The GAO has made a series of recommendations intended to help the Centers for Medicare & Medicaid Services (CMS) strengthen its ability to prevent or detect and recoup improperly distributed reimbursements, officials announced last week. Those recommendations were unveiled as part of GAO testimony delivered before the U.S. House of Representatives Subcommittee on Government Organization, Efficiency and Financial Management, which is part of the House’s Committee on Oversight and Government Reform.
“It is important to recognize that the $48 billion is not an estimate of fraud in Medicare,” the summary noted. “Because the improper payment estimation process is not designed to detect or measure the amount of fraud that may exist, there may be fraud that is not reflected in HHS’s reported estimate.”
The GAO cited inadequate documentation, medically unnecessary services, coding errors and payment calculation errors as several causes for the improper payments, noting that CMS is facing challenges in designing and implementing internal controls to prevent or detect and recoup improper payments. In 2010, CMS established the Center for Program Integrity to serve as its focal point for all national Medicare integrity issues, and based on past work, the GAO identified five key strategies to help reduce fraud, waste and abuse in Medicare.
The recommendations outlined last week are intended to help strengthen CMS’s implementation of those strategies, some of which the agency has yet to implement at all, officials explained. The recommendations are as follows:
1. Strengthen provider enrollment standards and procedures, a step expected to reduce the risk of enrolling providers intent on defrauding the program. CMS has taken action to implement provisions of the Patient Protection and Affordable Care Act of 2010 by screening providers by levels of risk and providing more stringent review of high-risk providers, but the agency has yet to implement certain GAO recommendations in this area, officials reported.
2. Improve prepayment reviews, a step expected to help ensure that Medicare pays correctly the first time, every time. According to CMS, as of July 1 the agency started applying predictive modeling analysis to claims with the intent of expanding Medicare prepayment controls. CMS has not yet implemented GAO’s recommendation to improve prepayment reviews, officials reported.
3. Focus post-payment reviews on vulnerable areas. These reviews are critical to identifying payment errors and recouping overpayments, the GAO noted. In March 2009, CMS began instituting its national Recovery Audit Contractor (RAC) program to help the agency supplement its post-payment reviews, and the agency also has developed information technology to help it better identify claims paid in error, but the GAO recently reported that these systems are not being used to the extent originally planned and made several recommendations to address the issues.
4. Improve oversight of contractors. CMS has taken action to improve oversight of prescription drug plan sponsors’ fraud and abuse detection programs, which addresses one GAO recommendation, but the agency still is developing specific performance statistics, officials reported.
5. Develop a robust process to address identified vulnerabilities – a process the GAO labeled “critical.” While CMS has begun actions in this area, it has not developed a comprehensive corrective action process for vulnerabilities identified by Medicare RACs in accordance with a GAO recommendation, officials reported.
The GAO in the past has designated Medicare as a high-risk program because of its size, complexity and susceptibility to improper payments. In 2010, Medicare covered 47 million elderly and disabled beneficiaries, with estimated outlays of $516 billion. The GAO based its testimony on updated information received from CMS in February 2011, and in select cases, as of July 2011, on its actions related to relevant laws, regulations, guidance and open recommendations pertaining to key remediation strategies.
Mark Spivey is a correspondent for the RACmonitor.com and ICD10monitor.com websites. He can be reached at firstname.lastname@example.org.