Skip to main content

Medicare: Potential Uses of Electronically Readable Cards for Beneficiaries and Providers

GAO-15-319 Published: Mar 25, 2015. Publicly Released: Apr 24, 2015.
Jump To:
Skip to Highlights


What GAO Found

The Centers for Medicare & Medicaid Services (CMS)—the agency that administers Medicare—could use electronically readable cards in Medicare for a number of different purposes. Three key uses include authenticating beneficiary and provider presence at the point of care, electronically exchanging beneficiary medical information, and electronically conveying beneficiary identity and insurance information to providers. The type of electronically readable card that would be most appropriate depends on how the cards would be used. Smart cards could provide substantially more rigorous authentication than cards with magnetic stripes or bar codes, and provide greater security and storage capacity for exchanging medical information. All electronically readable cards could be used to convey beneficiary identity and insurance information since they all have adequate storage capacity to contain such information.

Using electronically readable cards to authenticate beneficiary and provider presence at the point of care could curtail certain types of Medicare fraud, but would have limited effect since CMS officials stated that Medicare would continue to pay claims regardless of whether a card was used due to legitimate reasons why a card may not be present. CMS officials and stakeholders told us that claims should still be paid even when cards are not used because they would not want to limit beneficiaries' access to care. Using electronically readable cards to exchange medical information is not part of current federal efforts to facilitate health information exchange and, if used to supplement current efforts, it would likely involve challenges with interoperability and ensuring consistency with provider records. Using electronically readable cards to convey identity and insurance information to auto-populate and retrieve information from provider information technology (IT) systems could reduce reimbursement errors and improve medical record keeping.

To use electronically readable cards to authenticate beneficiaries and providers, CMS would need to update its claims processing systems to verify that the cards were swiped at the point of care. CMS would also need to update its current card management processes, including issuing provider cards and developing standards and procedures for card use. Conversely, using the cards to convey beneficiary identity and insurance information might not require updates to CMS's IT systems or card management practices. For all potential uses, Medicare providers could incur costs and face challenges updating their IT systems to use the cards.

The experiences of France and Germany demonstrate that an electronically readable card system can be implemented on a national scale, though implementation took years in both countries. It is unclear if the cost savings reported by both countries would be achievable for Medicare since the savings resulted from using the cards to implement electronic billing, which Medicare already uses. Both countries have processes in place to manage competing stakeholder needs and oversee the technical infrastructure needed for the cards.

The Department of Health and Human Services provided technical comments on a draft of this report, which GAO incorporated as appropriate.

Why GAO Did This Study

Proposals have been put forward to replace the current paper Medicare cards, which display beneficiaries' Social Security numbers, with electronically readable cards, and to issue electronically readable cards to providers as well. Electronically readable cards include cards with magnetic stripes and bar codes and “smart” cards that can process data. Proponents of such cards suggest that their use would bring a number of benefits to the program and Medicare providers, including reducing fraud through the authentication of beneficiary and provider identity at the point of care, furthering electronic health information exchange, and improving provider record keeping and reimbursement processes.

GAO was asked to review the ways in which electronically readable cards could be used for Medicare. This report (1) evaluates the different functions and features of electronically readable cards, (2) examines the potential benefits and limitations associated with the use of electronically readable cards in Medicare, (3) examines the steps CMS and Medicare providers would need to take to implement and use electronically readable cards, and (4) describes the lessons learned from the implementation and use of electronically readable cards in other countries. To do this, GAO reviewed documents, interviewed stakeholders, and conducted visits to two countries with electronically readable card systems.

For more information, contact Kathleen M. King at (202) 512-7114 or

Full Report

GAO Contacts

Office of Public Affairs


AuthenticationBeneficiariesClaims processingComputer securityFraudElectronic data interchangeIdentification cardsHealth care programsInformation technologyInsuranceLessons learnedMedicareMedical recordsPersonal identification numbersSmart cardsSocial security numberStandards