal government, for the benefit of the poor.

This article is intended to provide fraud examiners with a guide to applicable laws and regulations plus available detection methods when there are suspicions that Medicaid fraud is afoot. Because Medicaid programs are federally subsidized state programs, the federal government has preemptory power over each state's Medicaid program. Thus, it's imperative that the fraud examiner be aware of the several federal regulations that govern all Medicaid programs. The essential components of these regulations will be described here with a short analysis of each regulation's purpose. Following the federal overview of Medicaid fraud law, a generalized overview of various types of frauds that affect state Medicaid programs will be addressed along with their detection methods. Finally, Medicaid managed care compliance efforts will be discussed.

An overview of the Medicaid system
For a state to establish a Medicaid program for its residents, it must comply with specific federal guidelines. Each state must:

The chart above categorizes several state and federal agencies, their activities, and responsibilities as they relate to curbing Medicaid fraud. (9) 

The statute encompasses a very broad array of activities that can be classified as Medicaid fraud. Although only Medicaid fraud is addressed in the statute, it applies to all federally funded healthcare programs, not just Medicaid.

The statute criminally penalizes individuals who actually receive, as well as those who merely solicit, Medicaid remuneration. So long as the intent of the defendant is knowing and willful, and his/her means of involvement includes the receipt or solicitation of the kickback, the crime is prosecutable. However, the difficulty is determining whether the defendant intended to act knowingly and willfully. Neither "knowingly" nor "willfully" is defined in the statute. Thus, their interpretations are left for the courts to decipher, which has inherently led to discrepancies in determining a defendant's intent.(14) 

The following examples are typical violations of the Anti-Kickback Statute:

• payments for Medicaid patient referrals;
• payments from a self-referral joint venture to investors for Medicaid patient referrals;
• involvement in a consignment agreement, whereby performance under the agreement is based upon a percentage-based compensation scheme; and
• a physician who performs little or no services to Medicaid patients yet receives large amounts of money for referring those patients to hospitals under ostensible services contracts.

• unconstitutional vagueness;
• entrapment by estoppel;(15) and
• a good faith belief that the defendant's conduct was legal under the Statute.

To be guilty under the Anti-Kickback Statute it's imperative that the defendant knew his or her statement or representation to be false at the time he or she made the material misrepresentation.(16) A good faith belief requires the defendant to know and be aware that his or her actions were prohibited. Thus, ignorance of the law, and/or acting upon erroneous advice of an attorney provides the defendant with a viable defense to the Anti-Kickback Statute.

In addition to these three defenses, Congress adopted Safe Harbor Provisions to protect certain individuals from prosecution under the Anti-Kickback Statute.(17) These numerous provisions set forth payment practices excluded from criminal prosecution under the statute. Examples of such exclusions include: investment interests, equipment rental, personal services and management contracts, sale of practice, referral services, warranties, discounts, employees, group purchasing organizations, price reductions offered to health plans, and cooperative hospital service organizations.

False claims
The Medicaid False Claims Act (the 1986 Medicaid amendments to the 1943 False Claims Act) (31 U.S.C. §§ 3729 through 3731) generally criminalizes false statements and representations made to an officer or employee of the federal government. The most commonly prosecuted acts under the Act result from a) the receipt of false or fraudulent claims paid by the government, and b) the use of false or fraudulent records or statements to avoid payment to the government. To bring an action under the False Claims Act stemming from Medicaid fraud, there must be a false statement or representation in connection with a) the wrongful disposal of Medicaid assets, or b) solicitation or payment of Medicaid claims.(18)

Even if a state's Medicaid program is administered exclusively by the state, because the program is subsidized with federal funds, all false or fraudulent claims submitted to the state's Medicaid program fall within the guise of the False Claims Act as claims against the federal government.(19) The penalties for violation of the Act range from no less than $5,000 to no more than $10,000 plus up to three times the amount of the government's damages, as well as suspension from participating in Medicaid programs.

The following examples are typical violations under the Medicaid False Claims Act:

• physician billing for services provided by residents as if the services were performed by the physician;
• billing for upcoded medical services covered by Medicaid;
• marketing and selling bundles tests (necessary and unnecessary tests) to referring physicians, who then bill Medicaid at a higher rate than authorized; and
• misdiagnosing Medicaid beneficiaries as having medical conditions, and then billing for services that wouldn't otherwise be covered.(20)  

In addition to these codified requirements, states often supplement the federal requirements with more stringent state requirements. For example, in Pennsylvania, physicians are prohibited from making any automatic referrals, whether they be enunciated in direct or indirect agreements with other health providers.(24)

There are several exceptions and Safe Harbor provisions to protect physicians from making certain referrals. In part, these exceptions include: referrals to and from physicians in the same group practice, same in-office ancillary services, prepaid plans, legitimate personal services arrangements, and physician recruitment.(25)

Although STARK II appears to mimic the Anti-Kickback Act, the two laws are significantly different. Unlike the Anti-Kickback Act, which applies to all individuals, STARK II only applies to physicians and their family members. Next, where the Anti-Kickback Act provides criminal penalties for its violations, STARK II is codified as a civil statute, and therefore only punishes with fines, suspension, and termination. Finally, under STARK II, each Medicaid entity providing items or services for payment must comply with reporting requirements and disclose information relating to the entity's ownership, investment, and compensation arrangements.(26)

Violations of STARK II may subject a defendant to $15,000 for each service improperly billed or claimed, $100,000 for participation in a circumvention arrangement or scheme, exclusion from participating as a provider in Medicaid programs, and/or a penalty of $10,000 each day reporting is delinquent.(27) 

Health Insurance Portability and Accountability Act
The 1996 promulgation of the Health Insurance Portability and Accountability Act (HIPAA) was the first massive sweep to wipe out healthcare fraud.28 Pursuant to its purpose in providing funds to combat healthcare fraud, HIPAA launched the

Fraud and Abuse Control Program, which:

• coordinates federal, state, and local law enforcement programs to control fraud and abuse as applicable to Medicaid programs;
• conducts investigations, audits, evaluations, and inspections as they relate to delivery and payment for Medicaid services;
• modifies and establishes Safe Harbor Provisions;
• issues advisory opinions and special fraud alerts; and
• provides reporting and disclosure requirements of adverse actions (under the Healthcare Fraud and Abuse Data Collection Program).(29)  

As codified in the Anti-Kickback Statute and applied to Medicaid fraud, anyone who:

Violations under the Act can result in criminal penalties of up to $25,000 fines and/or five years imprisonment.

As part of the implementation of HIPAA, the Secretary of the HHS was directed to create the Health Integrity and Protection Data Bank (HIPDB).(31) The HIPDB is a reporting mechanism that allows users to access and review final adverse actions taken against practitioners, providers, and suppliers. Access to the data bank, however, is limited to federal and state government agencies and health plans.

State level enforcement
In 1977, Congress devised the Medicaid Fraud Control Units Program (MFCU), to help states counter Medicaid fraud. Under this program, each state is to implement its own MCFU. The federal government subsidizes each state's program with 90 percent of the monies necessary to get that state's MFCU up and rolling.(32) Three years thereafter, the federal government provides the state's MCFU with 75 percent of its operating costs.(33) Federal initiatives such as this have helped states effectively curb Medicaid fraud on state and local levels.

According to the United States General Accounting Office and health insurance industry sources, between 3 percent and 10 percent of any state's Medicaid budget is lost to fraud and abuse.(34) Yet in 2003, combined State MCFUs recovered more than $250 million in legal restitution, obtained more than 1,000 convictions, and excluded 538 individuals from participating in the Medicaid and Medicare programs.(35)

For a fraud examiner to identify and detect Medicaid fraud at any level, he/she must be apprised of various Medicaid fraud schemes because they are, often, more stringently regulated at the state level. Several types of schemes have been discussed throughout this article in reference to applicable federal statutes. However, because the managed care environment is extraordinarily complex, additional schemes that are commonly regulated by the states can be found in below.

Medicaid managed care compliance programs
In the wake of corporate scandal, the DOJ and the OIG have been increasingly using compliance programs in lieu of sanctions to control medical providers and related entities who have defrauded the federal healthcare system. Furthermore, due to increasing state flexibility in constructing and managing Medicaid programs, the CMS have promulgated guidelines for creating individual Medicaid compliance programs. Thus, it appears as though the federal government is progressively attempting to curb fraud at the managed healthcare level from the inside out.

Compliance programs help entities regulate their internal processes and train staff to follow applicable laws and regulations. The CMS believe that a managed care entity dealing with Medicaid patients must have a compliance program in place to "combat fraud and abuse while establishing accountability and responsibility."(36) 

This chart defines the Alliance's elements that are required for creating an effective Medicaid compliance program.(37)  

In addition to identifying the elements of a successful compliance program, the Alliance emphasizes each step in designing, implementing, and monitoring a successful Medicaid compliance program.(38) Compliance efforts are meant to encourage a culture that fosters prevention, detection, and resolution of conduct that's outside established healthcare policies. With a large amount of hard work, and a bit of luck, federal and state efforts to curb Medicaid fraud will surpass that of the fraudsters.

1 The Department of Health and Human Services and The Department of Justice. Annual Report for FY 2003, December 2004, www.cms.hhs.gov/statistics/nhe/projections-2004/proj2004.pdf (May 9, 2005).
2 Ibid.
3 Kelly Cramer, "Multi-million Dollar Fraud Alleged by Feds," Savannah Now, April 6, 2005, www.savannahnow.com/stories/040605/2939286.shtml. (May 11, 2005).
4 Ibid at FN 1.
5 Ibid at FN 1.
6 Office of the Actuary at the Centers for Medicare and Medicaid Services, National Healthcare Expenditures Projections: 2004-2014, http://cms.hhs.gov/statistics/nhe/projections-2004/proj2004.pdf (May 11, 2005).
7 Centers for Medicare and Medicaid Services, Medicaid Alliance for Program Safeguards: Background, www.cms.hhs.gov/states/fraud/
backgrnd.asp (May 12, 2005).
8 United States General Accounting Office, Medicaid Federal and State Leadership Needed to Control Fraud and Abuse, www.gao.gov/new.items/he00030t.pdf (May 9, 2005).
9 Ibid. See Web site for analysis and a copy of this chart.
10 18 U.S.C. § 371.
11 18 U.S.C. §§ 1341 and 1343 respectively.
12 18 U.S.C. §§ 1961-1968.
13 Kickback recipients need not qualify as physicians, nurses, or even healthcare personnel.
14 Hanlester Nework v. Shalala, 51 F.3d 1390 (9th Cir. 1995); United States v. Jain, 93 F.3d (8th Cir. 1996). Please consult further case law in practical practice.
15 To prove entrapment by estoppel, a defendant must prove the following: (1) the government announced that the charged criminal act was legal; (2) he or she relied on the government's announcement; (3) his or her reliance thereon was reasonable; and (3) due to this reliance by the defendant, prosecution of the criminal act would be unfair. United States v. Levin, 973 F.2d 463, 468 (6th Cir. 1992).
16 United States v. Sidney Laughlin, 26 F..3d. 1523, 1526 (10th Cir. 1994).
17 42 C.F.R. § 1001.
18 42 U.S.C. § 1320a-7b.and HIPAA § 204(a).
19 United States ex rel. Davis v Long's Drugs, Inc., 411 F. Supp. 1144 (9th Cir. 1976).
20 Miller, Alfano & Raspanti, P.C., The False Claim Act Resource Center, Healthcare Fraud Qui Tam Case, www.falseclaimsact.com/healthcare.html (May 12, 2005).
21 42 U.S.C. § 1395nn.
22 STARK II also prohibits physicians' family members from making such referrals where they have a financial interest in the referral.
23 42 U.S.C. § 1395nn.
24 University of Pennsylvania Health System Office of Legal Affairs, A Guide to Legal Issues in Health Care, "Fraud and Abuse & STARK Laws," www.uphs.upenn.edu/legal/fraud.html (May 12, 2005).
25 See 42 U.S.C. § 1395nn for additional exceptions and Safe Harbor provisions.
26 42 U.S.C. § 1395nn(f).
27 42 U.S.C. § 1395nn(g).
28 104 P.L. 191.
29 42 U.S.C. § 1320a-7c(a)(1).
30 42 U.S.C. § 1320a-7b(a)(1-6)
31 104 P.L. 191; 42 U.S.C. § 1301 et seq.
32 The Department of Health and Human Services Office of the Inspector General, 2003 Annual Report, http://oig.hhs.gov/publications/docs/mfcu/MCFU2003.pdf (May 9, 2005). See also 96 Pub. L. No. 499.
33 Ibid.
34 Office of the Attorney General, State of California, Department of Justice, Medi-Cal Fraud, http://caag.state.ca.us/bmfea/medical.htm (May 12, 2005).
35 42 U.S.C. § 1320a-7b(a)(1-6).
36 Centers for Medicare and Medicaid Services, Guidelines for Constructing a Compliance Program for Medicaid Managed Care Organizations and PrePaid Health Plans, www.cms.hhs.gov/states/fraud/mccomplan.pdf (May 10, 2005).
37 Ibid. This chart is a product of the Medicaid Alliance for Program Safeguards.
38 Ibid. Read Guidelines for Constructing a Compliance Program for Medicaid Managed Care Organizations and PrePaid Health Plans for a comprehensive review of the Alliance's guidelines.

[Some links may no longer be available. —Ed.]

Juliana Morehead, J.D., Associate Member, is a legal writer and editor for the ACFE.

The Association of Certified Fraud Examiners assumes sole copyright of any article published on www.Fraud-Magazine.com or ACFE.com. Permission of the publisher is required before an article can be copied or reproduced.