GAO-06-578T, Medicaid Integrity: Implementation of New Program Provides Opportunities for Federal Leadership to Combat Fraud and Abuse


This is the accessible text file for GAO report number GAO-06-578T 
entitled 'Medicaid Integrity: Implementation of New Program Provides 
Opportunities for Federal Leadership to Combat Fraud, Waste, and Abuse' 
which was released on March 29, 2006. 

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as part 
of a longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

Testimony: 

Before the Subcommittee on Federal Financial Management, Government 
Information, and International Security, Committee on Homeland Security 
and Governmental Affairs, U.S. Senate: 

United States Government Accountability Office: 

GAO: 

For Release on Delivery Expected at 2:30 p.m. EDT: 

Tuesday, March 28, 2006: 

Medicaid Integrity: 

Implementation of New Program Provides Opportunities for Federal 
Leadership to Combat Fraud, Waste, and Abuse: 

Statement of Leslie G. Aronovitz: 

Director, Health Care: 

GAO-06-578T: 

GAO Highlights: 

Highlights of GAO-06-578T, a testimony before the Subcommittee on 
Federal Financial Management, Government Information, and International 
Security, Committee on Homeland Security and Governmental Affairs, U.S. 
Senate: 

Why GAO Did This Study: 

Today’s hearing concerns fraud, waste, and abuse control in Medicaid, a 
program that provides health care coverage for over 56 million eligible 
low-income people and is jointly financed by the federal government and 
the states. In fiscal year 2004, Medicaid had benefit payments of $287 
billion, with a federal share of about $168 billion. 

The states are primarily responsible for ensuring appropriate Medicaid 
payments through provider enrollment screening, claims review, 
overpayment recovery, and case referral to law enforcement. At the 
federal level, the Centers for Medicare & Medicaid Services (CMS) is 
responsible for supporting and overseeing state fraud, waste, and abuse 
control activities. 

The Subcommittee requested information on how CMS and the states can 
better serve taxpayers and beneficiaries by reducing Medicaid fraud. 
This statement will focus on existing concerns about CMS’s efforts to 
help states prevent and detect fraud, waste, and abuse; how provisions 
in recent legislation providing for a Medicaid Integrity Program will 
help CMS expand its current efforts; and challenges CMS needs to 
address as it implements new Medicaid Integrity Program efforts. 

What GAO Found: 

As GAO testified in 2005, there has been a wide disparity between the 
level of staff and financial resources that CMS has expended to support 
and oversee state activities to control fraud and abuse and the amount 
of federal dollars at risk in Medicaid benefit payments. In fiscal year 
2005, CMS dedicated an estimated 8.1 full-time equivalent employees to 
support states in their anti-fraud-and-abuse operations. In contrast, 
the federal government spent over $168 billion for Medicaid benefits in 
fiscal year 2004. Further, resource shortages severely limited two 
efforts that had shown potential to help states prevent and detect 
fraud, waste, and abuse. In addition to devoting limited staff and 
financial resources, CMS lacked a strategic plan to direct its anti-
fraud-and-abuse efforts. 

Enacted in February 2006, the Deficit Reduction Act of 2005 (DRA) 
provided for creation of the Medicaid Integrity Program and includes 
specific appropriations that CMS can use to fund activities to support 
anti-fraud-and-abuse efforts. It also included provisions that will 
address the agency’s staffing and planning limitations related to 
Medicaid program integrity. For example, the law requires CMS to add 
100 employees to work with states in support and oversight of their 
Medicaid program integrity efforts and to develop a comprehensive plan 
to explain how the agency will address Medicaid fraud, waste, and 
abuse. In addition, the DRA provided funds to expand a program that is 
designed to identify program vulnerabilities in Medicaid and 
Medicare—the federal health insurance program for the elderly and some 
disabled people—by examining billing and payment abnormalities in both 
programs. 

In implementing the DRA provisions related to the Medicaid Integrity 
Program, CMS has a unique opportunity to strengthen its leadership of 
state and federal efforts to control fraud, waste, and abuse in the 
Medicaid program. The most immediate challenge will be to develop its 
comprehensive plan that will provide strategic direction for CMS, the 
states, and law enforcement partners. 

www.gao.gov/cgi-bin/getrpt?GAO-06-578T. 

To view the full product, including the scope and methodology, click on 
the link above. For more information, contact Leslie G. Aronovitz at 
(312) 220-7600 or aronovitzl@gao.gov. 

[End of section] 

Mr. Chairman and Members of the Subcommittee: 

I am pleased to be here today as you discuss the control of fraud, 
waste, and abuse in Medicaid, the program that provided health care 
coverage for over 56 million low-income individuals in fiscal year 
2004, including children and the aged, blind, and disabled. Medicaid is 
jointly financed by the federal government and the states. In fiscal 
year 2004, Medicaid's benefit payments totaled $287 billion, of which 
the federal share was about $168 billion. Medicaid is administered 
directly by the states and consists of 56 distinct state-level 
programs.[Footnote 1] 

In 2003, GAO added Medicaid to its list of high-risk programs, owing to 
the program's size, growth, diversity, and fiscal management 
weaknesses.[Footnote 2] We noted that insufficient federal and state 
oversight put the Medicaid program at significant risk for improper 
payments. Improper payments may be due to mistakes, abuse, or 
fraud.[Footnote 3] Because, by their nature, fraud and abuse are not 
apparent until detected, the amount of Medicaid funds lost through 
health care providers' inappropriate billings cannot be precisely 
quantified. A nationwide rate of improper payments for Medicaid has not 
been estimated, but even a rate as low as 3 percent would have resulted 
in a loss of about $5 billion in federal funds in fiscal year 2004. To 
put this hypothetical figure in perspective, it is more than the amount 
that the federal government spent in fiscal year 2004 on the State 
Children's Health Insurance Program (SCHIP).[Footnote 4] Further, 
Medicaid can be subject to waste, or extravagant and unnecessary 
expenditures. Because Medicaid represents a large and growing share of 
state budgets--more than 20 percent of state expenditures--funds lost 
to improper payments and waste can impact states' abilities to serve 
beneficiaries in need. 

Fraud, waste, and abuse drain vital program dollars in ways that hurt 
both taxpayers and beneficiaries. Seeking and receiving reimbursement 
for services not provided squanders public funds that could have been 
used for beneficiaries' health care. For example, in 2005, a North 
Carolina pharmacist was sentenced to 33 months in prison and ordered to 
pay more than $2 million in restitution for defrauding the Medicaid 
program by submitting claims for long-term care patients' prescriptions 
that had not been refilled, delivered, or even requested by their 
caregivers. Similarly, a New York hospital agreed to pay $76.5 million 
to resolve allegations that it overbilled the Medicaid program for 
services provided in its clinics. In addition, when providers receive 
payment for unnecessary services, it can have a negative impact on 
health care quality. For example, consider the case in 2004 against 20 
dentists in California who were charged with conspiracy to defraud the 
state's Medicaid program of $4.5 million. The dentists are alleged to 
have billed Medicaid for unnecessary or inappropriate services that 
placed patients at risk of pain, infection, loss of teeth, and bodily 
injury--including reusing dental instruments without sterilizing them, 
performing dental surgeries without adequate anesthesia, and developing 
treatment plans that called for unnecessary root canals and fillings. 

States are the first line of defense against Medicaid fraud, waste, and 
abuse. Specifically, they must comply with federal requirements to 
ensure the qualifications of the providers who bill the program, detect 
improper payments, recover overpayments, and refer suspected cases of 
fraud and abuse to law enforcement authorities. At the federal level, 
the Centers for Medicare & Medicaid Services (CMS), an agency within 
the Department of Health and Human Services (HHS), is responsible for 
supporting and overseeing state fraud, waste, and abuse control 
activities. Last year, we testified that CMS had initiatives to assist 
states in combating fraud and abuse in their Medicaid programs but that 
its oversight of states' activities and commitment of federal dollar 
and staff resources were limited.[Footnote 5] Since then, the Deficit 
Reduction Act of 2005 (DRA)[Footnote 6] provided for creation of a 
Medicaid Integrity Program and included other provisions designed to 
increase CMS's level of effort to support state activities to address 
fraud, waste, and abuse in Medicaid. 

The Subcommittee requested information on ways that CMS and the states 
can better serve taxpayers and Medicaid recipients by reducing or 
eliminating fraud in the program. My remarks today will focus on (1) 
existing concerns regarding CMS's efforts to help states prevent and 
detect fraud and abuse in the Medicaid program, (2) how provisions in 
the DRA will help CMS expand current efforts to address Medicaid fraud, 
waste, and abuse, and (3) challenges CMS faces as it implements new 
Medicaid Integrity Program efforts. To address these issues, we 
reviewed agency documents on Medicaid program integrity and oversight 
activities, relevant provisions of the DRA, and our issued reports on 
CMS's and states' efforts to address Medicaid fraud, waste, and abuse. 
(Related GAO products are listed at the end of this statement.) We also 
interviewed CMS officials. We conducted our work in March 2006 in 
accordance with generally accepted government auditing standards. 

In summary, we testified last year that while CMS has activities to 
oversee and support state efforts to address fraud and abuse in the 
Medicaid program, the agency has not devoted the staff and financial 
resources to its efforts that are commensurate with the risks involved. 
In addition, CMS has lacked plans to guide federal and state agencies 
that were working to prevent or deter Medicaid fraud and abuse. Enacted 
in February 2006, the DRA provided for the creation of a new Medicaid 
Integrity Program, with specified appropriations to fund it. DRA also 
requires CMS to devote an additional 100 full-time-equivalent staff to 
combating Medicaid provider fraud and abuse; develop a comprehensive 
plan for the Medicaid Integrity Program every 5 fiscal years; and 
report annually on its use, and the effectiveness of its use, of the 
appropriated funds. In implementing the DRA provisions related to the 
Medicaid Integrity Program, CMS faces a major challenge--to develop a 
comprehensive plan that provides strategic direction for CMS, the 
states, and law enforcement partners. In developing its plan, CMS will 
need to focus on how it intends to allocate resources among activities 
to reduce program risk to the greatest extent possible and how to 
effectively deploy program integrity staff within the agency. Planning 
for, and implementing, the DRA provisions provide CMS with a unique 
opportunity to strengthen its leadership of state and federal efforts 
to control fraud, waste, and abuse in the Medicaid program. 

Background: 

Within broad federal guidelines, each state's Medicaid program 
establishes its own eligibility standards; determines the type, amount, 
duration, and scope of covered services; and sets payment rates. In 
general, the federal government matches state Medicaid spending for 
medical assistance according to a formula based on each state's per 
capita income. In fiscal year 2006, the federal contribution ranges 
from 50 to 76 cents of every state dollar spent on medical assistance. 
For most state Medicaid administrative costs, the federal match rate is 
50 percent.[Footnote 7] 

As program administrators, states have primary responsibility for 
conducting program integrity activities that address provider 
enrollment, claims review, and case referrals. Specifically, federal 
statute or CMS regulations require states to: 

* collect and verify basic information on potential providers, 
including whether the providers meet state licensure requirements and 
are not prohibited from participating in federal health care programs; 

* have an automated claims payment and information retrieval system--
intended to verify the accuracy of claims, the correct use of payment 
codes, and patients' Medicaid eligibility--and a claims review system-
-intended to develop statistical profiles on services, providers, and 
beneficiaries to identify potential improper payments;[Footnote 8] and: 

* refer suspected overpayments or overutilization cases to other units 
in the Medicaid agency for corrective action, and potential fraud cases 
to law enforcement--generally to the state's Medicaid Fraud Control 
Unit for investigation and prosecution.[Footnote 9] 

As noted in our 2004 report,[Footnote 10] states use a variety of 
controls and safeguards to stem improper provider payments. For 
example, states reported using information technology to integrate 
databases containing provider, beneficiary, and claims information and 
to increase the effectiveness of their utilization reviews. Various 
states individually attributed cost savings or recoupments to these 
efforts, valued in the millions of dollars. 

In contrast, CMS's role in curbing fraud, waste, and abuse in the 
Medicaid program is largely one of support to the states. As we 
reported in 2004,[Footnote 11] CMS administers two pilot projects, one 
focused on measuring the accuracy of a state's Medicaid claims 
payments--Payment Accuracy Measurement (PAM)--and the other focused on 
improper billing detection and utilization patterns by linking 
Medicare[Footnote 12] and Medicaid claims information (Medi-Medi). CMS 
also sponsors general technical assistance and information-sharing 
through its Medicaid fraud and abuse technical assistance group (TAG). 
In addition, CMS performs oversight of states' Medicaid fraud and abuse 
control activities through its compliance reviews. (See table 1.) 

Table 1: CMS Activities to Support and Oversee States' Fraud and Abuse 
Control Efforts, Fiscal Year 2004: 

CMS initiatives: PAM/Payment Error Rate Measurement (PERM); 
Description: CMS conducted a 3-year pilot called PAM to develop 
estimates of states' accuracy in paying Medicaid claims. During fiscal 
year 2006, PAM will become a permanent program--to be known as the PERM 
initiative--in order to measure improper payments in Medicaid, to 
fulfill a requirement of the Improper Payments Information Act of 
2002.[A] Under PERM, states will be expected to ultimately reduce their 
payment error rates over time by better targeting program integrity 
activities in their Medicaid and SCHIP programs. 

CMS initiatives: Medi-Medi; 
Description: Under this pilot program, CMS facilitates the sharing of 
health benefit and claims information between the Medicaid and Medicare 
programs. Medi-Medi is a data match pilot designed to identify improper 
billing and utilization patterns by matching Medicare and Medicaid 
claims information on providers and beneficiaries to reduce fraudulent 
schemes that cross program boundaries. 

CMS initiatives: TAG; 
Description: Through telephone conferencing, CMS provides a forum for 
states to discuss issues, solutions, resources, and experiences on 
fraud and abuse issues. Any state may participate; roughly one-third do 
so regularly. States have also used the TAG to propose policy changes 
to CMS. 

CMS initiatives: Compliance reviews; 
Description: CMS conducts on-site reviews to assess whether state 
Medicaid fraud and abuse control efforts comply with federal 
requirements, such as those governing provider enrollment, claims 
review, utilization control, and coordination with each state's 
Medicaid Fraud Control Unit. If reviewers find a state that is 
significantly out of compliance, they may encourage it to develop a 
corrective action plan and revisit the state to verify actions taken. 

Source: GAO-04-707. 

[A] Pub. L. No. 107-300, 116 Stat. 2350. 

[End of table] 

CMS also has a significant role in curbing fraud, waste, and abuse in 
Medicare. Through its Medicare Integrity Program, CMS contracts with 
companies to conduct program integrity activities, such as reviewing 
claims and ensuring that Medicare pays the appropriate amount when 
beneficiaries have other health insurance. 

CMS Committed Few Resources and Had No Strategic Plan to Address 
Medicaid Fraud and Abuse: 

As we testified last year, a wide disparity exists between the level of 
staff and financial resources that CMS has expended to support and 
oversee states' fraud and abuse control activities and the amount of 
federal dollars at stake in Medicaid benefit payments.[Footnote 13] In 
fiscal year 2005, CMS dedicated an estimated 8.1 full-time-equivalent 
employees to support and oversee states' anti-fraud-and-abuse 
operations. In contrast, the federal government spent over $168 billion 
for Medicaid benefits in fiscal year 2004. Further, some of the 
promising efforts to support and oversee states were at risk of being 
cut back or terminated, and CMS lacked a strategic plan to direct its 
anti-fraud-and-abuse efforts. 

Funding for some of CMS's most promising anti-fraud-and-abuse 
activities declined in recent years, which threatened the continuity of 
these efforts. The amount of funding for the project to estimate state 
improper payment rates, PAM/PERM, and the project to match Medicare and 
Medicaid claims, Medi-Medi, declined from $7.8 million in fiscal year 
2004 to $3.6 million in fiscal year 2005. Both of these projects are 
important. Measuring improper payments in Medicaid and other programs 
is required by statute, while Medi-Medi is uncovering significant 
billing problems. As of March 31, 2005, seven states with fully 
operational Medi-Medi projects reported a total of $133.1 million in 
returns to the Medicaid and Medicare programs, $59.7 million in program 
vulnerabilities identified, and $2 million in overpayments to be 
recovered. However, because of anticipated unmet funding needs, we 
testified that existing Medi-Medi projects were at risk of being scaled 
back considerably or eliminated entirely. Last year, agency officials 
noted that several other states were interested in participating in the 
program but that CMS would not expand the program without a new 
allocation or realignment of funds. 

Further, we testified that the HHS budget appropriations for CMS's 
Medicaid compliance reviews had decreased each year from fiscal year 
2002 through fiscal year 2004. Since 2000, CMS staff from the regional 
offices and headquarters had conducted compliance reviews of seven to 
eight states a year. These reviews proved to be effective. However, at 
that pace, CMS would review states' programs once every 7 years, 
preventing the agency from having up-to-date knowledge on more than a 
handful of states at any given time. 

Resource shortages also have severely limited CMS's activities to 
provide technical assistance and disseminate information on states' 
best practices. These activities had demonstrated positive results. 
However, CMS has not sponsored a national conference with state program 
integrity officials since 2003 and has not sponsored any fraud and 
abuse workshops or training since 2000. 

In addition to devoting limited staff and financial resources, CMS 
lacked a strategic plan to direct its anti-fraud-and-abuse 
efforts.[Footnote 14] Neither HHS nor CMS had produced a public 
document that included long-term goals in the area of supporting 
states' efforts to address fraud and abuse in the Medicaid program and 
specific plans for achieving these goals. 

CMS Has New Authority, Resources, and Responsibilities to Address 
Fraud, Waste, and Abuse: 

The DRA has added substantially to CMS's authority, resources, and 
responsibilities to address Medicaid fraud, waste, and abuse.[Footnote 
15] It established a new program that is solely focused on promoting 
the integrity of Medicaid and provides specified appropriations that 
CMS can use to fund activities to support state efforts to combat 
fraud, waste, and abuse. To conduct the new Medicaid Integrity Program, 
the law specified an appropriation of $5 million in fiscal year 2006, 
$50 million in each of fiscal years 2007 and 2008, and $75 million in 
each of the subsequent fiscal years. As part of the Medicaid Integrity 
Program, CMS is given authority to contract with eligible entities to 
conduct activities to address fraud, waste, and abuse in the state 
programs through activities such as audits of consulting contracts and 
reported costs of nursing home services.[Footnote 16] In addition, CMS 
is required to increase by 100 its full-time-equivalent employees whose 
duties consist solely of protecting the integrity of the Medicaid 
program by providing effective support and assistance to the 
states.[Footnote 17] The authorization of funds for the Medicaid 
Integrity Program is similar to that of the Medicare Integrity Program, 
which was also established with specified appropriations and the 
authority for CMS to contract with companies to conduct integrity 
activities. CMS credits the Medicare Integrity Program with helping the 
agency measure and reduce payment errors in the Medicare fee-for-
service program. 

The DRA also provides for a national expansion of the Medi-Medi 
program. The statute appropriates funds for CMS to contract with third 
parties to identify program vulnerabilities in Medicare and Medicaid 
through examining billing and payment abnormalities. The funds also can 
be used in connection with the Medi-Medi program for two other 
purposes. First, the funds can be used to coordinate actions by CMS, 
the states, the Attorney General, and the HHS Office of Inspector 
General to protect Medicaid and Medicare expenditures. Second, the 
funds can be used to increase the effectiveness and efficiency of both 
Medicare and Medicaid through cost avoidance, savings, and recouping 
fraudulent, wasteful, or abusive expenditures. For Medi-Medi, the 
statute appropriates $12 million for fiscal year 2006, $24 million for 
fiscal year 2007, $36 million for fiscal year 2008, $48 million for 
fiscal year 2009, and $60 million for fiscal year 2010 and each 
subsequent fiscal year. 

Beginning in fiscal year 2006 and every 5 fiscal years thereafter, the 
DRA requires CMS to establish a comprehensive plan for ensuring the 
integrity of the Medicaid program by combating fraud, waste, and abuse. 
CMS is required to develop the plan in consultation with the Attorney 
General, the Director of the Federal Bureau of Investigation, the 
Comptroller General, the HHS Office of Inspector General, and state 
officials responsible for controlling Medicaid provider fraud and 
abuse. Developing a plan in consultation with other agencies with 
responsibilities to address fraud, waste, and abuse issues will 
encourage additional dialogue on the overall direction of federal and 
state efforts. In addition, CMS is required to submit an annual report 
to Congress no later than 180 days after the end of each fiscal year, 
which identifies the agency's use, and the effectiveness of the use, of 
the Medicaid Integrity Program funds it has expended. This reporting 
mechanism can help CMS focus on making the wisest investment of its new 
resources. 

Developing CMS's Plan Is a Critical First Step: 

CMS faces a key implementation challenge early on--to develop a 
comprehensive plan for Medicaid program integrity. A properly developed 
plan will provide strategic direction for CMS, its contractors, the 
states, and law enforcement partners. Key areas that the plan should 
address include the allocation of financial resources among activities 
to reduce program risk to the greatest extent possible and the 
effective deployment of program integrity staff within the agency. 
CMS's plan--if well thought out and formulated--could provide a 
blueprint for ensuring that new DRA funding is appropriately invested 
and that CMS staff devoted to Medicaid program integrity efforts are 
most effectively deployed. CMS is still in the beginning stages of 
formulating its plan and has not received final departmental approval 
for some of its initial implementation steps. As a result, agency 
officials were not at liberty to discuss their planning efforts with us 
in much detail. 

A comprehensive plan for program integrity is not a new concept for 
CMS. In February 1999, CMS issued such a plan for the Medicare and 
Medicaid programs.[Footnote 18] Most of the material in this plan 
focused on Medicare, and the plan has not been updated since 1999. 
However, it could serve as a possible template for communicating 
updated information on Medicaid efforts. In addition to communicating 
information about the goals that CMS hoped to achieve and proposed 
strategies for achieving them, the plan described an iterative program 
integrity process that focused on identifying and assessing risk, 
developing and implementing approaches to addressing risk, and 
monitoring and measuring progress. Further, the process described in 
the 1999 program integrity plan is similar to strategies that we have 
highlighted in the past as being used by public and private sector 
organizations to manage improper payments.[Footnote 19] 

Structured analysis of risk and meaningful measures of performance are 
an integral part of any plan, but will prove challenging to develop in 
the Medicaid program. The difficulty stems from CMS's having limited 
information on the extent of improper payments in the state programs. 
In addition, because state programs vary in their design, the intensity 
of their risks of fraud, waste, and abuse may differ. While a 
comprehensive plan cannot deal with the issues of each state, it can 
articulate a strategy for states to address the vulnerabilities in 
their programs. Further, developing meaningful measures of the impact 
of the Medicaid Integrity Program will require a long-term investment 
of resources, and these measures will not be available for CMS's first 
comprehensive plan. Medicare has taken years to develop and refine its 
error-rate testing program, under which CMS conducts an annual study to 
estimate Medicare improper payments. 

CMS is in the early stages of developing a similar measure for 
Medicaid. The agency recently completed its 3-year PAM pilot, so the 
results of payment error studies are available from the 27 
participating states. CMS is transitioning from PAM to PERM. Under 
PERM, states will be expected to ultimately reduce their payment error 
rates over time by better targeting program integrity activities in 
their Medicaid and SCHIP programs. When fully implemented, PERM should 
allow CMS to compile data about Medicaid improper payments on the state 
and national levels, which could allow CMS to track progress, as well 
as identify states that may require special assistance, in reducing 
improper payment error rates. CMS expects to have its first PERM 
results in 2008. In addition to assessing progress toward reducing 
improper payments, CMS will also need to develop other methods of 
measuring the effectiveness of program integrity activities. One such 
measure, used in the Medicare program, is calculating a return on 
investment, which measures the dollars saved for each dollar spent. 

In developing its plan, CMS must decide how to most appropriately 
invest new resources. In the past, CMS has invested a substantial 
amount of its resources in the oversight of states' financial 
management activities, such as state claims for federal matching. For 
more than a decade, states have used various financing schemes to 
inappropriately cause the federal government to pay an excessive share 
of reported Medicaid costs.[Footnote 20] While financial oversight of 
these schemes was needed, states also needed encouragement and support 
to address fraud committed by providers against the state Medicaid 
program. 

Now, in light of new funds provided through the Medicaid Integrity 
Program, CMS will be faced with the goal of prudently investing 
millions of dollars each year to address fraud by providers and others-
-such as managed care plans--in Medicaid. In order to spend its new 
funds appropriately, CMS must weigh its options and consider both the 
costs and benefits of various activities, such as educating providers 
as compared with conducting reviews to help identify potential fraud. 
Nevertheless, CMS does have some flexibility in investing its new 
Medicaid Integrity Program resources. If CMS does not spend all the 
funds appropriated for the Medicaid Integrity Program in one year, the 
agency will be allowed to spend them in succeeding years.[Footnote 21] 
However, the requirement to annually report on its use of funds will 
provide information on whether CMS is generally using the funding, as 
opposed to continually rolling funding forward. 

CMS may also be able to use some of its DRA funds to help facilitate 
communication and coordination with states through conferences and the 
TAG. According to a CMS official, such information-sharing and 
technical assistance activities would not be expensive to support and 
could result in returns that would exceed the relatively low 
investment. Similarly, the TAG has served as a forum to share expertise 
and best practices; advise CMS on policies, procedures, and program 
development; and make recommendations on federal policy and legislative 
changes. CMS might be able to further facilitate state participation 
through additional support for this forum. 

Another key planning area for CMS involves deciding how best to deploy 
Medicaid program integrity staff within the agency. This is a 
particularly critical issue as CMS ramps up its Medicaid Integrity 
Program with the hiring of new employees. A CMS official told us that 
the agency is already developing position descriptions as a precursor 
to hiring new employees to help address the DRA requirement to increase 
by 100 the number of full-time-equivalent employees devoted to 
assisting states in efforts to combat Medicaid provider fraud and 
abuse. In addition, the agency has made some preliminary decisions 
about placement of staff within the central office and its regional 
offices. It will take considerable time and effort for CMS to hire 
qualified staff and train them to perform the various activities that 
ensure good stewardship of the program. CMS could not provide us with a 
definitive schedule for when the bulk of its hiring will be completed. 
Also consistent with a new focus on fraud, waste, and abuse prevention, 
the agency is considering the steps it will need to take to 
competitively select contractors to conduct reviews to help identify 
fraudulent and abusive billing behavior by providers. CMS is currently 
exploring how it will use these contractors, either to support state 
efforts or to identify problems across states. 

CMS has also decided to establish a new group to house the Medicaid 
Integrity Program. This group will be composed of both central and 
regional office staff and report directly to the director of the Center 
for Medicaid and State Operations (CMSO). CMSO, which is responsible 
for most other Medicaid activities, currently staffs the state 
compliance reviews and TAG activities. However, the Medi-Medi and 
PAM/PERM projects are the responsibility of CMS's Office of Financial 
Management, which also staffs the Medicare Integrity Program. In the 
past, we have raised concerns that Medicaid anti-fraud-and-abuse staff 
at headquarters have not been a part of the agency's office responsible 
for conducting other key anti-fraud-and-abuse activities, including 
those for the Medicare program. The staff at CMSO have the most 
experience working with Medicaid issues, although the staff at CMS with 
experience in Medicare program integrity contracting are located in the 
Office of Financial Management. As CMS establishes the Medicaid 
Integrity Program and new employees come on board, it will be important 
to ensure that the agency is in an optimal position to leverage the 
expertise and experience of its existing staff. For example, CMS will 
need to ensure that staff with expertise in developing strategies for 
combating Medicare fraud, waste, and abuse work in a closely 
coordinated fashion with staff that are familiar with states' Medicaid 
plans and fraud control officials and activities. 

Concluding Observations: 

Implementing the Medicaid Integrity Program and developing a 
comprehensive plan gives CMS a unique opportunity to provide leadership 
to states and law enforcement in their fraud, waste, and abuse control 
efforts. Having dedicated resources also presents challenges to ensure 
that CMS spends wisely as it starts new initiatives and ensures the 
continuity of current beneficial activities. Using this opportunity to 
develop an iterative process of working with states to identify risks, 
develop strategies to address them, and measure the results through 
assessing improper payment rates and potential recoveries can help 
ensure that the Medicaid Integrity Program funding is targeted to an 
optimal effect. CMS has expertise in addressing fraud, waste, and abuse 
within the Medicare program and in the state programs that can be 
leveraged to benefit the Medicaid Integrity Program. Properly 
leveraging this expertise will require effective coordination and 
communication within CMS, with states, and with their law enforcement 
partners. 

We discussed the facts in this statement with a CMS Medicaid official, 
who stated that the agency is pleased to have new resources to address 
fraud, waste, and abuse in the Medicaid program. He indicated that CMS 
had developed proposals for implementing the Medicaid Integrity 
Program, but he was not in a position to discuss them in detail because 
they are undergoing review within HHS. CMS is presently deciding on the 
skills needed by the 100 additional full-time-equivalent employees 
required by the DRA; exploring options for contracting; and developing 
its comprehensive plan. 

Mr. Chairman, this concludes my prepared remarks. I would be happy to 
answer any questions that you or other Members of the Subcommittee may 
have. 

Contact: 

For further information regarding this statement, please contact Leslie 
G. Aronovitz at (312) 220-7600. 

Acknowledgments: 

Sheila K. Avruch, Assistant Director, Susan E. Barnidge, Sandra D. 
Gove, Kevin Milne, and Elizabeth T. Morrison contributed to this 
statement. 

[End of section] 

Related GAO Products: 

Medicaid Fraud and Abuse: CMS's Commitment to Helping States Safeguard 
Program Dollars Is Limited. GAO-05-855T. Washington, D.C.: June 28, 
2005. 

High-Risk Series: An Update. GAO-05-207. Washington, D.C.: January 
2005. 

Medicaid Program Integrity: State and Federal Efforts to Prevent and 
Detect Improper Payments. GAO-04-707. Washington, D.C.: July 16, 2004. 

Major Management Challenges and Program Risks: Department of Health and 
Human Services. GAO-03-101. (Washington, D.C.: January 2003). 

Strategies to Manage Improper Payments: Learning from Public and 
Private Sector Organizations. GAO-02-69G. Washington, D.C.: October 
2001. 

Medicaid: State Efforts to Control Improper Payments Vary. GAO-01-662. 
Washington, D.C.: June 7, 2001. 

FOOTNOTES 

[1] The 56 Medicaid programs include one for each of the 50 states, the 
District of Columbia, Puerto Rico, and the U.S. territories of American 
Samoa, Guam, Northern Mariana Islands, and the Virgin Islands. 
Hereafter, all 56 entities are referred to as states. 

[2] GAO, Major Management Challenges and Program Risks: Department of 
Health and Human Services, GAO-03-101 (Washington, D.C.: January 2003). 

[3] Improper payments can result from inadvertent errors as well as 
intended fraud and abuse. Unlike inadvertent errors, which are often 
due to clerical errors or a misunderstanding of program rules, fraud 
involves an intentional act or representation to deceive with knowledge 
that the action or representation could result in gain, while abuse 
typically involves actions that are inconsistent with acceptable 
business and medical practices that result in unnecessary cost. See, 
e.g., 42 CFR § 455.2 (2005). 

[4] SCHIP is a jointly funded federal-state program that provides 
health insurance to children in low-income families who do not qualify 
for Medicaid and are not covered by other insurance. 

[5] GAO, Medicaid Fraud and Abuse: CMS's Commitment to Helping States 
Safeguard Program Dollars Is Limited, GAO-05-855T (Washington, D.C.: 
June 28, 2005). 

[6] See Pub. L. No. 109-171, § 6034, 120 Stat. 3, 74-78 (2006). 

[7] For skilled professional medical personnel engaged in program 
integrity activities, such as those who review medical records, 75 
percent federal matching is available. 

[8] CMS requires that states have certain information processing 
capabilities, including a Medicaid Management Information System and a 
Surveillance and Utilization Review Subsystem. 

[9] Medicaid Fraud Control Units can, in turn, refer some cases to the 
HHS Office of Inspector General, the Federal Bureau of Investigation, 
and the Department of Justice for further investigation and 
prosecution. 

[10] GAO, Medicaid Program Integrity: State and Federal Efforts to 
Prevent and Detect Improper Payments, GAO-04-707 (Washington, D.C.: 
July 16, 2004). 

[11] GAO-04-707. 

[12] Medicare is the federal program that helps pay for a variety of 
health care services and items on behalf of about 42 million elderly 
and disabled beneficiaries. 

[13] GAO-05-855T. We did not address issues regarding waste in this 
testimony. 

[14] GAO-05-855T. 

[15] While the DRA vests the Secretary of Health and Human Services 
with authority to implement the Medicaid Integrity Program, in general, 
administration of the Medicaid program is delegated to CMS. 

[16] The activities for which CMS can contract with entities under the 
Medicaid Integrity Program are (1) review of Medicaid providers or 
others--such as managed care plans--to determine whether their actions 
have led, or could lead, to waste, fraud, or abuse; (2) audit of claims 
for payment for items, services, or administrative services rendered, 
including audits of reported costs and consulting and other contracts; 
(3) identification of overpayments to individuals or entities receiving 
Medicaid payments; and (4) education of providers of services, managed 
care entities, beneficiaries, and other individuals on payment 
integrity and quality of care. 

[17] The DRA did not establish a date for CMS to complete its hiring of 
full-time-equivalent staff. 

[18] Health Care Financing Administration, Comprehensive Plan for 
Program Integrity, HCFA-02142 (Baltimore, Md.: February 1999). Until 
July 1, 2001, CMS was called the Health Care Financing Administration. 

[19] GAO, Strategies to Manage Improper Payments: Learning from Public 
and Private Sector Organizations, GAO-02-69G (Washington, D.C.: October 
2001). Strategies include creating a culture of accountability by 
establishing a positive and supportive attitude toward improving 
program integrity; assessing the nature and extent of risks; taking 
action to address identified risk areas; using and sharing information 
to manage improper payments; and monitoring activities to address 
improper payments over time. 

[20] GAO, Medicaid Financing: States' Use of Contingency-Fee 
Consultants to Maximize Federal Reimbursements Highlights Need for 
Improved Federal Oversight, GAO-05-748 (Washington, D.C.: June 28, 
2005); Medicaid: States' Efforts to Maximize Federal Reimbursements 
Highlight Need for Improved Federal Oversight, GAO-05-836T (Washington, 
D.C.: June 28, 2005); and Medicaid: Improved Federal Oversight of State 
Financing Schemes Is Needed, GAO-04-228 (Washington, D.C.: Feb. 13, 
2004). 

[21] See Social Security Act § 1936(e), as added by Pub. L. No. 109-
171, § 6034, 120 Stat. at 76.