Why GAO Did This Study. Medicaid remains a high-risk program, partly due to concerns about improper payments. CMS oversees and supports states, in part, by reviewing their program integrity activities, hiring contractors to audit providers, and providing training. In recent years, CMS made changes to its Medicaid program integrity efforts, including a shift to collaborative audits. GAO was asked to examine CMS's oversight and support of states' Medicaid program integrity efforts. GAO examined, among other issues, (1) how CMS tailors its reviews to states' circumstances; (2) states' experiences with collaborative audits; and (3) CMS's steps to share promising program integrity practices. GAO reviewed CMS documents, including state program integrity reports, and data on collaborative audits. GAO interviewed officials from CMS and eight states selected based on expenditures, managed care use, and number of collaborative audits, among other factors. What GAO Found. The Centers for Medicare & Medicaid Services (CMS) has tailored its state program integrity reviews--in which the agency reviews states' program integrity activities--to states' managed care delivery systems and other areas at high risk for improper payments. From 2014 through 2016, CMS conducted on-site reviews in 31 states. The reviews usually addressed state oversight of managed care plans, and some reviews addressed other high-risk areas such as provider enrollment. CMS and states have found the reviews to be beneficial in identifying areas for improvement. To expand oversight to more states, CMS also began off-site desk reviews of certain state program integrity efforts. Collaborative audits--in which CMS contractors and states work in partnership--have identified substantial potential overpayments to providers, but barriers have limited their use. CMS encourages states to use collaborative audits, but states decide whether to pursue them. Several states reported positive collaborative audit experiences, while others cited barriers--such as staff burden or problems communicating with contractors--that prevented them from seeking audits or hindered the success of audits. Federal internal control standards indicate that organizations should identify and respond to risks related to achieving objectives. Absent additional CMS action to address barriers, some states may choose not to pursue collaborative audits, or may encounter challenges after doing so. CMS lacks a systematic approach to collecting promising state program integrity practices and communicating them to other states. CMS's main approach--the state program integrity reviews--inconsistently identified promising practices, and those identified are neither published in a timely way nor easily searched electronically. Other CMS approaches, such as courses offered by the Medicaid Integrity Institute (a national training program for states), were not designed for sharing promising practices and do not systematically communicate them to all states. Both CMS and the states have a role in identifying promising program integrity practices. Absent further agency action, states may not have access to the range of promising state program integrity practices, which is inconsistent with federal internal control standards on the use and external communication of necessary quality information to achieve program objectives. What GAO Recommends. To further improve its support of states' Medicaid program integrity activities, CMS should identify opportunities to address barriers that limit states' participation in collaborative audits, and, in collaboration with states, take additional steps to collect and share promising program integrity practices. The Department of Health and Human Services concurred with GAO's recommendations.
The National Library of Medicine believes this item to be in the public domain. (More information)