Medicare: HCFA's Use of Anti-Fraud-and-Abuse Funding and Authorities
(Letter Report, 06/01/98, GAO/HEHS-98-160).

Pursuant to a legislative requirement, GAO reviewed: (1) the Health Care
Financing Administration's (HCFA) progress in implementing the Medicare
Integrity Program; (2) what additional resources and authorities
Congress provided to HCFA through the Medicare Integrity Program; (3)
how HCFA has made use of these resources and authorities to improve the
protection of Medicare funds; and (4) how HCFA plans to use these
authorities and resources in the future.

GAO noted that: (1) the Health Insurance Portability and Accountability
Act of 1996 (HIPAA) established the Medicare Integrity Program to
subsume the program safeguard activities of HCFA and its current claims
processing contractors; (2) rather than fund safeguard activities as
part of HCFA's annual administrative budget appropriation, HIPAA
appropriates safeguard funding for each year beginning in fiscal year
(FY) 1997; (3) the Department of Health and Human Services (HHS)
proposed this type of funding arrangement in 1994 so that HCFA and its
contractors could better plan and manage program safeguard efforts; (4)
the Medicare Integrity Program also provides HCFA the authority to
contract with specialists in program safeguards, to separate these
functions from current claims processing and payment contracts; (5) the
new contracts with program safeguard specialists are intended to make
important improvements in HCFA's program safeguard efforts; (6) these
improvements will make it possible to review all of the claims for a
single beneficiary in one place, reduce the number of contractor
safeguard units to increase consistency and simplify HCFA's oversight,
and better manage the conflicts of interest that develop when Medicare
contractors expand into new health care businesses; (7) for FY 1998,
HIPAA significantly increased program safeguard funding over the FY 1997
level; (8) although this funding increase for 1998 was assured when
HIPAA became law, HCFA did not notify contractors of their funding until
one-third of FY 1998 was past; (9) contractors reported that, because of
this delayed notification, they delayed plans to increase their program
safeguard staff; (10) HCFA is progressing slowly in contracting with
safeguard specialists; (11) the first contract, to be awarded by January
1999, will be limited in scope, covering only part of the work
envisioned for program safeguard contracts; (12) this first contract
will therefore not provide many of the benefits ultimately expected, nor
will it reduce HCFA's reliance on its current contractors for program
safeguards; and (13) HCFA has no firm plans regarding when it will
expand the scope of this contract or award a second safeguard specialist
contract.

--------------------------- Indexing Terms -----------------------------

 REPORTNUM:  HEHS-98-160
     TITLE:  Medicare: HCFA's Use of Anti-Fraud-and-Abuse Funding and 
             Authorities
      DATE:  06/01/98
   SUBJECT:  Health care programs
             Erroneous payments
             Program abuses
             Fraud
             Cost control
             Funds management
             Internal controls
             Medical expense claims
             Service contracts
IDENTIFIER:  Medicare Trust Fund
             Medicare Program
             Medicare Integrity Program
             
******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO report.  Delineations within the text indicating chapter **
** titles, headings, and bullets are preserved.  Major          **
** divisions and subdivisions of the text, such as Chapters,    **
** Sections, and Appendixes, are identified by double and       **
** single lines.  The numbers on the right end of these lines   **
** indicate the position of each of the subsections in the      **
** document outline.  These numbers do NOT correspond with the  **
** page numbers of the printed product.                         **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
** A printed copy of this report may be obtained from the GAO   **
** Document Distribution Center.  For further details, please   **
** send an e-mail message to:                                   **
**                                                              **
**                                            **
**                                                              **
** with the message 'info' in the body.                         **
******************************************************************


Cover
================================================================ COVER


Report to Congressional Committees

June 1998

MEDICARE - HCFA'S USE OF
ANTI-FRAUD-AND-ABUSE FUNDING AND
AUTHORITIES

GAO/HEHS-98-160

Medicare Fraud and Abuse

(101716)


Abbreviations
=============================================================== ABBREV

  HCFA - Health Care Financing Administration
  HHS - Department of Health and Human Services
  HIPAA - Health Insurance Portability and Accountability Act of 1996
  OIG - Office of Inspector General

Letter
=============================================================== LETTER


B-279395

June 1, 1998

The Honorable William V.  Roth, Jr.
Chairman
The Honorable Daniel Patrick Moynihan
Ranking Minority Member
Committee on Finance
United States Senate

The Honorable Thomas J.  Bliley, Jr.
Chairman
The Honorable John D.  Dingell
Ranking Minority Member
Committee on Commerce
House of Representatives

The Honorable Bill Archer
Chairman
The Honorable Charles B.  Rangel
Ranking Minority Member
Committee on Ways and Means
House of Representatives

In 1997, Medicare paid more than $191 billion for benefits provided
to over 38 million beneficiaries.  As we reported in our February
1997 high-risk series report, Medicare, because of its size and
mission, is an attractive target for exploitation and is inherently
vulnerable to fraud and abuse.\1 This vulnerability was also
highlighted by the Department of Health and Human Services (HHS)
Office of Inspector General's (OIG) recent estimate that in 1997 11
percent, or $20 billion, of Medicare fee-for-service payments were
inappropriate. 

With the August 21, 1996, enactment of the Health Insurance
Portability and Accountability Act of 1996 (HIPAA), the Congress
provided important new resources and tools to fight health care
fraud, abuse, and inappropriate payments.  These new resources
include increased funding for anti-fraud-and-abuse activities for the
HHS OIG and the Health Care Financing Administration (HCFA), as well
as for the Department of Justice and the Federal Bureau of
Investigation.  HIPAA also established the Medicare Integrity
Program, which ensures increasing funding for HCFA's Medicare program
safeguard efforts and authorizes the hiring of specialized anti-fraud
contractors. 

The Congress also mandated that we periodically report on such
aspects of the Medicare Trust Fund as the Comptroller General
considers appropriate.\2

Although HIPAA required us to report beginning on January 1, 2000,
the Balanced Budget Act of 1997 advanced the initial reporting date
to June 1, 1998.  To address this requirement, we have assessed
HCFA's progress in implementing the Medicare Integrity Program. 
Specifically, we are providing information on (1) what additional
resources and authorities the Congress provided to HCFA through the
Medicare Integrity Program, (2) how HCFA has made use of these
resources and authorities to improve the protection of Medicare
funds, and (3) how HCFA plans to use these authorities and resources
in the future. 

To develop our information, we reviewed budget and expenditure data
for program safeguard activities for fiscal years 1994 through 1998. 
We also discussed with HCFA headquarters and regional officials as
well as officials of two Medicare contractors how Medicare Integrity
Program funding was being used.  In addition, we reviewed relevant
HCFA and contractor documents, including HCFA's fiscal year 1998
budget and performance requirements, the draft statement of work for
program safeguard contracts, and HCFA's Government Performance and
Results Act of 1993 performance plan.  We conducted our work at HCFA
headquarters; HCFA's region V and region VI offices; Adminastar
Federal Inc.; and Blue Cross and Blue Shield of Texas, Inc.  We
performed our work between February and May 1998 in accordance with
generally accepted government auditing standards.  (See app.  I for a
description of our methodology.)


--------------------
\1 See High-Risk Series:  Medicare (GAO/HR-97-10, Feb.  1997). 

\2 The Congress also mandated that we prepare a report that
identifies (1) the amounts transferred to the Medicare Trust Fund
from criminal fines, civil monetary penalties, and forfeitures, as
well as gifts or bequests; (2) the amounts appropriated from the
Medicare Trust Fund for the Fraud and Abuse Control Program and the
use of these funds; and (3) any savings to the Trust Fund resulting
from the above expenditures.  This requirement is met by our report
entitled Medicare:  Health Care Fraud and Abuse Control Program
Financial Report for Fiscal Year 1997 (GAO/AIMD-98-157, June 1,
1998). 


   RESULTS IN BRIEF
------------------------------------------------------------ Letter :1

HIPAA established the Medicare Integrity Program to subsume the
program safeguard activities of HCFA and its current claims
processing contractors.  Rather than fund safeguard activities as
part of HCFA's annual administrative budget appropriation, HIPAA
appropriates safeguard funding for each year, beginning in fiscal
year 1997.  The $500 million planned for fiscal year 1998 will be
increased annually up to $720 million in 2003, with no change
thereafter.\3

HHS proposed this type of funding arrangement in 1994 so that HCFA
and its contractors could better plan and manage program safeguard
efforts. 

The Medicare Integrity Program also provides HCFA the authority to
contract with specialists in program safeguards, to separate these
functions from current claims processing and payment contracts.  The
new contracts with program safeguard specialists are intended to make
important improvements in HCFA's program safeguard efforts.  These
improvements will make it possible to review all of the claims for a
single beneficiary in one place, reduce the number of contractor
safeguard units to increase consistency and simplify HCFA's
oversight, and better manage the conflicts of interest that develop
when Medicare contractors expand into new health care businesses. 

For fiscal year 1998, HIPAA significantly increased program safeguard
funding--by 14 percent--over the fiscal year 1997 level.\4 Although
this funding increase for 1998 was assured when HIPAA became law,
HCFA did not notify contractors of their funding until one-third of
fiscal year 1998 was past.  Contractors reported that, because of
this delayed notification, they delayed plans to increase their
program safeguard staff.  At the time we did our work, HCFA had no
firm plans to take advantage of the assured funding by giving
contractors earlier notice of their annual program safeguard budgets
or establishing multiyear program safeguard budgets.  However, HCFA
was already taking steps to direct funding to areas of known
safeguard weaknesses, and expanding its analysis of how to allocate
funding to the contractors and safeguard activities where it can be
used most effectively.  After reviewing a draft of this report, HCFA
officials told us that they would notify contractors of their fiscal
year 1999 program safeguard budgets before the first day of the
fiscal year. 

We also found that HCFA is progressing slowly in contracting with
safeguard specialists.  The first contract, to be awarded by January
1999, will be limited in scope, covering only part of the work
envisioned for program safeguard contracts.  This first contract will
therefore not provide many of the benefits ultimately expected, nor
will it reduce HCFA's reliance on its current contractors for program
safeguards.  HCFA has no firm plans regarding when it will expand the
scope of this contract or award a second safeguard specialist
contract. 


--------------------
\3 Annual appropriations for Medicare program safeguards are
expressed in HIPAA within a range of $10 million.  HHS can determine,
between the minimum and maximum specified in the law, the amount to
be used.  For clarity, in this report we use the maximum specified in
HIPAA for each year. 

\4 In addition to the $500 million of program safeguard funding
provided by HIPAA, HHS' fiscal year 1998 appropriation provides an
additional $50 million of program administration funding to
supplement Medicare program safeguards in fiscal year 1998.  This
brings the total increase for HCFA's program safeguard funding to 25
percent over fiscal year 1997. 


   BACKGROUND
------------------------------------------------------------ Letter :2

In 1997, Medicare's fee-for-service program covered about 87 percent,
or 33 million, of Medicare's beneficiaries.  Physicians, hospitals,
and other providers submit claims to Medicare to receive payment for
services they have provided to beneficiaries.  HCFA administers
Medicare's fee-for-service program through a network of more than 60
claims processing contractors, that is, insurance companies--like
Blue Cross and Blue Shield plans, Mutual of Omaha, and CIGNA--that
process and pay Medicare claims.  In fiscal year 1997, contractors
processed about 900 million Medicare claims. 

Medicare contractors use federal funds to pay health care providers
and beneficiaries and are reimbursed for the costs they incur in
performing the work.  They are also responsible for payment safeguard
activities intended to protect Medicare from paying inappropriately. 
The contractors have broad discretion in conducting these activities,
resulting in significant variation among contractors in implementing
payment safeguards. 

HCFA budgets funding for five main types of program safeguard
activities carried out by Medicare contractors:  (1) medical review,
(2) Medicare secondary payer review, (3) audit of provider cost
reports, (4) fraud unit investigations, and (5) provider education. 
Medical review includes automated and manual, prepayment and
postpayment reviews of Medicare claims; it is intended to identify
claims for noncovered or medically unnecessary services.  Medicare
secondary payer review focuses on identifying other primary sources
of payment, such as employer-sponsored health insurance or
third-party liability settlements, for claims submitted to Medicare. 
The audit process involves auditing cost reports submitted by
providers, such as skilled nursing facilities and home health
agencies.  Contractor fraud units investigate potential cases of
fraud or abuse identified through beneficiary complaints, other
contractor safeguard units, or other sources.  Provider education can
include mailings to providers, briefings, and workshops to increase
provider awareness of coverage and billing policies as well as coding
and documentation requirements. 


   MEDICARE INTEGRITY PROGRAM
   OFFERS INCREASING FUNDING
------------------------------------------------------------ Letter :3

Beginning with fiscal year 1997, HIPAA stipulates that annual funding
levels be appropriated from the Medicare Trust Fund to carry out
HCFA's program safeguard activities.  This process ensures that HCFA
has funding for these important functions.  Starting with the $440
million that was available for program safeguard activities in 1997
and the $500 million expected to be used for fiscal year 1998, HIPAA
increases funding annually up to a maximum of $720 million in 2003
and following fiscal years.  Funding levels provided by HIPAA in the
Medicare Integrity Program for fiscal years 1997 through 2003 are
summarized in table 1. 



                        Table 1
        
         Fiscal Year Medicare Integrity Program
                  Funding Under HIPAA

                 (Dollars in millions)

                                                  2003
                                                   and
                                                 later
  1997    1998    1999    2000    2001    2002   years
------  ------  ------  ------  ------  ------  ------
  $440  $500\a    $560    $630    $680    $700    $720
------------------------------------------------------
\a This does not include the additional $50 million in supplemental
program safeguard funding made available by HHS' fiscal year 1998
appropriation. 

Before HIPAA was enacted, program safeguard activities were funded
out of Medicare's general contractor program management budget, and
the level of funding available for program safeguard activities could
be constrained by the need to fund ongoing Medicare program
functions--such as processing claims.  In fact, while the number of
Medicare claims grew by 70 percent between 1989 and 1996, funding for
claims review grew less than 11 percent.  In 1994, HHS proposed a
program safeguard funding arrangement similar to that in HIPAA,
saying that it would improve program safeguards by creating "a stable
level of funding from year to year so that HCFA and its contractors
could plan and manage the function on a multi-year basis." HHS went
on to say that "[p]ast fluctuations in funding have made it difficult
[for contractors] to retain experienced staff who understand the
complexities of the program." Appendix II summarizes program
safeguard funding for fiscal years 1994 through 1998, by type of
program safeguard activity. 


      HCFA HAS NOT TAKEN ADVANTAGE
      OF HIPAA'S ASSURED SAFEGUARD
      FUNDING BUT IS INCREASING
      DIRECTION OF CONTRACTOR
      EFFORTS
---------------------------------------------------------- Letter :3.1

Although HIPAA provides significant new resources and authorities,
the timing of the act--the passage of which occurred only 6 weeks
before the start of fiscal year 1997--limited the opportunity for
change in the first year.  Then, HCFA failed to take advantage of the
advance knowledge of fiscal year 1998 program safeguard funding by
providing safeguard budgets to its contractors at the beginning of
fiscal year 1998.  That delay has hindered contractors' ability to
expand their program safeguard activities.  However, HCFA has taken
steps to direct program safeguard funding to identified weaknesses
and program safeguard activities where it is most needed. 


         DESPITE ASSURED FUNDING,
         ALLOCATIONS TO
         CONTRACTORS FOR 1998
         SAFEGUARD ACTIVITIES WERE
         NOT TIMELY
-------------------------------------------------------- Letter :3.1.1

Notification of fiscal year 1998 program safeguard funding was not
given to contractors until January 1998--nearly one-third of the way
into the fiscal year.  HCFA officials told us that they waited so
that HCFA could notify contractors of their program safeguard funding
at the same time as claims processing funding.  As a result of this
late start, it may be difficult for the contractors to complete all
of the program safeguard work that HCFA expected them to accomplish
with this increased funding. 

Although HIPAA appropriated program safeguard funding for fiscal year
1998, HCFA officials believed that distribution of that funding
needed to be delayed until funds for contractors' other activities
were distributed.  They stated that contractors might use Medicare
Integrity Program funds for other program management purposes if
these program safeguard funds were released in advance of program
management funds.  Despite HCFA's concerns, its contractors are
required to use Medicare Integrity Program funding only for program
safeguard activities.  After reviewing a draft of this report, HCFA
told us that it would notify contractors of their fiscal year 1999
base program safeguard funding before the first day of the fiscal
year. 

In addition to being late, the January 1998 funding notification to
contractors did not include all of the fiscal year 1998 contractors'
funding.  As of the end of February, HCFA had not released more than
$40 million in program safeguard funding for various projects to be
carried out by its contractors.  Some of these projects were made
possible by the supplemental program safeguard funding provided in
November by HHS' fiscal year 1998 appropriation.  The contractors
told us that funding received later in the fiscal year is more
difficult for them to use effectively because HCFA requires them to
complete the projects by the end of September or use a subcontractor. 
While subcontracting allows the contractor to commit all of its
fiscal year funds, contractor officials told us that it does not
contribute to building valuable expertise within their own staff. 


         INCREASED FUNDING HAS NOT
         SIGNIFICANTLY INCREASED
         CONTRACTOR STAFFING
-------------------------------------------------------- Letter :3.1.2

Despite fiscal year 1998 budget increases, neither of the contractors
we visited had significantly increased their staff available to
perform program safeguard activities, such as provider audit and
claims review.  While it is difficult to make precise comparisons
because of reorganizations at both contractors, contractor officials
said that there has been little or no hiring of program safeguard
staff, other than some replacements to offset attrition.  In some
areas, contractors have not filled all of their existing vacancies. 
Furthermore, contractors' staffing for some important program
safeguard activities is now less than it was before HIPAA.  For
example, both contractors reported that as of the end of March 1998,
they had fewer staff on board to audit provider cost reports than
they did in September 1996, before implementation of HIPAA.  One
contractor currently employs 77 audit staff, down from 88 in
September 1996.  The other contractor currently employs 151 audit and
reimbursement staff, down from 158 in 1996.  The latter contractor's
medical review staff has also declined, from 86 in 1996 to 83 at the
time of our visit. 

Because they were uncertain about their level of safeguard funding
until well into the year, the contractors also indicated they were
not hiring staff to carry out other HCFA-directed projects.  In
particular, contractors expressed reluctance to hire permanent staff
to carry out special projects that are funded only for the current
fiscal year.  As a result, these projects can affect other program
safeguard work.  For example, both contractors we visited indicated
that the HCFA-directed project to review claims for physician
evaluation and management services will require a complex level of
review that needs to be done by experienced full-time staff in their
medical review units--rather than being carried out by temporary
employees or subcontractors--thereby reducing the time that trained
and experienced staff are available for the contractors' ongoing
claims review workload. 


         HCFA IS DOING MORE TO
         DIRECT CURRENT
         CONTRACTORS' EFFORTS
-------------------------------------------------------- Letter :3.1.3

In fiscal year 1998, HCFA has begun to direct program safeguard
funding to address weaknesses identified by the HHS OIG's financial
audit of HCFA for fiscal year 1996, and to expand its analysis of how
funding can best be allocated among Medicare contractors and program
safeguard activities.  Although this does not address our concerns
about the timeliness of contractor safeguard budgets, HCFA is
attempting to better target the safeguard funds.  To address the
findings of the HHS OIG's audit of HCFA's fiscal year 1996 financial
statement, HCFA is using fiscal year 1998 program safeguard funding
to carry out several corrective actions to supplement regular program
safeguard activities, such as the following: 

  -- To increase the level of claims review, 28 Medicare part B
     contractors have been directed to conduct a special prepayment
     review of more than 166,000 physician claims for evaluation and
     management services. 

  -- All contractors are to manually perform prepayment reviews of a
     sample of claims that cleared their automated screens, and each
     may decide what types of claims it will sample and choose its
     sampling method. 

  -- HCFA and its contractors will carry out numerous other targeted
     efforts and special projects, such as home health agency
     reviews, the correct coding initiative for part B claims, and
     numerous information system upgrades.\5

Beginning in fiscal year 1998, HCFA also required Medicare
contractors to provide more information and support for their
Medicare program safeguard budget requests than it had in prior
years, and a HCFA official told us HCFA will continue this practice
in fiscal year 1999.  Also in fiscal year 1998, HCFA used a new
methodology for allocating the program safeguard budget to Medicare
contractors.  Under this methodology, HCFA incorporates measures of
contractor performance (such as return on investment) and program
funds at risk in deciding how to allocate Medicare Integrity Program
funding to contractors and to specific activities. 


--------------------
\5 The home health agency initiative will coordinate HCFA's six
regional home health intermediaries' audit and medical review
activities to address fraud and abuse in home health agencies.  The
correct coding initiative supports development of methodologies and
computer edits to control the manipulation of service coding on
claims to obtain inappropriate increased reimbursement.  Systems
being upgraded include HCFA's system for tracking savings from
medical review, its system for monitoring contractors' focused
medical reviews, and the systems that support data matches with the
Internal Revenue Service and the Social Security Administration to
identify instances where Medicare may be a secondary payer. 


   HIPAA PROVIDES NEW CONTRACTING
   AUTHORITY
------------------------------------------------------------ Letter :4

In addition to providing an assured and increasing source of funding
for HCFA's program safeguard activities, HIPAA directs HHS to
contract for program safeguard activities separately from claims
processing and payment activities to better ensure the integrity of
the Medicare benefit payments.  Historically, Medicare program
safeguard activities, including such things as medical review of
claims, audit of provider cost reports, and investigation of
beneficiary complaints, have been conducted by the same contractors
who process Medicare claims.  HCFA intends that these new
competitively awarded contracts will establish program safeguard
contractors who specialize in program integrity and have enhanced
data analysis capabilities. 

Although HIPAA did not set a deadline for awarding these contracts,
many of the benefits of HIPAA cannot be achieved until the new
safeguard contractors are in place.  The benefits that can be
achieved through these contracts include the following: 

  -- enabling the review, by a single entity, of all services to a
     beneficiary by centralizing program safeguard activities now
     divided among several types of contracts:  carriers,
     intermediaries, durable medical equipment regional carriers, and
     regional home health intermediaries;

  -- eliminating the competing interests of timely payment of claims
     and program safeguard functions;

  -- achieving better price and contractor performance through
     competition;

  -- reducing the number of program safeguard units from the current
     level of more than 60 to simplify oversight, achieve more
     consistent contractor performance, and achieve economies of
     scale; and

  -- allowing HCFA to more aggressively mitigate conflicts of
     interest arising when contractors enter into new health care
     lines of business. 


      REPLACEMENT OF CURRENT
      CONTRACTORS WITH PROGRAM
      SAFEGUARD SPECIALISTS TO BE
      LIMITED IN NEAR TERM
---------------------------------------------------------- Letter :4.1

Despite its new authority to use program safeguard specialists, HCFA
does not plan to make any major changes in who conducts program
safeguard operations in the foreseeable future.  HCFA plans to
contract with one program safeguard specialist by January 1999. 
However, this contract will be very limited in scope and will not
provide many of the important benefits envisioned for such a
contractor.  It will also not reduce HCFA's reliance on its current
contractors for program safeguard activities. 

While many important decisions must still be made before HCFA can
award its first competitive program safeguards contract, the decision
has been made to significantly limit its scope.  The scope will be
limited geographically, possibly to a single state.  Initially, the
first contract will not cover all of the tasks in HCFA's statement of
work.  The contract may also be limited to program safeguard
functions on the claims processed by a single part A or part B
contractor.  This limited-scope contract will not provide the
opportunity to review all services billed for a single beneficiary,
nor will it reduce the number of safeguard units that HCFA must
oversee.  HCFA officials do not know when the scope of the first
contract might be expanded or when additional specialist contracts
might be awarded. 

In preparing for its first new contract, HCFA published proposed
rules governing the procurement and bidders' conflicts of interest as
well as a draft statement of work.  HCFA officials told us that they
hope to award the first program safeguards contract by January 1999. 
However, as of April 1998, HCFA had not determined the terms of the
first safeguard specialist contract, including the type of contract
to be awarded, the types of services covered, the geographic
jurisdiction, the program safeguard activities to be included, or the
method of evaluating and reimbursing the contractor. 


   CONCLUSIONS
------------------------------------------------------------ Letter :5

Many of Medicare's vulnerabilities are inherent in its size and
mission, making it a perpetually attractive target for exploitation. 
HCFA must effectively use the funding and authorities provided by
HIPAA if it is to substantially reduce future losses. 

Although it requested and received an assured funding level for
program safeguards from the Congress, HCFA has not administered such
funding provided by HIPAA in a way that provides its contractors with
increased funding stability.  As a result, contractors have delayed
their efforts to recruit and train staff, and the benefits
anticipated from HIPAA's guaranteed program safeguard funding are
being delayed.  If HCFA notifies contractors of their base program
safeguard funding for fiscal year 1999 before the first day of the
fiscal year, as it now plans to do, these problems should be avoided
in the future. 

HCFA's current plans for issuing a contract for a program safeguard
specialist may not provide many of the important benefits anticipated
when HIPAA gave HCFA this contracting authority.  Without a concerted
effort to fully implement comprehensive program safeguard specialist
contracts, the benefits of the authority provided by HIPAA will be
delayed. 


   RECOMMENDATIONS
------------------------------------------------------------ Letter :6

We recommend that the Administrator of HCFA take advantage of the
assured program safeguard funding provided through HIPAA by
initiating planning efforts to give its contractors more timely
notification of the program safeguard activities they are expected to
perform and the funding they have available to carry out these
activities. 


   AGENCY COMMENTS AND OUR
   EVALUATION
------------------------------------------------------------ Letter :7

We provided a draft of this report to the HCFA Administrator for
review and comment.  HCFA agreed that it should distribute program
safeguard funding to contractors as early in the fiscal year as is
possible and said that contractors will be notified of the allocation
of base program safeguard funding for fiscal year 1999 before the
first day of the fiscal year.  Once they are carried out, these
actions planned by HCFA should address the concerns we raise in this
report. 

HCFA also stated that its incremental approach to implementing
contracts with program safeguard specialists is intended to mitigate
risk and is consistent with our past recommendations on the
implementation of major HCFA projects.  While mitigating the risks of
a major project such as this is clearly necessary, it is also
important to ensure that the benefits of the project are obtained as
expeditiously as possible.  In this case, until the first contract is
expanded or others are awarded, many of the important benefits
anticipated from these contracts will not be realized.  HCFA also
provided technical comments, which we incorporated where appropriate. 
HCFA's comments appear in appendix III. 


---------------------------------------------------------- Letter :7.1

As agreed with your offices, we are sending copies of this report to
the Secretary of HHS, the Administrator of HCFA, and other interested
parties.  We will also make copies available to others upon request. 

Please call me at (202) 512-7114 or Paul Alcocer at (312) 220-7709 if
you or your staff have any questions about this report.  Other major
contributors include Adrienne S.  Friedman, Donald J.  Kittler, and
Barbara A.  Mulliken. 

William J.  Scanlon
Director, Health Financing and
 Systems Issues


SCOPE AND METHODOLOGY
=========================================================== Appendix I

To determine what additional resources and authorities the Congress
provided to the Health Care Financing Administration (HCFA) through
the Medicare Integrity Program, we reviewed the Health Insurance
Portability and Accountability Act of 1996 (HIPAA).  We also obtained
and reviewed fiscal year 1997 budget and expenditure data and fiscal
year 1998 budget data for the Medicare Integrity Program, as well as
expenditure data for Medicare program safeguard activities for fiscal
years 1994 through 1996.  Because the activities directed by HIPAA in
the Medicare Integrity Program relate to the fee-for-service portion
of Medicare, we did not review HCFA's program integrity efforts
related to Medicare managed care plans. 

To determine how HCFA has used these resources and authorities to
improve the protection of Medicare funds, we reviewed HCFA data on
the distribution of funding.  We also visited HCFA headquarters and
regional offices and two Medicare contractors to discuss how Medicare
Integrity Program funding was being used.  We reviewed documentation
obtained from HCFA and the two contractors, including HCFA's fiscal
year budget and performance requirements; the contractors' budget
requests; and documentation addressing contractor program safeguard
staffing, efforts, and results.  We also obtained information on the
current status of HCFA's efforts to use its new contracting
authority. 

To determine how HCFA plans to use these authorities and resources in
the future, we reviewed relevant documentation, including the draft
statement of work for program safeguard contracts, HCFA's Government
Performance and Results Act of 1993 performance plan, and HCFA's
annual work plan.  We also discussed these issues with HCFA
officials. 

We conducted our work at HCFA headquarters in Baltimore, Maryland;
HCFA region V offices; HCFA region VI offices; Adminastar Federal
Inc.; and Blue Cross and Blue Shield of Texas, Inc.  We performed our
work between February and May 1998 in accordance with generally
accepted government auditing standards. 


PROGRAM SAFEGUARD FUNDING FOR
FISCAL YEARS 1994 THROUGH 1998
========================================================== Appendix II

The first year of Medicare Integrity Program funding under HIPAA did
not result in an increase in funding over the prior year.  In fact,
the $437.9 million of Medicare Integrity Program funds spent in
fiscal year 1997 was actually about 1 percent less than the $441.1
million spent in fiscal year 1996--the last year before HIPAA was
passed.  This occurred because in 1996, HCFA's program safeguard
spending benefited from transfers of funds from claims processing
operations.\6 A breakdown of program safeguard spending in fiscal
years 1994 through 1997 and the budget for fiscal year 1998 are shown
in table II.1. 



                               Table II.1
                
                Medicare Program Integrity Expenditures
                             by Fiscal Year

                         (Dollars in millions)

                                                          1997
                                                          (1st
                                                          year
                                                            of    1998
                                                        progra  (budge
Program safeguard activity        1994    1995    1996      m)    ted)
------------------------------  ------  ------  ------  ------  ------
Medical review                  $116.4  $111.8  $128.3  $118.6  $159.5
Medicare secondary payer         115.5   118.9   109.3   102.0   100.8
Audit                            146.7   150.3   152.3   143.3   169.1
Fraud units                       33.8    47.3    51.2    62.7    65.1
Provider education                  \a      \a      \a    10.1     8.9
Other\b                                                    1.2    46.6
Total                           $412.4  $428.3  $441.1  $437.9  $550.0
----------------------------------------------------------------------
\a Provider education was funded entirely with program management
funds before HIPAA.  It is now supported by both program management
and program safeguard funds. 

\b "Other" consists of centrally managed program safeguard activities
and includes program integrity enhancements to a variety of data
systems, a Los Alamos National Laboratory project, a nationwide
contract to be awarded for statistical analysis of claims data, and a
discretionary fund for the HCFA administrator's initiatives.  Data
provided by HCFA for fiscal years 1994 through 1996 did not break out
"other" funding. 

Source:  HCFA.  Budgeted figures as of Feb.  25, 1998. 



(See figure in printed edition.)Appendix III

--------------------
\6 Since enactment of HIPAA, HCFA can no longer transfer funding
between program operations, which are paid out of HCFA's operating
budget, and program safeguard activities, which are paid for from the
Medicare Trust Fund, unless it receives specific legislative
authority. 


COMMENTS FROM THE HEALTH CARE
FINANCING ADMINISTRATION
========================================================== Appendix II



(See figure in printed edition.)



(See figure in printed edition.)


*** End of document. ***