Medicaid: Federal and State Leadership Needed to Control Fraud And Abuse

Published by the Government Accountability Office on 1999-11-09.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

                            United States General Accounting Office

GAO                         Before the Subcommittee on Oversight and Investigations,
                            Committee on Commerce, House of Representatives

For Release on Delivery
Expected at 10:30 a.m.
Tuesday, November 9, 1999   MEDICAID

                            Federal and State
                            Leadership Needed to
                            Control Fraud and Abuse
                            Statement of Leslie G. Aronovitz, Associate Director
                            Health Financing and Public Health Issues
                            Health, Education, and Human Services Division

Medicaid: Federal and State Leadership
Needed to Control Fraud and Abuse

              Mr. Chairman and Members of the Subcommittee:

              We are pleased to be here today as you discuss ways to combat fraud and
              abuse in the Medicaid program. Some 40 million Americans—not only
              poor mothers and children but also poor elderly, blind, and disabled
              individuals—depend on health care services made possible by the
              Medicaid program. With total expenditures of over $177 billion in fiscal
              year 1998, Medicaid is the third largest social program in the federal
              budget and represents a significant share of individual state budgets as

              Fraud and abuse drains away vital program dollars and exploits taxpayers
              and vulnerable beneficiaries. As we recently reported, consumers and
              legitimate health care providers have been victimized by the fraud
              schemes of career criminals and organized criminal groups.1 While the
              Department of Health and Human Services (HHS) and the Department of
              Justice have recently augmented their program integrity activities for
              Medicare, the Congress is concerned that a similar emphasis be placed on
              fraud and abuse control in Medicaid. We have just launched a study to
              better understand the scope and effectiveness of Medicaid program
              integrity efforts at the federal and state levels and will report our results
              next spring. Today, my remarks will focus on a brief overview of the
              problem, several key components of fraud control, and the importance of
              federal and state cooperation. My comments are based on observations
              gleaned from our prior work addressing both Medicaid and Medicare
              program integrity issues and from our ongoing Medicaid study.

              In summary, our body of work on health care fraud and abuse indicates
              that programs the size and structure of Medicaid are inherently vulnerable
              to exploitation. Fraud schemes often cross state lines and enforcement
              jurisdictions, entailing a number of federal, state, and local agencies that
              may have different or competing priorities in their efforts to investigate,
              prosecute, and enforce compliance. Experience shows that coordinating
              the efforts of the multiple players, investing in preventive strategies, and
              dedicating adequate resources to fraud control units are essential
              components of an effective program integrity strategy. Finally, our work
              shows that the Health Care Financing Administration (HCFA), the agency
              in HHS responsible for administering Medicaid federally, is in a position to
              work in partnership with the states to ensure an appropriate level of
              commitment in states’ efforts to control Medicaid fraud and abuse.

              1Health Care: Fraud Schemes Committed by Career Criminals and Organized Criminal Groups and
              Impact on Consumers and Legitimate Health Care Providers (GAO/OSI-00-1R, Oct. 5, 1999).

              Page 1                                                                     GAO/T-HEHS-00-30
             Medicaid: Federal and State Leadership
             Needed to Control Fraud and Abuse

Background   Medicaid is a jointly funded federal-state health insurance program for
             eligible low-income and needy people. Although it is one federal program,
             as a practical matter, it consists of 56 separate programs (including the
             District of Columbia, Puerto Rico, and the U.S. territories). Within broad
             federal guidelines, each state establishes its own eligibility standards;
             determines the type, amount, duration, and scope of services; sets the rate
             of payment for services; and administers its own program. For fiscal year
             1998, federal Medicaid expenditures were over $101 billion, with the states
             contributing about $76 billion. For each state, the federal share varies
             according to a statutory formula. The federal government picks up at least
             half the cost for medical services, and in nine states, it pays for more than
             70 percent.

             Medicaid fraud and abuse control entails a complex mix of actors and
             entities. At the federal level, HCFA and the HHS Office of Inspector
             General (OIG) have program oversight responsibilities. The Federal
             Bureau of Investigation (FBI) and the U.S. Attorneys in the Department of
             Justice are responsible for enforcement under certain conditions.
             However, front line oversight and enforcement reside primarily with the
             states. Each state administers its Medicaid program through a state
             Medicaid agency—variously situated in departments such as health,
             welfare, or human services. In addition to paying claims and performing
             other administrative duties, the state Medicaid agencies conduct program
             integrity activities. Many state Medicaid agencies have a “data mining”
             unit—a surveillance and utilization review subsystem (SURS) unit—
             dedicated to reviewing paid claims to identify suspect billing practices or
             other aberrations indicating potential wrongdoing. Separate from the state
             Medicaid agency, 47 states have Medicaid Fraud Control Units (MFCU),
             generally located in the state’s attorney general’s office, which carry out
             investigations and prosecutions. For a composite view of the multiple
             agencies involved in Medicaid fraud and abuse control, see table 1.

             Page 2                                                       GAO/T-HEHS-00-30
                                            Medicaid: Federal and State Leadership
                                            Needed to Control Fraud and Abuse

Table 1: Overview of Medicaid Fraud and Abuse Control Efforts
Agency                     Responsibility                                     Related activities
   Department of Health and Human Services (HHS)
Health Care Financing      Oversees state Medicaid agencies                   Among other activities, through its Medicaid Fraud and
Administration (HCFA)                                                         Abuse National Initiative, HCFA provides an ongoing
                                                                              forum and training for state officials on fraud control.
Office of Inspector          Oversees state Medicaid Fraud Control            The OIG can sanction fraudulent providers by imposing
General (OIG)                Units                                            exclusions and civil monetary penalties. It refers
                                                                              investigative findings to Department of Justice.
                             Investigates federal Medicaid fraud
    Department of Justice
U.S. Attorneys               Prosecute Medicaid fraud cases                   The U.S. Attorneys also indict, negotiate settlements,
                             referred by FBI and HHS OIG                      and make recoveries.
Federal Bureau of            Investigates federal fraud cases but             The FBI refers investigative findings to the U.S.
Investigation (FBI)          cannot impose sanctions                          Attorneys.
State Medicaid agency        Administers state Medicaid program and           The state Medicaid agency’s activities may include
(located in such             oversees Medicaid program integrity              conducting pre- and postpayment claims reviews and
departments as health,       activities                                       administering the provider enrollment process.
human services, and
Program integrity/           Reviews claims data to detect and                SURS units refer suspected fraud cases to the state’s
surveillance and             investigate aberrant payment patterns            MFCU and noncriminal cases to the state Medicaid
utilization review           and conducts other types of integrity            agency’s collection unit.
subsystem (SURS)a unit       activities
Medicaid Fraud Control       Investigates and prosecutes cases                The MFCU may refer cases that will not be prosecuted to
Unit (MFCU)b (generally in   involving fraudulent Medicaid activities         the state Medicaid agency or other authority for
state attorney general’s                                                      administrative action.
office)                      Investigates and acts on complaints of
                             abuse or neglect of patients in facilities
                             receiving Medicaid funding
District attorney            Prosecutes Medicaid fraud cases in
                             states where MFCUs do not have
                             prosecutorial authority
                                             States vary in how their program integrity activities are organized and in what the units
                                            are called.
                                                 Three states do not have MFCUs–Idaho, Nebraska, and North Dakota.

Fraud and Abuse Are a                       The magnitude of fraud and abuse in the Medicaid program has not been
                                            quantified. Nevertheless, similar fraud and abuse schemes crop up in
Persistent Problem in                       different states, and states have problems with fraud and abuse under both
Medicaid Program                            fee-for-service and managed care payment methods. Medicaid is

                                            Page 3                                                                    GAO/T-HEHS-00-30
                             Medicaid: Federal and State Leadership
                             Needed to Control Fraud and Abuse

                             vulnerable to fraud because of some intrinsic characteristics—such as its
                             share of states’ budgets and its vulnerable beneficiary population.

Several Types of Fraud and   Common Medicaid fraud and abuse schemes generally fall into three
                             broad groups: improper billing practices, misrepresentations of
Abuse Are Common in          professional or service qualifications, and improper business practices.2
Medicaid                     Improper billing practices include “upcoding,” in which the provider
                             misrepresents treatment provided and bills for a more costly procedure;
                             “ghost” or “phantom” billing, in which a provider bills for services never
                             provided; and delivering more treatment than is either necessary or
                             appropriate for the patient’s diagnosis. Misrepresenting qualifications
                             encompasses such offenses as submitting false credentials to obtain a
                             Medicaid provider number and performing treatments outside the bounds
                             of what is permitted by one’s license. Among the improper business
                             practices found in Medicaid are kickbacks for referring or otherwise
                             steering patients to a particular provider or product such as
                             pharmaceuticals; self-referrals, in which providers, for example, may order
                             and request lab tests from companies they own or have a financial interest
                             in; and antitrust violations, in which companies collude with each other or
                             with providers to improperly influence payments or fees. Table 2 contains
                             examples of fraud and abuse cases from the files of state MFCUs.

                             2Fraud involves a willful act to deceive for gain, whereas abuse typically involves actions that are
                             inconsistent with acceptable business and medical practices.

                             Page 4                                                                             GAO/T-HEHS-00-30
                                        Medicaid: Federal and State Leadership
                                        Needed to Control Fraud and Abuse

Table 2: Examples of Medicaid Fraud and Abuse
Type of fraud                     Example
Billing fraud                     A psychiatrist operated a “psychotherapy mill,” in which parents were enticed to enroll their
                                  children in “free” enrichment programs such as after-school tutoring, field trips, and supervised
                                  recreation in exchange for their children’s Medicaid numbers. Using these numbers, the
                                  psychiatrist billed Medicaid for psychotherapy services not provided. A psychologist he employed
                                  discovered the scam and negotiated a higher salary from him. The psychologist also set up her
                                  own copycat operation. State officials estimated that the two fraudulently obtained $421,000 from
                                  Medicaid. The defendants pleaded guilty, were ordered to pay fines and restitution, and received
                                  probation. Source: Georgia State Health Care Fraud Control Unit.

Business practices fraud          Two businessmen pleaded guilty to felony charges related to a complex scheme of submitting
                                  fraudulent nursing home cost reports to the state’s Medicaid program. The scheme involved a
                                  nursing home chain and a shell corporation that the chain allegedly contracted with, enabling the
                                  owners to bill Medicaid for inflated expenses related to phony contracts with the nursing homes.
                                  Through a complex web of bank and investment accounts, the owners laundered payments. The
                                  scheme, which netted the owners nearly $10 million in excess Medicaid reimbursements, was
                                  discovered when a state auditor became suspicious of high payments to the shell company. One
                                  of the defendants received 50 months in prison and a $70,000 fine; the other, 36 months in prison
                                  and a $50,000 fine. Both received an additional 3 years of supervised release. As restitution, the
                                  pair agreed to pay about $6 million to the state Medicaid program and to forfeit an additional $2-
                                  million-plus in assets. Source: Georgia State Health Care Fraud Control Unit.

Fraudulent misrepresentation of   A woman, who had never attended, graduated, or received a degree from a nursing school,
qualifications                    presented a false nursing license to several nursing homes that employed her. She also
                                  contracted with a county Board of Mental Retardation and Developmental Disabilities to provide
                                  nursing and counseling services. The misrepresentation was discovered when substandard care
                                  she provided led to complaints and a subsequent investigation. A state nursing board determined
                                  that the woman had posed as a nurse for at least 5 years. She was charged with felony Medicaid
                                  fraud, felony forgery, and misdemeanor practice of unlicensed nursing. She pleaded guilty and
                                  was sentenced to 5 years’ probation and was ordered to either pay some $3,850 in restitution or
                                  perform 84 days of community service. Source: Ohio Attorney General’s Health Care Fraud

                                        Fee-for-service providers do not have a monopoly on fraudulent and
                                        abusive health care practices. Under managed care, providers intending to
                                        exploit the program have adapted to new financial incentives. Whereas
                                        receiving a fee for each service enables providers to enhance revenues by
                                        ordering too many services, receiving a lump-sum payment in advance for
                                        each enrollee can encourage dishonest providers to enhance their profits
                                        by stinting on patient care. Consistent with this incentive are examples of
                                        Medicaid managed care fraud and abuse by prepaid health plans: avoiding
                                        expensive treatments, underfinancing plan operations, providing poor
                                        quality care, using deceptive marketing practices, and claiming phony
                                        enrollments. In a specific instance in Tennessee, a managed care plan used
                                        a homeless shelter as the address for nearly 4,500 fictitious enrollees—a

                                        Page 5                                                                  GAO/T-HEHS-00-30
                                    Medicaid: Federal and State Leadership
                                    Needed to Control Fraud and Abuse

                                    scheme that was generating nearly $450,000 a month in fraud losses to
                                    Medicaid. The scheme came to light once the shelter tipped off the state
                                    Medicaid agency. Managed care plans can also engage in fraudulent
                                    business practices similar to those in fee-for-service health care—such as
                                    providing kickbacks for referrals or having unqualified personnel provide

                                    Fraud and abuse schemes also cross jurisdictional and program
                                    boundaries, complicating the task of pursuing the perpetrators. In our
                                    October 1999 correspondence on health care fraud, we noted that criminal
                                    groups have created interstate health care fraud schemes and have used
                                    associates in foreign countries to transfer ill-gotten proceeds out of the
                                    United States. For example, a group with ties to a New Jersey scheme
                                    purchased a lab in Illinois and began bilking Medicaid and Medicare there.
                                    In another case, two individuals investigated for Medicaid fraud in south
                                    Florida were tied to three individuals in North Carolina who used a similar
                                    scheme to falsely bill Medicare. Proceeds from this scam were laundered
                                    through associates in Mexico.

Medicaid Is Vulnerable to           Certain characteristics of the program make Medicaid an attractive target
                                    for exploitation, as follows:
Fraudulent and Abusive
Practices                   •       As a third-party payer, Medicaid pays for services provided by others and
                                    cannot, as a practical matter, police each claim for reimbursement
                                    submitted. In a state like New York, the very size of the program invites
                                    exploitation. In fiscal year 1998, New York’s Medicaid program, covering
                                    roughly 2 million beneficiaries,3 cost an estimated $27 billion. Medicaid
                                    consumes, on average, 20 percent of a state’s budget.

                                •   The impermanence of the population, owing to beneficiaries’ changing
                                    eligibility status, makes the program a target for such schemes as billing
                                    for services provided to ineligible or deceased individuals.

                                •   Because many states pay considerably less under Medicaid than providers’
                                    customary charges, Medicaid providers are often in short supply. Thus,
                                    program administrators are reluctant to impose controls that are
                                    perceived as burdensome for fear of discouraging provider participation.

                                    3Our data on New York’s beneficiary enrollment reflect calendar year 1998.

                                    Page 6                                                                       GAO/T-HEHS-00-30
                              Medicaid: Federal and State Leadership
                              Needed to Control Fraud and Abuse

Coordination,                 Our prior health care program integrity work has shown that strong
                              federal and state leadership is needed to ensure that three essential fraud
Prevention, and               control elements are in place. First, the multiple agencies involved must
Adequate Resources Are        coordinate their efforts effectively. Second, HCFA and the states must
                              focus on preventive strategies, since detection and prosecution efforts
Key Fraud Control             alone cannot stem program losses. Finally, state agencies need the
Elements                      administrative and technical tools and resources to accomplish their

Coordination Essential, but   Examples from our prior program integrity work underscore the
                              importance of coordinating the efforts of multiple law enforcement and
Difficult to Achieve          oversight agencies. One of our reports focused on Medicaid prescription
                              drug diversion,4 often referred to as “pill-mill” fraud, in which physicians,
                              clinic owners, and pharmacists collude with willing beneficiaries by
                              fraudulently prescribing and distributing prescription drugs. In some
                              cases, pharmacists added medications to beneficiaries’ orders and kept the
                              extra for resale; clinics provided unneeded prescriptions to beneficiaries,
                              who would trade them for merchandise; and providers gave beneficiaries
                              prescriptions for drugs in exchange for their Medicaid number to bill for
                              services not provided. We noted that a drug diversion case could typically
                              involve five or more state, local, and federal agencies in its investigation,
                              prosecution, and resolution. Network diversion schemes could involve
                              third-party payers other than Medicaid, entrepreneurs, beneficiaries,
                              middlemen, and physicians not enrolled in Medicaid. Handling such
                              schemes could entail coordination between, for example, a MFCU in the
                              state’s department of law and other agencies with jurisdiction, such as an
                              office of professional medical conduct in the state’s department of health,
                              an audit office in the state’s department of social services, and an office of
                              professional discipline in the state’s department of education.

                              Two examples illustrate the payoff resulting from agency cooperation. One
                              is the FBI’s Operation Goldpill. Working with other federal agencies and
                              with state MFCUs and regulators, approximately 1,000 FBI agents
                              participated in the FBI’s largest health care undercover operation at that
                              time, involving 50 cities nationwide. This initiative reflected a new strategy
                              focusing on multidefendant conspiracy indictments rather than single-
                              defendant prosecutions. Through this effort, law enforcement agencies
                              were able to charge 254 defendants; seize $10.8 million in assets, including
                              11 pharmacies; and levy $6.6 million in fines.

                              4Medicaid Drug Diversion Fraud: Federal Leadership Needed to Reduce Program Vulnerabilities
                              (GAO/HRD-93-118, Aug. 2, 1993).

                              Page 7                                                                       GAO/T-HEHS-00-30
    Medicaid: Federal and State Leadership
    Needed to Control Fraud and Abuse

    The second example—Operation Restore Trust (ORT)—represented a
    cornerstone in recent health care fraud coordination, which focused on
    Medicare and Medicaid fraud and abuse. ORT brought together the HHS
    OIG and other federal, state, and local agencies to target wrongdoing by
    home health, nursing home, and durable medical equipment providers,
    initially in five states. In its first 2 years of operation, ORT identified $188
    million in inappropriate payments. Among the lessons learned was the
    importance of coordination among the various program and enforcement
    agencies involved at the federal, state, and local levels. For example,
    coordination between Medicare claims administration contractors and
    state licensing inspectors in the project states resulted in the
    decertification of many of the targeted home health agencies and the
    recovery of substantial sums in inappropriate payments. Through the
    Medicare contractors’ efforts to train state inspectors on specific billing
    and beneficiary coverage issues, the inspectors were able to provide the
    contractors information they might not otherwise have been able to obtain
    on beneficiaries who were not eligible or home health agencies that billed
    for services not provided. Through this mutual exchange of information,
    contractors were able to identify an array of billing abuses costing the
    government millions of dollars.

    As obvious as the benefits are from interagency coordination, several
    barriers exist that discourage such cooperative efforts. Among these are
    the following:

•   Labor-intensity of building a case with uncertain outcome. The level of
    resources and interagency coordination required for case development
    can stall the pursuit of a case at many junctures and delay the resolution of
    a case for many years. The pursuit of fraud often begins with the state
    Medicaid agency, which, to refer the case to a MFCU, must typically
    prepare careful documentation through data analyses, claims audits,
    interviews with patients, and medical record reviews. The MFCU may
    reject cases because of its backlog, insufficient evidence, or estimated
    dollar losses below a certain threshold. At the time of our drug diversion
    study, one state’s MFCU typically rejected more than 90 percent of the
    Medicaid agency’s fraud referrals because of staffing constraints. For
    cases accepted, MFCU investigations can involve, among other things,
    additional interviews or analyses of medical records and subpoena of
    financial records. If the case enters federal jurisdiction, the MFCU may
    forward the case to a U.S. Attorney. If the case is prosecuted and
    convictions are obtained, further work also may be necessary to establish
    administrative sanctions and recover overpayments.

    Page 8                                                         GAO/T-HEHS-00-30
                              Medicaid: Federal and State Leadership
                              Needed to Control Fraud and Abuse

                          •   Timing of actions to maximize administrative as well as criminal
                              sanctions. In our drug diversion study, we reported that the state agencies
                              and MFCUs made little effort to time audits and criminal investigations so
                              that civil recoveries could be made without compromising criminal
                              prosecution. When poor communication exists between a MFCU and the
                              state Medicaid agency, the state agency may be delayed in taking civil
                              action before the statute of limitations has expired. In such cases, the
                              agency may have to forgo the opportunity to assess monetary penalties or
                              obtain recoveries that can restore financial losses to the Medicaid

                          •   Competing productivity goals between agencies. One state’s MFCU
                              officials told us that a state Medicaid agency’s SURS unit, for example,
                              may be reluctant to classify cases as fraud. Fraud cases must generally be
                              referred to the state MFCU. Cases classified as overpayments generally
                              remain the within the SURS’ jurisdiction, and recoveries are credited to
                              the SURS’ performance results.

                          •   Federal payback rules. Federal law creates a fiscal incentive for states to
                              avoid finding fraud.5 The law requires that the state pay back the federal
                              share of these overpayments within 60 days of discovery, regardless of
                              whether the state has recouped its losses.6

                              We are currently reviewing states’ efforts to enhance coordination in our
                              ongoing study for the Committee. In Georgia, the MFCU has established
                              working teams consisting of members from three state agencies—
                              prosecutors from the Attorney General’s office, investigators from the
                              Georgia Bureau of Investigation, and auditors from the Department of

Prevention Is Key to          Preventive strategies designed to stop improper activity before Medicaid
                              incurs losses is another essential control. Our observations on
Avoiding Program Losses       coordination difficulties demonstrate that efforts to detect and prosecute
                              wrongdoing are important but are typically expensive and labor-intensive,
                              sometimes with little financial recovery to show for the effort. Consistent
                              with this view is HCFA’s philosophy “to pay it right” instead of paying and

                              542 U.S.C. 1396b(d)(2)(C).

                              6While this requirement may be appropriate under ordinary circumstances so that states are
                              encouraged to seek recovery, it may not be appropriate in criminal cases in which recovery efforts
                              could damage the investigation by alerting the suspect.

                              Page 9                                                                           GAO/T-HEHS-00-30
                              Medicaid: Federal and State Leadership
                              Needed to Control Fraud and Abuse

                              Preventive strategies can be embedded in the design of provider
                              enrollment procedures, payment methods, coverage policies, and
                              beneficiary eligibility verification. As we concluded from previous work,
                              states’ emphasis on developing preventive measures were well-placed
                              because efforts to recover losses were often unsuccessful. In our ongoing
                              study, we will examine states’ approaches to fraud control prevention.
                              One example—provider enrollment controls in the Medicare program—
                              illustrates how such approaches help avert fraud.

                              Until recently, when new requirements were established, Medicare
                              procedures for certifying home health agencies were seriously flawed. For
                              example, in a 1997 report,7 we noted that becoming a Medicare-certified
                              home health agency had been too easy, particularly in light of the number
                              of problem agencies that had been identified in past years. There had been
                              little screening of those seeking Medicare certification. For example,
                              Medicare certified an agency owned by an individual with no home health
                              experience who turned out to be a convicted drug felon and who later
                              pleaded guilty with an associate to having defrauded Medicare of over $2.5
                              million. Rarely did new home health agencies fail the program’s
                              certification requirements. HCFA has since developed procedures to
                              better scrutinize the qualifications and background of home health agency

Adequate Resources            An investment in adequate resources, consisting of qualified staff and
                              modern payment safeguard technology, is a third element essential to
Include Qualified Staff and   effective Medicaid fraud and abuse control. Over time, health care fraud
Modern Technology             schemes have become increasingly complex, frequently involving
                              networks of people, sophisticated computer techniques, and multiple
                              geographic locations. In a 1994 Medicare report,8 we focused on the
                              results of a HCFA demonstration examining the effect of additional
                              program safeguard funding. We found that the “demonstration”
                              contractors had achieved higher medical review savings than the control
                              group contractors because they committed more resources to improving
                              their analytic tools and hiring qualified technical staff.

                              In recent interviews, officials in several states have expressed concerns
                              that the lack of effective data systems has hampered their efforts to
                              identify fraud. For example, one state official said that the state’s Medicaid

                              7Medicare Home Health Agencies: Certification Process Ineffective in Excluding Problem Agencies
                              (GAO/HEHS-98-29, Dec. 16, 1997).
                              8Medicare: Greater Investment in Claims Review Would Save Millions (GAO/HEHS-94-35, Mar. 2,

                              Page 10                                                                       GAO/T-HEHS-00-30
                          Medicaid: Federal and State Leadership
                          Needed to Control Fraud and Abuse

                          automated detection system is 15 years old and not well designed for the
                          types of analysis needed today. Another official noted that the state lacked
                          a system to perform electronic prepayment screening of claims, a tool that
                          we have reported on in Medicare reports as a fundamental payment
                          safeguard. Reflecting these concerns, a MFCU official stated that service
                          data, staff capable of mining them, and state-of-the-art detection software
                          are important tools for fraud control. Our ongoing study will examine the
                          extent of states’ capacity to identify fraud or abuse.

HCFA’s Role in Medicaid   In recent years, HCFA has taken steps to improve its program integrity
                          efforts in both Medicare and Medicaid. For Medicaid in particular, HCFA’s
Fraud Control             role to date has been largely to facilitate training and information-sharing
                          efforts for the states.

                          In 1997, HCFA established the Medicaid fraud and abuse national initiative
                          designed to bring different components among and within states together
                          at meetings and to provide training, share information, and address
                          common concerns. As part of the initiative, individual committees have
                          been created to work on specific problems and solutions. For example, a
                          state legislation committee developed a database on a Web site that all
                          states can access that catalogues states’ program integrity legislation. This
                          serves states seeking models for anti-fraud-and-abuse legislation and
                          contacts for further information. A federal legislation committee has
                          developed proposals to increase state effectiveness that have been added
                          to HHS’ legislative proposals. HCFA has also formed and funded a
                          technical advisory group that meets regularly to discuss Medicaid program
                          integrity issues.

                          Despite HCFA’s positive efforts to facilitate states’ activities, we are
                          concerned about the agency’s efforts to ensure that all states have
                          effective program integrity strategies. In our June 1999 testimony on
                          Medicaid payments for school-based services, we raised concerns about
                          HCFA’s role as steward of Medicaid funds. We noted that the agency’s
                          regional offices, lacking specific guidance, were inconsistent in their
                          determinations of whether a given state’s practices for claiming
                          administrative costs were appropriate. Practices that HCFA had allowed in
                          one state had not been allowed in others, resulting in confusion. It also
                          created an environment in which school systems “pushed the envelope”
                          into the realm of questionable billing practices.

                          From this particular work we made observations that apply to Medicaid
                          fraud and abuse control in general. First, striking a balance between the

                          Page 11                                                      GAO/T-HEHS-00-30
                  Medicaid: Federal and State Leadership
                  Needed to Control Fraud and Abuse

                  stewardship of Medicaid and the need for flexible approaches in dealing
                  with 50-plus Medicaid programs is difficult. However, mindful of that
                  balance, HCFA is in a position to explore, in partnership with states, the
                  appropriate level of commitment to preventing and detecting fraud and
                  abuse. We think this is important because both have a fiduciary
                  responsibility to administer Medicaid efficiently and effectively.

                  Mr. Chairman, this concludes my prepared statement. I will be happy to
                  answer any questions you or the Subcommittee Members may have.

GAO Contact and   For future contacts regarding this testimony, please call Sheila K. Avruch
                  on (202) 512-7277. Key contributors to this testimony include Barrett W.
Acknowledgments   Bader, Bonnie L. Brown, Hannah F. Fein, and Robert L. Lappi.

                  Page 12                                                     GAO/T-HEHS-00-30
Related GAO Products

             Financial Management: Increased Attention Needed to Prevent Billions in
             Improper Payments (GAO/AIMD-00-10, Oct. 29, 1999).

             Health Care: Fraud Schemes Committed by Career Criminals and
             Organized Criminal Groups and Impact on Consumers and Legitimate
             Health Care Providers (GAO/OSI-00-1R, Oct. 5, 1999).

             Medicaid: Questionable Practices Boost Federal Payments for School-
             Based Services (GAO/T-HEHS-99-148, June 17, 1999).

             Fraud, Waste, and Abuse: The Cost of Mismanagement (GAO/AIMD-98-
             265R, Sept. 14, 1998).

             Nursing Homes: Too Early to Assess New Efforts to Control Fraud and
             Abuse (GAO/T-HEHS-97-114, Apr. 16, 1997).

             Medicaid Fraud and Abuse: Stronger Action Needed to Remove Excluded
             Providers From Federal Health Programs (GAO/HEHS-97-63, Mar. 31,

             Fraud and Abuse: Providers Excluded From Medicaid Continue to
             Participate in Federal Health Programs (GAO/T-HEHS-96-205, Sept. 5,

             Medicare and Medicaid: Opportunities to Save Program Dollars by
             Reducing Fraud and Abuse (GAO/T-HEHS-95-110, Mar. 22, 1995).

             Prescription Drugs: Automated Prospective Review Systems Offer
             Potential Benefits for Medicaid (GAO/AIMD-94-130, Aug. 5, 1994).

             Medicaid: A Program Highly Vulnerable to Fraud (GAO/T-HEHS-94-106,
             Feb. 25, 1994).

             Medicaid Drug Fraud: Federal Leadership Needed to Reduce Program
             Vulnerabilities (GAO/HRD-93-118, Aug. 2, 1993).


             Page 13                                                  GAO/T-HEHS-00-30
Ordering Information

The first copy of each GAO report and testimony is free.
Additional copies are $2 each. Orders should be sent to the
following address, accompanied by a check or money order made
out to the Superintendent of Documents, when necessary. VISA and
MasterCard credit cards are accepted. Orders for 100 or more copies
to be mailed to a single address are discounted 25 percent.

Orders by mail:

U.S. General Accounting Office
P.O. Box 37050
Washington, DC 20013

or visit:

Room 1100
700 4th St.,NW (Corner of 4th and G Sts. NW)
U.S. General Accounting Office
Washington, DC

Orders may also be placed by calling (202) 512-6000 or by using
fax number (202) 512-6061 or TDD (202) 512-2537.

Each day, GAO issues a list of newly available reports and
testimony. To receive facsimile copies of the daily list or any list
from the past 30 days, please call (202) 512-6000 using a touchtone
phone. A recorded menu will provide information on how to obtain
these lists.

For information on how to access GAO reports on the INTERNET,
send an e-mail message with "info" in the body to:


or visit GAO's World Wide Web Home Page at

United States
General Accounting Office           Bulk Rate
Washington, DC 20548-0001      Postage & Fees Paid
                                Permit No. G100
Official Business
Penalty for Private Use $300
Address Correction Requested