OIG Work Plan Targets Chronic Care Management: What Care Management Companies and Investors Need to Know

Articles
Written By Carrie Nixon and Cyndi Baily

The Office of Inspector General (OIG) has added a significant new item to its 2026 Work Plan: a specialized audit of Medicare Part B payments for Chronic Care Management (CCM) services. Announced on March 16, 2026, this active CMS audit project is expected to continue through FY 2028.

Key Takeaways

The 2026 OIG Work Plan focuses on CCM eligibility, and specifically the "multiple chronic conditions" requirement. With Medicare CCM payments rising since 2019, the OIG is targeting billing risks related to clinical documentation and vendor oversight. Nixon Law Group provides privileged compliance assessments to help digital health companies and investors mitigate these audit risks.

Why is the OIG Auditing CCM Services Now?

Medicare Part B payments for CCM increased substantially between 2019 and 2024. This rapid adoption, combined with high reimbursement totals, has led the OIG to investigate whether providers are ordering medically necessary services and billing for eligible patients. In particular, the OIG will review payments at risk of noncompliance with the "multiple chronic conditions" requirement.

Diagram illustrating the CCM eligibility triad: multiple chronic conditions, 12-month duration expectancy, and significant clinical risk.

What are the Key CCM Eligibility Requirements Under Scrutiny?

To be eligible for CCM and withstand an OIG audit, the patient record must clearly support the following three threshold criteria:

  • Multiple Conditions: The patient must have two or more chronic conditions.

  • Duration: Conditions must be expected to last at least 12 months or until death.

  • Clinical Risk: Conditions must place the patient at significant risk of death, acute exacerbation/decompensation, or functional decline.

What are the Top Compliance Red Flags for Care Management?

The OIG’s audit language suggests several high-risk areas that could trigger a federal billing review:

  • Insufficient "Multiple Conditions" Documentation: Billing for beneficiaries who lack two qualifying conditions supported in the medical record.

  • Lack of Clinical Justification: Simply listing diagnoses without documenting how they meet the "significant risk" or "duration" thresholds.

  • Scaled Outreach Risks: Inconsistent protocols regarding patient enrollment, consent, clinical review, or time-tracking for treatment management.

  • Vendor-Driven Models: Programs where technology companies outsource operational work without adequate billing practitioner oversight, supervision, or documentation.

How Nixon Law Group Prepares Your Care Management Company for a CCM Audit

The OIG has signaled that Medicare payment depends on clearly showing eligibility in the patient chart. Nixon Law Group advises digital health companies, providers, and investors on CCM and virtual care compliance. We provide a comprehensive CCM Compliance Assessment protected under Attorney-Client Privilege, designed to fortify your program in the face of federal audits.

1. Documentation Deep-Dive

We conduct a rigorous review of a sampling of patient records to ensure they meet the OIG's "multiple chronic conditions" threshold. We verify that your records explicitly connect diagnoses to the risk of functional decline or acute exacerbation, ensuring the documentation substantiates the 12-month expected duration required for billing.

2. Operational Workflow and Scalability Analysis

For technology-enabled platforms, we evaluate whether your growth has outpaced your compliance controls. We review your enrollment and consent processes to ensure they include sufficient practitioner review and that monthly service documentation (including time accrued and care plan maintenance) is consistently supported.

3. Vendor and Outsourcing Structural Review

Where technology companies handle operations, we assess your protocols to confirm that the billing provider can substantiate clinical oversight and billing responsibility. We ensure that third-party documentation meets Medicare Part B standards and is properly reflected in the patient's primary record.

4. Strategic Remediation Under Attorney-Client Privilege

Crucially, our assessment is conducted under attorney-client privilege. This allows your organization to candidly identify and remediate billing risks, validate vendor arrangements, and ensure clinical oversight meets OIG expectations.

Reach out to our team at Nixon Law Group to learn more about a privileged compliance assessment to protect your organization in the face of upcoming CCM audits.

Frequently Asked Questions about CCM Audits 

Q: Is the OIG auditing all CCM providers? A: The OIG is focusing on payments "at risk of noncompliance," particularly those involving scaled models or insufficient documentation of multiple chronic conditions.

Q: Can a vendor-led CCM model be compliant? A: Yes, but the OIG is specifically looking for evidence of the billing practitioner’s role, supervision, and clinical involvement in the record.

Q: How long will this OIG audit project last? A: The OIG expects this CCM audit project to continue through FY 2028.

Carrie Nixon and Cyndi Baily
Previous

What is the CMS ASPIRE Model? A 10-Year Value-Based Care Roadmap for Digital Health
Next

Is the ACCESS Model the Secret to Tech-Driven Care Management Maintenance?