Fraud Detection Systems:

Centers for Medicare and Medicaid Services Needs to Ensure More Widespread Use

GAO-11-475: Published: Jun 30, 2011. Publicly Released: Jul 12, 2011.

Additional Materials:

Contact:

Valerie C. Melvin
(202) 512-6304
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

GAO has designated Medicare and Medicaid as high-risk programs, in part due to their susceptibility to improper payments--estimated to be about $70 billion in fiscal year 2010. Improper payments have many causes, such as submissions of duplicate claims or fraud, waste, and abuse. As the administrator of these programs, the Centers for Medicare and Medicaid Services (CMS) is responsible for safeguarding them from loss. To integrate claims information and improve its ability to detect fraud, waste, and abuse in these programs, CMS initiated two information technology system programs: the Integrated Data Repository (IDR) and One Program Integrity (One PI). GAO was asked to (1) assess the extent to which IDR and One PI have been developed and implemented and (2) determine CMS's progress toward achieving its goals and objectives for using these systems to help detect fraud, waste, and abuse. To do so, GAO reviewed system and program management plans and other documents and compared them to key practices. GAO also interviewed program officials, analyzed system data, and reviewed reported costs and benefits.

CMS has developed and begun using both IDR and One PI, but has not incorporated into IDR all data as planned and has not taken steps to ensure widespread use of One PI to enhance efforts to detect fraud, waste, and abuse. IDR is intended to be the central repository of Medicare and Medicaid data needed to help CMS program integrity staff and contractors prevent and detect improper payments of Medicare and Medicaid claims. Program integrity analysts use these data to identify patterns of unusual activities or transactions that may indicate fraudulent charges or other types of improper payments. IDR has been operational and in use since September 2006. However, it does not include all the data that were planned to be incorporated by fiscal year 2010. For example, IDR includes most types of Medicare claims data, but not the Medicaid data needed to help analysts detect improper payments of Medicaid claims. IDR also does not include data from other CMS systems that are needed to help analysts prevent improper payments, such as information about claims at the time they are filed and being processed. According to program officials, these data were not incorporated because of obstacles introduced by technical issues and delays in funding. Further, the agency has not finalized plans or developed reliable schedules for efforts to incorporate these data. Until it does so, CMS may face additional delays in making available all the data that are needed to support enhanced program integrity efforts. One PI is a Web-based portal that is to provide CMS staff and contractors with a single source of access to data contained in IDR, as well as tools for analyzing those data. While One PI has been developed and deployed to users, few program integrity analysts were trained and using the system. Specifically, One PI program officials planned for 639 program integrity analysts to be using the system by the end of fiscal year 2010; however, as of October 2010, only 41--less than 7 percent--were actively using the portal and tools. According to program officials, the agency's initial training plans were insufficient and, as a result, they were not able to train the intended community of users. Until program officials finalize plans and develop reliable schedules for training users and expanding the use of One PI, the agency may continue to experience delays in reaching widespread use and determining additional needs for full implementation of the system. While CMS has made progress toward its goals to provide a single repository of data and enhanced analytical capabilities for program integrity efforts, the agency is not yet positioned to identify, measure, and track benefits realized from its efforts. As a result, it is unknown whether IDR and One PI as currently implemented have provided financial benefits. According to IDR officials, they do not measure benefits realized from increases in the detection rate for improper payments because they rely on business owners to do so, and One PI officials stated that, because of the limited use of the system, there are not enough data to measure and gauge the program's success toward achieving the $21 billion in financial benefits that the agency projected. GAO is recommending that CMS take steps to finalize plans and reliable schedules for fully implementing and expanding the use of the systems and to define measurable benefits. In its comments, CMS concurred with GAO's recommendations.

Status Legend:

More Info
  • Review Pending-GAO has not yet assessed implementation status.
  • Open-Actions to satisfy the intent of the recommendation have not been taken or are being planned, or actions that partially satisfy the intent of the recommendation have been taken.
  • Closed-implemented-Actions that satisfy the intent of the recommendation have been taken.
  • Closed-not implemented-While the intent of the recommendation has not been satisfied, time or circumstances have rendered the recommendation invalid.
    • Review Pending
    • Open
    • Closed - implemented
    • Closed - not implemented

    Recommendations for Executive Action

    Recommendation: To help ensure that the development and implementation of IDR and One PI are successful in helping the agency meet the goals and objectives of its program integrity initiatives, the Administrator of CMS should finalize plans and develop schedules for incorporating additional data into IDR that identify all resources and activities needed to complete tasks and that consider risks and obstacles to the IDR program.

    Agency Affected: Department of Health and Human Services: Centers for Medicare and Medicaid Services

    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To help ensure that the development and implementation of IDR and One PI are successful in helping the agency meet the goals and objectives of its program integrity initiatives, the Administrator of CMS should implement and manage plans for incorporating data in IDR to meet schedule milestones.

    Agency Affected: Department of Health and Human Services: Centers for Medicare and Medicaid Services

    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To help ensure that the development and implementation of IDR and One PI are successful in helping the agency meet the goals and objectives of its program integrity initiatives, the Administrator of CMS should establish plans and reliable schedules for training all program integrity analysts intended to use One PI.

    Agency Affected: Department of Health and Human Services: Centers for Medicare and Medicaid Services

    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To help ensure that the development and implementation of IDR and One PI are successful in helping the agency meet the goals and objectives of its program integrity initiatives, the Administrator of CMS should establish and communicate deadlines for program integrity contractors to complete training and use One PI in their work.

    Agency Affected: Department of Health and Human Services: Centers for Medicare and Medicaid Services

    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To help ensure that the development and implementation of IDR and One PI are successful in helping the agency meet the goals and objectives of its program integrity initiatives, the Administrator of CMS should conduct training in accordance with plans and established deadlines to ensure schedules are met and program integrity contractors are trained and able to meet requirements for using One PI.

    Agency Affected: Department of Health and Human Services: Centers for Medicare and Medicaid Services

    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To help ensure that the development and implementation of IDR and One PI are successful in helping the agency meet the goals and objectives of its program integrity initiatives, the Administrator of CMS should define any measurable financial benefits expected from the implementation of IDR and One PI.

    Agency Affected: Department of Health and Human Services: Centers for Medicare and Medicaid Services

    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To help ensure that the development and implementation of IDR and One PI are successful in helping the agency meet the goals and objectives of its program integrity initiatives, the Administrator of CMS, with stakeholder input, should establish measurable, outcome-based performance measures for IDR and One PI that gauge progress toward meeting program goals.

    Agency Affected: Department of Health and Human Services: Centers for Medicare and Medicaid Services

    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Jul 23, 2014

    Jul 16, 2014

    Jul 15, 2014

    Jul 10, 2014

    Jun 30, 2014

    Jun 25, 2014

    Jun 24, 2014

    Jun 23, 2014

    Jun 18, 2014

    Looking for more? Browse all our products here