ZPICs and Skilled Nursing Facilities: Medicare’s Wild Wild West

Jan 11, 2013   
Print Friendly, PDF & Email

I. General Background

Fraud and abuse in the Medicare system undoubtedly increases healthcare costs for healthcare providers and healthcare beneficiaries. Healthcare providers, as a whole, can appreciate the efforts of the Department of Health and Human Services and the Centers for Medicare and Medicaid Services (“CMS”) to ferret out abuses in the Medicare system. However, these efforts must be rational and reasonable so as not to interfere with the duty to provide reasonably necessary healthcare treatment and services.

In 2008, CMS began consolidating its third-party audit contracts into multi-million dollar Zone Program Integrity Contractor (“ZPIC”) contracts in an effort to “address fraud, waste and abuse” in the Medicare system  “by performing regional Medicare data analysis, complaint resolution and investigative activities.” According to a ZPIC contractor’s website:

The ZPIC contracts include work for all claim types including Part A, Home Health, Hospice, Part B, Durable Medical Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS), Managed Care (Part C), Part D Medicare Prescription Drug, and Medicare and Medicaid Data Matching. Part A cost report audit and reimbursement will also added under the scope of a ZPIC contractor.2

In order to accomplish its goal, the United States was divided into seven (7) zones, with Florida in Zone 7. Figure 1, below, identifies the entities to which CMS awarded ZPIC contracts and the contract amounts:

Figure 1


Government-Contracted ZPIC auditor Region Contract Amount ($)
1 SafeGuard Services, LLC3

Zone 1: California, Nevada, American Samoa, Guam, Hawaii, the Northern Mariana Islands, Palau, Marshall Islands, and the Federated States of Micronesia.

2 NCI, Inc. (previously AdvanceMed)4

Zone 2: Alaska, Washington, Oregon, Montana, Idaho, Wyoming, Utah, Arizona, North Dakota, South Dakota, Nebraska, Kansas, Iowa and Missouri.

3 & 6 Cahaba Safeguard Administrators5

Zone 3: Minnesota, Wisconsin, Illinois, Indiana, Michigan, Ohio and Kentucky; Zone 6: Pennsylvania, New York, Maryland, DC, Delaware, Maine, Massachusetts, New Jersey, Connecticut, Rhode Island, New Hampshire and Vermont.

4 Health Integrity, LLC6

Zone 4: Texas, Oklahoma, Colorado, and New Mexico.

5 AdvanceMed Corporation7

Zone 5: West Virginia, Virginia, North Carolina, South Carolina, Georgia, Alabama, Mississippi, Tennessee, Arkansas, and Louisiana.

7 SafeGuard Services, LLC8

Zone 7: Florida, Puerto Rico, and the U.S. Virgin Islands




Considering the Federal government is spending over one half of a billion dollars on ZPIC contracts, healthcare providers should expect nothing less than highly aggressive ZPIC auditors justifying their contracts. ZPICs are targeting everyone, including top-rated and reputable skilled nursing facilities (a/k/a nursing homes). Moreover, ZPICs are executing their mandate through a variety of practices (discussed below), none of which appear to be authorized by the Medicare Act (42 U.S.C. § 1395hh(a)(2)), none of which have been promulgated through the rulemaking procedures required by the Administrative Procedures Act (5 U.S.C. § 553), and all of which severely restrict a skilled nursing facility’s ability to operate. It is only a matter of time before the nursing home residents begin to feel the adverse impact of these audits.

II. A Firsthand Sampling of ZPIC Abuses against Skilled Nursing Facilities

A sampling of the practices employed by ZPIC auditors are set forth below:

A. Unannounced Visits

Nursing homes are accustomed to unannounced surveys and audits from federal and state agencies. However, ZPIC auditors in Florida have taken the unannounced visit to a new level. When ZPICs Zone 7 auditor, SafeGuard Services, LLC (“SafeGuard”), targets a facility, not only are the visits unannounced, but the visits are also accompanied by demands for immediate access to voluminous and confidential patient medical records, related and unrelated billing records, proprietary corporate business and financial information, and employees (for interview purposes) ”” all without regard to federally mandated staffing levels, the requirements of resident care, and the orderly operation of the skilled nursing facility. Moreover, Safeguard has regularly sought to preclude the skilled nursing facilities’ abilities to procure legal advice to discern how to respond to the demand for instantaneous and boundless access to records and personnel.  When nursing homes question the ZPIC auditors’ tactics, ZPIC auditors have become hostile, and over time, have developed a reputation that has instilled fear in every nursing facility under its “jurisdiction.”

B. Unknown and/or Deficient ZPIC Auditor Qualifications

ZPICs are charged with the task of ensuring that only reasonably necessary medical services are compensated.  However, actual ZPIC auditors charged with the day-to-day task of “policing” the dispensation of medical services have been exposed to lack formalized auditor training and/or corresponding medical, therapeutic or other clinical backgrounds. That said, it appears as though experience in the medical profession does not appear to be a prerequisite to conduct the purported audits, which, among other things, focus on medical necessity.

In one instance, a ZPIC audit resulted in an “initial” denial of therapy claims9 for an individual who, just one week prior, had his leg amputated, was receiving two (2) separate intravenous antibiotics and had physicians orders for medically necessary therapy in order to strengthen his lower body so that he would be strong enough for a prosthetic leg. Despite such grave health issues, a ZPIC auditor with no known medical background or other formalized medical training or education, made the astonishing and troubling determination, without any explanation, that therapy in this situation was unnecessary and/or unwarranted, thereby disallowing reimbursement for the physician ordered treatment. In a separate instance, approximately $2,800,000.00 of claims were denied as being “medically unnecessary.” The ZPIC auditors came to this decision by using computer-driven extrapolation methods which stripped $2,800,000 of compensation for care already given by reviewing a grand total of”¦ten (10) records. Telling, not one of those ten records appeared to have been reviewed by physicians or medical professionals.

Despite half of a billion dollars being paid to third-party contractors, there appears to be no substantive effort to actually find fraud and abuse in the Medicare system. In the former scenario, the facility had no choice but to shoulder the entire financial burden of complying with the physician’s orders and providing such medically necessary therapy, including intravenous antibiotics as needed.  That same provider  must somehow find the resources to stay in business while it wastes time and resources slowly working through the appellate process.

If the ZPIC auditors are permitted to continue as they have been, many nursing facilities will simply have no choice but to stop providing treatment until such time as CMS formally approves the procedure. Needed care will be not be dispensed, at least on a timely basis. Businesses cannot operate on an accounts receivable basis with the persistent threat of indiscriminate, inexplicable challenges to the services already provided. After all, who is going to make payroll to the employees? Who will pay the vendors? Who will make the lease payments? Who will make the licensing fees? The skilled nursing facilities cannot (and should not be required to) shoulder these financial burdens, whether prospectively or retrospectively, without proper reimbursement under the Medicare program.

C. Unreasonable Scope of Document Requests

Section 1833(e) of the Social Security Act states that Medicare auditors are only entitled to “information as may be necessary in order to determine the amount due such provider.” Yet, requests by ZPIC auditors, in particular SafeGuard, go well beyond the scope of information which may lawfully be requested. In one known instance, SafeGuard made one hundred and fifty four (154) separate requests for six (6) months of patient files10, along with two years of confidential and proprietary business and financial information (including, but not limited to, credit card statements, Facility floor plans, board meeting minutes, organizational charts, chart of accounts, Facility check registers, lists of entities doing business with the Facility, profit/loss statements, journal entries/descriptions, balance sheets, general ledgers, financial statements (audited and summary), backup financial data for cost reports, etc.).

In the face of questioning as to why the entire scope of such information was relevant, or upon what authority SafeGuard claimed to be entitled to it, Safeguard retreated to the “because we said so” argument. SafeGuard has been unable (or unwilling) to engage in a substantive dialogue concerning the basis for such requests, or to in any way elucidate a rationale for why such proprietary and confidential information is relevant in determining amounts due to the provider.   Instead, Safeguard rests on its earned reputation of fear and intimidation to coerce the production of such protected documents.

D. Unreasonable and Arbitrary Compliance Deadlines

In addition to the unreasonable scope of the requests, the ZPIC auditors place skilled nursing facilities in a position where compliance with their over-bearing and voluminous requests is impossible. As it relates to the voluminous request noted above, the nursing facilities were given fifteen (15) days to comply, accompanied by the warning that “[n]o extensions shall be granted.” Thus, ZPIC mandates, without regard to expense of compliance, that the nursing facility stop providing care to its residents and instead focus every effort to copying tens of thousands of documents in order to meet a deadline with no extensions. Of course, ZPIC does not compensate for such a labor-intensive task, nor for that matter, the loss of revenue caused by the redistribution of the facility’s labor force.11

E. Restrictions on the Presence of an Attorney or Corporate Officer

As described above, SafeGuard simply appears at its target facility with no notice and demands access to various employees for private interviews, without the presence of a corporate officer or attorney. Of course, information garnered by SafeGuard from employee interviews could be used, in part, (a) to form the basis of a prepayment suspension and (b) as evidence against a facility in later appellate proceedings. Without the presence of a corporate representative or an attorney to, at a minimum, monitor employee interviews or without any reliable transcript/recording of the interviews, the facilities are severely prejudiced and will remain at a disadvantage in any subsequent appeal. When a facility demands, at a minimum, that its counsel be present during the course of such interviews, SafeGuard refuses, albeit with no explanation whatsoever for its purported right to unfettered access to the facility’s employees. Instead, SafeGuard threatens sanctions and retribution.

F. Delays in Producing Audit Findings; Prepayment Suspensions

Again, despite the truncated response deadlines, SafeGuard auditors lack any sense of urgency in actually reviewing the produced documents in a timely manner. Indeed, there are no known regulations governing the time ZPIC auditors have to issue findings. This is exceedingly problematic because ZPIC auditors (through MACs) appeared to initially have the ability to place all nursing homes undergoing a ZPIC audit on a prepayment suspension.

In laymans terms, before ZPIC auditors make a finding or determination related to the purported audit, the nursing homes Medicare receivables remain arbitrarily suspended and Medicare cash flow slams to an halt. (UPDATE:  CMS issued guidance to change the ZPIC audits from a pre-payment to a post-payment review system). This is where the importance of a timely ZPIC determination comes into play. Surprisingly, the Medicare Administrative Contractor (“MAC”) (the third party entity contracted by CMS to handle “claims processing, customer service, provider audit and reimbursement, provider enrollment and financial management functions for CMS)12 ”” in Florida, First Coast Services Options, Inc. ”” seems to comply with every ZPIC request to restrict a facilities’ receivables. In fact, if you inquire with the Medicare Administrative Contractor (“MAC”) as to why claims are not being process and why funds are restricted, often times, they either do not know, need additional time to look into the matter, or direct the facility to consult with the ZPIC auditor ””who then typically refers you back to the MAC. The facilities are left with their hands tied, only to figure out a way to comply with each request, jump through every hoop and meet every appeal deadline, all while figuring out ways to maintain resident care and meet payroll obligations.13

III. Conclusion

If these ZPIC practices become the industry norm, facilities will have no means to remain in the business of providing top-rated care. Federal and state budgetary cutbacks have already caused a substantial hole in the level of compensation paid for necessary treatment and care; the industry cannot fiscally stomach any further disruption. The ZPIC audits have demonstrated the unchecked abuse and disruption to the healthcare system. Unacceptable levels of future closings will take place, and those in need of the nursing home care will be at a total loss.  Armed with over Five Hundred Seventeen Million U.S. Dollars ($517,000,000.00) of taxpayer money, and empowered with unchecked authority, ZPIC auditors have placed unregulated burdens, demands and deadlines on skilled nursing facilities such that compliance is impossible, while at the same time financially crippling a facility’s ability to defend itself against attack.

Fuerst Ittleman David & Joseph, PL will continue to monitor the ZPIC landscape, vigorously defend against all perceived abuses of scope and authority, and work tirelessly with its clients through every stage of the investigations, including the five (5) stages of appeal, to ensure receipt of all funds due and owing. If your organization is the subject of a ZPIC audit, contact our firm’s litigation department by calling 305.350.5690, or by emailing us  at contact@fidjlaw.com.









9To fully appreciate how taxing such a denial is to the provider, one must appreciate that an “initial” denial is continual in nature until such time as the entire ZPIC audit process, which may include five (5) separate stages of appeal, is exhausted. Thus, despite providing obviously necessary medical treatment, the ZPICs “initial” denial causes the disastrous absence of funds to the provider, funds which are particularly necessary, and scarce, given the federally mandated cut-backs to the Medicare and Medicaid recipients. A detailed discussion concerning the five (5) stages of appeal is beyond the scope of this entry.

10Patient files may involve a magnitude of detailed documents, including, but not limited to, Physical Therapy Notes, Occupational Therapy Notes, Speech Therapy Notes, Nursing Notes, Podiatry Notes, Psychology Notes, Psychiatry Notes, Dietary Notes, Activity Notes, Social Service Notes, Care Plans, Minimum Data Sets (MDS) (a 65 page document which must be completed on day 5, 14, 30, 60, 90 of a residents stay or every time there is a change in therapy), Resident Assessment Protocols, Medication Administration Records (MARs), Treatment Records, Wound Assessments, Falls Assessments, Bowel and Bladder Assessments, Smoking Assessments, General Admissions Paperwork, Billing Records, Physicians Orders, Physician Progress Notes, Telephone Orders, Nutrition Assessments, Hydration Assessments, Restraint Assessments, Position Assessments, ADL flow sheets, etc.

11In one instance, a facility actually made the effort to comply with the demands and offered to produce the tens of thousands of pages sought to SafeGuard. Confused by the fact that a facility actually moved heaven and earth to comply with its demands, SafeGuard refused the production, instead demanding that the documents be produced exclusively in digital form (on a CD or removal storage drive). When the facility demurred to this new demand, SafeGuard threatened the facility with the ultimate sanction of the immediate removal from the Medicare program!


13As it relates to prepayment suspensions, Dr. Peter Budetti, M.D., J.D., Deputy Administrator and Director, Center for Program Integrity, Centers for Medicare & Medicaid Services, Department of Health and Human Services issued correspondence to Ms. Elise Smith, Senior Vice President, Finance Policy and Legal Affairs, American Health Care Association dated August 23, 2012 stating, “CMS has determined that we can accomplish the appropriate oversight without continued prepayment review and have instructed our contractors to stop prepayment review in these facilities effective August 23, 2012.” (Emphasis added). Dr. Budettis August 23, 2012 correspondence appeared, on its face, to be a source of relief for nursing homes struggling to care for residents and meet payroll in light of the prepayment suspensions. In practice, however, even when presented with this correspondence, SafeGuard continued to restrict cash flow (on a prepayment basis), restrict bad debt payments and re-open four years of cost reports retroactively deny all Medicare claims contained therein, all without any findings, determinations or notices of any kind.