Medicaid Integrity
Implementation of New Program Provides Opportunities for Federal Leadership to Combat Fraud and Abuse
Gao ID: GAO-06-578T March 28, 2006
Today's hearing concerns fraud, waste, and abuse control in Medicaid, a program that provides health care coverage for over 56 million eligible low-income people and is jointly financed by the federal government and the states. In fiscal year 2004, Medicaid had benefit payments of $287 billion, with a federal share of about $168 billion. The states are primarily responsible for ensuring appropriate Medicaid payments through provider enrollment screening, claims review, overpayment recovery, and case referral to law enforcement. At the federal level, the Centers for Medicare & Medicaid Services (CMS) is responsible for supporting and overseeing state fraud, waste, and abuse control activities. Congress requested information on how CMS and the states can better serve taxpayers and beneficiaries by reducing Medicaid fraud. This statement will focus on existing concerns about CMS's efforts to help states prevent and detect fraud, waste, and abuse; how provisions in recent legislation providing for a Medicaid Integrity Program will help CMS expand its current efforts; and challenges CMS needs to address as it implements new Medicaid Integrity Program efforts.
As GAO testified in 2005, there has been a wide disparity between the level of staff and financial resources that CMS has expended to support and oversee state activities to control fraud and abuse and the amount of federal dollars at risk in Medicaid benefit payments. In fiscal year 2005, CMS dedicated an estimated 8.1 full-time equivalent employees to support states in their anti-fraud-and-abuse operations. In contrast, the federal government spent over $168 billion for Medicaid benefits in fiscal year 2004. Further, resource shortages severely limited two efforts that had shown potential to help states prevent and detect fraud, waste, and abuse. In addition to devoting limited staff and financial resources, CMS lacked a strategic plan to direct its anti-fraud-and-abuse efforts. Enacted in February 2006, the Deficit Reduction Act of 2005 (DRA) provided for creation of the Medicaid Integrity Program and includes specific appropriations that CMS can use to fund activities to support anti-fraud-and-abuse efforts. It also included provisions that will address the agency's staffing and planning limitations related to Medicaid program integrity. For example, the law requires CMS to add 100 employees to work with states in support and oversight of their Medicaid program integrity efforts and to develop a comprehensive plan to explain how the agency will address Medicaid fraud, waste, and abuse. In addition, the DRA provided funds to expand a program that is designed to identify program vulnerabilities in Medicaid and Medicare--the federal health insurance program for the elderly and some disabled people--by examining billing and payment abnormalities in both programs. In implementing the DRA provisions related to the Medicaid Integrity Program, CMS has a unique opportunity to strengthen its leadership of state and federal efforts to control fraud, waste, and abuse in the Medicaid program. The most immediate challenge will be to develop its comprehensive plan that will provide strategic direction for CMS, the states, and law enforcement partners.
GAO-06-578T, Medicaid Integrity: Implementation of New Program Provides Opportunities for Federal Leadership to Combat Fraud and Abuse
This is the accessible text file for GAO report number GAO-06-578T
entitled 'Medicaid Integrity: Implementation of New Program Provides
Opportunities for Federal Leadership to Combat Fraud, Waste, and Abuse'
which was released on March 29, 2006.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
Testimony:
Before the Subcommittee on Federal Financial Management, Government
Information, and International Security, Committee on Homeland Security
and Governmental Affairs, U.S. Senate:
United States Government Accountability Office:
GAO:
For Release on Delivery Expected at 2:30 p.m. EDT:
Tuesday, March 28, 2006:
Medicaid Integrity:
Implementation of New Program Provides Opportunities for Federal
Leadership to Combat Fraud, Waste, and Abuse:
Statement of Leslie G. Aronovitz:
Director, Health Care:
GAO-06-578T:
GAO Highlights:
Highlights of GAO-06-578T, a testimony before the Subcommittee on
Federal Financial Management, Government Information, and International
Security, Committee on Homeland Security and Governmental Affairs, U.S.
Senate:
Why GAO Did This Study:
Today‘s hearing concerns fraud, waste, and abuse control in Medicaid, a
program that provides health care coverage for over 56 million eligible
low-income people and is jointly financed by the federal government and
the states. In fiscal year 2004, Medicaid had benefit payments of $287
billion, with a federal share of about $168 billion.
The states are primarily responsible for ensuring appropriate Medicaid
payments through provider enrollment screening, claims review,
overpayment recovery, and case referral to law enforcement. At the
federal level, the Centers for Medicare & Medicaid Services (CMS) is
responsible for supporting and overseeing state fraud, waste, and abuse
control activities.
The Subcommittee requested information on how CMS and the states can
better serve taxpayers and beneficiaries by reducing Medicaid fraud.
This statement will focus on existing concerns about CMS‘s efforts to
help states prevent and detect fraud, waste, and abuse; how provisions
in recent legislation providing for a Medicaid Integrity Program will
help CMS expand its current efforts; and challenges CMS needs to
address as it implements new Medicaid Integrity Program efforts.
What GAO Found:
As GAO testified in 2005, there has been a wide disparity between the
level of staff and financial resources that CMS has expended to support
and oversee state activities to control fraud and abuse and the amount
of federal dollars at risk in Medicaid benefit payments. In fiscal year
2005, CMS dedicated an estimated 8.1 full-time equivalent employees to
support states in their anti-fraud-and-abuse operations. In contrast,
the federal government spent over $168 billion for Medicaid benefits in
fiscal year 2004. Further, resource shortages severely limited two
efforts that had shown potential to help states prevent and detect
fraud, waste, and abuse. In addition to devoting limited staff and
financial resources, CMS lacked a strategic plan to direct its anti-
fraud-and-abuse efforts.
Enacted in February 2006, the Deficit Reduction Act of 2005 (DRA)
provided for creation of the Medicaid Integrity Program and includes
specific appropriations that CMS can use to fund activities to support
anti-fraud-and-abuse efforts. It also included provisions that will
address the agency‘s staffing and planning limitations related to
Medicaid program integrity. For example, the law requires CMS to add
100 employees to work with states in support and oversight of their
Medicaid program integrity efforts and to develop a comprehensive plan
to explain how the agency will address Medicaid fraud, waste, and
abuse. In addition, the DRA provided funds to expand a program that is
designed to identify program vulnerabilities in Medicaid and
Medicare”the federal health insurance program for the elderly and some
disabled people”by examining billing and payment abnormalities in both
programs.
In implementing the DRA provisions related to the Medicaid Integrity
Program, CMS has a unique opportunity to strengthen its leadership of
state and federal efforts to control fraud, waste, and abuse in the
Medicaid program. The most immediate challenge will be to develop its
comprehensive plan that will provide strategic direction for CMS, the
states, and law enforcement partners.
www.gao.gov/cgi-bin/getrpt?GAO-06-578T.
To view the full product, including the scope and methodology, click on
the link above. For more information, contact Leslie G. Aronovitz at
(312) 220-7600 or aronovitzl@gao.gov.
[End of section]
Mr. Chairman and Members of the Subcommittee:
I am pleased to be here today as you discuss the control of fraud,
waste, and abuse in Medicaid, the program that provided health care
coverage for over 56 million low-income individuals in fiscal year
2004, including children and the aged, blind, and disabled. Medicaid is
jointly financed by the federal government and the states. In fiscal
year 2004, Medicaid's benefit payments totaled $287 billion, of which
the federal share was about $168 billion. Medicaid is administered
directly by the states and consists of 56 distinct state-level
programs.[Footnote 1]
In 2003, GAO added Medicaid to its list of high-risk programs, owing to
the program's size, growth, diversity, and fiscal management
weaknesses.[Footnote 2] We noted that insufficient federal and state
oversight put the Medicaid program at significant risk for improper
payments. Improper payments may be due to mistakes, abuse, or
fraud.[Footnote 3] Because, by their nature, fraud and abuse are not
apparent until detected, the amount of Medicaid funds lost through
health care providers' inappropriate billings cannot be precisely
quantified. A nationwide rate of improper payments for Medicaid has not
been estimated, but even a rate as low as 3 percent would have resulted
in a loss of about $5 billion in federal funds in fiscal year 2004. To
put this hypothetical figure in perspective, it is more than the amount
that the federal government spent in fiscal year 2004 on the State
Children's Health Insurance Program (SCHIP).[Footnote 4] Further,
Medicaid can be subject to waste, or extravagant and unnecessary
expenditures. Because Medicaid represents a large and growing share of
state budgets--more than 20 percent of state expenditures--funds lost
to improper payments and waste can impact states' abilities to serve
beneficiaries in need.
Fraud, waste, and abuse drain vital program dollars in ways that hurt
both taxpayers and beneficiaries. Seeking and receiving reimbursement
for services not provided squanders public funds that could have been
used for beneficiaries' health care. For example, in 2005, a North
Carolina pharmacist was sentenced to 33 months in prison and ordered to
pay more than $2 million in restitution for defrauding the Medicaid
program by submitting claims for long-term care patients' prescriptions
that had not been refilled, delivered, or even requested by their
caregivers. Similarly, a New York hospital agreed to pay $76.5 million
to resolve allegations that it overbilled the Medicaid program for
services provided in its clinics. In addition, when providers receive
payment for unnecessary services, it can have a negative impact on
health care quality. For example, consider the case in 2004 against 20
dentists in California who were charged with conspiracy to defraud the
state's Medicaid program of $4.5 million. The dentists are alleged to
have billed Medicaid for unnecessary or inappropriate services that
placed patients at risk of pain, infection, loss of teeth, and bodily
injury--including reusing dental instruments without sterilizing them,
performing dental surgeries without adequate anesthesia, and developing
treatment plans that called for unnecessary root canals and fillings.
States are the first line of defense against Medicaid fraud, waste, and
abuse. Specifically, they must comply with federal requirements to
ensure the qualifications of the providers who bill the program, detect
improper payments, recover overpayments, and refer suspected cases of
fraud and abuse to law enforcement authorities. At the federal level,
the Centers for Medicare & Medicaid Services (CMS), an agency within
the Department of Health and Human Services (HHS), is responsible for
supporting and overseeing state fraud, waste, and abuse control
activities. Last year, we testified that CMS had initiatives to assist
states in combating fraud and abuse in their Medicaid programs but that
its oversight of states' activities and commitment of federal dollar
and staff resources were limited.[Footnote 5] Since then, the Deficit
Reduction Act of 2005 (DRA)[Footnote 6] provided for creation of a
Medicaid Integrity Program and included other provisions designed to
increase CMS's level of effort to support state activities to address
fraud, waste, and abuse in Medicaid.
The Subcommittee requested information on ways that CMS and the states
can better serve taxpayers and Medicaid recipients by reducing or
eliminating fraud in the program. My remarks today will focus on (1)
existing concerns regarding CMS's efforts to help states prevent and
detect fraud and abuse in the Medicaid program, (2) how provisions in
the DRA will help CMS expand current efforts to address Medicaid fraud,
waste, and abuse, and (3) challenges CMS faces as it implements new
Medicaid Integrity Program efforts. To address these issues, we
reviewed agency documents on Medicaid program integrity and oversight
activities, relevant provisions of the DRA, and our issued reports on
CMS's and states' efforts to address Medicaid fraud, waste, and abuse.
(Related GAO products are listed at the end of this statement.) We also
interviewed CMS officials. We conducted our work in March 2006 in
accordance with generally accepted government auditing standards.
In summary, we testified last year that while CMS has activities to
oversee and support state efforts to address fraud and abuse in the
Medicaid program, the agency has not devoted the staff and financial
resources to its efforts that are commensurate with the risks involved.
In addition, CMS has lacked plans to guide federal and state agencies
that were working to prevent or deter Medicaid fraud and abuse. Enacted
in February 2006, the DRA provided for the creation of a new Medicaid
Integrity Program, with specified appropriations to fund it. DRA also
requires CMS to devote an additional 100 full-time-equivalent staff to
combating Medicaid provider fraud and abuse; develop a comprehensive
plan for the Medicaid Integrity Program every 5 fiscal years; and
report annually on its use, and the effectiveness of its use, of the
appropriated funds. In implementing the DRA provisions related to the
Medicaid Integrity Program, CMS faces a major challenge--to develop a
comprehensive plan that provides strategic direction for CMS, the
states, and law enforcement partners. In developing its plan, CMS will
need to focus on how it intends to allocate resources among activities
to reduce program risk to the greatest extent possible and how to
effectively deploy program integrity staff within the agency. Planning
for, and implementing, the DRA provisions provide CMS with a unique
opportunity to strengthen its leadership of state and federal efforts
to control fraud, waste, and abuse in the Medicaid program.
Background:
Within broad federal guidelines, each state's Medicaid program
establishes its own eligibility standards; determines the type, amount,
duration, and scope of covered services; and sets payment rates. In
general, the federal government matches state Medicaid spending for
medical assistance according to a formula based on each state's per
capita income. In fiscal year 2006, the federal contribution ranges
from 50 to 76 cents of every state dollar spent on medical assistance.
For most state Medicaid administrative costs, the federal match rate is
50 percent.[Footnote 7]
As program administrators, states have primary responsibility for
conducting program integrity activities that address provider
enrollment, claims review, and case referrals. Specifically, federal
statute or CMS regulations require states to:
* collect and verify basic information on potential providers,
including whether the providers meet state licensure requirements and
are not prohibited from participating in federal health care programs;
* have an automated claims payment and information retrieval system--
intended to verify the accuracy of claims, the correct use of payment
codes, and patients' Medicaid eligibility--and a claims review system-
-intended to develop statistical profiles on services, providers, and
beneficiaries to identify potential improper payments;[Footnote 8] and:
* refer suspected overpayments or overutilization cases to other units
in the Medicaid agency for corrective action, and potential fraud cases
to law enforcement--generally to the state's Medicaid Fraud Control
Unit for investigation and prosecution.[Footnote 9]
As noted in our 2004 report,[Footnote 10] states use a variety of
controls and safeguards to stem improper provider payments. For
example, states reported using information technology to integrate
databases containing provider, beneficiary, and claims information and
to increase the effectiveness of their utilization reviews. Various
states individually attributed cost savings or recoupments to these
efforts, valued in the millions of dollars.
In contrast, CMS's role in curbing fraud, waste, and abuse in the
Medicaid program is largely one of support to the states. As we
reported in 2004,[Footnote 11] CMS administers two pilot projects, one
focused on measuring the accuracy of a state's Medicaid claims
payments--Payment Accuracy Measurement (PAM)--and the other focused on
improper billing detection and utilization patterns by linking
Medicare[Footnote 12] and Medicaid claims information (Medi-Medi). CMS
also sponsors general technical assistance and information-sharing
through its Medicaid fraud and abuse technical assistance group (TAG).
In addition, CMS performs oversight of states' Medicaid fraud and abuse
control activities through its compliance reviews. (See table 1.)
Table 1: CMS Activities to Support and Oversee States' Fraud and Abuse
Control Efforts, Fiscal Year 2004:
CMS initiatives: PAM/Payment Error Rate Measurement (PERM);
Description: CMS conducted a 3-year pilot called PAM to develop
estimates of states' accuracy in paying Medicaid claims. During fiscal
year 2006, PAM will become a permanent program--to be known as the PERM
initiative--in order to measure improper payments in Medicaid, to
fulfill a requirement of the Improper Payments Information Act of
2002.[A] Under PERM, states will be expected to ultimately reduce their
payment error rates over time by better targeting program integrity
activities in their Medicaid and SCHIP programs.
CMS initiatives: Medi-Medi;
Description: Under this pilot program, CMS facilitates the sharing of
health benefit and claims information between the Medicaid and Medicare
programs. Medi-Medi is a data match pilot designed to identify improper
billing and utilization patterns by matching Medicare and Medicaid
claims information on providers and beneficiaries to reduce fraudulent
schemes that cross program boundaries.
CMS initiatives: TAG;
Description: Through telephone conferencing, CMS provides a forum for
states to discuss issues, solutions, resources, and experiences on
fraud and abuse issues. Any state may participate; roughly one-third do
so regularly. States have also used the TAG to propose policy changes
to CMS.
CMS initiatives: Compliance reviews;
Description: CMS conducts on-site reviews to assess whether state
Medicaid fraud and abuse control efforts comply with federal
requirements, such as those governing provider enrollment, claims
review, utilization control, and coordination with each state's
Medicaid Fraud Control Unit. If reviewers find a state that is
significantly out of compliance, they may encourage it to develop a
corrective action plan and revisit the state to verify actions taken.
Source: GAO-04-707.
[A] Pub. L. No. 107-300, 116 Stat. 2350.
[End of table]
CMS also has a significant role in curbing fraud, waste, and abuse in
Medicare. Through its Medicare Integrity Program, CMS contracts with
companies to conduct program integrity activities, such as reviewing
claims and ensuring that Medicare pays the appropriate amount when
beneficiaries have other health insurance.
CMS Committed Few Resources and Had No Strategic Plan to Address
Medicaid Fraud and Abuse:
As we testified last year, a wide disparity exists between the level of
staff and financial resources that CMS has expended to support and
oversee states' fraud and abuse control activities and the amount of
federal dollars at stake in Medicaid benefit payments.[Footnote 13] In
fiscal year 2005, CMS dedicated an estimated 8.1 full-time-equivalent
employees to support and oversee states' anti-fraud-and-abuse
operations. In contrast, the federal government spent over $168 billion
for Medicaid benefits in fiscal year 2004. Further, some of the
promising efforts to support and oversee states were at risk of being
cut back or terminated, and CMS lacked a strategic plan to direct its
anti-fraud-and-abuse efforts.
Funding for some of CMS's most promising anti-fraud-and-abuse
activities declined in recent years, which threatened the continuity of
these efforts. The amount of funding for the project to estimate state
improper payment rates, PAM/PERM, and the project to match Medicare and
Medicaid claims, Medi-Medi, declined from $7.8 million in fiscal year
2004 to $3.6 million in fiscal year 2005. Both of these projects are
important. Measuring improper payments in Medicaid and other programs
is required by statute, while Medi-Medi is uncovering significant
billing problems. As of March 31, 2005, seven states with fully
operational Medi-Medi projects reported a total of $133.1 million in
returns to the Medicaid and Medicare programs, $59.7 million in program
vulnerabilities identified, and $2 million in overpayments to be
recovered. However, because of anticipated unmet funding needs, we
testified that existing Medi-Medi projects were at risk of being scaled
back considerably or eliminated entirely. Last year, agency officials
noted that several other states were interested in participating in the
program but that CMS would not expand the program without a new
allocation or realignment of funds.
Further, we testified that the HHS budget appropriations for CMS's
Medicaid compliance reviews had decreased each year from fiscal year
2002 through fiscal year 2004. Since 2000, CMS staff from the regional
offices and headquarters had conducted compliance reviews of seven to
eight states a year. These reviews proved to be effective. However, at
that pace, CMS would review states' programs once every 7 years,
preventing the agency from having up-to-date knowledge on more than a
handful of states at any given time.
Resource shortages also have severely limited CMS's activities to
provide technical assistance and disseminate information on states'
best practices. These activities had demonstrated positive results.
However, CMS has not sponsored a national conference with state program
integrity officials since 2003 and has not sponsored any fraud and
abuse workshops or training since 2000.
In addition to devoting limited staff and financial resources, CMS
lacked a strategic plan to direct its anti-fraud-and-abuse
efforts.[Footnote 14] Neither HHS nor CMS had produced a public
document that included long-term goals in the area of supporting
states' efforts to address fraud and abuse in the Medicaid program and
specific plans for achieving these goals.
CMS Has New Authority, Resources, and Responsibilities to Address
Fraud, Waste, and Abuse:
The DRA has added substantially to CMS's authority, resources, and
responsibilities to address Medicaid fraud, waste, and abuse.[Footnote
15] It established a new program that is solely focused on promoting
the integrity of Medicaid and provides specified appropriations that
CMS can use to fund activities to support state efforts to combat
fraud, waste, and abuse. To conduct the new Medicaid Integrity Program,
the law specified an appropriation of $5 million in fiscal year 2006,
$50 million in each of fiscal years 2007 and 2008, and $75 million in
each of the subsequent fiscal years. As part of the Medicaid Integrity
Program, CMS is given authority to contract with eligible entities to
conduct activities to address fraud, waste, and abuse in the state
programs through activities such as audits of consulting contracts and
reported costs of nursing home services.[Footnote 16] In addition, CMS
is required to increase by 100 its full-time-equivalent employees whose
duties consist solely of protecting the integrity of the Medicaid
program by providing effective support and assistance to the
states.[Footnote 17] The authorization of funds for the Medicaid
Integrity Program is similar to that of the Medicare Integrity Program,
which was also established with specified appropriations and the
authority for CMS to contract with companies to conduct integrity
activities. CMS credits the Medicare Integrity Program with helping the
agency measure and reduce payment errors in the Medicare fee-for-
service program.
The DRA also provides for a national expansion of the Medi-Medi
program. The statute appropriates funds for CMS to contract with third
parties to identify program vulnerabilities in Medicare and Medicaid
through examining billing and payment abnormalities. The funds also can
be used in connection with the Medi-Medi program for two other
purposes. First, the funds can be used to coordinate actions by CMS,
the states, the Attorney General, and the HHS Office of Inspector
General to protect Medicaid and Medicare expenditures. Second, the
funds can be used to increase the effectiveness and efficiency of both
Medicare and Medicaid through cost avoidance, savings, and recouping
fraudulent, wasteful, or abusive expenditures. For Medi-Medi, the
statute appropriates $12 million for fiscal year 2006, $24 million for
fiscal year 2007, $36 million for fiscal year 2008, $48 million for
fiscal year 2009, and $60 million for fiscal year 2010 and each
subsequent fiscal year.
Beginning in fiscal year 2006 and every 5 fiscal years thereafter, the
DRA requires CMS to establish a comprehensive plan for ensuring the
integrity of the Medicaid program by combating fraud, waste, and abuse.
CMS is required to develop the plan in consultation with the Attorney
General, the Director of the Federal Bureau of Investigation, the
Comptroller General, the HHS Office of Inspector General, and state
officials responsible for controlling Medicaid provider fraud and
abuse. Developing a plan in consultation with other agencies with
responsibilities to address fraud, waste, and abuse issues will
encourage additional dialogue on the overall direction of federal and
state efforts. In addition, CMS is required to submit an annual report
to Congress no later than 180 days after the end of each fiscal year,
which identifies the agency's use, and the effectiveness of the use, of
the Medicaid Integrity Program funds it has expended. This reporting
mechanism can help CMS focus on making the wisest investment of its new
resources.
Developing CMS's Plan Is a Critical First Step:
CMS faces a key implementation challenge early on--to develop a
comprehensive plan for Medicaid program integrity. A properly developed
plan will provide strategic direction for CMS, its contractors, the
states, and law enforcement partners. Key areas that the plan should
address include the allocation of financial resources among activities
to reduce program risk to the greatest extent possible and the
effective deployment of program integrity staff within the agency.
CMS's plan--if well thought out and formulated--could provide a
blueprint for ensuring that new DRA funding is appropriately invested
and that CMS staff devoted to Medicaid program integrity efforts are
most effectively deployed. CMS is still in the beginning stages of
formulating its plan and has not received final departmental approval
for some of its initial implementation steps. As a result, agency
officials were not at liberty to discuss their planning efforts with us
in much detail.
A comprehensive plan for program integrity is not a new concept for
CMS. In February 1999, CMS issued such a plan for the Medicare and
Medicaid programs.[Footnote 18] Most of the material in this plan
focused on Medicare, and the plan has not been updated since 1999.
However, it could serve as a possible template for communicating
updated information on Medicaid efforts. In addition to communicating
information about the goals that CMS hoped to achieve and proposed
strategies for achieving them, the plan described an iterative program
integrity process that focused on identifying and assessing risk,
developing and implementing approaches to addressing risk, and
monitoring and measuring progress. Further, the process described in
the 1999 program integrity plan is similar to strategies that we have
highlighted in the past as being used by public and private sector
organizations to manage improper payments.[Footnote 19]
Structured analysis of risk and meaningful measures of performance are
an integral part of any plan, but will prove challenging to develop in
the Medicaid program. The difficulty stems from CMS's having limited
information on the extent of improper payments in the state programs.
In addition, because state programs vary in their design, the intensity
of their risks of fraud, waste, and abuse may differ. While a
comprehensive plan cannot deal with the issues of each state, it can
articulate a strategy for states to address the vulnerabilities in
their programs. Further, developing meaningful measures of the impact
of the Medicaid Integrity Program will require a long-term investment
of resources, and these measures will not be available for CMS's first
comprehensive plan. Medicare has taken years to develop and refine its
error-rate testing program, under which CMS conducts an annual study to
estimate Medicare improper payments.
CMS is in the early stages of developing a similar measure for
Medicaid. The agency recently completed its 3-year PAM pilot, so the
results of payment error studies are available from the 27
participating states. CMS is transitioning from PAM to PERM. Under
PERM, states will be expected to ultimately reduce their payment error
rates over time by better targeting program integrity activities in
their Medicaid and SCHIP programs. When fully implemented, PERM should
allow CMS to compile data about Medicaid improper payments on the state
and national levels, which could allow CMS to track progress, as well
as identify states that may require special assistance, in reducing
improper payment error rates. CMS expects to have its first PERM
results in 2008. In addition to assessing progress toward reducing
improper payments, CMS will also need to develop other methods of
measuring the effectiveness of program integrity activities. One such
measure, used in the Medicare program, is calculating a return on
investment, which measures the dollars saved for each dollar spent.
In developing its plan, CMS must decide how to most appropriately
invest new resources. In the past, CMS has invested a substantial
amount of its resources in the oversight of states' financial
management activities, such as state claims for federal matching. For
more than a decade, states have used various financing schemes to
inappropriately cause the federal government to pay an excessive share
of reported Medicaid costs.[Footnote 20] While financial oversight of
these schemes was needed, states also needed encouragement and support
to address fraud committed by providers against the state Medicaid
program.
Now, in light of new funds provided through the Medicaid Integrity
Program, CMS will be faced with the goal of prudently investing
millions of dollars each year to address fraud by providers and others-
-such as managed care plans--in Medicaid. In order to spend its new
funds appropriately, CMS must weigh its options and consider both the
costs and benefits of various activities, such as educating providers
as compared with conducting reviews to help identify potential fraud.
Nevertheless, CMS does have some flexibility in investing its new
Medicaid Integrity Program resources. If CMS does not spend all the
funds appropriated for the Medicaid Integrity Program in one year, the
agency will be allowed to spend them in succeeding years.[Footnote 21]
However, the requirement to annually report on its use of funds will
provide information on whether CMS is generally using the funding, as
opposed to continually rolling funding forward.
CMS may also be able to use some of its DRA funds to help facilitate
communication and coordination with states through conferences and the
TAG. According to a CMS official, such information-sharing and
technical assistance activities would not be expensive to support and
could result in returns that would exceed the relatively low
investment. Similarly, the TAG has served as a forum to share expertise
and best practices; advise CMS on policies, procedures, and program
development; and make recommendations on federal policy and legislative
changes. CMS might be able to further facilitate state participation
through additional support for this forum.
Another key planning area for CMS involves deciding how best to deploy
Medicaid program integrity staff within the agency. This is a
particularly critical issue as CMS ramps up its Medicaid Integrity
Program with the hiring of new employees. A CMS official told us that
the agency is already developing position descriptions as a precursor
to hiring new employees to help address the DRA requirement to increase
by 100 the number of full-time-equivalent employees devoted to
assisting states in efforts to combat Medicaid provider fraud and
abuse. In addition, the agency has made some preliminary decisions
about placement of staff within the central office and its regional
offices. It will take considerable time and effort for CMS to hire
qualified staff and train them to perform the various activities that
ensure good stewardship of the program. CMS could not provide us with a
definitive schedule for when the bulk of its hiring will be completed.
Also consistent with a new focus on fraud, waste, and abuse prevention,
the agency is considering the steps it will need to take to
competitively select contractors to conduct reviews to help identify
fraudulent and abusive billing behavior by providers. CMS is currently
exploring how it will use these contractors, either to support state
efforts or to identify problems across states.
CMS has also decided to establish a new group to house the Medicaid
Integrity Program. This group will be composed of both central and
regional office staff and report directly to the director of the Center
for Medicaid and State Operations (CMSO). CMSO, which is responsible
for most other Medicaid activities, currently staffs the state
compliance reviews and TAG activities. However, the Medi-Medi and
PAM/PERM projects are the responsibility of CMS's Office of Financial
Management, which also staffs the Medicare Integrity Program. In the
past, we have raised concerns that Medicaid anti-fraud-and-abuse staff
at headquarters have not been a part of the agency's office responsible
for conducting other key anti-fraud-and-abuse activities, including
those for the Medicare program. The staff at CMSO have the most
experience working with Medicaid issues, although the staff at CMS with
experience in Medicare program integrity contracting are located in the
Office of Financial Management. As CMS establishes the Medicaid
Integrity Program and new employees come on board, it will be important
to ensure that the agency is in an optimal position to leverage the
expertise and experience of its existing staff. For example, CMS will
need to ensure that staff with expertise in developing strategies for
combating Medicare fraud, waste, and abuse work in a closely
coordinated fashion with staff that are familiar with states' Medicaid
plans and fraud control officials and activities.
Concluding Observations:
Implementing the Medicaid Integrity Program and developing a
comprehensive plan gives CMS a unique opportunity to provide leadership
to states and law enforcement in their fraud, waste, and abuse control
efforts. Having dedicated resources also presents challenges to ensure
that CMS spends wisely as it starts new initiatives and ensures the
continuity of current beneficial activities. Using this opportunity to
develop an iterative process of working with states to identify risks,
develop strategies to address them, and measure the results through
assessing improper payment rates and potential recoveries can help
ensure that the Medicaid Integrity Program funding is targeted to an
optimal effect. CMS has expertise in addressing fraud, waste, and abuse
within the Medicare program and in the state programs that can be
leveraged to benefit the Medicaid Integrity Program. Properly
leveraging this expertise will require effective coordination and
communication within CMS, with states, and with their law enforcement
partners.
We discussed the facts in this statement with a CMS Medicaid official,
who stated that the agency is pleased to have new resources to address
fraud, waste, and abuse in the Medicaid program. He indicated that CMS
had developed proposals for implementing the Medicaid Integrity
Program, but he was not in a position to discuss them in detail because
they are undergoing review within HHS. CMS is presently deciding on the
skills needed by the 100 additional full-time-equivalent employees
required by the DRA; exploring options for contracting; and developing
its comprehensive plan.
Mr. Chairman, this concludes my prepared remarks. I would be happy to
answer any questions that you or other Members of the Subcommittee may
have.
Contact:
For further information regarding this statement, please contact Leslie
G. Aronovitz at (312) 220-7600.
Acknowledgments:
Sheila K. Avruch, Assistant Director, Susan E. Barnidge, Sandra D.
Gove, Kevin Milne, and Elizabeth T. Morrison contributed to this
statement.
[End of section]
Related GAO Products:
Medicaid Fraud and Abuse: CMS's Commitment to Helping States Safeguard
Program Dollars Is Limited. GAO-05-855T. Washington, D.C.: June 28,
2005.
High-Risk Series: An Update. GAO-05-207. Washington, D.C.: January
2005.
Medicaid Program Integrity: State and Federal Efforts to Prevent and
Detect Improper Payments. GAO-04-707. Washington, D.C.: July 16, 2004.
Major Management Challenges and Program Risks: Department of Health and
Human Services. GAO-03-101. (Washington, D.C.: January 2003).
Strategies to Manage Improper Payments: Learning from Public and
Private Sector Organizations. GAO-02-69G. Washington, D.C.: October
2001.
Medicaid: State Efforts to Control Improper Payments Vary. GAO-01-662.
Washington, D.C.: June 7, 2001.
FOOTNOTES
[1] The 56 Medicaid programs include one for each of the 50 states, the
District of Columbia, Puerto Rico, and the U.S. territories of American
Samoa, Guam, Northern Mariana Islands, and the Virgin Islands.
Hereafter, all 56 entities are referred to as states.
[2] GAO, Major Management Challenges and Program Risks: Department of
Health and Human Services, GAO-03-101 (Washington, D.C.: January 2003).
[3] Improper payments can result from inadvertent errors as well as
intended fraud and abuse. Unlike inadvertent errors, which are often
due to clerical errors or a misunderstanding of program rules, fraud
involves an intentional act or representation to deceive with knowledge
that the action or representation could result in gain, while abuse
typically involves actions that are inconsistent with acceptable
business and medical practices that result in unnecessary cost. See,
e.g., 42 CFR § 455.2 (2005).
[4] SCHIP is a jointly funded federal-state program that provides
health insurance to children in low-income families who do not qualify
for Medicaid and are not covered by other insurance.
[5] GAO, Medicaid Fraud and Abuse: CMS's Commitment to Helping States
Safeguard Program Dollars Is Limited, GAO-05-855T (Washington, D.C.:
June 28, 2005).
[6] See Pub. L. No. 109-171, § 6034, 120 Stat. 3, 74-78 (2006).
[7] For skilled professional medical personnel engaged in program
integrity activities, such as those who review medical records, 75
percent federal matching is available.
[8] CMS requires that states have certain information processing
capabilities, including a Medicaid Management Information System and a
Surveillance and Utilization Review Subsystem.
[9] Medicaid Fraud Control Units can, in turn, refer some cases to the
HHS Office of Inspector General, the Federal Bureau of Investigation,
and the Department of Justice for further investigation and
prosecution.
[10] GAO, Medicaid Program Integrity: State and Federal Efforts to
Prevent and Detect Improper Payments, GAO-04-707 (Washington, D.C.:
July 16, 2004).
[11] GAO-04-707.
[12] Medicare is the federal program that helps pay for a variety of
health care services and items on behalf of about 42 million elderly
and disabled beneficiaries.
[13] GAO-05-855T. We did not address issues regarding waste in this
testimony.
[14] GAO-05-855T.
[15] While the DRA vests the Secretary of Health and Human Services
with authority to implement the Medicaid Integrity Program, in general,
administration of the Medicaid program is delegated to CMS.
[16] The activities for which CMS can contract with entities under the
Medicaid Integrity Program are (1) review of Medicaid providers or
others--such as managed care plans--to determine whether their actions
have led, or could lead, to waste, fraud, or abuse; (2) audit of claims
for payment for items, services, or administrative services rendered,
including audits of reported costs and consulting and other contracts;
(3) identification of overpayments to individuals or entities receiving
Medicaid payments; and (4) education of providers of services, managed
care entities, beneficiaries, and other individuals on payment
integrity and quality of care.
[17] The DRA did not establish a date for CMS to complete its hiring of
full-time-equivalent staff.
[18] Health Care Financing Administration, Comprehensive Plan for
Program Integrity, HCFA-02142 (Baltimore, Md.: February 1999). Until
July 1, 2001, CMS was called the Health Care Financing Administration.
[19] GAO, Strategies to Manage Improper Payments: Learning from Public
and Private Sector Organizations, GAO-02-69G (Washington, D.C.: October
2001). Strategies include creating a culture of accountability by
establishing a positive and supportive attitude toward improving
program integrity; assessing the nature and extent of risks; taking
action to address identified risk areas; using and sharing information
to manage improper payments; and monitoring activities to address
improper payments over time.
[20] GAO, Medicaid Financing: States' Use of Contingency-Fee
Consultants to Maximize Federal Reimbursements Highlights Need for
Improved Federal Oversight, GAO-05-748 (Washington, D.C.: June 28,
2005); Medicaid: States' Efforts to Maximize Federal Reimbursements
Highlight Need for Improved Federal Oversight, GAO-05-836T (Washington,
D.C.: June 28, 2005); and Medicaid: Improved Federal Oversight of State
Financing Schemes Is Needed, GAO-04-228 (Washington, D.C.: Feb. 13,
2004).
[21] See Social Security Act § 1936(e), as added by Pub. L. No. 109-
171, § 6034, 120 Stat. at 76.