HRSA Uninsured Program COVID-19 Services: What Were the Standards to Determine Uninsured Status?

17 August 2023 Health Care Law Today Blog
Author(s): Olivia Benjamin (King) Judith A. Waltz Michael J. Tuteur

Part 2 of 2

The Health Resources and Services Administration (HRSA) Uninsured Program (UIP), which reimbursed providers for provision of COVID-19 related services to uninsured individuals, paid out more than $24.5 billion in claims. Given this amount, it is no surprise that government enforcers have turned their attention towards scrutinizing the recipients of those funds – the providers of testing, treatment, and vaccination services. However, the underlying UIP requirements that the government might seek to enforce are anything but clear. We explore in this article the enforcement of one particular program requirement: a provider’s obligation to verify a patient’s uninsured status.

Focusing on Enforcement Scrutiny of the HRSA UIP. 

This is the second installment in our two-part series on the mounting scrutiny of recipients of payments under the HRSA UIP. In Part One we analyzed the Office of Inspector General’s (OIG) audit of the UIP, released on July 13, 2023. In this second installment, we focus on enforcement actions against providers related to submission of claims to the UIP, and specifically the standards that providers were expected to use to determine uninsured status. 

This spring, the Department of Justice (DOJ) announced a nationwide action to combat COVID-19 related fraud. Several defendants charged in the action were alleged to have participated in fraud schemes aimed at the HRSA UIP. One case in particular provides especially useful insight into how the government may plan to prosecute alleged non-compliance with the UIP’s expectation to verify patient uninsured status.

The recently announced takedown included a criminal complaint against Dr. Anthony Hao Dinh, a California based physician and the second highest biller to the UIP, alleging that Dinh executed a scheme to defraud HRSA by submitting false or fraudulent claims including for services not rendered, services that were not medically necessary, and – as pertinent here – for patients who were insured at the time the service was rendered (and hence were not eligible for HRSA reimbursement).

What are the Standards to Determine HRSA UIP Uninsured Status? 

As alleged in the Complaint, providers participating in the UIP had to attest – both at the time of enrollment in HRSA and upon submission of patient rosters – to certain conditions, including that they checked for health care coverage eligibility of patients and confirmed that the patients were uninsured and had no coverage under programs such as Medicare or Medicaid. (No specific source is cited in the Dinh Complaint for this alleged requirement.) The Complaint also references a requirement that providers certify via acceptance of the UIP’s Terms and Conditions that “to the best of [their] knowledge, patients identified on the claim form were Uninsured Individuals at the time the services were provided.”

Despite these required attestations and certifications regarding the conclusion as to uninsured status, nowhere in UIP guidance were providers instructed as to how they might check insurance status. Nor did the government promulgate any regulatory rules regarding insurance verification for the UIP, likely because of the pandemic’s chaotic nature and the need for a rapid response.

Does the Medicare CWF Provide Useful Information?

Of note, the government contends in the Complaint that because Dinh was enrolled in Medicare, he “had the ability to utilize Medicare’s eligibility verification database [also referred to as the Medicare Common Working File (CWF)] to verify insurance information for patients.” In so alleging, the government apparently incorporates a requirement, at least for Medicare enrolled providers, to check the CWF before deciding that a patient is actually uninsured.

CMS describes the CWF in Chapter 27 of the Medicare Claims Processing Manual as “the Medicare Part A and Part B beneficiary benefits coordination and pre-payment claims validation system”. The CWF itself has many limitations, including, as perhaps most important here, that any checks would only reflect Medicare patients, who would seem to be unlikely to be a significant percentage of those alleging uninsured status for COVID-19 services.

In fact, no such requirement to check the CWF was set forth by HRSA. To the contrary, in the absence of regulation or guidance requiring a specific method for verifying a patient’s uninsured status, any reasonable method of insurance verification would seem appropriate, provided that it allowed the provider to meet the standard set forth in the UIP’s Terms and Conditions that “to the best of [their] knowledge” the patient was uninsured. Various methods used by providers would appear to satisfy the standard for “reasonable” efforts, including requiring self-reported patient insurance information or an attestation as to uninsured status in forms used to schedule or book services. Also “reasonable” might be the use of third-party tools to verify insurance status through searching external databases. 

Do the Medicare Secondary Payer Rules Apply by Analogy? 

While the Medicare rules do not expressly apply to the UIP, the UIP’s requirements to verify insurance status find an analogy in the Medicare Secondary Payer (MSP) rules and explanatory guidance. These provisions similarly require that the provider confirm there is no other insurance that should pay before Medicare pays. With respect to MSP, the statutory language of Social Security Act § 1862(b)(6) underscores the reliance put “on information obtained from the individual”; and a related regulation at 42 C.F.R. § 411.24(l)(2)(ii) allows for no recovery against the provider if the reason for the provider’s failure to file a proper claim seeking payment from other health coverage was because the beneficiary, or someone acting on his or her behalf, failed to give, or gave erroneous, information regarding coverage that is primary to Medicare. It appears reasonable that these concepts could (and should) be similarly applied in the context of the UIP, especially given the UIP’s lack of the sophisticated additional processes applied in the MSP context to confirm that there is no other health coverage. Accordingly, UIP-enrolled providers should be able to argue that they met the UIP’s requirement of verification of uninsured status “to the best of their knowledge” if they solicited and relied upon patients’ self-reported insurance status.

Providers who failed to request patient insurance information or otherwise verify patient insurance status may not be saved by this argument, however. For instance, in one case filed in U.S. District Court for the District of Minnesota, a provider allegedly instructed employees to select “uninsured” if a patient’s insurance was not included in a pre-populated list of payors that the government claims did not include “most, if not all, Minnesota insurance companies.” Nevertheless, there may have been other means employed by that provider and many others that could also satisfy the UIP’s “best of their knowledge” standard; we will be watching this case (among others) to see if such defenses are raised there. 

What Comes Next? 

We expect to see more enforcement alleging fraud against HRSA in the coming years. The Dinh case discussed above arose from a referral from the third-party entity contracted to administer the UIP, but it is clear from the complaint that the government also utilized data analytics to strengthen their case against Dinh. This serves as just another example of the government’s utilization of data analytics in enforcement actions, which we expect to intensify.

The OIG’s audit of the UIP (which we discussed in Part One of this series) describes HRSA’s ongoing process for assessing providers’ compliance with program requirements for reimbursement. Providers who participated in the UIP should prepare to undergo audits of their involvement in the program. Providers should also maintain records related to their involvement in the UIP, including records related to their efforts to verify insurance status.

Foley is here to help you address the short- and long-term impacts in the wake of regulatory changes. We have the resources to help you navigate these and other important legal considerations related to business operations and industry-specific issues. Please reach out to the authors, your Foley relationship partner, or to our Health Care Practice Group with any questions.


This blog is made available by Foley & Lardner LLP (“Foley” or “the Firm”) for informational purposes only. It is not meant to convey the Firm’s legal position on behalf of any client, nor is it intended to convey specific legal advice. Any opinions expressed in this article do not necessarily reflect the views of Foley & Lardner LLP, its partners, or its clients. Accordingly, do not act upon this information without seeking counsel from a licensed attorney. This blog is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Communicating with Foley through this website by email, blog post, or otherwise, does not create an attorney-client relationship for any legal matter. Therefore, any communication or material you transmit to Foley through this blog, whether by email, blog post or any other manner, will not be treated as confidential or proprietary. The information on this blog is published “AS IS” and is not guaranteed to be complete, accurate, and or up-to-date. Foley makes no representations or warranties of any kind, express or implied, as to the operation or content of the site. Foley expressly disclaims all other guarantees, warranties, conditions and representations of any kind, either express or implied, whether arising under any statute, law, commercial use or otherwise, including implied warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Foley or any of its partners, officers, employees, agents or affiliates be liable, directly or indirectly, under any theory of law (contract, tort, negligence or otherwise), to you or anyone else, for any claims, losses or damages, direct, indirect special, incidental, punitive or consequential, resulting from or occasioned by the creation, use of or reliance on this site (including information and other content) or any third party websites or the information, resources or material accessed through any such websites. In some jurisdictions, the contents of this blog may be considered Attorney Advertising. If applicable, please note that prior results do not guarantee a similar outcome. Photographs are for dramatization purposes only and may include models. Likenesses do not necessarily imply current client, partnership or employee status.

Related Services