For more than a year (since April 2008), the Centers for Medicare & Medicaid Services (CMS) gradually has rolled out the Medicaid Integrity Program (MIP), and Medicaid integrity contractors (MICs) already have performed audits at provider sites in select states. Come 2010, the MIP will be fully operational in all states, so providers need to be prepared when their times come.


Congress developed the MIP as part of the Deficit Reduction Act of 2005 with an eye toward recovering improper payments made under the $300 billion-a-year Medicaid program.


MIP Overview


The independent contractors, or MICs, hired by CMS will perform the following tasks as part of the MIP:


§  Review provider actions to detect fraud, waste or abuse.


§  Audit provider claims.



§  Identify overpayments.


§  Educate providers and state and local employees involved in Medicaid administration on payment integrity.


There are three types of MICs. The types and the roles they play are listed below:


§  Review of Provider MICs work with CMS to analyze data and identify potential leads for prospective audits.


§  Audit MICs perform on-site or “desk” audits of providers’ records, depending on what CMS and the review-of-provider MICs identify.


§  Education MICs provide educational services to providers and Medicaid employees based on payment issues relevant to their regions. CMS has started awarding contracts in this area.


Of these three types of contractors, the one that will be of greatest concern to providers is the audit MICs, which currently include Booz Allen Hamilton, Health Management Systems, Fox & Associates, Health Integrity and IPRO. Although their function parallels that of the RACs, audit MICs differ in a number of important ways.


RACs versus MICs


In general, MIC audits have fewer statutory checks on record review than do RAC audits. Under Medicare, RACs have a three-year limit on the period for which they can review records. There is no such limit for MICs, which have the legal authority to look as far back as records exist. Note, however, that CMS has adopted a general policy of mirroring the look-back period that each corresponding state employs.


Similarly, there is no limit to the number of records that an auditor can request under the MIP, while RAC audits are capped at 200 records. CMS also defers to state policy when it comes to the number of days providers have to produce records under a MIP audit. With a RAC audit, providers have a maximum of 45 days in which to produce records.


In summary, providers have a lot less certainty concerning the details of a MIC audit. On the positive side, MICs are not reimbursed on a contingency basis like RACs, which receive compensation based on the number of overpayments they find. MICs simply receive a flat fee for their services.


What to Expect


Any Medicaid provider can expect an audit, including fee-for-service, institutional or non-institutional providers, plus managed care organizations. This summer, of approximately 500 such audits, 44 percent targeted hospital records, 29 percent targeted long-term care facilities, and 21 percent targeted pharmacies.


If a provider receives a notification letter indicating that it has been selected for an audit, it must make records available within an audit MIC’s specified time frame; however, providers have the option of appealing to the MIC for an extension. And one fine point – CMS does not reimburse audited facilities for record reproduction or mailing costs.


MICs must conduct their audits according to generally accepted standards, but other than that, there appear to be few concrete parameters. Once an audit MIC has concluded its draft report and reached a preliminary conclusion, the next steps follow:


§  The MIC sends the draft audit report to the state, then to the provider. The state and the provider have the opportunity to review and comment on the draft report’s findings.

§  CMS reviews the draft report and considers state and provider comments in preparing a revised draft report.

§  The state may review the revised draft report and make additional comments.

§  CMS finalizes the audit report, specifies any overpayment, and sends its final report to the state, which collects any overpayment in accordance with its law.

§  Providers may appeal the finding as specified under state law.


At the outset of a recent CMS open-door forum on MIP, Paul Miner, deputy director of the Medicaid Integrity Group, admitted “the fact of the matter is this: we can do a better job of provider outreach.” Indeed, many MIP details remain sketchy, and providers are likely to have many questions. CMS promises more information, including answers to frequently asked questions, soon on its MIP Web page (


RACMonitorEnews also will provide additional information as the MIC program progresses into 2010.


About the Authors

Randy Wiitala, BS, MT (ASCP) conducts CPT coding and chargemaster assessments, reviews provider operations for regulatory agency compliance, evaluates administrative policies and procedures and assists in the development of quality-assurance programs. He’s also a frequent seminar presenter, speaking to hospitals, corporations, clinics, state hospital associations and professional organizations. These educational programs cover a variety of areas, such as coding, regulatory compliance and reimbursement for laboratories; chargemaster system management; and APCs. Randy contributes to a number of MedLearn books, as well as the Laboratory Compliance Manager newsletter. He is the project lead on MedLearn’s RAC Outpatient Data Analytics. He is a member of the American Society of Clinical Pathologists, the National Certification Agency and Healthcare Financial Management.

Barb Vandergrift, RN, BSN, MA, is a senior healthcare consultant with Medical Learning, Inc. (MedLearn), St. Paul, MN. MedLearn is a nationally recognized expert in healthcare compliance and reimbursement. Founded in 1991, MedLearn delivers actionable answers that will equip healthcare organizations with their coding, chargemaster, reimbursement management and RAC solutions.


Carol Spencer, BA, RHIA, CCS, CHDA, is a thought-leader on data analytics with extensive CDIP and RACs experience. She is the MedLearn project lead on MedLearn’s RAC Inpatient Data Analytics. She brings more than 20 years of experience in Health Information Management, coding, teaching, data quality and operations. Carol holds a BA in Health Information Management and an RHIA. She is an accomplished teacher, author, and speaker covering subjects/topics such as: CPT and ICD-9-CM coding, Physician Office Coding/Billing, Medical Terminology, and financial and compliance impacts of the MS-DRG rule change and compliance strategies.



Information Sources

§  CMS Special Open Door Forum: Medicaid Integrity Provider Audit Program, transcript available at

MIP Provider Audit Fact Sheet, available for download at

Share This Article