«SHANTANU AGRAWAL, M.D. DEPUTY ADMINISTRATOR AND DIRECTOR, CENTER FOR PROGRAM INTEGRITY CENTERS FOR MEDICARE & MEDICAID SERVICES ON “MEDICARE AND ...»
SHANTANU AGRAWAL, M.D.
DEPUTY ADMINISTRATOR AND DIRECTOR,
CENTER FOR PROGRAM INTEGRITY
CENTERS FOR MEDICARE & MEDICAID SERVICES
“MEDICARE AND MEDICAID PROGRAM INTEGRITY: COMBATTING IMPROPER
PAYMENTS AND INELIGIBLE PROVIDERS”
UNITED STATES HOUSE COMMITTEE ON ENERGY & COMMERCE
SUBCOMMITTEE ON OVERSIGHT & INVESTIGATIONSMAY 24, 2016 Statement of Shantanu Agrawal, M.D., on “Medicare and Medicaid Program Integrity:
Combatting Improper Payments and Ineligible Providers” U.S. House Committee on Energy and Commerce Subcommittee on Oversight and Investigations May 24, 2016 Chairman Murphy, Ranking Member DeGette, and members of the Subcommittee, thank you for the invitation to discuss the Centers for Medicare & Medicaid Services’ efforts to strengthen program integrity in the Medicare and Medicaid programs. Enhancing program integrity is a top priority for the administration and an agency-wide effort at CMS. We share this Subcommittee’s commitment to protecting beneficiaries and ensuring taxpayer dollars are spent on legitimate items and services, both of which are at the forefront of our program integrity mission. CMS is coordinating a variety of efforts with Federal and State partners, as well as the private sector to better share information to address vulnerabilities, prevent improper payments and verify provider and beneficiary eligibility.
CMS understands that it has a responsibility to make sure our programs pay the right amount, to the right party, for the right beneficiary, in accordance with the law and agency and state policies. CMS is focused on preventing fraud, waste, and abuse in Medicare, Medicaid, and the Children’s Health Insurance Program (CHIP). Historically, CMS and our law enforcement partners have been dependent upon “pay and chase” activities, by working to identify and recoup fraudulent payments after claims were paid. Now, CMS is using a variety of tools, including innovative data analytics, to keep fraudsters out of our programs in the first place and to uncover fraudulent schemes and trends quickly before they drain valuable resources from our Trust Funds.
Insight and recommendations from the Government Accountability Office (GAO) and the Department of Health and Human Services Office of Inspector General (HHS-OIG) are a critical component of these efforts. In the last year, we have implemented 38 GAO recommendations and 122 recommendations from the HHS-OIG across all CMS programs, and have submitted 1 approximately 100 additional recommendations to the GAO and 129 to the HHS-OIG for their review and closure.
Our efforts to implement GAO and HHS-OIG recommendations stretch across our programs. For example, CMS will eliminate the use of beneficiaries’ Social Security Numbers on Medicare cards by April 2019, as required by the Medicare Access & CHIP Reauthorization Act of 2015 (MACRA), a step that both GAO 1 and HHS-OIG 2 have recommended to protect beneficiaries and prevent fraudulent activity. Based on input from the HHS-OIG 3, GAO, and stakeholders, over the past several years, CMS has broadened its initial focus of strengthening beneficiary access to prescribed drugs to also address fraud and drug abuse by making sure Part D sponsors implement effective safeguards and provide coverage for drug therapies that meet safety and efficacy standards. Today, CMS requires Part D plan sponsors to have drug utilization review systems, policies, and procedures designed to ensure that a review of the prescribed drug therapy is performed before each prescription is dispensed to an enrollee in a sponsor’s Part D plan.
CMS also issued a Final Rule that both establishes a new revocation authority for abusive prescribing patterns and requires most prescribers of Part D drugs to enroll in Medicare or have a valid opt-out affidavit on file. CMS has made a number of enhancements to the provider enrollment and revalidation process as the GAO has recommended, 4 which is described in more detail below. CMS also recently finalized the first overhaul of Medicaid and CHIP managed care regulations in more than a decade 5, and addresses several recommendations that the HHS-OIG has made in recent years 6 to strengthen program integrity in Medicaid and CHIP Managed Care.
The final rule strengthens the fiscal transparency and integrity in Medicaid and CHIP managed care by requiring more transparency in the managed care rate setting process, adding a standard for the calculation and reporting of medical loss ratios, identifying minimum standards for 1 http://www.gao.gov/products/GAO-13-761 2 http://oig.hhs.gov/oei/reports/oei-02-10-00040.pdf 3 http://oig.hhs.gov/oei/reports/oei-03-13-00030.pdf 4 For more information: https://blog.cms.gov/2016/02/22/cms-strengthens-provider-and-supplier-enrollmentscreening/ 5 https://www.federalregister.gov/articles/2016/05/06/2016-09581/medicaid-and-childrens-health-insuranceprogram-chip-programs-medicaid-managed-care-chip-delivered 6 See, for example, OIG, State and CMS Oversight of the Medicaid Managed Care Credentialing Process (OEI-09Nov. 2013), available at http://oig.hhs.gov/oei/reports/oei-09-10-00270.pdf; OIG, Excluded Providers in Medicaid Managed Care Entities (OEI-07-09-00630) (Feb. 2012), available at https://oig.hhs.gov/oei/reports/oeipdf; OIG, Medicaid Managed Care: Fraud and Abuse Concerns Remain Despite Safeguards (OEI-01Dec. 2011), available at http://oig.hhs.gov/oei/reports/oei-01-09-00550.pdf.
2 provider screening and enrollment, expanding managed care plan responsibilities in program integrity efforts, and adding requirements related to encounter data submissions.
Our efforts strike an important balance: protecting beneficiary access to necessary health care services and reducing the administrative burden on legitimate providers and suppliers, while ensuring that taxpayer dollars are not lost to fraud, waste, and abuse. Fraud can inflict real harm on beneficiaries. Beneficiaries are at risk when fraudulent providers perform medically unnecessary tests, treatments, procedures, or surgeries, or prescribe dangerous drugs without thorough examinations or medical necessity. When we prevent fraud, we ensure that beneficiaries are less exposed to risks and harm from fraudulent providers, and are provided with improved access to quality health care from legitimate providers while preserving Trust Fund dollars.
Fraud Prevention System In addition to traditional provider-enrollment activities, CMS’ sophisticated predictive analytics technology, the Fraud Prevention System (FPS), identifies investigative leads to further protect the Medicare program from inappropriate billing practices and provide oversight on providerenrollment actions. Since CMS implemented the technology in June 2011, the FPS has identified or prevented $820 million in inappropriate payments by identification of new leads or contribution to existing investigations; including approximately $242 million in cost-avoidance savings from revoking provider billing privileges as a result of FPS leads. 7 CMS is required to have the HHS-OIG certify the savings and costs of the FPS. CMS achieved certification in the second and third year of the program. For the first time in the history of federal health care programs, the HHS-OIG certified a methodology to calculate cost avoidance due to removing a provider from the program. This is a critical achievement as moving towards prevention requires a clear measurement of the future costs avoided. During the third year (defined in statute as January 2014 – December 2014), the FPS identified or prevented $454 million in inappropriate payments through actions taken due to the FPS or through investigations 7
Report to Congress: Fraud Prevention System Third Implementation Year. Available at:
Provider Enrollment A critical component to preventing fraud, waste and abuse is to ensure that only legitimate providers have the ability to bill our programs in the first place. Provider enrollment is the gateway to billing our programs, and CMS is engaging in new efforts to make sure that only legitimate providers are enrolling in Medicare, Medicaid, and CHIP. By preventing fraudulent or unqualified providers or suppliers from enrolling in the program and removing existing unqualified providers and suppliers, CMS ensures that fewer beneficiaries are exposed to risks and harm, and taxpayer dollars are spent only on services provided by legitimate providers and suppliers.
The Affordable Care Act provided tools, including the use of risk-based screening of providers and suppliers, to enhance our ability to screen providers and suppliers upon enrollment and identify those that possibly may be at heightened risk for committing fraud. In February 2011, CMS finalized regulations to implement categorical risk-based screening of newly enrolling Medicare and Medicaid providers and suppliers and revalidate all current providers and suppliers under new requirements established by the Affordable Care Act. Provider and supplier types in the “limited risk” category undergo verification of licensure, verification of compliance with federal regulations and state requirements, and various database checks. Provider and supplier types in the “moderate risk" or "high risk” categories undergo additional screening, including unannounced site visits. Additionally, owners with a five percent or greater direct or indirect ownership interest in a provider or supplier that are in the high risk category must consent to criminal background checks including fingerprinting. This risk based approach to provider screening allows CMS to target our resources as efficiently as possible, applying the most scrutiny to higher risk categories while limiting the burden and requirements on the types of providers and suppliers that pose a lower risk.
4 We are seeing real results from our efforts, and we estimate that Affordable Care Act authorities have saved the Medicare program $1.4 billion from revocations since March 2011, protecting both beneficiaries and the Medicare Trust Funds. These actions are part of a larger set of provider enrollment and screening activities which have saved the Medicare program $2.4 billion in avoided costs. 8 These savings reflect the actions CMS has taken to deactivate billing privileges for more than 543,100 providers and suppliers that do not meet Medicare requirements, and to revoke the enrollment and billing privileges of an additional 34,800 providers and suppliers since 2011. 9 Increased screening efforts have led CMS to deny 7,293 applications in the last 12 months (February 2015-February 2016) based on improved enrollment screening, preventing these providers or suppliers from ever submitting a claim.
Provider Enrollment in Medicare Before they can bill Medicare, all providers and suppliers are required to undergo a baseline screening, including confirmation of the provider’s or supplier’s Social Security Number through the Social Security Administration and license and certification through the state licensing boards; and searches in the General Services Administration’s (GSA) System for Award Management for Government contracting exclusion (suspension and debarments) and the HHSOIG's exclusion list for all individuals listed on the application. Additionally, all Medicare providers and suppliers already enrolled prior to the new screening requirements becoming effective were sent revalidation notices, and those that did not respond or did not meet these new screening requirements had their billing privileges deactivated or revoked.
To enroll in the Medicare program, a provider or supplier may submit its enrollment application online using the Provider Enrollment, Chain and Ownership System (PECOS) or by paper by sending a CMS-855 to its Medicare Administrative Contractor. PECOS is a centralized database 8 These savings estimates use the same methodology as the identified “costs avoided by revoking billing privileges” savings measure that was certified by the OIG in the 2nd and 3rd Year FPS Reports to Congress. Please see CMS’
Report to Congress: Fraud Prevention System Third Implementation Year, for more information (available at:
http://www.cms.gov/About-CMS/Components/CPI/Center-for-program-integrity.html). While these particular estimates have not been certified by the OIG, they reflect comparable calculations applied to actions taken under authorities provided in both the Affordable Care Act and CMS’ previously existing authorities.
9 Deactivated providers and suppliers have their Medicare billing privileges stopped; however, their billing privileges can be restored upon the submission and approval of an updated enrollment application. Revoked providers and suppliers have their Medicare billing privileges terminated and are barred from re-entering the Medicare program for a period of one to three years, depending on the severity of the revocation.
CMS is enhancing our address verification software in PECOS to better detect vacant or invalid addresses or commercial mail reporting agencies (CMRAs). Earlier this year, as recommended by the GAO, CMS replaced the previous PECOS address verification software with new software that includes Delivery Point Verification (DPV) in addition to the previous functionality. This new DPV functionality flags addresses that may be vacant, CMRAs, or invalid addresses. CMS is now continuously monitoring and identifying addresses that may have become vacant or non-operational after initial enrollment. This monitoring is done through monthly data analysis that validates provider and supplier enrollment practice location addresses against the U.S. Postal Service address verification database. Earlier this year, CMS also began deactivating providers and suppliers that have not billed Medicare in the last 13 months. 10 This approach will remove providers and suppliers with potentially invalid addresses from PECOS without requiring site visits. This work will strengthen the integrity of the Medicare program while minimizing burden on the provider and supplier community.