Medicare Fraud, Waste, and Abuse
Challenges and Strategies for Preventing Improper Payments
Gao ID: GAO-10-844T June 15, 2010
GAO has designated Medicare as a high-risk program since 1990, in part because the program's size and complexity make it vulnerable to fraud, waste, and abuse. Fraud represents intentional acts of deception with knowledge that the action or representation could result in an inappropriate gain, while abuse represents actions inconsistent with acceptable business or medical practices. Waste, which includes inaccurate payments for services, also occurs in the Medicare program. Fraud, waste, and abuse all can lead to improper payments, overpayments and underpayments that should not have been made or that were made in an incorrect amount. In 2009, the Centers for Medicare & Medicaid Services (CMS)--the agency that administers Medicare--estimated billions of dollars in improper payments in the Medicare program. This statement, will focus on challenges facing CMS and selected key strategies that are particularly important to helping prevent fraud, waste, and abuse, and ultimately to reducing improper payments, including challenges that CMS continues to face. It is based on nine GAO products issued from September 2005 through March 2010 using a variety of methodologies, including analysis of claims, review of relevant policies and procedures, stakeholder interviews, and site visits. GAO received updated information from CMS in June 2010.
GAO has identified challenges and strategies in five key areas important in preventing fraud, waste, and abuse, and ultimately to reducing improper payments. GAO has made recommendations in these areas. CMS has made progress in some of these areas, and recent legislation may provide the agency with enhanced authority. However, CMS faces continuing challenges. 1. Strengthening provider enrollment process and standards. Checking the background of providers at the time they apply to become Medicare providers is a crucial step to reduce the risk of enrolling providers intent on defrauding or abusing the program. In particular, GAO has recommended stricter scrutiny of providers identified as particularly vulnerable to improper payments to ensure they are legitimate businesses. 2. Improving pre-payment review of claims. Pre-payment reviews of claims are essential to helping ensure that Medicare pays correctly the first time. GAO has recommended that CMS further enhance its ability to identify improper claims through additional automated pre-payment claim review before they are paid. 3. Focusing post-payment claims review on most vulnerable areas. Post- payment reviews are critical to identifying payment errors and recouping overpayments. GAO has recommended that CMS better target claims for post payment review on the most vulnerable areas. 4. Improving oversight of contractors. Because Medicare is administered by contractors, overseeing their activities to address fraud, waste, and abuse is critical. GAO found that CMS's oversight of prescription drug plan sponsors' compliance programs has been limited. However, partly in response to GAO's recommendation, CMS oversight of these programs is expanding. 5. Developing a robust process for addressing identified vulnerabilities. Having mechanisms in place to resolve vulnerabilities that lead to improper payment is vital to program management, but CMS has not developed a robust process to specifically address these. GAO has recommended that CMS establish an adequate process to ensure prompt resolution of identified improper payment vulnerabilities.
GAO-10-844T, Medicare Fraud, Waste, and Abuse: Challenges and Strategies for Preventing Improper Payments
This is the accessible text file for GAO report number GAO-10-844T
entitled 'Medicare Fraud, Waste, and Abuse: Challenges and Strategies
for Preventing Improper Payments' which was released on June 15, 2010.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as
part of a longer term project to improve GAO products' accessibility.
Every attempt has been made to maintain the structural and data
integrity of the original printed product. Accessibility features,
such as text descriptions of tables, consecutively numbered footnotes
placed at the end of the file, and the text of agency comment letters,
are provided but may not exactly duplicate the presentation or format
of the printed version. The portable document format (PDF) file is an
exact electronic replica of the printed version. We welcome your
feedback. Please E-mail your comments regarding the contents or
accessibility features of this document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
Testimony:
Before the Subcommittees on Health and Oversight, Committee on Ways
and Means, House of Representatives:
United States Government Accountability Office:
GAO:
For Release on Delivery:
Expected at 10:00 a.m. EDT:
Tuesday, June 15, 2010:
Medicare Fraud, Waste, and Abuse:
Challenges and Strategies for Preventing Improper Payments:
Statement of Kathleen M. King:
Director, Health Care:
GAO-10-844T:
GAO Highlights:
Highlights of GAO-10-844T, a testimony before the Subcommittees on
Health and Oversight, Committee on Ways and Means, House of
Representatives.
Why GAO Did This Study:
GAO has designated Medicare as a high-risk program since 1990, in part
because the program‘s size and complexity make it vulnerable to fraud,
waste, and abuse. Fraud represents intentional acts of deception with
knowledge that the action or representation could result in an
inappropriate gain, while abuse represents actions inconsistent with
acceptable business or medical practices. Waste, which includes
inaccurate payments for services, also occurs in the Medicare program.
Fraud, waste, and abuse all can lead to improper payments,
overpayments and underpayments that should not have been made, or that
were made in an incorrect amount. In 2009, the Centers for Medicare &
Medicaid Services (CMS)”the agency that administers Medicare”estimated
billions of dollars in improper payments in the Medicare program.
This statement will focus on challenges facing CMS and selected key
strategies that are particularly important to helping prevent fraud,
waste, and abuse, and ultimately to reducing improper payments. It is
based on nine GAO products issued from September 2005 through March
2010 using a variety of methodologies, including analysis of claims,
review of relevant policies and procedures, stakeholder interviews,
and site visits. GAO received updated information from CMS in June
2010.
What GAO Found:
GAO has identified challenges and strategies in five key areas
important in preventing fraud, waste, and abuse, and ultimately to
reducing improper payments. GAO has made recommendations in these
areas. CMS has made progress in some of these areas, and recent
legislation may provide the agency with enhanced authority. However,
CMS faces continuing challenges.
1. Strengthening provider enrollment process and standards. Checking
the background of providers at the time they apply to become Medicare
providers is a crucial step to reduce the risk of enrolling providers
intent on defrauding or abusing the program. In particular, GAO has
recommended stricter scrutiny of providers identified as particularly
vulnerable to improper payments to ensure they are legitimate
businesses.
2. Improving pre-payment review of claims. Pre-payment reviews of
claims are essential to helping ensure that Medicare pays correctly
the first time. GAO has recommended that CMS further enhance its
ability to identify improper claims through additional automated pre-
payment claim review before they are paid.
3. Focusing post-payment claims review on most vulnerable areas. Post-
payment reviews are critical to identifying payment errors and
recouping overpayments. GAO has recommended that CMS better target
claims for post payment review on the most vulnerable areas.
4. Improving oversight of contractors. Because Medicare is
administered by contractors, overseeing their activities to address
fraud, waste, and abuse is critical. GAO found that CMS‘s oversight of
prescription drug plan sponsors‘ compliance programs has been limited.
However, partly in response to GAO‘s recommendation, CMS oversight of
these programs is expanding.
5. Developing a robust process for addressing identified
vulnerabilities. Having mechanisms in place to resolve vulnerabilities
that lead to improper payment is vital to program management, but CMS
has not developed a robust process to specifically address these. GAO
has recommended that CMS establish an adequate process to ensure
prompt resolution of identified improper payment vulnerabilities.
View [hyperlink, http://www.gao.gov/products/GAO-10-844T] or key
components. For more information, contact Kathleen M. King at (202)
512-7114 or kingk@gao.gov.
[End of section]
Mr. Chairman and Members of the Subcommittees:
I am pleased to be here today to discuss our work regarding fraud,
waste, and abuse in the Medicare program.[Footnote 1] We have
designated Medicare as a high-risk program since 1990, in part because
we found the program's size and complexity make it vulnerable to
fraud, waste, and abuse.[Footnote 2] Fraud represents intentional acts
of deception with knowledge that the action or representation could
result in an inappropriate gain, while abuse represents actions
inconsistent with acceptable business or medical practices. Waste,
which includes inaccurate payments for services, such as unintentional
duplicate payments, also occurs in the Medicare program.
Fraud, waste, and abuse all can lead to improper payments,
overpayments and underpayments that should not have been made or that
were made in an incorrect amount. The Centers for Medicare & Medicaid
Services (CMS)[Footnote 3]--the agency that administers Medicare--has
estimated improper payments for Medicare fee-for-service (FFS) at
$24.1 billion in calendar year 2009.[Footnote 4] Even this may not be
a full picture of the risk for improper payments because some improper
payments may not be detected and hence may not be reflected in the
improper payment rate.[Footnote 5]
Beginning in 1997, Congress has allocated funds specifically for CMS
oversight activities designed to ensure that claims are paid
correctly, both through dedicated funding and augmented more recently
through annual appropriations. Further, the Patient Protection and
Affordable Care Act (PPACA)[Footnote 6] and the Health Care and
Education Reconciliation Act of 2010 (HCERA)[Footnote 7] have
provisions that may help strengthen strategies CMS may take to reduce
improper payments. For example, the legislation requires the
Department of Health and Human Services (HHS) to undertake certain
actions designed to strengthen the agency's processes of screening and
enrolling Medicare providers in an effort to combat fraud, waste, and
abuse.
However, preventing improper payments in Medicare is a continuing
challenge. Within Medicare FFS, CMS contractors are responsible for
processing and paying approximately 4.5 million claims per day,
enrolling providers, responding to beneficiary questions, and
investigating potential Medicare fraud.[Footnote 8] For Medicare
Advantage, Medicare's private health insurance program, and the
Medicare prescription drug benefit, CMS contracts with private health
plans and drug plan sponsors, respectively, that are responsible for
administering Medicare benefits. Hence, CMS contractors have an
important role in preventing improper payments.[Footnote 9] In the
course of our work, we have identified challenges facing CMS and
selected key strategies that are particularly important to helping
prevent fraud, waste, and abuse, and ultimately to reducing improper
payments. My testimony today will focus on our findings in these areas.
This statement is based on nine products that we have issued regarding
fraud, waste, abuse, and improper payments in the Medicare program.
These products were issued from September 2005 through March 2010
using a variety of methodologies, including analysis of claims, review
of relevant policies and procedures, stakeholder interviews, and site
visits.[Footnote 10] For this statement we also received updated
information from CMS in June 2010. Our work was performed in
accordance with generally accepted government auditing standards.
Those standards require that we plan and perform the audit to obtain
sufficient, appropriate evidence to provide a reasonable basis for our
findings and conclusions based on our audit objectives. We believe
that the evidence obtained provides a reasonable basis for our
findings and conclusions based on our audit objectives.
CMS Faces Challenges in Implementing Strategies to Prevent Fraud,
Waste, and Abuse:
GAO has identified key strategies to help CMS address challenges it
faces in preventing fraud, waste, and abuse, and ultimately to
reducing improper payments. These strategies are: (1) strengthening
provider enrollment processes and standards, (2) improving pre-payment
review of claims, (3) focusing post-payment claims review on most
vulnerable areas, (4) improving oversight of contractors, and (5)
developing a robust process for addressing identified
vulnerabilities.[Footnote 11] In the course of our work, we have found
that CMS has made progress in some of these areas, and recent
legislation may provide it with enhanced authority. However, CMS has
not implemented some of our recommendations and other challenges
remain.
Strengthening Provider Enrollment Processes and Standards to Reduce
the Risk of Enrolling Providers Intent on Abusing the Program:
Given the large number of providers filing claims with Medicare and
the volume of payments the agency and its contractors handle, ensuring
that providers are legitimate businesses before allowing them to bill
Medicare is important. Checking the background of providers at the
time they apply to become Medicare providers is a crucial step to
reduce the risk of enrolling providers intent on defrauding or abusing
the program. In particular, we have recommended stricter scrutiny of
enrollment processes for two types of providers whose services and
items CMS has identified as especially vulnerable to improper
payments--home health agencies (HHA)[Footnote 12] and suppliers of
durable medical equipment, prosthetics, orthotics, and supplies
(DMEPOS).[Footnote 13]
CMS contractors are responsible for screening enrollment applications
from prospective HHAs. We found that the screening process was not
thorough. This may have contributed to a rapid increase in the number
of HHAs that billed Medicare in certain states with unusually high
rates of billing patterns indicative of fraud and abuse. For example,
the contractors were not required to verify the criminal history of
persons named on the application. We recommended that CMS assess the
feasibility of such a criminal history verification of all key
officials' names on an HHA enrollment application; to date, CMS has
not implemented this recommendation.
Regarding DMEPOS suppliers, we also found that CMS had not taken
sufficient steps to prevent entities intent on defrauding Medicare
from enrolling in the program. In 2005, we reported that more
effective screening and stronger enrollment standards were
needed.[Footnote 14] CMS implemented new supplier enrollment standards
in January 2008, partly in response to our recommendation. However, in
that same year, we exposed persistent weaknesses when we created two
fictitious medical equipment companies that were enrolled by CMS's
contractor and given permission to begin billing Medicare.[Footnote
15] As an enrollment requirement, suppliers are required to show that
they have contracts for obtaining inventory--but the contracts
provided with the applications of our fictitious companies would have
been shown to be fabricated if they had been reviewed properly.
Since January 2008, CMS has taken two additional steps to ensure that
only legitimate DMEPOS suppliers can bill Medicare. First, it
implemented a requirement for DMEPOS suppliers to post a surety bond
to help ensure that the Medicare program recoups erroneous payments
that result from fraudulent or abusive billing practices.[Footnote 16]
Second, CMS required that all DMEPOS suppliers be accredited by a CMS-
approved accrediting organization to ensure that they meet minimum
standards. CMS told us that thousands of DMEPOS suppliers were removed
as result of these requirements.
In addition, Congress has directed CMS to implement a competitive
bidding program for DME, which could also help reduce fraud, waste,
and abuse because it authorizes CMS to select suppliers based in part
on new scrutiny of their financial documents and other application
materials. However, the program will not take effect until January
2011 and it will initially be implemented in only nine metropolitan
areas.
Implementation of additional authorities in PPACA and HCERA also may
help the agency strengthen provider enrollment, including addressing
vulnerabilities our work has identified. In particular, among other
provisions, the legislation allows HHS to (1) add criminal and
background checks to its enrollment screening processes, depending on
the risks presented by the provider; and (2) impose a temporary
moratorium on enrollment of providers, if the agency deems it
necessary to prevent fraud and abuse.[Footnote 17] In addition, there
are specific requirements for providers to disclose any current or
previous affiliation with a provider or supplier that has uncollected
debt, has been or is subject to a payment suspension under a federal
health care program, has been excluded from participation under
Medicare, Medicaid or the State Children's Health Insurance Program
(CHIP) or has had its billing privileges denied or revoked. HHS may
deny enrollment to any such provider whose previous affiliations pose
an undue risk. However, the effectiveness of these authorities is
unknown and will depend on CMS's implementation. CMS told us that the
agency is in the process of implementing these authorities, including
drafting regulations on criminal and background checks.
Improving Pre-Payment Review of Claims:
Pre-payment reviews of claims are essential to helping ensure that
Medicare pays correctly the first time; however, these reviews are
challenging due to the volume of claims. Overall, less than 1 percent
of Medicare's claims are subject to a medical record review by trained
personnel[Footnote 18]--so having robust automated payment controls
called edits in place that can deny inappropriate claims or flag them
for further review is critical. However, we have found weaknesses in
these pre-payment controls. For example, in 2007, we found that
contractors responsible for reviewing DMEPOS suppliers' claims did not
have automated pre-payment controls in place to identify questionable
claims that might connote fraud, such as those associated with
atypically rapid increases in billing or for items unlikely to be
prescribed in the course of routine quality medical care.[Footnote 19]
As a result, we recommended in 2007 that CMS require its contractors
to develop thresholds for unexplained increases in billing and use
them to develop automated pre-payment controls. Although CMS has not
implemented that recommendation specifically, it has added edits to
flag claims for services that were unlikely to be provided in the
normal course of medical care. This is a valuable addition to the
program's safeguards, but additional pre-payment controls, such as
using thresholds for unexplained increases in billing, could further
enhance CMS's ability to identify improper claims before they are paid.
Focusing Post-Payment Claims Review on Most Vulnerable Areas:
Post-payment reviews are critical to identifying payment errors to
recoup overpayments. CMS's contractors have conducted limited post-
payment reviews--for example, we reported in 2009 that two contractors
paying home health claims conducted post-payment reviews on fewer than
700 of the 8.7 million claims that they paid in fiscal year
2007.[Footnote 20] Further, we found that they were not using
evidence, such as findings from pre-payment reviews, to target their
post-payment review resources on providers with a demonstrated high
risk of improper payments. We recommended that post-payment reviews be
conducted on claims submitted by HHAs with high rates of improper
billing identified through pre-payment review. In response, CMS
commented that other types of post-payment review may already include
claims from these HHAs. We continue to believe including this targeted
post-payment review should be a priority.
Cross-checking claims for home health services with the physicians who
prescribed them can be a further safeguard against fraud, waste, and
abuse, but we have found that this is not always done.[Footnote 21]
For example, CMS does not routinely provide physicians responsible for
authorizing home health care with information that would enable them
to determine whether an HHA was billing for unauthorized care. In one
instance, a CMS contractor identified overpayments in excess of $9
million after interviewing physicians who had referred beneficiaries
with high home health costs. The physicians indicated that their
signatures had been forged or that they had not realized the amount of
care they had authorized. We recommended that CMS require that
physicians receive a statement of services beneficiaries received
based on the physicians' certification, but to date, the agency has
not taken action.
CMS's new national recovery audit contracting program, begun in March
2009, was intended to address post-payment efforts; however, we
continue to have concerns about post-payment reviews of HHAs and
DMEPOS. Congress authorized the national program after completion of a
three-year recovery audit contracting demonstration program in 2008.
[Footnote 22] The national program is designed to help the agency
supplement the pre-and post-payment reviews of other contractors.
Recovery audit contractors (RAC) review claims after payment, with
reimbursement to them contingent on finding improper overpayments and
underpayments. Because RACs are paid on a contingent fee based on the
dollar value of the improper payments identified, during the
demonstration RACs focused on claims from inpatient hospital stays,
which are generally more costly services. Therefore, other
contractors' post-payment review activities could be more valuable if
CMS directed these contractors to focus on items and services where
RACs are not expected to focus their reviews, and where improper
payments are known to be high, specifically home health and durable
medical equipment.
Improving Oversight of Contractors:
Because Medicare is administered by contractors, such as drug plan
sponsors, overseeing their activities to address fraud, waste, and
abuse and prevent improper payment is critical. All drug plan sponsors
are required to have programs to safeguard the Medicare prescription
drug program from fraud, waste, and abuse. CMS's oversight of these
programs has been limited but is expanding. In March 2010, we
testified that CMS had completed desk audits of selected sponsors'
compliance plans.[Footnote 23] At that time, CMS was beginning to
implement an expanded oversight strategy, including revising its audit
protocol and piloting on-site audits,[Footnote 24] to assess the
effectiveness of these programs more thoroughly.[Footnote 25] As of
June 2010, the agency has conducted 5 on-site audits and plans to
conduct a total of 30 on-site audits by the end of the fiscal year.
These audits are in response to a recommendation we made in our 2008
study that found that the five sponsors we reviewed (covering more
than one-third of total Medicare prescription drug plan enrollees) had
not completely implemented all seven of CMS's required compliance plan
elements and selected recommended measures for a Medicare prescription
drug fraud, waste, and abuse program.[Footnote 26] In addition, CMS
published a final rule in April 2010 to increase its oversight efforts
and ensure that sponsors have effective compliance programs in place.
[Footnote 27] In issuing the proposed rule, CMS noted that we
requested that the agency take actions to evaluate and oversee fraud
and abuse programs to ensure sponsors have effective programs in
place.[Footnote 28]
Developing a Robust Process for Addressing Identified Vulnerabilities:
Having mechanisms in place to resolve vulnerabilities that lead to
improper payment is critical to program management, but CMS has not
developed a robust process to specifically address identified
vulnerabilities that lead to improper payment. Our Standards for
Internal Control in the Federal Government indicate that part of an
agency's controls should include policies and procedures to ensure
that (1) the findings of all audits and reviews are promptly
evaluated, (2) decisions are made about the appropriate response to
these findings, and (3) actions are taken to correct or otherwise
resolve the issues promptly.[Footnote 29] Further, our Internal
Control Management and Evaluation Tool affirms that in order to
establish an effective internal control environment, the agency has to
appropriately assign authority, including holding individuals
accountable for achieving agency objectives.[Footnote 30]
As we reported in March 2010, CMS did not establish an adequate
process during its initial recovery audit contracting demonstration or
in planning for the national program to ensure prompt resolution of
identified improper payment vulnerabilities.[Footnote 31] During the
demonstration, CMS did not assign responsibility for taking corrective
action on these vulnerabilities to either agency officials,
contractors, or a combination of both. According to CMS officials, the
agency only takes corrective action for vulnerabilities with national
implications, and leaves it up to the contractors that process and pay
claims to decide whether to take action for vulnerabilities that may
only be occurring in certain geographic areas. Additionally, during
the demonstration CMS did not specify in a plan what type of
corrective action was required or establish a timeframe for corrective
action. The documented lack of assigned responsibilities impeded CMS's
efforts to promptly resolve the vulnerabilities that had been
identified during the demonstration.
For the recovery audit contracting national program, CMS established a
corrective action team that will compile, review, and categorize
identified vulnerabilities and discuss corrective action
recommendations. CMS has also appointed the Director of the Office of
Financial Management as responsible for the day-to-day operations of
the program, and the CMS Administrator as the responsible official for
vulnerabilities that span agency components. However, the corrective
action process still does not include any steps to either assess the
effectiveness of the corrective actions taken or adjust them as
necessary based on the results of the assessments. Further, the agency
has not developed time frames for implementing corrective actions. We
recommended that CMS develop and implement a process that includes
policies and procedures to ensure that the agency promptly (1)
evaluates findings of RAC audits, (2) decides on the appropriate
response and a time frame for taking action based on established
criteria, and (3) acts to correct the vulnerabilities identified. CMS
concurred with this recommendation. Agency officials indicated that
they intended to review vulnerabilities on a case-by-case basis and
were considering assigning them to risk categories that would help
them prioritize action. However, this recommendation has not been
implemented.
Mr. Chairman, this concludes my prepared statement. I would be happy
to answer any questions you or other members of the subcommittees may
have.
For further information about this statement, please contact Kathleen
M. King at (202) 512-7114 or kingk@gao.gov. Contact points for our
Offices of Congressional Relations and Public Affairs may be found on
the last page of this statement. Sheila Avruch, Christine Brudevold,
and Martin T. Gahart, Assistant Directors; Lori Achman; Jennie F.
Apter; Thomas Han; Jennel Harvey; Amanda Pusey; and James R. Walker
were key contributors to this statement.
Related GAO Products:
Medicare Recovery Audit Contracting: Weaknesses Remain in Addressing
Vulnerabilities to Improper Payments, Although Improvements Made to
Contractor Oversight. [hyperlink,
http://www.gao.gov/products/GAO-10-143]. Washington, D.C.: March 31,
2010.
Medicare Part D: CMS Oversight of Part D Sponsors' Fraud and Abuse
Programs Has Been Limited, but CMS Plans Oversight Expansion.
[hyperlink, http://www.gao.gov/products/GAO-10-481T]. Washington,
D.C.: March 3, 2010.
Medicare: CMS Working to Address Problems from Round 1 of the Durable
Medical Equipment Competitive Bidding Program. [hyperlink,
http://www.gao.gov/products/GAO-10-27]. Washington, D.C.: November 6,
2009.
Medicare: Improvements Needed to Address Improper Payments in Home
Health. [hyperlink, http://www.gao.gov/products/GAO-09-185].
Washington, D.C.: February 27, 2009.
Medicare Part D: Some Plan Sponsors Have Not Completely Implemented
Fraud and Abuse Programs, and CMS Oversight Has Been Limited.
[hyperlink, http://www.gao.gov/products/GAO-08-760]. Washington, D.C.:
July 21, 2008.
Medicare: Covert Testing Exposes Weaknesses In The Durable Medical
Equipment Supplier Screening Process. [hyperlink,
http://www.gao.gov/products/GAO-08-955]. Washington, D.C.: July 3,
2008.
Medicare: Competitive Bidding For Medical Equipment and Supplies Could
Reduce Program Payments, but Adequate Oversight is Critical.
[hyperlink, http://www.gao.gov/products/GAO-08-767T]. Washington,
D.C.: May 6, 2008.
Medicare: Improvements Needed to Address Improper Payments for Medical
Equipment and Supplies. [hyperlink,
http://www.gao.gov/products/GAO-07-59]. Washington, D.C.: January 31,
2007.
Medicare: More Effective Screening and Stronger Enrollment Standards
Needed for Medical Equipment Suppliers. [hyperlink,
http://www.gao.gov/products/GAO-05-656]. Washington, D.C.: September
22, 2005.
[End of section]
Footnotes:
[1] Medicare is the federally financed health insurance program for
persons aged 65 or over, certain individuals with disabilities, and
individuals with end-stage renal disease. The program consists of four
parts. Medicare Part A covers hospital and other inpatient stays.
Medicare Part B is optional insurance, and covers hospital outpatient,
physician, and other services. Medicare Parts A and B are known as
original Medicare or Medicare FFS. Medicare beneficiaries have the
option of obtaining coverage for Medicare Part A and B services from
private health plans that participate in Medicare Advantage--
Medicare's managed care program, also known as Medicare Part C. All
Medicare beneficiaries may purchase coverage for outpatient
prescription drugs under Medicare Part D.
[2] In 1990, GAO began to report on government operations that it
identified as "high risk" for serious weaknesses in areas that involve
substantial resources and provide critical services to the public. See
GAO, High-Risk Series: An Update, [hyperlink,
http://www.gao.gov/products/GAO-09-271] (Washington, D.C.: January
2009). [hyperlink,
http://www.gao.gov/highrisk/risks/insurance/medicare_program.php].
[3] CMS is an agency within the Department of Health and Human
Services (HHS) to which HHS has delegated responsibility for
administering the Medicare program.
[4] "Improper Medicare FFS Payments Report" in HHS's Fiscal Year 2009
Agency Financial Report, November 2009.
[5] HHS's Office of Inspector General has raised concerns that the
improper payment rates for certain provider types may be understated
based on its review of additional medical records and interviews with
beneficiaries and providers.
[6] Pub. L. No. 111-148, 124 Stat. 119.
[7] Pub. L. No. 111-152, 124 Stat. 1029.
[8] Providers enroll in Medicare by meeting a series of requirements.
For example, home health agencies (HHA) must submit an enrollment
application that is screened by a Medicare contractor. If the
application meets CMS standards, the contractor recommends approval to
the state and CMS. The state reviews the HHA to determine if it is
compliant with federal conditions of participation including
requirements related to organization structure, administration,
patient rights, medical supervision, and patient assessment. The HHA
can also be accredited by an approved accrediting organization. The
HHA must also meet the statutory and regulatory requirements in the
state in which it is located.
[9] For the purposes of this statement, we refer to any organization
that is funded by Medicare to administer any part of the Medicare
program as a "contractor."
[10] For more detailed information on the methodologies used in our
work, please consult the reports listed in the "Related GAO Products"
at the end of this testimony.
[11] Vulnerabilities are service specific errors that result in
improper overpayments and underpayments. An example of a vulnerability
that leads to improper payments is providers being allowed to bill for
more than one blood transfusion in a hospital outpatient setting for a
Medicare beneficiary in a day, which Medicare policy does not allow.
[12] See GAO, Medicare: Improvements Needed to Address Improper
payments in Home Health, [hyperlink,
http://www.gao.gov/products/GAO-09-185] (Washington, D.C.: Feb. 27,
2009).
[13] See GAO, Medicare: More Effective Screening and Stronger
Enrollment Standards Needed for Medical Equipment Suppliers,
[hyperlink, http://www.gao.gov/products/GAO-05-656] (Washington, D.C.:
Sept. 22, 2005).
[14] See [hyperlink, http://www.gao.gov/products/GAO-05-656].
[15] See GAO, Medicare: Covert Testing Exposes Weaknesses in the
Durable Medical Equipment Supplier Screening Process, [hyperlink,
http://www.gao.gov/products/GAO-08-955] (Washington, D.C.: July 3,
2008).
[16] See Social Security Act §1834(a)(16)(B). As of October 2009,
DMEPOS suppliers were required to obtain and submit a surety bond in
the amount of at least $50,000. A DMEPOS surety bond is a bond issued
by an entity guaranteeing that a DMEPOS supplier will fulfill its
obligation to the Medicare program. If the obligation is not met,
Medicare will recover its losses via the surety bond. PPAC requires
that the bond be commensurate with the supplier's billing volume. See
PPACA, Pub. L. No. 111-148, §6402(g).
[17] PPACA, Pub. L. No. 111-148, §§6401(a)(2) and 10603(b).
[18] Medicare uses contractors to process and pay claims, including
putting computerized edits into their portion of the claims-processing
system to help ensure proper payment.
[19] For example, we found that Medicare paid over $2 million for
beneficiaries' braces after the program had paid for prosthetics for
the same beneficiaries' legs, feet, or ankles. See GAO, Medicare:
Improvements Needed to Address Improper Payments for Medical Equipment
and Suppliers, [hyperlink, http://www.gao.gov/products/GAO-07-59]
(Washington, D.C.: Jan. 31, 2007).
[20] See [hyperlink, http://www.gao.gov/products/GAO-09-185].
[21] See [hyperlink, http://www.gao.gov/products/GAO-09-185].
[22] The Medicare Prescription Drug, Improvement and Modernization Act
of 2003 directed CMS to conduct a project to demonstrate how effective
the use of recovery audit contractors (RAC) would be in identifying
underpayments and overpayments, and recouping overpayments in the
Medicare program. Subsequently, in December 2006 the Tax Relief and
Health Care Act of 2006 required CMS to implement a national RAC
program by January 1, 2010.
[23] A desk audit includes reviews of requested documents.
[24] An on-site audit includes interviews.
[25] See Medicare Part D: CMS Oversight of Part D Sponsors' Fraud and
Abuse Programs Has Been Limited, but CMS Plans Oversight Expansion.
[hyperlink, http://www.gao.gov/products/GAO-10-481T] (Washington,
D.C.: March 3, 2010).
[26] GAO, Medicare Part D: Some Plan Sponsors Have Not Completely
Implemented Fraud and Abuse Programs, and CMS Oversight Has Been
Limited, [hyperlink, http://www.gao.gov/products/GAO-08-760]
(Washington, D.C.: July 21, 2008).
[27] Policy and Technical Changes to the Medicare Advantage and the
Medicare Prescription Drug Benefit Programs, 75 Fed. Reg. 19,678
(April 15, 2010).
[28] See Policy and Technical Changes to the Medicare Advantage and
the Medicare Prescription Drug Benefit Programs, 74 Fed. Reg. 54,634,
54,643 (proposed Oct. 22, 2009).
[29] GAO, Internal Control: Standards for Internal Control in the
Federal Government, [hyperlink,
http://www.gao.gov/products/GAO/AIMD-00-21.3.1] (Washington, D.C.:
November 1999). Internal control is the component of an organization's
management that provides reasonable assurance that the organization
achieves: effective and efficient operations, reliable financial
reporting, and compliance with applicable laws and regulations.
Internal control standards provide a framework for identifying and
addressing major performance challenges and areas at greatest risk for
mismanagement.
[30] GAO, Internal Control Standards: Internal Control Management and
Evaluation Tool [hyperlink, http://www.gao.gov/products/GAO-01-1008G]
(Washington, D.C.: August 2001).
[31] [hyperlink, http://www.gao.gov/products/GAO-10-143] Medicare
Recovery Audit Contracting: Weaknesses Remain in Addressing
Vulnerabilities to Improper Payments, Although Improvements Made to
Contractor Oversight (Washington, D.C. March 31, 2010).
[End of section]
GAO's Mission:
The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the performance
and accountability of the federal government for the American people.
GAO examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each
weekday, GAO posts newly released reports, testimony, and
correspondence on its Web site. To have GAO e-mail you a list of newly
posted products every afternoon, go to [hyperlink, http://www.gao.gov]
and select "E-mail Updates."
Order by Phone:
The price of each GAO publication reflects GAO‘s actual cost of
production and distribution and depends on the number of pages in the
publication and whether the publication is printed in color or black and
white. Pricing and ordering information is posted on GAO‘s Web site,
[hyperlink, http://www.gao.gov/ordering.htm].
Place orders by calling (202) 512-6000, toll free (866) 801-7077, or
TDD (202) 512-2537.
Orders may be paid for using American Express, Discover Card,
MasterCard, Visa, check, or money order. Call for additional
information.
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: fraudnet@gao.gov:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Congressional Relations:
Ralph Dawn, Managing Director, dawnr@gao.gov:
(202) 512-4400:
U.S. Government Accountability Office:
441 G Street NW, Room 7125:
Washington, D.C. 20548:
Public Affairs:
Chuck Young, Managing Director, youngc1@gao.gov:
(202) 512-4800:
U.S. Government Accountability Office:
441 G Street NW, Room 7149:
Washington, D.C. 20548: