Updated on: July 25, 2012

Congress Directs GAO to Study CMS’s Processes for Multiple Medicare Audits

By
Original story posted on: July 13, 2012

EDITOR’S NOTE: This is the second of two articles on this subject appearing in the July 12, 2012 edition of RACMonitorEnews. See Gregory P. Calosso’s article, “ Hope in One-Page Letter: Congress to GAO.”

At the request of members of Congress, the General Accountability Office (GAO) will conduct a study of the various audits being conducted on Medicare program claims.

As readers know, these multiple audits have been just one of the thorns in the sides of healthcare providers during the last few years, and some may respond to this news with a sigh of relief, saying, “It’s about time.”

At least one of these auditors is well known, and that is, of course, the Recovery Audit Contractor (RAC) or, as the Centers for Medicare & Medicaid Services (CMS), now calls it the fee-for-service (FFS) recovery auditor. Others like the ones below may be less well known—and these are just for the Medicare program.

Each of the following has its own specific responsibility to ensure Medicare pays claims accurately and by the letter of the law.

  • ZPICs—zone program integrity contractors, which are replacing CMS's program safeguard contractors (PSCs)
  • Comprehensive error rate testing (CERT) review contractors
  • Payment error rate measurement (PERM) contractors
  • Medicare administrative contractors (MACs).

Focus on Coordinated Effort

A bi-partisan group of 11 members of Congress directed GAO to conduct a study regarding coordination of the various audits that are being conducted in the Medicare program. “In order for this contractor oversight to at once be effective at detecting improper payments and not unnecessarily burdensome to providers, it must be undertaken subject to a coherent strategic plan, consistent standards and active coordination. “

They asked GAO to evaluate the following questions “at a minimum”:

  • What process does CMS use to determine whether the contractors’ audit criteria and methodologies are valid, clear and consistent?
  • How does CMS coordinate among these contractors to ensure that their interactions with providers are not duplicative? Is there any evidence of providers being subjected to multiple overlapping audits on the same topic? If so, how frequently does this occur? Is there any justification for a single provider being audited by multiple contractors at the same time?
  • What are the reasons for requesting that similar information be submitted to multiple contractors? Are there steps CMS is taking to limit duplicative audits, while still ensuring contractors have the tools necessary to pursue program integrity efforts?
  • Does CMS have a strategic plan to coordinate and oversee all of its audit activities and, if so, how is the plan implemented and overseen?

OIG Identifies Existing Problems

It appears that the GAO’s study will come just in time. In its Semiannual Report to Congress (October 1, 2011 – March 31, 2012), the Department of Health & Human Services Office of Inspector General (OIG) stated that its work “reveals persistent problems.”

It reported that CMS’s systems and procedures and those used by its contractors were not sufficient to ensure effective oversight of contractor performance and resolution of known vulnerabilities.

Two examples of problems are provided below.

  • Data deficiencies obstructed CMS’s oversight of ZPICs. The workload data that CMS uses to oversee ZPICs were not accurate or uniform, and these inaccuracies and lack of uniformity prevented the OIG from making a conclusive assessment of the contractor’s activities. The OIG cited the source of the problem as CMS's Analysis, Reporting, and Tracking System (CMS ARTS); ZPIC reporting errors; ZPICs' interpretations of workload definitions; and inconsistencies in requests for information reports. ZPICs' performance evaluations contained few workload statistics, and data access issues affected ZPICs' program integrity activities.

The conditions are serious obstacles to CMS’s oversight of ZPIC operations and effectiveness, the OIG stated, and it recommends that CMS do the following:

  • Clarify definitions in CMS ARTS
  • Perform a timely review of data in CMS ARTS
  • Use and report ZPIC workload statistics in ZPIC evaluations.
  • No resolution for contractor-identified vulnerabilities. CMS did not take significant action to resolve, 77 percent of vulnerabilities that its Medicare benefit integrity contractors reported in 2009. The estimated impact of vulnerabilities, such as those in claims coding and provider identifiers, which contractors reported inconsistently or not at all, was at least $1.2 billion. Only two of the vulnerabilities reported in 2009 had been resolved as of January 2011. Although CMS has procedures to consistently track and review vulnerabilities, it lacks procedures to ensure that vulnerabilities are resolved.

The OIG advised CMS to determine the status of all unresolved vulnerabilities and take action to address them, require contractors to report monetary impact, and ensure that vulnerabilities are resolved by establishing formal written procedures.

In its letter, members of Congress asked the GAO for “prompt attention” to matters such as the above. Since there’s no way to define “prompt” when it comes to the government, the GAO study and report fall into a definite wait-and-see category.

About the Author

Janis Oppelt is editorial director for MedLearn publishing, Panacea Healthcare Solutions, Inc., St. Paul, MN.

Contact the Author

joppelt@medlearn.com

To comment on this article please go to editor@racmonitor.com

Janis Oppelt

This email address is being protected from spambots. You need JavaScript enabled to view it.