Last Modified: 2/18/2024
Location: FL, PR, USVI
Business: Part A, Part B
Third-party vendors, also referred to as outsourced agencies or business associates/partners, have an equal obligation to maintain Medicare compliance. Examples of third-party vendors include:
• Billing agencies
• Software vendors
• Auditing firms
By contracting with any external party to perform Medicare transactions on your behalf, you are authorizing them to:
• Access and protect HIPAA-related information, including protected health information (PHI) and personally identifiable information (PII)
• Conduct legal, ethical and compliant transactions with Medicare
Depending upon the type of contract/agreement, these external parties are authorized to do the following on your behalf:
• Perform credentialing activities
• Conduct billing transactions, appeals, etc.
• Receive Medicare reimbursement for these transactions
• Submit inquiries regarding your transactions
Use the information below when selecting a vendor, developing a written contract, and monitoring ongoing vendor performance.
Step 1: Identify how they protect your data
• Questions to ask include:
• Does this company use any subcontractors?
• Does your information or the information for your patients go outside of the United States (offshore)?
• Electronic health information processed or stored outside of the United States has a greater risk and vulnerability for unauthorized disclosure and potential security breaches
Step 2: Understand how they will ensure accurate and timely claim, appeal, etc., submission
• Are they knowledgeable and trained on Medicare rules and regulations and using MAC and CMS resources?
• Are you provided with proof of claim submission?
• Do you receive feedback on claim denials, rejections, return to provider (RTP) to know if claims are processing correctly?
• What percentage of your claims require appeal submission?
• Does the vendor have access to your remittance advice to determine claim processing outcomes? If so, how do they use that information?
Step 3 –Determine your contractual charge structure
• Are you charged per transaction, inquiry, etc.?
• How will you know the transactions and calls are legitimate?
• For example, if the vendor can determine patient eligibility using the IVR or Portal, why would they call the Customer Contact Center and charge you for that transaction?
• If the vendor is provided with copies of your remittance advice, why do they need to call to obtain claim status and charge you for that transaction?
• Claim status is readily available in the IVR and portal
Consider validating the following with third-party vendors, outsourced agencies, and business associates/partners:
• Document compliance and performance expectations, standards of conduct, vendor/provider responsibilities, and methods to ensure continued compliance in the written business contract
• Ensure PHI/PII is protected, and your information is not outsourced offshore or to other vendors without your knowledge
• Conduct frequent assessments regarding vendor performance
• Request proof of submission
• Validate accuracy and timeliness by reviewing claim denial, rejection and RTP rates
• Determine charge structure and eliminate waste or excessive costs, including unnecessary inquiries whereby self-service tools could be leveraged instead of calling, improper or incorrect claim submissions, and overall Medicare compliance
First Coast Service Options (First Coast) strives to ensure that the information available on our provider website is accurate, detailed, and current. Therefore, this is a dynamic site and its content changes daily. It is best to access the site to ensure you have the most current information rather than printing articles or forms that may become obsolete without notice.