Live Chat
Washington State Dental Association

Medicaid Audits: Will your practice be next?

If you’re a general dentist or a specialist accepting Medicaid in the state of Washington, you may soon be the target of a federally mandated audit of your practice devised to ferret out fraud by providers in the system. And while as an Association we stand behind any effort to quash fraud perpetrated by dental professionals against the federal government, the results of two recent audits conducted on WSDA members seem to paint a more malevolent picture: with auditors alluding to prison time for non-compliance and querying staff about the personal spending habits of the doctors unrelated to the practice. And, as you will see, while initial claims well into the six figures have been disputed down to just a fraction of that amount (after lengthy procedures and wait times), neither dentist has received a final judgement — a year or more after the audits began. 

Here, we’ll walk you though two types of audits you’re most likely to encounter as a Medicaid provider, and tell you what you can do to prepare yourself for the process. 


Automated Audit
A review of claims data without a review of records that support the claim. Used for payment errors that do not require human review of records.

Each procedure or encounter billed by a provider.

Centers for Medicare & Medicaid Services 

Complex Audit
A review used to find improper payments on claims that cannot be determined by a simple review and requires a manual evaluation of records and supporting documentation.

Confidence Level
A statistical measure of the reliability of an estimate. 

Desk Audit
An audit in which those who are being audited send copies of requested records to the auditor’s office.

The methodology of estimating an unknown value by projecting, with a calculated precision (i.e., margin of error), the results of an audited sample to the universe from which the sample was drawn (WAC 182-502A-0200). 

Field Audit
An audit which is conducted on-site at a provider’s office.

Generally Accepted Government Auditing Standards
General standards used for auditing private companies. The standards cover qualifications to be an auditor, standards of work product, standards of fieldwork, and information that should be considered before issuing a final report.

Health Care Authority
A state organization responsible for overseeing various health care programs such as Medicaid and other medical assistance programs.

Any payment or benefit to a client or to a vendor in excess of what is entitled by law, rule or contract, including amounts in dispute, as defined in RCW 43.20B.010 (WAC 182-502A-0200).

A selection of claims reviewed under a defined audit process (WAC 182-502A-0200).

A defined population of claims submitted by a provider for payment during a specific time period (WAC 182-502A-0200).

Editor’s note: These descriptions of the audit processes are in brief, summary form. They do not contain all details in the rules, and should not be relied upon as a substitute either for legal advice or review of the specific rules. Note that time periods may be treated as cutoffs for the provider (time to appeal, etc), but are probably guidelines as to the auditor’s process. Also, there are other, distinct forms of audits which are likely to be in use in the next few years, but are beyond the scope of this article.

Medicaid Integrity Contractor (MIC) Audits

Federal legislation known as the Deficit Reduction Act (DRA) of 2005, established the Medicaid Integrity Program (MIP), a program directed at reducing Medicaid fraud. Under the MIP, the Centers for Medicare & Medicaid Services (CMS) contracts and pays MICs for their activities in identifying fraud, waste and abuse. MICs are not paid on a contingency fee basis and their payments are unrelated to identified overpayments. There are three types of MICs:

• Review MICs — Auditors responsible for reviewing state Medicaid claims data to identify providers whom have received potential overpayments.

• Audit MICs — Auditors responsible for auditing specific providers identified by Review MICs.

• Education MICs — Auditors who educate providers and beneficiaries on program integrity issues.

Currently, MIC audits are being conducted in Washington state on dental providers and, according to the Health Care Authority (HCA), have been taking place since May of 2012. HMS Federal is the MIC in Washington state. When conducting audits, HMS is auditing claims from the past three years with a typical sample size of 250 claims. 

MIC Audit Process:
1. Each month, CMS gives Review MICs a data analysis assignment in which CMS specifies the state, type of Medicaid claims data, and range of service dates to be reviewed. After a lengthy audit target selection process, CMS assigns audit targets to Audit MICs.

2. An Audit MIC will contact the provider and schedule entrance conferences which may be conducted in-person or by phone. Providers will receive ten business days’ notice of intent to audit.
   Providers will also receive an initial notification letter and a records request which outlines the specific records which will be audited. 

3. Audit MIC conducts audit including documentation and records review. These audits may be desk audits or field audits and should be conducted according to Generally Accepted Government Auditing Standards. 

4. Following the audit, the Audit MIC holds an exit conference in which the provider has the opportunity to comment on preliminary findings and provide any additional information as needed. Providers have 30 days from receipt of the preliminary findings to submit an informal dispute. 

5. An Audit MIC will prepare a Draft Audit Report if there is a potential overpayment. This report is reviewed by both the state and CMS. CMS determines the final overpayment amount and submits a final audit report to the state. The state then issues a final audit report to the provider and is responsible for collecting overpayment from providers and returning the federal share to CMS within one year. 

6. Within 28 days of receipt of the final audit report, a provider may appeal audit findings and is entitled to full appeal rights under state law. 

Medicaid Recovery Audit Contractor (RAC) Audits
*Please note that at this time the WSDA is unaware of any dental providers being audited by a Medicaid RAC in Washington state. However, Medicaid RAC audits have been conducted on dentists in other states. 

The Affordable Care Act (ACA), which was passed by Congress in 2010, requires states to partner with Medicaid RACs to identify both underpayments and overpayments by the state Medicaid agency. In September of 2011, CMS published final Federal regulations which required states to implement their respective RAC programs by January 1, 2012. 

Medicaid RACs perform both automated and complex reviews. They are paid on a contingency fee basis, meaning they receive a percentage of identified overpayments. According to CMS, states may pay contingency fees up to 12.5 percent. When conducting a RAC audit, a Medicaid RAC must not review claims that are more than 3 years from the date the claim was filed unless it has received permission from the state, as is specified in CMS’s Final Rule. 

In determining what area of a state’s Medicaid program to target, the states have full discretion in deciding the areas Medicaid RACs focus on. Therefore, any particular provider participating in a state’s Medicaid program could be subject to a RAC audit at some point in time. CMS does not require states to announce in advance the audit areas which their Medicaid RACs will focus on. CMS does not have national guidelines in place for how a state conducts their Medicaid RAC audits. Each state is responsible for determining guidelines for the audit process (such as how many records can be requested, the appeal process, etc.) for a Medicaid RAC audit. 

RAC Audit Process: 

1. Under WAC 388-502A-0600, providers receive 10 business days’ notice of intent to audit.

2. For desk audits, providers have 30 calendar days to submit records. For on-site reviews, a RAC should schedule a review 30 days in advance.

3. Under federal regulations, Medicaid RACs have 60 days to notify providers of overpayment findings and send Preliminary Review Results to the provider. Providers may request an Informal Dispute Review conference within 30 days of the receipt of their Preliminary Review Results, providing any additional information they wish to have considered.

4. Medicaid RACs will send Final Review Results within 45 days of Preliminary Results notification or within 60 days of completing Informal Dispute Reviews.

5. Providers may request a formal appeal within 28 days of receiving the Final Review Results.
Appeal process in Washington state: 

Under Washington state law, providers who have been audited have two opportunities to dispute audit findings: an informal dispute process and a formal appeal. 

Provider Audit-Dispute Process (WAC-182-502A-1100):

Providers may dispute draft audit findings by submitting a written request within 30 calendar days of receipt of the draft report. 

The provider must specify which findings they are contesting, supply documentation to support their position, and indicate whether a dispute conference is requested. 

The HCA/contractor may decline a provider’s dispute request.

A provider must schedule a dispute conference within 60 days of receiving a written acceptance of the request for a dispute conference. 

If during the dispute conference an agreement is reached, the HCA/contactor will issue a final audit report. If an agreement between the provider and HCA/contractor cannot be reached during the dispute conference, and the provider has had the opportunity to raise all concerns, the HCA/contractor will close the dispute process and issue a final audit report. 

Provider Audit-Final Report/Appeal 
(WAC 182-502A-1200):

Upon receiving a final audit report, a provider has 28 calendar days from the date of the report to appeal the overpayment.

A request for an audit appeal must be in writing, state the basis for contesting the final audit report and be served on the HCA within 28 calendar days in a manner which provides proof of receipt.

During an audit appeal hearing, the provider will carry the burden of proving compliance with applicable federal and state statutes and regulations, billing instructions, fee schedules, and published memoranda. 
Audit Methodologies: 

There are several methods in which audits may be conducted. These methods include the use of algorithms, 100 percent review of paid claims for a specific time period (claim-by-claim audit), and random sampling and extrapolation. According to recent documentation from the HCA’s Office of Program Integrity, auditors often use random sampling and extrapolation. 

  WAC 182-502A-0900 lays out the following requirements when conducting audit sampling, extrapolation and claim-by-claim review:

When conducting an audit, a sample size must be sufficient to ensure at least a ninety five percent confidence level.

When calculating the amount to be recovered, the department totals all overpayments and underpayments reflected in the sample and may extrapolate to the universe from which the sample was drawn.

• When the department uses the results of an audit sample to extrapolate the amount to be recovered, the provider may request a description of all of the following:

 (i) The universe from which the department drew the sample;

 (ii) The sample size and method that the department used to select the sample; and

 (iii) The formulas and calculation procedures the department used to determine the amount of the overpayment.

•  When a claim-by-claim audit is conducted, specific claims are selected from the universe and audit overpayments are not extrapolated.

• The department recovers overpayments identified in the final audit report.

• The department does not consider nonbilled or zero paid services or supplies when calculating underpayments or overpayments.

• The department considers undocumented services to be program overpayments.
Posted: / Last Updated: