[Federal Register: September 26, 2008 (Volume 73, Number 188)]
[Rules and Regulations]
[Page 55765-55772]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr26se08-14]
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Centers for Medicare & Medicaid Services
42 CFR Part 455
[CMS-2271-F]
RIN 0938-AO97
Medicaid Integrity Program; Eligible Entity and Contracting
Requirements for the Medicaid Integrity Audit Program
AGENCY: Centers for Medicare & Medicaid Services (CMS), HHS.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: Section 1936 of the Social Security Act (the Act) (as added by
section 6034 of the Deficit Reduction Act of 2005 (DRA) established the
Medicaid Integrity Program to promote the integrity of the Medicaid
program by requiring CMS to enter into contracts with eligible entities
to: (1) Review the actions of individuals or entities furnishing items
or services (whether on a fee-for-service, risk, or other basis) for
which payment may be made under an approved State plan and/or any
waiver of such plan approved under section 1115 of the Act; (2) audit
claims for payment of items or services furnished, or administrative
services rendered, under a State plan; (3) identify overpayments to
individuals or entities receiving Federal funds; and (4) educate
providers of services, managed care entities, beneficiaries, and other
individuals with respect to payment integrity and quality of care.
This final rule will provide requirements for an eligible entity to
enter into a contract under the Medicaid integrity audit program. The
final rule will also establish the contracting requirements for
eligible entities. The requirements will include procedures for
identifying, evaluating, and resolving organizational conflicts of
interest that are generally applicable to Federal acquisition and
procurement; competitive procedures to be used; and procedures under
which a contract may be renewed.
DATES: This final rule is effective October 27, 2008.
FOR FURTHER INFORMATION CONTACT: Barbara Rufo, 410 786-5589 or Crystal
High, 410-786-8366.
SUPPLEMENTARY INFORMATION:
I. Background
A. Current Law
States and the Federal government share in the responsibility for
safeguarding Medicaid program integrity. States must comply with
Federal requirements designed to ensure that Medicaid funds are
properly spent (or recovered, when necessary). CMS is the primary
Federal agency responsible for providing oversight of States' Medicaid
activities and facilitating their program integrity efforts.
B. Medicaid Integrity Program
Section 6034 of the Deficit Reduction Act (DRA) of 2005 (Pub. L.
109-171, enacted on February 8, 2006) added a new section 1936 to the
Act that established the Medicaid Integrity Program, referenced as the
``Program'' hereafter, to combat Medicaid fraud and abuse. The Program
is intended to identify, recover, and prevent Medicaid overpayments. It
is also intended to support the efforts of the State Medicaid agencies
through a combination of support and technical assistance.
Although individual States work to ensure the integrity of their
respective Medicaid programs, the Program represents CMS' first
national strategy to detect and prevent Medicaid fraud and abuse. The
Program will provide CMS with the ability to more directly ensure the
accuracy of Medicaid payments and to deter those who would exploit the
program.
Section 6034 of the DRA amended title XIX of the Act by
redesignating the former section 1936 as section 1937; and adding the
new 1936 ``Medicaid Integrity Program.'' The new section 1936 states
the Secretary will promote the integrity of the Medicaid program by
entering into contracts with eligible entities to carry out the
following activities:
Review of actions of individuals or entities furnishing
items or services (whether on a fee-for-service, risk, or other basis)
for which payment may be made under the State plan approved under title
XIX (or under any waiver of such plan approved under section 1115 of
the Act) to determine whether fraud, waste, or abuse has occurred, or
is likely to occur, or whether such actions have a potential for
resulting in an expenditure of funds under title XIX in a manner which
is not intended under the provisions of title XIX.
Audit of claims for payment for items or services
furnished, or administrative services rendered, under a State plan
under title XIX, including cost reports, consulting contracts, and risk
contracts under section 1903(m) of title XIX.
Identification of overpayments to individuals or entities
receiving Federal funds under title XIX.
Education of providers of services, managed care entities,
beneficiaries, and other individuals with respect to payment integrity
and quality of care.
Section 1936 of the Act also mandates that the Secretary will, by
regulation, establish procedures which will include the following:
Procedures for identifying, evaluating, and resolving
organizational conflicts of interest that are generally applicable to
Federal acquisition and procurement.
Competitive procedures to be used when entering into new
contracts under this section; when entering into contracts that may
result in the elimination of responsibilities under section 202(b) of
the Health Insurance Portability and Accountability Act of 1996; and
any other time considered appropriate by the Secretary.
Procedures under which a contract under this section may
be renewed without regard to any provision of law requiring competition
if the contractor has met or exceeded the performance requirements
established in the current contract.
CMS has determined not to address in this final rule the above
bullet that references the Health Insurance Portability and
Accountability Act of 1996 (HIPAA). We have determined that section
202(b) of HIPAA addressed certain Medicare contracting issues which,
because of structural differences between the Medicare and Medicaid
programs, such as the fact that the Federal Government does not utilize
carriers or fiscal intermediaries in the Federal administration of the
Medicaid program, do not pertain to the Medicaid contracting
environment. Moreover, we have also determined that the provisions of
the Act established by section 202(b) of HIPAA have since been repealed
by section 911 of the Medicare Prescription Drug, Improvement, and
Modernization Act of 2003.
[[Page 55766]]
C. Medicaid Integrity Audit Program Contract Overview
The Medicaid Integrity Audit Program will use three separate
Indefinite-Delivery Indefinite Quantity (IDIQ) contracts to achieve the
goals identified above. These contracts include the following: Audit
and Identification of Overpayment Medicaid Integrity Contractor (Audit
MIC), Review or Provider MIC (Review MIC) to five contractors, and
Education MIC.
CMS has awarded two of the three IDIQ contracts to Medicaid
Integrity Contractors (MICs) to carry out the Secretary's mandated
activities described above. In December 2006, CMS awarded Audit MIC
IDIQ contracts to five contractors and awarded the Review MIC IDIQ
contracts to five contractors. The Education MIC is yet to be awarded.
The IDIQ contracts will be managed by task orders. Each of the MIC IDIQ
contractors will have the opportunity to bid for task orders
authorizing specific work within the scope of the appropriate IDIQ
contract. To date, one task order has been awarded to an Audit MIC and
one to a Review MIC. In addition to the requirements described in the
IDIQ contract, the task order statement of work provides further
clarification and specifics as to the work to be performed.
CMS is planning to release individual task orders for five
jurisdictions, which are comprised of two CMS Regions, as well as for
identified special initiatives. When requesting task order proposals,
CMS provided protocols to the Audit MICs to use during the course of an
audit. The protocols, which were developed by contractor, provide
specific guidelines and audit steps that each Audit MIC will follow
during an audit. This will help ensure that audits are conducted in a
uniform manner among the Audit MICs and across the five jurisdictions.
In an effort to ensure that the protocols concisely and accurately
describe the auditing process, CMS had the protocols reviewed and
tested by a separate CMS contractor. Having a separate CMS contractor
review the protocols eliminated the potential of conflict of interest
that may have occurred had the development contractor reviewed and
tested the protocols.
Auditing is scheduled to begin in mid-June 2008 with the Atlanta
jurisdiction which is comprised of CMS Regions II and IV. With the
first task order, the Review MIC will initially concentrate on CMS'
Region IV, the Atlanta Region; the Audit MIC will concentrate on CMS'
Region III and IV, the Atlanta and Philadelphia Region.
II. Provisions of the Proposed Regulations and Responses to Comments
Eligible Entity and Contracting Requirements for the Medicaid Integrity
Audit Program
Section 6034 of the DRA of 2005 (DRA) amended title XIX of the Act
by establishing, under the new section 1936, the Medicaid Integrity
Program to promote the integrity of the Medicaid program by requiring
CMS to enter into contracts with eligible entities to: (1) Review the
actions of individuals or entities furnishing items or services
(whether on a fee-for-service, risk, or other basis) for which payment
may be made under an approved State plan and/or any waiver of such plan
approved under section 1115 of the Act; (2) audit claims for payment of
items or services furnished, or administrative services rendered, under
a State plan; (3) identify overpayments to individuals or entities
receiving Federal Medicaid funds; and (4) educate providers of
services, managed care entities, beneficiaries, and other individuals
with respect to payment integrity and quality of care.
In the proposed rule we provided requirements for which an entity
is eligible to enter into a contract under the Medicaid integrity audit
program. The requirements would include procedures for identifying,
evaluating, and resolving organizational conflicts of interest that are
generally applicable to Federal acquisition and procurement;
competitive procedures to be used; and procedures under which a
contract may be renewed.
In the November 23, 2007 Federal Register (72 FR 65686), we
published the proposed rule entitled ``Medicaid Integrity Program;
Eligible Entity and Contracting Requirements for the Medicaid Integrity
Audit Program,'' and provided for a 30 day public comment period. We
received a total of 3 timely comments from State government agencies
and a health care association. Brief summaries for each proposed
provision, a summary of the public comments we received, and our
responses to comments are set forth below.
General Comments
Comment: One commenter indicated that although they support the
provisions of this proposed rule, they believe the rule does not
sufficiently establish requirements for the MICs to ensure their work
is carried out in an efficient, effective, and defensible manner. The
commenter also stated that the proposed rule does not address methods
of assuring coordination between the Medicaid integrity functions and
existing programs already on-going in the States. In addition, the
commenter notes that the proposed rule does not address how to prevent
duplication of efforts or prevent multiple audits related to the same
time period or same claims.
Response: The Medicaid Integrity Group (MIG), a component within
CMS which has been created in order to carry out the Medicaid Integrity
Program, will coordinate and communicate with its stakeholders in an
effort to prevent duplication of efforts. In addition, the MIG will
closely monitor the performance of the MICs. The roles and
responsibilities of the MICs are further defined within the IDIQ
contract as well as each task order. In addition, the MICs have been
provided with protocols to help guide them through the audit process.
The Audit MICs are responsible for performing comprehensive and focused
audits. The goal of the audits is to examine payments to individuals or
entities providing items or services under title XIX of the Act for the
purposes of identifying potential overpayments to those individuals or
entities. The Review MICs are responsible for performing reviews of
providers furnishing Medicaid items or services to determine whether
Medicaid fraud, waste, or abuse has occurred, is likely to occur, or
whether Medicaid provider actions have the potential of causing
inappropriate or incorrect expenditure of Medicaid funds. The Review
MICs are also responsible for analyzing data and performing risk
assessments of Medicaid data including, but not limited to, claims for
payment under title XIX of the Act. The Education MICs will be
responsible for promoting the integrity of the Medicaid program by
educating providers of services, managed care entities, and other
individuals with respect to Medicaid payment and quality of care.
Subpart C--Medicaid Integrity Audit Program
Section 455.200 Basis and Scope
In the proposed Sec. 455.200 we set forth the statutory basis,
section 1936 of the Act, for promulgating this rule. We proposed, in
subpart C, Sec. 455.200(b), Basis and Scope, additional language
stating that part of the Medicaid Integrity Program's scope is to carry
out the Medicaid integrity audit functions. CMS also published a final
rule in the Federal Register on November 30, 2007 (72 FR 67653),
entitled ``Limitation on Contractor Liability'' that finalized the
portion of our proposed rule addressing
[[Page 55767]]
the limitation on a contractor's liability to carry out a contract
under the Medicaid Integrity Program. In addition, subpart C would
apply to entities that seek to compete for, or receive an award of, a
contract under section 1936 of the Act.
Comment: A commenter expressed concern that the proposed rule fails
to recognize the respective roles of State Medicaid Agencies and
Medicaid Fraud Control Units. The commenter additionally stated the
proposed rule is silent on the respective roles of the States and the
new contractors and silent on any coordination of effort between the
eligible entities and the States. The commenter recommended that the
rule be expanded to clarify the relationship between the States and any
contracted entities, including the plan for coordination of effort and
addressing individual State plan provisions.
Response: This final rule is not designed to discuss the roles of
State Medicaid Agencies and Medicaid Fraud Control Units. There are
however, regulations set forth in 42 CFR part 455--Program Integrity:
Medicaid, that address the relationships with States. These
regulations, which will remain in effect, at Sec. 455.21, describe the
cooperation with State Medicaid Fraud Control Units and the provisions
at Sec. 455.12 address State plan requirements. In addition, when
conducting the audits, the Audit MICs will utilize established
protocols that provide guidance on how the MICs are to coordinate with
the individual States.
Section 455.230 Eligibility Requirements
In Sec. 455.230 we described that an eligible entity may enter
into a Medicaid integrity audit program contract if it:
Has demonstrated the capability to carry out the
contractor activities;
In carrying out such activities, agrees to cooperate with
the Inspector General of the Department of Health and Human Services,
the Attorney General, and other law enforcement agencies, as
appropriate, in the investigation and deterrence of fraud and abuse in
relation to title XIX and in other cases arising out of such
activities;
Maintains an appropriate written code of conduct and
compliance policies that include, without limitation, an enforced
policy on employee conflicts of interest;
Complies with such conflict of interest standards are
generally applicable to Federal acquisition and procurement; and,
Meets other requirements the Secretary may impose.
It would not be possible to identify in this rule every possible
contractor requirement that may appear in a future solicitation. In
order to permit maximum flexibility to tailor our contractor
eligibility requirements to specific solicitations while satisfying
section 1936 of the Act, any additional requirements would be contained
in the applicable solicitation.
Comment: A commenter strongly recommended that the MIC utilize
medical directors from the outset of claims reviews and that complex
medical decisions made by physician specialists and specialized mid-
level providers be reviewed by a physician from a like specialty.
Another commenter suggested that this section be amended by
clarifying the categories of entities eligible to perform the audit
functions. For example, the commenter inquired as to whether State
Medicaid agencies would qualify, and addressed the potential conflict
of interest that may arise if a MIC already acts as a fiscal agent in
one or more States and/or performs key Medicaid administrative
functions including, but not limited to, claims adjudication, provider
enrollment, pharmacy benefits management, etc.
Response: The Audit MICs are required, as described in the IDIQ
contract, to have as key personnel a medical director. The Audit MICs
are to ensure that questions of medical necessity are reviewed by
physicians with appropriate expertise.
A State Medicaid Agency will not be able to operate as a MIC. We
adhered to the requirements of the Federal Acquisition Regulation (FAR)
organizational conflict of interest requirements found at 48 CFR
subpart 9.5 when soliciting contracts for the Medicaid Integrity
Program.
Section 455.232 Medicaid Integrity Audit Program Contractor Functions
In Sec. 455.232 we identified the functions of the Medicaid
integrity audit program contractor as follows:
Review of the individual actions or entities furnishing
items or services (whether on a fee-for-service, risk, other basis) for
which payment may be made under a State Plan approved under title XIX
(or under any waiver of such plan approved under section 1115 of the
Act) to determine whether fraud, waste, or abuse has occurred, is
likely to occur, or whether such actions have the potential for
resulting in an expenditure of funds under title XIX in a manner which
is not intended under the provisions of title XIX.
Audit of claims for payment for items or services
furnished or administrative services rendered, under a State plan under
title XIX, including cost reports; consulting contracts; and risk
contracts under section 1903(m) of the Act.
Identification of overpayments to individuals or entities
receiving Federal funds under title XIX.
Educating providers of service, managed care entities,
beneficiaries, and other individuals with respect to payment integrity
and quality of care.
Comment: Several commenters indicated there is no direction on how
the contractors should coordinate with existing State Medicaid
integrity programs and Medicaid Fraud Control Units. They expressed
concern that this will result in duplication of efforts and possible
interference with State program integrity investigations. One commenter
recommended that we add a bullet to read: Coordinate any provider
specific action outlined above including but not limited to, claim
audits, other audits, overpayment recoveries and provider education
with appropriate State Medicaid agency, before, during and after the
action. Another commenter questioned how the contractors will
coordinate with the State surveillance and utilization review (SUR)
functions; how the contractors will be assigned their integrity cases;
how the source data will be used by contractors to determine audit
targets; whether the contactors be allowed to access the Medicaid
Management Information Systems (MMIS); who will perform the data
analysis; and to whom the contractor will refer suspicion of fraud
cases.
Response: As previously stated under the Background section C.
Medicaid Integrity Program Contract Overview, CMS has awarded two IDIQ
contracts each of which are managed by task orders. When CMS released
the request for task order proposal for the Audit MICs, CMS issued
protocols to which the Audit MICs must adhere to when performing
audits. The protocols provide specific guidance as to how the Audit
MICs are to coordinate and communicate with State agencies. The task
order instructs the Audit MICs to refer any instances of potential
cases of fraud to the CMS as well as to the Department of Health and
Human Services, Office of Inspector General (OIG). The task order
further defines the Audit MIC roles and responsibilities for
coordinating with law enforcement. The Review MICs will be responsible
for performing reviews of providers furnishing Medicaid items or
services to determine whether Medicaid fraud, waste, or abuse has
occurred, is likely to occur, or whether provider actions
[[Page 55768]]
have the potential of causing inappropriate or incorrect expenditure of
Medicaid funds. After performing these reviews, the Review MICs will
provide their findings to CMS. CMS will provide the Audit MICs with the
specific providers to be audited. The Review MICs will not perform
audits.
Comment: A commenter suggested that the MICs should allow providers
to track electronically the status of claims. The commenter indicated
that they have experienced frustration with the Recovery Audit
Contractors (RAC) demonstration contractor and the lack of
communication between the RAC and provider regarding the status of
claims under review and therefore suggested that providing this
information to the providers will enable them to plan accordingly.
Response: It is important to note that the RAC is a separate
program from the Medicaid Integrity Audit Program. The RAC operates
under different statutory authority and is associated with Medicare and
not Medicaid. While it is not feasible to implement a system as
suggested by the commenter, States and providers will have an
opportunity to comment on the findings of a provider audit before the
audit is completed and an overpayment is finally and formally
identified. To minimize the likelihood of duplication of effort, before
the MIG communicates audit targets to the Audit MICs, the MIG will
communicate with the State program integrity offices and State Medicaid
Fraud Control Units, among others, to ensure that a proposed audit does
not interfere with an ongoing investigation.
Comment: A commenter stated that the language of the proposed rule
describing the functions of the contractors was broad and ambiguous.
The commenter further noted that this language failed to provide
sufficient guidance by which the intent of the statute can be
determined, and appears to leave the contractors in a policy-making
role. The commenter recommended the language be removed or modified to
make clear the responsibility of the contractors. The commenter
questions whether there are standard criteria for the contractors to
use to determine that an action is likely to result in fraud, waste or
abuse and whether there are specific audit standards that must be
followed.
Response: MICs are not policy-making entities. We have outlined the
MICs' roles and responsibilities not only in the proposed rule, but
also in the MICs IDIQ contracts as well as in the task orders. The
Audit MICs have been provided audit protocols, which provide guidance
on how to conduct audits and which set forth audit standards.
Comment: A commenter suggested the proposed rule is silent on the
qualifications of the potential contractors. The commenter also
questioned whether there will be minimum education and training
requirements; how performance will be measured; whether there will be
evaluations and whether the criteria on which they are based will be
made public; and whether they will be required to show a better return
on investment than the States.
Response: The IDIQ contracts specify minimum qualifications that
the MICs must meet. CMS evaluated the qualifications information
bidders submitted in selecting the MICs. The MICs are not required to
show a better return on investment than the States. Although individual
States work to ensure the integrity of their respective programs, the
Medicaid Integrity Audit Program provides CMS with the ability to set
in place a national strategy to ensure the accuracy of Medicaid
payments and to deter those exploiting the program. This advances goals
that are shared by the States and Federal government.
Comment: A commenter expressed concern that it is unclear what
entity is responsible for collecting the overpayments and defending the
audit findings, and what appeal process will be followed.
Response: Pursuant to existing regulations at part 433, Subpart F,
once CMS formally identifies a Medicaid overpayment, CMS will collect
the federal share of the overpayment from a State. The individual
States will be responsible for collecting overpayments from providers.
Providers may utilize the laws and procedures of the State, including
State appellate procedures, to challenge findings concerning an
overpayment. A determination by a State administrative or judicial
proceeding altering or dismissing a finding of, or relating to, a
provider overpayment, however, will not necessarily relieve a State of
the obligation to refund the federal share of CMS' determined
overpayment. During the audit process, CMS, Audit MIC, and the State
will confer and discuss the audit findings before CMS formally
identifies an overpayment.
Section 455.234 Awarding of a Contract
Section 455.234 would specify that a Medicaid integrity audit
contract will be awarded in accordance with 48 CFR chapters 1 and 3
(the Federal Acquisition Regulation (FAR) and the Health and Human
Services Acquisition Regulation, respectively), this subpart, and all
other applicable laws and regulations. In accordance with section 1936
of the Act, we would specify that these competitive procedures and
requirements will be used as follows:
When entering into new contracts under this section.
At any other time considered appropriate by the Secretary.
In addition, we proposed to specify in Sec. 455.234 that an entity
must meet the eligibility requirements established in proposed Sec.
455.230 to become eligible to be awarded a Medicaid integrity audit
program contract.
Comment: A commenter stated that although the DRA does not require
that the contractor be retained on a contingency-fee basis, they would
caution CMS from using such a compensation scheme. The commenter
believed tying a contractor's payment to the volume of claims denied
creates a perverse incentive irrespective of the claims' merits. The
commenter also suggested that CMS should allow providers to retain
funds recouped as part of the MIC's work until all avenues of appeal
are exhausted. The commenter recognized this is not common practice,
but believes it is within the Secretary's authority to administer the
recovery program under section 1885 of the Act.
Response: The Audit MICs will not be compensated on a contingency
fee basis.
In response to the comment indicating CMS should allow providers to
retain monies recouped during the course of appeals, it is important to
note that the recoupment of overpayments is not the responsibility of
the MIC, but will remain the responsibility of the State. Whether the
provider is allowed to retain recouped funds until the appellate
process is complete will depend on State law. CMS will, however,
recover from States the Federal share of an overpayment consistent with
the existing statutory and regulatory requirements. Section 1885 is a
provision of the Medicare statute, title XVIII of the Act. Section 1885
does not apply to the Medicaid Integrity Program. The Medicaid statue
is at title XIX of the Act.
Section 455.236 Renewal of a Contract
In Sec. 455.236, we proposed that an initial contract term would
be defined in the Medicaid integrity audit program contract and a
renewal clause may be included in the contract. We also proposed that
we may, but are not required to, renew the Medicaid integrity audit
program contracts without regard to any provision of law requiring
competition if the contractor
[[Page 55769]]
has met or exceeded the performance requirements established in the
current contract.
In accordance with sections 1936(c)(2) and (3) of the Act, we
proposed in Sec. 455.236(b) that we may renew a Medicaid integrity
audit program contract without competition if the contractor continues
to meet all requirements of the proposed subpart C, the contractor
meets or exceeds the performance requirements established in its
current contract, and it is in the best interest of the Federal
Government.
At Sec. 455.236(a) we proposed that if CMS does not renew a
contract, the contract would end in accordance with its terms. We also
proposed that the contractor would not have a right to a hearing or
judicial review regarding our renewal decision.
We did not receive public comments on our proposed provision.
Therefore, we adopt the provisions as proposed.
Section 455.238 Conflict of Interest
We proposed to establish at Sec. 455.238 the process for
identifying, evaluating, and resolving conflicts of interest as
mandated by section 1936(c)(2) and (3) of the Act. We adhered to the
requirements of the FAR's organizational conflict of interest
requirements found at 48 CFR subpart 9.5 when soliciting contracts for
the Medicaid integrity audit program. Due to the sensitive nature of
the work to be performed under the contract, the need to preserve
public trust, and the history of fraud and abuse in the Medicaid
program, we would maintain the presumption that each prospective
contract involves a significant potential organizational conflict of
interest.
Prior to awarding a Medicaid integrity audit program contract, the
contracting officer will draft an organizational conflict of interest
clause specific to the contractor for inclusion in the contract. In
general we would not enter into a Medicaid integrity audit program
contract with an offeror or an existing Medicaid integrity audit
program contractor that has been determined to have, or that has the
potential for, an unresolved organizational conflict of interest.
We did not receive public comments on our proposed provision.
Therefore, we adopt the provisions as proposed.
Section 455.238(a)
At Sec. 455.238(a), we proposed that an offeror for a Medicaid
integrity audit program contract is, and the Medicaid integrity audit
program contractors are, subject to the conflict of interest standards
and requirements of the FAR organizational conflict of interest
guidance found at 48 CFR subpart 9.5, and the requirements and
standards that are contained in each individual contract awarded to
perform the functions described under section 1936 of the Act.
We did not receive public comments on our proposed provision.
Therefore, we adopt the provisions as proposed.
Section 455.238(b)
In Sec. 455.238(b), we proposed to include post award discussions
in which the contactor will present any later occurring or identified
conflict of interest to CMS for resolution. We proposed that we would
consider a post award conflict of interest resolution discussion if,
during the term of the contract, the contractor or any of its
employees, agents, or subcontractors received, solicited, or arranged
to receive any fee, compensation, gift, payment of expenses, offer of
employment, or any other thing of value from any entity that is
reviewed, audited, investigated, or contacted during the normal course
of performing activities under a Medicaid integrity audit program
contract. We incorporated the definition of ``gift'' from the Standards
of Ethical Conduct for Employees of the Executive Branch [5 CFR
2635.203(b)].
We did not receive public comments on our proposed provision.
Therefore, we adopt the provisions as proposed.
Section 455.238(c)
In Sec. 455.238(c) we proposed that if CMS has determined that a
contractor's activities are creating a conflict, then a conflict of
interest has occurred during the term of the contract. We proposed if
such an event has occurred, among other actions, we may, as we deem
appropriate:
Not renew the contract for an additional term;
Modify the contract; or
Terminate the contract.
The proposed rule did not describe all of the information that may
be required under each task order, or the level of detail that would be
required. Therefore, we proposed to have the flexibility to tailor the
requirements to each individual procurement.
Because potential offerors may have questions about whether
information submitted in response to a solicitation, including
information regarding potential conflicts of interest, may be
redisclosed under the Freedom of Information Act (FOIA), we provided
the following information. To the extent that a proposal containing
information is submitted to us as a requirement of a competitive
solicitation under 41 U.S.C. Chapter 4, Subchapter IV, we proposed to
withhold the proposal when requested under the FOIA. This withholding
is based upon 41 U.S.C. 253b(m). However, we proposed one exception to
this policy. It involves any proposal that is set forth or incorporated
by reference in the contract awarded to the proposing offeror. Such a
proposal may not receive categorical protection. Rather, we would
withhold, under 5 U.S.C. 552(b)(4), information within the proposal
that is required to be submitted that constitutes trade secrets or
commercial or financial information that is privileged or confidential,
provided the criteria established by National Parks & Conservation
Association v. Morton, 498 F.2d 765 (D.C. Cir 1974), as applicable, are
met. For any such proposal, we proposed to follow pre-disclosure
notification procedures set forth at 45 CFR 5.65(d).
We proposed that proposal containing the information submitted to
us under an authority other than 41 U.S.C. Chapter 4, Subchapter IV,
and any information submitted independent of a proposal would be
evaluated solely on the criteria established by National Parks &
Conservation Association v. Morton and other appropriate authorities to
determine if the proposal in whole or in part contains trade secrets or
commercial or financial information that is privileged or confidential
and protected from disclosure under 5 U.S.C. 552(b)(4). Again, for any
such proposal, we proposed to follow pre-disclosure notification
procedures set forth at 45 CFR 5.65(d) and will also invoke 5 U.S.C.
552(b)(6) to protect information that is of a highly sensitive personal
nature. It should be noted that the protection of proposals under FOIA
does not preclude us from releasing contractor proposals when
necessitated by law, such as in the case of a lawful subpoena.
We did not receive public comments on our proposed provision.
Therefore, we adopt the provisions as proposed.
Section 455.240 Conflict of Interest Resolution
We described at Sec. 455.240(a) how a conflict of interest may be
resolved. We stated that a Conflicts of Interest Review Board may be
established and convened at any time during the term of the contract,
as well as during the procurement process, to evaluate and assist the
contracting officer in resolving conflicts of interest. We proposed to
determine when or if the Board will be convened.
We proposed, at Sec. 455.240(b), to specify that a resolution of
an
[[Page 55770]]
organizational conflict of interest is a determination by the
contracting officer that:
The conflict is mitigated;
The conflict precludes award of a contract to the offeror;
The conflict requires that we modify an existing contract;
The conflict requires that we terminate an existing
contract; or
It is in the best interest of the Federal Government to
contract with the offeror or contractor even though the conflict of
interest exists.
We discussed an offeror's or contractor's method of mitigating
conflicts of interest will be evaluated on a case by case basis. We
provided examples of methods an offeror or contractor may use to
mitigate organizational conflicts of interest. The examples are not an
all-inclusive list of possible methods of mitigation nor are we
obligated to approve a mitigation method that uses one of the provided
examples. Possible methods of mitigation include:
Divestiture, or reduction in the amount, of the financial
relationship the organization has in another organization to a level
acceptable to us and appropriate for the situation.
If shared responsibilities create the conflict, a plan,
subject to our approval, to separate lines of business and management
or critical staff from work on the Medicaid integrity audit program
contract.
If the conflict exists because of the amount of financial
dependence upon the Federal Government, negotiating a phasing out of
other contracts or grants that continue in effect at the start of the
Medicaid integrity audit program contract.
If the conflict exists because of the financial
relationships of individuals within the organization, divestiture of
the relationships by the individual involved.
If the conflict exists because of an individual's indirect
interest, divestiture of the interest to levels acceptable to us or
removal of the individual from the work under the Medicaid integrity
audit program contract.
By providing a process for the identification, evaluation, and
resolution of conflicts of interest, we not only protect the
government's interests but help to ensure that the contractors do not
hinder competition in their service areas by misusing their position as
a Medicaid integrity audit program contractor.
We did not receive public comments on our proposed provision.
Therefore, we adopt the provisions as proposed.
III. Provisions of the Final Regulations
The comments received required no substantive revisions to the
proposed rule. The comments did, however, ask specific questions or
asked for clarification on the CMS Medicaid Integrity Audit Program
processes. We provided responses to the questions and provided
clarification to other comments. In addition, we inserted, under the
preamble, ``Section C. Medicaid Integrity Audit Program Contract
Overview'' in an effort to provide additional clarification to the
comments. In this final rule we are adopting all of the provisions as
set forth in the November 23, 2007 proposed rule with the exception of
several minor editorial changes which that did not result in any policy
changes.
IV. Regulatory Impact Statement
We have examined the impact of this rule as required by Executive
Order 12866 (September 1993, Regulatory Planning and Review), the
Regulatory Flexibility Act (RFA) (September 19, 1980, Pub. L. 96-354),
section 1102(b) of the Social Security Act, the Unfunded Mandates
Reform Act of 1995 (Pub. L. 104-4), and Executive Order 13132.
Executive Order 12866 directs agencies to assess all costs and
benefits of available regulatory alternatives and, if regulation is
necessary, to select regulatory approaches that maximize net benefits
(including potential economic, environmental, public health and safety
effects, distributive impacts, and equity). A regulatory impact
analysis (RIA) must be prepared for major rules with economically
significant effects ($100 million or more in any 1 year). This rule
will not reach the economic threshold and thus is not considered a
major rule.
The RFA requires agencies to analyze options for regulatory relief
of small businesses. For purposes of the RFA, small entities include
small businesses, nonprofit organizations, and small governmental
jurisdictions. Most hospitals and most other providers and suppliers
are small entities, either by nonprofit status or by having revenues of
$6.5 million to $31.5 million in any 1 year. Individuals and States are
not included in the definition of a small entity. We are not preparing
an analysis for the RFA because we certify that this rule will not have
a significant economic impact on a substantial number of small
entities.
In addition, section 1102(b) of the Act requires us to prepare a
regulatory impact analysis if a rule may have a significant impact on
the operations of a substantial number of small rural hospitals. This
analysis must conform to the provisions of section 603 of the RFA. For
purposes of section 1102(b) of the Act, we define a small rural
hospital as a hospital that is located outside of a Core-Based
Statistical Area and has fewer than 100 beds. We are not preparing an
analysis for section 1102(b) of the Act because we certify that this
rule will not have a significant impact on the operations of a
substantial number of small rural hospitals.
Section 202 of the Unfunded Mandates Reform Act of 1995 also
requires that agencies assess anticipated costs and benefits before
issuing any rule whose mandates require spending in any 1 year of $100
million in 1995 dollars, updated annually for inflation. That threshold
level is currently approximately $120 million. This final rule will not
exceed this established threshold level. This rule will not have a
significant impact on State, local, or tribal governments or on the
private sector.
Executive Order 13132 establishes certain requirements that an
agency must meet when it promulgates a final rule (and subsequent final
rule) that imposes substantial direct requirement costs on State and
local governments, preempts State law, or otherwise has Federalism
implications. Since this regulation will not impose any costs on State
or local governments, the requirements of E.O. 13132 are not
applicable.
In accordance with the provisions of Executive Order 12866, this
regulation was reviewed by the Office of Management and Budget.
V. Collection of Information Requirements
Under the Paperwork Reduction Act of 1995, we are required to
provide 30-day notice in the Federal Register and solicit public
comment before a collection of information requirement is submitted to
the Office of Management and Budget (OMB) for review and approval. In
order to fairly evaluate whether an information collection should be
approved by OMB, section 3506(c)(2)(A) of the Paperwork Reduction Act
of 1995 requires that we solicit comment on the following issues:
The need for the information collection and its usefulness
in carrying out the proper functions of our agency.
The accuracy of our estimate of the information collection
burden.
The quality, utility, and clarity of the information to be
collected.
Recommendations to minimize the information collection
burden on the
[[Page 55771]]
affected public, including automated collection techniques.
Therefore, we are soliciting public comment on each of these issues
for the following sections of this document that contain information
collection requirements:
Section 455.230 Eligibility Requirements
Section 455.230(c) requires that each entity that has entered into
a contract with CMS to perform the activities described at 455.232,
maintain an appropriate written code of conduct and compliance policies
that include, without limitation, an enforced policy on employee
conflicts of interest.
The burden associated with this requirement is the time and effort
put forth by the entity to prepare and maintain such policies. While
there is burden associated with this requirement, we believe that the
burden is exempt from the PRA in accordance with 5 CFR 1320.3(b)(2)
because the time, effort, and financial resources necessary to comply
with these requirements would be incurred by persons in the normal
course of their activities.
If you comment on these information collection and recordkeeping
requirements, please mail copies directly to the following:
Centers for Medicare & Medicaid Services, Office of Strategic
Operations and Regulatory Affairs, Regulations Development and
Issuances Group, Attn: Melissa Musotto (CMS-2271-F), Room C5-14-03,
7500 Security Boulevard, Baltimore, MD 21244-1850; and
Office of Information and Regulatory Affairs, Office of Management and
Budget, Room 10235, New Executive Office Building, Washington, DC
20503, Attn: OIRA Desk Officer for CMS, (CMS-2271-F), carolyn_
lovett@omb.eop.gov. Fax (202) 395-6974.
List of Subjects in Part 455
Fraud, Grant programs-health, Health facilities, Health
professions, Investigations, Medicaid, Reporting and recordkeeping
requirements.
0
For the reasons set forth in the preamble, the Centers for Medicare &
Medicaid Services amends 42 CFR Chapter IV as set forth below:
PART 455--PROGRAM INTEGRITY; MEDICAID
0
1. The authority citation for part 455 continues to read as follows:
Authority: Sec. 1102 of the Social Security Act (42 U.S.C.
1302).
0
2. Section 455.200 is revised to read as follows:
Sec. 455.200 Basis and scope.
(a) Statutory basis. This subpart implements section 1936 of the
Social Security Act that establishes the Medicaid Integrity Program,
under which the Secretary will promote the integrity of the program by
entering into contracts with eligible entities to carry out the
activities under this subpart C.
(b) Scope. This subpart provides for the limitation on a
contractor's liability to carry out a contract under the Medicaid
Integrity Program and to carry out the Medicaid integrity audit program
functions.
0
3. New Sec. Sec. 455.230, 455.232, 455.234, 455.236, 455.238 and
455.240 are added to read as follows:
Sec. 455.230 Eligibility Requirements.
CMS may enter into a contract with an entity to perform the
activities described at Sec. 455.232, if it meets the following
conditions:
(a) The entity has demonstrated capability to carry out the
activities described below.
(b) In carrying out such activities, the entity agrees to cooperate
with the Inspector General of the Department of Health and Human
Services, the Attorney General, and other law enforcement agencies, as
appropriate, in the investigation and deterrence of fraud and abuse in
relation to Title XIX of the Social Security Act and in other cases
arising out of such activities.
(c) Maintains an appropriate written code of conduct and compliance
policies that include, without limitation, an enforced policy on
employee conflicts of interest.
(d) The entity complies with such conflict of interest standards as
are generally applicable to Federal acquisition and procurement.
(e) The entity meets such other requirements the Secretary may
impose.
Sec. 455.232 Medicaid Integrity Audit Program Contractor functions.
The contract between CMS and a Medicaid integrity audit program
contractor specifies the functions the contractor will perform. The
contract may include any or all of the following functions:
(a) Review of the actions of individuals or entities furnishing
items or services (whether on a fee-for-service, risk, or other basis)
for which payment may be made under a State Plan approved under title
XIX of the Act (or under any waiver of such plan approved under section
1115 of the Act) to determine whether fraud, waste, or abuse has
occurred, is likely to occur, or whether such actions have the
potential for resulting in an expenditure of funds under title XIX in a
manner which is not intended under the provisions of title XIX.
(b) Auditing of claims for payment for items or services furnished,
or administrative services rendered, under a State Plan under title XIX
to ensure proper payments were made. This includes: cost reports,
consulting contracts, and risk contracts under section 1903(m) of the
Act.
(c) Identifying if overpayments have been made to individuals or
entities receiving Federal funds under title XIX.
(d) Educating providers of service, managed care entities,
beneficiaries, and other individuals with respect to payment integrity
and quality of care.
Sec. 455.234 Awarding of a Contract.
(a) CMS awards and administers Medicaid integrity audit program
contracts in accordance with acquisition regulations set forth at 48
CFR chapters 1 and 3, this subpart, and all other applicable laws and
regulations. These competitive procedures and requirements for awarding
Medicaid integrity audit program contracts are to be used as follows:
(1) When entering into new contracts under this section.
(2) At any other time considered appropriate by the Secretary.
(b) An entity is eligible to be awarded a Medicaid integrity audit
program contract only if meets the eligibility requirements established
in Sec. 455.202, 48 CFR chapter 3, and all other applicable laws and
requirements.
Sec. 455.236 Renewal of a Contract.
(a) CMS specifies the initial contract term in the Medicaid
integrity audit program contract. CMS may, but is not required to,
renew a Medicaid integrity audit program contract without regard to any
provision of law requiring competition if the contractor has met or
exceeded the performance requirements established in the current
contract.
(b) CMS may renew a Medicaid integrity audit program contract
without competition if all of the following conditions are met:
(1) The Medicaid integrity audit program contractor continues to
meet the requirements established in this subpart.
(2) The Medicaid integrity audit program contractor meets or
exceeds the performance requirements established in its current
contract.
(3) It is in the best interest of the government.
(c) If CMS does not renew a contract, the contract will end in
accordance with
[[Page 55772]]
its terms. The contractor will not have a right to a hearing or
judicial review regarding CMS's renewal or non-renewal decision.
Sec. 455.238 Conflict of Interest.
(a) Offerors for Medicaid integrity audit program contracts, and
Medicaid integrity audit program contractors, are subject to the
following requirements:
(1) The conflict of interest standards and requirements of the
Federal Acquisition Regulation organizational conflict of interest
guidance, found under 48 CFR subpart 9.5.
(2) The standards and requirements that are contained in each
individual contract awarded to perform activities described under
section 1936 of the Act.
(b) Post-award conflicts of interest: CMS considers that a post-
award conflict of interest has developed if, during the term of the
contract, one of the following occurs:
(1) The contractor or any of its employees, agents, or
subcontractors received, solicited, or arranged to receive any fee,
compensation, gift (defined at 5 CFR 2635.203(b)), payment of expenses,
offer of employment, or any other thing of value from any entity that
is reviewed, audited, investigated, or contacted during the normal
course of performing activities under the Medicaid integrity audit
program contract.
(2) CMS determines that the contractor's activities are creating a
conflict of interest.
(c) If CMS determines that a conflict of interest exists during the
term of the contract, among other actions, CMS may:
(1) Not renew the contract for an additional term.
(2) Modify the contract.
(3) Terminate the contract.
Sec. 435.240 Conflict of Interest Resolution.
(a) Review Board: CMS may establish a Conflicts of Interest Review
Board to assist in resolving organizational conflicts of interest.
(b) Resolution: Resolution of an organizational conflict of
interest is a determination by the contracting officer that:
(1) The conflict is mitigated.
(2) The conflict precludes award of a contract to the offeror.
(3) The conflict requires that CMS modify an existing contract.
(4) The conflict requires that CMS terminate an existing contract.
(5) It is in the best interest of the government to contract with
the offeror or contractor even though the conflict of interest exists
and a request for waiver is approved in accordance with 48 CFR 9.503.
(Catalog of Federal Domestic Assistance Program No. 93.778, Medical
Assistance Program)
Dated: June 18, 2008.
Kerry Weems,
Acting Administrator, Centers for Medicare & Medicaid Services.
Approved: July 29, 2008.
Michael O. Leavitt,
Secretary.
[FR Doc. E8-22693 Filed 9-25-08; 8:45 am]
BILLING CODE 4120-01-P