A state audit of the N.C. Division of Medical Assistance determined there have been deficiencies and lapses in how the agency and its contractor have handled the provider application process for the state Medicaid program.
The audit, released Thursday, covers the agency and Computer Sciences Corp. Inc. (CSC), which was paid a combined $9.9 million by the N.C. Department of Health and Human Services in fiscal years 2011-12 and 2012-13.
Medicaid was estimated as a $13.5 billion state program for fiscal 2013-14, covering about 1.7 million North Carolinians. The division is responsible for setting qualification requirements and enrolling providers. The division and the contractor approved providers during the fiscal years.
The goal of the audit is ensuring “tax dollars are paid to, and Medicaid recipients are served by, only qualified providers.”
“The overall conclusion of the report is that the division’s procedures and those of its contractor did not provide reasonable assurance that only qualified providers were allowed to enroll in the program,” state Auditor Beth Wood said.
The audit said that 33 providers were convicted of Medicaid fraud and abuse in 2012, with the state able to reclaim about $10.2 million. For 2013, there were 32 providers convicted of Medicaid fraud and abuse, with the state recovering $5.5 million.
The audit recommended the state establish specific evidence requirement for determining and documenting provider eligibility, and for performance measures for accuracy and reliability.
The division’s response to the audit, included in the documentation, shows areas where it and CSC have implemented application process changes based on state audit recommendations.
The audit is released at a time when Gov. Pat McCrory and the General Assembly are divided on how to reform the state Medicaid program: whether to privatize a significant part of it (favored by the Senate); or to expand existing provider networks with more financial accountability and responsibility (favored by the governor, health Sec. Dr. Aldona Wos and House).
Legislators are expected to resume reform negotiations after the November general election.
The key audit findings are:
• Deficiencies in the enrollment process increase the risk of unqualified providers participating in the program.;
• Documentation to support higher risk provider applications is often not available or insufficient to support the application approval. A higher risk provider applicant includes those with a history of criminal convictions or previous sanctions.
For example, the audit determined 65 percent of 843 higher-risk providers approved in 2012 did not contain sufficient documentation.
• The contractor’s enrollment review procedures do not provide reasonable assurance that only qualified providers are approved to participate.
The audit said CSC had procedural weaknesses that include missing documentation or incorrect data used on some verification checks; and that monitoring was inadequate.
• The contractor does not always have evidence to support that mandatory verification checks were completed.
• Quality assurance reviews were not conducted or were ineffective.
• Contract lacks adequate performance measures to hold the contractor accountable for processing applications accurately and reliably.
The division is giving CSC until March 31 in some instances, and up to June 30 in other instances, to correct its deficiencies, including accountability for its performance standards.
“The state auditor did not find any approved providers that were inappropriately enrolled in the N.C. Medicaid program,” DHHS spokesman Kevin Howell said. “Most of the procedural weaknesses identified during 2012 have already been corrected as part of a larger effort to strengthen Medicaid operations across the board.
“As evidenced by Sec. Wos’ expansion of our internal audit staff, DHHS values audits that strengthen our processes and increase accountability.”
In a note to McCrory, legislative leaders and Wos, Wood said some of Wos’ statements in her response “could mislead readers of the report.”
Wood said in her auditor’s comment that missing documentation did not allow her office to come to a definitive conclusion of no inappropriately enrolled providers for 65 percent of the higher-risk applicants and 30 percent of the non-higher risk applicants.
“Therefore, the state Auditor’s Office and the division do not know if 4,701 providers approved in 2012 were qualified. The effectiveness of the new procedures cannot be determined until a follow-up audit is performed.”
Wood said CSC was determined to have made verification errors, when Wos said CSC was not permitted to alter the information submitted by an applicant.
Wood expressed concern that DHHS has not “come up with a specific plan to hold the contractor accountable for these errors” of inaccurate and unreliable results.
Rep. Donny Lambeth, R-Forsyth, said the audit highlights “even more the need for a comprehensive Medicaid reform plan that is well thought out and phased in over time. Every day we delay is costing taxpayers and the state much-needed funds for other valued programs.
“Part of reform must include more aggressive oversight and management of the administrative aspects of the program. Program integrity is essential to protect those participating in the program. With providers at risk and accepting responsibility for managing the patients experience through the maze of health-care providers, the ‘bad’ providers will be dealt with and will likely not be a participant in an accountable care organization model of care.”
Rep. Verla Insko, D-Orange, said the audit reveals an all-too-common problem with DHHS – “too many vacancies and too few qualified employees.”
“That applies to watch-dogging contractors, as well as actually performing the work. Hiring expensive, albeit qualified outside vendors, won't automatically solve the problems.
“DHHS has to have highly qualified, experienced people in house to monitor and manage the contractors. They or their workers will take shortcuts to make more money.”
It is the fourth time since May 2013 that the state Auditor’s Office has criticized DHHS or a division about lapses in a critical area of its oversight.
The main audit focus has been on the underperformances of NCTracks, the state’s controversial Medicaid claim-processing system. It was launched July 1, 2013, and handles Medicaid claim processing from about 97,000 providers.
An updated audit issued July 31 said NCTracks’ current inefficiencies are costing the state at least $9.6 million in annual federal funding.
Among the auditors’ NCTracks concerns in May 2013 were: “key decisions about user accounts and privacy and security procedures have yet to be made. Independent verification of test results was not conducted, and a vendor (CSC) was permitted to set its own guidelines for whether its work was acceptable.”
DHHS disputed a significant part of the May 2013 audit, leading Wood to defend her report in a letter sent to the legislature in October 2013.