[Federal Register: April 5, 2004 (Volume 69, Number 65)]
[Notices]
[Page 17675-17677]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr05ap04-74]
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Centers for Medicare & Medicaid Services
Privacy Act of 1974; Computer Matching Program (Match No. 2003-
01)
AGENCY: Department of Health and Human Services (HHS), Centers for
Medicare & Medicaid Services (CMS).
ACTION: Notice of Computer Matching Program (CMP).
-----------------------------------------------------------------------
SUMMARY: In accordance with the requirements of the Privacy Act of
1974, as amended, this notice announces the establishment of a CMP that
CMS plans to conduct with the North Carolina Health and Human Services
(NCDHHS), Division of Medical Assistance (DMA). We have provided
background information about the proposed matching program in the
SUPPLEMENTARY INFORMATION section below. Although the Privacy Act
requires only that CMS provide an opportunity for interested persons to
comment on the proposed matching program, CMS invites comments on all
portions of this notice. See ``Effective Dates'' section below for
comment period.
EFFECTIVE DATES: CMS filed a report of the CMP with the Chair of the
House Committee on Government Reform and Oversight, the Chair of the
Senate Committee on Governmental Affairs, and the Administrator, Office
of Information and Regulatory Affairs, Office of Management and Budget
(OMB) on March 23, 2004. We will not disclose any information under a
matching agreement until 40 days after filing a report to OMB and
Congress or 30 days after publication. We may defer implementation of
this matching program if we receive comments that persuade us to defer
implementation.
ADDRESSES: The public should address comments to: Director, Division of
Privacy Compliance Data Development (DPCDD), Enterprise Databases
Group, Office of Information Services, CMS, Mail-stop N2-04-27, 7500
Security Boulevard, Baltimore, Maryland 21244-1850. Comments received
will be available for review at this location, by appointment, during
regular business hours, Monday through Friday from 9 a.m.-3 p.m.,
eastern daylight time.
FOR FURTHER INFORMATION CONTACT: Kathleen McCracken, Health Insurance
Specialist, Centers for Medicare & Medicaid Services, Office of
Financial Management, Program Integrity Group, Mail-stop C3-02-16, 7500
Security Boulevard, Baltimore Maryland 21244-1850. The telephone number
is 1-410-786-7487 and e-mail is kmccracken@cms.hhs.gov.
SUPPLEMENTARY INFORMATION:
I. Description of the Matching Program
A. General
The Computer Matching and Privacy Protection Act of 1988 (Public
Law (Pub. L. 100-503), amended the Privacy Act (5 U.S.C. 552a) by
describing the manner in which computer matching involving Federal
agencies could be performed and adding certain protections for
individuals applying for and receiving Federal benefits.
[[Page 17676]]
Section 7201 of the Omnibus Budget Reconciliation Act of 1990 (Pub.
L. 100-508) further amended the Privacy Act regarding protections for
such individuals. The Privacy Act, as amended, regulates the use of
computer matching by Federal agencies when records in a system of
records are matched with other Federal, state, or local government
records. It requires Federal agencies involved in computer matching
programs to:
1. Negotiate written agreements with the other agencies
participating in the matching programs;
2. Obtain the Data Integrity Board approval of the match
agreements;
3. Furnish detailed reports about matching programs to Congress and
OMB;
4. Notify applicants and beneficiaries that the records are subject
to matching; and,
5. Verify match findings before reducing, suspending, terminating,
or denying an individual's benefits or payments.
B. CMS Computer Matches Subject to the Privacy Act
CMS has taken action to ensure that all CMPs that this Agency
participates in comply with the requirements of the Privacy Act of
1974, as amended.
Dated: March 23, 2004.
Dennis Smith,
Acting Administrator, Centers for Medicare & Medicaid Services.
Computer Match No. 2003-01
NAME:
``Computer Matching Agreement Between the Centers for Medicare &
Medicaid Services (CMS) and the State of North Carolina Department of
Health and Human Services (NCDHHS), Department of Medical Assistance
(DMA) for Disclosure of Medicare and Medicaid Information.''
SECURITY CLASSIFICATION:
Level Three Privacy Act Sensitive
PARTICIPATING AGENCIES:
The Centers for Medicare & Medicaid Services, and State of North
Carolina Department of Health and Human Services
AUTHORITY FOR CONDUCTING MATCHING PROGRAM:
This CMA is executed to comply with the Privacy Act of 1974 (Title
5 United States Code (U.S.C.) 552a), as amended, (as amended by Public
Law (Pub. L.) 100-503, the Computer Matching and Privacy Protection Act
of 1988), the Office of Management and Budget (OMB) Circular A-130,
titled ``Management of Federal Information Resources'' at 65 FR 77677
(December 12, 2000), and OMB guidelines pertaining to computer matching
at 54 FR 25818 (June 19, 1989).
This agreement provides for information matching fully consistent
with the authority of the Secretary of HHS (Secretary). Section 1816 of
the Act permits the Secretary to contract with fiscal intermediaries to
``make such audits of the records of providers as may be necessary to
insure that proper payments are made under this part,'' and to
``perform such other functions as are necessary to carry out this
subsection'' (42 U.S.C. 1395h)(a)).
Section 1842 of the Social Security Act (the Act) provides that the
Secretary may contract with entities known as carriers to ``make such
audits of the records of providers of services as may be necessary to
assure that proper payments are made'' (42 U.S.C. 1395u(a)(1)(C));
``assist in the application of safeguards against unnecessary
utilization of services furnished by providers of services and other
persons to individuals entitled to benefits'' (42 U.S.C.
1395u(a)(2)(B)); and ``to otherwise assist * * * in discharging
administrative duties necessary to carry out the purposes of this
part'' (42 U.S.C. 1395u(a)(4)).
Furthermore, Sec. 1874(b) of the Act authorizes the Secretary to
contract with any person, agency, or institution to secure on a
reimbursable basis such special data, actuarial information, and other
information as may be necessary in the carrying out of his functions
under this title (42 U.S.C. 1395kk(b)).
Section 1893 of the Act establishes the Medicare Integrity Program,
which the Secretary may contract with eligible entities to conduct a
variety of program safeguard activities, including fraud review
employing technologies that surpass the capabilities of existing Fiscal
Intermediaries and carriers (42 U.S.C. 1395ddd)). The contracting
entities are called Program Safeguards Contractors (PSC).
NCDHHS, acting through DMA, is charged with the administration of
the Medicaid program in North Carolina and is the single state agency
for such purpose. DMA may act as an agent or representative of the
Federal government for any purpose in furtherance of DMA's functions or
administration of the Federal funds granted to the state. The North
Carolina General Statutes, Chapter 108A, Part 6, authorizes DMA to
establish a Medical Assistance Program and to authorize payments of all
or part of the cost of medical and other remedial care for eligible
persons.
DMA's disclosure of the Medicaid data pursuant to this agreement is
for purposes directly connected with the administration of the Medicaid
program, specifically, the detection, prosecution and deterrence of
fraud and abuse (F&A) in the Medicaid program.
PURPOSE(S) OF THE MATCHING PROGRAM:
The purpose of this agreement is to establish the conditions,
safeguards, and procedures under which CMS will conduct a computer
matching program with NCDHHS, DMA, to study claims, billing, and
eligibility information to detect suspected instances of Medicare and
Medicaid fraud and abuse (F&A) in the State of North Carolina. CMS and
DMA will provide a CMS contractor, AdvanceMed, a CSC Company
(hereinafter referred to as the ``Custodian''), with Medicare and
Medicaid records pertaining to eligibility, claims, and billing which
the Custodian will match in order to merge the information into a
single database. Utilizing fraud detection software, the information
will then be used to identify patterns of aberrant practices requiring
further investigation. The following are examples of the type of
aberrant practices that may constitute F&A by practitioners, providers,
and suppliers in the State of North Carolina expected to be identified
in this matching program: (1) Billing for provisions of more than 24
hours of services in one day, (2) providing treatment and services in
ways more statistically significant than similar practitioner groups,
and (3) up-coding and billing for services more expensive than those
actually performed.
CATEGORIES OF RECORDS AND INDIVIDUALS COVERED BY THE MATCH:
This CMP will enhance the ability of CMS and DMA to detect F&A by
matching claims data, eligibility, and practitioner, provider, and
supplier enrollment records of Medicare beneficiaries, practitioners,
providers, and suppliers in the State of North Carolina against records
of North Carolina Medicaid beneficiaries, practitioners, providers, and
suppliers in the State of North Carolina.
DESCRIPTION OF RECORDS TO BE USED IN THE MATCHING PROGRAM--CMS SYSTEMS
OF RECORDS (SOR):
The release of the data for CMS are maintained in the following
SOR:
National Claims History (NCH), System No. 09-70-0005 was most
recently published in the Federal Register, at 67 FR 57015 (September
6, 2002). NCH contains records needed to facilitate obtaining Medicare
utilization review data that can be used to study
[[Page 17677]]
the operation and effectiveness of the Medicare program. Matched data
will be released to DMA pursuant to the routine use as set forth in the
system notice.
Carrier Medicare Claims Record, System No. 09-70-0501 published in
the Federal Register at 67 FR 54428 (August 22, 2002). Matched data
will be released to DMA pursuant to the routine use as set forth in the
system notice.
Enrollment Database, System No. 09-70-0502 (formerly known as the
Health Insurance Master Record) published at 67 FR 3203 (January 23,
2002). Matched data will be released to DMA pursuant to the routine use
set forth in the system notice.
Intermediary Medicare Claims Record, System No. 09-70-0503
published in the Federal Register at 67 FR 65982 (October 29, 2002).
Matched data will be released to DMA pursuant to the routine use as set
forth in the system notice.
Unique Physician/Provider Identification Number (formerly known as
the Medicare Physician Identification and Eligibility System), System
No. 09-70-0525, was most recently published in the Federal Register at
53 FR 50584 (Dec 16, 1988). Matched data will be released to DMA
pursuant to the routine use as set forth in the system notice.
Medicare Supplier Identification File, System No. 09-70-0530 was
most recently published in the Federal Register, at 67 FR 48184 (July
23, 2002). Matched data will be released to DMA pursuant to the routine
use as set forth in the system notice.
Medicare Beneficiary Database, System No. 09-70-0536 published in
the Federal Register at 66 FR 63392 (December 6, 2001). Matched data
will be released to DMA pursuant to the routine use as set forth in the
system notice.
DMA data are maintained in the following data files: ``Medicaid
RFF035 File Paid Claims,'' ``Medicaid Combined Provider Master File,''
and ``Medicaid Eligibility File.''
INCLUSIVE DATES OF THE MATCH:
The CMP shall become effective no sooner than 40 days after the
report of the Matching Program is sent to OMB and Congress, or 30 days
after publication in the Federal Register, which ever is later. The
matching program will continue for 18 months from the effective date
and may be extended for an additional 12 months thereafter, if certain
conditions are met.
[FR Doc. 04-7631 Filed 4-2-04; 8:45 am]
BILLING CODE 4120-03-P