Michael O. Leavitt
U.S. Department of Health and Human Services
Medicare Health Care Fraud & Abuse Efforts
Committee on the Budget
United States House of Representatives
Tuesday July 17, 2007
Good morning Chairman Spratt, Congressman Ryan and distinguished Members of the Committee. It is a pleasure to be here with you today to discuss the efforts underway to reduce overpayments, fraud and other abuses in Federal health care programs.
As part of that discussion, my testimony will largely focus on the Office of Inspector General’s (OIG) and the Centers for Medicare & Medicaid Services’ (CMS) recent work in three South Florida counties, where it was determined that 31 percent of suppliers did not meet one or more of five Medicare enrollment requirements we reviewed, and had their billing privileges revoked.
In enacting Health Insurance Portability and Accountability Act (HIPAA) in 1996, Congress directed the Secretary and the Attorney General to jointly promulgate a joint Health Care Fraud and Abuse Control Program and created a dedicated funding stream for health care fraud and abuse control activities funded through the Health Care Fraud and Abuse Control Account. The joint Health Care Fraud and Abuse Control Program and Guidelines approved by the Secretary and Attorney General became effective on January 1, 1997. Since that date, our Departments have actively partnered in our efforts against health care fraud. Our joint opportunities in South Florida are a prime example of this collaboration.
In criminal matters such as the durable medical equipment, prosthetics, orthotics and supplies (DMEPOS) problems found in South Florida and California, HHS works closely with the Department of Justice (DOJ) on investigations of HHS programs and personnel and interacts with State Licensing Boards, local law enforcement and other entities with regard to program exclusion, compliance and enforcement activities. These collaborative investigative efforts lead to criminal convictions, civil settlements, program exclusions, or civil monetary penalties and assessments, all of which help protect our beneficiaries and the Medicare trust funds.
This Administration maintains a strong commitment to ensuring that Americans have access to, and are receiving, high quality care from honest and dedicated providers. Consistent with the desire of the Administration and Congress to reduce the size of the Federal deficit, OIG, CMS and its partners continue to take an aggressive approach to reducing Medicare and Medicaid fraud and abuse. Operational oversight of our Medicare and Medicaid programs and ensuring their fiscal integrity are core components of CMS management strategy and an integral part of the OIG’s priorities. Detecting and preventing fraud, waste and abuse in those programs remain a high priority.
Budgeting for the Health Care Fraud and Abuse Control Program
The Fiscal Year (FY) 2008 Budget Request includes resources and legislation to strengthen program oversight and reduce improper payments in the Medicare and Medicaid programs. A total of approximately $1.3 billion is proposed for the Health Care Fraud and Abuse Control (HCFAC) program – designed, under the joint direction of the DOJ and HHS to coordinate Federal, state and local law enforcement activities. Our collaborative efforts against healthcare fraud and abuse has been an unquestionable success. Under current law, mandatory spending for HCFAC will increase approximately $20 million from FY 2007 to FY 2008. To assist our expanded efforts in combating fraud and abuse in the new Part D prescription drug benefit and Medicare Advantage programs, and to strengthen oversight of the Medicaid program, we are seeking $183 million in discretionary spending for FY 2008. Of the approximately $1.3 billion combined total of mandatory and discretionary HCFAC funding for FY 2008, an estimated: $894 million is for the Medicare Integrity Program (MIP) which funds activities such as medical review, benefit integrity, provider and HMO audits, and provider education and training for all parts of Medicare. $187 million of FY 2008 HCFAC funding goes to the OIG for their continued effort in identifying fraudulent and abusive activities within the health care system through investigations, audits and evaluations. The FBI will receive $129 million for health care fraud enforcement activities. DOJ will receive $61million to help fund the prosecution of health care fraud cases. And $43 million will go to HHS to be used to control fraud and abuse, and limit payment errors within the Medicaid Program. I would also like to take this opportunity to thank the Chairman and other members of the Committee for your support of our request and your continued work to combat fraud and abuse on behalf of the American Public.
The OIG and the Government Accountability Office (GAO) have uncovered significant vulnerabilities in Medicare’s oversight of suppliers of DMEPOS and in Medicare payments for certain types of these items. Over the past 12 years, OIG and the GAO have reported numerous times on weaknesses in Medicare’s enrollment and payment standards for and oversight of such suppliers, and CMS has worked hard to address their recommendations for improving oversight and enforcement.
Earlier this month, CMS launched a two-year, multi-pronged campaign to better protect both people with Medicare and the program itself from fraudulent DMEPOS suppliers. It is built upon recent successes of addressing waste, fraud and abuse in South Florida. A Medicare Fraud Strike Force, directed by partners within HHS and the DOJ and manned by Federal, state and local investigators, is fighting fraud through the use of real-time analysis of Medicare billing data. We estimate that hundreds of millions of dollars in fraudulent activity can be saved as a result of this and concurrent efforts—and as momentum builds from successes in our initial target areas, we will examine the potential for applying these efforts on a national basis.
High Risk Regions: South Florida and California
The Miami and Los Angeles metropolitan areas have been identified as particularly “high-risk,” with regard to fraudulent billing by DMEPOS suppliers. Over the last two years, the number of DMEPOS suppliers claiming to operate out of Southern Florida and Southern California has doubled. As expected, the number of claims for Medicare reimbursement from suppliers in these regions is disproportionately high.
Additionally, Miami-Dade has the highest ratio of DMEPOS suppliers to beneficiaries of any county in the nation – and Broward and Palm Beach counties aren’t far behind. These three counties in Florida, according to contractor data, account for approximately five percent of total Medicare DMEPOS payments nationally. During the last two quarters of 2005, Florida led the nation in allegations of supplier noncompliance with Medicare standards.
I have seen this fraud first hand. In December of last year, I accompanied the OIG fraud investigation task force to Southern Florida to perform unannounced, out-of-cycle site visits and witnessed non-existent suppliers -- where business names and hours were posted on locked doors during traditional hours of operation. In one two-story office building that supposedly housed more than 30 DMEPOS suppliers, we were hard-pressed to find a single legitimate proprietor. In these office buildings were hallway after hallway and door and after door, each with a marquee listing business names, hours of operation and contact numbers. But when I knocked on the doors, no one was there. Repeated episodes made it clear that DMEPOS suppliers intent on defrauding Medicare could take advantage of the predictable site-visit cycle by establishing businesses that do not maintain compliance with program standards after the initial or re-enrollment site visit. I have no doubt that hundreds of thousands of dollars were being billed by these sham companies. When I asked one building manager about renting space for a diabetic supplies company, he actually gave me the name of a consultant who could help me set up a fake company. Since that time, some of the suppliers located in the building I visited have been indicted.
During these site visits, investigators zeroed-in on DMEPOS supplier standards that could be verified quickly through direct observation and were central to how easily a beneficiary could access the advertised services. Medicare participation requirements require suppliers to meet 21 standards; of these 21 standards, investigators chose to focus on 5. These are as follows: (1) maintain a physical facility, (2) be accessible during business hours, (3) have a visible sign, (4) post hours of operation, and (5) maintain listed telephone numbers.
As part of this OIG-led initiative, the OIG in collaboration with CMS, conducted unannounced site visits to 1,581 suppliers in Miami-Dade, Broward, and Palm Beach Counties in the fall of 2006. The visits found 31 percent of suppliers (491 of 1,581) did not comply with the first two requirements of maintaining a facility at the business addresses that they provided Medicare and being open and staffed during business hours. In calendar year 2006, these 491 suppliers billed almost $390 million, were allowed $111 million and we paid almost $89 million. An additional 14 percent of suppliers were open and staffed but did not meet at least one of the three additional requirements for the standards reviewed. These findings were reported to CMS and subsequent action taken to safeguard the Medicare program.
CMS and its partners have also performed additional unannounced, out-of-cycle site visits. In January 2006, CMS and its contractors conducted ad-hoc site visits of 480 DMEPOS suppliers in Miami-Dade and Broward counties in a one-week period. When the dust had settled, 191 DMEPOS suppliers had their billing privileges revoked. These revocations are in addition to those that occurred as a result of the investigations in which I participated last December.
In FY 2006, CMS and its partners conducted more than 1,472 on-site inspections in Southern Florida. As a result, 634 suppliers had their Medicare billing privileges revoked, saving the program a projected $317 million. Motorized wheelchairs, nebulizers, artificial limbs and wound therapy treatments were but a few of the medical devices billed in excess of their normal rate. Last year, a similar initiative conducted by CMS and its partners in Los Angeles netted 770 violators.
Several ongoing inspections of DMEPOS suppliers in the Los Angeles metropolitan area have revealed similarly disturbing trends. Last August, CMS and its contractors began conducting unannounced site visits of DMEPOS suppliers suspected of non-compliance with Medicare regulations and/or billing fraud. As of April 2007, 95 of the 401 suppliers inspected have had their billing privileges revoked. In February 2006, CMS, its contractors, and the State of California Food and Drug Branch (CFDB) joined forces to conduct site visits of 34 DMEPOS suppliers. Within that month, the billing privileges of 12 were revoked. Finally, back in February and March 2005, CMS contractors, CFDB and MediCal (California Medicaid) conducted inspections of 138 DMEPOS suppliers. Of this total, 31 had their billing privileges revoked.
The types of fraud committed by the DMEPOS suppliers in South Florida and the Los Angeles metro area included billing for services not rendered, billing excessively for services rendered, and billing for services not “medically necessary.” CMS and its contractors identified thousands of Medicare beneficiaries living in both metropolitan areas who are receiving medical equipment – like power wheelchairs, orthotics and equipment for testing their blood sugar – they do not require, based on their medical history. Thousands upon thousands of these devices are being billed for – and paid – in connection with the names of Medicare beneficiaries, despite the fact that the patients never received the equipment, nor had their physicians ever ordered them. Other concerns involve the co-pays beneficiaries paid for equipment their doctors didn’t order and was not delivered, generating incorrect records suggesting these beneficiaries have DMEPOS items in their possession should future legitimate needs occur. Numerous physicians in both locales said they never saw the patients for which given medical devices or equipment had been ordered; nor, correspondingly, had they ordered the suspect DMEPOS.
Once a supplier has received an enrollment or reenrollment site visit, the supplier generally is not visited again outside the 3-year cycle. Though an unannounced, out-of-cycle site visit may occur if NSC becomes aware that a supplier may be in violation of one or more Medicare standards, typically suppliers are only visited at the end of their 3-year reenrollment period. The successful efforts of the Department and its partners in the above efforts to combat fraud and abuse have shown, out-of-cycle, unannounced visits, very effective in detecting noncompliant suppliers.
OIG and its Partner’s South Florida Initiative
To address the fraud committed by suppliers in South Florida, the OIG and its partners have taken a pro-active role in addressing the fraud. Below are some of the efforts underway in South Florida.
Operation Whack-a-Mole (WAM), which represented a multi-organization, multi-disciplinary project, intended to reduce health care fraud and abuse by providers in South Florida. WAM leveraged all of the OIG resources and those if its partners, including CMS and DOJ, to prevent, identify and prosecute health care fraud. The project incorporated a wide range of strategies to address systemic vulnerabilities in the Medicare program, as well as fraud schemes that appear to have permeated certain health care sectors in South Florida. The task force sought to develop the ability to identify and respond to similar problems in other parts of the country. The project has already had a significant impact on the integrity of the Medicare program. To date, the project has recovered over $11 million, and has resulted in 43 indictments, 1 information/plea, and in the revocation of supplier numbers of almost 500 durable medical equipment, prosthetics, orthotics, and supplies (DMEPOS) suppliers for not meeting the minimal standards of participation. Some of these revocations have since been overturned on appeal. More results are expected in the future.
The OIG investigators, along with its partners, developed new and innovative methods to identify and prosecute fraud in a timely manner. The investigators developed a three-phase operation.
- The first phase, Operation Equity Excise, working in cooperation with local Miami banks, identified over 200 bank accounts of health care entities for which the bank identified suspicious activities. For several months, the OIG, the U.S. Attorney’s Office in Miami and the FBI worked collaboratively to perform preliminary investigations into corporate and claims history of these suspicious providers. Local banks placed administrative holds on these accounts while law enforcement investigated the providers associated with the accounts.
In the fall of 2006, OI agents and FBI agents attempted to locate the listed account holders for 103 of the largest accounts. The agents confronted account holders they were able to locate, obtained statements from them regarding their involvement with the schemes, and secured their agreement to voluntarily return the funds in the bank account to the Federal government. In less than 8 months, this initiative resulted in the recovery of over $11 million.
- The second phase, Operative Equity Excise 2, represented the criminal investigative actions brought about by the work performed in Operation Equity Excise. In less than 3 months, there have been 5 indictments and 1 information/plea. The indictments involved over $24 million in claims that were billed to the Medicare program. Two of the indictments involved individuals with alleged businesses where I personally visited when I accompanied the OIG team performing the unannounced site visits.
- In support of this multi-agency approach, in March 2007, the DOJ Criminal Division launched a Medicare Fraud Strike Forceto prosecute individuals and companies that have schemed from inception to commit DME fraud rather than to provide any legitimate health care services. The Strike Force is staffed by four Fraud Section prosecutors (including a HHS-OIG attorney on detail), two Assistant U.S. Attorneys, one full-time nurse/auditor, and a part-time program analyst and paralegal, with investigative support from the FBI and the HHS-OIG. It supplements ongoing U.S. Attorney’s Office (SD/FL) prosecution efforts. Strike Force accomplishments during its first four months include:
- 43 defendants indicted since March for fraudulent billings to Medicare totaling $157 million with a minimum expected recovery through criminal fines and forfeitures totaling at least $23.2 million.
- Estimated criminal forfeitures, fines, and restitution to date from indicted Strike Force cases represent a $14.66 return per $1 in annual HCFAC funding to the Criminal Division.
New CMS Demonstration Project
Recognizing the significant vulnerabilities presented by DMEPOS providers in South Florida and Southern California, CMS has used its authority for conducting demonstrations of effective controls to curb fraud and abuse within Medicare to launch a new demonstration project.
In a new, 2-year CMS demonstration project I announced on July 2, 2007, suppliers of DMEPOS in the greater Miami and Los Angeles areas must re-applyannually for participation in Medicare in order to maintain their billing privileges. The demonstration has three components:
1. Immediate submission of enrollment application. Letters will be sent to suppliers asking that they resubmit applications to be a qualified Medicare DMEPOS supplier. All DMEPOS suppliers in the demonstration locales must submit a Medicare enrollment application within 30 days of CMS notification.
2. Revocation of billing privileges. Medicare billing privileges will be revoked (and appropriate recoupment measures applied) if a DMEPOS supplier fails to reapply within 30 days of receipt of CMS’ letter; fails to report a change in ownership or address; fails to report owners, partners, directors or managing employees who have committed a felony within the past 10 years; or fails to comply with DMEPOS supplier standards.
3. Enhanced review of suppliers. DMEPOS suppliers that successfully complete the enrollment process will be subject to enhanced review, including site visits driven by established risk factors.
Eliminating fraudulent suppliers protects people with Medicare and enhances their quality of care. Enhancing our review of DMEPOS suppliers will go a long way to ferret out those who are not meeting the needs of beneficiaries and upholding Medicare’s promises.
The initiatives and examples that I have discussed today are a small fraction of the Department’s efforts to protect the health, vitality, and integrity of Federal health programs as well as protect the resources allocated to pay for these services and programs. We are committed to investing in program integrity efforts in order to send a clear message that criminal fraud in our Federal health care programs will not be tolerated. We are committed to vigorously pursuing the goals of the Health Care Fraud and Abuse Control Program with the Department of Justice, our co-partner. We appreciate the support of our Budget Committee colleagues in providing the necessary resources to permit us to continue as well as expand these important program integrity and health care fraud and abuse control program endeavors.
By attacking fraud vigorously, wherever it exists, we all stand to benefit. Taxpayers will save hundreds of millions of dollars each year. Medicare trust fund resources will be protected and remain available for their intended purposes. Medicare dollars that have gone to fraudulent suppliers will instead be available for legitimate businesses whose purpose is to serve the needs of our program beneficiaries. And most importantly, we can ensure that seniors and disabled persons get the necessary supplies and care they need to stay healthy, so as to enjoy enhanced wellbeing and quality of life.
Thank you for the opportunity to discuss our work to protect the integrity of Federal health care programs. I would be happy to answer any questions the Committee may have.
Last revised: April 19, 2011