Providers need to know their rights when it comes to investigations and audits by CMS UPIC contractors, such as SafeGuard and Qlarant. These investigators are private citizens, with no more authority or power of law than anyone else. Yet, they often employ traditional law enforcement techniques. Don't be fooled.

SafeGuard Services, LLC is a private company under contract with the Centers for Medicare & Medicaid Services (CMS) to review and investigate claims submitted to government payors for potential fraud, waste, and abuse. It is critical that providers understand their rights because Safeguard's investigators are using surprise visits and intimidation tactics to obtain information to which they are not legally entitled.

safeguard audit rights

CMS Unified Program Integrity Contractors (UPIC)

UPICs perform fraud, waste, and abuse detection activities for government claims processed in the United States.

Specifically, UPICs monitor Medicare Parts A, B, Durable Medical Equipment (DME), Home Health and Hospice (HH+H), and Medicaid claims.

SafeGuard is a UPIC

UPICs operate in five geographies: Qlarant operates in the Western and Southwestern areas; CoventBridge Group in the Mid-Western region; and SafeGuard in the Northeastern and Southeastern regions.

SafeGuard is contracted with CMS to screen investigative "leads" from data analysis, complaints, tips, social media, and law enforcement. SafeGuard will then investigate those leads that warrant further attention.

SafeGuard Investigations & Audits

An investigation or audit is the formal review of suspect claims to establish evidence that potentially fraudulent activities or other improper payments have occurred.

Among other techniques, SafeGuard investigations may include: contact with the provider via telephone or on-site visit; beneficiary interviews; interviews of employees or associates of the provider; medical record requests and reviews; and recommendations regarding administrative action.

SafeGuard employs numerous "fraud investigators" who typically have prior experience in claims audits or law enforcement. It is important to remember, however, that SafeGuard investigators are ordinary citizens and do not have the authority of a badge or the privileges under law reserved for law enforcement officers.

SafeGuard May Refer to Law Enforcement

Government law enforcement agencies often work with SafeGuard. For example, law enforcement may request assistance from SafeGuard in conducting a review of Medicaid claims data. In addition, SafeGuard may share information on a provider with law enforcement without notice to the provider.

All UPIC referrals of potential fraud are reviewed by the Department of Health & Human Services (HHS-OIG) for coordination with the State's Medicaid Fraud Control Unit. If the case is declined by law enforcement, the State Medicaid Agency may commence administrative proceedings.

Do Not Let SafeGuard Infringe Your Rights

Importantly, SafeGuard is not authorized under law to investigate anyone. Rather, their authority is contractually delegated by CMS, which is itself not a law enforcement agency. Yet, SafeGuard investigators are using traditional law enforcement tactics to scare providers into giving them information voluntarily. Do not be intimidated. In many instances, Safeguard employees are not entitled to the information requested.

For example, SafeGuard investigators often conduct surprise visits to a provider using "show of force" methods. This involves numerous SafeGuard investigators arriving unannounced at a provider's office, typically early morning when clerical and administrative staff are opening. Think about that: are your support staff trained on how to respond if two burly men and a sharply dressed female barge in the door, say they are acting on behalf of the federal government, and demand records on the spot? Probably not.

Just as importantly, do you know your rights when it comes to those demands? For example, are SafeGuard contractors entitled to obtain records that relate to non-government claims? Are you required to answer their questions? What are the consequences if you refuse to provide information? If you think SafeGuard is going to help you understand these issues, think again.

In short, providers should have an audit protection plan in place before they need it. Such a plan involves, at a minimum, education, staff training, and even mock drills to prepare for something you hope will never happen. That's insurance well-spent.

HLA is Available to Help

If you are contemplating an audit protection plan or would like assistance implementing one, call or email for additional details.

Federal Prosecutors Decline Criminal Prosecution of HLA Client

Following a PBM audit that uncovered a $6.5 million billing discrepancy, federal prosecutors opened an investigation. After HLA was retained, the U.S. Attorney's Office for the Eastern District of Pennsylvania agreed to a $2.5 million civil settlement in which the Owner denied all wrongdoing.


HLA Wins Dismissal of Criminal Charges After PBM Audit

Following a PBM audit that noted huge inventory discrepancies, the Massachusetts Attorney General's Office indicted the pharmacy and its owner, then represented by a different law firm. After HLA was retained, all charges were dismissed.


State Board Declines Case Against HLA Client

PBM audits may result in collateral consequences, including licensing and disciplinary proceedings. In this case, HLA's experienced defense attorneys successfully convinced the State Board to decline further investigation, effectively resolving the matter at an early stage.


Walgreens Must Face Lawsuit Based on False Prior Authorizations

The federal government continues to bring enforcement actions relating to false prior authorizations given the high-priced medications typically involved. In this case involving Walgreens, we take a deeper dive into potential theories of liability and the use of civil investigative demands and subpoenas in healthcare fraud cases.