Are Your Business Affiliates in Trouble? Prepare to Let CMS Know

The agency finalized a rule to strengthen the government's ability to prevent fraud and block providers from federal health programs.

If your current or past business affiliates have been in hot water with federal health insurance programs, you may soon be required to give the Centers for Medicare & Medicaid Services a heads up, under a final rule the agency released Thursday.

The added program integrity requirements for providers and suppliers aim to empower the government to prevent fraud and block "unscrupulous providers" from federal programs before they can bilk the system, CMS said. The change is scheduled to take effect at the conclusion of a public comment period, on November 4.

The rule, which the agency proposed during the final year of the Obama administration, requires providers and suppliers that participate in Medicare, Medicaid, and the Children's Health Insurance Program (CHIP) to disclose certain affiliations with other entities that have been formally excluded from any of those three programs, had payments suspended under a federal healthcare program, had their billing privileges denied or revoked, or have uncollected debt.

The rule also gives CMS more authority, in certain circumstances, to deny or revoke a provider's or supplier's permission to participate in Medicare.

"For too many years, we have played an expensive and inefficient game of 'whack-a-mole' with criminals—going after them one at a time—as they steal from our programs," said CMS Administrator Seema Verma in a statement. "These fraudsters temporarily disappear into complex, hard-to-track webs of criminal entities, and then re-emerge under different corporate names. These criminals engage in the same behaviors again and again."

"Now, for the first time, we have tools to stop criminals before they can steal from taxpayers. This is CMS hardening the target for criminals and locking the door to the vault," Verma added. "If you're a bad actor you can never get into the program, and you can't steal from it." 

As an example of how CMS might use its new "affiliates" authority, the agency described a hypothetical situation in which it could deny enrollment in Medicare, Medicaid, or CHIP to an entity that is owned or managed by someone who is affiliated with another entity that had previously lost its enrollment status. This could help CMS prevent blocked providers and suppliers from rebranding and reentering the program under a new name.

Entities that are found to have submitted false or misleading information in an initial enrollment application may be blocked from the program for up to three years, according to the rule. The agency had been able to block revoked suppliers and providers from reentering Medicare for up to three years, but that blackout period will increase to a decade, according to the rule. A second offense may lead the agency to block an entity for up to 20 years.

The CMS announcement says "the only providers and suppliers that will face additional burdens are 'bad actors,' " but the American Hospital Association raised some reservations about the potential scope of the additional requirements, as proposed in 2016.

"[E]nrollment should not be put at risk for minor administrative errors, and providers should not be held responsible for reporting information that they have no ability to access or verify," AHA Executive Vice President Tom Nickels wrote in a comment at the time. "In addition, providers should not be required to report information prior to a final resolution of an appeal, nor should they be subject to a substantial new reporting burden for information to which the agency already has access."

Related: Encompass Health to Pay $48M to Settle False Claims Allegations

Related: HHS OIG Offers 25 Ways to Reduce Healthcare Waste and Fraud

Related: Verma Hopes Stark Law Regulatory Update Will Come by Year's End

Related: Feds Indict 24 in Massive $1.2B Telemarketing, DME Scheme