Frequently Asked Questions

Eligibility monitoring is the ongoing process of verifying that your patients still have active insurance coverage before you deliver care and submit claims. For home health agencies billing Medicaid and Medicare, coverage can lapse without warning due to redeterminations, income changes, or paperwork failures. ClientCare automates this process by running HIPAA-standard 270/271 eligibility transactions against payers on a rolling basis, alerting you the moment a patient's coverage status changes. Without continuous monitoring, agencies typically discover a lapse only after a claim is denied — by which point weeks of unreimbursable care have already been delivered.

ClientCare uses a risk-based polling schedule that adapts to each patient's profile. New intake patients are checked daily for the first 7 days to catch bad data fast. All Medicaid patients are monitored weekly — 4x faster than the industry-standard monthly batch. Medicare Advantage and Traditional Medicare patients are checked monthly. This approach balances thoroughness with efficiency, ensuring you catch lapses quickly without generating unnecessary API traffic. You can also trigger a manual check for any patient at any time from the dashboard.

When ClientCare detects a coverage lapse, it immediately creates a risk ticket on your dashboard with a severity level of CRITICAL or WARNING depending on whether the patient has upcoming scheduled visits. The ticket includes the patient's name, the affected payer, the last known active date, and a recommended next step. You can also configure email and SMS alerts so your billing team is notified in real time. The goal is to give you a window to pause services, contact the patient about re-enrollment, or adjust your billing — before you deliver care that cannot be reimbursed. For more on how coverage lapses affect your bottom line, see our blog post on Medicaid eligibility churn.

In most cases, within a week. New intake patients are checked daily for the first 7 days. Ongoing Medicaid patients are monitored weekly — 4x faster than the industry-standard monthly batch. When a 271 response indicates a coverage termination or lapse, the corresponding risk ticket is created immediately and appears on your dashboard. Email and SMS notifications are sent within minutes. The exact detection speed also depends on how quickly the payer updates their eligibility files — most state Medicaid agencies update within one to two business days of a status change, and major Medicare Advantage plans update overnight.

Yes. ClientCare supports both Medicare and Medicaid eligibility verification, including Medicare Advantage plans, Medicaid managed care organizations (MCOs), and traditional fee-for-service programs. We connect to payers through 270/271 eligibility transactions via the Stedi healthcare API, which provides access to thousands of payers nationwide. If your patients are enrolled in a payer that supports electronic eligibility inquiries — which nearly all do — ClientCare can monitor them. We also handle dual-eligible patients who have both Medicare and Medicaid coverage.

A 270/271 is the HIPAA-standard electronic transaction pair used to verify patient insurance eligibility. The 270 is the inquiry your agency sends to a payer, asking whether a specific patient has active coverage. The 271 is the payer's response, which includes the patient's coverage status, effective and termination dates, benefit details, and co-pay information. ClientCare sends these transactions automatically on your behalf, parses the responses, and flags any issues. This is the same standard used by hospitals, clearinghouses, and large health systems — ClientCare simply makes it accessible to home health agencies without the technical overhead. Learn more in our healthcare compliance glossary.

Absolutely. Most home health agencies serve patients covered by a mix of Medicaid MCOs, Medicare Advantage plans, and traditional Medicare. ClientCare handles all of these from a single dashboard. When you upload your patient roster, we automatically route eligibility checks to the correct payer based on each patient's insurance information. You do not need separate accounts or integrations for each payer. The system currently supports thousands of payers through our Stedi integration, covering the vast majority of commercial, Medicare, and Medicaid plans in all 50 states.

Eligibility verification is a point-in-time check — you verify that a patient has coverage right now, typically before an initial visit or when submitting a claim. Eligibility monitoring is continuous and ongoing. ClientCare checks your entire patient roster on a rolling schedule, catching coverage changes between visits. The distinction matters because a patient can be eligible on Monday and lose coverage by Wednesday due to a Medicaid redetermination. Point-in-time verification would miss that change; continuous monitoring catches it. For home health agencies delivering care over weeks and months, monitoring is significantly more protective than one-time verification.

The OIG exclusion list, formally called the List of Excluded Individuals/Entities (LEIE), is a federal database maintained by the Office of Inspector General within the U.S. Department of Health and Human Services. It contains the names of individuals and organizations that have been barred from participating in Medicare, Medicaid, and all other federal healthcare programs. Exclusions result from criminal convictions related to healthcare fraud, patient abuse or neglect, controlled substance violations, and other serious offenses. Any agency that bills a federal program is required to check this list before hiring and on an ongoing basis. For a deeper dive, see our healthcare compliance glossary.

The OIG recommends screening all employees and contractors at the time of hire and at least monthly thereafter. Many state Medicaid programs have codified monthly screening as a condition of participation. ClientCare automates this entirely — every staff member in your uploaded roster is screened against the LEIE every month, with no manual intervention required. We also screen against SAM.gov simultaneously. This cadence ensures you catch new exclusions quickly, since the OIG updates the LEIE on the 15th of every month with approximately 200 to 400 new entries.

The penalties are severe. Under the Civil Monetary Penalties Law, agencies that employ or contract with an excluded individual face fines of up to $22,427 per item or service billed to a federal healthcare program during the period of employment. In addition, the OIG can impose treble damages — three times the amount billed — and can exclude the employing agency itself from federal programs. For a home health agency with a modest caseload, even a few months of unknowing employment could result in six-figure penalties. These penalties apply regardless of whether the agency knew the individual was excluded, which is why proactive screening is essential.

Fuzzy name matching is a technique that identifies potential matches even when names are not spelled identically. This matters because the LEIE contains over 78,000 records, and names can vary due to typos, transliteration differences, hyphenation, nicknames, and suffix variations (Jr., Sr., III). ClientCare uses the token_sort_ratio algorithm from the rapidfuzz library, which compares names regardless of word order and accounts for partial matches. We apply dual thresholds: a score of 85 flags a potential match for review, and a score of 95 or above flags a strong match. Without fuzzy matching, a simple exact-string check would miss cases where "Jose Rodriguez" appears in your roster but "José Rodríguez" appears in the LEIE.

Yes. ClientCare screens every staff member against both the OIG's LEIE and the General Services Administration's SAM.gov exclusion database. These are complementary databases: the LEIE covers healthcare-specific exclusions, while SAM.gov covers government-wide debarments and suspensions across all federal programs. An individual could appear on SAM.gov for fraud in a non-healthcare federal program and still be prohibited from participating in Medicare and Medicaid. Checking both databases in a single automated workflow gives you the most comprehensive screening coverage available without requiring multiple manual lookups.

The LEIE (List of Excluded Individuals/Entities) is maintained by the OIG and specifically covers exclusions from federal healthcare programs like Medicare and Medicaid. SAM.gov (System for Award Management) is maintained by the General Services Administration and covers debarments and exclusions across all federal programs, including defense contracts, grants, and non-healthcare agencies. There is some overlap, but each database contains records the other does not. The OIG itself recommends checking both. ClientCare handles both checks automatically, so you do not need to log into two separate government websites or maintain two separate screening processes.

ClientCare applies Unicode normalization to strip diacritical marks (accents, tildes, cedillas) before comparison, so “François” matches “Francois” and “José” matches “Jose.” For suffixes, we maintain a comprehensive suffix list (Jr, Sr, II, III, IV, V, 2nd, 3rd, 4th) and index records under both the full name and the suffix-stripped base name. This means “Robert Smith Jr” will match against both “Robert Smith Jr” and “Robert Smith” in the LEIE. Combined with our fuzzy matching algorithm, these normalization steps ensure that legitimate matches are not missed due to minor formatting differences between your HR records and the federal databases.

After signing in, navigate to the Upload page from your dashboard. You can drag and drop CSV files exported from your EMR — WellSky, Axxess, AxisCare, or any system that produces standard CSV exports. ClientCare uses AI-powered column mapping to automatically detect fields like patient name, date of birth, NPI, insurance ID, and payer. You do not need to reformat your files or match a specific template. Once uploaded, patient eligibility checks begin immediately, and staff screening runs within minutes. You can upload updated rosters at any time to add new patients or staff members.

ClientCare accepts standard CSV files with any column naming convention. Our ingest pipeline uses AI extraction to identify the relevant fields regardless of how your EMR labels them. At minimum, patient rosters should include first name, last name, date of birth, and insurance or member ID. Staff rosters should include first name and last name (NPI is optional but improves matching accuracy). The system runs six layers of validation on every upload — including placeholder detection, duplicate checking, and batch anomaly analysis — to ensure only real, verified records enter your account.

Most agencies are fully operational within 10 minutes. The process is: create an account, upload your patient and staff CSV files, and ClientCare begins monitoring immediately. There is no onboarding call required, no IT integration, and no software to install. If you have questions during setup, you can call our AI assistant Riley at any time for a guided walkthrough. For agencies with larger rosters (500+ patients) or custom payer configurations, our team can assist with initial setup — but the self-service path works for the majority of home health agencies.

Yes. Every new account receives a full 30-day free trial with complete access to all features — eligibility monitoring, OIG/LEIE screening, SAM.gov screening, the risk ticket dashboard, and email alerts. No credit card is required to start. At the end of 30 days, you can choose a plan that fits your agency's size. If you decide ClientCare is not right for you, your account simply deactivates — no charges, no cancellation process. Visit our pricing page to see plan details.

No. ClientCare is not an electronic health records system and does not attempt to replace your EHR, EMR, or practice management software. It is a specialized compliance and revenue protection tool that works alongside your existing systems. You continue using WellSky, Axxess, AxisCare, or whatever platform you currently operate. ClientCare simply ingests roster exports from those systems and provides monitoring capabilities they do not offer. We deliberately limit our scope to eligibility monitoring and exclusion screening — we do not do clinical documentation, scheduling, billing submission, or credentialing.

ClientCare plans start at $149 per month for agencies with up to 50 patients. Pricing scales based on your patient census, with tiers for growing agencies and enterprise plans for large organizations. Every plan includes both eligibility monitoring and OIG/LEIE screening — these are not sold separately. Staff screening against SAM.gov is included at no additional cost. Visit our pricing page for a full breakdown of what each tier includes, or call Riley to discuss which plan fits your agency.

The 30-day free trial includes every feature available in a paid plan: continuous eligibility monitoring for all your patients, monthly OIG/LEIE and SAM.gov screening for all staff, the risk ticket dashboard with severity ratings and recommended actions, email and SMS alerts for coverage changes, and CSV upload from any EMR. There are no feature gates or usage limits during the trial period. The trial is designed to let you see the full value of the platform with your real data before making a purchasing decision.

Yes. ClientCare is a month-to-month subscription with no long-term contracts or cancellation fees. You can cancel from your account settings at any time, and your access continues through the end of your current billing period. If you cancel, your data is retained for 30 days in case you decide to reactivate, after which it is permanently deleted in accordance with our data retention policy. We do not believe in locking agencies into annual commitments — if the product is delivering value, you will stay because it works, not because of a contract.

Yes. ClientCare is designed from the ground up for HIPAA compliance. We implement administrative, physical, and technical safeguards as required by the HIPAA Security Rule. Patient data is encrypted at rest using AES-256 and in transit using TLS 1.2+. Our database enforces Row-Level Security (RLS) for multi-tenant isolation, meaning each agency can only access its own patient and staff records — even at the database query level. Access controls require multi-factor authentication, and all API endpoints are secured with key-based authentication. We undergo regular security reviews and maintain audit logs for all data access.

Yes. As a service that processes protected health information (PHI) on behalf of covered entities, ClientCare executes a Business Associate Agreement (BAA) with every customer. The BAA is included at no additional cost and is available for review and signature during the onboarding process. It covers our obligations regarding PHI handling, breach notification, data disposal, and subcontractor management. If your compliance officer requires a custom BAA or has specific amendments, contact our team and we will work with your legal counsel to accommodate reasonable modifications.

All data is stored in Google Cloud Platform infrastructure within the United States. Our production database runs on Cloud SQL (PostgreSQL) in the us-central1 region, and our application servers run on Cloud Run in the same region. Data never leaves US borders. Google Cloud maintains SOC 2 Type II, ISO 27001, and HITRUST certifications for its infrastructure. Backups are encrypted and retained according to our data retention policy. We do not store data on employee laptops or local servers — all processing occurs in our secured cloud environment.

Yes. ClientCare requires multi-factor authentication (MFA) for all user accounts. We use Firebase Authentication, which supports SMS-based verification codes, authenticator app tokens (Google Authenticator, Authy), and security keys. MFA is enforced at login and cannot be disabled by individual users. This is a critical layer of protection for any system handling PHI, and it is one of the technical safeguards the HIPAA Security Rule expects covered entities and business associates to implement. Combined with our session management (one-hour token expiration, secure cookies), MFA ensures that compromised passwords alone cannot grant access to patient data.