Health compliance audits and reviews
Information to assist you with health compliance audits and reviews.
We conduct compliance audits and reviews for:
- Medicare Benefits Schedule (MBS)
- Pharmaceutical Benefits Scheme (PBS)
- Child Dental Benefits Schedule (CDBS)
- Incentives Programs
The Health Insurance Act 1973 includes provisions that outline the way in which we can conduct MBS health compliance audits and reviews. The legislation applies to all health professionals, including specialists and allied health professionals, who are able to claim under Medicare.
The Dental Benefits Act 2008 includes provisions that outline the way in which we can conduct Child Dental Benefit Schedule (CDBS) compliance audits and reviews. The legislation applies to all dental practitioners using the CDBS, including dental hygienists, dental therapists, dental prosthetists and oral health therapists who provide a dental service on behalf of a dental provider.
- We can issue you, or the person or corporation in possession or control of your records, with a Notice to Produce substantiating documents where we have reasonable concern that a benefit has been incorrectly paid
- Civil penalties may be applied if a person in charge of a health professional’s records does not comply with the Notice to Produce
- Documents containing clinical information may be provided to one of our medical or dental advisers
- You can seek a review of a decision on the compliance audit findings.
For MBS compliance audits and reviews only:
- An administrative penalty applies for unsubstantiated amounts that total over $2,500. This penalty automatically decreases when a health professional voluntarily tells us about incorrectly claimed amounts before we contact them. However, it can be increased if a health professional does not respond to a Notice to Produce
For CDBS compliance audits and reviews only:
- Provisions of the Professional Services Review can be applied to any CDBS service billed on or after 4 November 2014. This means we can request the Director of Professional Services Review to review suspected cases of inappropriate practice
The Health Insurance Amendment (Compliance) Act 2011 (the Compliance Act) applies to Medicare benefits paid to all health professionals under Medicare including allied health professionals and specialists.
The Compliance Act is intended to protect the integrity of expenditure under Medicare. The law is not retrospective and only applies to professional services that were provided on or after 9 April 2011.
The Compliance Act amended the Health Insurance Act 1973 in relation to services rendered on or after 9 April 2011. There are changes to obligations and procedures for Medicare compliance audits and reviews for incorrect payments and unsubstantiated services.
The legislation allows us to issue a formal notice for you to produce documents that substantiate your service claims under Medicare. This notice is issued if there is a reasonable concern that a benefit has been paid that exceeds the amount that should have been paid.
The legislation also allows for penalties to be applied for incorrect payments or unsubstantiated services.
It also gives you the ability to request a review of decision for any audit findings determined by a Medicare compliance audit.
The Dental Benefits Legislation Amendment Act 2014 became law on 4 November 2014 and amends the Dental Benefits Act 2008 to include provisions that have significantly changed the way we conduct CDBS compliance audits and reviews of dental services.
The legislation applies to all dental practitioners using the CDBS including dental hygienists, dental therapists, dental prosthetists and oral health therapists who can provide a dental service on behalf of a dental provider.
Provisions of the Professional Services Review can be applied to any CDBS service claimed on or after 4 November 2014.
The Professional Services Review is an independent agency responsible for reviewing and investigating the provision of services by a health practitioner, including dental practitioners, to determine whether inappropriate practice has occurred.
Learn more about Professional Services Review on their website.
Find out more about the CDBS
Information will be kept for 10 years after a health compliance audit is completed. If the audit is subject to a review of decision or sets legal precedents, disposal of information is not authorised and the information is retained as National Archives. This is in accordance with legislation and current departmental policies.
Personal information collected during a health compliance audit is protected by the stringent security safeguards we currently have in place. These safeguards prevent and detect unauthorised access to personal information. Penalties, including fines and up to 2 years imprisonment, may apply to an employee who breaches their legal obligations.
Personal information collected and held for health compliance audit services is protected by:
- the Privacy Act 1988
- the secrecy provisions of the Health Insurance Act 1973
- the National Health Act 1953
- the Dental Benefits Act 2008
Disclosure of information
For the protection of the welfare, health or safety of an individual and the protection of public funds including the investigation of Medicare fraud, the information we collect may be disclosed, as authorised or as required by law.
The Australian Privacy Principles in the Privacy Act 1988 (particularly Australian Privacy Principle 6) gives you the authority to disclose clinical information to us as required or authorised by law.
You don’t have to provide documents containing clinical details unless the information is needed to substantiate a service. The type of information we need will depend on the claims that need to be substantiated. If you’ve been issued with a formal Notice to Produce, you can submit documents containing clinical information that will be assessed by one of our medical advisers.
If we have asked you to participate in a Medicare compliance audit, we will ask you to provide documents that can substantiate claimed services.
You’re not expected to produce clinical information about a patient unless it’s needed to substantiate a claim. You may censor any information that isn’t needed in all documents you provide.
You do not have to tell a patient that their clinical information has been disclosed for the purposes of a Medicare compliance audit, or as required or authorised by law.
The only time we notify a patient about the disclosure of their clinical information is when their clinical records are seized under a search warrant during a criminal investigation.
You should keep adequate and contemporaneous records.
In the case of CDBS, dental practitioners are required to keep clinical records, including informed financial consent from the patient or their parent or legal guardian for 4 years.
The clinical records must also document the tooth or teeth that were treated when an item number relates to a particular tooth or teeth.
For more information about CDBS, read the Dental Benefit Rules 2014 on the comlaw website.
In cases other than CDBS we may require you to provide documents substantiating services for up to 2 years under the legislation. However, your relevant professional peak body may also provide guidance about record keeping that is appropriate for your practice.
Providing clinical records
You only need to provide documents with the clinical details of a patient to us where this is necessary to substantiate a service. You can provide an excerpt with only the relevant details to a compliance officer or you can choose to provide any documents with clinical information to a Human Services medical adviser.
We can issue a notice to any person in possession or control of your documents. If this person does not comply with a request, they can be subject to a civil penalty. We cannot issue a notice to a patient or their parent or legal guardian.
Health compliance audits and reviews are conducted in accordance with legislation, to protect public funds and make sure benefits are correctly paid.
Once a MBS compliance audit has started, you will still have the opportunity to tell us that an incorrect amount has been paid. The administrative penalty maybe reduced depending upon when you tell us about the incorrect payment.
If a MBS compliance audit has started but you have not yet received a formal Notice to Produce substantiating documents and you voluntarily tell us you received an incorrect payment, the administrative penalty will be reduced to 10%.
If you have received a formal Notice to Produce substantiating documents relating to MBS items, you can voluntarily tell us about an incorrect payment to reduce the administrative penalty to 15%. This must be done before the timeframe to respond expires.
In the case of a CDBS compliance audit, you can voluntarily tell us about an incorrect payment at any time, however administrative penalties do not apply to CDBS compliance audits.
A Notice to Produce is a written notice requiring a health or dental practitioner, or person in possession or control of records, to produce documents that can substantiate the services being looked at as part of a MBS or CDBS compliance audit.
Under the Health Insurance Act 1973, penalties now apply to incorrect payments or unsubstantiated services for which a MBS benefit has been paid.
We conduct health compliance audits and reviews in accordance with our Compliance Program and legislation in order to protect public funds and ensure benefits are correctly paid.
You will be advised in writing of the outcome of the compliance audit before a debt is raised.
If you disagree with the outcome of a compliance audit you can lodge a Review of Decision form (HW051). You will need to submit your application within 28 days of receiving the notice of decision that amounts are recoverable and provide any additional information and substantiating documents. We will respond to your application within 28 days after receiving your application.
To request a review you must complete the Review of Decision form (HW051).
A review of decision is where an independent decision maker reviews the result of a compliance audit and reconsiders the evidence and confirms, varies or revokes the original decision.
A review of decision can be made under any program including MBS, PBS, CDBS and incentive programs and decisions in relation to members of the public.
For MBS and CDBS compliance audits, the following conditions apply:
- it relates to an MBS or CDBS service or services
- these services occurred on or after 9 April 2011 for MBS, or 1 January 2014 for CDBS
- there is an amount recoverable, and
- the application for review is received within 28 days following the receipt of the Notice of Audit decision and amounts recoverable letter
If any of the above criteria do not apply, you can request an administrative review of decision (SS351) in relation to a compliance audit.
When making an application for review, you may provide additional information in order to substantiate the benefit paid for a service. This will ensure the Review Officer has all the relevant information to undertake the review.
When applying for a review of a decision make sure you:
- use the approved application form provided on our website
- ensure the application form is accurate and complete
- attach any additional information and submit this with the application
For further guidance on the types of documents that may substantiate a service, please refer to the appropriate Health Professionals Guidelines.
Notice of the review decision
You will be advised when your application for review is received and whether it meets the requirements for a review of decision.
A Review Officer, who was not involved in the original audit decision, will conduct the review.
The Review Officer will conduct an examination of all the relevant facts and evidence available at the time the audit decision was made and will consider any new information submitted with the application.
After the review, the original decision will be confirmed, varied or revoked by the decision maker.
Written notice of the review decision will be sent to you within 28 days after your application is received. An administrative review of decision is usually completed within 3 months.
Each audit decision can only be reviewed once.
A review of decision may confirm, vary or revoke the original decision.
Send the completed Application to Review Compliance Audit Decision form to the Medicare Compliance Review Team.
The following information is about circumstances beyond a person’s control that affect your ability to participate in a health compliance audit. Should you be facing circumstances beyond your control, we recommend that you tell us as soon as you can.
Health compliance audits and reviews are conducted in accordance with legislation, to protect public funds and make sure that benefits are correctly paid.
An exceptional circumstance is an unavoidable situation that stops you substantiating services provided or fulfilling requests we make to produce documents, even after you have taken all possible and reasonable precautions.
If you think you have exceptional circumstances, you should tell us as soon as you can.
If an audit is in progress and we are not satisfied with the reasons set out in your submissions, you will still need to either:
- substantiate any services subject to the audit
- repay any incorrect payments including any penalties that may apply
If we are satisfied, we will send you a Notice of Decision.
Fill out a Compliance Audit - Exceptional Circumstances - Statutory Declaration form (MO020) so we can assess your situation. This form provides you with information on how to submit your form and where you can get further help.
Mail the form to the Exceptional Circumstances team.
A civil penalty is similar to a fine and can be imposed by the Federal Court on an individual or a corporation who:
- is responsible for documents relating to claimed MBS or CDBS services
- did not provide the service themselves, and
- has not complied with a Notice to Produce documents
Penalties are designed to encourage voluntary compliance with the legislative requirements for the payment of benefits.
A civil penalty does not apply to patients who received MBS or CDBS services or incurred the expenses associated with a MBS or CDBS service.
Civil penalty rates
The Federal Court can impose a civil penalty of an amount described under 4AA in the Crimes Act 1914, for each service listed in a formal notice where a third party has not provided the required documentation relevant to that service.
This program provides an awareness of our compliance activities that are used to protect payments made under Medicare and the PBS and what you can do to meet your obligations under those programs.
Forms to help you to meet your obligations for Medicare compliance audits and reviews.