While supplies last! Free 2022 Coding Essentials for Infusion & Injection Therapy Services book with every RACmonitor webcast order. No code required. Order now >

The Medicaid Integrity Contractors (MICs) were designated by the Deficit Reduction Act of 2005 to help fulfill the federal government’s mandate from Congress to reduce fraud, waste and abuse in the Medicare and Medicaid federal entitlement programs.

In 2008, Medicaid ranked highest, at $18.6 billion, on a list of federal agencies issuing improper payments — beating out Medicare, at $10.4 billion, and Medicare Advantage, far behind at $6.8 billion, according to CMS.

I myself emerged from the HCCA conference in Las Vegas a few months ago more daunted by the Medicaid initiatives than the Medicare initiatives. The sessions were slanted five-to-one on the Medicaid side, led by a rousing and intriguing presentation by Jim Sheehan, the New York Medicaid Inspector General, who is leading the charge in the states that already have rolled out their Medicaid Benefit Integrity units.

The MICs will audit Medicaid claims and identify overpayments and areas of high risk for payment error or fraud. Similar to the RACs, the MICs will use a data-driven approach to focus efforts on aberrant billing practices.

Some possible targets include the following:


  • Services provided after the death of a beneficiary
  • Duplicate claims
  • Unbundling of services
  • Outpatient claims with service dates that overlap dates of an inpatient stay

Many providers have voiced concerns that the same safeguards contained in the RAC program are not present in those of other review contractors. For example, there are no limits on the numbers of medical records or claims that can be requested for review, while RACs’ maximum is 200. Other differences abound, making MICs very distinctive from their RAC counterparts: the RAC look-back period is three years, while the MICs base their reviews on individual state look-back protocol.

Likewise, the number of days a provider has to produce medical record copies for MICs is based on state rules, unlike with RACs, for which providers have 45 days, regardless of geography. And unlike the RACs, the MICs will not be reimbursing facilities for the cost of copying and mailing charts.

Unlike RACs, MICs also are not paid by contingency fees, but rather through a fee-for-service model in which dollars recovered are not tied to compensation — although they will be eligible for bonuses based on how “effective and efficient” they are, according to CMS.

Finally, in some cases MICs will perform desk audits, and, unlike their RAC counterparts, in other situations auditors will come on-site to do reviews.

“Going to Make the RAC Look Like Kindergarten”

South Carolina was one of the first states to have MICs in place. Diane Paschal, director of corporate compliance with the South Carolina Hospital Association, said “the MICs are going to make the RAC look like kindergarten. Unlike the RAC, there are no rules for these contractors. No record limits exist, and the time allowed to respond is only 15 days.” (Lubell, 2009).

According to CMS, as stated during a Medicaid Integrity Program special open-door forum on July 15, there are almost 500 Medicaid audits currently in place in 17 states, with the program scheduled to roll out to remaining states by the end of the year.

The transcript of the call is available on the CMS Web site at: http://www.cms.hhs.gov/OpenDoorForums/Downloads/BulkfileMIPProviderAudits071509.pdf


During the call, representatives addressed these key areas:


  • The MIP audit process
  • Audit timelines
  • Web site information
  • Future meetings/calls

For those of you who are unfamiliar with the MICs, Section 1936 of the Social Security Act requires CMS to enter into contract to perform four key Medicaid Program Integrity activities:


  • Audit provider claims
  • Identify overpayments
  • Educate state or local employees involved in Medicaid administration, and others, with respect to payment integrity and quality of care.
  • Review of provider actions to determine whether fraud or abuse has occurred or may have occurred

There also are three types of contractors:


  • Review MICs, which analyze data and identify issues to pass on to audit MICs to pursue.
  • Audit MICS
  • Education MICs, which provide education to providers and others on Medicaid payment integrity and quality of care.

Three years ago, the Medicaid Integrity Group (MIG) was created at CMS to implement the Medicaid Integrity Program that Congress passed as part of the Deficit Reduction Act. Since that time, the MIG has been building its internal infrastructure, and it now is ready to start auditing your hospital.

Of the 500 audits currently under review, the provider breakdown, which perhaps is indicative of what future focus will be, is as follows:

  • 44 percent of those audits are being conducted on hospitals
  • 29 percent on long term care facilities
  • 21 percent on pharmacies
  • The remaining six percent are on other provider types such as transportation, lab, etc.

What to Expect from the MIC Audits

During the open-door forum, CMS representatives explained that the independent contractors that will be conducting the audits are required to follow the generally accepted governmental auditing standards, or GAGAS, also known as the yellow book standards. The auditors have protocols to use as guidelines, through which they are expected to exercise their best professional judgment.

Once they notify you that an audit is being conducted, most often done through a medical records request, the records will be examined and preliminary conclusions given to CMS in draft audit reports. Once CMS reviews the case, it is passed back to the state Medicaid agency for which the audit was conducted. The purpose of this protocol is to make sure that the audit is based on correct interpretation of states’ policies, practices and procedures. As you all know, every state is very different even though they all participate in the same Medicaid program.

Once a state gets a look at the draft audit report, it will make comments and revisions as necessary, and then the contractor will send the provider the draft audit report.

Typically you would have 30 calendar days to review that report, provide whatever supporting documentation you feel is appropriate to mitigate the findings, and again whatever revisions are appropriate will be made. CMS then will review the revised draft audit report and again share it with the state to make sure that they are correctly interpreting all the rules as they relate to the issue being examined.

When the issue finally is resolved, a final report will be issued to the state. The state then has the responsibility to recover overpayments using whatever administrative process and procedures it is required to abide by. The state then will notify you of the final finding and initiate whatever action is necessary. The contractor will be there to support the state’s activities, answer questions, provide work papers and even testify at hearings, if necessary.

The final resolution of the audit takes place at the state level because the state is the entity that actually has a direct legal relationship with the provider.

Limits to the number of medical records requests?

Also during the open-door forum, CMS representatives stated that there are no record limits, similar to what exist in the RAC program, but they proclaimed that they will self-limit, if you will, for the sake of practicality. What CMS is trying to do at this point is identify electronically any outlier claims that do not meet a business rule criteria: those cases could have thousands of claims in the universe. CMS expects to ask for a much smaller sample of such a universe in order to prove the original assumption, then maybe work out how to proceed from there with the provider.

CMS soon will be posting to its Web site a list of MIC FAQs, an A-to-Z document for providers and a procurement timeline, all of which will address many questions and concerns providers have.

We will update you on that as soon as it is available. In the interim, the main Medicaid Integrity Program Web site is: www.cms.hhs.gov/medicaidintegrityprogram.

About the Author 

Carla Engle, MBA, is a product manger for MediRegs, a Wolters Kluwer company. Her background includes more than 20 years in hospital and physician practice operations, particularly in reimbursement and billing functions. Prior to joining Wolters Kluwer recently, she was the vice president of compliance for a national revenue cycle solutions company and prior to that was in the reimbursement training department with HCA. For several years she headed up the Part A Fraud Investigation Unit for a CMS Program Safeguard Contractor (PSC), where she was successful in the prosecution of several national cases. In her revenue cycle compliance capacity, she worked with a number of clients in California and Florida with Recovery Audit Contractors (RACs) in setting up processes and appeals.

Contact the Author



    Lubell, J. (2009, June 15).  Some wary of RAC’s cousin. Modern Healthcare,  Vol. 39, Iss. 24; p. 8


You May Also Like

Leave a Reply

Your Name(Required)
Your Email(Required)