Prepare for CMS Audits: A Guide

Here’s what to expect following new CMS payment integrity initiatives, including a guide to CMS audit protocols.

The pressure is on for state-administered Medicaid programs (and the MCOs that run them). New initiatives released over the summer by CMS promise increased “program integrity” with an action plan that includes more audits. The reason? CMS estimates improper payment rates topped 10% in Medicaid last year, and the new initiatives are meant to stop a $90 billion improper payment problem.

It is well-known that MCOs (like all health plans) struggle to manage the large volumes of data that they are required to keep. But CMS audit protocols do address (among several things) whether or not data is submitted in a timely manner (in 2017, CMS reports that 18% of audited entities failed to meet timeliness standards). This and the promise of more audits in 2018 may leave you wondering if you’ve got the right technology in place to withstand an audit from CMS.

Let’s look at some ways that you can prepare for a CMS audit by using their published guidelines as a reference point.

What the New Initiatives Mean for CMS Audits

Announced in June, here are the initiatives that CMS has begun to focus on:

1. Increased emphasis on program integrity in audits.
2. New audits for state beneficiary eligibility.
3. Fully utilize data from claims and providers.

The audit process that is included in the new CMS initiatives is new and rooted in a recent GAO report that outlined an updated auditing process. Medicare and Medicaid improper payments make up more than half of the U.S. government’s entire improper payment dollars. “Clawbacks from Medicaid managed care plans and providers may ultimately become the government’s strategy to curtail what it characterizes as a burden on taxpayers and the fiscal sustainability of the Medicaid program,” reports Lexology.

Prior to the initiatives being released by CMS, the U.S. House Committee on Oversight and Government Reform heard from Tim Hill, acting director for the Center for Medicaid and CHIP Services. Hill said, “CMS has outlined a bold agenda to transform the Medicaid program that is centered on three key pillars: flexibility, accountability, and integrity.” The audits will focus on integrity as well as accountability.

CMS Audit Protocols and Focus

CMS advises that they will be evaluating the performance of the following areas:

Once you’ve been notified of an audit, your health organization will be required to respond to a Universe Request. 2018’s Audit Protocol’s document states that MMPs are “expected to provide accurate and timely universe submissions within 15 days of the engagement letter date.” That’s part of the timeliness that these audits are meant to address, perhaps as a means to evaluate interoperability levels.

CMS released an Audit Process Timeline that gives sponsors the opportunity to prepare. This process details that an onsite audit of compliance programs will be performed if applicable, and sponsors will need to submit appropriate documentation. This will require an organization to have transparency built into their process, including the ability to show medical necessity and correct coding along with other supplemental documentation.

Medicaid providers will also be audited, and that can place a strain on provider-payer relationships if documentation is not sufficient. This is a huge problem for providers; in fact, not supplying sufficient documentation is their top error. Technology often intercedes on behalf of payers, ensuring that accurate payments are made, and the correct information is captured.

“The audit protocols are valuable resources for audit preparation and detail the process for audits. Sponsors are encouraged to perform mock audits, including generating universes. Mock audits will not only help you prepare for an actual CMS audit, but may help you improve your operations by identifying areas that are problematic or otherwise non-compliant with CMS regulations.” – CMS 2017 Part C and Part D Program Audit and Enforcement Report

Prepare Now for Audits: Here’s How

CMS urges entities to perform internal mock audits as part of ongoing payment integrity protocols. MCOs should take this to heart and act now to internally identify any potential problems that a CMS audit would surface. Comprehensive technology like Pareo® has the ability to support mock audit activities.

“If you use delegated entities to perform any of the functions currently included in a program audit, ensure you are able to collect and consolidate the relevant universe data accurately. When performing internal audits, sponsors should practice the submission of the universe data from delegated entities and ensure their accuracy to prepare for a future audit and to ensure compliance with CMS requirements. It is important that both your organization and any delegated entities are prepared for all aspects of a CMS audit.” – CMS Sponsor Tip

A clear advantage of using Pareo to prepare for CMS audits is access to data from every department related to your revenue cycle. This includes vendor data and brings with it the ability to document processes. Specifically, during audit sample testing an organization utilizing Pareo can provide real-time sample cases to CMS easily because necessary information and documentation are innately part of Pareo’s workflow.

“Understanding the failures of other organizations that operate in the Medicare Advantage and Prescription Drug programs can inform your internal auditing and monitoring efforts.” – CMS Sponsor Tip

As CMS states, it is advantageous to look at common failures from last year’s audits. The information is included by CMS in this report. We’ve summarized some of the larger problems that were surfaced in the 2017 audit as they relate to this article:

• Lack of “timely and effective” FWA training – 26% of those audited
• Misclassification of coverage determination or redetermination requests as grievances or customer service inquiries – 64% of those audited
• Denial letters neglected to include “adequate rationales, contained incorrect/incomplete information specific to denials, or were…not easily understandable.” – 23% of those audited
• 42-45% of those audited dealt improperly with denials and coverage decisions, with most struggling to provide decision within 72 hours (on expedited determination requests) and many who failed to include “adequate rationales” in their denial letters (which were also noted to be incomplete or to have incorrect information).
• 22 ICAR Citations were submitted for “Sponsor misclassified coverage determination or redetermination,” meaning that immediate corrective action was required because the occurrences were so severe that they affected quality or access of care.

A notable issue observed during the 2017 CMS audits was the “failure to make timely decisions related to Part D coverage determination,” an error that is easily resolvable with the correct technology.

In fact, if managed care organizations address transparency and process improvements, they will more easily be able to resolve almost all of the failures noted by CMS. We’ve seen a growing trend in health plans that formulate a separate payment integrity department, which directly addresses the types of issues that CMS audits look for. Pareo can:

• Improve the effectiveness of your FWA program
• Assist with coordination of documentation for coverage determinations as a part of our platform’s ability to capture data
• Automate denial letters that have correct information, an improvement over manual processes that have a greater margin of error