October 2013 Volume 10 Number 2

The Latest Development in Medicare Audits:
Supplemental Medical Review Contractor (“SMRC”) Audits

By Jessica L. Gustafson and Abby Pendleton, The Health Law Partners, P.C, Southfield, MI


As healthcare providers and suppliers are very much aware, the Centers for Medicare & Medicaid Services (“CMS”) has adopted and implemented numerous Medicare auditing initiatives, each with a slightly different focus, and include the following:

  • Comprehensive Error Rate Testing (“CERT”) audits to measure improper payments in the Medicare fee-for-service (“FFS”) program;1
  • Medicare Administrative Contractor (“MAC”) audits;
  • Recovery audits (formerly known as Recovery Audit Contractor (“RAC”) audits) to identify and correct improper payments in the Medicare program;2 and
  • Zone Program Integrity Contractor (“ZPIC”) audits3 to prevent, detect and deter incidences of fraud and abuse in the Medicare programs (the benefit integrity functions of which to be rolled into the forthcoming Unified Program Integrity Contractor (“UPIC”) audits).4

Although this may seem to those in the healthcare provider and supplier community to be a sufficient number of auditing bodies protecting CMS from making improper payments (or assisting CMS to recover same),5 CMS recently has announced yet another “supplemental” Medicare auditing program: Supplemental Medical Review Contractor (“SMRC”) audits. Although CMS has been silent regarding the basis for its perceived need for an additional layer of auditing activity, CMS has contracted with StrategicHealthSolutions, LLC “to perform and/or provide support for a variety of tasks aimed at lowering the improper payment rates and increasing efficiencies of the medical review functions of the Medicare and Medicaid Programs.”6

SMRC Auditing Activity

SMRC audits have already begun, with providers and suppliers recently beginning to receive additional documentation requests from StrategicHealthSolutions, LLC over the past months. SMRC audits are being conducted on Part A, Part B and durable medical equipment (“DME”) providers and suppliers nationwide7 and are focused on vulnerabilities identified by data analysis, CERT audits and other sources (including professional organizations and federal oversight agencies). As of the present date, StrategicHealthSolutions, LLC’s website lists the following as areas of current medical review:

  • Power Mobility Devices (focused on claims from those states not included in the Prior Authorization Demonstration program for power mobility devices (i.e., reviews will not focus on suppliers in CA, IL, MI, NY, NC, FL and TX));8
  • E/M services (focused on codes 99214 and 99215);9
  • Hyperbaric Oxygen Therapy services;
  • Inpatient Rehabilitation Facility (“IRF”) services;
  • Male Vacuum Erection Devices; and
  • Transforaminal Epidural Injections.10

Note that the “Current Supplemental Medical Review Contractor Projects” page of the StrategicHealthSolutions, LLC website added IRF services and transforaminal epidural injections within the past few weeks. As it appears the areas of focus for SMRC medical review may be rapidly expanding, providers and suppliers ought to closely monitor the SMRC website for areas of audit focus.

In recent history, Part A inpatient hospital claims have been subject to aggressive auditing efforts, in particular by Recovery Auditors and Medicare Administrative Contractors.11 It does not appear that SMRC audits will be seeking to duplicate these efforts, at least for now. However, given that SMRC audits are focusing medical review resources on Power Mobility Devices (another area of existing claims scrutiny notwithstanding SMRC audits);12 hospitals and health systems may see Part A inpatient claim auditing by the SMRC at some point in the future.

Adding to the administrative burden faced by providers and suppliers already subject to significant auditing activity by numerous CMS contractors, StrategicHealthSolutions, LLC has advised that it is “not authorized to reimburse providers/suppliers for the cost of medical record duplication or mailing,”13 (in contrast to Recovery Auditors, which reimburse providers and suppliers for the cost of medical record duplication for certain claims),14 and there is no indication that SMRC audits will take into consideration the additional documentation limits in place for Recovery Audits in particular.15 Providers and suppliers are given the option to submit requested medical records via Electronic Submission of Medical Documentation (“esMD”),16 by fax or by mail. If requested records are submitted via mail on CD, StrategicHealthSolutions, LLC has requested that the documentation be provided in PDF format on a password-protected CD. Providers and suppliers are specifically instructed not to enclose the password to access the CD in the same mailing as the CD itself. Therefore, as a practical matter, providers and suppliers may choose against this method of documentation submission, as it seems that issues would undoubtedly arise with packages becoming separated, impacting the SMRC’s ability to access the information and creating a potential additional layer of administrative burden if this information needs to be re-submitted.17


All providers and suppliers (not just hospitals and health systems) must maintain a continued focus on compliance and ensure that services provided are medically necessary and appropriately documented pursuant to Medicare guidelines. The SMRC audit program is the latest addition to an already robust auditing environment. In addition to monitoring the yearly OIG Work Plan, CMS guidance materials, and the Recovery Auditors’ websites, providers and suppliers (and their legal counsel) are well advised to add the SMRC website to their list of resources advising them of the areas of CMS medical review focus and take steps to monitor these areas for compliance.

1See http://www.cms.gov/CERT (last accessed August 21, 2013).
2http://www.cms.gov/rac (last accessed August 21, 2013).
3See Medicare Program Integrity Manual (CMS Pub. 100-08), Ch. 4, §
4Pursuant to a recently-issued Request for Information (“RFI”) published in July 2013, CMS (through the Center for Program Integrity (“CPI”)) outlined requirements and provided a brief description of work anticipated to be completed by the UPICs. UPICs will be designed to create a unified program integrity strategy “across the Medicare and Medicaid program integrity continuum.” See RFI, available at http://aishealth.com/sites/all/files/upic_proposal.pdf (last accessed August 26, 2013).

In a report issued July 23, 2013, the U.S. Government Accountability Office (“GAO”) considered “Medicare Program Integrity: Increasing Consistency of Contractor Requirements May Improve Administrative Efficiency” available at http://www.gao.gov/assets/660/656132.pdf.

Acknowledging administrative burdens placed on healthcare providers and suppliers facing a multitude of medical reviews by different contractors, the GAO analyzed the auditing process of CERT contractors, MACs, Recovery Auditors and ZPICs, and found that each had different processes for conducting medical reviews, leading to inefficiencies. “Having inefficient processes that complicate compliance can reduce effectiveness of medical reviews, and is inconsistent with executive-agency guidelines to streamline service delivery and with having a strong internal control environment.” The GAO recommended that CMS review its auditing contractors’ activities, assess these areas of inefficiency and take steps to “reduce differences [among contractors] where it can be done without impeding efforts to reduce improper payments.”

In its report, the GAO found that of the four types of medical review contractors listed above, Recovery Auditors (notably, the only one of the four compensated on a contingency fee basis), conducted nearly five times as many reviews as the other three types of contractors combined. However, even with all of this auditing activity, the GAO found that less than one percent of the claims submitted were pulled for complex review (requiring a submission of medical records) by a medical review contractor. In particular, in 2012 over 1 billion claims were processed, and 1.4 million claims were subject to complex review by a medical review contractor. Id. See also Executive Summary available at http://www.gao.gov/assets/660/656133.pdf, last accessed August 23, 2013.

6http://www.strategichs.com/about-smrc/ (last accessed August 21, 2013). Note that although the StrategicHealthSolutions, LLC website indicates that reviews may focus on Medicaid claims in addition to Medicare claims, the current listed projects involve only Medicare claims.
7http://www.strategichs.com/about-smrc/ (last accessed August 22, 2013).
8http://www.cms.gov/Research-Statistics-Data-and-Systems/Monitoring-Programs/Medical-Review/Downloads/PMD-ADR-Template.pdf (last accessed August 22, 2013).
9http://www.strategichs.com/dl-directory/wEM_ADR_letter_template.PUBWEB.Final.05.23.13-v4.pdf (last accessed August 22, 2013).
10http://www.strategichs.com/current-smrc-projects/ (last accessed August 22, 2013).
11See e.g., http://www.cms.gov/Research-Statistics-Data-and-Systems/Monitoring-Programs/Recovery-Audit-Program/Downloads/Medicare-FFS-Recovery-Audit-Program-2nd-Qtr2013.pdf (last accessed August 22, 2013).
12See e.g., https://www.cms.gov/Research-Statistics-Data-and-Systems/Monitoring-Programs/CERT/Downloads/Status-Update-April-2013.pdf (last accessed August 22, 2013).
13http://www.strategichs.com/dl-directory/Ltr_CMS_Providers_Suppliers.pdf (last accessed August 22, 2013).
14See Statement of Work for Recovery Audit program at p. 14, available at http://www.cms.gov/Research-Statistics-Data-and-Systems/Monitoring-Programs/Recovery-Audit-Program/Downloads/090111RACFinSOW.pdf (last accessed August 26, 2013).

With respect to the Recovery Audit program, Additional Documentation Limits for Medicare providers (except suppliers and physicians) are available at http://www.cms.gov/Research-Statistics-Data-and-Systems/Monitoring-Programs/Recovery-Audit-Program/Downloads/April-2013-Provider-ADR-Limit-Update1.pdf (last accessed August 26, 2013).

With respect to the Recovery Audit program, Additional Documentation Limits for Medicare suppliers are available at http://www.cms.gov/Research-Statistics-Data-and-Systems/Monitoring-Programs/Recovery-Audit-Program/Downloads/April-2013-Supplier-ADR-Limit-Update2.pdf (last accessed August 26, 2013).

16In the CMS esMD program, providers and suppliers have the option to electronically send medical documentation to a requesting Review Contractor, using either their own electronic gateway or contracting with a CMS Certified esMD health information handler. Information on the CMS esMD program is available at http://www.cms.gov/esmd and http://www.cms.gov/Research-Statistics-Data-and-Systems/Computer-Data-and-Systems/ESMD/Downloads/esMD-Semi-Annual-Program-Report-Oct-1-2012-Mar-31-2013.pdf (last accessed August 26, 2013).

http://www.strategichs.com/dl-directory/wInstructReqDocPUBWEB073013d.pdf (last accessed August 22, 2013).

In contrast to this process, and by way of illustration of other permissible submission methods, at least one Recovery Auditor instructs providers and suppliers submitting requested documentation via CD to either password protect the CD or use PGP encryption of the CD submitted. Providers and suppliers are instructed to use the Additional Documentation Request Letter ID as the password to a password-protected CD, and enclose a copy of the Additional Documentation Request letter with the CD. If using encrypted PGP files, providers and suppliers are instructed to call customer service for the Public Encryption key. See e.g., https://racb.cgi.com/Docs/RAC_Medical_Record_Submission_Template_041513.pdf (last accessed August 26, 2013). Although arguably this process is administratively burdensome, the submission only involves one package, therefore mitigating the potential of the need to submit documentation multiple times.

The ABA Health eSource is distributed automatically to members of the ABA Health Law Section . Please feel free to forward it! Non-members may also sign up to receive the ABA Health eSource.