Medicare
Health Care Fraud and Abuse Control Program for Fiscal Years 2000 and 2001 Gao ID: GAO-02-731 June 3, 2002The Medicare program is the nation's largest health insurer with almost 40 million beneficiaries and outlays of over $219 billion annually. Because of the susceptibility of the program to fraud and abuse, Congress enacted the Health Care Fraud and Abuse Control (HCFAC) Program as part of the Health Insurance Portability and Accountability Act (HIPPAA) of 1996. HCFAC, which is administered by the Department of Health and Human Services' (HHS) Office of Inspector General (OIG) and the Department of Justice (DOJ), established a national framework to coordinate federal, state, and local law enforcement efforts to detect, prevent, and prosecute health care fraud and abuse in the public and private sectors. HIPPAA requires HHS and DOJ to issue a joint annual report no later than January 1 of each year to Congress for the proceeding fiscal year. The joint HCFAC reports included deposits of $210 million for fiscal year 2000 and $464 million for fiscal year 2001, pursuant to the act. In testing at DOJ, GAO found errors in the recording of criminal fines deposits to the Federal Hospital Insurance Trust Fund in fiscal year 2001 that resulted in an estimated overstatement to the trust fund of $169,765. GAO found that the planned use of HCFAC appropriations was in keeping with the stated purpose in the act. Although GAO found expenditures from the trust fund were generally appropriate at HHS, at DOJ GAO found $480,000 in interest penalties not related to HCFAC activities that were charged to the HCFAC appropriation. GAO was unable to identify expenditures from the HCFAC trust fund for activities unrelated to Medicare because the HHS/OIG and DOJ do not separately account for or monitor these activities. Likewise, GAO was unable to identify savings specifically attributable to activities funded by the HCFAC program.
RecommendationsOur recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.
Director: Team: Phone:GAO-02-731, Medicare: Health Care Fraud and Abuse Control Program for Fiscal Years 2000 and 2001
This is the accessible text file for GAO report number GAO-02-731
entitled 'Medicare: Health Care Fraud and Abuse Control Program for
Fiscal Years 2000 and 2001' which was released on June 3, 2002.
This text file was formatted by the U.S. General Accounting Office
(GAO) to be accessible to users with visual impairments, as part of a
longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the
printed version. The portable document format (PDF) file is an exact
electronic replica of the printed version. We welcome your feedback.
Please E-mail your comments regarding the contents or accessibility
features of this document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
United States General Accounting Office:
GAO:
Report to Congressional Committees:
June 2002:
Medicare:
Health Care Fraud and Abuse Control Program for Fiscal Years 2000 and
2001:
GAO-02-731:
Contents:
Letter:
Results in Brief:
Background:
Objectives, Scope, and Methodology:
DOJ Made Errors in Reporting Collections; However, the Trust Fund Was
Minimally Affected:
HIPAA Appropriations Were Properly Supported:
DOJ's Controls over Expenditures Need Reinforcement:
HHS and DOJ Do Not Separately Track Non-Medicare Expenditures:
Conclusions:
Recommendations for Executive Action:
Agency Comments and Our Evaluation:
Appendixes:
Appendix I: Objectives, Scope, and Methodology:
Appendix II: Comments from the Department of Health and Human Services:
Appendix III: Comments from the Department of Justice:
Appendix IV: Staff Acknowledgments:
Related GAO Products:
Table:
Table 1: HHS/OIG Funding Sources (Unaudited):
Figures:
Figure 1: Reported Fiscal Years 2000 and 2001 Deposits to the Trust
Fund Pursuant to HIPAA (Unaudited):
Figure 2: Reported Fiscal Year 2000 Allocations (Unaudited):
Figure 3: Reported Fiscal Year 2001 Allocations (Unaudited):
Figure 4: Reported Fiscal Years 2000 and 2001 HCFAC Expenditures at
DOJ (Unaudited):
Figure 5: Reported Fiscal Years 2000 and 2001 HCFAC Expenditures at
HHS (Unaudited):
[End of section]
United States General Accounting Office:
Washington, D.C. 20548:
June 3, 2002:
Congressional Committees:
The Medicare program is the nation's largest health insurer with
almost 40 million beneficiaries and outlays of over $219 billion
annually. Because of the susceptibility of the program to fraud and
abuse, the Congress enacted the Health Care Fraud and Abuse Control
(HCFAC) Program as part of the Health Insurance Portability and
Accountability Act of 1996 (HIPAA), Public Law 104-91. HCFAC, which is
administered by the Department of Health and Human Services' (HHS)
Office of Inspector General (OIG) and the Department of Justice (DOJ),
established a national framework to coordinate federal, state, and
local law enforcement efforts to detect, prevent, and prosecute health
care fraud and abuse in the public and private sectors.
HIPAA requires HHS and DOJ to issue a joint annual report no later
than January 1 of each year to the Congress for the preceding fiscal
year on (1) amounts deposited to the Federal Hospital Insurance Trust
Fund[Footnote 1] pursuant to HIPAA and the source of the amounts and
(2) amounts appropriated from the trust fund for the HCFAC program and
the justification for the expenditure of such amounts. HHS and DOJ
have issued five joint reports, which individually covered HCFAC-
related activities for fiscal years 1997 through 2001.[Footnote 2]
HIPAA, as amended by the Balanced Budget Act of 1997, Public Law 105-
33, also requires that we submit reports no later than January 1,
2002, and 2004, that identify certain collections, appropriations,
expenditures, and savings related to HCFAC and other aspects of the
program as we consider appropriate. Accordingly, the objectives of our
review were to identify and assess the propriety of amounts reported
as (1) deposits to the trust fund, (2) appropriations from the trust
fund for HCFAC activities, (3) expenditures at DOJ for HCFAC
activities, (4) expenditures at HHS for HCFAC activities, (5)
expenditures for non-Medicare anti-fraud and abuse activities, and (6)
savings to the trust fund, as well as other savings, resulting from
expenditures from the trust fund for the HCFAC program.
The HHS and DOJ joint HCFAC report for fiscal year 2001, which was
required to be issued in January 2002 but was not issued until April
2002, contained information needed to perform this review. Therefore,
it was impossible for us to meet our reporting deadline of January 1,
2002, and in all likelihood, we will also not be able to meet our 2004
commitment.[Footnote 3] This report represents the results of our
review of fiscal years 2000 and 2001 HCFAC program activities and
fulfills our 2002 reporting requirement.
Results in Brief:
The joint HCFAC reports included deposits of about $210 million for
fiscal year 2000 and $464 million for fiscal year 2001, pursuant to
HIPAA.[Footnote 4] The sources of these deposits were primarily
penalties and multiple damages, which were about $147 million in
fiscal year 2000 and $455 million in fiscal year 2001, and criminal
fines, which were about $57.2 million in fiscal year 2000 and $2.9
million in fiscal year 2001, resulting from health care fraud audits,
evaluations, investigations, and litigations.[Footnote 5] In testing
at DOJ, we identified some errors in the recording of criminal fines
deposits to the trust fund in fiscal year 2001 that resulted in an
estimated overstatement to the trust fund of $169,765.[Footnote 6]
While this is a relatively insignificant amount in relation to the
total of $464 million in HCFAC collections reported in fiscal year
2001, the programming mistake that gave rise to these errors could
result in more significant misstatements. Our work did not identify
any errors in recording other HCFAC collections made during fiscal
years 2000 and 2001, including fiscal year 2000 criminal fines.
Our review found that the planned use of HCFAC appropriations was in
keeping with the stated purpose in HIPAA. HHS and DOJ allocated
$119.3 million in fiscal year 2000 and $130 million in fiscal year
2001 to the HHS/OIG to continue its Medicare fraud enforcement
activities. DOJ and other HHS components were allocated $38.9 million
in fiscal year 2000 and $51.9 million in fiscal year 2001 to continue
litigation, provide health care fraud training, and fund contractual
services to support combating health care fraud and abuse.
While we found expenditures from the trust fund were generally
appropriate at HHS, at DOJ we identified $480,000 in interest
penalties not related to HCFAC activities that were charged to the
HCFAC appropriation. DOJ officials told us there was an offsetting
error of $482,000 related to HCFAC expenditures that was not charged
to the HCFAC appropriation.
Regardless of whether these errors essentially offset, they are
indicative of a weakness in DOJ's financial processes for recording
HCFAC and other expenditures. Further, DOJ could not provide us with a
detailed list of HCFAC expenditure transactions to support summary
totals in its internal financial report in a timely manner. These
problems could impede DOJ's ability to account for growing HCFAC
expenditures.
We were unable to identify expenditures from the HCFAC trust fund for
activities unrelated to Medicare because the HHS/OIG and DOJ do not
separately account for or monitor these activities. Likewise, we were
unable to identify savings specifically attributable to activities
funded by the HCFAC program. While HIPAA requires that we report
expenditures for non-Medicare activities and savings to the trust fund
resulting from HCFAC expenditures, it does not specifically require
HHS and DOJ to do so, which has had the result of impeding our ability
to perform this analysis. The ability to associate specific HCFAC
activity costs and savings to particular programs could be helpful to
the Congress in making decisions about resource allocation and
evaluating program performance.
Improving oversight and internal controls over HCFAC collection and
expenditure processing at DOJ is necessary to minimize the potential
for improperly recording these activities. In addition, associating
HCFAC expenditures and cost savings by program would be helpful for
decision makers. This report makes recommendations to address these
issues.
In commenting on a draft of this report, DOJ acknowledged weaknesses
that led to the financial reporting errors cited in this report and
described steps it had taken to respond to the recommendations. DOJ
agreed with four of the recommendations directed to it, but took
exception to certain statements regarding the effect of problems found
during our review and problems cited by its financial statement
auditors, which we have considered and address at the end of this
letter. Further, regarding a fifth recommendation which we made to
both HHS and DOJ to assess the feasibility of linking cost savings
associated with efforts financed by HCFAC, the HHS/OIG agreed to
evaluate whether such benefits can reasonably be tied to resources
used. However, DOJ said that such an effort was impractical and would
offer little programmatic benefit. We believe there is merit in
capturing such information to assist the Congress and other decision
makers in evaluating program performance and results. HHS's and DOJ's
comments are reprinted in appendixes II and III, respectively.
Background:
In 1990, we designated the Medicare program, which is administered by
the Centers for Medicare and Medicaid Services (CMS) in HHS, as at
high risk[Footnote 7] for improper payments because of its sheer size
and vast range of participants”including about 40 million
beneficiaries and nearly 1 million physicians, hospitals, and other
providers. The program remains at high risk today. In fiscal year
2001, Medicare outlays totaled over $219 billion, and the HHS/OIG
reported[Footnote 8] that $12.1 billion in fiscal year 2001 Medicare
fee-for-service payments did not comply with Medicare laws and
regulations. The Congress enacted HIPAA, in part, to respond to the
problem of health care fraud and abuse. HIPAA consolidated and
strengthened ongoing efforts to combat fraud and abuse in health
programs and provided new criminal enforcement tools as well as
expanded resources for fighting health care fraud, including $158
million in fiscal year 2000 and $182 million in fiscal year 2001.
Under the joint direction of the Attorney General and the Secretary of
HHS (acting through the HHS/OIG), the HCFAC program goals are as
follows:
* coordinate federal, state, and local law enforcement efforts to
control fraud and abuse associated with health plans;
* conduct investigations, audits, and other studies of delivery and
payment for health care for the United States;
* facilitate the enforcement of the civil, criminal, and
administrative statutes[Footnote 9] applicable to health care;
* provide guidance to the health care industry, including the issuance
of advisory opinions, safe harbor notices, and special fraud alerts;
and;
* establish a national database of adverse actions against health care
providers.
Funds for the HCFAC program are appropriated from the trust fund to an
expenditure account, referred to as the Health Care Fraud and Abuse
Control Account, maintained within the trust fund. The Attorney
General and the Secretary of HHS jointly certify that the funds
transferred to the control account are necessary to finance health
care anti-fraud and abuse activities, subject to limits for each
fiscal year as specified by HIPAA. HIPAA authorizes annual minimum and
maximum amounts earmarked for HHS/OIG activities for the Medicare and
Medicaid programs. For example, of the $182 million available in
fiscal year 2001, a minimum of $120 million and a maximum of $130
million were earmarked for the HHS/OIG. By earmarking funds
specifically for the HHS/OIG, the Congress ensured continued efforts
by the HHS/OIG to detect and prevent fraud and abuse in the Medicare
and Medicaid programs.
CMS performs the accounting for the control account, from which all
HCFAC expenditures are made. CMS sets up allotments in its accounting
system for each of the HHS and DOJ entities receiving HCFAC funds. The
HHS and DOJ entities account for their HCFAC obligations and
expenditures in their respective accounting systems and report them to
CMS monthly. CMS then records the obligations and expenditures against
the appropriate allotments in its accounting system.
At DOJ, payroll constituted 78 percent of its total expenditures in
fiscal year 2000 and 69 percent in fiscal year 2001. Within DOJ, the
Executive Office for the United States Attorneys (EOUSA) receives the
largest allotment of HCFAC funds. In EOUSA, each district is allocated
a predetermined number of full-time equivalent (FTE) positions
[Footnote 10] based on the historical workload of the district.
Specific personnel who ordinarily work on health care activities, such
as the Health Care Fraud Coordinator, are designated within the DOJ
accounting system to have their payroll costs charged to the HCFAC
account. In some districts, one FTE could be shared among several
individuals, each contributing a portion of time to HCFAC assignments.
EOUSA staff track the portion of time devoted to health care activity
and other types of cases and investigations in the Monthly Resource
Summary System on a daily or monthly basis. DOJ monitors summary
information from the Monthly Resource Summary System to determine how
staff members' time is being used.
The HHS/OIG expenditures represented over 96 percent of HHS's total
HCFAC expenditures in fiscal years 2000 and 2001. At HHS/OIG, HCFAC
expenditures are allocated based on relative proportions of the HCFAC
budget authority and the discretionary funding sources. Table 1 below
identifies the relative percentages HHS/OIG used in fiscal years 2000
and 2001.
Table 1: HHS/OIG Funding Sources (Unaudited):
Appropriation: Fiscal year 2000 discretionary appropriation;
Amount: $31,381,000;
Percentage: 21%.
Appropriation: Fiscal year 2000 HCFAC appropriation;
Amount: $119,250,000;
Percentage: 79%.
Appropriation: Fiscal year 2000 total;
Amount: $150,631,000;
Percentage: 100%.
Appropriation: Fiscal year 2001 discretionary appropriation;
Amount: $33,586,000;
Percentage: 21%.
Appropriation: Fiscal year 2001 HCFAC appropriation;
Amount: $130,000,000;
Percentage: 79%.
Appropriation: Fiscal year 2001 total;
Amount: $163,586,000;
Percentage: 100%.
Source: Department of Health and Human Services, Department of Health
and Human Services - Fiscal Year 2002 - Office of Inspector General -
Justification for Appropriations Committees (Washington, D.C.: March
2001). Department of Health and Human Services, Department of Health
and Human Services - Fiscal Year 2003 - Office of Inspector General -
Justification for Appropriations Committees (Washington, D.C.: January
2002).
[End of table]
HHS/OIG uses these percentages to compute the amounts of payroll and
nonpayroll expenditures to be charged to their two funding sources.
HHS/OIG tracks staff time spent on various assignments in separate
management information systems (MIS). The information in the MIS is
summarized and monitored quarterly to adjust the type of work planned
and performed, if necessary, so that the use of the funds is
consistent with the funding sources' intended use.
HIPAA also requires that amounts equal to the following types of
collections be deposited into the trust fund:
* criminal fines recovered in cases involving a federal health care
offense, including collections pursuant to section 1347 of Title 18,
United States Code;
* civil monetary penalties and assessments imposed in health care
fraud cases;
* amounts resulting from the forfeiture of property by reason of a
federal health care offense, including collections under section
982(a)(7) of Title 18, United States Code;
* penalties and damages obtained and otherwise creditable to
miscellaneous receipts of the Treasury's general fund obtained under
the False Claims Act (sections 3729 through 3733 of Title 31, United
States Code), in cases involving claims related to the provision of
health care items and services (other than funds awarded to a relator,
[Footnote 11] for restitution, or otherwise authorized by law); and;
* unconditional gifts and bequests.
Criminal fines resulting from health care fraud cases are collected
through the Clerks of the Administrative Office of the United States
Courts. Criminal fines collections are reported to DOJ's Financial
Litigation Unit associated with their districts. Based on cash receipt
documentation received from the Clerks, the Financial Litigation Units
then post the criminal fines collection to a database. The database
generates at least a biannual report of the amount of criminal fines
collected, which is sent to the Department of the Treasury. Treasury
relies on this report to determine the amount to deposit to the trust
fund. Civil monetary penalties for federal health care offenses are
imposed by CMS regional offices or the HHS/OIG against skilled nursing
facilities or long-term care facilities and doctors. CMS collects
civil monetary penalty amounts and reports them to the Department of
the Treasury for deposit to the trust fund. Penalties and multiple
damages resulting from health care fraud cases are collected by DOJ's
Civil Division in Washington, D.C., and by Financial Litigation Units
in the United States Attorneys' offices located throughout the
country. The Civil Division and United States Attorneys' offices
report collection information to DOJ's Debt Accounting Operations
Group, which reports the amount of penalties and multiple damages to
the Department of the Treasury for deposit to the trust fund. HIPAA
also allows CMS to accept unconditional gifts and bequests made to the
trust fund.
Objectives, Scope, and Methodology:
The objectives of our review were to identify and assess the propriety
of amounts for fiscal years 2000 and 2001 reported as (1) deposits to
the trust fund, (2) appropriations from the trust fund for HCFAC
activities, (3) expenditures at DOJ for HCFAC activities, (4)
expenditures at HHS for HCFAC activities, (5) expenditures for non-
Medicare anti-fraud and abuse activities, and (6) savings to the trust
fund. To identify and assess the propriety of deposits, we reviewed
the joint HCFAC reports, interviewed personnel at various HHS and DOJ
entities, obtained electronic data and reports from HHS and DOJ for
the various types of deposits, and tested selected transactions to
determine whether the proper amounts were deposited to the trust fund.
To identify and assess the propriety of amounts appropriated from the
trust fund, we reviewed the joint HCFAC reports, and reviewed and
analyzed documentation to support the allocation and certification of
the HCFAC appropriation. To identify and assess the propriety of
expenditure amounts at HHS, we interviewed personnel, obtained
electronic data and reports supporting nonpayroll transactions, tested
selected nonpayroll transactions, reviewed payroll allocation
methodologies, and interviewed selected employees to assess the
reasonableness of time and attendance charges to the HCFAC
appropriation account for payroll expenditures. To identify and assess
the propriety of expenditure amounts at DOJ, we interviewed personnel,
obtained electronic data and reports supporting nonpayroll
transactions, tested selected nonpayroll transactions, performed
analytical procedures, and interviewed selected employees to assess
the reasonableness of time and attendance charges to the HCFAC
appropriation account for payroll expenditures.
We were unable to identify and assess the propriety expenditures for
non-Medicare antifraud activities because HHS/OIG and DOJ do not
separately account for or monitor such expenditures. To identify and
assess the propriety of savings to the trust fund, as well as any
other savings, resulting from expenditures from the trust fund for the
HCFAC program, we reviewed the joint reports, interviewed personnel,
reviewed recommendations and the resulting cost savings as reported in
the HHS/OIG's fiscal years 2000 and 2001 semiannual reports,[Footnote
12] and tested selected cost savings. We were unable to directly
associate the reported cost savings to HCFAC because HHS and DOJ
officials do not track them as such due to the nature of health care
anti-fraud and abuse activities.
We interviewed and obtained documentation from officials at the CMS in
Baltimore, Maryland; HHS headquarters”including the Administration on
Aging (AOA), the Assistant Secretary for Budget, Technology and
Finance (ASBTF) which was formerly the Assistant Secretary for
Management and Budget (ASMB), the OIG, and the Office of General
Counsel (OGC)”in Washington, D.C.; HHS's Program Support Center (PSC)
in Rockville, Maryland; and DOJ's Justice Management Division, EOUSA,
Criminal Division, Civil Division, and Civil Rights Division in
Washington, D.C.
We conducted our work in two phases, from April 2001 through June 2001
focusing primarily on fiscal year 2000 HCFAC activity, and from
October 2001 through April 2002 focusing primarily on fiscal year 2001
HCFAC activity, in accordance with generally accepted government
auditing standards. A detailed discussion of our objectives, scope,
and methodology is contained in appendix I of this report. We
requested comments on a draft of this report from the Secretary of HHS
and the Attorney General or their designees. We received written
comments from the Inspector General of HHS and the Acting Assistant
Attorney General for Administration at DOJ. We have reprinted their
responses in appendices II and DI, respectively.
DOJ Made Errors in Reporting Collections; However, the Trust Fund Was
Minimally Affected:
The joint HCFAC reports included deposits of about $210 million in
fiscal year 2000 and $464 million in fiscal year 2001, pursuant to
HIPAA.[Footnote 13] As shown in figure 1, the sources of these
deposits were primarily penalties and multiple damages.[Footnote 14]
Figure 1: Reported Fiscal Years 2000 and 2001 Deposits to the Trust
Fund Pursuant to HIPAA (Unaudited):
[Refer to PDF for image: vertical bar graph]
Penalties and multiple damages:
Fiscal year 2000: $147.3 million;
Fiscal year 2001: $454.6 million.
Criminal fines:
Fiscal year 2000: $57.2 million;
Fiscal year 2001: $2.9 million.
Civil monetary penalties:
Fiscal year 2000: $5.2 million;
Fiscal year 2001: $6.1 million.
Note: HIPAA also required that amounts resulting from the forfeiture
of property in federal health care cases, as well as gifts and
bequests, be deposited into the trust fund. However, there were no
such forfeitures in fiscal years 2000 and 2001. Gifts and bequests
totaled $5,501 for fiscal year 2000, but there were no amounts
reported for fiscal year 2001.
Source: Department of Justice and Department of Health and Human
Services, Annual Report of the Department of Justice and Department of
Health and Human Services, Health Care Fraud and Abuse Control Program
2000 (Washington, D.C.: January 2001); and Annual Report of the
Department of Justice and Department of Health and Human Services,
Health Care Fraud and Abuse Control Program 2001 (Washington, D.C.:
April 2002).
[End of figure]
In testing at DOJ, we identified some errors in the recording of HCFAC
collections that resulted in an estimated overstatement of $169,765 to
the trust fund in fiscal year 2001. These uncorrected errors, which
related to criminal fines deposited to the trust fund, were not
detected by DOJ officials responsible for submitting collection
reports to the Department of the Treasury. Our work did not identify
errors in recording collections in any of the other categories for
fiscal years 2000 and 2001. We did not identify errors related to
fiscal year 2000 criminal fines.
Of the 58 statistically sampled criminal fines transactions, we tested
the collection of 2 fines reported at $8,693 and $50,007 that were
supported by documentation for $6,097 and $25,000, respectively, and
resulted in overstatements to the trust fund totaling over $27,000. We
estimated the most likely overstatement of collections of criminal
fines deposited to the trust fund as a result of transactions
incorrectly recorded was $169,765.[Footnote 15] In both cases, the
errors were not detected by DOJ staff responsible for submitting the
criminal fines report to the Department of the Treasury. DOJ officials
told us that there was a programming mistake in generating the
criminal fines report that resulted in these errors. DOJ officials
also told us that the mistake has been corrected to address the
problem in the future and they plan to research the impact of the
programming oversight to determine what, if any, adjustments or
offsets are needed and will make the necessary corrections next
quarter. While the total estimated overstatement is relatively
insignificant compared to the total amount of $464 million in HCFAC
collections that was reported to the trust fund in fiscal year 2001,
the control weaknesses that gave rise to these errors could result in
more significant misstatements.
HIPAA Appropriations Were Properly Supported:
As reported in the joint HCFAC reports for fiscal years 2000 and 2001,
the Attorney General and the Secretary of HHS certified the entire
$158.2 million and $181.9 million appropriations, respectively, as
necessary to carry out the HCFAC program. Based on our review, the
requests for fiscal years 2000 and 2001 HCFAC appropriations were
properly supported for valid purposes under HIPAA. Figures 2 and 3
present fiscal years 2000 and 2001 allocations for the HCFAC program,
respectively.
Figure 2: Reported Fiscal Year 2000 Allocations (Unaudited):
[Refer to PDF for image: vertical bar graph]
Organization: HHS Office of Inspector General;
Allocation: $119.3 million;
Organization: HHS Office of General Counsel;
Allocation: $1.9 million;
Organization: Other HHS components;
Allocation: $1.9 million;
Organization: DOJ United States Attorney;
Allocation: $23.2 million;
Organization: Civil Division;
Allocation: $10.8 million;
Organization: Other DOJ components;
Allocation: $1.1 million.
Source: Allocation information was obtained from the Department of
Justice and Department of Health and Human Services, Annual Report of
the Department of Justice and Department of Health and Human Services,
Health Care Fraud and Abuse Control Program 2000 (Washington, D.C.:
January 2001) and the Fiscal Year 2000 Health Care Fraud and Abuse
Control (HCFAC) Account Funding Agreement ” Action Memorandum and
subsequent Allotment Advices.
[End of figure]
Figure 3: Reported Fiscal Year 2001 Allocations (Unaudited):
[Refer to PDF for image: vertical bar graph]
Organization: HHS Office of Inspector General;
Allocation: $130.0 million;
Organization: HHS Office of General Counsel;
Allocation: $3.9 million;
Organization: Other HHS components;
Allocation: $4.6 million;
Organization: DOJ United States Attorney;
Allocation: $24.2 million;
Organization: Civil Division;
Allocation: $16.8 million;
Organization: Other DOJ components;
Allocation: $2.4 million.
Source: Allocation information was obtained from the Department of
Justice and Department of Health and Human Services, Annual Report of
the Department of Justice and Department of Health and Human Services,
Health Care Fraud and Abuse Control Program 2001 (Washington, D.C.:
April 2002) and the Fiscal Year 2001 Health Care Fraud and Abuse
Control (HCFAC) Account Funding Agreement ” Action Memorandum and
subsequent Allotment Advices.
[End of figure]
Based on our review, we found that the planned use of HCFAC
appropriations was intended for purposes as stated in REPAA statute.
According to the joint HCFAC reports, HCFAC's increased resources have
enabled HHS/OIG to broaden its efforts both to detect fraud and abuse
and to help deter the severity and frequency of it. The HHS/OIG
reported that HCFAC funding allowed it to open 14 new investigative
offices and increase its staff levels by 61 during fiscal year 2000,
with the result that OIG is closer to its goal of extending its
investigative and audit staff to cover all geographical areas in the
country.
As shown in figures 2 and 3, we also found that DOJ and other HHS
organizations requested and were granted $38.9 million in fiscal year
2000 and $51.9 million in fiscal year 2001. DOJ's funds were used
primarily to continue its efforts to litigate health care fraud cases
and provide health care fraud training courses. In fiscal year 2001,
$4 million of HHS's HCFAC allocation was approved by designees of the
Attorney General and the Secretary of HHS for reallocation to DOJ to
support the federal government's tobacco litigation activities for
fiscal year 2001. In addition, $12 million of fiscal year 2001 HCFAC
funds allocated to DOJ's Civil Division were used to support the
federal government's suit against the major tobacco companies, as
allowed under HIPAA.
In addition, other HHS organizations used their HCFAC allocations for
the following purposes in fiscal years 2000 and 2001:
* The Office of General Counsel used its funds primarily for
litigation activity, both administrative and judicial.
* CMS, the agency with primary responsibility for administering the
Medicare and Medicaid programs, along with the ASMB, used its HCFAC
funds allocated in fiscal year 2000 to fund contractual consultant
services on establishing a formal risk management function within each
organization. CMS used its HCFAC funds allocated in fiscal year 2001
to assist states in developing Medicaid payment accuracy measurements
methodologies and to conduct pilot studies to measure and reduce state
Medicaid payment errors.
* The AOA was allocated funds to develop and disseminate consumer
education information to older Americans and to train staff to
recognize and report fraud, waste, and abuse in the Medicare and
Medicaid programs.
* The ASBTF, formerly the ASMB, used its HCFAC funds for consultant
services that will help ensure that the new HHS integrated financial
management system, of which the CMS Healthcare Integrated General
Ledger Accounting System will be a major component, is being developed
to meet the department's financial management goals, which include
helping to prevent waste and abuse in REIS health care programs.
DOJ's Controls over Expenditures Need Reinforcement:
At DOJ, we identified problems indicating that oversight of HCFAC
expenditure transaction processing needs to be reemphasized. These
problems include charging non-HCFAC transactions to the HCFAC
appropriation and the inability to provide us with a detailed list of
HCFAC expenditure transactions to support summary totals on their
internal financial report in a timely manner. These problems could
impede DOJ's ability to adequately account for growing HCFAC
expenditures, which totaled over $23.7 million for fiscal year 2000
and $26.6 million for fiscal year 2001, as shown in figure 4.
Figure 4: Reported Fiscal Years 2000 and 2001 HCFAC Expenditures at
DOJ (Unaudited):
[Refer to PDF for image: stacked vertical bar graph]
DOJ fiscal year 2000:
Payroll: $18.6 million;
Nonpayroll: $5.1 million.
DOJ fiscal year 2001:
Payroll: $18.4 million;
Nonpayroll: $8.2 million.
Source: DOJ's Expenditure and Allotment Report for fiscal years 2000
and 2001.
[End of figure]
We found that over $480,000 in interest penalties not related to HCFAC
activities were miscoded and inadvertently charged to the HCFAC
appropriation. The DOJ officials responsible for recording this
transaction told us there was an offsetting error of $482,000 in HCFAC-
related expenditures that were not recorded to the HCFAC account.
Regardless of whether these errors essentially offset, they are
indicative of a weakness in DOJ's financial processes for recording
HCFAC and other expenditures.
DOJ was also unable to provide a complete and timely reconciliation of
detailed transactions to summary expenditure amounts reported in its
internal reports. DOJ made several attempts beginning in January 2002
to provide us with an electronic file that reconciled to its internal
expenditure report. As of mid-May 2002, we have not received a
reconciled file for fiscal year 2001 HCFAC expenditures. We did,
however, receive a reconciled file for fiscal year 2000 HCFAC
expenditures on April 23, 2002. To their credit, DOJ officials
responsible for maintaining DOJ financial systems identified problems
associated with earlier attempts to provide this essential information
to support its internal reports. While we were ultimately able to
obtain this information for fiscal year 2000, we did not receive it in
sufficient time to apply statistical sampling techniques for selecting
expenditure transactions for review as we had done at HHS. While we
used other procedures to compensate for not obtaining this detailed
data file in a timely manner, we cannot project the results of our
procedures to the population of DOJ expenditures. Both Office of
Management and Budget Circular (OMB) A-127, Financial Management
Systems,[Footnote 16] and the Comptroller General's Standards for
Internal Control in the Federal Government[Footnote 17] require that
all transactions be clearly documented and that documentation be
readily available for examination.
DOJ's financial statement auditor noted several problems related to
the Department's internal controls over financial reporting, such as
(1) untimely recording of financial transactions, (2) weak general and
application controls over financial management systems, and
(3) inadequate financial statement preparation controls.[Footnote 18]
The financial statement audit report specifically discusses problems
related to untimely recording of financial transactions and inadequate
financial statement preparation controls at offices, boards, and
divisions that process HCFAC transactions. The financial statement
auditor recommended that DOJ monitor compliance with its policies and
procedures. Further, the auditor recommended that DOJ consider
centralizing information systems that capture redundant financial
data, or consider standardizing the accumulation and recording of
financial transactions in accordance with the department's
requirements.
HHS Expenditures Were Generally Appropriate:
Overall, we generally found adequate documentation to support $114.9
million in fiscal year 2000 and $129.8 million in fiscal year 2001
HCFAC expenditures shown in figure 5. However, we found that a
purchase for an HHS/OIG employee award in fiscal year 2001 was
questionable because it did not have adequate documentation to support
that it was a valid HCFAC expenditure. We also found that HHS's
policies and procedures for employee awards did not include specific
guidance on documenting the purchase of such nonmonetary awards. As
stated before, the Comptroller General's Standards for Internal
Control in the Federal Government calls for appropriate control
activities to ensure that transactions and internal control policies
and procedures are clearly documented. HHS/OIG has since provided us
with documentation to support the award as a valid HCFAC transaction
and told us that it is revising its current policies and procedures to
include nonmonetary employee awards.
Figure 5: Reported Fiscal Years 2000 and 2001 HCFAC Expenditures at
HHS (Unaudited):
[Refer to PDF for image: stacked vertical bar graph]
HHS fiscal year 2000:
Payroll: $81.2 million;
Nonpayroll: $33.6 million.
HHS fiscal year 2001:
Payroll: $94.4 million;
Nonpayroll: $35.4 million.
Source: HHS's Major/Minor Object Class Report by Appropriation ” 301 C
Report.
[End of figure]
HHS and DOJ Do Not Separately Track Non-Medicare Expenditures:
We were not able to identify HCFAC program trust fund expenditures
that were unrelated to Medicare because the HHS/OIG and DOJ do not
separately account for or monitor such expenditures. Even though HIPAA
requires us to report on expenditures related to non-Medicare
activities, it does not specifically require HHS or DOJ to separately
track Medicare and non-Medicare expenditures. However, HIPAA does
restrict the HHS/OIG's use of HCFAC funds to Medicare and Medicaid
programs. According to HHS/OIG officials, they use HCFAC funds only
for audits, evaluations, or investigations related to Medicare and
Medicaid. The officials also stated that while some activities may be
limited to either Medicare or Medicaid, most activities are generally
related to both programs. Because HIPAA does not preclude the HHS/OIG
from using HCFAC funds for Medicaid efforts, HHS/OIG officials have
stated they do not believe it is necessary or beneficial to account
for such expenditures separately.
Similarly, DOJ officials told us that it is not practical or
beneficial to account separately for non-Medicare expenditures because
of the nature of health care fraud cases. HIPAA permits DOJ to use
HCFAC funds for health care fraud activities involving other health
programs. According to DOJ officials, health care fraud cases usually
involve several health care programs, including Medicare and health
care programs administered by other federal agencies, such as the
Department of Veterans Affairs, the Department of Defense, and the
Office of Personnel Management. Consequently, it is difficult to
allocate personnel costs and other litigation expenses to specific
parties in health care fraud cases. Also, according to DOJ officials,
even if Medicare is not a party in a health care fraud case, the case
may provide valuable experience in health care fraud matters, allowing
auditors, investigators, and attorneys to become more effective in
their efforts to combat Medicare fraud. Since there is no requirement
to do so, HHS and DOJ continue to assert that they do not plan to
identify these expenditures in the future. Nonetheless, attributing
HCFAC activity costs to particular programs would be helpful
information for the Congress and other decision makers to use in
determining how to allocate federal resources, authorize and modify
programs, and evaluate program performance. The Congress also saw
value in having this information when it tasked us with reporting
expenditures for HCFAC activities not related to Medicare. We believe
that there is intrinsic value in having this information. For example,
HCFAC managers face decisions involving alternative actions, such as
whether to pursue certain cases. Making these decisions should include
a cost awareness along with other available information to assess the
case potential. Further, having more refined data on HCFAC
expenditures is an essential element to developing effective
performance measures to assess the program's effectiveness.
Savings to the Trust Fund Cannot Be Identified:
In the joint HCFAC reports, HHS/OIG reported approximately $14.1
billion of cost savings during fiscal year 2000 and over $16 billion
of cost savings during fiscal year 2001 from implementation of its
recommendations and other initiatives. We were unable to directly
associate these savings to HCFAC and other program expenditures from
the trust fund, as required by HIPAA, because HHS and DOJ officials do
not track them as such due to the nature of health care anti-fraud and
abuse activities. HIPAA does not specifically require HHS and DOJ to
attribute savings to HCFAC expenditures. Of the reported cost savings,
$2.1 billion in fiscal year 2000 and $3.1 billion in fiscal year 2001
were reported as related to the Medicaid program, which is funded
through the general fund of the Treasury, not the Medicare trust fund.
Our analysis indicated that the vast majority of HHS/OIG work related
to the reported cost savings of $14 billion and $16 billion was
performed prior to the passage of HCFAC. Based on our review, we found
that amounts reported as cost savings were adequately supported.
Cost savings represent funds or resources that will be used more
efficiently as a result of documented measures taken by the Congress
or management in response to HHS/OIG audits, investigations, and
inspections. These savings are often changes in program design or
control procedures implemented to minimize improper use of program
funds. Cost savings are annualized amounts that are determined based
on Congressional Budget Office estimates over a 5-year period.
HHS and DOJ officials have stated that audits, evaluations, and
investigations can take several years to complete. Once they have been
completed, it can take several more years before recommendations or
initiatives are implemented. Likewise, it is not uncommon for
litigation activities to span many years before a settlement is
reached.
According to DOJ and HHS officials, any savings resulting from health
care anti-fraud and abuse activities funded by the HCFAC program in
fiscal years 2000 and 2001 will likely not be realized until
subsequent years. Because the HCFAC program has been in existence for
over 4 years, information may now be available for agencies to
determine the cost savings associated with expenditures from the trust
fund pursuant to HIPAA. Associating specific cost savings with related
HCFAC expenditures is an important step in helping the Congress and
other decision makers evaluate the effectiveness of the HCFAC program.
Our review of fiscal years 2000 and 2001 HCFAC activities found that
appropriations, HHS expenditures, and reported cost savings were
adequately supported, but we did identify some errors in the recording
of collections and expenditures at DOJ. These errors indicate the need
to strengthen controls over DOJ's processing of HCFAC collections and
expenditures to ensure that (1) moneys collected from fraudulent acts
against the Medicare program are accurately recorded and (2)
expenditures for health care antifraud activities are justified and
accurately recorded. Effective internal control procedures and
management oversight are critical to supporting management's fiduciary
role and its ability to manage the HCFAC program responsibly. Further,
separately tracking Medicare and non-Medicare expenditures and cost
savings and associating them by program could provide valuable
information to assist the Congress, management, and others in making
difficult programmatic choices.
Recommendations for Executive Action:
To improve DOJ's accountability for the HCFAC program collections, we
recommend that the Attorney General:
* fully implement plans to make all necessary correcting adjustments
for collections transferred to the trust fund in error and;
* ensure that subsequent collection reports submitted to the
Department of the Treasury are accurate.
To improve DOJ's accountability for HCFAC program expenditures, we
recommend that the Attorney General:
* make correcting adjustments for expenditures improperly charged to
the HCFAC appropriation and;
* reinforce financial management policies and procedures to minimize
errors in recording HCFAC transactions.
To facilitate providing the Congress and other decision makers with
relevant information on program performance and results, we recommend
that the Attorney General and the Secretary of HHS assess the
feasibility of tracking cost savings and expenditures attributable to
HCFAC activities by the various federal programs affected.
Agency Comments and Our Evaluation:
A draft of this report was provided to HHS and DOJ for their review
and comment. In written comments, HHS concurred with our
recommendation to assess the feasibility of tracking cost savings and
expenditures attributable to HCFAC activities by the various federal
programs affected.
In its written comments, DOJ agreed with all but one of our
recommendations, and expressed concern with some of our findings. The
following discussion provides highlights of the agencies' comments and
our evaluation. Letters from HHS and DOJ are reprinted in appendixes
II and III.
DOJ acknowledged the two errors we found in fiscal year 2001 criminal
fine amounts and attributed them to a programming problem. As we
discussed in the report, DOJ indicated it had already taken action to
address our recommendations by correcting the programming error to
address future amounts reported for criminal fines. DOJ also stated
that an effort is currently under way to research the impact of the
programming error and plans to determine what, if any, adjustments or
offsets are needed to correct amounts previously reported to the
Department of the Treasury. DOJ indicated that it had already
discovered and fixed the programming error prior to our review.
However, as we reported, DOJ was not aware of the errors we
identified, nor did it call our attention to the possibility of errors
occurring due to this programming problem. In addition, DOJ
acknowledged in its comments that errors have occurred in the
recording of valid HCFAC expenditure transactions and stated that
corrections have been made to address our related recommendation.
Additionally, DOJ incorrectly interpreted our statement that the
problems identified in our review could impede its ability to account
for growing HCFAC expenditures. In its comments, DOJ construed this to
mean that we concluded that program managers lack timely access to
financial reports or supporting transactions. That was not our intent
nor the focus of our review. As stated in our report, the problems we
encountered indicate that additional emphasis should be placed on
DOJ's financial management policies and procedures to minimize errors
in recording HCFAC transactions. DOJ did state that it will continue
its standing practice of continually educating its staff and
reinforcing its financial management policies and procedures to
minimize errors in recording HCFAC and all other transactions within
DOJ. However, based on our findings, this standing practice needs
modification in order to bolster its effectiveness. DOJ also stated
that our reference to the findings for departmental systems as cited
in the Audit Report: U.S. Department of Justice Annual Financial
Statement Fiscal Year 2001, Report No. 02-06, was inapplicable. To
address DOJ's concerns, we clarified the report to cite problems that
its financial statement auditors found at entities within DOJ that
process HCFAC transactions.
Finally, regarding our recommendation to both HHS and DOJ to assess
the feasibility of tracking cost savings and expenditures attributable
to HCFAC activities by the various federal programs affected, HHS/OIG
stated in its written comments that it had previously considered
alternatives that would allow it to track and attribute cost savings
and expenditures but had identified obstacles to doing so. At the same
time, HHS/OIG agreed with our recommendation to perform an assessment
of tracking cost savings and expenditures by program, which is
critical to developing effective performance measures. However, DOJ
stated that it is neither practical nor beneficial to track cost
savings or non-Medicare expenditures associated with HCFAC enforcement
activities. Without capturing such information, the Congress and other
decision makers do not have the ability to fully assess the
effectiveness of the HCFAC program. Therefore, we continue to believe
that, at a minimum, DOJ should study this further, as HHS has agreed
to do.
We are sending copies of this report to the Secretary of HHS, the
Attorney General, and other interested parties. Copies will be made
available to others on request. In addition, the report will be
available at no charge on the GAO Web site at [hyperlink,
http://www.gao.gov]. If you or your staffs have any questions, please
contact me at (202) 512-9508 or by e-mail at calboml@gao.gov or Kay L.
Daly, Assistant Director, at (202) 512-9312 or by e-mail at
dalykl@gao.gov. Key contributors to this assignment are listed in
appendix IV.
Signed by:
Linda M. Calbom:
Director, Financial Management and Assurance:
List of Committees:
The Honorable Max Baucus:
Chairman:
The Honorable Charles E. Grassley:
Ranking Minority Member:
Committee on Finance:
United States Senate:
The Honorable Edward M. Kennedy:
Chairman:
The Honorable Judd Gregg:
Ranking Minority Member:
Committee on Health, Education, Labor, and Pensions:
United States Senate:
The Honorable Patrick J. Leahy:
Chairman:
The Honorable Orrin G. Hatch:
Ranking Minority Member:
Committee on the Judiciary:
United States Senate:
The Honorable W J. Tauzin:
Chairman:
The Honorable John D. Dingell:
Ranking Minority Member:
Committee on Energy and Commerce:
House of Representatives:
The Honorable F. James Sensenbrenner, Jr.
Chairman:
The Honorable John Conyers, Jr.
Ranking Minority Member:
Committee on the Judiciary:
House of Representatives:
The Honorable William M. Thomas:
Chairman:
The Honorable Charles B. Rangel:
Ranking Minority Member:
Committee on Ways and Means:
House of Representatives:
[End of section]
Appendix I: Objectives, Scope, and Methodology:
To accomplish the first objective, identifying and assessing the
propriety of amounts reported for deposits in fiscal years 2000 and
2001 as (1) penalties and multiple damages, (2) criminal fines, (3)
civil monetary penalties, and (4) gifts and bequests, we did the
following:
* Reviewed the joint HHS and DOJ HCFAC reports for fiscal years 2000
and 2001 to identify amounts deposited to the trust fund.
* Interviewed personnel at various HHS and DOJ entities to update our
understanding of procedures related to collections/deposits.
* Obtained access to databases and reports from HHS and DOJ for the
various collections/deposits as of September 30, 2000, and September
30, 2001.
* Tested selected transactions to determine whether the proper amounts
were deposited to the trust fund. We obtained and recomputed
supporting documentation from various sources depending on the type of
collection/deposit. We traced amounts reported on the supporting
documentation to reports and other records to confirm that proper
amounts were appropriately reported. To perform these tests, we did
the following:
- Drew dollar unit samples of 60 items from a population of 626
penalties and multiple damages (PMD), totaling $454,615,907, from an
electronic database for CMS PMDs and from the FMIS Dept. Management
Transfer of Funds from the U.S. Department of Justice Via OPAC Report
[Footnote 19] for DOJ PMDs for fiscal year 2001, and 60 items from a
population of 479 penalties and multiple damages, totaling
$147,268,092, from an electronic database for CMS PMDs and from the
FMIS Dept. Management Detail Report[Footnote 20] for DOJ PMDs for
fiscal year 2000.
- Drew dollar unit samples of 58 items from a population of 179
criminal fines, totaling $2,894,234, from the Criminal Fines Report
for fiscal year 2001, and 58 items from a population of 178 criminal
fines totaling $57,209,390 from the Criminal Fines Report for fiscal
year 2000.
- Drew dollar unit samples of 29 items from a population of 2,381
civil monetary penalties, totaling $6,060,481, from an electronic
database for fiscal year 2001, and 57 items from a population of 1,221
civil monetary penalties, totaling $5,220,177, from an electronic
database for fiscal year 2000.
- Reviewed the entire population of four gifts and bequests, totaling
$5,501, for fiscal year 2001. We obtained and analyzed supporting
documentation including the letters and checks retained at CMS. There
were no gifts and bequests reported for fiscal year 2000, therefore
none were tested.
To accomplish our second objective, identifying and assessing the
propriety of amounts reported in fiscal years 2000 and 2001 as
appropriations from the trust fund for HCFAC activities, we did the
following:
* Obtained the funding decision memorandum and reallocation documents
to verify the HCFAC funds certified by HHS and DOJ officials.
* Analyzed the reasons for requesting HCFAC funds to determine that
amounts appropriated from the trust fund met the purposes stated in
HIPAA to, among other things, coordinate federal, state, and local law
enforcement efforts; conduct investigations, audits, and studies
related to health care; and provide guidance to the health care
industry regarding fraudulent practices.
* Compared allocations amount reported in the joint HCFAC reports to
the approved funding decision memorandum and reallocation documents to
verify the accuracy of amounts reported.
To accomplish our third objective, identifying and assessing the
propriety of amounts for HCFAC expenditures at DOJ for fiscal years
2000 and 2001, we obtained DOJ's internal financial report, the
Expenditure and Allotment Report, EA101, which detailed total
expenditure data for each component by subobject class for fiscal year
2000 and fiscal year 2001. To test our population, we further
requested that DOJ provide us with a complete detailed population of
transactions to support the summary totals on the internal financial
report. Because the data were not provided to us on time, nor were
they fully reconciled, we could not statistically select a sample and
project the results to the population as a whole. We modified our
methodology and nonstatistically selected 19 transactions, totaling
$2,695,211 in fiscal year 2000, and 38 transactions, totaling
$1,362,579 in fiscal year 2001, from DOJ focusing on large dollar
amounts, unusual items, and other transactions, which would enhance
our understanding of the expenditure process. To determine whether
these transactions were properly classified as HCFAC transactions, we
interviewed DOJ officials to obtain an understanding of the source and
processing of transactions and reviewed, analyzed, and recomputed
supporting documentation, such as purchase orders, invoices, and
receipts, to determine the propriety of the expenditures.
We performed analytical procedures and tested DOJ payroll on the
largest component, EOUSA offices. To assess the reasonableness of
payroll expenses, we performed a high-level analytical review. To
enhance our understanding of how personnel record their work activity
in the Monthly Resource Summary System, we nonstatistically selected
20 individuals from 10 districts for fiscal years 2000 and 2001. We
interviewed these individuals on their method for charging time to the
HCFAC program for fiscal year 2000 and 2001 and to verify whether time
charged to the Monthly Resource Summary System was accurate. In the
interview, employees were asked whether the time that was recorded in
the system was accurate and how and where they received guidance on
charging of time.
To accomplish our fourth objective, identifying and assessing the
propriety of amounts for HCFAC expenditures at HHS for fiscal years
2000 and 2001, we:
* obtained internal reports generated from the agency's accounting
system to identify HCFAC expenditure amounts,
* obtained detailed records to support HHS payroll and nonpayroll
expenditures, and,
* tested selected payroll and nonpayroll transactions to determine
whether they were accurately reported.
To evaluate payroll charges to the HCFAC appropriation by HHS/OIG
employees during fiscal years 2000 and 2001, we performed analytical
procedures. We analyzed the methodology used by the HHS/OIG to verify
that expenditures were within the predetermined allocation percentages
for HCFAC and non-HCFAC expenditures.
We also reviewed 10 HHS/OIG employee time charges for fiscal years
2000 and 2001. The selected employees were interviewed regarding their
time charges for fiscal years 2000 and 2001. In the interview,
employees were asked to verify the time that was recorded by the
department's management information systems or timecards. We also
inquired as to how and where employees received guidance on charging
their time and whether they understood the various funding sources
used to support OIG activities. We verified that the pay rate listed
on the employees Standard Form 50 Notification of Personnel Action was
the same as the amount charged to the Department of Health and Human
Services Regional Core Accounting System Data Flowback Name List
(CORE - Central Accounting System). We verified that the summary hours
as recorded in the U.S. Department of Health & Human Services Employee
Data Report (TAIMS -Time and Attendance application) traced to the
management information system or time and attendance records. We
interviewed the employees to verify that the time charged to the
management information system or time and attendance records were
accurate.
We drew dollar unit samples of 44 items from a population of 36,380
nonpayroll expenditures, totaling $34,156,369, from HHS's internal
accounting records for fiscal year 2001, and 39 items from a
population of 27,884 nonpayroll expenditures, totaling $32,914,328,
for fiscal year 2000. To assess the propriety of these transactions,
we obtained supporting documentation such as invoices, purchase
orders, and receipts. We recomputed the documentation as appropriate
to the transaction.
We were unable to accomplish our fifth objective, to identify and
assess the propriety of amounts reported as fiscal years 2000 and 2001
expenditures for non-Medicare anti-fraud and abuse activities, because
HHS/OIG and DOJ do not separately account for or monitor such
expenditures. Even though HIPAA requires that we report on
expenditures related to non-Medicare activities, it does not
specifically require HHS or DOJ to separately track Medicare and non-
Medicare expenditures.
To accomplish our sixth objective, to identify and assess the
propriety of amounts reported as savings to the trust fund, we:
* obtained the fiscal years 2000 and 2001 HHS/OIG semiannual reports
to identify cost savings as reported in the joint reports and;
* tested selected cost saving transactions to determine whether the
amounts were substantiated.
We were unable to attribute the reported cost savings to HCFAC
expenditures as well as identify any other savings from the trust fund
because, according to DOJ and HHS officials, any savings resulting
from health care anti-fraud and abuse activities funded by the HCFAC
program in fiscal years 2000 and 2001 will likely not be realized
until subsequent years.
We interviewed and obtained documentation from officials at CMS in
Baltimore, Maryland; HHS headquarters-AOA, ASBTF, OIG and the OGC-in
Washington, D.C.; HHS's Program Support Center in Rockville, Maryland;
and DOJ's Justice Management Division, EOUSA, Criminal Division, Civil
Division, and Civil Rights Division in Washington, D.C.
We conducted our work in two phases, from April 2001 through June 2001
focusing primarily on fiscal year 2000 HCFAC activity, and from
October 2001 through April 2002 focusing primarily on fiscal year 2001
HCFAC activity, in accordance with generally accepted government
auditing standards. We requested comments on a draft of this report
from the Secretary of HHS and the Attorney General. We received
written comments from the Inspector General of HHS and the Acting
Assistant Attorney General for Administration at DOJ. We have
reprinted their responses in appendixes II and DI, respectively.
[End of section]
Appendix II: Comments from the Department of Health and Human Services:
Department Of Health & Human Services:
Office of Inspector General:
Washington, D.C. 20201:
May 21, 2002:
Ms. Linda M. Calbom:
Director, Financial Management and Assurance:
United States General Accounting Office:
Washington, D.C. 20548:
Dear Ms. Calbom:
Enclosed are the Department's comments on your draft report,
"Medicare: Health Care Fraud and Abuse Control Program for Fiscal
Years 2000 and 2001." The comments represent the tentative position of
the Department and are subject to reevaluation when the final version
of this report is received.
The Department also provided technical comments directly to your staff.
The Department appreciates the opportunity to comment on this draft
report before its publication.
Sincerely,
Signed by:
Janet Rehnquist:
Inspector General:
Enclosure:
[Note: The Office of Inspector General (OIG) is transmitting the
Departments response to this draft report in our capacity as the
Departments designated focal point and coordinator for General
Accounting Office reports. The OIG has not conducted an independent
assessment of these comments and therefore expresses no opinion on
them.]
Comments Of The Department Of Health And Human Services On The General
Accounting Office's Draft Report: "Medicare: Health Care Fraud And
Abuse Control Program For Fiscal Years 2000 And 2001"
The Department of Health and Human Services (Department) has reviewed
the Draft Report of the General Accounting Office (GAO) of their
biennial audit of collections, expenditures and savings under the
Health Care Fraud and Abuse Control Program (HCFAC) as mandated by the
Health Insurance Portability and Accountability Act of 1996 (HIPAA).
We appreciate the opportunity to comment, and hope you find the
following observations useful.
General Comments:
Preventing, detecting and eliminating health care fraud and abuse is
of critical importance to the Department. Our ability to do so was
considerably strengthened by the authorities and financial
resources brought about by the HCFAC program. We believe that it is
imperative that our stewardship of these funds earmarked for anti-
fraud efforts be above question. Therefore, we welcome the periodic
oversight by GAO, and appreciate both the assurances and the
suggestions offered. We note that the HIPAA statute stipulates that
the HHS Secretary's responsibilities for establishing the HCFAC
Program are to be exercised "through the [HHS] Office of Inspector
General." Accordingly, the Office of Inspector General (HHS/OIG) has
coordinated these comments, and is submitting them on behalf of the
Department.
GAO Recommendation and Department Comments:
The Draft Report concludes that "appropriations, HHS expenditures, and
reported cost savings were adequately supported." However, the report
does recommend that "the Attorney General and the Secretary of HHS
assess the feasibility of tracking cost savings and expenditures
attributable to HCFAC activities by the various federal programs
affected." The HHS/OIG concurs in this recommendation.
During the 5 years that the HCFAC program has been in operation, the
HHS/OIG has considered alternatives for whether and how we might
separately track Medicare, Medicaid and other non-Medicare
expenditures by program. Similarly, we have considered whether our
cost savings recommendations might be attributed to particular HCFAC
program expenditures. Unfortunately, our analysis has identified
formidable obstacles to both of these endeavors.
The fundamental purpose of the HCFAC Program is to enhance the
efficiency and effectiveness of Federal anti-fraud efforts by
consolidating and coordinating enforcement efforts across government.
Accordingly, enforcement efforts routinely involve fraud against more
than one Federal health care program. The investigations are worked by
a combination of investigators, auditors and prosecutors from a host
of Federal, state and local agencies, some of whom are funded by
HIPAA, and some who are not. These agents and prosecutors all work
jointly on the entire case; they do not divide responsibilities
according to underlying programs that are or may have been defrauded.
Thus, overall case results are the outcome of collaboration, only a
portion of which is HIPAA-funded.
Similarly, implemented cost savings recommendations are invariably the
result of the coordinated efforts of many offices and agencies, often
spanning many years. Such a legislative change will likely be based,
in part, on HHS/OIG evaluations and audits which were funded under
HIPAA. However, coupled with these HIPAA-funded efforts is equally
intensive work by program staff, ITHS legislative staff and the
Congress ” even reviews by GAO.
We have not been able to devise a reasonable way to attribute, dollar-
for-dollar, program savings as a result of a legislative change to any
particular HCFAC expenditure. Similarly, we have not identified a
reasonable method to apportion case expenditures among the many
programs that arc affected by an enforcement effort. Nonetheless, the
HHS/OIG will re-examine the possibility of tracking cost savings and
expenditures by program.
Conclusion:
As suggested by GAO, the HHS/OIG will undertake an assessment as to
whether program expenditures may be tied directly and reliably to
recoveries or cost savings. In fact, in the days since the Exit
Conference, this assessment has already begun. The HCFAC Program has
proved remarkably effective in detecting and preventing health care
fraud and abuse; we look forward to working with the GAO to ensure
that Program funds continue to be properly expended and reported.
[End of section]
Appendix III: Comments from the Department of Justice:
U.S. Department of Justice:
Washington, D.C. 20530:
Ms. Linda M. Calbom:
Director:
Financial Management and Assurance:
United States General Accounting Office:
441 G Street, NW:
Washington, DC 20548:
Dear Ms. Calbom:
The Department of Justice (DOJ) has received the General Accounting
Office (GAO) draft audit report entitled MEDICARE: Health Care Fraud
and Abuse Control Program for Fiscal Years 2000 and 2001 (GAO-02-731),
and submits the following comments in response to the findings and
recommendations.
Program Collections:
DOJ acknowledges that the Draft Report did not identify any errors in
reporting of Health Care Fraud and Abuse Control (HCFAC) collections
made in FYs 2000 and 2001, as well as FY 2000 criminal fines. DOJ also
acknowledges the two errors in data entry of sampled fines reported to
the Department of the Treasury (Treasury) in FY 2001. DOJ agrees that
the estimated impact of the mistakes are insignificant in light of the
total amount of HCFAC collections.
The report correctly represents our discussions where we advised you
that there had been a computer programming oversight, which resulted
in these errors, and that those had already been corrected to address
any recurrence of this computer programming problem in the future. DOJ
had already discovered and corrected the programming oversight some
months prior to your FY 2001 audit. Moreover, an effort is currently
underway to research the impact of the computer programming oversight
on past GAO audited reports to determine what, if any, adjustments or
offsets are needed to correct amounts reported to Treasury in past
years. To the extent that corrections are necessary, the amount
reported to Treasury in the next quarter should reflect any
adjustments.
The steps DOJ has already taken fully respond to and implement the
recommendations set forth in the report.
Program Expenditures:
DOJ acknowledges that out of the $78,000,000 allocated within DOJ over
FYs 2000 and 2001 in HCFAC funds, one coding error resulted in
$480,000 of inappropriate charges to the HCFAC, and that it was offset
by a second coding error. Those expenditures have already been
corrected within DOJ's financial system, and the report's
recommendation on this issue has already been implemented. DOJ agrees
that the Draft Report contains no findings that this was anything
other than an isolated coding error.
DOJ acknowledges there was miscommunication during the course of this
review over the nature of the expenditure reports required and the
timing of when those reports would be produced. However, this
situation was a clear aberration in the historically smooth and
cooperative relationship that has existed between DOJ and GAO.
DOJ differs with GAO's conclusion on p. 19 [now on p. 18] that the
file exchange issue is indicative of a problem that could impede DOJ's
ability to account for HCFAC expenditures. There is no evidence or
finding in the Draft Report which indicates that DOJ program managers
do not have timely access to financial reports or supporting
transactions. Whatever the difficulties were in this review, it is
essential that a problem encountered with providing raw transaction
data files to an external entity be distinguished from providing
program managers with timely analytical reports. Notwithstanding the
file sharing problems, which were limited in nature and not indicative
of program management reporting functionality, the report does not
cite any systemic management or accounting issues that support the
broad conclusion cited in the report.
We note that the findings of the Audit of the Department of Justice's
Fiscal Year 2001 Financial Statements, Report No. 02-06, are
inapplicable, and we recommend that reference to R. No. 02-06 found on
p. 21 [now on p. 19] be omitted from the final report. The Draft
Report used findings for departmental systems that do not cover the
HCFAC appropriation. The Draft Report cited DOJ Consolidated audit
report findings pertaining to "(1) untimely recording of financial
transactions (2) weak general and application controls over financial
management systems, and (3) inadequate financial statement preparation
controls." While some portions of the first finding pertain to the
entities involved with HCFAC, the financial system which supports
HCFAC accounting was not one of the DOJ systems cited by the DOS
auditors as having a weak general system or application controls. That
finding pertained to other DOJ systems supporting other DOJ programs.
Similarly, the statement preparation weaknesses cited in the DOJ audit
report were not related to the financial statement entity that covered
the HCFAC related appropriations; they were based on weaknesses in
other reporting entities. More careful scrutiny of the second and
third findings contained in R. No. 02-06 will show that the components
cited in the findings of that report are not involved in the HCFAC
report.
DOJ does acknowledge the findings of R. No. 02-06, and will continue
its standing practice to continually educate staff and reinforce our
financial management policies and procedures to minimize errors in
recording HCFAC and all other financial transactions within DOJ.
Feasibility Tracking Cost Savings and Non-Medicare Expenditures:
The report correctly states that DOJ does not track cost savings to
the Medicare program or non-Medicare expenditures as a result of its
overall health care fraud enforcement efforts. The issue of tracking
cost savings associated with the enforcement efforts has been debated
as a part of the overall government-wide effort to incorporate
performance measures into budget and management. Tracking of
prosecutorial or investigative expenses based on Medicare cases versus
non-Medicare cases is impractical. In health care fraud cases, the
government seeks to identify all potential victims of health care
fraud, whether they be Medicare, non-Medicare, federal, or private
parties. There is presently no operational nor programmatic benefit in
tracking expenditures between Medicare and many potential non-Medicare
victims, nor would it be practical to do so. In short, whether the
underlying victims are Medicare or non-Medicare is immaterial to DOJ's
resources devoted to case investigation and prosecution of health care
fraud.
If you have any questions, please contact Vickie Sloan, Justice
Management Division, (202) 514-0469. Thank you for the opportunity to
provide comments.
Sincerely,
Signed by:
Robert F. Diegelman:
Acting Assistant Attorney General for Administration:
[End of section]
Appendix IV: Staff Acknowledgments:
Ronald Bergman, Sharon Byrd, Lisa Crye, Jacquelyn Hamilton, Corinne
Robertson, Gina Ross, Sabrina Springfield, and Shawnda Wilson made key
contributions to this report.
[End of section]
Related GAO Products:
Civil Fines and Penalties Debt: Review of OSM's Management and
Collection Processes. [hyperlink,
http://www.gao.gov/products/GAO-02-211]. Washington, D.C.: December
31, 2001.
Criminal Debt: Oversight and Actions Needed to Address Deficiencies in
Collection Processes. [hyperlink,
http://www.gao.gov/products/GA0-01-664]. Washington, D.C.: July 16,
2001.
[End of section]
Footnotes:
[1] The Hospital Insurance Trust Fund funds the Medicare Part A
program, which helps pay for hospital, home health, skilled nursing
facility, and hospice care for the aged and disabled. The trust fund
is funded primarily through employment taxes (taxes on payroll and
self-employment).
[2] Department of Justice and Department of Health and Human Services,
Annual Report of the Department of Justice and Department of Health
and Human Services, Health Care Fraud and Abuse Control Program 1997
(Washington, D.C.: January 1998); Annual Report of the Department of
Justice and Department of Health and Human Services, Health Care Fraud
and Abuse Control Program 1998 (Washington, D.C.: February 1999);
Annual Report of the Department of Justice and Department of Health
and Human Services, Health Care Fraud and Abuse Control Program 1999
(Washington, D.C.: January 2000); Annual Report of the Department of
Justice and Department of Health and Human Services, Health Care Fraud
and Abuse Control Program 2000 (Washington, D.C.: January 2001); and
Annual Report of the Department of Justice and Department of Health
and Human Services, Health Care Fraud and Abuse Control Program 2001
(Washington, D.C.: April 2002).
[3] As we have previously reported in our report on fiscal years 1998
and 1999 HCFAC program activities, even if the HHS and DOJ joint
report was issued on time (January 2002), this would not have provided
sufficient time for us to perform our review procedures and to meet
our legislated reporting date of January 2002.
[4] To illustrate their total fraud and abuse efforts, HHS and DOJ
included in their joint reports other amounts collected as a result of
health care fraud activities totaling about $507.5 million and $901.3
million in fiscal years 2000 and 2001, respectively. Because HIPAA
does not require that these amounts be deposited into the trust fund,
they were not covered by our review. According to HHS and DOJ, to the
extent that they represent repayments to Medicare, these amounts are
returned to the trust fund.
[5] HIPAA also required that amounts resulting from the forfeiture of
property in federal health care cases be deposited to the trust fund;
however, there were no such reported forfeitures in fiscal years 2000
and 2001.
[6] Our estimate is based on a 95 percent confidence level, with a
tolerable error of $144,711.
[7] U.S. General Accounting Office, High-Risk Series: An Update,
[hyperlink, http://www.gao.gov/products/GAO-01-263] (Washington, D.C.:
January 2001).
[8] Department of Health and Human Services, Department of Health and
Human Services Office of Inspector General, Improper Fiscal Year 2001
Medicare Fee-For-Service Payments, A-17-01-02002 (Washington, D.C.:
February 2002).
[9] These statutes include sections 1128, 1128A, and 1128B of the
Social Security Act, as well as other statutes that apply to health
care fraud and abuse.
[10] FTE employment is the measure of the total number of regular
(nonovertime) hours worked by an employee divided by the number of
compensable hours applicable to each fiscal year. A typical FTE
workyear is equal to 2,080 hours. Office of Management and Budget, The
Budget for Fiscal Year 2003, Historical Table, (Washington, D.C.: U.S.
Government Printing Office, 2002).
[11] A relator is a private citizen who files suit on behalf of the
federal government under the qui tam”whistle-blower provisions of the
False Claims Act.
[12] Department of Health and Human Services, Department of Health and
Human Services, Office of Inspector General, Semiannual Report,
October 1, 1999, Through March 31, 2000; Department of Health and
Human Services, Office of Inspector General, Semiannual Report, April
1, 2000, Through September 30, 2000; Department of Health and Human
Services, Office of Inspector General, Semiannual Report, October 1,
2000, Through March 31, 2001; and Department of Health and Human
Services, Office of Inspector General, Semiannual Report, April 1,
2001, Through September 30, 2001. The Inspector General Act of 1978
(Public Law 95-452), as amended, requires the HHS/OIG to submit
semiannual reports on the OIG's activities and accomplishments for the
reporting period to the Secretary of HHS for transmittal to the
Congress.
[13] To demonstrate the results of their total fraud and abuse
efforts, HHS and DOJ included in their joint reports other amounts
collected as a result of health care fraud activities totaling about
$507.5 million and $901.3 million in fiscal years 2000 and 2001,
respectively. Because HIPAA does not require that these amounts be
deposited to the trust fund, they were not covered by our review.
[14] HIPAA also required that amounts resulting from the forfeiture of
property in federal health care cases be deposited into the trust
fund; however, there were no such reported forfeitures in fiscal years
2000 and 2001.
[15] Our estimate is based on a 95 percent confidence level, with a
tolerable error of $144,711.
[16] OMB Circular A-127 requires that agencies implement and maintain
financial management systems that minimize data redundancy, ensure
that consistent information is collected for similar transactions
throughout the agency, encourage consistent formats for entering data
directly into the financial management systems, and ensure that
consistent information is readily available and provided to internal
managers at all levels within the organization.
[17] U.S. General Accounting Office, Standards for Internal Control in
the Federal Government, [hyperlink,
http://www.gao.gov/products/GAO/AIMD-00-21.3.1] (Washington, D.C.:
November 1999).
[18] Department of Justice Office of the Inspector General Audit
Division, Audit Report: U.S. Department of Justice Annual Financial
Statement Fiscal Year 2001, Report Number 0206 (Washington, D.C.:
February 2002).
[19] U.S. Department of Justice FMIS Dept. Management Module Detail
Listing to Support Transfer of Funds From the U.S. Department of
Justice VIA OPAC.
[20] U.S. Department of Justice FMIS Dept. Management Module Detail
Report of COA, CSAI, FRFC, FRHC, FRME, FROM, and FRTR From 19991001 to
20000930 as of 04/10/01.
[End of section]
GAO‘s Mission:
The General Accounting Office, the investigative arm of Congress,
exists to support Congress in meeting its constitutional
responsibilities and to help improve the performance and
accountability of the federal government for the American people. GAO
examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO‘s commitment to good government is reflected in its
core values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through the Internet. GAO‘s Web site [hyperlink,
http://www.gao.gov] contains abstracts and full text files of current
reports and testimony and an expanding archive of older products. The
Web site features a search engine to help you locate documents using
key words and phrases. You can print these documents in their
entirety, including charts and other graphics.
Each day, GAO issues a list of newly released reports, testimony, and
correspondence. GAO posts this list, known as ’Today‘s Reports,“ on
its Web site daily. The list contains links to the full-text document
files. To have GAO e-mail this list to you every afternoon, go to
[hyperlink, http://www.gao.gov] and select ’Subscribe to daily E-mail
alert for newly released products“ under the GAO Reports heading.
Order by Mail or Phone:
The first copy of each printed report is free. Additional copies are
$2 each. A check or money order should be made out to the
Superintendent of Documents. GAO also accepts VISA and Mastercard.
Orders for 100 or more copies mailed to a single address are
discounted 25 percent. Orders should be sent to:
U.S. General Accounting Office: 441 G Street NW, Room LM:
Washington, D.C. 20548:
To order by Phone:
Voice: (202) 512-6000:
TDD: (202) 512-2537:
Fax: (202) 512-6061:
To Report Fraud, Waste, and Abuse in Federal Programs Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: fraudnet@gao.gov:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Public Affairs:
Jeff Nelligan, managing director,
NelliganJ@gao.gov:
(202) 512-4800:
U.S. General Accounting Office:
441 G Street NW, Room 7149:
Washington, D.C. 20548:
