Upcoming Review of Pioneer ACOs Among Highlights of OIG's 2015 Work Plan

Stay ahead of developments in federal and state health care law, regulation and transactions with timely, expert news and analysis.

By James Swann

The Department of Health and Human Services Office of Inspector General soon will begin risk assessments of the Pioneer accountable care organization model, one of many highlights in the OIG's work plan for fiscal year 2015, released Oct. 31.

The OIG said it will review internal controls for the Pioneer ACO program, which is administered under the Center for Medicare and Medicaid Innovation at the Centers for Medicare & Medicaid Services. ACOs are integrated systems of providers that share the responsibility and accountability for patient care and costs, and then share in the savings associated with lowering the cost of care.

The Pioneer ACO model is designed for health-care organizations and providers that are more experienced in coordinating care for patients across care settings. A report is expected in FY 2015.

Beyond ACOs, the OIG said it's planning to conduct new reviews centered on Medicaid managed care. For example, the OIG will conduct reviews to determine whether state Medicaid programs are collecting prescription drug rebates from pharmaceutical manufacturers on behalf of Medicaid managed care organizations. It said it expects to release reports on the topic in FY 2015.

Section 2501(c) of the Affordable Care Act expanded prescription drug rebates to include Medicaid MCOs, and required them to report drug utilization figures to state Medicaid agencies to help with the rebate collection.

The OIG said it also will conduct new reviews to determine the extent of Medicaid MCO payments made on behalf of dead beneficiaries, as well as Medicaid MCO payments made on behalf of ineligible Medicaid beneficiaries, with reports from both reviews expected during FY 2016.

Insurance Exchange Reviews

The OIG also plans to review several aspects of health-insurance exchanges or marketplaces in FY 2015.

The planned reviews, all of which are expected to be completed in FY 2015, include:

• determining whether premium tax credits and cost-sharing reductions are accurate and are going to eligible individuals;

• reviewing the CMS's internal controls for generating and approving premium tax credit payments;

• determining whether nine states made appropriate use of federal funding and complied with federal requirements in the creation of state insurance exchanges;

• determining whether insurance exchange navigators complied with federal regulations, such as completing criminal background checks and undergoing training; and

• reviewing the internal controls of seven state health insurance exchanges.

In addition to the upcoming health-insurance exchange reviews included in the work plan, the OIG said it would start another five to 10 reviews in FY 2015 centered on Affordable Care Act programs.

Section 2501(c) of the Affordable Care Act expanded prescription drug rebates to include Medicaid MCOs and required them to report drug utilization figures to state Medicaid agencies to help with the rebate collection.

—HHS OIG work plan for FY 2015

The reviews, which aren't detailed in the work plan, “could focus on emerging marketplace issues, including, for example, potential vulnerabilities that may arise in connection with the second open enrollment period; implementation of additional marketplace functionality, such as the redetermination process; or the premium stabilization programs.”

The OIG said it also might conduct reviews focused on Medicaid expansion and new payment models for Medicare and Medicaid.

Health Information Technology

While not new, the OIG is continuing to review health information technology (HIT) and cybersecurity issues, such as the security of protected health information (PHI).

One ongoing review is examining the strength of information security controls for computer systems outside of the federally facilitated marketplaces with the goal of determining whether the systems are vulnerable to unauthorized access.

Another review will audit organizations receiving electronic health record (EHR) incentive payments to determine if they have the necessary security to protect the information stored in their EHRs, and the OIG will look at EHR incentive payments made to Medicaid providers to determine if the payments are accurate.

The OIG also is expected to issue reports on the CMS oversight of networked medical devices in hospitals, as well as a review of the information security programs maintained by Medicare contractors.

The OIG said networked medical devices, such as dialysis machines and radiology systems, “pose a growing threat to the security and privacy of personal health information.”

Without an adequate information security program, networked devices can be vulnerable to hackers.

To contact the reporter on this story: James Swann in Washington at jswann1@bna.com

To contact the editor responsible for this story: Ward Pimley at wpimley@bna.com

Request Health Care on Bloomberg Law