- within Food, Drugs, Healthcare and Life Sciences topic(s)
- in United States
- within Compliance topic(s)
- with readers working within the Healthcare industries
The Centers for Medicare and Medicaid Services (CMS) issued a Request for Information (RFI) to solicit stakeholder feedback regarding regulatory changes impacting fraud, waste, and abuse in the healthcare industry as part of a wide-ranging initiative entitled "Comprehensive Regulations to Uncover Suspicious Healthcare" (CRUSH).
The February 27, 2026 RFI requests input on additional ways CMS can address fraud prevention, which may include future rulemaking under the CRUSH initiative, as well as other programmatic changes that could be implemented. CMS is specifically requesting comments on the following topics that relate to durable medical equipment, prosthetics, orthotics, and supplies (DMEPOS) suppliers.
Modifications to Program Integrity Requirements
CMS currently has a variety of tools to prevent bad actors from participating in its programs, such as claims data analysis, suspending payments, enrollment revocations, and re-enrollment bans. The RFI asks for feedback on other ways CMS can add to this toolbox. For example, what other actions can be implemented to prevent bad actors from enrolling? How can CMS increase payment accuracy and efficiency? What types of analytics or data-driven methodologies can be used to identify potential fraud?
CMS also asks if it should establish regulatory authority to direct Medicare Advantage organizations and Part D plan sponsors to suspend payment to providers and suppliers in the same way CMS can for traditional Medicare (Parts A and B).
Enhanced Identity Proofing and Ownership Requirements
CMS asserts that fraud schemes are often perpetuated by owners of enrollees who are not permanent U.S. residents or citizens, who are outside the reach of U.S. law enforcement, and for whom CMS does not currently have a robust identity verification process. As such, CMS requests feedback about whether it should require enhanced identity proofing or a requirement that individuals associated with Medicare-enrolled entities be U.S. citizens or have legal residency as a prerequisite to holding an ownership or a control interest in an enrolled organization. Additionally, CMS asks whether it should expand the current fingerprinting requirement for high-risk providers and suppliers to include owners with less than a 5% ownership, managing employees, and others who are affiliated with or working for the organization.
Preclusion List and Medicare Advantage Enrollment Requirements
CMS observes that providers and suppliers who have been revoked from traditional Medicare (Parts A and B) will, at times, try to shift to billing Medicare Advantage plans. The RFI asks stakeholders – especially Medicare Advantage plans – to provide input on whether CMS should require traditional Medicare enrollment as a prerequisite to Medicare Advantage enrollment in an effort to enhance program integrity. CMS also inquires if there are any other alternative mechanisms to achieve program integrity without requiring enrollment in traditional Medicare.
Non-Participating DMEPOS Suppliers in Medicare Advantage
Due to CMS having identified patterns of non-participating DMEPOS suppliers fraudulently billing Medicare Advantage plans for services that are not rendered or not needed, it requests feedback on how Medicare Advantage organizations can reduce fraud perpetuated by non-participating DMEPOS suppliers. This could include requirements such as data-driven or analytical methodologies to promote payment accuracy or a requirement that such suppliers be accredited and enrolled similar to traditional Medicare to ensure CMS' minimum supplier standards are met.
Part A and Part B Claim Submissions
Providers and suppliers generally have one calendar year to file claims. The RFI asks stakeholders to consider whether this deadline should be reduced (potentially to 90 to 180 calendar days) for certain high-risk items and services, such as DMEPOS supplies. CMS also asks about the impact such a reduction would have on operations and patient access.
Beneficiary Solicitation
DMEPOS suppliers are currently prohibited from most unsolicited contacts with Medicare beneficiaries via telephone. CMS requests feedback on whether this restriction should be extended to other forms of communication such as email, text message, or social media. The RFI also asks whether DMEPOS suppliers should be, for example, prohibited from collaborating with marketing agencies or other third parties to perform solicitations on their behalf.
Surety Bonds
DMEPOS suppliers are currently required to maintain a surety bond of at least $50,000 to enroll and continue their participation in Medicare. CMS seeks input on how the surety bond requirement can be utilized to strengthen its fraud prevention efforts. For example, would increasing the bond amount be effective in reducing fraud?
Submitting Comments to the RFI
Comments to the RFI must be submitted by March 30, 2026. Stakeholders in the DMEPOS industry should consider submitting comments that describe the practical challenges associated with some of these proposals.
For more about the challenges facing the DMEPOS industry, please refer to our prior publication about the temporary nationwide moratorium on the enrollment of certain DMEPOS suppliers in the Medicare program and our prior publication on the newly-implemented restrictions under the 36-month rule that limits changes in majority ownership of certain DMEPOS suppliers.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
