Financial Audit Division | Released April, 2020 |
The Minnesota Eligibility Technology System (METS) is the online IT system used by MNsure and the Department of Human Services (DHS). METS serves as a centralized resource for individuals to apply for public health care programs and explore private health insurance options. DHS and counties rely significantly on METS to help determine eligibility for more than 1.2 million individuals each year. In calendar year 2018, METS processed more than 2.5 million initial and periodic reviews of eligibility for public program enrollees.
MNsure, Minnesota IT Services (MNIT), and representatives from DHS all have roles in the governance and administration of METS; however, MNIT is responsible for the design, maintenance, and operation of the system. For fiscal years 2012 through 2019, total expenditures to build and operate METS to serve public health care programs and MNsure were about $432 million.
The Office of the Legislative Auditor (OLA) conducted this selected scope audit to determine whether MNIT and DHS ensured METS had adequate internal controls related to eligibility determinations for public health care programs and whether these entities complied with significant legal requirements. Our audit scope included select METS technical processes, security controls, and eligibility determinations for enrollees in Medical Assistance, MinnesotaCare, and the Children’s Health Insurance Program between January 1, 2018, and December 31, 2019. We did not examine issues related to the governance of METS or METS functionality related to other health insurance programs, commercial products, or other services provided under MNsure.
OLA concluded that Minnesota IT Services (MNIT) and the Department of Human Services (DHS) generally complied with the legal requirements we tested that related to determining eligibility, the use of trusted data sources, and periodic data matching to review enrollee eligibility.
However, OLA found the following issues of noncompliance with legal requirements related to METS’ ability to transfer data and MNIT’s documentation of system access. We discuss these more thoroughly in the findings and recommendations in the report.
OLA concluded that many of the select technical controls and edits that we tested in METS operated correctly and aligned with program eligibility requirements defined in law. With some exceptions, METS also accurately validated applicant information using data from other sources, when available. However, we found that key MNIT and DHS system controls for METS were, overall, generally not adequate to ensure that it safeguarded assets and ensured compliance with applicable legal requirements.
We identified the following weaknesses in select MNIT and DHS internal controls related to METS eligibility processes and system security access. We discuss these more thoroughly in the findings and recommendations in the report.