Medicare Program Integrity:

Increased Oversight and Guidance Could Improve Effectiveness and Efficiency of Postpayment Claims Reviews

GAO-14-474: Published: Jul 18, 2014. Publicly Released: Aug 13, 2014.

Additional Materials:

Contact:

Kathleen M. King
(202) 512-7114
kingk@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

What GAO Found

The Centers for Medicare & Medicaid Services (CMS) within the Department of Health and Human Services (HHS) has taken steps to prevent its contractors from conducting certain duplicative postpayment claims reviews—reviews of the same claims that are not permitted by the agency—but CMS neither has reliable data nor provides sufficient oversight and guidance to measure and fully prevent duplication. The four types of contractors GAO reviewed that examine providers' documentation to determine whether Medicare's payment was proper included

Medicare Administrative Contractors (MAC), which process and pay claims;

Zone Program Integrity Contractors (ZPIC), which investigate potential fraud;

Recovery Auditors (RA), tasked with identifying on a postpayment basis improper payments not previously reviewed by other contractors; and

the Comprehensive Error Rate Testing (CERT) contractor, which reviews claims used to annually estimate Medicare's improper payment rate.

CMS implemented a database to track RA activities, designed in part to prevent RAs, which conducted most of the postpayment reviews, from duplicating other contractors' reviews. However, the database was not designed to provide information on all possible duplication, and its data are not reliable because other postpayment contractors did not consistently enter information about their reviews. CMS has not provided sufficient oversight of these data or issued complete guidance to contractors on avoiding duplicative claims reviews.

CMS requires its contractors to include certain content in postpayment review correspondence with providers, but some requirements vary across contractor types and are not always clear, and contractors vary in their compliance with their requirements. These factors can lead to providers receiving less information about the reviews and thus decrease effective communication with them. In addition, the extent of CMS's oversight of correspondence varies across contractors, which decreases assurance that contractors comply consistently with requirements. In the correspondence reviewed, GAO found high compliance rates for some requirements, such as citing the issues leading to an overpayment, but low compliance rates for requirements about communicating providers' rights, which could affect providers' ability to exercise their rights.

CMS has strategies to coordinate internally among relevant offices regarding requirements for contractors' claims review activities. The agency also has strategies to facilitate coordination among contractors, such as requiring joint operating agreements between contractors operating in the same geographic area. However, these strategies have not led to consistent requirements across contractor types or full coordination between ZPICs and RAs. GAO previously recommended that CMS increase the consistency of its requirements, where appropriate, and the HHS Office of Inspector General has recommended steps to improve coordination between ZPICs and RAs.

Why GAO Did This Study

Several types of Medicare contractors conduct postpayment claims reviews to help reduce improper payments. Questions have been raised about their effectiveness and efficiency, and the burden on providers. GAO was asked to assess aspects of the claims review process.

Building on GAO's July 2013 report on postpayment claims review requirements, this report examines, among other things, the extent to which CMS has (1) data to assess whether contractors conduct duplicative postpayment claims reviews, (2) requirements for contractor correspondence with providers to help ensure effective communication, and (3) strategies for coordination of claims review activities. GAO reviewed CMS's requirements for claims reviews; interviewed CMS officials, selected contractors, and provider associations; analyzed CMS data; assessed a nongeneralizable sample of 114 pieces of contractor correspondence for compliance with requirements; and assessed CMS's requirements and oversight against federal internal control standards and other guidance.

What GAO Recommends

GAO recommends that CMS take actions to improve the efficiency and effectiveness of contractors' postpayment review efforts, which include providing additional oversight and guidance regarding data, duplicative reviews, and contractor correspondence. In its comments, the Department of Health and Human Services concurred with the recommendations and noted plans to improve CMS oversight and guidance.

For more information, contact Kathleen M. King at (202) 512-7114 or kingk@gao.gov.

Recommendations for Executive Action

  1. Status: Open

    Comments: In July 2015, the Department of Health and Human Services (HHS) reported that the department considered this recommendation to be open and that CMS was working to implement it. According to HHS, CMS is revising its Program Integrity Manual to provide direction to all contractors that enter claims information into the Recovery Audit Data Warehouse. CMS is also planning to create contractor-specific reports on the timeliness of their data uploads into the Recovery Audit Data Warehouse. In addition, CMS is planning to modify new postpayment review contractor contracts to include quality assurance performance metrics regarding the data entered into the Warehouse, such as on the timely uploading of data. HHS did not report when CMS's planned actions were expected to be completed, but stated that it would provide GAO with an update on CMS actions by January 22, 2016. We will provide updated information after we review HHS's 2016 update.

    Recommendation: In order to improve the efficiency and effectiveness of Medicare postpayment claims review efforts and simplify compliance for providers, the Administrator of CMS should monitor the Recovery Audit Data Warehouse to ensure that all postpayment review contractors are submitting required data and that the data the database contains are accurate and complete.

    Agency Affected: Department of Health and Human Services: Centers for Medicare and Medicaid Services

  2. Status: Open

    Comments: In July 2015, the Department of Health and Human Services (HHS) reported that the department considered this recommendation to be open and that CMS was working to implement it. According to HHS, CMS was revising its Program Integrity Manual to provide direction to contractors regarding Medicare Administrative Contractors' responsibilities regarding duplicative claims reviews. HHS did not indicate whether CMS was planning to issue related guidance regarding Zone Program Integrity Contractors (ZPIC). In comments on a draft of the report, HHS had concurred with the recommendation and stated it would issue updated guidance regarding contractors' responsibilities. HHS did not report when CMS would issue its revised guidance, but stated that it would provide GAO with an update on CMS actions by January 22, 2016. We will provide updated information after we review HHS's 2016 update.

    Recommendation: In order to improve the efficiency and effectiveness of Medicare postpayment claims review efforts and simplify compliance for providers, the Administrator of CMS should develop complete guidance to define contractors' responsibilities regarding duplicative claims reviews, including specifying whether and when MACs and ZPICs can duplicate other contractors' reviews.

    Agency Affected: Department of Health and Human Services: Centers for Medicare and Medicaid Services

  3. Status: Open

    Comments: In July 2015, the Department of Health and Human Services (HHS) reported that the department considered this recommendation to be open and that CMS was working to implement it. According to HHS, CMS is conducting an analysis that will be considered in developing a plan to assess Medicare Administrative Contractor (MAC), Zone Program Integrity Contractor (ZPIC), Recover Auditor, and Comprehensive Error Rate Testing contractor compliance with CMS requirements for the two types of correspondence we reviewed: additional documentation requests (ADR) and results letters. In addition, CMS is reviewing documentation of CMS's quarterly performance reviews of Recovery Auditors, which include a review of their postpayment claims review correspondence and updated information about their use of inter-rater reliability assessments. CMS is also planning to revise its Program Integrity Manual and elements of the MAC Quality Assurance Surveillance Plan to include reviews of ADR correspondence and results letters. HHS did not provide estimated dates for when these steps would be completed, but stated that it would provide GAO with an update on CMS actions by January 22, 2016. We will provide updated information after we review HHS's 2016 update.

    Recommendation: In order to improve the efficiency and effectiveness of Medicare postpayment claims review efforts and simplify compliance for providers, the Administrator of CMS should assess regularly whether contractors are complying with CMS requirements for the content of correspondence sent to providers regarding claims reviews.

    Agency Affected: Department of Health and Human Services: Centers for Medicare and Medicaid Services

  4. Status: Open

    Comments: In July 2015, the Department of Health and Human Services (HHS) reported that the department considered this recommendation to be open and that CMS was working to implement it. According to HHS, CMS is examining Additional Documentation Requests (ADR) and review results letters for consistency and assessing the feasibility of standardizing requirements, where appropriate. In November 2014, CMS revised its Program Integrity Manual to change the requirements for the content of Medicare Administrative Contractor (MAC), Recovery Auditor, and Comprehensive Error Rate Testing (CERT) contractor postpayment ADRs. These new requirements - made in consultation with the contractors - were intended to increase uniformity among contractors' ADRs and improve clarity so that providers will better recognize and understand the purpose of the ADRs and the resulting action items. The revised Manual requires all three types of contractors to include certain information in their ADRs, and includes sample ADR templates that show the elements and format that contractors must follow when developing their ADRs. Contractors must use the new "unified postpayment ADR letter format," though they have the discretion to insert information specific to the subject of the letter. CMS's revisions to the Program Integrity Manual did not change the requirements for ZPICs' ADRs, and HHS did not indicate whether CMS is considering requiring ZPICs' ADRs to align with other contractors' ADRs. HHS reported that, in addition to the changes for ADRs, CMS is working on revisions to requirements for contractors' results letters. HHS did not provide estimated dates for when these steps would be completed, but stated that it would provide GAO with an update on CMS actions by January 22, 2016. We will provide updated information after we review HHS's 2016 update.

    Recommendation: In order to improve the efficiency and effectiveness of Medicare postpayment claims review efforts and simplify compliance for providers, the Administrator of CMS should clarify the current requirements for the content of contractors' additional documentation requests and results letters and standardize the requirements and contents as much as possible to ensure greater consistency among postpayment claims review contractors' correspondence.

    Agency Affected: Department of Health and Human Services: Centers for Medicare and Medicaid Services

 

Explore the full database of GAO's Open Recommendations »

May 24, 2016

May 13, 2016

May 11, 2016

May 9, 2016

May 6, 2016

Apr 28, 2016

Apr 19, 2016

Apr 18, 2016

Looking for more? Browse all our products here