GAO: Medicaid Needs Better Beneficiary, Provider Fraud Controls

Register now

Though the Centers for Medicare and Medicaid Services has taken steps to make the Medicaid enrollment process more rigorous and data-driven, gaps in beneficiary-eligibility verification guidance and data sharing continue to exist, according to the Government Accountability Office.

In a new audit, GAO found thousands of Medicaid beneficiaries and hundreds of providers involved in potentially improper or fraudulent payments during fiscal year 2011—the most recent year for which reliable data were available in four selected states. The states—Arizona, Florida, Michigan, and New Jersey—had about 9.2 million beneficiaries and accounted for 13 percent of all fiscal year 2011 Medicaid payments.

Also See: 5% of Medicaid-only Enrollees Account for Nearly Half of Costs

Auditors discovered about 8,600 beneficiaries had payments made on their behalf concurrently by two or more of the states totaling at least $18.3 million, and that the identities of approximately 200 deceased beneficiaries received $9.6 million in Medicaid benefits subsequent to the beneficiary’s death.

GAO noted that CMS required states to use electronic data maintained by the federal government in its Data Services Hub to verify beneficiary eligibility. However, additional guidance is needed to further enhance program-integrity efforts beyond using the hub given that CMS regulations do not require states to periodically review Medicaid beneficiary files for deceased individuals more frequently than annually, nor specify whether states should consider using the more-comprehensive Social Security Administration Death Master File in conjunction with state-reported death data when doing so.

As a result, auditors concluded that “states may not be able to detect individuals that have moved to and died in other states, or prevent the payment of potentially fraudulent benefits to individuals using these identities.”

Another area found lacking was Medicaid provider-enrollment screening. CMS requires states to screen providers and suppliers to ensure they have active licenses in the state where they provide Medicaid services, including use of Medicare's enrollment database—the Provider Enrollment, Chain and Ownership System (PECOS)—to screen Medicaid providers so that duplication of effort is reduced.

Despite the fact that CMS gave each state manual access to certain information in PECOS, GAO revealed that none of the four states it interviewed used PECOS to screen all Medicaid providers because of the manual process. To make it easier for states, CMS began providing them with access to a monthly file containing basic enrollment information that could be used for automated screening. But, according to auditors, CMS has not provided full access to all PECOS information, such as ownership information, that states say are needed to effectively and efficiently process Medicaid provider applications.

The full GAO report can be found here.

For reprint and licensing requests for this article, click here.