CMS targets fraud with new analytics

The Centers for Medicare and Medicaid Services intends to take a bigger bite out of fraud and abuse by strengthening its monitoring and analytics capabilities to prevent and detect suspicious activities.

CMS will conduct enrollment and medical claims analytics using cutting-edge methods to keep the bad actors out of Medicare, share that information with Medicaid and prevent the payment of fraudulent claims instead of chasing it down afterwards, said Peter Budetti, MD, CMS deputy administrator for program integrity. 

“This is the model for how the system is being put into place for Medicare and where we are going over time in Medicaid,” he said at the National Medicare RAC Summit in November. 

Some of the necessary technology is already deployed, while other systems will be ready the first of the year to keep an eye on program participants and money flows.

CMS is using the latest technologies for a fraud prevention system to scrutinize Medicare claims. This feeds into a risk-scoring solution, which assists in directing priorities for the agency’s anti-fraud recovery audit contractors (RACs) and for CMS to conduct analyses and investigations to determine what action is warranted. Contract awardee Northrop Grumman began operating the fraud prevention system in July, and IBM is developing and testing models that fit into the system.

“We now screen every Medicare claim prior to payment nationally," said Budetti. "That integration into the claims processing system will become more sophisticated and agile over time."

The prepayment review will be used as an investigative technique to follow leads and determine if there is any pattern of a problem. In the past, CMS had access only to post-payment claims information.

“We will revoke provider billing privileges for improper practices,” he said.

CMS will also conduct analyses of providers who enroll in its programs, assign risk levels to them and make its enrollment system more automated to accommodate new data, such as Social Security death files and loss of licensure. The automated provider enrollment screening, which will replace the more manual system, will be operational in January, said Budetti.

A laboratory that CMS is building will examine historical and current data to identify the root causes of vulnerabilities so the agency can change policies as well as prevent future problems.

The agency also shares information broadly with states and law enforcement, including the Justice Department, Office of Inspector General and the FBI, and will move towards being able to do so with private plans, he said.

The agency plans to apply the fraud prevention technology on the Medicaid side also, said Budetti.

“We are embarking on a major initiative to look across all of our auditing activities for areas where we can coordinate and consolidate to make it more efficient and less burdensome from the providers’ perspective,” he added. This effort is included in the Medicaid recovery audit contractors (RACs) final rule, which takes effect Jan. 1. 

State-based contractors are designed to recover overpayments and receive a contingency fee. Medicaid RACs will examine different kinds of arrangements than those in Medicare’s fee-for-service system, said Budetti.