CMS to Focus on State Medicaid Exclusion Lists for Greater Transparency in the Fight Against Health Care Fraud

CMS has numerous regulations and requirements in place to prevent individuals and entities from committing Medicare or Medicaid fraud. Verisys strictly adheres to those requirements and pulls in data from over 3,500 primary sources, including State Medicaid Exclusion Lists. “State hoppers” can be difficult to properly screen if organizations are not checking multiple data sources. There are gaps in individual states’ data sets making it vital to use a database that can cover those gaps.

It is essential to cast a wide enough net to catch those committing fraud against state and federal health care programs. As fraud schemes proliferate, it becomes more difficult to slow the flow of improper payments to those who state hop, a practice recently referred to as “whack-a-mole” by Seema Verma, Centers for Medicare and Medicaid (CMS) Administrator, during her announcement of the CMS “Program Integrity Enhancements to the Provider Enrollment Process” that goes into effect November 4, 2019.

The recent CMS Program Integrity Enhancements are intended to build additional guidelines for complete transparency on affiliates of providers and entities enrolled in Medicaid programs.

This new rule places accountability on entities offering Medicare as fee-for-service or through managed care, however, there are many gaps in verification against the current condition of each respective State Medicaid Exclusion List.

Inherent issues with how CMS manages the individual Medicaid Exclusion Lists include confusion with the language describing cause vs. action and the lack of comprehensive enrollment. Enrollment with the state Medicaid program is mandatory for those providing fee-for-service, but it is not enforced. And enrollment by those providing Medicaid through managed care is not even required by more than half of the states that offer Medicaid services through managed care. This leaves a huge provider population completely off the radar. Another issue stems from the fact that the Medicaid office has the autonomy to exclude a provider regardless of that provider’s license status. In other words, a provider with a valid license to practice can still be excluded for cause by the state Medicaid office.

Verisys delivers a turnkey solution to the gaps that are created by searching separately through disparate and siloed data sources. Its aggregated and verified data platform of 320 million records produces the only result available on the market that is conclusive to every license board in all jurisdictions and taxonomies, every state exclusion and sanction list of those who publish, the Department of Health and Human Services (HHS) Office of Inspector General (OIG)’s List of Excluded Individuals and Entities (LEIE), the System for Award Management (SAM) and thousands of additional primary source publishers.

Individuals and entities are identity matched to records via additional data points creating a thorough data record. This additional identity resolution step greatly reduces the chance of those who use aliases and other forms of medical identity fraud to abuse the system. It takes highly sophisticated data science driven by data and technology engineers to construct a platform that outsmarts the fraudster.

Verisys collects data in all its forms and converts it to a digital data record that is then used to authenticate, validate and verify its accuracy. Automating this science delivers results that are nearly impossible by any other means because without technology it requires arduous effort for record collection, aggregation and accurate identity matching.

The stakes are accelerating in scope and severity but the data that determines the OIG’s authority to levy fines, penalties and jail time is less than current, complete and accessible by those who are making the decisions to hire and contract with individuals and entities. It’s a risky “Catch 22” without the expertise and big data of a third-party technology partner.

There are participation hierarchies that apply to federal and state exclusion. Pursuant to section 1128 of the Social Security Act, OIG has the authority to exclude individuals and entities from all federally funded health care programs. A mandatory exclusion from participation in Medicare means exclusion from all federally funded health care programs.

Section 6501 of the Patient Protection Affordable Care Act, 2010, states that if a provider or entity is excluded from participation in Medicaid for cause in one state, that provider or entity is excluded in all 50 states.

This national inclusion concept is crucial to stopping bad actors from simply moving from state to state and continuing to commit fraud against the health care system. Additionally, the new affiliation ruling adds a new layer to the level of diligence of those whose responsibility it is to properly screen and monitor the entire gamut of providers, entities and individuals with which that organization has an affiliation.

Simply checking the license board, the State Medicaid Exclusion List, and the OIG’s LEIE in one or several states does not cover the due diligence that is expected by CMS. The immediate reasons to comply with this level of transparency is patient safety, the solvency of an organization based on civil monetary penalties and fines that are levied on each and every service provided within an entitlement program, and the reputational damage should the fraudulent activity warrant news coverage.

CMS is now focusing on data sharing and standardizing language regarding cause for sanctions or exclusion, yet even the format of each state’s data is different and often not in an electronic form. Much work is required regarding sharing and standardizing data. There is just as much peril in not finding an excluded provider in one state as there is to assure that all reinstatement processes are then shared across all states. If a state adds a provider to its State Medicaid Exclusion List from the LEIE and fails to remove the provider from its state list at the time when the provider has been reinstated by the HHS OIG, that provider could be penalized unfairly.

With the new ruling that gives CMS the authority to deny or revoke a provider’s or supplier’s enrollment based on affiliations with other companies or suppliers that are engaging in behaviors that warrant cause for exclusion, there is an unintended consequence: quality providers may be removed from the available pool of Medicare and Medicaid providers, due to company affiliations, and it’s the patients who will ultimately suffer.

In a report released by the HHS OIG in August 2015 entitled, “Providers Terminated From One State Medicaid Program Continued Participating in Other States”, the formal recommendation reads:

In March 2014, OIG recommended that CMS require State Medicaid agencies to report all terminations for cause. We reiterate this prior recommendation as we found the lack of a comprehensive data source of providers terminated for cause creates a challenge for State Medicaid agencies. To address the remaining issues identified in this report, we recommend that CMS (1) work with States to develop uniform terminology to clearly denote terminations for cause, (2) require that State Medicaid programs enroll all providers participating in Medicaid managed care, and (3) furnish guidance to State agencies that termination is not contingent on the provider’s active licensure status. CMS concurred with our recommendations.

Verisys delivers the only market-ready solution that can track affiliation’s current and historical data and conduct. Verisys developed the means to screen and monitor with accuracy in real-time against 3,500 primary sources that include all licensing boards, State Medicaid Exclusions Lists, HHS OIG’s LEIE, OFAC, AG Notices, NPI, DEA and more. There is a turnkey solution to avoid denial or revocation because your affiliates fail to disclose, or incompletely disclose, through omission.

In this era of compliance through 360-degree transparency, Verisys paves the road for a fully compliant operation with its data and technology platform.

Learn more about how Verisys can assist your HCOs in meeting all government and regulatory standards.

Written by Verisys Verisys transforms provider data, workforce data, and relationship management. Healthcare, life science, and background screening organizations rely on our comprehensive solutions to discover their true potential. Visit verisys.com to learn how we turn problems into power. Secure, configurable, and proven solutions Accurate, compliant, and complete information NCQA, URAC, and ISO accreditations/certifications Follow us on LinkedIn