Providers need to know their rights when it comes to investigations and audits by CMS UPIC contractors, such as SafeGuard and Qlarant. These investigators are private citizens, with no more authority or power of law than anyone else. Yet, they often employ traditional law enforcement techniques. Don't be fooled.

SafeGuard Services, LLC is a private company under contract with the Centers for Medicare & Medicaid Services (CMS) to review and investigate claims submitted to government payors for potential fraud, waste, and abuse. It is critical that providers understand their rights because Safeguard's investigators are using surprise visits and intimidation tactics to obtain information to which they are not legally entitled.

safeguard audit rights

CMS Unified Program Integrity Contractors (UPIC)

UPICs perform fraud, waste, and abuse detection activities for government claims processed in the United States.

Specifically, UPICs monitor Medicare Parts A, B, Durable Medical Equipment (DME), Home Health and Hospice (HH+H), and Medicaid claims.

SafeGuard is a UPIC

UPICs operate in five geographies: Qlarant operates in the Western and Southwestern areas; CoventBridge Group in the Mid-Western region; and SafeGuard in the Northeastern and Southeastern regions.

SafeGuard is contracted with CMS to screen investigative "leads" from data analysis, complaints, tips, social media, and law enforcement. SafeGuard will then investigate those leads that warrant further attention.

SafeGuard Investigations & Audits

An investigation or audit is the formal review of suspect claims to establish evidence that potentially fraudulent activities or other improper payments have occurred.

Among other techniques, SafeGuard investigations may include: contact with the provider via telephone or on-site visit; beneficiary interviews; interviews of employees or associates of the provider; medical record requests and reviews; and recommendations regarding administrative action.

SafeGuard employs numerous "fraud investigators" who typically have prior experience in claims audits or law enforcement. It is important to remember, however, that SafeGuard investigators are ordinary citizens and do not have the authority of a badge or the privileges under law reserved for law enforcement officers.

SafeGuard May Refer to Law Enforcement

Government law enforcement agencies often work with SafeGuard. For example, law enforcement may request assistance from SafeGuard in conducting a review of Medicaid claims data. In addition, SafeGuard may share information on a provider with law enforcement without notice to the provider.

All UPIC referrals of potential fraud are reviewed by the Department of Health & Human Services (HHS-OIG) for coordination with the State's Medicaid Fraud Control Unit. If the case is declined by law enforcement, the State Medicaid Agency may commence administrative proceedings.

Do Not Let SafeGuard Infringe Your Rights

Importantly, SafeGuard is not authorized under law to investigate anyone. Rather, their authority is contractually delegated by CMS, which is itself not a law enforcement agency. Yet, SafeGuard investigators are using traditional law enforcement tactics to scare providers into giving them information voluntarily. Do not be intimidated. In many instances, Safeguard employees are not entitled to the information requested.

For example, SafeGuard investigators often conduct surprise visits to a provider using "show of force" methods. This involves numerous SafeGuard investigators arriving unannounced at a provider's office, typically early morning when clerical and administrative staff are opening. Think about that: are your support staff trained on how to respond if two burly men and a sharply dressed female barge in the door, say they are acting on behalf of the federal government, and demand records on the spot? Probably not.

Just as importantly, do you know your rights when it comes to those demands? For example, are SafeGuard contractors entitled to obtain records that relate to non-government claims? Are you required to answer their questions? What are the consequences if you refuse to provide information? If you think SafeGuard is going to help you understand these issues, think again.

In short, providers should have an audit protection plan in place before they need it. Such a plan involves, at a minimum, education, staff training, and even mock drills to prepare for something you hope will never happen. That's insurance well-spent.

HLA is Available to Help

If you are contemplating an audit protection plan or would like assistance implementing one, call or email for additional details.

Frequently Asked Questions

Pharmacy Benefit Managers (PBMs) Face Possible FTC Lawsuit

The Federal Trade Commission (FTC) plans to sue the top Pharmacy Benefit Managers (PBMs) for anti-competitive practices, including influencing drug prices and favoring their own networks, which disadvantage independent pharmacies and raise prescription drug costs.


Victories Against Optum Rx: Protecting Pharmacy Clients Nationwide

Health Law Alliance has successfully challenged Optum Rx's termination decisions for numerous pharmacies, ensuring they can continue to operate and serve their communities. These victories highlight the firm's expertise in healthcare law and its dedication to protecting pharmacy clients from unjust PBM actions.


FTC Issues Interim Report Condemning Anticompetitive PBM Practices

The top Pharmacy Benefit Managers (PBMs) are condemned by the FTC for manipulating the healthcare system to generate significant profits, thereby inflating drug costs and overcharging patients, particularly for critical medications like cancer drugs.


Seized Ozempic Shipments Highlight Rising Demand and Safety Concerns

Ozempic, a well-known medication for type 2 diabetes, has gained popularity for its off-label use in weight loss, leading to increased scrutiny by authorities. Recently, U.S. Customs and Border Protection (CBP) officers in Cincinnati seized several shipments of the drug, underscoring the growing demand and associated risks.