OIG Report Says Contractor Oversight, HIT Security Among Challenges Facing HHS

Stay ahead of developments in federal and state health care law, regulation and transactions with timely, expert news and analysis.

By James Swann  

Inadequate program integrity contractor oversight and security vulnerabilities involving health information technology are among the top 10 management challenges facing the Department of Health and Human Services, according to a memorandum report from the HHS Office of Inspector General released Nov. 19.

The report, Top Management and Performance Challenges Facing the Department of Health and Human Services in Fiscal Year 2012, also identified curbing improper Medicare and Medicaid payments and detecting Medicare and Medicaid fraud as top challenges.


HHS should “provide additional guidance on information technology standards and best practices that the health care industry should adopt” to help secure electronic health records, OIG said.  


The Reports Consolidation Act of 2000 requires OIG to submit an annual report to HHS on top management challenges.

Bad Data Lead to Overpayments.

According to the report, program integrity contractors within the Centers for Medicare & Medicaid Services have often used inadequate data during their investigations, which has led to potential Medicare and Medicaid overpayments.

“The integrity contractors rely heavily on data to conduct program integrity tasks, yet OIG work has found significant limitations in the Medicare and Medicaid data available to contractors,” the report said.

For example, Medicaid Integrity Contractors rely on claims data from the Medicaid Statistical Information System to perform their investigations, but OIG reviews have determined that MSIS data “are not complete, accurate or timely and do not capture all data elements that can assist in the detection of fraud, waste and abuse,” the report said.

OIG said CMS has not provided adequate management or oversight of contractors. However, CMS has made progress in working with its contractors, including beginning a project to improve MSIS data and increasing the amount of data it collects on contractor performance, the report said.

Technology Vulnerabilities.

In addition to contractor oversight issues, OIG identified problems associated with implementing HIT, including protecting patient data in electronic health records.

Although EHRs can benefit patient health by providing a central collection point for information, they “can also be used to fabricate information, generating improper payments and corrupting patients' records with inaccurate and potentially dangerous information,” it said.

HHS has made improvements in protecting patient information contained in EHRs, such as educating physicians on protecting patient records, but HHS needs to play a more active role, OIG said.

To help secure EHRs, HHS should “provide additional guidance on information technology standards and best practices that the health care industry should adopt for EHRs,” OIG said.

Detecting Fraud.

The OIG report said HHS faces numerous challenges in detecting Medicare and Medicaid fraud. It cited problems with:

• CMS's effective use of enrollment and payment suspension authorities to deter fraudulent providers. OIG said CMS should pay close attention to independent diagnostic testing facilities and comprehensive outpatient rehabilitation facilities looking to enroll in Medicare, as the two groups have had a history of not complying with some basic Medicare requirements;

• its ability to oversee an increased use of data analytics;

• its maintenance of up-to-date and accurate data;

• its detection of fraud associated with private plans delivering Medicare and Medicaid benefits. OIG said CMS should continue to review Medicare Part D and Medicare Advantage plans to ensure they are meeting program integrity standards; and

• its effective exclusion of individuals and entities from federal health care programs.


Drug and Device Challenges.

OIG also said oversight of the Food and Drug Administration was a top management challenge.

Previous OIG reviews identified several vulnerabilities within FDA, OIG said, including inadequate monitoring of drug and device manufacturers to ensure that products are not being marketed for off-label use.

OIG also said FDA should improve its oversight of drug and device regulatory decisions.

“For example, the OIG found weaknesses in FDA's management of internal scientific disagreements related to regulatory decisions for medical devices under agency review,” the report said.

OIG said it will continue to evaluate FDA oversight of risk evaluation and management strategies used by drug and device sponsors.

The OIG Top Management Challenges list is at http://www.hhs.gov/afr/hhs_agency_financial_report_fy_2012-oai.pdf. Type in “Top Management and Performance Challenges” in the pdf search box to the find the report.


Request Health Care on Bloomberg Law