GAO Issues Report on Medicare, Medicaid

WASHINGTON, Dec. 6 -- The Government Accountability Office has issued a report on how Centers for Medicare and Medicaid Services' efforts managing fraud risks in Medicare and Medicaid align with the Fraud Risk Framework. The report (GAO-18-88) is titled "Medicare and Medicaid: CMS Needs to Fully Align Its Antifraud Efforts with the Fraud Risk Framework".

The report was sent to Sen. Orrin G. Hatch, R-Utah, chairman of the Senate Finance Committee, Sen. Claire McCaskill, D-Missouri, ranking member of the Senate Homeland Security and Governmental Affairs Committee, Rep. Greg Walden, R-Oregon, chairman of the House Energy and Commerce Committee, Rep. Kevin Brady, R-Texas, chairman of the House Ways and Means Committee, Rep. Patrick J. Tiberi, R-Texas, chairman of the House Ways and Means subcommittee on Health, Rep. Vern Buchanan, R-Florida, chairman of the House Ways and Means subcommittee on Oversight, Rep. Michael Burgess, R-Texas, chairman of the House Energy and Commerce Subcommittee on Health, and Rep. Tom Cole, R-Okla., chairman of the House Appropriations subcommittee on Labor, Health and Human Services, Education, and Related Agencies, on Dec. 5. Here are excerpts of summaries associated with the report.

What GAO Found: "The approach that the Centers for Medicare & Medicaid Services (CMS) has taken for managing fraud risks across its four principal programs--Medicare, Medicaid, the Children's Health Insurance Program (CHIP), and the health-insurance marketplaces--is incorporated into its broader program-integrity approach. According to CMS officials, this broader program-integrity approach can help the agency develop control activities to address multiple sources of improper payments, including fraud. As the figure below shows, CMS views fraud as part of a spectrum of actions that may result in improper payments.

(figure omitted)

CMS's efforts managing fraud risks in Medicare and Medicaid partially align with GAO's 2015 A Framework for Managing Fraud Risks in Federal Programs (Fraud Risk Framework). This framework describes leading practices in four components: commit , assess , design and implement , and evaluate and adapt . CMS has shown commitment to combating fraud in part by establishing a dedicated entity--the Center for Program Integrity--to lead antifraud efforts. Furthermore, CMS is offering and requiring antifraud training for stakeholder groups such as providers, beneficiaries, and health-insurance plans. However, CMS does not require fraud-awareness training on a regular basis for employees, a practice that the framework identifies as a way agencies can help create a culture of integrity and compliance. Regarding the assess and design and implement components, CMS has taken steps to identify fraud risks, such as by designating specific provider types as high risk and developing associated control activities. However, it has not conducted a fraud risk assessment for Medicare or Medicaid, and has not designed and implemented a risk-based antifraud strategy. A fraud risk assessment allows managers to fully consider fraud risks to their programs, analyze their likelihood and impact, and prioritize risks. Managers can then design and implement a strategy with specific control activities to mitigate these fraud risks, as well as an appropriate evaluation approach consistent with the evaluate and adapt component. By developing a fraud risk assessment and using that assessment to create an antifraud strategy and evaluation approach, CMS could better ensure that it is addressing the full portfolio of risks and strategically targeting the most-significant fraud risks facing Medicare and Medicaid."

Why GAO Did This Study: "CMS, an agency within the Department of Health and Human Services (HHS), provides health coverage for over 145 million Americans through its four principal programs, with annual outlays of about $1.1 trillion. GAO has designated the two largest programs, Medicare and Medicaid, as high risk partly due to their vulnerability to fraud, waste, and abuse. In fiscal year 2016, improper payment estimates for these programs totaled about $95 billion.

GAO's Fraud Risk Framework and the subsequent enactment of the Fraud Reduction and Data Analytics Act of 2015 have called attention to the importance of federal agencies' antifraud efforts. This report examines (1) CMS's approach for managing fraud risks across its four principal programs, and (2) how CMS's efforts managing fraud risks in Medicare and Medicaid align with the Fraud Risk Framework.

GAO reviewed laws and regulations and HHS and CMS documents, such as program-integrity manuals. It also interviewed CMS officials and a sample of CMS stakeholders, including state officials and contractors. GAO selected states based on fraud risk and other factors, such as geographic diversity. GAO selected contractors based on a mix of companies and geographic areas served."

What GAO Recommends: "GAO recommends that CMS (1) provide and require fraud-awareness training to its employees, (2) conduct fraud risk assessments, and (3) create an antifraud strategy for Medicare and Medicaid, including an approach for evaluation. HHS concurred with GAO's recommendations."

The text of the GAO report is available at http://www.gao.gov/products/GAO-18-88?utm_medium=email&utm_source=govdelivery

TARGETED NEWS SERVICE: Myron Struck, editor; 703/304-1897; [email protected]; http://www.targetednews.com