Further Action Needed to Address Vulnerabilities in Medicaid and Medicare Programs
GAO-12-803T, Jun 7, 2012
What GAO Found
For the Medicaid program, the Centers for Medicare & Medicaid Services (CMS) and the states have taken some actions related to GAOs four key strategies but more needs to be done.
- CMSs comprehensive state program integrity reviews identified provider enrollment as the most frequently cited area of concern but the agency has noted a positive trend in states awareness of regulatory requirements.
- CMS noted vulnerabilities in the prepayment reviews of claims in five states and effective practices in seven others. In anticipation of new analytic tools to predict vulnerabilities before claims are paid, the agency has initiated discussions with and provided guidance to states.
- CMS has begun collaborating with states to identify targets for federal postpayment audits, which should help to avoid duplication of federal and state audit efforts.
- CMS has not established a robust process for states to evaluate and address vulnerabilities identified by the states new recovery audit contractors brought in to identify improper payments and recoup overpayments.
For the Medicare program, CMS has acted to strengthen several of its strategies to better ensure program integrity, but other actions remain undone.
- Congress authorized CMS to implement several new or improved enrollment safeguards, including screening enrollment applications for categories of Medicare providers by risk level. CMS has issued a final rule to implement this and other changes, but has not completed other final rules and additional actions that could further strengthen enrollment procedures, such as rules to implement new surety bond provisions and provider and supplier disclosures.
- GAOs prior work found certain gaps in Medicares prepayment edits based on coverage and payment policies and made recommendations for improvement, such as adding edits to identify abnormally rapid increases in medical equipment billing. GAO is currently evaluating new CMS efforts in this area.
- CMS has begun using recovery auditing in its prescription drug program but not for its Medicare managed care plans.
- GAO recommended that CMS establish an adequate process to ensure prompt resolution of identified vulnerabilities in Medicare and is currently evaluating steps that CMS has taken recently.
It is critical that CMS and the states continue working on reducing improper payments. While both have made efforts to reduce improper payments, further action is needed. Although Medicaid presents different challenges, GAO believes that many of the lessons learned from its work on Medicare could be applied to strengthen Medicaid program integrity. These lessons can be applied as CMS and the states begin to use the additional tools provided through recent legislation. As the implementation process proceeds, GAO is continuing to monitor these issues. Effectively implementing provisions of recent laws and GAOs recommendations will be critical to reducing improper payments and ensuring that federal funds are used efficiently and for their intended purpose.
Why GAO Did This Study
In 2011, CMS estimated that Medicaid and Medicare had improper payments of $21.9 billion and almost $43 billion, respectivelyamong the largest for all federal programs. Both health care programs are on GAOs list of high-risk programs. Over the years, Congress has passed legislation designed to help address program integrity issues in the two programs but they remain vulnerable to fraud, waste, and abuse. The program integrity challenges are different for Medicaid and Medicare. With 51 distinct state-based programs, Medicaid has complex challenges for finding the appropriate balance between state and federal efforts. Medicare uses contractors to help administer the program and CMS must oversee their efforts.
This statement examines the progress made and important steps still to be taken in these programs. GAO focused on four key strategies and recommendations that were designed to facilitate them that were identified in prior work and that could help reduce improper payments: (1) strengthening provider enrollment standards and procedures to ensure that only legitimate providers participate in the program; (2) improving prepayment controls; (3) improving postpayment claims review and recovery of improper payments; and (4) developing a robust process for addressing identified vulnerabilities. This statement is based on GAO products issued from April 2004 through May 2012 and interviews with agency officials and other stakeholders. In May 2012, GAO also received additional information from CMS on agency actions. GAO received technical comments from CMS officials and incorporated them into this statement.