proach to Medicaid program integrity efforts already under way
to ensure that states make proper payments to providers. The
Affordable Care Act of 2010 required states and territories establish the Medicaid RAC program under the statute that establishes the Medicare RAC program.
Medicaid RACs are tasked with identifying and recovering
Medicaid overpayments and identifying underpayments. They
are also tasked with designing their programs so that the Medicaid RACs report instances of fraud and criminal activity in addition to the pursuit of overpayments.
As an initial step for establishing their RAC programs, states
were expected to submit a Medicaid State Plan Amendment to
CMS by December 31, 2010, that addresses essential elements of
their programs. The proposed date for states to have their RAC
programs fully implemented was delayed through CMS Bulletin
CP-B 11-03 on February 1, 2011. CMS expects to announce the
implementation deadline sometime in 2011.
Under the proposed rule, states would be required to report
to CMS elements describing the effectiveness of their Medicaid
RAC programs. These elements include, but are not limited to,
contract periods of performance, contractor names, and program metrics.
A Medicaid Fraud Control Unit is a single identifiable entity of
state government annually certified by the secretary of HHS.
MFCUs are responsible for conducting a state initiative aimed at
investigating and prosecuting providers that defraud the Medicaid program.
In addition, MFCUs may also review complaints of abuse or
neglect of nursing home residents or the misappropriation of a
patient’s private funds while in the home. The Ticket to Work
and Work Incentives Improvement Act of 1999 extended MFCU
jurisdiction to include fraud investigation in any federally funded healthcare program.
North Dakota received a waiver from the federal government,
leaving MFCUs in 49 states and the District of Columbia. Most
are located in the state attorney general’s office, though it is not
In order to be certified by HHS, MFCUs are required to employ
attorneys experienced in the investigation and prosecution of
civil fraud or criminal cases, investigators with extensive knowledge in commercial and financial investigations, and auditors
capable of investigating allegations of fraud.
Since 1993 OIG has been performing and supervising audits
and investigations of fraud and abuse to promote efficiency
and effectiveness and minimize loss of governmental programs.
As mandated by amended Public Law 95-452, OIG’s mission is
to protect the integrity of HHS programs as well as the health
and welfare of the beneficiaries of those programs. All activities
performed by OIG lie within the authority of the US Inspector
Depending on the nature of the violations, organizations or
providers should consider engaging legal counsel, auditors, or
other healthcare experts to help ongoing OIG investigations.
The State Offices of Medicaid Inspector General are independent agencies within individual state departments of health.
Their purpose is to improve the integrity of state Medicaid programs by coordinating the fraud and abuse activities for multiple state agencies that provide Medicaid-funded services.
Although each OMIG is different, many work with agencies
such as the Department of Mental Health, Office of Children
and Family Services, and Office of People with Developmental
Disabilities. They also work closely with MFCUs to support their
The Payment Error Rate Measurement program measures improper payments in the Medicaid program and the Children’s
Health Insurance Program (CHIP). PERM is designed to comply
with the Improper Payments Information Act of 2002. Executive Order 13520 further intensified PERM efforts to eliminate
payment errors, waste, fraud, and abuse in federal programs,
For PERM, CMS is using a national contracting strategy consisting of three contractors to perform statistical calculations,
medical records collection, and medical/data processing review of select state Medicaid and CHIP fee-for-service and managed care claims. In FY 2006 CMS reviewed only Medicaid Fee-for-Service claims. Starting in FY 2007 CMS expanded PERM
to include reviews of FFS and managed care claims, as well as
beneficiary eligibility in both the Medicaid and CHIP programs.
The Recovery Audit Contractor (RAC) program’s mission is to
reduce Medicare improper payments through the detection
and collection of overpayments, the identification of underpayments, and the implementation of actions that will prevent future improper payments. Many of these activities involve data-mining activities based on billing information.
The Tax Relief and Health Care Act of 2006 mandated CMS
implement Medicare RAC auditors in all states. CMS awarded
contracts to four regional RACs, each responsible for ensuring
identification of payment errors for approximately a quarter of
In 2011 industry experts suggest RAC audits will continue to
be a compliance risk for organizations and providers due to the
large scope and increased data-mining efforts. In addition, RAC
audits may impose the largest operational impact to healthcare
organizations and providers in 2011. Recent changes have increased RAC record requests to 500 records every 45 days.
The contingency fee nature of RAC payments will ensure that
these audits remain a top risk and operational concern for organizations and providers in 2011.