Migraine Medications Continue to Cause Headaches

As PBMs continue to monitor claims for migraine medications, PAAS National® continues to receive questions about billing and the audit risks associated with these claims. When billing a medication to treat or prevent a migraine, pharmacies often struggle with having the correct documentation recorded for audit purposes. Submitting accurate quantities and days’ supply, along with appropriate documentation to support these claims, are the biggest issue PAAS comes across during an audit. PBMs monitor, and flag, these claims due to excessive cost, quantities submitted, days’ supply and/or frequency of refills.

PAAS Tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

  • Check to be sure the dosage form is present and clearly indicated whether that be an oral tablet, oral disintegrating tablet (ODT), nasal spray or subcutaneous (SQ) injection
  • Vague instructions for use such as “Use as Directed” and “as needed” should always be clarified
  • Prescriptions written for more than one package of any dosage form should have the estimated number of headaches per week or per month, per the prescriber, documented on the prescription and on the patient label. This information allows the pharmacy to calculate an accurate days’ supply when submitting the claim.
  • Pay close attention to the FDA labeling for:
    • Indications and usage – some medications are used for the treatment of a migraine and others as a preventative treatment
    • Dosage and Administration – review the recommended dose, can the patient repeat a dose, is there a maximum number of migraines that can be treated per week/month
    • Be sure to bill the appropriate days’ supply. Ex: Provider orders 16 tablets of Nurtec ODT for preventative treatment. Using 1 tablet every other day would make this a 32 days’ supply, not 30 days’ supply
  • Here are some examples:
Drug FDA approved indications/usage Recommend dose Can patient repeat the dose? Maximum daily dose Billing Unit per package
Migranal Nasal Spray Acute treatment One spray in each nostril (must prime with 4 pumps prior to each use and discard 8 hours after it is primed) Yes, 15 minutes later No more than 4 sprays (2 mg) per 24 hours.

No safety studies for doses
> 3 mg/24 hours and 4 mg/7 days.

 8 mL
Nurtec ODT tablets Acute treatment 75 mg daily No No more than 18 doses in a
30-day period		 8 each
Preventative treatment 75 mg every other day
Ubrelvy tablets Acute treatment 50 mg or 100 mg Yes, at least 2 hours after initial dose 200 mg/24 hours and no more than 8 migraines in 30-day period 10 or 16 each

Please reach out to PAAS (608) 873-1342 or info@paasnational.com with any questions on how to bill for different migraine medications so you don’t end up with a headache!

PAAS Pit Stop: The Member Portal

The PAAS Member Portal is a wealth of information and resources, whether you are part of the Audit Assistance and/or  Fraud, Waste, & Abuse and HIPAA Compliance Program. To get the most out of your membership, keep an accurate and up-to-date employee list.

Audit Assistance members: ensuring each staff member is entered into the PAAS Member Portal, along with a separate email address, allows for the entire staff to receive the monthly Newsline with current audit trends, proper filling & billing practices, hot topics, and more. They also have access to search seven years of eNewsline articles in our archive. Additionally, staff will have access to PAAS’ Tools & Resources, with billing charts, guidance documents, and on-demand webinars.

Fraud, Waste, & Abuse and HIPAA Compliance Program members: keeping your PAAS Member Portal current allows you to stay compliant. PAAS completes daily OIG & GSA exclusion checks, which goes beyond the federal expectation of exclusion checks being conducted upon hire and monthly thereafter. It allows the admin and compliance officer to generate a report reflecting when each employee last completed their FWA and HIPAA training and exclusion list check for the specific time frame being requested from the auditor.

In addition, if the auditor is looking for a specific policy or procedure, you can download your pharmacy’s customized FWA/HIPAA compliance manual and print off the corresponding pages of the policy or procedure they are requesting. For onsite audits, utilize PAAS’ onsite credentialing checklist to cross reference policy sections in your manual the auditor may ask for. This provides the auditor with much of the compliance components looked for during an audit in a fraction of the amount of paperwork and time.

PAAS Tips:

Caution with Script Care Audits

PAAS National® has seen a rise in desk audits from Script Care. While this PBM may not be familiar to some pharmacies, we would like to share specific information they have been looking for on their audits.

Prescriptions we have frequently seen flagged discrepant are:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

  • DAW Code Error
    • This plan is very specific about the appropriate terminology on the prescription per each states’ guidelines. (e.g., “Brand Medically Necessary”)
  • REMS Requirements
    • Prescriptions that do not have appropriate documentation, including REMS requirements, are frequently flagged
    • Applicable medication guides
    • See the FDA website for REMS requirements
  • Clinically Inappropriate
    • Prescriptions for off-label use and dosage or instructions that are outside FDA guidelines may require current literature to validate the prescription

Script Care does not currently have a Provider Manual; however, PAAS has been informed that they plan to release one soon.

Remember to send in any audit request upon first receiving and a PAAS analyst will be happy to assist you through the audit process. You can send in your audits by fax (608) 873-4009, email info@paasnational.com or upload to our portal available on our website under Access Services.

Standard Written Order and Medicare Part B Audit Risks – New Guidance

If you are a Medicare Part B provider, then you know how cumbersome a Medicare Part B audit can be. For most Medicare Part B audits, a pharmacy would be required to provide a valid Standard Written Order (SWO), medical records to support the diagnosis and continued need of the item, proof of delivery, and proof of refill request if mailing or delivering supplies.

This article is going to focus on the SWO. In January of 2020, CMS finalized Rule 1713 which created a unified order for all DMEPOS items.  While this new SWO was designed to reduce the burden on both suppliers and providers, audit results would prove otherwise. The required elements of an SWO are:

  • Beneficiaries name OR Medicare Beneficiary Identifier (MBI)
  • The order date – this cannot be stamped
  • A detailed description of the items ordered
  • The quantity to be dispensed
  • Treating practitioner’s name OR NPI
  • Treating practitioner’s signature – this cannot be stamped

Below are the three most common SWO discrepancies PAAS National® sees on audit results and our guidance to help prevent these discrepancies from occurring.

PAAS Tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

  • SWO is not signed by the practitioner
    • The intake/data entry technician can check to be sure the provider manually signed the order (some states allow electronic signatures on a faxed electronic prescription), it just cannot be a stamped signature
  • **NEW Guidance** Corrections to an SWO when the pharmacy did not obtain the practitioner’s signature regarding those corrections
    • The practitioner must sign and date any revisions to the SWO and must be completed prior to submitting the claim
    • Always obtain the prescribers signature for any changes or additions to an SWO or ask the prescriber to send a new SWO with the missing or additional information
  • Billing a claim when there are no authorized refills remaining
    • While refills are not a required element on the SWO, if the practitioner writes for refills, they will be honored exactly as specified regardless of the quantity dispensed
    • **NEW Guidance** Medicare allows the initial fill and as many times subsequently for the exact refills indicated on the prescription after which the prescription would be considered expired
      • Example: A pharmacy receives an order for a 90 days’ supply, plus three refills (i.e., a full year’s worth of medication). If the pharmacy can only bill for one month at a time (Medicare requirement on most DMEPOS items), the pharmacy can only fill off this SWO for a total of 4 fills (likely 120 days), regardless of the total quantity written. Additional fills would be considered unauthorized refills and ineligible for reimbursement, despite standard pharmacy practice.
  • If you receive a prescription written for 90 days’ supply at a time with refills, ask the prescriber to resend the SWO written for 30 days’ supply at a time plus an adjusted number of refills to avoid unauthorized refills on an expired SWO
  • PAAS National® has been corresponding with DME MACs to express our displeasure regarding this non-standard practice of requiring a prescriber’s signature on a clinical notation as well as not allowing the total quantity prescribed to be dispensed (when the refills constrain the number of dispensings) on the SWO – we will continue to advocate for pharmacies accordingly
  • Review the following Newsline articles for additional information:
  • PAAS recommends pharmacies review their DME MAC website for revised bulletin articles, webinars on the new SWO, and other educational materials. Click here for standard documentation requirements for all claims submitted to DME MACs.

Alleged Inattentiveness to Details Costs Pharmacy $70,000

The DEA was established as a federal agency to regulate drug laws and to prevent misuse and/or diversion of both controlled substance and non-controlled medications. Their effort to prevent misuse and diversion of controlled substance medications starts with pharmacies filling prescriptions based on valid hardcopies. As was the case for CVS Pharmacies in New Hampshire, red flags that the federal government believes would have alerted a pharmacist of a fraudulent prescription were ignored, resulting in an alleged 41 fraudulent prescriptions being filled for Adderall®, Ritalin®, and Xanax ®. In order to resolve the allegations, CVS agreed to pay $70,000.

This civil case against CVS came as a result of two criminal investigations into individuals who utilized a variety of CVS Pharmacies around New Hampshire to fill fraudulent prescriptions. This speaks to the importance of ensuring the prescriptions that you are filling at your pharmacies are valid and written for a valid medical purpose by a provider within their usual scope of practice.

PAAS Tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

  • Ensure your staff completes the annual Fraud, Waste, and Abuse Training. If you don’t have a compliance program at your pharmacy, check out the PAAS FWA/HIPAA Compliance program, which includes training, risk analysis, daily exclusion checking and customized compliance policy and procedure manual (with written policies and procedures – required by Medicare Part D and PBMs).
  • Be familiar with your state’s prescription requirements. Examples include:
    • Supervising physician for mid-level practitioners
    • Alphanumeric quantities on controlled substances
    • Security elements on written prescriptions
    • How long prescriptions are valid
  • Look for elements such as the Surescripts Provider Identifier (SPI), message ID, and transaction ID on electronic hardcopy prescriptions, along with “electronically signed by” or “authorized by” for controlled substances
  • Utilize your states Prescription Drug Monitoring Program
  • When in doubt, err on the side of caution – contact the prescriber to confirm the prescription prior to dispensing and annotate conversation with a clinical note
  • Reference PAAS’ July 2022 Newsline article that helps identify red flags, Beware: DEA and Wholesalers are Cracking Down on Controlled Substance Dispensing

Considerations With Ozempic 0.25 Weekly

PAAS National® analysts receive many questions on Ozempic® relating to concerns about off label use; however, we also receive questions about what days’ supply to submit on claims – particularly for initiation dosing.

Section 2.1 of the manufacturer’s product label (available on DailyMed) lists the recommended dosage schedule based on clinical trials and includes the following titration schedule:

  • Start OZEMPIC with a 0.25 mg subcutaneous injection once weekly for 4 weeks. The 0.25 mg dosage is intended for treatment initiation and is not effective for glycemic control.
  • After 4 weeks on the 0.25 mg dosage, increase the dosage to 0.5 mg once weekly.
  • If additional glycemic control is needed after at least 4 weeks on the 0.5 mg dosage, the dosage may be increased to 1 mg once weekly.
  • If additional glycemic control is needed after at least 4 weeks on the 1 mg dosage, the dosage may be increased to 2 mg once weekly. The maximum recommended dosage is 2 mg once weekly.

What happens if the prescriber wants a patient to stay on the 0.25 mg dose for longer than 4 weeks? What if the prescription simply states “inject 0.25 mg weekly”? What days’ supply should the pharmacy transmit?

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!
Most pharmacists have heard the phrase, “start low and go slow” in their training (particularly for dosing elderly patients or when using medications with risk of unpleasant or risky side effects). While patients and prescribers can certainly take it slow with respect to dose titration to reduce gastrointestinal (GI) side effects, please be aware of two important points. First, as emphasized above, the 0.25 mg dosage is subtherapeutic and patients should not stay on this dose indefinitely. Second, while in-use Ozempic® pens have a 56-day beyond use date (which would allow eight weekly doses of 0.25 mg from the 2 mg/3 mL pen NDC 00169-418-13), there are only 6 pen needles included in the box.

If you receive a new Ozempic® prescription with instructions of 0.25 mg weekly, we suggest that pharmacies follow-up with prescribers to discuss the manufacturer recommended dosage titration and confirm if patients will be titrating the dose to 0.5 mg or 1 mg weekly, and when. If the prescriber’s office confirms that the patient should stay on the 0.25 mg weekly dose for eight weeks, then the pharmacy should submit the claim as a 56-day supply (if possible) and provide the patient with additional pen needles to accommodate all needed doses. As a reminder, pharmacies may be required to bill a claim as a 30-day supply due to plan limits – in these situations, make sure to follow the Can You Bill It As 30 Days? process to ensure that you do not refill early.

PAAS Tips:

  • Advise patients to NOT re-use pen needles
  • Do NOT advise patients to discard their first Ozempic pen at 42 days if they only use 0.25 mg per week
    • This would create unnecessary waste and could subject the claim to a future audit discrepancy for “early refills”
  • See August 2020 Newsline article, Ozempic® – Bill It Right! for examples on various titration schedules and suggested day supply for initial and maintenance dosing
  • See May 2023 Newsline article, Ozempic® Package Size Change for discussion of currently available NDCs, doses provided, and billing quantity

Electronic Clinical Notes: Are They Required?

There has been some discussion in pharmacy circles about clinical notes and whether PBMs are requiring them to be electronically annotated (or if hand-written clinical notes will continue to suffice).

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!
While PAAS National® has not seen PBMs explicitly require this in their provider manuals, there are some compelling reasons your pharmacy should consider using electronic annotations.

First, DEA rule 21 CFR 1311.200(f) states that pharmacists must make and retain annotations electronically when filling an electronic prescription.

Second, be aware that state laws may require electronic annotations. For example, New York controlled substance rules mirror the DEA language when it comes to electronic prescriptions and annotations.

Third, while PBMs may not explicitly require electronic annotations, not having date and time stamped notes in your pharmacy software may be detrimental for audit appeals. Many PBMs are giving preference, or requiring, electronic date and time stamped clinical notes to appeal certain discrepancies successfully. With a date/time stamp, the detail provides validation to the PBM that they existed at the time of dispensing.

Examples:

  • Elixir requires electronic date and time stamped notes in a patient’s profile in order to appeal missing DAW 2 documentation.
  • Humana requires a copy of pharmacy electronically stored notes for various discrepancies, including missing information on a prescription and unauthorized refills showing information was confirmed at the time of dispensing.

PAAS Tips:

  • Clinical notes should contain 4 elements:
    • Date/time
    • Name and title of who you spoke with
    • Summary of discussion
    • Pharmacy staff initials
  • Make annotations electronically if possible. This can help avoid later audit appeal and legibility issues
  • If making handwritten annotations, ensure you rescan the prescription into your software
  • See the July 2023 Newsline article, Remember to Maintain and Provide Complete Clinical Notes!

Desk Audits for Worker’s Compensation Claims

PAAS National® analysts have recently seen an increase in desk audits for worker’s compensation claims, mostly performed by Script Care. There has been a high rate of fraud with worker’s compensation in the past and these claims are subject to more scrutiny.

Many states have additional laws specific to worker’s compensation and auditors have often cited prescriptions as “invalid” if prescriptions did not conform to these specific laws.

A few common audit discrepancies include:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

  1. Missing/Incomplete documentation to support DAW-1 claims.
  2. Missing documentation to substantiate that worker’s compensation is the responsible payer (e.g., includes diagnosis code and date of injury).

Upon first receiving an audit contact PAAS (608) 873-1342 so that an analyst can assist you from the start of the audit for the best results.

PAAS Tips:

  • Consider recent fraud against the Department of Labor’s Office of Workers’ Compensation
    • Nine Defendants Sentenced in $126M Compounding Fraud Scheme
    • “Compound King” and Wife Sentenced in $21 Million Health Care Fraud Scheme; Fugitive Sought
    • Former Pharmacy Employee Admits Role in Multi-Million Dollar Illegal Kickback Scheme

Auditors Crack Down on Pharmacies That Bypass Plan Limits

PAAS National® analysts want to warn pharmacies about an uptick in PBMs flagging prescriptions for bypassing plan limit rejects. These prescriptions are being marked as discrepant and face full recoupment. Share this information with your staff and ensure that claims are not unintentionally being put at risk for audit/recoupment.

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

When pharmacies receive a reject of plan limit or exceeds maximum daily dose, pharmacy staff must follow the plan guidelines to submit the claim appropriately. The plan sending this rejection is telling the pharmacy that the dosage is not covered without additional requirements. This could mean prior authorization, switching to a different dose, or changing to another medication.

Pharmacies that manipulate the days’ supply to bypass the rejection are putting those claims at risk of recoupment. PBMs can easily track when pharmacies run a claim, receive a reject, and immediately rebill for the same quantity but different days’ supply. This raises a red flag that the plan reject was likely not adhered to appropriately – low hanging fruit for PBM auditors.

Reducing the quantity and/or split billing prescriptions can also be an audit risk. If a reduced quantity is submitted to bypass the plan limit (e.g., to get under a dollar threshold), the claim is still in jeopardy of being recouped. Beyond circumventing a plan limit, the payor may argue it increased costs through additional refills, dispensing fees, and patient copays. One patient complaint to their plan could lead to big trouble for network pharmacies.

PAAS Tips:

  • Always bill the accurate days’ supply based on the instructions for use indicated on the prescription
  • Make sure all staff are instructed to follow plan rejects appropriately and not change the days’ supply to get a paid claim
  • Check with the PBM help desk for guidance on rejects that are vague or unclear
  • Do not split bill rejected claims
    • Charging the patient cash often leads to complaints [from the patient to an employer or PBM] and can be considered non-compliance with the provider manual and lead to remediation, including potential network termination
    • If you have exhausted all plan options and the patient insists on paying cash for the full prescription, be sure that you document authorization from the patient that they desired to pay the full cost and did not want to wait for the proper channels
  • If having difficulties with prescribers following through on prior authorization, enlist the patient to help. The patient could contact the prescriber and/or file a complaint with their insurance which may speed up the process.

Nearly 90% of Cyber Breaches are Caused by…

Every day, pharmacies and their hardworking staff safeguard patients’ Protected Health Information (PHI), but breaches still occur. The June 2023 Health and Human Services Office for Civil Rights (OCR) Cybersecurity Newsletter focused on providing an insight into cybersecurity authentication and tips for building a more robust “wall” for malicious actors to encounter before a breach could occur. The OCR newsletter indicated that according to a 2023 Data Breach Investigations Report, “86% of [cyber] attacks to access an organization’s Internet-facing systems (e.g., web servers, email servers) used stolen or compromised credentials” and “robust authentication serves as the first line of defense against malicious intrusions and attacks”.

As mentioned in the OCR newsletter, the National Institute of Standards and Technology’s Digital Identity Guidelines believes that “historically, three factors form the cornerstones of authentication:

  • Something you know (e.g., password, personal identification number (PIN))
  • Something you have (e.g., smart ID card, security token)
  • Something you are (e.g., fingerprint, facial recognition, other biometric data)”

Multi-factor authentication is a common method for ensuring the person gaining access to a system is, in fact, who they say they are. It would require one element from two different bullets listed above, such as a password plus a security token. The Cybersecurity Newsletter states that “Cyber-attacks often begin with a compromised password that is used to gain initial access to an electronic information system.” If a password is compromised through a successful phishing attempt, the second element (e.g., security token) may be enough to block unauthorized entry long enough for the Security Officer to perform an Information Systems Activity Review and identify the unusual activity and intervene.

Safeguarding PHI and being compliant with the HIPAA Security Rule is required for any entity handling PHI. The Security Rule was designed to be flexible, allowing providers with varying scopes, sizes and resources to be compliant. Whether your pharmacy has been around for 30 years or 30 days, a thorough evaluation of your HIPAA program should be done at least annually. The beauty of the PAAS National® Fraud, Waste & Abuse (FWA) and HIPAA Compliance Program, is that it mirrors the flexibility of the HIPAA Security Rule and is anything BUT a cookie-cutter program. Pharmacies perform a risk analysis upon enrolling in the program and answer questions which allows us to customize a compliance policy and procedure manual specific to your pharmacy. PAAS Analysts are always happy to discuss how the PAAS FWA/HIPAA Compliance Program is built to help you address federal regulations. Call (608) 873-1342 or visit PAASNational.com to see how you can become an FWA/HIPAA Compliance member today.

PAAS Tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!
  • Current FWA/HIPAA Compliance members can
    • Review sections 11.3.4 Information System Activity Review, 11.4 Workforce Security and 11.14 Access Control of the Policy and Procedure manual for more information
      • See Appendix B for the Information System Activity Review Log
    • Utilize the Employee Request for Access form in Appendix B to record the level of access and any keys or identification badges each employee possesses in order to perform their job duties, AND to record when the access is terminated, and keys/badges are returned
  • Provide each employee with their own unique log-in credentials and ensure their HIPAA training discusses the importance of safeguarding their passwords and all keys/security badges