Skip to main content

Medicare Advantage Program Integrity: CMS's Efforts to Ensure Proper Payments and Identify and Recover Improper Payments

GAO-17-761T Published: Jul 19, 2017. Publicly Released: Jul 19, 2017.
Jump To:

Fast Facts

The Centers for Medicare & Medicaid Services estimates that about $16 billion or nearly 10% of its payments to Medicare Advantage organizations were improper.

In this testimony, we reviewed several problems we have found with CMS's efforts to ensure proper payments in this program that serves about a third of Medicare beneficiaries.

For example, certain CMS audits do not target Medicare Advantage contracts at highest risk for improper payments—payments made in error or due to potential fraud. CMS has also not fully validated the data—known as "encounter data"— it uses to ensure proper Medicare Advantage payments.

 

Photo of the U.S. Capitol Dome.

Photo of the U.S. Capitol Dome.

Skip to Highlights

Highlights

What GAO Found

The Centers for Medicare & Medicaid Services (CMS) estimated that about $16 billion—nearly 10 percent—of Medicare Advantage (MA) payments in fiscal year 2016 were improper. To identify and recover MA improper payments, CMS conducts risk adjustment data validation (RADV) audits of prior payments. These audits determine whether the diagnosis data submitted by Medicare Advantage organizations (MAOs), which offer private plan alternatives to fee-for-service (FFS) Medicare, are supported by a beneficiary's medical record. CMS pays MAOs a predetermined monthly amount for each enrollee. CMS uses a process called risk adjustment to project each enrollee's health care costs using diagnosis data from MAOs and demographic data from Medicare. In its 2016 report, GAO found several factors impeded CMS's efforts to identify and recover improper payments, including:

  • RADV audits were not targeted to contracts with the highest potential for improper payments. The agency's method of calculating improper payment risk for each contract, based on the diagnoses reported for the contract's beneficiaries, had shortcomings, and CMS did not use other available data to select the contracts with the greatest potential for improper payment recovery.
  • Substantial delays in RADV audits in progress jeopardize CMS's goal of eventually conducting annual RADV audits. CMS had RADV audits underway for payment years 2011, 2012, and 2013.
  • CMS had not expanded the use of Recovery Audit Contractors (RAC) to the MA program as required by law in 2010. RACs have been used in other Medicare programs to recover improper payments for a contingency fee.

GAO recommended that CMS improve the accuracy of its methodology for identifying contracts with the greatest potential for improper payment recovery, modify the processes for selecting contracts to focus on those most likely to have improper payments, and improve the timeliness of the RADV audit process. CMS reported in July 2017 that it had taken initial actions to address these recommendations, but none had been fully implemented. GAO also recommended that CMS develop specific plans for incorporating a RAC into the RADV program. In July 2017, CMS reported that the agency is evaluating its strategy for the MA RAC with CMS leadership.

CMS has begun to use encounter data, which are similar to FFS claims data, along with diagnosis data from MAOs to help ensure the proper use of federal funds by improving risk adjustment in the MA program. Encounter data include more information about the care and health status of MA beneficiaries than the data CMS uses now to risk adjust payments. In its January 2017 report, GAO found CMS had made progress in developing plans to use encounter data for risk adjustment. However, CMS had made limited progress in validating the completeness and accuracy of MA encounter data, as GAO recommended in 2014. GAO continues to believe that CMS should establish plans for using encounter data and thoroughly assess the data for completeness and accuracy before using it to risk adjust payments.

Why GAO Did This Study

GAO has designated Medicare as a high-risk program because of its size, complexity, and susceptibility to mismanagement and improper payments, which reached an estimated $60 billion in fiscal year 2016.

CMS contracts with MAOs to provide services to about one-third of all Medicare beneficiaries, and paid MAOs about $200 billion for their care in 2016. CMS's payments to the MAOs vary based on the health status of beneficiaries. For example, an MAO receives a higher risk-adjusted payment for an enrollee with a diagnosis of diabetes than for an otherwise identical enrollee without this diagnosis. Improper payments in MA arise primarily from diagnosis information unsupported by medical records that leads CMS to increase its payments.

This testimony is based on GAO's 2016 and 2017 reports addressing MA improper payments and highlights (1) factors that have hindered CMS's efforts to identify and recover improper payments through payment audits and (2) CMS's progress in validating encounter data for use in risk adjusting payments to MAOs. For these reports, GAO reviewed research and agency documents, analyzed data from ongoing RADV audits, and compared CMS's activities with the agency's protocol for validating Medicaid encounter data and federal internal control standards. GAO interviewed CMS officials for both reports, and also asked for updates on the status of GAO's prior recommendations for this statement.

For more information, contact James Cosgrove at (202) 512-7114 or cosgrovej@gao.gov.

Full Report

Office of Public Affairs

Topics

BeneficiariesData collectionData integrityErroneous paymentsHealth care programsImproper paymentsInternal controlsMedicareRisk adjustmentsMedicare plans