The end of September marks the end of the full 2018 Centers for Medicare and Medicaid Services (CMS) Program Audit season. Plans that have not yet received an audit engagement letter may be breathing a premature sigh of relief. For at least the last two years, CMS has conducted targeted program audits, such as an audit of the Formulary Administration (FA); Coverage Determinations, Appeals and Grievances (CDAG); and Organization Determinations, Appeals and Grievances (ODAG) areas only, in October and November. For the curious and for plans that may find themselves in the targeted program audit bucket, BluePeak offers the following overview of the 2018 CMS Program Audits.
2018 CMS Program Audit Findings and Trends by Area
Formulary Administration (FA)
Prior authorizations (PA) setup issues continue to be targeted by CMS program audits. Failure to properly effectuate prior authorizations or exception requests has been a common condition every year since 2011. CMS thoroughly reviewed all effectuated PAs to validate the authorization level was appropriate and not more restrictive than the CMS formulary and/or plan benefit, and the authorization was entered timely and did not interrupt the beneficiary’s access to the medication. Protected class products findings included failure to afford an initial fill with a PA or step therapy (ST) for new starts (Type 2) formulary requirement, not limiting to a 30-day supply, allowing initial fill within the first 10 days and not the first 90 days, and suppressing transition letters. Other FA findings were related to level of care changes, transition for break in coverage, unbreakable packages, morphine equivalent dose (MED) edits and website not having full, approved PA criteria posted.
Coverage Determinations, Appeals and Grievances (CDAG)
Misclassification of coverage determination or redetermination requests as grievances and/or customer service inquiries, denial letters not including adequate rationales, and not appropriately auto-forwarding coverage determinations and/or redeterminations (standard and/or expedited) to the Independent Review Entity (IRE) have been common conditions for at least the last 5 out of 7 years and continued to be common conditions in 2018. Other CDAG findings included direct member reimbursement (DMR) not paid in 14 days, plan not sending letters to Appointment of Representative (AOR), AOR failure to accept Power of Attorney (POA), number of denied coverage determination/redetermination outreach attempts, and not sending approval letters to prescribers.
Organization Determinations, Appeals and Grievances (ODAG)
As with CDAG, CMS found similar findings in the ODAG area related to AOR, outreach and failure to correctly determine whether the issues in enrollees’ complaints met the definition of inquiries, grievances, organization determinations, appeals, or a combination of the proceeding, which was a new common condition in 2017. New trends included more focus on remittance advice (RA) for non-contracted providers (NCPs) and Explanation of Benefits (EOBs) for members with specific reason for the denial and less focus on providing enrollees Integrated Denial Notices (IDNs) for claim denials associated with NCPs, as well as variation among CMS auditors on thoroughness of review of denial and approval letter language.
Special Needs Plan-Model of Care (SNP-MOC)
CMS auditors expect all enrollees to have a “stand alone” Individual Care Plans (ICPs), which is inferred in guidance, but not specifically stated. This includes enrollees who are unable to reach (UTR). Evidence of annual MOC training and assurance of credentials of staff developing the ICP has been an area of continued focus and one that has been problematic for plans.
Compliance Program Effectiveness (CPE)
CMS auditors compared information in the universes to information in the Organizational Structure and Governance PowerPoint Presentation and other documentation plans were required to submit for the CPE audit and asked plans about variations. While the current CPE Audit Process and Data Request states that CMS will select a sample of six (6) cases (tracers) from the universes to trace the plan’s response to compliance issues, in at least one program audit, a tracer sample was chosen from an issue in the ODAG program audit area.
Piloting Proposed Protocols
In a July 9, 2018 Health Plan Management System (HPMS) memo, CMS indicated that new program audit protocols proposed for 2019 would not be implemented until 2020. However, CMS appeared to be piloting the new protocols in at least two program audits by conducting data integrity testing on SNP-MOC Table 1 and asking questions from what may be the proposed SNP-MOC supplemental questionnaire. The proposed data requests for 2020 indicate CMS will conduct data integrity testing on all universes and remove the CDAG and ODAG supplemental questionnaires, while adding supplemental questionnaires for FA and SNP-MOC (to be renamed SNP-Care Coordination and Quality Improvement Program Effectiveness in alignment with Medicare Medicaid Program Audit Protocols (CCQIPE)).
BluePeak Can Help
Since 2013, BluePeak has conducted over 150 mock audits and CMS audit support projects for more than 120 plans. Mock audits not only help plans prepare for an actual CMS audit, but also help operations identify areas that are problematic or otherwise non-compliant with CMS regulations.