April 22, 2009
Office of Inspector General
Department of Health & Human Services
Reported to the US Senate; Subcommittee on Federal Financial Management, Government Information, Federal Services, and International Security.
Excerpts….
Collaboration Is Essential to a Successful Antifraud Strategy.
The collaborative antifraud efforts of HHS and DOJ are rooted in the Health Insurance Portability and Accountability Act of 1996, P. L. 104-191 (HIPAA), which directed the Secretary of HHS, acting through OIG and the Attorney General, to promulgate a joint Health Care Fraud and Abuse Control (HCFAC) Program.
The National Health Care Anti-Fraud Association estimates conservatively that of that amount, at least 3 percent—or more than $60 billion each year—is lost to fraud.
OIG also continues to identify vulnerabilities….
For example, OIG found that from 1995 to 2005, expenditures for advanced imaging paid under the Medicare Physician Fee Schedule grew more than fourfold, from $1.4 million to $6.2 million.
High Risk areas are quoted as….
including South Florida and Los Angeles.
Kaiser Network article… HHS Report Finds Medicare Fraud Prevalent in South Florida
Miami Herald: South Florida flagged in Medicare fraud report.
American Association for Homecare Press Release.
Imperial Valley News: Medicare Supplier sentenced to 63 months for stealing $225,000,000 from Medicare.
Google’s “Trend” report on medicare fraud.
___________________________________________
Statement of Lewis Morris
Chief Counsel
Office of Inspector General
Department of Health and Human Services
April 22, 2009
THE FRAMEWORK FOR COMBATING FRAUD, WASTE, AND ABUSE IN FEDERAL HEALTH CARE PROGRAMS.
On behalf of Inspector General Levinson and the Office of Inspector General (OIG), I thank you for the opportunity to discuss the OIG’s health care antifraud strategy; the different ways Federal health care programs are vulnerable to waste, fraud, and abuse; and the ways Congress can help strengthen the integrity of these critical programs.
Collaboration Is Essential to a Successful Antifraud Strategy
OIG is an independent, nonpartisan agency committed to protecting the integrity of the 300 agencies and programs administered by the Department of Health and Human Services (HHS). Approximately 80 percent of OIG’s resources are dedicated to promoting the efficiency and effectiveness of the Medicare and Medicaid programs and to protecting these programs and their beneficiaries from fraud and abuse. Thanks to the hard work of our 1,500 employees and our law enforcement partners, from FY 2006 through FY 2008, OIG’s investigative receivables averaged $2.04 billion and its audit disallowances resulting from Medicare and Medicaid oversight averaged $1.22 billion per year. The result was a Medicare-and Medicaid-specific return on investment for OIG oversight of $17 to $1. In addition, in FY 2008, implemented OIG recommendations resulted in $16.72 billion in savings and funds put to better use.
OIG is not alone in the fight to combat fraud and preserve the integrity of Federal health care programs. We work closely with the Department of Justice (DOJ) and our State law enforcement partners, as well as with our colleagues in the Centers for Medicare & Medicaid Services (CMS) and the Food and Drug Administration. The Government’s enforcement efforts in FY 2008 resulted in 455 criminal actions against individuals or entities that engaged in crimes against departmental programs and 337 civil actions, which included False Claims Act and unjust enrichment lawsuits filed in Federal district court, Civil Monetary Penalties Law settlements, and administrative recoveries related to provider self-disclosure matters. Also in FY 2008, OIG excluded 3,129 individuals and entities for fraud or abuse that affected Federal health care programs and/or our beneficiaries. Common reasons for exclusion included convictions for crimes concerning Medicare or Medicaid, patient abuse or neglect, and license revocation.
The collaborative antifraud efforts of HHS and DOJ are rooted in the Health Insurance Portability and Accountability Act of 1996, P. L. 104-191 (HIPAA), which directed the Secretary of HHS, acting through OIG and the Attorney General, to promulgate a joint Health Care Fraud and Abuse Control (HCFAC) Program. The HCFAC Program and Guidelines went
1
into effect on January 1, 1997. HIPAA requires HHS and DOJ to report annually to Congress on HCFAC Program results and accomplishments. HCFAC Program activities are supported by a dedicated funding stream within the Hospital Insurance Trust Fund.
In its 11th year of operation, the HCFAC Program’s continued success confirms the soundness of a collaborative approach to identify and prosecute health care fraud, to prevent future fraud and abuse, and to protect Medicare and Medicaid beneficiaries. Since its inception, HCFAC Program activities have returned over $11.2 billion to the Medicare Trust Fund. As I will discuss, the Government’s efforts to address durable medical equipment (DME) and infusion fraud in South Florida and Los Angeles exemplify the benefits of a collaborative approach. Although I will highlight fraud in the area of DME and infusion, fraud and abuse occur among all types of health care providers and suppliers.
The Federal Health Care Programs Are Vulnerable to Waste, Fraud, and Abuse
The United States spends more than $2 trillion on health care every year. The National Health Care Anti-Fraud Association estimates conservatively that of that amount, at least 3 percent—or more than $60 billion each year—is lost to fraud. For Federal health care programs to serve the medical needs of beneficiaries and remain solvent for future generations, the Government must pursue an aggressive and comprehensive strategy to address waste, fraud, and abuse. That strategy must be broader than investigating and prosecuting detected instances of fraud. Thus, our strategy is also informed by OIG audits, evaluations, and inspections, which have identified payments for unallowable services and improper services not rendered, and other types of improper claims. OIG also has found that Medicare’s reimbursement rates for certain items and services are too high, resulting in wasteful expenditures and opportunities for fraud.
OIG reviews have identified payments for unallowable services, improper coding, and other types of improper payments for various inpatient and outpatient services. Improper payments range from reimbursement for services provided to inadequately documented and inadvertent mistakes to outright fraud and abuse. Expenditures for inpatient services, including those provided by inpatient hospitals and skilled nursing facilities, account for one-third of all Medicare expenditures. OIG work has uncovered problems with hospitals taking advantage of enhanced payments by manipulating billing; hospitals reporting inaccurate wage data, which affects future Medicare payments; and inpatient facilities that may be gaming prospective payment reimbursement systems by discharging or transferring patients to other facilities for financial rather than clinical reasons.
OIG also continues to identify vulnerabilities related to certain types of services provided by physicians and other health professionals, including services related to advanced imaging, pain management, and mental health. For example, OIG found that from 1995 to 2005, expenditures for advanced imaging paid under the Medicare Physician Fee Schedule grew more than fourfold, from $1.4 million to $6.2 million. Services provided by independent diagnostic testing facilities (IDTFs) accounted for nearly 30 percent of this growth. OIG work has found problems with IDTFs, including noncompliance with Medicare requirements and billing for services that were not reasonable and necessary.
2
While we are continuing to identify vulnerabilities throughout the program, OIG and our law enforcement partners also are focusing antifraud efforts in geographic areas at high risk for Medicare fraud, including South Florida and Los Angeles. Our investigations identified significant vulnerabilities, including: (1) DME suppliers circumventing enrollment and billing controls; (2) high levels of improper Medicare payment for certain types of DME, prosthetics, orthotics, and supplies (DMEPOS); and (3) inappropriate reimbursement rates for certain DMEPOS. In 2007, the Government launched in South Florida a Medicare Fraud Strike Force (Strike Force) made up of staff from OIG, the U.S. Attorney’s Office for the Southern District of Florida, the Federal Bureau of Investigation, and DOJ. The Strike Force’s mission is to identify, investigate, and prosecute DMEPOS suppliers and infusion clinics suspected of Medicare fraud. To date, the Strike Force has opened 137 cases, convicted 146 of its targets, and secured $186 million in criminal fines and civil recoveries.
The recent investigation and prosecution of Medcore Group LLC (Medcore) and M&P Group of South Florida (M&P) illustrates the Medicare program’s vulnerabilities. Medcore and M&P operated as Miami-based HIV clinics from approximately 2004 through 2006, billed approximately $5.3 million to the Medicare program, and actually received more than $2.5 million in payments. From their inception, Medcore and M&P were set up as criminal enterprises designed to defraud Medicare. The scheme was to submit claims for medically unnecessary HIV infusion and injection treatments. The three owners of Medcore and M&P included a former gas station attendant, a trained cosmetologist, and an individual currently incarcerated for Medicare fraud involving a separate DME company he operated from 2001 to 2003. None had more than a high-school education and none had any medical background.
At trial, one of Medcore’s owners, Tony Marrero, testified that the scheme was so profitable so quickly, that he became concerned about getting caught and decided to set up a second fraudulent clinic, M&P, in the name of his wife. M&P was located in the same building as Medcore, had the same employees, submitted claims under the Medicare provider number of the same physician, and had six patients in common. In fact, the same doctor worked at other Miami-area infusion clinics, which billed Medicare for more than $60 million between 2004 and the end of 2005. Mr. Marrero testified that when his wife no longer wanted to be associated with M&P, he sold the clinic to Gustavo Smith in exchange for $100,000 delivered to him in cash in a paper bag. Mr. Smith was later convicted of health care fraud in connection with a different DME scheme and has since fled to Cuba.
Mr. Marerro also testified at trial that he had an arrangement with a pharmaceutical wholesale company to buy invoices that showed the purchase of large amounts of medications, when only minor amounts were actually purchased. One of the medical assistants testified that she manipulated the patients’ blood samples to ensure that lab results would appear to support the Medicare claims.
On March 17, 2009, a federal jury in Miami convicted two physicians and two medical assistants who worked for Medcore and M&P in connection with the $5.3 million fraud scheme. The government obtained six pleas before trial resulting in 10 convictions in total.
3
EXPLOITATION OF THE SYSTEM’S VULNERABILITIES
OIG’s fraud-fighting efforts in South Florida and Los Angeles also draw on the expertise of our auditors and evaluators. For example, OIG identified weaknesses in Medicare’s supplier enrollment process and its supplier oversight activities. In 2007, OIG found that 31 percent of DMEPOS suppliers in three South Florida counties did not maintain physical facilities or were not open and staffed, contrary to Medicare requirements. Similarly, in 2008, OIG inspected 905 suppliers in Los Angeles County and found that 13 percent did not have physical facilities or were not open during repeated unannounced site visits.
OIG also found that CMS has had limited success controlling aberrant billing by infusion clinics. In the second half of 2006, claims originating in three South Florida counties accounted for 79 percent of the amount submitted to Medicare nationally for drug claims involving HIV/AIDS patients and constituted 37 percent of the total amount Medicare paid for services for beneficiaries with HIV/AIDS. However, only 10 percent of Medicare beneficiaries with HIV/AIDS lived in these three counties.
In additional work, OIG identified strategies that DMEPOS suppliers had used to circumvent billing controls and defraud the program. Medicare regulations require DME suppliers to provide the Medicare provider identifier of the physician who ordered the equipment on the claim. Until May 23, 2008, Medicare used unique provider identification numbers (UPIN) and then switched to national provider identifiers (NPI). Requiring the UPIN (or NPI) on claims is intended to indicate that a physician has verified the need for the DMEPOS and to enable CMS to determine who prescribed the DMEPOS as part of any post-payment reviews. OIG studies have uncovered: (1) the use of invalid or inactive UPINs, (2) the use of UPINs that belonged to deceased physicians, (3) the improper use of surrogate UPINs, and (4) the use of legitimate UPINs that were associated with an unusually large number of claims. UPIN vulnerabilities, as well as other challenges, may affect the integrity of the new NPI system. Therefore, OIG has planned additional work to examine the accuracy and completeness of NPIs.
OIG also has found that certain types of DMEPOS are particularly vulnerable to improper payments. For example, an investigation of a large wheelchair supplier found that the company had submitted false claims to Medicare and Medicaid, including claims for power wheelchairs that beneficiaries did not want, did not need, or could not use. In 2007, the company agreed to pay $4 million and relinquish its right to approximately $13 million in claims initially denied for payment by CMS. Nationally, in 2004, OIG estimated that Medicare and its beneficiaries paid $96 million for claims that did not meet Medicare’s coverage criteria for any type of wheelchair or scooter and that they spent an additional $82 million in excessive payments for claims that could have been billed using a code for a less expensive mobility device.
Prior OIG work also has found that Medicare pays too much for certain pieces of DMEPOS and related supplies, such as power wheelchairs, hospital beds, diabetic supplies, and home oxygen equipment. For example, in a 2006 report, OIG found that Medicare had allowed, on average, $7,215 for the rental of an oxygen concentrator that costs about $600 to purchase new. Additionally, beneficiaries incurred, on average, $1,443 in coinsurance charges. We determined that if home oxygen payments were limited to 13 months rather than the current 36 months,
4
Medicare and its beneficiaries would save $3.2 billion over 5 years. In other work related to Medicare pricing, OIG currently is conducting work to examine the appropriateness of prices that Medicare pays for wheelchairs by comparing Medicare prices to suppliers’ purchase prices.
OIG recently found that Medicare reimburses suppliers for negative pressure wound therapy pumps based on a purchase price of more than $17,000 but that suppliers paid an average of $3,600 for new models of these pumps. Negative pressure wound therapy pumps are a type of DME used to treat ulcers and other serious wounds. When Medicare first started covering wound pumps in 2001, it covered only one model, which was manufactured and supplied by one company. Medicare paid for this pump based on the purchase price as identified by that company. In 2005, Medicare expanded its coverage to include several new pump models manufactured by other companies. However, Medicare reimburses suppliers for these new pumps based on the original pump’s purchase price, which is more than four times the average price paid by suppliers.
An Effective Antifraud Strategy Should Embrace Five Principles
Based on the Government’s investigation and prosecution of health care fraud and oversight of Federal health care programs, we believe an effective strategy to combat health care waste, fraud, and abuse must embrace five principles:
1. Scrutinize individuals and entities that want to participate as providers and suppliers prior to their enrollment in health care programs.
2. Establish payment methodologies that are reasonable and responsive to changes in the marketplace.
3. Assist health care providers and suppliers in adopting practices that promote compliance with program requirements, including quality and safety standards.
4. Vigilantly monitor the programs for evidence of fraud, waste, and abuse.
5. Respond swiftly to detected frauds, impose sufficient punishment to deter others, and promptly remedy program vulnerabilities.
These principles are equally applicable to OIG’s enforcement strategy, CMS’s program integrity efforts, and Congress’s legislative agenda. When OIG provides CMS with the results of its audits, inspections, and investigations, these principles are often reflected in OIG’s programmatic recommendations and suggested corrective actions. We offer the following ideas if Congress is considering strengthening the integrity of Federal health care programs.
Scrutinize individuals and entities that want to participate as providers and suppliers prior to their enrollment in health care programs.
As the Medcore and M&P case demonstrates, a lack of effective screening measures gives dishonest and unethical individuals access to a system that they can easily exploit. Even after
5
Medcore had billed Medicare for $4 million in fraudulent claims, it was easy for the clinic’s owner to obtain a provider number in his wife’s name for a second clinic, M&P, operating in the very same building as Medcore, with the same medical director, employees, and patients. When one of the owners, Mr. Marrero, ultimately sold M&P for $100,000 in cash, he testified that he went to a lawyer’s office so the lawyer could fill out paperwork to put ownership of the clinic in the name of two nominee owners—rather than Gustavo Smith’s name. Although it involved cash exchanged in a paper bag in a parking lot, the sale was structured as a stock sale so the new “owners” would have 90 days to notify Medicare of the change in ownership, allowing a window of time for the fraud to continue under new “ownership.” In our experience, it too easy for organized crime to recruit nominee owners of fraudulent companies.
We advocate strengthening enrollment standards and making participation in Federal health care programs as a provider or supplier a privilege, not a right. All providers and suppliers applying for enrollment in Medicare or Medicaid should be screened before they are granted billing privileges. Heightened screening measures for high-risk items and services could include requiring providers to meet accreditation standards, requiring proof of business integrity or surety bonds, periodic recertification and onsite verification that conditions of participation have been met, and full disclosure of ownership and control interests. New providers and suppliers should be subject to a provisional period during which they are subject to enhanced oversight, such as prepayment review and payment caps. The cost of this screening could be covered by charging application fees.
Establish payment methodologies that are reasonable and responsive to changes in the marketplace.
OIG has conducted extensive reviews of Medicare payment and pricing methodologies and has determined that the program pays too much for certain items and services. When reimbursement methodologies do not respond effectively to changes in the marketplace, the program and its beneficiaries bear the cost. As the experience of South Florida illustrates, excessive payments are a lucrative target for criminals. These criminals also can reinvest some of their profit in kickbacks for additional referrals, thus using the program’s funds to perpetuate the fraud scheme.
We support efforts to pay appropriately for the items and services covered by Federal health care programs. Although CMS has the authority to make certain adjustments to fee schedules and other payment methodologies, for some changes, congressional action is needed. Medicare and Medicaid reimbursement systems should be aligned to ensure that payments are reasonable and responsive to market changes.
Assist health care providers and suppliers in adopting practices that promote compliance with program requirements.
Health care providers and suppliers must be our partners in ensuring the integrity of Federal health care programs and should adopt internal controls and other measures that promote compliance and prevent, detect, and respond to health care fraud, waste, and abuse. Requiring health care providers and suppliers to incorporate integrity safeguards and tools into their organizations is an essential component of a comprehensive antifraud strategy. In many sectors
6
of the health care industry, such as hospitals, compliance programs are widespread and often very sophisticated; other sectors have been slower to adopt internal compliance practices. Compliance programs benefit industry stakeholders by improving their business practices, by fostering early detection and correction of emerging problems, and by reducing the risk that they will become the subject of a fraud prosecution.
States also have begun to recognize the value of compliance systems. For example, New York now requires providers and suppliers to implement an effective compliance program, as defined by OIG, as a condition of participation in its Medicaid program. Medicare Part D also requires that prescription drug plan sponsors have compliance plans that address eight required elements. Although compliance programs do not guarantee reduced fraud and abuse, they are an important component of a comprehensive government-industry partnership to promote program integrity.
We recommend that providers and suppliers should be required to adopt compliance programs as a condition of participating in the Medicare and Medicaid programs. As part of its effort to promote compliance with program requirements, OIG has extensive experience in the development of compliance program guidance and could assist in this important integrity initiative.
Vigilantly monitor the programs for evidence of fraud, waste, and abuse.
The health care system compiles an enormous amount of data on patients, providers, and the delivery of health care items and services. However, Federal health care programs often fail effectively to use claims-processing edits and other information technology to identify improper claims before they are paid. To state the obvious, Medicare should not pay a clinic for HIV infusion when the beneficiary has not been diagnosed with the illness, pay twice for the same service, or routinely process a claim that relies on the UPIN of a deceased physician. Like many infusion fraud schemes, Medcore and M&P gained the cooperation of patients by giving them kickbacks of up to $200 per visit. Four patients testified that they took kickbacks and never received any medication at the clinics. One patient testified that he used his payments from the clinics to support his cocaine addiction. Another patient testified that he did not have HIV, even though the clinics’ documents showed he was being infused with medication to treat HIV. By the patients own admission, they had been receiving kickbacks from numerous Miami clinics for many years. The Medicare data showed they had received millions of dollars in infusion treatment, DME, and other services they did not require. Had the government been vigilantly monitoring the claims submitted on behalf of these beneficiaries, the scheme might have been detected more quickly.
CMS has taken significant steps to enhance payment accuracy and internal controls. For example, CMS proposed a centralized data repository, known as One Program Integrity System Integrator (One PI), which would warehouse data on Medicare Parts A, B, and D and on Medicaid. However, the target implementation date for One PI has been delayed, and CMS has not provided a new expected timeframe for completion and operability.
In addition to structural improvement to the data systems, real-time access to all relevant Medicare and Medicaid data by law enforcement is critical to the success of the antifraud effort.
7
Currently, law enforcement receives data weeks or months after claims have been filed, making it more difficult to detect and thwart new scams. We advocate that law enforcement have real-time access to Medicare and Medicaid program data. In addition, we recommend that Congress authorize OIG to streamline the process for matching Medicare data to other relevant databases, such as Medicaid data obtained from States and data from the Social Security Administration. We also recommend the consolidation and expansion of the various provider databases, including the Health Care Integrity and Protection Data Bank, the National Practitioner Data Bank, and OIG’s List of Excluded Individuals/Entities. Providing a centralized comprehensive database of adverse actions and other sanctions imposed on individuals and entities would be an effective means of preventing providers and suppliers with problem backgrounds from moving from State to State unnoticed by licensing, government, and health plan officials.
Respond swiftly to detected fraud, impose sufficient punishment to deter others, and promptly remedy program vulnerabilities.
Our investigations have shown an increase in organized crime in health care. Health care fraud is attractive to organized crime because the penalties are lower than those for other organized-crime-related offenses (e.g., offenses related to illegal drugs); there are low barriers to entry (e.g., a criminal can easily obtain a supplier number, gather some beneficiary numbers, and bill the program); schemes are easily replicated; and there is a perception of a low risk of detection. We need to alter the cost-benefit analysis by increasing the risk of swift detection and the certainty of punishment.
As part of this strategy, law enforcement must accelerate the Government’s response to fraud schemes. The Government’s strike force model has proved highly successful. In addition to prosecuting criminals and recovering funds for the Medicare Trust Fund, the South Florida Strike Force has had a powerful sentinel effect. Medicare claims data show that during the first 12 months of the Strike Force (March 1, 2007, to February 29, 2008), claim amounts submitted for DME decreased by 63 percent to just over $1 billion from nearly $2.76 billion during the preceding 12 months (a drop exceeding $1.7 billion).
Although resource intensive, the strike force is a powerful antifraud tool and represents a tremendous return on the investment. Building on the success of the South Florida Strike Force, in March 2008, DOJ and OIG created a second Strike Force in Los Angeles. Since operations began, the Strike Force has opened 46 cases and indicted individuals and organizations that collectively have made almost $13 million on fraudulent claims to the Medicare program. The schemes include false claims for wheelchairs, orthotics, and other DME that was medically unnecessary and/or was not provided to the beneficiaries identified in claims.
OIG uses a range of administrative sanctions, including civil money penalties (CMPs) and program exclusions, as an adjunct to criminal and civil enforcement. We have identified a number of enhancements to these administrative authorities that, if mandated by Congress, would increase our ability to address emerging schemes, such as authorizing CMPs for the submission of erroneous data used as the set Medicare payment and a CMP for the ordering or prescribing of items or services by an excluded person.
8 9
Conclusion
OIG and its law enforcement partners have implemented a comprehensive strategy to combat waste, fraud, and abuse in Federal health care programs. However, sophisticated health care fraud schemes increasingly rely on falsified records, elaborate business structures, and the participation of health care providers, suppliers, and even patients to create the false impression that the Government is paying for legitimate health care services. Applying the principles described above as the framework will identify new ways to protect the integrity of the programs, meet needs of beneficiaries, and keep Federal health care programs solvent for future generations.
|
Subcommittee on Federal Financial Management, Government Information, Federal Services, and International Security |
|
Democrats |
Republicans |
|
Thomas R. Carper Chairman (D-DE) |
John McCain Acting Ranking Member (R-AZ) |
|
|
|
|
Carl Levin (D-MI) |
Tom Coburn (R-OK) |
|
|
|
|
Daniel K. Akaka (D-HI) |
George V. Voinovich (R-OH) |
|
|
|
|
Mark L. Pryor (D-AR) |
John Ensign (R-NV) |
|
|
|
|
Claire McCaskill (D-MO) |
|
|
|
|
|
Roland Burris (D-IL) |
|
Dated April 22, 2009
(669)
