Skip to main content

Medicaid Program Integrity: Increased Oversight Needed to Ensure Integrity of Growing Managed Care Expenditures

GAO-14-341 Published: May 19, 2014. Publicly Released: Jun 18, 2014.
Jump To:
Skip to Highlights

Highlights

What GAO Found

GAO identified a gap in state and federal efforts to ensure Medicaid managed care program integrity. Federal laws require the states and the Centers for Medicare & Medicaid Services (CMS) to ensure the integrity of the Medicaid program, including payments under Medicaid managed care, which are growing at a faster rate than payments under fee-for-service (FFS). However, five state program integrity (PI) units and four Medicaid Fraud Control Units (MFCU) from the seven states included in GAO's review said they primarily focus their efforts on Medicaid FFS claims and have not begun to closely examine program integrity in Medicaid managed care. In addition, federal entities have taken few steps to address Medicaid managed care program integrity.

CMS, the federal agency within the Department of Health and Human Services (HHS) that oversees Medicaid has largely delegated managed care program integrity oversight activities to the states, but has not updated its program integrity guidance since 2000.

Additionally, CMS does not require states to audit managed care payments, and state officials GAO interviewed said they require additional CMS support, such as additional guidance and the option to obtain audit assistance from existing Medicaid integrity contractors in overseeing Medicaid managed care program integrity.

The involvement of multiple entities in conducting post-payment reviews, audits, and investigations has resulted in fragmented program integrity efforts; yet the effects of fragmentation are unclear. As GAO has found in past work, coordinating activities can alleviate many problems created by fragmentation, thus allowing entities to avoid unnecessary duplication and overlap. Most of the program integrity officials from the seven states GAO included in this review said that coordination efforts helped them manage overlap and avoid unnecessary duplication; however some officials said that coordination presented additional challenges for time and staff resources. Given that combined federal and state efforts have recovered only a small portion of the estimated improper payments, continued monitoring of federal and state program integrity efforts in Medicaid will be an important means of assessing whether the current structure is effective.

Because of the gap GAO identified between state and federal program integrity efforts in managed care, neither state nor federal entities are well positioned to identify improper payments made to managed care organizations (MCOs), nor are they able to ensure that MCOs are taking appropriate actions to identify, prevent, or discourage improper payments. Improving federal and state efforts to strengthen Medicaid managed care program integrity takes on greater urgency as states that choose to expand their Medicaid programs under the Patient Protection and Affordable Care Act are likely to do so with managed care arrangements, and will receive a 100 percent federal match for newly eligible individuals from 2014 through 2016. Unless CMS takes a larger role in holding states accountable, and provides guidance and support to states to ensure adequate program integrity efforts in Medicaid managed care, the gap between state and federal efforts to monitor managed care program integrity will leave a growing portion of federal Medicaid dollars vulnerable to improper payments.

Why GAO Did This Study

In fiscal year 2013, the Medicaid program covered about 71.7 million individuals at a cost of $431.1 billion, of which CMS estimated that $14.4 billion (5.8 percent) were improper payments. Multiple state and federal entities are involved in program integrity efforts, such as payment review, auditing, and investigating fraud. GAO was asked to examine how these entities ensure comprehensive Medicaid program integrity. This report examines state and federal roles and responsibilities to identify potential (1) gaps in efforts to ensure Medicaid program integrity coverage; and (2) fragmentation, overlap, or duplication of program integrity efforts, and efforts to coordinate activities. GAO examined relevant federal laws and regulations, CMS guidance, and state program integrity reviews. GAO also interviewed officials from CMS and HHS's Office of Inspector General, as well as PI unit and MFCU officials from seven states.

Recommendations

GAO recommends that CMS increase its oversight of program integrity efforts by requiring states to audit payments to and by MCOs; updating its guidance on Medicaid managed care program integrity; and providing states additional support for managed care oversight, such as audit assistance from existing contractors. In its comments, HHS asked for clarification on the first recommendation and concurred with the other two. In response, GAO clarified its first recommendation—that CMS take the added step of requiring states to audit the appropriateness of payments to and by MCOs to better ensure Medicaid program integrity.

Recommendations for Executive Action

Agency Affected Recommendation Status
Centers for Medicare & Medicaid Services
Priority Rec.
In order to improve the efficiency and effectiveness of Medicaid program integrity efforts, the Administrator of CMS should hold states accountable for Medicaid managed care program integrity by requiring states to conduct audits of payments to and by managed care organizations.
Closed – Implemented
On May 6, 2016, the agency issued a final rule to revise program integrity policies. The rule included requirements for states to conduct periodic audits of financial data submitted by, or on behalf of, each Medicaid managed care organization. We believe this requirement covers payments to and by managed care organizations. This requirement becomes active in July 2017; we will work with CMS to monitor its implementation.
Centers for Medicare & Medicaid Services
Priority Rec.
In order to improve the efficiency and effectiveness of Medicaid program integrity efforts, the Administrator of CMS should update CMS's Medicaid managed care guidance on program integrity practices and effective handling of MCO recoveries.
Closed – Implemented
In October 2014, CMS made available on its website the managed care plan compliance toolkit to provide further guidance to states and managed care plans on identifying improper payments to providers. This toolkit does not appear to help states identify improper payments to plans, however, in May 2016, CMS released its final rule that covered a variety of areas including Medicaid Managed Care program integrity practices. The final rule has new requirements for rate-setting and state audits of managed care plans. Under the final rule, CMS allows states the flexibility to develop policies for the treatment of recoveries by managed care plans, and requires that states specify those policies in their contracts with the plans.
Centers for Medicare & Medicaid Services In order to improve the efficiency and effectiveness of Medicaid program integrity efforts, the Administrator of CMS should provide the states with additional support in overseeing Medicaid managed care program integrity, such as the option to obtain audit assistance from existing Medicaid integrity contractors.
Closed – Implemented
In January 2015, CMS officials informed us that states have begun to use audit contractors to audit managed care claims. As of December 2014, at least six states have used audit contractors to audit certain managed care payments

Full Report

Office of Public Affairs

Topics

ClaimsErroneous paymentsHealth care programsInternal controlsManaged health careProgram managementProgram coordinationMedicaid programProgram integrityMedicaid