A study conducted by The Department of Health and Human Services’ Office of Inspector General identified several quality control gaps in the CMS Recovery Audit Contractor program, according to a recent government report.
“Prior Government Accountability Office work has identified problems with CMS’s actions to address improper payment vulnerabilities, and prior [Office of the Inspector General] OIG work has identified problems with CMS’s actions to address referrals of potential fraud,” the OIG said in the official report, which was filed on September 3. “Further, OIG has identified vulnerabilities in CMS’s oversight of its contractors. Given the critical role of identifying improper payments, effective oversight of RAC performance is important.”
The study examined Recovery Audit Contractor (RAC) Data Warehouse files from CMS and data from RACs in fiscal years (FYs) 2010 and 2011, which included 2.6 million claims from approximately 292,000 providers, to assess RAC activities to identify improper payments and refer potential fraud. The study also collected CMS data regarding activities to address vulnerabilities and referrals of potential fraud. The final action in the investigation was examining RAC performance evaluations and performance evaluation metrics to determine the extent that RAC performance evaluations addressed these metrics.
The analysts found in fiscal years 2010 and 2011, RACs identified 1.3 million claims (50%) they reviewed as having resulted in improper payments totaling $1.3 billion. Of these improper payments, the report states that 32% resulted from service being delivered in inappropriate facilities and 25% from incorrect billing codes. The report also found only 6% of providers appealed RAC decisions, but of those appeals, 44% were overturned.
Although CMS took corrective action to address the majority of vulnerabilities identified, it did not evaluate the effectiveness of these actions.
“As a result, high amounts of improper payments may continue,” the report stated.
The report also found CMS did not take action to address the six referrals of potential fraud that it received from RACs. Additionally, CMS’s performance evaluations did not include metrics to evaluate RAC’s performance on all contract requirements.
“Specifically, CMS did not evaluate RACs on the extent that they identified improper payments,” the report stated. “Further, four of the eight performance evaluations that we reviewed did not describe RACs’ ability, accuracy, or effectiveness in identifying improper payments. The other four performance evaluations we reviewed described RAC identification of improper payments to varying degrees; however, these descriptions were not linked to performance evaluation metrics.”
Based on the reported findings, the OIG made several recommendations for CMS. They include: take action, as appropriate, on vulnerabilities that are pending corrective action and evaluate the effectiveness of implemented corrective actions; ensure RACs refer all appropriate cases of potential fraud; review and take appropriate, timely action on RAC referrals of potential fraud; and develop additional performance evaluation metrics to improve RAC performance and ensure that RACs are evaluated on all contract
“In its comments on the draft report, CMS concurred with our first, second and fourth recommendations but did not indicate whether it concurred with our third recommendation,” the report stated.
However, CMS did note the six potential fraud RAC referrals have been reviewed and appropriately dealt with.
According to the report, CMS Administrator Marilyn Tavenner wrote in response, “CMS continuously implements corrective actions on potential and known vulnerabilities and has implemented a dynamic process for addressing these vulnerabilities.”