Skip to main content

Medicare Program Integrity: Contractors Reported Generating Savings, but CMS Could Improve Its Oversight

GAO-14-111 Published: Oct 25, 2013. Publicly Released: Nov 25, 2013.
Jump To:
Skip to Highlights

Highlights

What GAO Found

The Centers for Medicare and Medicaid Services (CMS) paid its Zone Program Integrity Contractors (ZPIC) about $108 million in 2012. ZPICs reported spending most of this funding on fraud case development, primarily for investigative staff, who in 2012 reported conducting about 3,600 beneficiary interviews, almost 780 onsite inspections, and reviews of more than 200,000 Medicare claims.

ZPICs reported that their actions resulted in more than $250 million in savings to Medicare in calendar year 2012 from actions such as stopping payment on suspect claims. ZPICs also reported taking other actions to protect Medicare funds, including having more than 130 of their investigations accepted by law enforcement for potential prosecution, and working to stop more than 160 providers from receiving additional Medicare payments in 2012. However, CMS lacks information on the timeliness of ZPICs' actions--such as the time it takes between identifying a suspect provider and taking actions to stop that provider from receiving potentially fraudulent Medicare payments--and would benefit from knowing if ZPICs could save more money by acting more quickly.

ZPICs generally received good ratings in annual reviews, with five of six eligible for incentive awards. CMS follows some best practices for ZPICs' oversight, but the agency does not clearly link ZPIC performance to agency program integrity goals. The majority of the measures CMS uses to evaluate ZPICs relate to the quality of their work because, according to CMS officials, quality is the most important element. However, evaluation of such measures, while a best practice, does not connect ZPIC work to agency performance measures. For example, CMS aims to increase the percentage of actions taken against certain high risk Medicare providers--work central to ZPICs--but does not explicitly link ZPICs' work to the agency's progress toward that goal, another best practice that would allow the agency to better assess the ZPICs' support of CMS's fraud prevention efforts.

Why GAO Did This Study

GAO has designated Medicare as a high-risk program, in part because its size and complexity make it particularly vulnerable to fraud. To help detect and prevent potential Medicare fraud, CMS--the agency within the Department of Health and Human Services (HHS) that administers the Medicare program--contracts with ZPICs. These contractors are to identify potential fraud, investigate it thoroughly and in a timely manner, and take swift action, such as working to revoke suspect providers' Medicare billing privileges and referring potentially fraudulent providers to law enforcement.

GAO examined (1) ZPIC contract costs and how ZPICs use those funds, (2) the results of ZPICs' work, and (3) the results of CMS's evaluations of ZPICs' performance and aspects of CMS's evaluation practices. To do this, GAO examined ZPIC funding, contracts, and related documents; data on ZPICs' workloads, investigations, and results; and CMS evaluations of ZPICs as well as federal standards for performance measurement. GAO also interviewed CMS and ZPIC officials.

Recommendations

GAO recommends that CMS collect and evaluate information on the timeliness of ZPICs' investigative and administrative actions, and develop ZPIC performance measures that explicitly link ZPICs' work to Medicare program integrity performance measures and goals. GAO requested comments from HHS on the draft report, but none were provided.

Recommendations for Executive Action

Agency Affected Recommendation Status
Centers for Medicare & Medicaid Services To help ensure that CMS's fraud prevention activities are effective and that CMS is comprehensively assessing ZPIC performance, the Administrator of CMS should collect and evaluate information on the timeliness of ZPICs' investigative and administrative actions, such as how soon investigations are initiated after ZPICs identify potential fraud and how swiftly ZPICs initiate administrative actions after identifying potentially fraudulent providers.
Closed – Not Implemented
As of August 2016, CMS officials reported that ZPICs are being phased out beginning this year and through 2017. CMS is hiring a different type of contractor?the Unified Program Integrity Contractor (UPIC)?which will carry out functions previously assigned to 4 types of contractors, including the ZPICs. The UPICs will operate in five regions. In May 2016, the first UPIC contract was awarded and two more are expected to be awarded by the end of September 2016, with the final 2 estimated to be awarded in 2017, according to CMS. Therefore, the recommendation will be closed; it cannot be implemented because the contractors that we examined in our engagement are expected to no longer be in operation by 2017.
Centers for Medicare & Medicaid Services To help ensure that CMS's fraud prevention activities are effective and that CMS is comprehensively assessing ZPIC performance, the Administrator of CMS should develop ZPIC performance measures that explicitly link their work to the agency's Medicare fee-for-service program integrity performance measures and targets for its GPRA goal of fighting fraud and working to eliminate improper payments.
Closed – Not Implemented
As of August 2016, CMS officials reported that ZPICs are being phased out beginning this year and through 2017. CMS is hiring a different type of contractor?the Unified Program Integrity Contractor (UPIC)?which will carry out functions previously assigned to 4 types of contractors, including the ZPICs. The UPICs will operate in five regions. In May 2016, the first UPIC contract was awarded and two more are expected to be awarded by the end of September 2016, with the final 2 estimated to be awarded in 2017, according to CMS. Therefore, the recommendation will be closed; it cannot be implemented because the contractors that we examined in our engagement are expected to no longer be in operation by 2017.

Full Report

GAO Contacts

Office of Public Affairs

Topics

Best practicesBilling proceduresContractorsCriminal investigationsData collectionErroneous paymentsHealth care fraudMedicaidMedicarePaymentsRisk managementBeneficiariesPerformance measuresClaims processingOverpaymentsLaw enforcementFee-for-service plansHealth care programsFraud, Waste and AbuseRisk assessment