Proposed Rule May Let CMS Vet DMEPOS Surety Providers


In March, the Centers for Medicare & Medicaid Services (CMS) proposed a new rule in an attempt to address program abuse by Medicare, Medicaid and Children’s Health Insurance Program (CHIP) providers and suppliers. The rule’s main goal is to address and prevent Medicare enrollment fraud.

What will the rule do?

The rule will require providers to disclose affiliations—whether current or previous; direct or indirect—with a provider or supplier that have or has had a “disclosable event”:

  • Has uncollected debt
  • Has been or is subject to a payment suspension under a federal health care program
  • Has been excluded from Medicare, Medicaid or CHIP
  • Has had its Medicare, Medicaid or CHIP billing privileges denied or revoked

CMS has the right to deny a provider’s enrollment based on affiliations that may pose a risk of fraud or abuse per this provision of the rule. CMS defines “affiliation” in the following ways:

  • 5% or greater direct or indirect ownership interest an individual or entity has in another organization or other general or limited partnership interest, regardless of percentage
  • Interest in which an individual or entity exercises control (operational or managerial) over another organization or otherwise conducts day-to-day operations, whether directly or indirectly
  • Interest in which an individual acts as an officer or director of an organization
  • Any reassignment relationship as defined under 42 CFR 424.80

The rule will also give CMS authority to perform the following actions:

  • Deny or revoke a Medicare supplier or provider’s enrollment if CMS determines that the provider or supplier’s enrollment was revoked under a different name, and the re-enrollment period has not passed
  • Revoke a provider or supplier’s enrollment if the provider or supplier billed for services or purchased products from an entity that they knew or should have known did not comply with Medicare enrollment standards
  • Revoke a physician or eligible professional’s Medicare enrollment if he or she represents a threat to Medicare recipients’ health and safety or fails to meet Medicare requirements
  • Increase the maximum re-enrollment ban from 3 years to 10 years, with exceptions
  • Prohibit an applicant’s enrollment for up to 3 years if the application is denied due to the applicant providing false, misleading or omitted information in order to gain enrollment
  • Revoke Medicare enrollment if the provider or supplier has an existing debt that CMS  has referred to the United States Treasury
  • Require Medicare providers and suppliers to be enrolled in the program before offering any Part A or B services, or to have validly opted-out
  • Require Medicare providers and suppliers to maintain documentation for 7 years following the date of service performed
  • Deny a Medicare enrollment application if the applicant is barred from participation in any state’s Medicare program or another federal health care program, or if their license is suspended or revoked in another state

With this proposal, CMS aims to prevent providers and suppliers from fraudulently evading Medicare requirements using name and identity changes and via inter-provider relationships that are not always clear. The rule also prevents providers and suppliers from accumulating large amounts of debt, leaving the Medicare program and then enrolling under a different name.

How does the rule affect DMEPOS surety bonds?

Many DMEPOS (Durable Medical Equipment Prosthetics, Orthotics, and Supplies) suppliers are required to purchase surety bonds as a condition of Medicare enrollment. The bonds are typically $50,000 or more and ensure that the supplier is complying with all applicable laws. The surety must pay claims against the bond within 30 days after receiving written notice establishing liability.

A provision of the proposed rule would give CMS the authority to reject surety bonds from certain providers. CMS could reject bonds from surety providers that have failed to make required payments to CMS previously. Further, they could reject all bonds issued by that provider to enrolled or enrolling DMEPOS suppliers, not just the bond the surety failed to fulfill. Effectively, CMS could completely exclude some companies from selling DMEPOS bonds to Medicare, Medicaid and CHIP enrollees.

What happens next?

CMS published the proposed rule on March 1 and accepted comments until April 25. The comments will be reviewed and responded to by CMS, and typically the final rule will be issued with modifications. If the revisions are extensive, CMS may choose to submit a second draft of the proposed rule, accept further comments and then issue a final rule. If the final rule prompts no further response, it will become part of the Code of Federal Regulations. If a lawsuit or other objection is made, the rule will be subject to judicial review.

The rule sets a proposed effective date of January 1, 2018. Opponents of the rule claim that the rule places “significant additional burdens” on Medicare providers and suppliers, and worry that the 2018 deadline is too soon for full compliance.

As of this posting, the Federal Register lists the measure as a proposed rule, meaning the public’s comments are under review by CMS. The provisions discussed may remain in the final rule, but could undergo significant changes. The team at will continue to cover major changes in the rule.

Sign Up for Surety News!

About the Author

Melanie Baravik
Melanie is a senior at the University of Missouri - Columbia studying English with an emphasis in creative writing. She is a member of the marketing department and outreach team for, a leading provider of online bonding for clients nationwide.