Skip to main content

OIG finds MAOs Inappropriately Denying Requests for PA and Payment, CMS agrees to Issue Stricter Guidance and update Audit Protocols and Auditor Training

By May 9, 2022CMS

In late April, the U.S. Department of Health and Human Services Office of Inspector General (OIG) released their detailed findings concerning inappropriate denials of prior authorization (PA) requests and payment requests for Medicare Advantage Organizations (MAOs). Inappropriate denials of prior authorizations and payment requests prevent or delay beneficiary access to medically necessary services and payment to providers. With increasing enrollment in MAOs, the OIG performed the prior authorization and payment denial review because of on-going concerns with the MAO capitated payment model’s potential to increase MAO profits by denying beneficiary access to services and payments to providers, and the presence of widespread and persistent problems related to inappropriate denials of PAs and payments in Centers for Medicare & Medicaid Services (CMS) annual audits of MAOs.

For the review, the OIG selected a stratified random sample of 250 denials for prior authorization requests and 250 payment denials from June 1st through 7th 2019 from the fifteen largest MAOs accounting for approximately 80 percent of beneficiaries enrolled in Medicare Advantage plans. The case files were reviewed by health care coding experts and physician’s reviewed medical records for the applicable sample cases. These denied request reviews evaluated if the denials met Medicare coverage rules and would have been approved under original Medicare.

Review Findings

Percentage of Inappropriate Denials

Prior Authorization Payment
13% 18%


Prior Authorization Denial Findings:

With the estimated thirteen percent inappropriate denial rate for prior authorizations from this review, the OIG projected MAOs would have inappropriately denied an estimated 84,812 beneficiary requests for services that met Medicare coverage rules in 2019. The OIG identified the following reasons for the inappropriate prior authorization denials.

  • Inappropriately denied for applying clinical criteria not contained in Medicare coverage rules.
  • Inappropriately denied because providers did not respond to MAO requests for unnecessary documentation.

MAOs must follow Medicare coverage rules and provide beneficiaries with all basic benefits covered under original Medicare. MAOs can use additional clinical criteria not outlined in Medicare national coverage determinations (NCDs), local coverage determinations (LCDs), the Medicare Benefit Policy Manual, the Medicare Managed Care Manual, and other coverage guidelines, memos and instructions issued by CMS. However, MAOs cannot apply more restrictive limitations or more restrictive criteria in deciding whether to authorize or pay for a service.

The OIG did acknowledge, and CMS did confirm that MAOs may use internal clinical criteria that are not more restrictive than Medicare coverage rules and the current CMS guidance is not sufficiently detailed for the OIG to determine whether CMS would consider each of these sample denials to be inappropriate.

Payment Denial Findings:

The estimated eighteen percent inappropriate denial rate for payments would have resulted in an OIG projected estimate of 1.5 million inappropriately denied payment requests that met Medicare coverage rules and MAO billing rules for 2019.  The OIG identified the following reasons for the payment denials.

  • Payment requests from providers were inappropriately denied because of human error during manual reviews.
  • Payments requests were inappropriately denied because of inaccurate programming of claims processing systems such as systems programmed incorrectly or not updated timely.

Denied Service Types:

Although there was a broad range of service types included in the review, the OIG indicated that the following three prominent service types stood out in the review possibly because of incentive to deny more expensive services and/or require less expensive alternatives, and/or the items or services may receive extra scrutiny due to potential fraud.

  • Imaging services (e.g., MRIs and CT scans),
  • Stays in post-acute facilities (i.e., care after hospital stays), and
  • Injections (e.g., pain management injections)

OIG Recommendations

MAOs are expected to ensure Medicare beneficiaries have access to medically necessary covered services and providers are reimbursed appropriately and timely. When MAOs inappropriately deny requests that meet Medicare coverage rules, it may prevent or delay beneficiaries from receiving medically necessary care and negatively impact providers with unnecessary administrative burdens. The OIG made three recommendations to CMS and CMS concurred with the following recommendations for improvement.

  1. Issue new guidance on the appropriate use of MAO clinical criteria in medical necessity reviews.
    • CMS should issue new guidance on both the appropriate use and the inappropriate use of MAO clinical criteria not contained in Medicare coverage rules. The guidance should clarify what the Medicare Managed Care Manual means when it says that MAO clinical criteria must not be “more restrictive” than Medicare coverage rules, and it should include specific examples of criteria that would be allowable and unallowable.
      • CMS concurred with the first recommendation to issue new guidance on the appropriate use of MAO clinical criteria for medical necessity reviews, stating that it plans to issue such guidance.
  1. CMS should update its audit protocols to address the issues identified in this report, such as MAO use of clinical criteria, and/or examine particular service types.
    • CMS should add additional prompts for auditors (e.g., additional questions for auditors for more restrictive clinical criteria, add a question for auditors examining whether MAOs requested unnecessary documentation) and should consider targeting specific service types that have a history of inappropriate denials (e.g., MRIs, CT scans, care after hospital stays, pain management injections, etc.)
      • CMS concurred and stated it will update its audit protocols and auditor training materials, as needed, to align with the guidance that it plans to issue under the first recommendation but did not indicate whether it would consider targeting specific service types that have a history of inappropriate denials.
  1. Direct MAOs to take additional steps to identify and address vulnerabilities that can lead to manual review errors and system errors.
    • CMS concurred and stated it would direct MAOs to examine their manual review and system programming processes to address vulnerabilities that may result in inappropriate denials.
Close Menu