Report # 03-07 OFFICE OF THE LEGISLATIVE AUDITOR STATE OF MINNESOTA

EVALUATION REPORT

AUGUST 2003 PROGRAM EVALUATION DIVISION Centennial Building -Suite 140 658 Cedar Street -St. Paul, MN 55155 Telephone: 651-296-4708 Fax: 651-296-4712 E-mail:legislative.auditor@state.mn.us Web Site: http://www.auditor.leg.state.mn.us

Controlling Improper Payments in the Medical Assistance Program

Photo Credits: The photograph on the Contolling Improper Payments in the Medical Assistance Program report cover was taken by Legislative Audit staff.

Program Evaluation Division The Minnesota Office of the Legislative Auditor was established in 1973, replacing the century-old Public Examiner's Office. Its role is to audit and evaluate public programs and ensure accountability for the expenditure of public funds. In 1975, the Legislature created the Program Evaluation Division within the auditor's office. The division's mission, as set forth in law, is to determine the degree to which activities and programs entered into or funded by the state are accomplishing their goals and objectives and utilizing resources efficiently.

Topics for evaluation are approved by the Legislative Audit Commission (LAC), a 16-member joint, bipartisan commission. The division's reports, however, are solely the responsibility of the Office of the Legislative Auditor. Findings, conclusions, and recommendations do not necessarily reflect the views of the LAC or any of its members. A list of recent evaluations is on the last page of this report. A more complete list is available at OLA's website (www.auditor.leg.state.mn.us), as are copies of evaluation reports.

The Office of the Legislative Auditor also includes a Financial Audit Division, which annually conducts a statewide audit of the 25 largest agencies, an audit of federal funds, and approximately 40 financial and compliance audits of individual state agencies. The division also investigates allegations of improper actions by state employees.

Professional Staff James Nobles, Legislative Auditor Joel Alter Valerie Bombach, David Chein, Jody Hauer, Adrienne Howard, Daniel Jacobson, Deborah Junod, Carrie Meyerhoff, John Patterson, Judith Randall, Jan Sandberg, Jo Vos, John Yunker

Support Staff Barbara Wing This document can be made available in alternative formats, such as large print, Braille, or audio tape, by calling 651-296-8976 Voice, or the Minnesota Relay Service at 651-297-5353 or 1-800-627-3529.

e-mail:legislative.auditor@state.mn.us

Reports of the Office of the Legislative Auditor are available at our Web Site: http://www.auditor.leg.state.mn.us

OFFICE OF THE LEGISLATIVE AUDITOR State of Minnesota James Nobles, Legislative Auditor August 20, 2003 Members Legislative Audit Commission The Medical Assistance (MA) program provides health care coverage to low income Minnesotans and costs over $4 billion annually, with the state and federal government splitting the cost. Given the size of this program and national concerns about fraud, abuse, and other improper payments in health care programs, the Legislative Audit Commission directed the Office of the Legislative Auditor to evaluate Minnesota's payment control strategy for MA. We began the evaluation in January of 2003.

While we found that Minnesota's approach to controlling improper MA payments is reasonable, the state's effort needs more focus, commitment, and coordination. Specifically, the Department of Human Services (DHS) should increase its efforts to (1) assess the size and nature of the improper payment problem in Minnesota, (2) evaluate how well its payment controls are working, and (3) coordinate its payment control activities. Our report provides a range of recommendations and options for improving the state's control efforts.

This report was researched and written by John Patterson (project manager), Valerie Bombach, and Dan Jacobson. We received the full cooperation of the Department of Human Services and the Attorney General's Office, the two state agencies responsible for controlling improper MA payments.

Sincerely, /s/ James Nobles James Nobles Legislative Auditor

Room 140, 658 Cedar Street, St. Paul, Minnesota 55155-1603 Tel: 651/296-4708 Fax: 651/296-4712 E-mail: auditor@state. mn. us TDD Relay: 651/297-5353 Website: www.auditor.leg.state.mn.us

Table of Contents

SUMMARY ix

INTRODUCTION 1 1. CONTROLLING IMPROPER PAYMENTS IN MINNESOTA
Minnesota's Medical Assistance Program
Improper Payments
The Payment Control System

2. COMPONENTS OF A COMPREHENSIVE PAYMENT CONTROL STRATEGY
Component 1: Assess the Size and Nature of the Improper Payment Problem
Component 2: Coordinate the Various Payment Control Sections
Component 3: Have Appropriately Trained Staff
Component 4: Emphasize Preventing Improper Payments
Component 5: Proactively Detect Emerging Fraud Schemes and Patterns
Component 6: Control for Both Sim ple and Complex Schemes
Component 7: Make Sure That Every Claim Faces Some Risk of Re view
Component 8: Give Managed Care Proper At ten tion
Component 9: Ensure Sufficient Consequences
Component 10: Periodically Assess and Revise the Payment Control System
3. RECOMMENDATIONS
FUR THER READING
AGENCY RESPONSE
RECENT PROGRAM EVALUA TIONS
List of Tables and Figures Tables Page 1.1 Services Covered Under Min nesota's Medical Assistance Program 5 1.2 Medical Assistance Ex penditures, FY 2002 5 1.3 Major Public Health Care Programs in Minnesota 6 1.4 Com mon Health Care Fraud Schemes 7 1.5 Minnesota's Payment Control Activities 8 1.6 Typical Medical Review Activities 9 1.7 State Health Care Program Claims Processed in FY 2002 11 2.1 Components of a Comprehensive Payment Control System 16 2.2 Important Provider Enrollment Procedures 32 2.3 Important Medical Review Procedures 34 2.4 Important Claims Processing Procedures 36 2.5 Proactive Techniques to Detect Emerging Fraud Schemes 38 2.6 Important Oversight Pertinent to Managed Care 44 Figures 2.1 Minnesota's Organizational Structure for Medical Assistance Payment Control 21

2.2 Attorney General's Medical Assistance Case Dispositions and Staffing, 1996-2002

Summary Medical Assistance (MA) provides health care services to low-income families, pregnant women, elderly, and people with disabilities. The Minnesota Department of Human Services (DHS) administers the program, which had an average monthly caseload of 404,000 recipients in fiscal year 2002 and cost about $4.1 billion, half of which was funded by the federal government.

Given the size and cost of the MA program, the state has a strong interest in preventing and detecting fraud, abuse, and other types of improper payments, such as inadvertent errors. DHS is largely responsible for payment control efforts, which include, among other things, verifying provider eligibility, processing claims, overseeing managed care contracts, reviewing and investigating suspicious payments, and recovering improper payments. In support of these activities, the Attorney General's Office investigates and prosecutes provider fraud cases, and Minnesota's 87 counties verify recipient eligibility and prosecute recipient fraud cases.

The Office of the Legislative Auditor conducted a broad evaluation of Minnesota's approach to controlling improper payments in the Medical Assistance (MA) program, which is Minnesota's Medicaid program. The state's approach meets federal requirements and has elements that are recommended in national fraud control studies. Nevertheless, we think the state should consider additional ways to strengthen its payment control system. Overall, we think the state's approach to controlling improper MA payments needs more focus, coordination, and commitment.

The state does not have a comprehensive, system-wide strategy to guide its payment control efforts, and the Department of Human Services (DHS) has not made "controlling improper payments" a department-wide core value or goal. In addition, DHS has not comprehensively assessed the amount or nature of improper payments occurring in Minnesota, or systematically evaluated the effectiveness of existing and prospective payment controls. Without this information, DHS does not know whether it is over-or under-investing in its payment control system, or whether it is allocating resources in the right areas.

Our report provides a range of recommendations and options for strengthening the state's MA payment control system. As a first step, we recommend that DHS provide the 2004 Legislature with an action plan for how it will address issues raised in the report.

The state's approach to controlling improper Medical Assistance payments needs more focus, coordination, and commitment.

Based on a substantial body of literature, we identified ten key components of a comprehensive payment control strategy, as listed in the table below.

We compared Minnesota's strategy with these ten components and assessed the system's strengths and weaknesses. While we found the state's overall approach to be reasonable, we identified several opportunities to strengthen Minnesota's MA payment control system.

DHS Needs to Develop and Emphasize a System-Wide Payment Control Strategy

DHS' payment control activities are divided among nine divisions and fall under the authority of all four of the department's assistant commissioners, but DHS does not have a unified strategy to guide its efforts. In addition, none of DHS' department-wide core values, goals, or performance measures directly address controlling improper payments. Instead, the department's values and goals emphasize serving clients. This imbalance between serving clients and program controls has created some tension within DHS. For example, DHS staff who investigate improper payments want to increase the department's billing oversight for personal care assistants (PCAs), who provide in-home assistance for the elderly and disabled. However, the DHS supervisors who oversee and manage the PCA services said that additional oversight is unnecessary and would potentially restrict access to health care by dissuading PCAs from participating in MA. To improve coordination across the department and to emphasize the importance of program integrity, we recommend that DHS articulate a department-wide strategic plan that includes objectives, goals, and performance measures for controlling MA fraud, abuse, and other improper payments.

DHS Needs to Assess the Size and Nature of Minnesota's Improper Payment Problem

To implement a more strategic approach to controlling improper payments, DHS needs better information on the amount and nature of improper payments occurring within the MA program. The department has data on improper payments detected through its current system but has not estimated the magnitude of improper payments that are slipping through the system. The best way to obtain this information is to audit a representative sample of paid claims. While a detailed audit can cost up to $1 million, it can also provide valuable insights and direction. As a less costly alternative, the state could do a series of smaller audits that target suspected problem areas, such as payments for personal care services. Without a comprehensive understanding of the improper payment problem, the state does not know whether it is over-or under-investing in its payment control efforts or whether it is allocating resources in appropriate areas.

Key Components of a Comprehensive Payment Control Strategy 1. Assess the size and nature of the improper payment problem. 2. Coordinate the various payment control activities. 3. Have appropriately trained staff. 4. Emphasize preventing improper payments.

5. Proactively detect emerging fraud schemes and patterns. 6. Control for both simple and complex fraud schemes. 7. Make sure that every claim faces some risk of review. 8. Give managed care proper attention. 9. Ensure sufficient consequences. 10. Periodically assess and revise the payment control system.

The Department of Human Services (DHS) has not made controlling improper payments a department-wide core value or goal.

Minnesota Should Periodically Assess and Revise the Payment Control System

Criminals who commit fraud try to find and exploit new vulnerabilities in the system. To keep up with evolving fraud schemes, DHS' approach to controlling improper payments needs to be periodically assessed and revised. While DHS changes elements of its payment control system when it becomes aware of weaknesses, we found that the department is not always proactive in detecting emerging fraud schemes nor does it regularly evaluate the costs and benefits of individual payment control efforts so that it can effectively target resources.

For example, DHS made a questionable staffing decision in 1994 that could have been identified and corrected with appropriate analysis. At that time, DHS cut the number of staff that investigate improper payments from 14 to 7. We estimate that this saved DHS approximately $350,000 per year. However, after the staff cuts, DHS' improper payment settlements with providers dropped by $1.7 million per year. While this change occurred ten years ago and several other factors could also help explain the drop in settlements, the fact that the staff reduction occurred at the same time raises questions about the cost effectiveness of this decision. As of June 2003, DHS had roughly the same number of investigators as it had after this reduction.

In addition, DHS needs to improve its automated system that tracks improper payment detection and investigation efforts because it does not include some data needed to evaluate the department's performance. For instance, while DHS records the source of the tip that spurred an investigation in its paper files, it does not consistently include the source in its case tracking system. In addition, while DHS investigators record the settlement amounts resulting from their investigations in the case tracking system, the actual recoveries are tracked in a separate system. Effectively linking these pieces of information is necessary if DHS wants to track the benefits of its payment control initiatives. For example, each time DHS pays a provider for a set of MA services, the department mails a form—called an explanation of medical benefits—to the recipient of these services. The form specifies the type and date of services that were supposedly provided and instructs the MA recipient to review the listed services and report any inaccuracies, particularly any services that the recipient did not receive. If DHS wants to analyze the benefits of this initiative, it needs to identify investigations that were triggered by recipients responding to this form in its case tracking system and assess the actual recoveries that resulted.

DHS May Need to Consider Additional Payment Controls

In addition to identifying key strategic issues, our evaluation also identified more specific payment control changes that the state should consider. For example, DHS does not engage in several provider enrollment practices used by some other states, such as conducting criminal background checks for a wide-range of providers and visiting providers before they enroll in the MA program. In addition, DHS does not provide specialized fraud detection training for claims processing staff. The department also could use data-mining software to analyze paid claims for complex fraud schemes—such as a group of health care providers who refer patients to each other for medically unnecessary or costly services.

SUMMARY xi DHS does not regularly evaluate the costs and benefits of existing or prospective payment controls.

Finally, Minnesota could add tools for prosecuting MA fraud cases. Most prosecution in Minnesota occurs under general theft, perjury, and forgery statutes. In contrast, other states have adopted extensive criminal and civil statutes specific to health care fraud. For example, some states have enacted criminal "anti-kickback" laws, which make it a crime for one provider to receive a monetary reward from another provider for referring an MA recipient for services.

DHS' decision to pursue these or other payment controls should be made in the context of the strategic issues discussed above—assessing the size and nature of Minnesota's improper payment problem, developing a system-wide strategy, and assessing the effectiveness of current and prospective payment controls.

Introduction

In recent years, fraud, abuse, and other types of improper payments in the federal government's Medicaid program have received considerable attention. Academics and government officials have written about the size and nature of the problem and recommended strategies for controlling it. In fact, the U.S. Department of Health and Human Services, which is responsible for overseeing the Medicaid program at the federal level, has created the Medicaid Alliance for Program Safeguards to disseminate to states information about effective control strategies. Because each state is responsible for designing and administering its own Medicaid program (within federal policy parameters), it is hoped that this information will improve Medicaid's payment integrity.

Medical Assistance, commonly referred to as MA, is Minnesota's Medicaid program. The program provides health care services to low-income families, pregnant women, elderly, and people with disabilities. In fiscal year 2002, the program served approximately 404,000 people and cost $4.1 billion—with the state and federal governments each paying for half of these costs. With the state spending so much money on this program and national concerns about improper payments, the Legislative Audit Commission directed the Office of the Legislative Auditor to evaluate the state's efforts to control improper payments in the MA program. We began the evaluation in January of 2003.

We posed the following questions: What are the key components of a comprehensive payment control strategy?

To what extent is Minnesota pursuing each component of a comprehensive strategy? What are the strengths and weaknesses of Minnesota's strategy? How can Minnesota improve its payment control strategy? To answer these questions, we (1) carried out an extensive literature review, (2) read program documents and analyzed data concerning Minnesota's payment control efforts, and (3) interviewed payment control staff from the Department of Human Services (DHS), the Attorney General's Office, federal government agencies, and other states.

Our evaluation is a broad overview of Minnesota's strategy to control improper MA payments. While we discuss individual payment control activities, such as enrolling health care providers to ensure that they are eligible to participate in MA, our assessments of these individual activities are not exhaustive or conclusive. Consequently, our findings and recommendations address broad strategic issues, such as the extent to which Minnesota has tried to estimate and understand the size and nature of the improper payment problem.

There is national concern about improper payments in the Medicaid program.

To evaluate Minnesota's MA payment control strategy, we compared it with a list of ten key components that make up a comprehensive control strategy. We formed this list after conducting an extensive literature review that relied heavily on the work of (1) Harvard University's Malcolm Sparrow, a nationally recognized health care fraud expert, (2) the U.S. Department of Health and Human Services (both the Centers for Medicare and Medicaid Services and the Office of the Inspector General), and (3) the U.S. General Accounting Office. (A full listing of the literature that we reviewed is in the Further Reading section at the end of the report.) Overall, the ten components represent our summary of the key elements that should be present in payment control strategies, especially for large and complex government programs.

Chapter 1 provides background information on Minnesota's MA program and how the state controls for improper payments. In Chapter 2, we compare Minnesota's payment control strategy with the list of ten components of a comprehensive control strategy. Finally, in Chapter 3, we make several recommendations about how Minnesota can improve its payment control strategy.

Controlling Improper Payments in Minnesota SUMMARY Medical Assistance (MA) provides health care services to the poor. In fiscal year 2002, MA served about 404,000 people in an average month and spent $4.1 billion over the course of the year. The state has many procedures for controlling fraud, abuse, and other improper payments within the MA program, including (1) recipient enrollment, (2) provider enrollment, (3) provider training and assistance, (4) medical reviews, (5) claims processing, (6) post-payment review and investigation, (7) prosecution, (8) payment recovery (9) managed care oversight, and (10) policy management. While the Department of Human Services is responsible for administering MA and carrying out most of these payment control activities, the Attorney General's Office is responsible for prosecuting provider fraud cases and counties are responsible for enrolling recipients and prosecuting recipient fraud cases.

Medical Assistance (MA) is Minnesota's Medicaid program. Medicaid is a joint federal/state effort to provide health care services to low-income families, pregnant women, elderly, and people with disabilities. Under the Medicaid program, the federal government establishes (1) basic administrative requirements, (2) general parameters for recipient eligibility, (3) a set of mandatory health care services, and (4) a list of services that states can choose to provide. Each state then creates and administers its own program within these federal parameters. In fiscal year 2002, Minnesota's MA program spent $4.1 billion—with the state and federal governments each paying for half of these costs—and had an average monthly caseload of about 404,000 people.

Given the size and cost of the MA program, the state has a strong interest in ensuring that program spending is appropriate. This includes preventing and detecting fraud, abuse, and other types of improper payments that involve health care providers billing for services or recipients accessing MA services. In this chapter, we address the following questions:

In general terms, how does Minnesota's Medical Assistance program operate?

How does Minnesota control for improper payments? To answer these questions, we reviewed MA program documents, analyzed program data, and interviewed staff from the Minnesota Department of Human Services and the Office of the Minnesota Attorney General.

Minnesota's Medical Assistance (MA) program serves about 404,000 low-income people.

MINNESOTA'S MEDICAL ASSISTANCE PROGRAM The Minnesota Department of Human Services (DHS) administers the MA program. In doing so, DHS manages and oversees a vast array of eligibility criteria, services, and administrative activities. In this section, we briefly describe the MA program and how DHS administers it.

To qualify for MA, recipients must meet income and other eligibility criteria. The income limits vary by the type of applicant. For example, children under the age of two are eligible if their household income is at or below 280 percent of the federal poverty level. In contrast, parents are eligible if their household income is at or below 100 percent of the federal poverty level. Individuals who do not initially meet the MA income limits may become eligible by "spending down," or paying for medical expenses that would reduce their remaining income to a level equal to or less than the income limit. MA also has asset limits and other eligibility restrictions.

MA provides a wide range of services, some of which are listed in Table 1.1. DHS provides these services through two different systems—fee-for-service and managed care. Under the traditional fee-for-service system, MA recipients obtain health care services from providers who are enrolled in the MA program, and DHS directly reimburses the providers. DHS divides the fee-for-service benefits into two categories—basic care and long-term care. Long-term care includes institutional care along with home and community-based services. Long-term care facilities include nursing homes, intermediate care facilities for people with mental retardation, and the state's regional treatment facilities. Home and community-based services—such as personal care assistants, in-home nursing services, and home-delivered meals—are designed to keep people with disabilities and the elderly out of those long-term care facilities. Basic care includes all the other services provided under MA.

Under the managed care system, the state pays managed care organizations upfront fees—called capitation payments—to provide MA recipients with basic health care services for a specified period of time. The payment is the same if the enrollee receives no services or many services; thus, the managed care organizations bear the financial risk of providing these services. As part of their responsibilities for administering MA services, the managed care organizations (1) develop and maintain provider networks, (2) process claims, (3) maintain records, or "encounter data," of recipient health care services for DHS, (4) pay providers, and (5) provide administrative services, such as sending out health care statements to recipients.

Managed care plays a dominant role in the MA program in terms of recipient enrollment. In fiscal year 2002, 53 percent of MA recipients were enrolled in managed care. 1 However, long-term care accounts for the largest share of expenditures, as shown in Table 1.2. In fact, managed-care accounts for only 18 percent of expenditures.

MA provides a wide range of health care services.

1 Office of the Legislative Auditor analysis of data from the Department of Human Services.

CONTROLLING IMPROPER PAYMENTS IN MINNESOTA 5 Table 1.1: Services Covered Under Minnesota's Medical Assistance Program The federal government requiresMinnesota to cover the following services: Physician services; Child and teen checkups; Family planning; Laboratory and X-ray services; Nurse midwife services; Family and certified pediatric nurse practitioner services; Ambulance and emergency room services; Home health care for people age 21 and older; Rural health clinic care; Inpatient and outpatient hospital care; and Nursing facility care.

The federal government has allowedMinnesota to cover the following services: Preventive health services; Dental services; Podiatry services; Chiropractic services; Transportation services; Mental health treatment; Alcohol and drug treatment; Physical, occupational, speech, and respiratory therapy; Personal care services; Private-duty nursing services; Home health care for people under age 21; Group home care for people with mental retardation; Hospice care; Prescription drugs; Eye exams, glasses, and hearing aids; Prosthetics; and Nutritional advice and food vouchers for pregnant women, infants, and children.

SOURCE: Department of Human Services, "Medical Assistance (MA) (Minnesota's Medicaid Program);" www.dhs.state.mn.us/healthcare/asstprog/MMAP.htm; accessed June 12, 2003.

Table 1.2: Medical Assistance Expenditures, FY 2002 Expenditures Payment System and Type of Care (in millions) Fee-for-service Long-term care $2,156 Basic care 1,189 Managed care 765 Other 27 Total $4,136

SOURCE: Office the Legislative Auditor analysis of data from the Department of Human Services.

MA is one of Minnesota's three primary public health care programs. As shown in Table 1.3, the other two state programs are MinnesotaCare and General Assistance Medical Care. These programs are referred to collectively as the Minnesota Health Care Programs. Minnesotans who are at least age 65 or have a disability also have access to Medicare, which is run by the federal government.

IMPROPER PAYMENTS Improper payments include fraud, abuse, and unintentional errors. Improper payments can involve the inappropriate actions of providers who are billing for health care services or recipients who are accessing services. Under federal Medicaid regulations:

Fraud is defined as "an intentional deception or misrepresentation made by a person with the knowledge that the deception could result in some unauthorized benefit to himself or some other person." Abuse means "practices that are inconsistent with sound fiscal, business, or medical practices, and result in unnecessary cost to the Medicaid program, or in reimbursement for services that are not medically necessary or that fail to meet professionally recognized standards for health care." 2

Table 1.4 lists some typical provider fraud schemes that have occurred around the country. Improper payments also include unintentional errors, such as a provider who unintentionally bills for the same service twice or an applicant who accidentally forgets to report some assets. 3

Table 1.3: Major Public Health Care Programs in Minnesota Medicaidis a federal-and state-funded program that provides health care services to low-income families, pregnant women, elderly, and people with disabilities. The federal government establishes broad guidelines regarding eligibility and benefits but permits states flexibility in administering the program.

Medical Assistance (MA) is Minnesota's Medicaid program. General Assistance Medical Care (GAMC) is a state-funded program that provides health care services to certain groups of low-income individuals who are ineligible for

Medical Assistance, such as able-bodied adults without children. MinnesotaCareis a state-and federal-funded health insurance program for low-and moderate-income individuals and families. The program covers individuals who do not have access to employer-provided insurance and who typically have income in excess of the limits for Medical Assistance and General Assistance Medical Care.

Medicareis a federal-funded and administered health care program available to most citizens who are at least age 65 or have a disability. Unlike Medicaid, it is not targeted toward low-income populations.

SOURCE: Compiled by the Office of the Legislative Auditor.

MA is one of Minnesota's primary public health programs.

Improper payments can involve fraud, abuse, or inadvertent errors.

2 42 CFR sec. 433.304 (2002). State rules provide similar, but more detailed, definitions in Minn. Rules, ch. 9505.2165, subps. 2 and 4. who unintentionally bills for the same service twice or an applicant who accidentally forgets to report some assets. 3

Managed care adds other concerns to the improper payment issue. As mentioned previously, the state pays upfront capitation payments to managed care organizations to administer health plans and bear the financial risk of providing health care coverage, which includes paying providers for the MA services they deliver. Consequently, the managed care organizations are responsible for preventing and detecting improper MA payments. As a result, some people believe that a managed care system largely takes care of improper payments from the state's perspective. However, the state still faces some risks and needs to ensure that managed care organizations (1) have procedures for preventing and detecting improper claims from providers and (2) make available the health care services that they have been contracted to provide.

THE PAYMENT CONTROL SYSTEM In order to prevent, detect, and recover improper payments, the state has created a payment control system. As Table 1.5 shows, this system involves a wide range of activities—from enrolling recipients and providers to processing claims to reviewing and investigating suspicious claims. DHS carries out most of these activities; however, the Attorney General's Office is responsible for investigating and prosecuting cases of suspected provider fraud. In addition, Minnesota's counties are responsible for verifying recipient eligibility and prosecuting cases of suspected recipient fraud. While MA is the state's primary health care program, DHS uses its portion of the system to control payments for all of the state health care programs, including MA, MinnesotaCare, and General Assistance Medical Care. 4

CONTROLLING IMPROPER PAYMENTS IN MINNESOTA 7 Table 1.4: Common Health Care Fraud Schemes Billing for "phantom patients" who did not really receive services, Billing for health care services that were not provided, Billing for old items as if they were new, Billing for more hours than there are in a day, Billing for tests that the patient did not need, Paying a "kickback" in exchange for a referral for health care services, Charging for personal expenses that have nothing to do with caring for a client, Overcharging for health care services that were provided, Concealing ownership in a related company, Using false credentials, and Double-billing for health care services or goods that were provided.

SOURCE: Centers for Medicare and Medicaid Services, U.S. Department of Health and Human Services, "Most Common Medicaid 'Rip Offs; '" http://cms.hhs.gov/states/fraud/ripoffs.asp; accessed January 22, 2003.

DHS, the Attorney General's Office, and counties have responsibilities in the state's MA payment control system. 3 In the fee-for-service system, DHS determines the rate that it will pay providers for delivering specific health care services. These rates must conform to payment parameters set in federal and state laws and rules. However, on occasion, DHS has inadvertently set rates that have not conformed to these parameters. While these errors are a type of improper payment, our evaluation examined the state's effort to control improper payments that result from actions taken by providers and recipients, rather than rate setting errors by DHS. We also did not evaluate DHS' policies for setting managed care capitation rates.

Recipient Enrollment To ensure that only eligible people receive MA services, county staff determine the eligibility for each applicant according to the criteria discussed above. County staff also periodically review the eligibility of recipients, including income levels every six months. To support accurate eligibility determinations, DHS trains new county eligibility workers, develops policy manuals and bulletins, and operates an online system to respond to county questions about how to handle specific cases. In addition, Minnesota has the Fraud Prevention Investigation Program, which is a state-supervised, county-operated program intended to reduce recipient eligibility fraud. Under this program, DHS supervises 30 county investigators who review questionable applications in various public assistance programs, including MA, the Minnesota Family Investment Program (MFIP), and Food Stamps. According to DHS, the county investigators reviewed about 7,100 cases in 56 counties in 2002.

Provider Enrollment DHS' provider enrollment staff ensure that providers are qualified to participate in the state-run health care programs and are in good standing. The enrollment process largely involves checking that applicants are appropriately licensed or certified to provide services and are not excluded from participating in the MA program. Once enrolled, DHS assigns each provider a billing number, and the providers can participate in MA and the other state health care programs. In fiscal year 2002, DHS processed 6,542 provider enrollment applications and rejected about 2 percent of them. In total, 27,612 providers were enrolled at some time during 2002. 5

Table 1.5: Minnesota's Payment Control Activities Recipient enrollment Provider enrollment Provider training and assistance Medical reviews Claims processing Post-payment review and investigation Prosecution Payment recovery Managed care oversight Policy management

SOURCE: Office of the Legislative Auditor.

4 We focused our evaluation on MA for two reasons. First, this kept the scope of the evaluation feasible. Second, MA dominates DHS' payment control work. For example, 78 percent of the fee-for-service claims that DHS processed in fiscal year 2002 were MA claims. In addition, DHS' health care information system—the Medicaid Management Information System (MMIS)—was originally designed for the Medicaid/MA program. The other health care programs are add-ons to the system.

Provider Training and Assistance To help providers understand DHS' billing procedures and the policies of the state health care programs, DHS also provides training and assistance. In fiscal year 2002, DHS' call-in help-desk took 236,854 telephone calls from providers to answer their billing and program questions. In addition, DHS provides formal training sessions for providers throughout the state on various issues. According to DHS, it held 117 of these sessions in fiscal year 2002 with an attendance of 2,080 providers.

Medical Reviews Medical reviews ensure that certain services are medically necessary and appropriate, and Table 1.6 lists typical medical review activities. DHS contracts with Care Delivery Management, Inc. (CDMI) to provide medical reviews for the department's fee-for-service benefits. Performed by licensed medical staff and professionals, these reviews include authorizations for services that fall outside of the standard benefits package of the respective state health care program, as well appropriate care.

CONTROLLING IMPROPER PAYMENTS IN MINNESOTA 9

Table 1.6: Typical Medical Review Activities Medical Reviews( which are also referred to as Utilization Reviews) involve assessing the medical necessity, appropriateness, efficiency, or quality of health care services. The reviews may occur before, during, or after treatment. These reviews come in several forms: Authorizationsrequire a patient to receive approval from the state or a designee for the provision of a service before the state will pay for it. Not all services require an authorization—only those that fall outside of the standard benefits package for the respective state health care program. DHS publishes a list of the services requiring an authorization in the State Register. Traditionally, authorizations have been obtained before the service is provided; nevertheless, they can also be obtained retroactively, but the provider and recipient run the risk of the authorization and payment being denied.

Concurrent Reviewsevaluate services while they are being provided to help determine whether the service is appropriate and should continue or cease. Retrospective Reviewsevaluate the appropriateness of services after they have been provided but may occur before or after the state pays for the services. If the review is performed before payment, it may lead to the claim being denied. Provider Profilingis used to identify providers whose practices deviate from accepted standards and to educate them about the standards for cost-effective and as concurrent and retrospective reviews of inpatient hospital services. In fiscal year 2003, the department paid CDMI about $1.6 million to carry out 42,000 medical authorizations, 24,000 pharmaceutical authorizations, 13,500 home care service authorizations, 19,000 inpatient hospital authorizations, and 8,000 inpatient hospital concurrent and retrospective reviews. CDMI also provides medical consultation services in response to ad hoc DHS queries and reviews hospitals' utilization review plans.

SOURCE: Office of the Legislative Auditor review of payment control literature.

In 2002, 27,612 providers were enrolled in MA.

5 Office of the Legislative Auditor analysis of enrollment data provided by DHS.

In addition, DHS' pharmacy services unit carries out medical reviews as part of its effort to oversee pharmacy services and physician prescription practices within the state health care programs. These reviews include performing authorizations, retrospective reviews, provider profiling, and educational outreach to providers regarding appropriate prescription practices. DHS also has a computer system, which pharmacists access, that checks the appropriateness of prescriptions while they are being filled. In addition, the pharmacy review section works with a medical review board, comprised of medical professionals and department staff, to review pharmacy benefits, policies, and payment control activities.

Claims Processing After a provider has furnished a service, it sends a claim to DHS requesting reimbursement under the traditional fee-for-service system. The claim identifies, among other things, (1) the service or procedure, (2) the provider that delivered it, (3) the patient who received it, and (4) the patient's diagnosis. DHS enters this information into the department's Medicaid Management Information System (MMIS), which already includes information about provider and recipient enrollment, service authorizations, benefit limits, and payment rates. DHS then runs the claim through a computerized claims processing system. In general terms, the system (1) checks that the information on the claim is complete and appropriate (e. g. the provider and recipient are enrolled in the program), (2) checks if the claim duplicates or conflicts with another claim in the system, (3) ensures that the service is appropriately authorized and within the recipient's benefit limits, and (4) identifies the appropriate payment rate for the service. The system has roughly 1,000 of these computerized checks, which are referred to as "edits." The edits accept, reject, or suspend each claim. DHS reviews by hand claims that have been suspended or have supplemental information attached to the claim form.

As shown in Table 1.7, DHS processed 20.6 million fee-for-service claims in fiscal year 2002 for the state health care programs. Of these, 16.1 million were MA claims, with DHS paying 13.6 million of them and rejecting the remaining 2.5 million. 6 In addition, DHS runs through its edit system claims-level data (called "encounter data") about the services that managed care organizations provided their participants. The department processes the encounter data not to make payments but to validate the data and record and track all the services that all recipients have received, even those in managed care. (Payment is not needed for these managed care services because DHS has already made capitation payments to the managed care organizations, which have in turn already paid the providers for their services.) In 2002, DHS processed 12.3 million of these encounter claims for the state managed care programs. Of these claims, 8.0 million were for the MA program.

DHS processed 16.1 million fee-for-service claims for the MA program in 2002.

6 If DHS rejects a claim, the provider can make necessary clerical corrections and resubmit an entirely new claim for the same service or set of services.

Post-Payment Review and Investigation For all of the state health care programs, the Surveillance and Integrity Review Section (SIRS) at DHS identifies and investigates providers suspected of participating in fraud, abuse, or some other type of improper payment. SIRS also identifies and investigates eligible recipients who abuse MA by obtaining inappropriate services. SIRS identifies suspicious activity in several ways. First, SIRS analyzes all claims to find aberrant billing or service patterns. An unusual pattern, such as a doctor who suddenly orders an increased number of tests, may be an indication of improper payments. A recipient who uses many physicians to obtain the same drug in a short time period may indicate abuse by the recipient. Another way SIRS identifies improper activity is through its telephone hotline. It receives tips from a variety of sources, including recipients, county employees, employees of providers, and the public. Based on these leads, SIRS investigates whether a payment or set of payments was actually improper. According to DHS, SIRS received 2,347 calls on its hotline in 2002 and opened 346 provider investigations.

If SIRS finds evidence that a provider has committed fraud, rather than making an unintentional error or engaging in an abusive practice, it refers the case to the Attorney General's Office for further investigation and possible prosecution. If SIRS identifies an improper payment that is not considered fraud, the department issues a "Notice of Agency Action" that seeks repayment of the funds and/or imposes sanctions on the provider. If the provider disagrees with the department's findings, it can appeal the decision. If necessary, the appeal process eventually leads to a hearing in front of an administrative law judge.

CONTROLLING IMPROPER PAYMENTS IN MINNESOTA 11 Table 1.7: State Health Care Program Claims Processed in FY 2002 Number of Claims Type of Claim (in millions) Fee-for-service claims Medical Assistance 16.1 Other health care programs 4.5 Total 20.6

Claims-level data from managed care organizations Medical Assistance 8.0 Other health care programs 4.3 Total 12.3

SOURCE: Department of Human Services, unpublished table titled "Legislative Request Based on 'Count All TCNs' Logic," received April 24, 2003.

In 2002, DHS opened 346 investigations of providers who may have received improper payments.

If SIRS determines that a recipient has abused health care services, for example by obtaining duplicate services from multiple providers, DHS restricts the recipient's care to just one primary care physician, hospital, and pharmacist for a period of two years. 7 Recipients may appeal restrictions imposed by DHS and, if necessary, have a hearing before an appeals referee. According to DHS, about 400 recipients are under restriction at any point in time.

Prosecution If an improper payment appears to involve provider fraud, the Attorney General's Office investigates and prosecutes the case. The Attorney General's Office receives case referrals not only from DHS but also from the U.S. Department of Health and Humans Services, managed care organizations, employees of providers, recipients, and the public. Between 1997 and 2002, the Attorney General's Office reported that it annually had between 26 and 55 investigations open at any given time. For cases that do not rise to the level of fraud, the office has the authority to pursue civil cases to recoup improper payments. The Attorney General's Office may litigate cases in either state or federal court, depending on the circumstances. Cases that solely involve recipient fraud are referred to the counties, which have jurisdiction for investigating and prosecuting these cases.

Payment Recovery Once it is established that a provider has received an improper payment, DHS and the Attorney General's Office recoup the funds from the provider through one of two primary mechanisms. In most cases, DHS will deduct the amount of the overpayment from subsequent payments that the department makes to the provider for delivering other health care services. Alternatively, in some cases, the provider will directly reimburse DHS or the Attorney General's Office. 8 In fiscal year 2002, the state recovered about $2.5 million in improper payments. 9 These funds reflect recoveries for MA and the other state health care programs, but the vast majority probably apply to MA because MA accounted for roughly 78 percent of the DHS' fee-for-service claims. The state and counties rarely try to recover benefits from recipients who have improperly received services.

Managed Care Oversight As described earlier, the state provides MA benefits through both fee-for-service and managed care systems. For managed care, the state contracts with nine managed care organizations to administer MA health plans. 10 To ensure that managed care organizations are controlling improper MA payments, DHS requires these organizations to (1) develop payment integrity programs, (2) detect improper payments and refer information about these cases to the department and the Attorney General's Office, and (3) submit annual program integrity reports.

In 2002, the state recovered about $2.5 million in improper payments.

7 The primary care physician can authorize care by other physicians. 8 Other methods used by DHS to recoup funds include collection agency activity, civil lawsuits, and the filing of revenue recapture claims, liens, and bankruptcy claims. 9 Office of the Legislative Auditor analysis of data from the Department of Human Services. 10 Currently, the nine participating organizations are: Blue Plus, First Plan Blue, HealthPartners, IMCare, Medica, Metropolitan Health Plan, South Country Health Alliance, PrimeWest, and Icare.

Policy Management DHS' health care policy staff play a critical role in the payment control system. These employees largely determine how the state will administer and implement its health care programs. For example, the benefits policy staff decide, within the context of state and federal law, (1) what health care services are available, (2) who can provide the services, (3) under what conditions they can be provided, (4) how much can be provided, and (5) where they can be provided.

Overall Effort Determining how much the state annually spends to carry out these payment control functions is difficult because these activities are intertwined with other health care and human services activities. For example, medical reviews not only help prevent and detect improper payments, but DHS uses them to evaluate the quality of care being provided. Nevertheless, with respect to the core payment control functions of provider enrollment, provider training and assistance, claims processing, post-payment review and investigation, and prosecution, DHS and the Attorney General's Office reported spending $7 million and allocating 133 full-time employee equivalents in 2002.

As we discuss in the next chapter, Minnesota needs to keep its MA payment control system working efficiently and effectively. While the state needs to be vigilant about all types of improper payments, it needs to pay particular attention to fraud because people who intentionally try to over-bill the MA program are often looking for vulnerabilities in the payment control system to exploit. As U.S. Representative Fred Upton, Chairman of the Subcommittee on Oversight and Investigations of the House Committee on Commerce, stated at the start of hearing on Medicaid fraud:

One lesson that I've seen from the committee's prior work on health care fraud issues is that criminals are always going to try to find ways to make money by ripping off government-run health programs. They know which programs have tough safeguards in place and which ones are vulnerable to fraud. Sometimes, like roaches scurrying from the bright light of public attention, these criminals will inevitably seek out the dark cracks and crevices provided by States that lack adequate anti-fraud safeguards. 11

For core payment control functions, the state spent $7 million in 2002.

11 U.S. Representative Fred Upton, comments during a hearing titled Medicaid Provider Enrollment: Assessing State Efforts to Prevent Fraud (U.S. Subcommittee on Oversight and Investigations of the Committee on Commerce: House of Representatives)

(Washington DC: U.S. Government Printing Office, 2000), 2.

Harvard professor and health care fraud expert Malcolm Sparrow makes a similar point when discussing the dynamic nature of fraud control:

Fraud control is played against opponents: opponents who think creatively and adapt continuously and who relish devising complex strategies; this means that a set of fraud controls that is perfectly satisfactory today may be of no use at all tomorrow, once the game has progressed a little… Maintaining effective fraud controls demands continuous assessment of emerging fraud trends and constant, rapid revision of controls. 12

In the next chapter, we discuss ten components of a comprehensive strategy to control fraud, abuse, and other types of improper payments.

12 Malcolm Sparrow, License to Steal: How Fraud Bleeds America's Health Care System (Boulder, CO: Westview Press, 2000), 126.

Components of a Comprehensive Payment Control Strategy SUMMARY We found that Minnesota's approach to controlling Medical Assistance payments is generally reasonable, but the state does not have a comprehensive, system-wide strategy to guide its control efforts. Specifically, the Department of Human Services (DHS) has not articulated department-wide goals or objectives for payment control, which would help staff prioritize and coordinate their work. In addition, DHS needs to strategically allocate its control resources. However, DHS has never comprehensively assessed the amount or nature of improper payments occurring in Minnesota or systematically evaluated the effectiveness of existing and prospective payment controls. Without this information, DHS does not know whether it is over-or under-investing in its payment control system or whether it is allocating resources in the right areas.

Fraud, abuse, and other improper payments in the health care industry have received considerable attention in the last several years. Government officials and academics have written about strategies for controlling improper payments. In fact, the U.S. Department of Health and Human Services, which is responsible for administering the Medicaid program on the federal level, has created the Medicaid Alliance for Program Safeguards. The alliance is an effort to disseminate information to states about effective payment control strategies for the Medicaid program. To assess Minnesota's payment control strategy, we compared it with effective strategies cited by payment control experts. Specifically, in this chapter, we address the following questions:

What are the key components of a comprehensive payment control strategy?

To what extent is Minnesota pursuing each component of a comprehensive strategy? What are the strengths and weaknesses of Minnesota's strategy? To answer these questions, we (1) carried out an extensive literature review, (2) read program documents and analyzed data concerning Minnesota's payment control efforts, and (3) interviewed payment control staff from DHS, the Attorney General's Office, the federal government, and other states.

Table 2.1 lists ten key components of a comprehensive payment control strategy. We formed this list after conducting an extensive literature review that relied heavily on the work of (1) Harvard University's Malcolm Sparrow, a nationally recognized health care fraud expert, (2) the U.S. Department of Health and Human Services (both the Centers for Medicare and Medicaid Services and the Office of the Inspector General), and (3) the U.S. General Accounting Office. Overall, the ten components represent our summary of the key concepts and principles identified in these materials. These components should be present in most payment control strategies, particularly when a large and complex program is involved. (A listing of the literature that we reviewed is in the Further Reading section at the end of this report.)

When we assessed Minnesota's payment control strategy for the Medical Assistance (MA) program, we found that:

While Minnesota's approach to controlling improper payments is reasonable, the state does not have a comprehensive, system-wide strategy for guiding its control efforts. As we will discuss in the rest of this chapter, Minnesota has addressed to varying degrees each of the ten key components of a comprehensive strategy. In fact, Minnesota's approach has some noted strengths. For example, DHS' computerized claims processing system has been praised for doing a very good job at catching duplicate and conflicting claims. In addition, each time DHS pays a provider for delivering MA services, the department sends a form to the recipient of these services asking him or her to verify that the services were actually provided. Finally, the U.S. Department of Health and Human Services recently reviewed Minnesota's payment integrity procedures and found that the state was in compliance with federal requirements. 1

Nevertheless, we found some weaknesses in the state's payment control strategy that need to be addressed. For example, DHS does not specifically mention controlling improper payments in its department-wide goals and objectives, which can help staff prioritize and coordinate their work when clearly articulated. Also, DHS has never comprehensively assessed the amount or nature of the improper payments occurring in Minnesota or systematically evaluated the effectiveness of existing and prospective payment controls. Without this information, DHS does not know whether it is over-or under-investing in its payment control system or whether it is allocating its resources in the right areas.

Table 2.1: Components of a Comprehensive Payment Control Strategy

1. Assess the size and nature of the improper payment problem. 2. Coordinate the various payment control sections. 3. Have appropriately trained staff. 4. Emphasize preventing improper payments. 5. Proactively detect emerging fraud schemes and patterns. 6. Control for both simple and complex fraud schemes. 7. Make sure that every claim faces some risk of review. 8. Give managed care proper attention. 9. Ensure sufficient consequences. 10. Periodically assess and revise the payment control system.

SOURCE: Compiled by the Office of the Legislative Auditor.

A payment control strategy should address ten key components.

1 Centers for Medicare and Medicaid Services, U.S. Department of Health and Human Services, Review of State Program Integrity Procedures: State of Minnesota (Atlanta, GA: June 2001), 3.

In the following sections, we discuss Minnesota's efforts to pursue each component of a comprehensive strategy. When discussing these components, we often highlight specific payment control procedures that the program integrity literature has identified as being important. By listing and discussing these specific procedures, we are not implying that the state should adopt each of them. The key is to first assess the size and nature of the improper payment problem, set strategic priorities, and then decide if additional payment control procedures are needed.

COMPONENT 1: ASSESS THE SIZE AND NATURE OF THE IMPROPER PAYMENT PROBLEM Assessing the amount and nature of improper payments that are occurring in Minnesota is important to ensure that (1) the state is devoting the proper amount of resources to payment control and (2) it is targeting these resources to where the improper payment problems are largest. This is particularly important considering that the state annually spends more than $4 billion under its MA program.

The Internal Revenue Service (IRS) is an example of an organization that has used estimation techniques to help manage its efforts to control fraud, abuse, and other compliance problems. The IRS estimates taxpayer compliance by periodically conducting thorough reviews of a random sample of tax returns. These reviews enable it to assess the noncompliance that is not being detected by its control systems. It uses the results not only to estimate the amount of tax underpayment, but also to allocate its enforcement resources and to identify weaknesses in its control mechanisms. In addition, the IRS has used the results to recommend changes in law to Congress in order to improve voluntary compliance. 2

In Minnesota's MA program, the importance of estimating the size and nature of the improper payment problem depends in part on how vulnerable the program is to fraud, abuse, and other improper payments. There is evidence both nationally and in Minnesota that Medicaid/MA program integrity is at risk. While the full extent of the problem is unknown, the U.S. General Accounting Office concluded that Medicaid is vulnerable to fraud and abuse and that improper payments "drain vital program dollars, hurting beneficiaries and taxpayers." 3 The U.S. Office of Management and Budget has also identified the Medicaid program as a program at risk for fraud and other improper payments. 4

Effectively targeting resources depends on understanding the specific problems that need to be addressed.

2 U.S. General Accounting Office, Tax Administration: New Compliance Research Effort Is on Track, but Important Work Remains (Washington, DC: June 2002), 2-5.

There is also evidence from other states that Medicaid improper payments are a problem. For example, Illinois and Texas recently estimated that 5 to 7 percent of the Medicaid payments in their states were inappropriate. 5 These improper payments ranged from legitimate services with missing documentation to fraud and abuse committed by providers. Illinois broke these improper payments down into three categories: (1) inadvertent errors primarily consisting of legitimate services with missing documentation, (2) agency errors, and (3) claims whose legitimacy was "strongly questioned." These questionable claims made up an estimated 2.6 percent of Medicaid payments. This could be considered a conservative estimate of the payment problem in Illinois because the study acknowledged that it did not measure the full extent of fraud and abuse. The Texas estimate is harder to interpret because it did not distinguish between inadvertent errors and false claims.

While Minnesota's risk may not be as high as states such as Texas and Illinois, Minnesota still appears to be vulnerable to improper payments. The U.S. General Accounting Office noted that the improper payment risk is "inherently increased in programs involving (1) complex program regulations, (2) an emphasis on expedited payments, and (3) a significant volume of transactions." 6 Minnesota's MA program ranks high on all three factors. Minnesota has thousands of pages of regulations governing the MA program; it requires that most claims be paid within 30 days; and it processes about 16 million MA fee-for-service claims per year.

In addition, audits have revealed vulnerabilities in Minnesota's payment control system. For example, in 2002, the Office of the Inspector General at the U. S. Department of Health and Human Services audited a random sample of 100 MA claims for personal care services in Minnesota and found that DHS should not have paid 33 percent of these claims. 7 While the Office of the Inspector General disqualified these claims largely for compliance reasons—such as a lack of a signed doctor's order or incomplete service records—and only validated a few cases of outright fraud, the audit identified vulnerabilities within the control structure.

The MA program appears to be vulnerable to improper payments.

3 U.S. General Accounting Office, Medicaid: State Efforts to Control Improper Payments Vary (Washington, DC: 2001), 3; and U.S. General Accounting Office, Health Care: Fraud Schemes Committed by Career Criminals and Organized Criminal Groups and Impact on Consumers and Legitimate Health Care Providers (Washington, DC: October 1999), 1.

4 U.S. Office of Management and Budget, Circular A-133 Compliance Supplement (March 2003), 4-93.778-1.

5 Illinois Department of Public Aid, Payment Accuracy Review of the Illinois Medical Assistance Program (1998), 5; Texas Office of the Comptroller, Texas Health Care Claims Study (2001), 1.

These estimates applied to fee-for-service payments made by the state to providers. The studies did not examine improper payments associated with managed care plans and long-term care.

6 U.S. General Accounting Office, Financial Management: Increased Attention Needed to Prevent Billions in Improper Payments (Washington, DC: October 1999), 7.

7 Office of the Inspector General, U.S. Department of Health and Human Services, Audit of Medicaid Costs Claimed for Personal Care Services by the Minnesota Department of Human Services: October 1, 1998 Through September 30, 1999 (Chicago, IL: April 2002), 2.

In response to concerns about the improper payment problem, the U.S. Department of Health and Human Services is sponsoring pilot studies in nine states to estimate improper payment rates in the Medicaid program. Minnesota is one of the nine states, but unlike the other states, it is only looking at managed care and is focusing on the quality and completeness of service data rather than the size of the improper payment problem. 8 In addition, Congress recently passed a law requiring federal agencies to estimate the magnitude of improper payments in vulnerable programs, including Medicaid. 9

In summary, national literature and Minnesota's experience suggest that MA is at risk for improper payments. In addition, effectively targeting resources depends on understanding the problem that needs to be addressed. However:

Minnesota has never comprehensively estimated the amount or nature of improper payments occurring within the Medical Assistance program. To a large extent, Minnesota only knows about the improper payments that it is catching through the investigations by DHS' Surveillance and Integrity Review Section (SIRS) and the Attorney General's Office. However, it is a mistake to rely only on the information gathered through the current control structure. The problem with fraud and other types of improper payments is not what you see but what you do not see. 10 Without assessing whether improper payments are slipping through the current control system, the state does not know whether it is over-or under-investing in its efforts to control improper payments or whether it is allocating these resources in appropriate areas.

The best way to obtain this information is to carry out a detailed audit of a representative sample of paid claims; however, doing this well could be very expensive. In recent years, Illinois, Texas, and Florida have each spent between $300,000 to $1 million to estimate improper payments in their Medicaid programs. Even the better studies acknowledge that they did not have the resources (and to some extent, the ability) to estimate the full extent of fraud and abuse. For example, Texas did not make on-site visits to providers for any of their sample claims. Instead, they asked providers to send in documentation for the cases that were in the sample. This could have impaired its ability to identify fraud and abuse because fraudulent providers may have simply sent in fraudulent documentation. Also, only Illinois distinguished between claims for legitimate services that did not comply with all of the documentation requirements and claims for services that were of doubtful legitimacy. To make these distinctions, Illinois had two teams of experts review all of the improper claims.

In addition, the sample sizes for these studies were not large enough to accurately compare improper payment rates among very many provider groups. For example, Texas and Illinois had sample sizes of 600 to 700 claims. While these samples may be large enough to obtain a reasonable overall estimate, they may be too small to accurately (1) estimate the size and nature of specific types of improper payments and (2) determine which types of providers have the highest improper payment rates.

COMPONENTS OF A COMPREHENSIVE PAYMENT CONTROL STRATEGY 19 A detailed audit of a representative sample of claims is the best way to assess the extent and nature of the state's improper payment problem.

8 Minnesota was specifically recruited to examine managed care payments because the state was one of the few states that could provide adequate claims-level data from managed care organizations. 9 31 U.S. Code, sec. 3321 (2002). 10 Malcolm K. Sparrow, License to Steal: How Fraud Bleeds America's Health Care System (Boulder, CO: Westview Press, 2000), 119-120.

If Minnesota were to spend the funds to carry out a comprehensive, program-wide audit, it would need to do the audit well to make the investment worthwhile. Ideally, to estimate improper payments, an audit of each claim in the sample should include at least four components: (1) a careful examination of the claim, (2) a contextual analysis of other billings involving the same provider or the same recipient, (3) a recipient interview to confirm the diagnosis and treatment provided, and (4) if any of these three components indicate a potential problem, an unannounced visit to the provider. 11 While Minnesota law requires DHS to give 24-hour notice before making on-site visits, this is still better than not making any on-site visits. 12 The improper payment audits conducted in Illinois and Texas included the first three components but Texas did not include any on-site visits and Illinois notified providers in advance before making visits.

There are less-costly alternatives to doing these comprehensive, program-wide audits. One option is to do smaller, more targeted audits that focus on provider types suspected to be a problem. The Office of the Inspector General's audit of personal care services is a good example. While this approach is not as comprehensive as a program-wide audit, it allows researchers to gain some insights into the size and nature of the improper payment problem and target their resources. In Chapter 3, we recommend that DHS increase its efforts to periodically assess the extent of improper payments and discuss ways of doing so.

COMPONENT 2: COORDINATE THE VARIOUS PAYMENT CONTROL SECTIONS

An effective strategy for controlling improper payments requires that payment control staff—who work in different sections, divisions, and agencies—work effectively together because they are part of an overall control system. Because payment control systems are often large and complex, this coordination can be difficult. As Harvard University's Malcolm Sparrow, a nationally recognized health care fraud expert, writes: "A collection of loosely connected functional components cannot constitute a coherent fraud control strategy. Someone, or a team of people, has to be in charge." 13

Coordination is particularly important in Minnesota because, as shown in Figure 2.1, responsibility for controlling improper payments is divided among nine divisions under the jurisdiction of all four of DHS' assistant commissioners. In addition, each control function listed in the figure is typically carried out by a separate section within the identified division. Other than DHS' Commissioner

However, conducting a comprehensive audit of claims is difficult and expensive.

11 Ibid., 157-158. 12 Minn. Stat. (2002) §256B. 27, subd. 3. 13 Sparrow, License to Steal, 211. The U.S. General Accounting Office also argues for a coordinated approach in testimony to the U.S. House Subcommittee on Oversight and Investigations of the Committee on Commerce—General Accounting Office, Medicaid: Federal and State Leadership Needed to Control Fraud and Abuse (Washington, DC: November 1999), 7.

COMPONENTS OF A COMPREHENSIVE PAYMENT CONTROL STRATEGY 21 Figure 2.1: Minnesota's Organizational Structure for Medical Assistance Payment Control

SOURCE: Compiled by the Office of the Legislative Auditor. Commissioner of the Department of Human Services Assistant Commissioner for Continuing Care Assistant Commissioner for Finance and Management Operations

Assistant Commissioner for Health Care

Assistant Commissioner for Economic and Community Support Strategies/Children Services

(1) Aging and Adult Services Division

and (2) Continuing Care for the Elderly Division

Disability Services Division

Health Care Operations Division

Health Care Purchasing and Service Delivery Division

Health Care Management, Benefit Policy, and Provider Relations Division

Performance Measurement and Quality Improvement Division

Program Assessment and Integrity Division Long-term care policy for the elderly Long-term care policy for persons with disabilities

Claims processing Payment Recovery

Managed care administration Drug utilization review Provider enrollment Provider help-desk Provider training Medical review Benefit policy Payment rate setting

Post-payment surveillance and integrity review

Managed care quality assurance

Oversight of county efforts to prevent and investigate recipient eligiblity fraud

Income eligibility verification for recipients

Attorney General Counties Recipient enrollment Recipient eligibility verification Recipient fraud investigation and prosecution Medicaid Fraud Control Unit

Fraud investigation and prosecution

Deputy Commissioner Health Care Eligibility and Access Division

Recipient eligibility policy Training and support for county eligibility workers and Deputy Commissioner, no single executive is responsible for ensuring that the overall payment control system is working effectively. Furthermore, Minnesota has split responsibility for the payment control system between two statewide elected officials; the Governor's Department of Human Services administers the program, and the Attorney General's Office investigates and prosecutes provider fraud cases. In addition, counties enroll MA recipients, verify their eligibility, and prosecute recipient fraud cases.

When we examined Minnesota's efforts to coordinate its strategy, we found that: Minnesota largely uses an informal and ad hoc approach to coordinate the work of the various payment control sections, which at times has been a problem.

Informal and Ad Hoc Coordination DHS has not articulated a clear mission for the department to guide the activities of its payment control staff. DHS does not specifically mention payment control or program integrity in its department-wide goals and objectives. 14 In addition, DHS does not have a written plan or manual describing how its payment control sections should coordinate their efforts, which includes communicating information about improper payments and emerging fraud schemes, identifying vulnerabilities within the payment control system, improving the payment control system, and investigating cases involving improper payments. Yet, there is informal and ad hoc coordination. For example, DHS does not specifically mention payment control in its department-wide goals and objectives.

As the various payment control sections—such as provider enrollment, provider training, or claims processing—identify suspicious claims or provider activity, they refer these cases to DHS' Surveillance and Integrity Review Section (SIRS) for possible investigation. For example, staff from the provider help-desk referred to SIRS a pharmacy that apparently billed MA for a prescription refill without the patient asking for or receiving the refill.

When SIRS has concerns about a particular provider, it will periodically contact some of the other payment control sections. For example, providers who are being investigated by SIRS will sometimes call staff from the claims processing or provider help-desk sections and try to get them to state that a billing procedure is confusing. The providers will then use these comments as a defense for their improper billing. In such cases, SIRS staff will warn other DHS staff to not make these assessments of the billing process.

14 Department of Human Services, "About DHS: Department Overview;" www.dhs.state.mn.us/AboutDHS/overview.htm; accessed May 5, 2003. DHS identifies four "core values" and seven goals in its department overview. One of the goals does mention cost-effective use of public resources—" People will have access to high quality, cost-effective mental, physical, and chemical health care." (Emphasis added.) However, when choosing performance measures for monitoring this goal, the department focused on providing preventative health care services as a cost-effective strategy and did not address controlling improper payments.

Whenever SIRS takes an action to recoup an overpayment from a provider, a "Notice of Agency Action" is sent to the other payment control sections within DHS so they know against whom the department is taking action. As problems with DHS' ability to prevent or detect improper payments arise, the department convenes informal, ad hoc committees to address these issues. These committees may meet or just confer through email and other means. For example, in 2002, an employee from the benefit policy section was reviewing the use of medical supplies and found that the number of incontinence supplies, such as diapers, being dispensed were often more than actually needed. This policy person then conferred with SIRS, which did its own analysis and found a similar pattern. Consequently, DHS imposed monthly limits on the number of incontinence supplies that can be dispensed and built these limits into the claims processing edit system. If a larger supply is needed, a special authorization is required.

The only formally scheduled meeting involving the various payment control sections within DHS is a weekly training session for the staff of the provider help-desk. The supervisor of the help-desk brings in staff from various parts of DHS to present information about emerging and important issues that the help-desk staff should know about when answering provider questions. Staff from the other payment control sections regularly attend these sessions because they are helpful in keeping up with MA issues. Nevertheless, these sessions focus on assisting help-desk staff and not coordinating payment control issues among sections.

There are other regularly scheduled meetings that involve a limited number, but not all, of the payment control sections. For example, the supervisor of the provider help-desk meets weekly with the claims processing supervisors.

The coordination between DHS and the Attorney General's Office is more formal than the coordination within DHS because these two agencies have a memorandum of understanding as required by federal regulations. 15 Generally, the memorandum (1) directs the agencies to coordinate their respective efforts to prevent, detect, and investigate improper payments and regularly inform each other about fraud allegations, (2) establishes deadlines for the Attorney General's Office to review DHS-referred cases, and (3) grants the Attorney General's Office access to the department's records regarding MA cases. Yet, the memorandum does not explicitly define each agency's specific responsibilities and activities. For example, the memorandum does not clearly define (1) which types of cases SIRS should refer to the Attorney General's Office for further investigation and prosecution, (2) how SIRS should develop the cases that it passes on to the Attorney General's Office, and (3) when or if SIRS should notify the Attorney General about cases that SIRS is pursuing on its own.

As payment control problems arise, DHS convenes informal, ad hoc committees to address the issues.

15 42 CFR part. 1007.9( d) (2002).

Coordination Problems Staff from DHS and the Attorney General's office gave us several examples of poor coordination over the last few years. These problems centered on two themes—( 1) payment control sections operating under different philosophies and objectives, and (2) sections failing to communicate and coordinate responsibilities, information, and expectations.

For example, we were told about a philosophical tension between the policy staff under the Assistant Commissioner for Continuing Care and SIRS. While the policy staff emphasize ensuring access to providers and serving clients, SIRS staff emphasize controlling improper payments. This tension is highlighted in a debate about how DHS should control and oversee the services and billing of personal care assistants (PCAs), who help the elderly and people with disabilities with their daily living tasks, such as house cleaning and laundry. This controversy has gone on for several years.

Currently, PCAs report their hours and services to personal care provider organizations that then bill DHS and MA for the services. The claims that the personal care provider organizations submit record the recipient that received the services but not the PCA that provided them. (Claims for most other MA services include identifying information about the service provider.) Thus, DHS cannot track and identify aberrant billing patterns of individual PCAs—for example a PCA may bill DHS for more hours than there are in a day. This lack of monitoring has raised concerns within SIRS and the Attorney General's Office because they have identified some PCAs who have billed for services that were never provided. Consequently, SIRS would like the MA claims and DHS' computer system to record and track the services provided by each PCA. However, the policy staff and the supervisor in charge of PCA services told us that such a system is unnecessary and that they would rather focus the department's resources on creating a registry of PCAs that MA recipients could use to find a qualified PCA working in their area. According to the policy staff, access to services is a bigger issue than tracking down a few unscrupulous PCAs.

While a lively policy debate can be healthy, these two sections of DHS' payment control system have apparently been working in different directions. In DHS' formal response to an April 2002 audit by the Office of the Inspector General of the U.S. Department of Health and Human Services that found deficiencies in DHS oversight of PCAs, DHS stated that it plans to "develop a method to track personal care assistants and supervising nurses on claims." 16 Nevertheless, as of June 2003, the development of this system was in some doubt with the policy staff still objecting to it and intent on developing instead the type of PCA registry it wants.

While SIRS and the Attorney General's Office have a similar overall objective, which is controlling improper payments, they also have had coordination problems. They have had difficulties communicating and coordinating responsibilities, information, and expectations. Effective coordination can be particularly difficult for these two agencies because they fall under the authority of different elected officials.

Differing philosophies and objectives at DHS have resulted in some coordination problems.

16 Office of the Inspector General, Audit of Medicaid Costs Claimed for Personal Care Services by the Minnesota Department of Human Service, appendix A.

As discussed in Chapter 1, SIRS refers cases that involve suspected provider fraud to the Attorney General's Office for further investigation and criminal prosecution or civil action. For other types of improper payments, SIRS completes the investigation and pursues the recovery of the funds. To help control improper payments, the Office of Inspector General at the U.S. Department of Health and Human Services recommends the Medicaid agency in each state collaborate with its attorney general's office in establishing and following effective protocols for identifying, referring, and investigating suspected fraud cases. 17 These protocols should establish, among other things, (1) criteria for handling allegations, (2) effective recordkeeping, (3) prompt fraud alerts, and (4) forms for referring cases. 18

However, as mentioned earlier, the memorandum of understanding between DHS and the Attorney General's Office does not address the specific responsibilities of each agency or identify key protocols, which has resulted in some tension between the two agencies. For example, the director of the Attorney General's fraud control unit and her staff told us that they would like more information from DHS about the department's payment control activities. Specifically, the Attorney General's Office would like to be advised directly about all administrative recovery actions and settlements that SIRS pursues on its own. Staff in the Attorney General's Office reported this information would help it better understand the scope of improper MA payments. 19 As discussed earlier, SIRS circulates within DHS a copy of its "Notice of Agency Action," whenever it seeks to recover an improper payment. The notice identifies the provider and the nature of the improper payment. However, SIRS does not send a copy of this notice to the Attorney General's Office.

The director of the Attorney General's fraud control unit and her staff also told us they would prefer to be formally notified by SIRS earlier in the process of all potential fraud cases so that the Attorney General's Office could help advise SIRS on preliminary investigations. These staff members told us and provided documentation about several cases where a delay in the referral of important documentation resulted in lost investigative opportunities and a lower potential for recovery. 20 In one instance, SIRS did not notify the Attorney General's Office about its investigation until eight months after it had been initiated.

An effective MA control system requires close cooperation between DHS and the Attorney General's Office.

17 Office of Inspector General, U.S. Department of Health and Human Services, Surveillance and Utilization Review Subsystems' Case Referrals to Medicaid Fraud Control Units (Washington, DC: November, 1996), 9. 18 Ibid.; Centers for Medicare and Medicaid Services, U.S. Department of Health and Human Services, Review of State Medicaid Program Integrity Procedures: National Report, Fiscal Year

2001 (Atlanta, GA: 2002), 17-19; Centers for Medicare and Medicaid Services, U.S. Department of Health and Human Services, Review of State Medicaid Program Integrity Procedures: National Report, Fiscal Year 2000 (Atlanta, GA: 2001), 15-16; and Health Care Financing Administration (now called the Centers for Medicare and Medicaid Services), U.S. Department of Health and Human Services, Guidelines for Addressing Managed Care Fraud and Abuse (Washington, DC: October 2002), 45.

19 42 CFR sec. 455.21 (2002) and Minn. Stat. (2002) §256B. 04, subd. 10 requires the department to notify the Attorney General's Office in writing of suspected civil and criminal matters. See also, Office of the Inspector General, U.S. Department of Health and Human Services, Annual Report: State Medicaid Fraud Control Units (June 2000), 6.

In addition, the Attorney General's Office reported that SIRS needs to improve its protocols for investigating and documenting cases. Although the two agencies have developed specific guidelines and forms for exchanging information, they do not agree on the scope of responsibilities for conducting preliminary investigations. 21 According to the Attorney General's staff, who again provided supporting documentation, SIRS' work product has, on occasion, compromised the ability of the Attorney General's Office to prosecute criminal cases and sanction providers, forcing them to litigate the cases as civil matters or refer the cases back to SIRS for possible administrative recoveries. 22

Furthermore, the Attorney General's Office would like direct access to the DHS' data warehouse. Currently, the Attorney General's staff rely on DHS to query and analyze data from the warehouse for them. Direct access would allow the Attorney General's Office to proactively identify fraud cases, clarify case information, develop cases for prosecution, and respond to tips about suspicious activities on their own. 23

In response to these criticisms, the SIRS manager told us that his staff does not have the resources to conduct preliminary criminal investigations for every case in the manner suggested by the Attorney General's Office and that very few tips and complaints that SIRS receives actually rise to the level of criminal proceedings. In addition, the SIRS manager reported that he would like the Attorney General's Office to provide more direct and immediate feedback on specific casework that Attorney General's Office believes is deficient.

DHS staff also reported a concern about the Office of Attorney General's decisions to accept or reject fraud cases referred by DHS. They are concerned that the Attorney General's Office does not prosecute certain PCA cases that involve a family member as the service provider and what DHS considers substantial evidence of fraud. According to the Attorney General's staff, they prosecute basically all cases involving provider fraud; but when deciding whether to prosecute PCA cases that involve a family member as the service provider, they consider several factors, including (1) whether family loyalties will make fraud difficult to prove, (2) whether the case should be referred to the counties because it involves recipient, rather than provider, fraud, and (3) whether prosecution of vulnerable MA recipients, such as the elderly and disabled, and their family members would be publicly unpopular. 24

Despite some coordination problems, DHS and the Attorney General's Office reported they have a good working relationship.

20 Kate Morton-Peters, Chief Investigator, Attorney General's Office, memorandum to Valerie Bombach, Office of the Legislative Auditor, April 24, 2003; and exhibits.

21 42 CFR sec. 455.13 and 455.14 (2002) require state Medicaid agencies to have methods for identifying, investigating, and referring fraud cases. In addition, these agencies must conduct preliminary investigations to determine whether there is a sufficient basis to warrant a full fraud investigation. Minn. Rules, ch. 9505.2200 allows the Department of Human Services discretion in how to conduct these investigations. 22 Staff from the Attorney General's Office provided us with examples of SIRS work product that included such problems as staff failure to properly verify interviewees' identification, incomplete or nonexistent interview information, and partially copied provider files. 23 Currently, the Attorney General's Office only has direct access to the Medicaid Management Information System, which is only one component of DHS' overall data warehouse. Access to the warehouse would provide the Attorney General's Office with the full range of DHS' data.

Finally, in spite of all these coordination issues, staff in both agencies reported they have a good working relationship. In addition, while the two agencies have carried out joint training sessions to try to address some of these issues (as we will discuss in the next section), the agencies agreed they should meet more often to discuss each other's concerns.

Effective communication is not only important in coordinating work between DHS and the Attorney General's Office but also within DHS. Some DHS staff told us that they wished that they had a better understanding of what people in some of the other payment control areas do and the issues and challenges they face. In 2002, the staff from the various payment control sections within DHS met to have an open discuss about outpatient hospital services. Some of DHS' payment control managers have expressed the desire to make this type of meeting a regular event. For example, DHS could schedule a monthly meeting to discuss payment control issues pertaining to a specific provider type, such as chiropractors. All the DHS staff that deal with this provider type would discuss what is happening in each of their areas. The topic of discussion for these meetings would then rotate through each of the provider types on a monthly basis. This type of meeting may enhance DHS' ability to coordinate the work of its payment control sections and address weaknesses and vulnerabilities from a system-wide perspective.

COMPONENT 3: HAVE APPROPRIATELY TRAINED STAFF

A skilled and qualified workforce enhances the payment control system's ability to prevent, detect, and investigate improper payments. Periodic training also helps workers keep current with changes in law, policies, procedures, and fraud schemes. 25 Although training expenses and time may increase department costs, the benefits of a well-skilled workforce include increased adherence to established protocols and improved worker sensitivity to potential fraud and abuse issues. 26 Periodic training sessions, employee manuals, written guidelines, and templates can aid in achieving these goals. 27

COMPONENTS OF A COMPREHENSIVE PAYMENT CONTROL STRATEGY 27 Skilled staff are needed to prevent, detect, and investigate improper payments.

24 The memorandum of understanding specifies that the Attorney General's Office has final authority over prosecuting cases and referring cases to counties.

25 Office of Inspector General, Surveillance and Utilization Review Subsystems' Case Referrals to Medicaid Fraud Control Units, 7-9.

26 Office of Inspector General, U.S. Department of Health and Human Services, Medicaid: Proactive Safeguards, (Chicago, IL: July 2000), 12 and 18; and Office of the Inspector General,

U.S. Department of Health and Human Services, Medicaid: Claims Processing Safeguards (Chicago, IL: July 2000), 16.

27 Office of Inspector General, Surveillance and Utilization Review Subsystems' Case Referrals, 9; and Centers for Medicare and Medicaid Services, Review of State Medicaid Program Integrity

Procedures: National Report, Fiscal Year 2000, 12 and 15; and Health Care Financing Administration, Guidelines for Addressing Fraud and Abuse in Medicaid Managed Care, 31-32.

While employees should be trained to properly perform their primary functions, such as enrolling providers or processing claims, we assessed how the state ensures that its payment control workforce can identify and investigate improper payments. From front-end workers to policy staff to investigators, all employees who are in a position to spot potentially fraudulent and abusive practices should be properly prepared to handle problematic situations. 28 In reviewing DHS' training activities, we found that:

DHS does little formal cross-training among divisions to ensure payment control staff have the knowledge and skills needed to properly identify and investigate improper payments. For example, while the supervisor overseeing the help-desk for providers schedules weekly training sessions to keep help-desk staff up to date on MA policies, we learned this type of training is the exception and not the rule. For example, the Health Care Management and Benefit Policy Division does not provide periodic training on MA policies to SIRS staff—training that the division suggests would help SIRS in its investigations. Nor does the division provide this type of training to the Attorney General's staff.

In addition, SIRS does not provide training to front-end employees—those who carry out provider enrollment, help-desk, provider training, and claims processing functions—on common and emerging fraud schemes or tips for identifying them. These front-line employees have direct contact with claims and providers and are expected to refer suspicious cases to SIRS for possible investigation. As such, their participation in detecting improper payments can lead to the successful recovery of funds.

For example, when the lead worker in the provider enrollment section was assisting a special transportation provider with a question, he noticed in the provider's payment history that the provider had received an unusually high volume of payments in a short period of time, even though the provider had only one vehicle. The lead worker referred this case to SIRS, which investigated and found that the provider had billed for services that had not been provided. The Attorney General's Office eventually prosecuted this case as fraud, and the court ordered the provider to pay over $400,000 in restitution, fines, and costs. As this example illustrates, it is important that front-end staff be able to recognize these types of cases.

Staff from SIRS and the Attorney General's Office do participate in some cross-training opportunities to enhance their payment control efforts. For example, the Attorney General's Office has worked with SIRS staff to develop standardized forms for properly investigating and referring suspected fraud cases. The Attorney General's Office also provides annual training to the SIRS unit, and the two agencies have participated in joint training retreats to develop investigation protocols and address concerns. These training efforts were intended to alleviate some of the coordination problems discussed in the previous section.

DHS does not train provider enrollment, help-desk, and claims processing staff on common and emerging fraud schemes.

28 Office of Inspector General, U.S. Department of Health and Human Services, Medicaid: Post-Payment Safeguards (Chicago, IL: July 2000), 10 and14.

Furthermore, it is important that staff with SIRS and the Attorney General's Office have appropriate professional backgrounds. 29 For example, medical backgrounds can help investigators understand the appropriateness of health care services. Training in criminal law, investigation techniques, and complex audit trails assists investigators in following appropriate protocols for prosecuting cases. 30

However, we found that: DHS does not have the range of staff expertise to bring a full complement of backgrounds to the investigation of improper payments. Currently, SIRS has several registered nurses, one pharmacy technician, one former law enforcement officer, two investigators with training in accounting, and two experienced attorneys, although neither have backgrounds in criminal law. However, SIRS does not have a trained statistician/data analyst to perform complex analyses of claims data. In fact, SIRS hopes to hire a data analyst in the near future. For prosecution purposes, the MA fraud control staff of the Attorney General's Office includes attorneys specializing in criminal and civil litigation, one licensed law enforcement officer, investigators with health care backgrounds, and one licensed CPA.

Staff from both SIRS and the Attorney General's Office commented that recent budget cuts, the state's hiring freeze, restrictions on out-of-state travel, and competition with the private sector have constrained their abilities to hire, train, and keep appropriate staff. SIRS reported they are filling four position vacancies to work on investigations.

COMPONENT 4: EMPHASIZE PREVENTING IMPROPER PAYMENTS

The payment control literature emphasizes preventing improper payments, rather than chasing and trying to recoup funds after they have been paid. 31 To achieve this end, DHS has established five types of preventive controls in its payment control system—( 1) recipient enrollment, (2) provider enrollment, (3) provider training and assistance, (4) medical reviews, and (5) claims processing. When we examined these preventive controls, we found that:

DHS intends to hire a trained statistician/data analyst to support investigations of improper payments.

29 Malcolm K. Sparrow, Controlling Fraud and Abuse in Medicaid: Innovations and Obstacles, (A Report from "Executive Seminars on Fraud and Abuse in Medicaid," Sponsored by Health Care Financing Administration) (September 1999), 33. 30 Office of Inspector General, Surveillance and Utilization Review Subsystems' Case Referrals, 7; and Centers for Medicare and Medicaid Services, Review of State Medicaid Program Integrity

Procedures: National Report, Fiscal Year 2001, 11 and 12. 31 For example, the U.S. General Accounting Office stated, "… the states must focus on preventative strategies, since detection and prosecution efforts alone cannot stem program losses."

General Accounting Office, Medicaid: Federal and State Leadership Needed to Control Fraud and Abuse, 7.

While DHS has taken steps to prevent improper payments, the payment control literature and DHS staff have identified additional steps that the department could take to strengthen the system. In the rest of this section, we discuss various strengths and weaknesses of these prevention efforts.

Recipient Enrollment To prevent ineligible people from receiving MA services, Minnesota counties process MA applications and verify eligibility. To support this effort, DHS trains and supports county eligibility workers. In addition, the state has a state-supervised, county-operated fraud prevention program under which DHS supervises 30 county investigators who review questionable applications. Besides MA applications, these investigators review applications for other public assistance programs, including the Minnesota Family Investment Program (MFIP) and Food Stamps. To prevent fraud, the investigators focus on rejecting ineligible applicants before they begin receiving benefits, quickly getting ineligible recipients off the programs, and quickly correcting benefits based on faulty information. DHS estimated that the recipient fraud prevention program saved the MA program $800,000 in 2002.

However, the DHS manager in charge of overseeing these fraud prevention efforts cited several weaknesses in the system. First, the prevention benefit for MA occurs almost entirely as an indirect result of investigating fraud in MFIP and the Food Stamp program. County investigators initiate almost all of their cases as MFIP or Food Stamp investigations and do very little to prevent fraud committed by those applying for or receiving MA services only. They also do little to prevent fraud related to MA specific issues, such as deducting medical expenses from gross income to determine eligibility.

Second, even though counties have primary responsibility for preventing recipient eligibility fraud, they do not have a financial interest in doing so. If a county prevents an ineligible applicant from enrolling in MA, the county does not avoid any costs for itself. Instead, the state and federal governments, which provide the funding for MA, share the benefit of the prevention effort. In addition, the DHS manager in charge of overseeing the recipient fraud prevention program is concerned that many county employees who determine eligibility have an orientation of helping people get health care at the expense of proper program controls. In his view, county eligibility staff do not question applicants as much as they should about eligibility criteria, such as income and assets. In contrast, the DHS manager responsible for training and supporting these county eligibility workers reported that in her opinion the county workers are generally quite strict in enforcing eligibility requirements, and some may even inappropriately impose barriers that restrict access. It is possible that there is variation in the practices of county workers and both of these opinions are at least partially correct. In addition, the complexity of and frequent changes in MA eligibility policies present a challenge to county eligibility workers.

Third, while the state and federal governments have some oversight responsibilities over county eligibility determinations, they do not actively review county performance under the MA program. For example, DHS does not evaluate the management of the county eligibility processes for MA; however, it does carry out this type of evaluation for MFIP and the Food Stamp program. In addition, DHS no longer estimates payment error rates resulting from MA eligibility because the federal government granted Minnesota a waiver from this requirement.

There are several potential weaknesses in Minnesota's efforts to prevent recipient eligibility fraud.

The extent to which these vulnerabilities are resulting in improper payments in Minnesota is largely unknown. However, the experience of North Carolina suggests that significant improper payments can be prevented or recovered by placing greater emphasis on Medicaid recipient fraud. Like Minnesota, North Carolina's recipient fraud prevention programs historically focused on cash and food assistance programs. After North Carolina placed greater emphasis on recovering improper payments from Medicaid recipients, it increased such collections from less than $300,000 per year during 1993-95 to over $900,000 in 1997. 32

Provider Enrollment Minnesota does not use a full range of provider enrollment controls. In its enrollment process, DHS verifies that providers are appropriately licensed or certified and checks that applicants are not on a national list of providers excluded from participating in states' Medicaid programs. However, Minnesota only follows a few of the state-of-the-art provider enrollment procedures identified by the U.S. General Accounting Office. Table 2.2 lists some of these procedures and indicates whether Minnesota follows them. By listing these enrollment procedures, we are not implying that the department should follow all of them. The type, nature, and extent of fraud schemes that led other states to implement these procedures may not be occurring in Minnesota. Any new provider enrollment procedure that DHS adopts should depend on the type, nature, and extent of improper payments occurring in Minnesota and the cost of implementing each practice.

Nevertheless, each of the procedures in Table 2.2 serves a potentially significant function. For example:

Identifying and tracking the business and personal relationships between providers allows the state to more closely monitor providers that have a financial incentive to refer patients to each other for medically unnecessary or costly services.

Identifying applicants that have criminal or unscrupulous histories allows the state to keep undesirable providers out of the program or to monitor their activities more closely.

Requiring providers to periodically reenroll allows the state to reevaluate each provider and keep up-to-date information on them—including licensing status, ownership, medical specialties, and other information. In Minnesota, as long as a provider actively participates in one of the state health care programs by submitting claims, its enrollment is perpetual in almost all cases.

DHS does not estimate payment error rates resulting from MA eligibility.

32 North Carolina Department of Health and Human Services, Adult Medicaid: Calculation of Overpayments and Hidden Assets (paper presented at 1997 annual training conference of the United Council on Welfare Fraud) (Raleigh, NC: September 1997).

Carrying out pre-enrollment site visits and requiring surety bonds helps assure that providers are established and financially viable.

Terminating inactive provider billing numbers helps assure that criminals do not obtain inactive numbers and use them for fraudulent purposes.

Table 2.2: Important Provider Enrollment Procedures Minnesota Procedure Procedure Require applicants to submit the names and social security numbers of all owners, officers, and directors of the provider business Partially a Implement a data system that will allow the state to track business and personal relationships between providers No Require applicants to disclose if they have any administrative sanctions, civil judgments, criminal convictions, or bankruptcies and whether they are enrolled in federal or other states' health care programs Minimally b

Conduct fingerprinting for non-institutional providers No Conduct criminal background checks for non-institutional providers Partially c Develop provider agreements that allow the state to terminate the agreement without cause No

Require providers to reenroll No d Carry out pre-enrollment site visits for high-risk provider types No Require high-risk providers to obtain surety bonds Minimally e Terminate provider numbers that have not been used after a year or two Yes

a Minnesota asks for the names of people who own at least 5 percent of the provider business, but it only asks for the social security number of the primary applicant. b Minnesota only requires providers to identify whether any of its owners or managers have been convicted of a crime related to their participation in Medicaid, Medicare, or Title XX programs. c DHS conducts criminal background checks for personal care provider organizations, which are in turn required to conduct background checks on their employees. d Several years ago, DHS asked certain providers to update their enrollment information and sign a new provider agreement. However, providing this information was voluntary. e Minnesota requires "surety bonds" for personal care provider organizations, but DHS staff described these as "fidelity" or "employee dishonesty" bonds in case a personal care assistant steals from an MA recipient. The surety bonds in other states ensure that the providers are financially viable companies.

SOURCE: The list of procedures was compiled by the General Accounting Office (GAO)—" Prepared Statement of Leslie G. Aronovitz, Associate Director, Health Financing and Public Health Issues, Education, and Human Services Division, GAO" in Medicaid Provider Enrollment: Assessing State Efforts to Prevent Fraud( Hearing Before the Subcommittee on Oversight and Investigations of the Committee on Commerce) (Washington DC: U.S. Government Printing Office, 2000), 22-31.

DHS does not carry out several important provider enrollment procedures.

Provider Training and Assistance If providers understand MA policies and billing requirements, they are less likely to make billing mistakes. Consequently, Minnesota has an extensive program for training and assisting providers. As mentioned in Chapter 1, DHS' call-in help-desk took 236,854 telephone calls from providers in fiscal year 2002. In addition, DHS provides formal training sessions for providers throughout the state on various policies and billing procedures. In fiscal year 2002, DHS carried out 117 of these sessions with 2,080 providers attending.

In addition, DHS' provider training and assistance section has been proactive in providing useful information to providers. As mentioned earlier, the help-desk supervisor conducts a weekly training session for which he brings in people from different parts of DHS' health care system to update his staff on various policy and billing issues. Furthermore, the provider training unit conducts periodic focus groups of providers to proactively identify and address their concerns and questions.

Nevertheless, the director of the DHS' Performance Measurement and Quality Improvement Division told us that the department's provider training program could be improved. For instance, she said DHS should focus the training not only on how to complete and submit accurate claims but also on each provider's legal responsibility to thoroughly document its services and appropriately retain records. As mentioned earlier, the Office of the Inspector General of the U. S. Department of Health and Human Services released an audit in 2002 that revealed the need for this type of training. In the audit, the Office of the Inspector General reviewed 100 payments that DHS made for personal care services, and the Office of the Inspector General disqualified 33 of these payments largely because the agencies providing the services did not adequately document the services or retain appropriate records. 33

Medical Reviews Although DHS primarily uses medical reviews to control costs, they can also serve as a tool to prevent and detect fraud, abuse, and other types of improper activities, such as ordering excessive diagnostic tests or unnecessary hospital stays. However, because medical reviews can be subjective and are intertwined with the quality of medical care, establishing that a service is improper can sometimes be very difficult.

As described in Chapter 1, DHS contracts with Care Delivery Management Inc. (CDMI) to perform medical reviews, which determine the medical necessity, appropriateness, and quality of certain fee-for-service benefits. In addition, DHS' pharmacy services section performs it own reviews of prescriptions. Excluding some retrospective reviews, all these reviews are done before DHS pays the claim and, in some cases, before the service is provided.

DHS has been proactive in trying to address providers' billing questions and concerns.

33 Office of the Inspector General, Audit of Medicaid Costs Claimed for Personal Care Services by the Minnesota Department of Human Services.

When we compared Minnesota's medical review practices with those recommended in the payment control literature, we found that Minnesota has a strong framework, as shown in Table 2.3. For example:

In fiscal year 2003, CDMI performed 19,000 inpatient hospital authorizations and about 8,000 concurrent and retrospective reviews of inpatient hospital services, which represented about 40 percent of the services provided. 34

DHS' pharmacy services section oversees and monitors the use of all pharmacy-related services through a system of computerized edits that verifies the appropriateness of prescriptions before they are filled. When a pharmacist is filling a prescription for an MA recipient, the pharmacist logs onto DHS' system and enters the prescription information. The computerized edits then compare the prescription with the recipient's benefit limits and other policy parameters—for example, prescription quantities and refill limits.

Table 2.3: Important Medical Review Procedures Minnesota Procedure Procedure

General Medical Reviews Carry out special authorizations for services that are outside of the standard benefits package Yes

Carry out concurrent reviews that evaluate the appropriateness of services while they are being provided Yes, for a sample of inpatient hospital services Carry out retrospective reviews that evaluate the appropriateness of services after they provided Yes, for a sample of inpatient hospital services Make available to staff consultation services offered by medical professionals Yes

Pharmaceutical Reviews Review the utilization of pharmaceuticals, which includes, among other things, identifying (1) pharmacists whose practices deviate from accepted medical standards, and (2) recipients who display drug-seeking behavior Yes

Have a pharmacy benefits manager Yes Have a computerized edit system that checks the appropriateness of prescriptions while they are being filled Yes , b u t system allows pharmacists to override some edits

SOURCES: We compiled these practices from several sources, including: Office of the Inspector General, U.S. Department of Health and Human Services, Medicaid: Proactive Safeguards( Chicago, IL: July 2000); Malcolm K. Sparrow, Controlling Fraud and Abuse in Medicaid: Innovations and Obstacles( A report from the Executive Seminars on Fraud and Abuse in Medicaid, sponsored by the Health Care Financing Administration) (Washington, DC: September 1999); and U.S. General Accounting Office, Medicare: Program Activities Expanded, but Results Difficult to Measure (Washington, DC: August 1999).

DHS conducts several important medical review procedures.

34 These figures include reviews for services provided under the state's General Assistance Medical Care and Minnesota Children With Special Health Needs programs.

National studies recommend that Medicaid agencies have access to medical experts to help determine whether provider activities may constitute fraud, and CDMI provides medical consultation services upon request to DHS, although CDMI receives only a few of these requests annually.

Finally, in at least one respect, Minnesota's practices exceed those found in some other states. In a recent review of eight states, the Office of the Inspector General of the U.S. Department of Health and Human Services found that only one state (Pennsylvania) conducted concurrent reviews of any kind, and its reviews were limited to mental health facility care. 35

Medical reviews should be used selectively and in a cost-effective manner to prevent improper payments. For example, many states have indicated that requiring second opinions for medical procedures has not proven to be cost-effective and have abandoned this practice. 36

Claims Processing DHS has a high regard for the ability of its computerized claims processing system to identify and catch improper claims before they are paid. In general terms, the system makes sure that (1) the provider and recipient of the services are enrolled in the program, (2) the claim does not duplicate or conflict with other claims, and (3) the services are appropriately authorized and within the recipient's benefit limits. The system has roughly 1,000 computerized checks, which are referred to as "edits."

While DHS does not have a current review or assessment demonstrating that its system is better than those used by other states and health insurers, the department points to complements that it has received. 37 For example, according to the supervisor of the claims processing section and the state's Medicaid director, some private insurers and companies that process Medicare claims in Minnesota say that DHS' claims processing edits are superior to their edits. In addition, DHS' staff report that when they attend national conferences, staff from other states praise DHS' edit system.

Even if the department's edit system is better than many others, we identified some claims processing practices recommended by payment control experts that Minnesota is not always following. Table 2.4 lists several state-of-the-art claims processing practices and indicates whether Minnesota follows them. Once again, we are not implying that DHS should adopt each of these practices; rather, the practices in Table 2.4 present an opportunity for the department to improve its prevention efforts. For example:

According to DHS, its claims processing "edits" have been praised by health insurance companies and other states.

35 Office of the Inspector General, Medicaid: Claims Processing Safeguards, 10. 36 Office of the Inspector General, Medicaid: Proactive Safeguards, 14. 37 The claims processing edits are a part of the state's Medicaid Management Information System (MMIS). According to DHS, Minnesota received the highest score in the country (99.8) on its last Federal Systems Performance Review, which occurred back in 1997. DHS staff characterized the federal review as a "mini-recertification" of the state's MMIS. However, DHS was unable to provide us with a copy of this review.

If DHS ran a regular report that identified the frequency with which each of its claims processing edits accepts, suspends, or rejects claims, the department would be in a better position to know the relative importance of each edit. If an edit is always, or almost always, accepting claims, the edit is not working as intended or has potentially limited utility. If the latter case is true, the department may be better off if it replaced this edit with one that has a greater potential for identifying improper payments. This type of constant assessment and revision is particularly important for DHS because the claims processing system can only handle 999 edit codes. Therefore, it is critical that DHS maximizes the usefulness of edits that it has. In a recent report, the Office of the Inspector General at the U.S. Department of Health Human Services highlighted Illinois and Louisiana for running these types of reports on a regular basis. 38

If DHS regularly analyzed which providers submit a large proportion of claims that the department rejects, the department would be better able to identify problem providers. In the best-case scenario, the providers that have a large proportion of their claims rejected may just need some additional training on billing requirements and program policies. Alternatively, a pattern of rejected claims may represent attempts by unscrupulous providers to test for holes in DHS' payment control system. Fraudulent providers sometimes test variations of fraudulent claims to see which ones get through the edit system undetected. DHS did this type of

Table 2.4: Important Claims Processing Procedures Minnesota Procedure Procedure Regularly run a report that identifies the frequency that each claims processing edit accepts, suspends, or rejects claims. Minimally a Regularly analyze rejected claims to identify problem providers who either (1) need additional training on billing procedures or (2) are testing variations of fraudulent claims to identify holes and vulnerabilities in the claims processing system Minimally b

Train claims processing staff to identify and handle claims that are potentially fraudulent or abusive No Use claims processing and post-payment review information to identify problematic Medicaid policies and procedures Yes Have edits or systems that identify aberrant billing patterns before claims are paid Minimally, system is available but unused analysis once a couple years ago but used the information to train providers, not to identify providers that might be testing for vulnerabilities. The department hoped that just by making the providers aware that the department was watching them that they would stop testing for vulnerabilities.

a A couple years ago, on a one-time basis, DHS ran this type of report to identify edits that were no longer useful in order to make room for some new edits. b A couple years ago, on a one-time basis, DHS did this type of analysis to identify and train providers who were having billing problems.

SOURCE: The first four procedures are discussed in Office of the Inspector General, U.S. Department of Health and Human Services, Medicaid: Claims Processing Safeguards( Chicago, IL: June 2000), 12 and 15-16. The last procedure was recommended in Malcolm Sparrow, License to Steal: How Fraud Bleeds America's Health Care System( Boulder, CO: Westview Press, 2000), 34.

DHS does not regularly identify providers that have a large proportion of their claims rejected.

38 Office of the Inspector General, Medicaid: Claims Processing Safeguards, 12.

As discussed earlier in this chapter, if DHS trained claims processing staff about fraud and abuse issues, the department may increase the probability of identifying fraudulent and abusive claims. If DHS identified aberrant billing patterns and stopped the payments before they went out, rather than waiting until after the claim is paid to do the analysis, the department could prevent additional improper payments. Minnesota currently has the technical capability to do this for one type of aberrant billing pattern. The Surveillance and Integrity Review Section (SIRS) has a monthly "spike report" that identifies providers that have had an unusually large increase in their claims volumes from the previous month. Because DHS pays claims every two weeks, some of the claims identified in this report have been processed and "accepted" by the edit system but not paid.

However, DHS has chosen not to stop these payments for two reasons. First, according to the SIRS manager, his staff can often determine that a spike in claims volume is legitimate after reviewing the full payment history for the provider. For example, some providers may hold onto claims over a few months and submit them all together. In these cases, SIRS staff would not stop the payments. Second, even if SIRS staff question the legitimacy of a spike in a provider's claims volume, state law makes it difficult for SIRS to take the time to review these claims before payment. Under state law, DHS must pay all claims that do not have any supplemental information attached to the claim form within 30 days or pay an interest penalty of 1.5 percent per month. DHS is only exempt from paying the interest penalty if the provider is eventually found to have committed fraud or abuse. 39 If DHS withholds the payments and later determines that the payments were appropriate, the state would have to pay the interest penalty to the provider. Alternatively, if DHS were allowed to follow federal regulations, the department would have more time to investigate these claims. Under federal regulations, Medicaid agencies only have to pay 90 percent of claims within 30 days, which allows 10 percent of them to be suspended for further inquiry. 40

Depending on the size and nature of improper payment problem in Minnesota, DHS should consider adopting these practices.

Minnesota's prompt payment law limits DHS' ability to investigate suspicious claims before they are paid.

39 Minn. Stat. (2002), §16A. 124, subd. 4( b) and 5. 40 42 CFR sec. 447.45 (2002).

COMPONENT 5: PROACTIVELY DETECT EMERGING FRAUD SCHEMES AND PATTERNS To effectively control fraud, it is important to detect emerging fraud schemes. The literature we read argues that early detection needs to be emphasized rather than waiting for problems to grow to the point that they are out of control. 41 This means allocating resources for proactive intelligence gathering activities, such as those listed in Table 2.5. By itself, any one technique is not likely to ensure that emerging schemes are detected. On the other hand, it may not be efficient to use all of these techniques. Which and how many of these techniques should be used depend on how big the fraud problem is in Minnesota and how productive these techniques turn out to be in detecting fraud.

When we examined how Minnesota uses each of these techniques, we found that:

DHS uses several proactive techniques to identify emerging fraud schemes, but many are used partially or infrequently.

For example: SIRS has the basic tools to analyze claims data, including a data warehouse that allows investigators to analyze from their desktops claims made during the previous five years. However, SIRS does not have data-mining software that would enhance its ability to identify complex fraud schemes and patterns. (In the following section, we discuss data-mining software in more detail.)

Table 2.5: Proactive Techniques to Detect Emerging Fraud Schemes Minnesota Procedure Procedure Use a broad range of analytic tools to identify suspicious patterns from claims data Partially Analyze patterns of denied claims to identify providers who are testing the system No Establish and maintain a network of contacts with other insurers and law-enforcement agencies Yes Create focus groups of recipients and providers to discuss vulnerabilities and patterns of suspicious behavior Minimally Interview convicted perpetrators to identify fraud methods and payment control vulnerabilities No Conduct undercover operations Minimally Create internal teams to think up ways to cheat the system Partially

SOURCE: Malcolm Sparrow, License to Steal: How Fraud Bleeds America's Health Care System, (Boulder, CO: Westview Press, 2000), 222-223.

DHS lacks data-mining software to thoroughly analyze claims data for aberrant billing patterns.

41 Sparrow, License to Steal, 222.

SIRS staff analyzes rejected claims as well as paid claims when it reviews the claims history of providers it is investigating. However, as discussed earlier, DHS does not regularly analyze rejected claims to identify providers who have a high volume of rejected claims and may be testing the system to determine how they can cheat it.

DHS meets regularly with various agencies, including other insurers, law enforcement agencies, the Attorney General's Office, and managed care organizations to learn about fraud schemes that these agencies are detecting. In addition, until recent travel restrictions and budget constraints, staff from SIRS regularly attended conferences and workshops with its counterparts in other states.

SIRS does not conduct regular focus groups with MA providers and recipients to discuss emerging fraud schemes and payment control vulnerabilities. SIRS meets infrequently with recipient groups and talks with providers individually. According to one senior investigator, SIRS could enhance its ability to detect fraud schemes by meeting with recipient groups such as senior federations to alert them about fraud schemes and how to recognize and report them. For example, the SIRS manager recently gave a talk at a meeting of Senior Linkage Live workers (who help seniors on a telephone help line) about recognizing fraud and abuse.

DHS does not interview convicted perpetrators to identify fraud methods and payment control vulnerabilities. According to the SIRS manager, staff learn about the fraud techniques used by convicted providers during the course of the investigation. The manager also noted that providers would not likely want to talk with SIRS investigators after being convicted.

During the 1980s and early 1990s, SIRS staff posed as recipients to see if providers would bill for services that were not provided. These undercover operations have not been used recently, in part because SIRS has fewer investigators than it did in the early 1990s and these operations did not uncover as much abuse as expected.

DHS does not create internal teams to test ways to cheat the system, but according to the SIRS manager, investigators are expected to test the system to see if it will pay for various types of claims. Illinois is more aggressive in identifying new fraud schemes. It has a fraud and abuse "think tank" that is staffed with six investigators. Its mission includes thinking of ways to cheat the system and to "develop or acquire fraud detection routines." Specifically, this unit "looks for fraudulent service patterns that are beyond the scope of [typical post-payment reviews]." Among other things, it is responsible for developing "cutting-edge program integrity software." 42 According to DHS, Minnesota does not have the resources to staff a "think tank" unit the size of Illinois' unit.

In the past, DHS has carried out underecover operations to detect MA fraud.

42 Health Care Financing Administration (now the Centers for Medicare and Medicaid Services), U.S. Department of Health and Human Services, Review of State Medicaid Program Integrity Procedures: State of Illinois, (Atlanta, GA: August 2000) 24-27.

COMPONENT 6: CONTROL FOR BOTH SIMPLE AND COMPLEX SCHEMES A comprehensive payment control system should address not only simple fraud schemes but also complex schemes. 43 Simpler schemes usually involve one claim or a series of claims submitted by the same provider, such as a provider billing MA for the same service twice. In contrast, complex fraud schemes often involve multiple claims, providers, and recipients. For example, providers in an informal network may refer a set of patients to each other for medically unnecessary or costly services over a period of time. When we examined DHS' capacity to detect the full range of fraud schemes, we found that:

Minnesota's payment control system primarily focuses on detecting the simpler types of fraud schemes.

For example, as we discussed earlier in this chapter, DHS reports that private insurance companies, contractors who process Medicare claims in Minnesota, and other states have praised DHS' system of claims processing edits that check and review claims before they are paid. According to these sources, the edits that check for basic billing inconsistencies, such as duplicate or conflicting claims, are particularly strong.

However, we identified some payment control strategies that address more complex fraud schemes that DHS does not pursue. For example, DHS' provider enrollment process does not thoroughly analyze personal and business relationships among providers. If a group of providers has common ownership, these providers may have a financial incentive to refer patients to each other for medically unnecessary or costly services. While DHS' provider enrollment form asks for (1) a listing of all individuals or businesses that own at least 5 percent of the provider business and (2) a listing of these owners that also own at least 5 percent of another provider business, the department does not track these relationships to identify groups of provider businesses with common ownership. DHS only uses these lists to identify owners excluded by the federal government from participating in the states' Medicaid programs. While we are unaware of any state Medicaid program that can track common ownership between providers businesses, the federal government is trying to make progress in this area for the Medicare program, a federally-run health care program for the elderly. Specifically, the federal government has discussed implementing a new centralized data system of providers enrolled in Medicare—called the Provider Enrollment, Chain, and Ownership System (PECOS)—that would track owners and the relationships between providers. 44

Minnesota's post-payment review of claims also focuses on detecting simpler types of fraud schemes. As mentioned earlier, SIRS investigators can access from heir desktop computers five years of claims data and run queries to identify simple aberrant billing patterns, such as a physician who orders a disproportionately high percentage of medical tests. Yet, these investigators lack the data-mining software and technical expertise to analyze claim patterns involving multiple parties, including those involving collusion between patients and providers.

DHS lacks the capacity to track the personal and business relationships between providers.

43 Sparrow, License to Steal, 232-234. 44 U.S. General Accounting Office (GAO), "Prepared Statement of Leslie G. Aronovitz, Associate Director, Health Financing and Public Health Issues, Education, and Human Services Division,

GAO" in Medicaid Provider Enrollment: Assessing State Efforts to Prevent Fraud (Hearing before the U.S. House Subcommittee on Oversight and Investigations of the Committee on Commerce) (Washington, DC: U.S. Government Printing Office, 2000), 25.

SIRS has explored the possibility of obtaining data-mining software, but it put this effort on hold because of budget issues. It would be expensive for Minnesota to purchase this type of software and have the staff to (1) use it and (2) investigate and prosecute the additional cases that it generates. Data-mining software requires significant staff expertise to take advantage of the software's capacity. Currently, SIRS does not have staff with strong statistical or data analysis backgrounds, but it plans to hire such a person in the near future. The SIRS manager estimates that it would cost hundreds of thousands of dollars to purchase and administer the data-mining software, not counting the cost of extra staff time to investigate the additional cases identified. DHS needs to determine if the software and additional staffing would lead to the prevention or recovery of enough improper payments to make the investment cost effective. To carry out this type of assessment, Malcolm Sparrow, a nationally recognized health care fraud control expert, suggests that states ask vendors of data-mining software to conduct trial tests with some Medicaid data from their state to determine whether it would be cost-effective for them to purchase and support it.

COMPONENT 7: MAKE SURE THAT EVERY CLAIM FACES SOME RISK OF REVIEW As long as fraudulent providers keep their improper bills within accepted and normal billing patterns, typical claims processing and post-payment computerized analyses would not flag these claims for review. 45 For example, a doctor can get paid for services that were never provided as long as he or she bills for patients who are eligible for these services and as long as the claims meet all of the other program requirements for which DHS' claims processing edits check. Similarly, DHS' post-payment reviews that look for aberrant billing patterns—such as a doctor who orders certain tests significantly more often than other doctors—would not identify these claims as potential problems as long as the fraudulent services are billed within normal patterns of service.

To deter this behavior, it is important that claims that get through DHS' computerized checks face some risk of further review. We found that:

DHS largely relies on MA recipients to review claims that pass its computerized checks.

COMPONENTS OF A COMPREHENSIVE PAYMENT CONTROL STRATEGY

45 Sparrow, License to Steal, 224-225.

Each time that DHS pays a provider for a set of MA services, DHS mails a form—called an explanation of medical benefits—to the recipient of these services. The form specifies the type and date of the services that were provided and instructs the MA recipient to review the listed services and report to DHS any inaccuracies, such as the provider billing DHS for services that the recipient did not receive.

The effectiveness of this review depends on how many recipients read and understand the form and call DHS if they see a discrepancy. One problem is that the descriptions of some services are confusing because they rely on the service categories used by the computerized billing system. For example, the form uses "surgical services" to include a variety of services that recipients may not consider surgery, including putting on a cast. As a result, it can be hard for recipients to spot problems on these forms. DHS recognizes that the form can be confusing but says that it would be expensive to improve the descriptions used by the current billing system.

Another way in which claims face a risk of being reviewed is through DHS' investigations or audits of providers. Providers may be deterred from filing incorrect claims if they face a sufficiently large risk of being audited. Audits of this nature are an important part of the Internal Revenue Service's (IRS) strategy to deter taxpayer fraud and abuse. According to the U.S. General Accounting Office, it is widely believed that the proportion of taxpayers that is audited affects voluntary compliance. 46 Using the results of tax compliance research, the IRS targets its audits on returns more likely to have understated tax liabilities. DHS also targets its health care investigations, though in a less rigorous manner than the IRS does. As we discussed in an earlier section, the fact that Minnesota does not comprehensively estimate its improper MA payment problem limits how well DHS can target its investigations.

One national health care fraud control expert recommends a somewhat different approach to auditing claims as a fraud deterrent. 47 He acknowledges the value of targeting resources but emphasizes that a fraud control strategy should include random audits so that every claim and every provider face some risk of review. The risk of review could vary among providers, but he suggests that every provider should have at least a one percent chance of being reviewed. He argues that relying too much on targeted audits will not work because fraud perpetrators would simply switch their fraud schemes away from areas targeted by regulators. The merit of this argument depends on several factors, including (1) how quickly fraud perpetrators learn the criteria upon which audits are targeted, (2) how easily fraud perpetrators can switch their fraud to untargeted areas, and (3) how quickly regulators can change their selection criteria in response to changing types of fraud. According to SIRS staff, they recognize the value of random auditing and use this tool when funding and staffing are available. For example, SIRS conducts random audits of pharmacy providers.

A national fraud control expert recommends random audits of MA claims.

DHS sends a form to MA recipients asking them to review the services for which DHS was billed.

46 The General Accounting Office also noted that the only research evidence on this issue is one study that suggested tax audits increased taxpayer compliance. See U.S. General Accounting Office, Tax Administration: IRS Should Continue to Expand Reporting on Its Enforcement Efforts (Washington, DC: January 2003), 21.

47 Sparrow, License to Steal, 224-225.

COMPONENT 8: GIVE MANAGED CARE PROPER ATTENTION As described in Chapter 1, DHS contracts with managed care organizations (MCOs) to administer health plans and provide MA services. While MCOs' primary role is to facilitate appropriate patient care in a cost-effective way, they must also help ensure program integrity. As administrative agents of the state, MCOs are responsible for detecting, investigating, and referring improper and suspicious claims that arise in the managed care setting.

While the payment control procedures that we discussed elsewhere in this report also apply to health services provided under managed care, they are generally carried out by the MCOs, rather than the state. Thus, some policymakers believe that a managed care system largely takes care of improper payments from the state's perspective. However, the state still faces some risks and needs to ensure that managed care organizations (1) have procedures for preventing and detecting improper claims from providers and (2) make available the health care services they have been contracted to provide. In examining these issues, we found that:

Overall, DHS has established many payment control requirements for managed care organizations. However, the department does not systematically assess the quality of the MCOs' program integrity efforts.

The payment control literature that we reviewed identifies several important oversight practices with respect to managed care. Table 2.6 lists many of these practices and indicates whether Minnesota carries them out.

For example, DHS' contracts with MCOs require the MCOs to develop payment integrity programs. Under these programs, MCOs must designate individuals responsible for fraud control and establish fraud control units that have fraud detection and referral guidelines and recordkeeping databases. The MCOs must also submit to DHS patient "encounter" data, which includes detailed information on each MA service provided through the MCO, so that DHS can use this information to help calculate appropriate "capitation" rates for future years. In addition, MCOs must submit to DHS annual reports that describe the MCOs' fraud control efforts and outcomes from the past year.

DHS has also incorporated several incentives in its MCO contracts, including prompt data reporting and claims processing incentives. For example, if an MCO does not promptly process claims and submit its encounter data, the costs for those claims are not allowed into DHS' calculation of future capitation rates. Furthermore, DHS retains the authority to withhold a portion of current contract payments.

However, the department has largely delegated responsibility for detecting, investigating, and controlling improper payments to the MCOs. DHS does not actively assess the quality of the payment control activities, conducts only limited oversight activities, and has only recently implemented some quality assessment protocols. 48 According to DHS staff, some MCOs are better at fraud detection and investigations than others. We also found that the MCOs' program integrity activities and capabilities vary. For example, there is wide variation in the MCOs' capacities to analyze claims data for aberrant and suspicious billing patterns, as SIRS does for the MA fee-for-service system. While one MCO has sophisticated analytical software with trained staff to proactively mine data, another MCO has virtually no analytical software capabilities.

COMPONENTS OF A COMPREHENSIVE PAYMENT CONTROL STRATEGY 43 DHS requires managed care organizations to have payment integrity programs.

Table 2.6: Important Oversight Pertinent to Managed Care Minnesota Procedure Procedure Establish a strategic plan for contract management within the Medicaid agency to oversee payment control activities, including designating a unit responsible for oversight, enforcing contract provisions, and assessing program vulnerabilities Partially—DHS does not systematically assess the MCOs' control initiatives. Require MCOs to implement program integrity programs, which include fraud control units within the MCOs, fraud detection and referral guidelines, and recordkeeping databases Yes Develop contract provisions relating to program integrity, such as creating incentives for recovering overpayments, referring fraud and abuse cases, and improving claims processing safeguards Partially a

Monitor and evaluate MCOs payment control activities which includes carrying out unannounced on-site reviews, reviewing claims, double-checking encounter data, and reviewing contracts between MCOs and providers for improper incentives and compensation arrangements

Minimally b

Evaluate MCOs services to check for underutilization, which includes using peer review organizations, ombudsman procedures, and customer satisfaction surveys Yes

Ensure reliable and usable encounter data for setting capitation rates and analyzing data for fraud Yes Analyze MCO encounter data for aberrant billing patterns No a Although the contracts specify requirements for detecting and referring fraud and abuse, the contracts do not include specific financial incentives tied to recovering overpayments and reporting fraud, other than the MCOs direct savings achieved under the capitation arrangement.

b Minn. Stat.( 2002) 256B. 27, subd. 3 requires that DHS must give providers 24 hours notice prior to site visits. However, the department rarely performs site visits even under these circumstances. In addition, the department does not review a sample of MCO and provider contracts to check for improper incentives and compensation arrangements. The department recently contracted with an independent research firm to conduct a payment accuracy audit of managed care services using its MCO encounter data. SOURCE: We compiled these practices from several literature sources including: Health Care Financing Administration, Guidelines for Addressing Fraud and Abuse in Medicaid Managed Care, (Washington, DC: 2000); U.S. General Accounting Office, Medicare: HCFA Oversight Allows Contractor Improprieties to Continue Undetected,( Washington, DC: 1999); Centers for Medicare and Medicaid Services, U.S. Department of Health and Human Services, Review of State Medicaid Program Integrity Procedures: National Report, Fiscal Year 2000( Atlanta, GA: June 2001); Office of Inspector General, U.S. Department of Health and Human Services, Medicaid Managed Care Fraud and Abuse( Kansas City, MO: June 1999).

DHS carries out several important managed care oversight activities.

48 In addition, DHS relies on the Consumer Division within the Attorney General's Office to investigate and prosecute fraud committed by the managed care organizations in the administration of the contracts.

In addition, although the MCOs must report their fraud control efforts to DHS, including the number and outcomes of investigations and referrals, SIRS does not systematically track or compile this information, as we found reflected in its investigation database. While the MCOs must immediately report suspected fraud cases to the Attorney General's Office for criminal prosecution, the MCOs do not always notify the SIRS staff directly of these cases. 49 Better tracking of these cases could help the SIRS staff further investigate suspected providers that also participate in the MA fee-for-service program.

To help improve the detection and investigation practices of the MCOs, SIRS staff meet annually with MCO staff responsible for fraud and abuse control. During these site-visits, SIRS staff review the MCOs' fraud control activities of the past year, provide technical assistance, and recommend areas for future investigation by the MCOs. In addition, SIRS staff meet occasionally with front-line staff from these organizations to discuss potential fraud schemes and effective investigative techniques. Neither SIRS nor the Attorney General's Office, however, explicitly review the quality of the MCOs' individual investigations.

Under-utilization of health services—which involves providers not offering the health services that DHS has contracted MCOs to provide—is a risk in managed care. Because managed care contracts typically include compensation based on a "capitation" arrangement, a fixed amount of money is paid to the MCO regardless of the amount of services patients actually receive. Thus, MCOs largely bear the risk of providing services and have a financial incentive to control costs, which may include inappropriately restricting services.

As part of the department's efforts to monitor and evaluate the quality of its managed care programs, DHS has implemented several quality control initiatives, including checking for underutilization-type fraud. 50 Federal law requires MCOs participating in MA to report annually to DHS their performance on national standardized measures, such as childhood immunization and cancer screening rates. 51 The department also recently underwent a peer review by an independent federally certified organization. 52 These reviews use a variety of medical treatment standards to compare the quality of Minnesota's MA services to national averages. Staff in DHS' Performance Measurement and Quality

COMPONENTS OF A COMPREHENSIVE PAYMENT CONTROL STRATEGY 45 Under-utilization of health services is a risk in managed care.

49 Staff from the Attorney General's Office reported that they receive very few criminal fraud referrals from the managed care organizations, even though the managed care organizations serve, on average, 53 percent of the MA population. 50 New federal regulations will require all managed care plans providing MA services to be certified by the National Committee for Quality Assurance (NCQA) and reviewed for results on

HEDIS measures. 51 These measures are called the HEDIS—Health Plan Employer Data Information Set—measures. The 2003 report found that Minnesota's MCOs meet or exceed national Medicaid averages for 67 percent of the HEDIS measures, although the individual MCOs' performances varied considerably. However, despite favorable results in relation to national averages, MCOs' MA plans are not matching the performance of their own commercial plans in many cases. The Department of Human Services, Primer on the Medicaid and Minnesota Care Health Plan Employer and Information Set (HEDIS) HEDIS® 2002 Results: Calendar Year 2001 Data, (St. Paul, January 2003), 14. 52 For example, the 2003 study found that while Minnesota's performance on asthma treatments was similar to the national Medicaid population average, it was still significantly lower than the medically suggested level of care. In addition, the report found low practitioner and patient compliance with local and national guidelines concerning asthma treatments. The Michigan Peer Review Organization, Minnesota Department of Human Services 2001 EQR: Respiratory Care Study (Plymouth, MI: February, 2003), executive summary 3-4.

Improvement Division use the results of these reporting activities to assess the possibility of underutilization occurring in some plans. DHS also monitors MCOs' health care services through customer satisfaction surveys and reviews of MA recipients' decisions to switch managed care plans.

DHS' Ombudsman Office fields complaints from recipients and providers about MA services. MCOs must also compile and report complaints to the Ombudsman's Office for review and resolution. However, the office does not systematically or formally assess complaints about the MCOs; rather, complaints and problems are handled on an informal and ad hoc basis.

The last two practices in Table 2.6 address the validation and analysis of MCOs' encounter data, which provides individual claims-level information for all the health care services provided through managed care. To help ensure the validity of this information, DHS runs the data through the claims processing edits used for the fee-for-service claims. In addition, the department has hired an outside research firm to audit a sample of these data for payment accuracy. As mentioned above, DHS uses these data to help establish future capitation rates for MCOs and to record managed care services provided under MA. However, the department does not analyze these data for aberrant billing patterns as recommended by the U.S. Department of Health and Human Services. 53

COMPONENT 9: ENSURE SUFFICIENT CONSEQUENCES

Effectively deterring fraud, abuse, and other types of improper payments depends on the perceived probability that the system will catch people who engage in inappropriate activities and on the seriousness of the consequences once caught. In this section, we briefly review a few of DHS', the Attorney General's, and the counties' efforts to ensure adequate consequences. We also address areas of concern raised by stakeholders. We did not, however, comprehensively analyze state and federal law or assess the actual outcomes of the state's enforcement activities, such as analyzing recidivism rates.

As described in Chapter 1, DHS handles administrative violations resulting from abusive practices or unintentional billing errors by providers and is responsible for recovering improper payments. 54 The department may pursue (1) recovery of all or a part of overpayments, (2) reimbursement of investigative costs, (3) damages, and (4) administrative sanctions, such as suspending or terminating providers, requiring provider education, manually reviewing claims, and suspending claims. 55 The Attorney General's Office handles cases involving civil litigation and criminal prosecution of provider fraud, as well as cases involving provider/recipient collusion and incidents of patient abuse. 56 Civil and criminal remedies can include incarceration, probation, and the recovery of overpayments, prosecution costs, and damages. 57 Finally, counties are responsible for investigating and prosecuting MA recipient fraud. 58 These remedies can involve recovery of benefits and disqualification from the program. 59

DHS does not analyze claims-level data from managed care organizations for aberrant billing patterns.

53 Health Care Financing Administration, Guidelines for Addressing Fraud and Abuse in Medicaid Managed Care, 38.

54 42 CFR sec. 455.13-455.23 (2002) and Minn. Stat. (2002) §§ 256B. 04 and 256B. 064. 55 Minn. Stat. (2002) §256B. 064; and Minn. Rules ch. 9505.2205-9505-2236 and 9505.0465-9505.0475.

56 42 CFR sec. 1007.11 (2002) and Minn. Stat. (2002) §256B. 12.

When we examined the efforts of DHS, the Attorney General's Office, and the counties to ensure sufficient consequences, we found that:

Minnesota does not use the full range of sanctions and remedies available under Minnesota law when pursuing providers and recipients for inappropriate activities related to MA. The manager of the state's recipient eligibility fraud prevention program suggested that recipient fraud cases have little deterrent value because recipients who commit fraud rarely face prosecution or administrative sanctions. According to the manager, prosecuting recipient eligibility fraud is a low priority among county prosecutors, and, unlike MFIP and Food Stamps, the federal government does not compensate states for the costs of prosecuting MA recipient fraud. MA also differs from MFIP and the Food Stamp program in that DHS currently cannot disqualify otherwise eligible adults from MA unless they have been convicted of a criminal offense relating to MA eligibility. 60 The 2003 Minnesota Legislature gave DHS the authority to disqualify eligible adults without a criminal conviction, but the federal government must approve this authority before it can be used. 61

In contrast, in the past five years, criminal complaint filings, convictions, and civil settlements achieved by the Attorney General's Office have significantly increased. As Figure 2.2 illustrates, between 1996 and 2002, the annual number of criminal convictions increased threefold from 5 to 16, even though the number of staff did not change significantly during that period. 62 The annual number of civil settlements, which include either administrative sanctions or license suspensions, increased from 2 in 1996 to 15 in 2002. According to staff from the Attorney General's Office, a change in administration and staff was the primary reason for the increased focus on prosecuting violations. For example, these staff report that prosecutors seek the maximum available penalties and will handle nearly all cases that fall under the Attorney General's jurisdiction. 63

DHS cannot currently disqualify otherwise eligible adults from MA unless they have been convicted of a crime related to MA eligibility.

57 Minn. Stat. (2002) §§ 256B. 98; 256B. 121; 609.466; 609.48; 609.52, subd. 3; and 609.625. 58 Minn. Stat. (2002) §256.046. 59 Minn. Stat. (2002) §609.52, subd. 4. 60 Minn. Stat. (2002), §256B. 061( a) 61 Laws of Minnesota (1Sp2003), ch. 14, art. 12, sec. 14. 62 The number of filings and convictions by the Attorney General's Office can be affected by the number of referrals from DHS. In addition, in 1999, the Attorney General's Office received expanded authority under federal law to (1) investigate cases involving patient abuse and neglect in non-Medicaid facilities and (2) investigate fraud in the Medicare program where the case is primarily related to Medicaid. 63 As we described earlier in this chapter, the Attorney General's Office will refer personal care assistant cases that involve family collusion and recipient participation to the counties for prosecution, if the recipient is receiving full services and adequate care.

SIRS is responsible for pursuing administrative actions against and recoveries from providers and typically relies on informal negotiations to obtain repayments. 64 Settlement amounts are usually based on the total amount of overpayment, the strength of the case, and the provider's ability to repay. The provider's history of compliance is also considered; however, according to the SIRS manager, his staff infrequently suspend or restrict providers from participating in the MA program. In addition, SIRS rarely seeks payments above the actual amount of overpayment, such as seeking treble damages or reimbursement for the costs of conducting an investigation—both of which are allowed under state law. 65 According to the SIRS manager, seeking damages and investigation costs are a likely "deal breaker" and would result in contested hearings or litigation. The SIRS does not require manual prepayment review of claims for providers under investigation, and it rarely completely suspends payments to providers under investigation and prosecution by the Attorney General's Office.

In reviewing SIRS' other enforcement and recovery activities, we were unable to fully assess their efforts due to incomplete information in the SIRS' case database. Specifically, while SIRS records the cases that it opens and the total amount of final settlements, important information is sometimes incomplete or inconsistent. For example, SIRS does not consistently identify in its system the cases that proceed to administrative trial or other dispositions. In addition, DHS does not systematically assess the outcomes or effectiveness of its enforcement and settlement practices. For example, it does not analyze data on the size of improper payments that providers received, the amount of money the offenders were supposed to pay back, and the other sanctions and penalties that were imposed. These types of analyses would allow the state to determine (1) the extent to which the improper payment settlements are negotiated or reduced, (2) the use of sanctions and penalties, and (3) recidivism rates. In contrast, the Attorney General's Office must evaluate and report annually to the federal government its investigation and prosecution performance in order to obtain funding and retain certification of its fraud control program.

0 5 10 15 20 25

1996 1997 1998 1999 2000 2001 2002 Criminal Complaints Filed Criminal Convictions Civil Settlements Number of Staff

Figure 2. 2: Attorney General's Medical Assistance Case Dispositions and Staffing, 1996-2002

SOURCE: Minnesota Attorney General's Office data. Number of Cases/Staff The number of criminal and civil settlements has increased substantially in recent years.

64 Attorneys from the Attorney General's Office civil division also provide legal advice to the SIRS section in pursuing administrative recoveries.

65 Minn. Stat. (2002), §§ 256B. 064 and 256B. 121.

The payment control literature also suggests that states enact health care-specific criminal and civil legislation to help create effective criminal and civil sanctions and ease the difficulty for building cases under broad generic criminal statutes. 66 However, we found that:

Compared with some other states and the federal government, Minnesota does not have a full range of legal remedies for ensuring the integrity of the Medical Assistance program. Minnesota Rules include some provisions to help facilitate investigations and recover payments, such as suspending payments for providers under investigation and allowing DHS to examine health records, equipment, and contracts. 67 Otherwise, most remedies and liabilities for MA violations are available under general theft, perjury, and forgery statutes. 68 In contrast, the federal government and some other states have more explicit laws for prosecuting and litigating Medicaid fraud.

For example, the federal government has a "False Claims Act" which explicitly applies to Medicaid fraud. 69 Several studies report that the federal government, through the Act, has had significant success in recovering improper payments and deterring Medicare and Medicaid fraud. 70 The Act's provisions include (1) financial incentives for private individuals to report fraudulent activities, (2) civil remedies that include treble damages and penalties ranging from $5,500 to $11,000 for each false claim, and (3) strict reporting requirements for providers subject to settlements. In addition, the Act imposes standards and liabilities for activities specific to Medicaid fraud, such as liability not only for directly government contractor or individual for damages and penalties caused by knowingly submitting false or fraudulent claims for federal funds. The qui tam plaintiff is also entitled to share in settlements or judgments, depending on his or her contribution to the case. 70 For example, see: Jack A. Meyer and Stephanie E. Anthony, Reducing Health Care Fraud: An Assessment of the Impact of the False Claims Act, (Washington, DC: Taxpayers Against Fraud, September, 2001) 50-51. The study estimates that the direct benefits obtained from enforcement using the False Claims Act are at least eight times the costs.

The federal government and some other states have more explicit laws than Minnesota to help prosecute Medicaid fraud. 66 U.S. General Accounting Office, State Efforts to Control Improper Payments Vary, 24; and Health Care Financing Administration, Guidelines for Addressing Fraud and Abuse in Medicaid Managed Care, 31. 67 Minn. Rules, ch. 9505, et seq. 68 Generally, any person who, with the intent to defraud, presents a claim for reimbursement, a cost report, or a rate application, relating to the payment of Medical Assistance funds, which is false, is guilty of an attempt to commit theft of public funds. Minn. Stat. (2002), §609.466. Other remedies for Medical Assistance violations are available under general perjury and aggravated forgery statutes. 69 31 U.S. Code §§ 3729( a)-( b) and 3729( a)( 7). Under the False Claims Act, either the federal government or a private party, referred to as a "whistleblower" or "qui tam relator," can sue any submitting false claims but also for "causing" false claims to be submitted and "acting with reckless disregard."

However, the Act only applies to the federally funded portion of Medicaid recoveries. States seeking to recover state funds must bring a supplementary state claim. To improve their abilities to pursue and recover Medicaid funds, 11 states have adopted laws that mirror the language of the False Claims Act, including the financial incentives to report fraudulent activities. 71 During interviews, staff from the Attorney General's Office suggested that enacting similar statutes in Minnesota could facilitate prosecuting MA offenses.

Furthermore, other states have passed laws to facilitate the investigation and prosecution of Medicaid fraud. 72 For example, in Mississippi, state regulations elevate the status of state fraud investigators to sworn law enforcement officers and remove the Statute of Limitations for prosecuting Medicaid fraud. 73 Unlike Minnesota, many states have also adopted criminal "anti-kickback" laws, which make it a crime for one provider to receive a monetary reward from another provider for referring an MA recipient for services. 74 In addition, some states have adopted statutes specific to managed care organizations' obligations to detect and refer Medicaid fraud and abuse, many of which are based on the National Association of Medicaid Fraud Control Units model civil and criminal managed care statutes. 75

COMPONENT 10: PERIODICALLY ASSESS AND REVISE THE PAYMENT CONTROL SYSTEM Fraud is often a dynamic process in which criminals continuously try to find vulnerabilities. Thus, a good payment control system needs to be periodically assessed and revised to maintain its integrity. We found that:

Fraud is often a dynamic process in which criminals continuously try to find vulnerabilities. 71 Andy Schneider, Ed., Reducing Medicaid Fraud: The Potential of the False Claims Act, (Washington DC: Taxpayers Against Fraud, June 2003), 26. As of May 2002, the eleven states were: California, Delaware, Florida, Hawaii, Illinois, Louisiana, Massachusetts, Nevada, Tennessee, Texas, and Virginia; the District of Columbia has also adopted provisions similar to the False Claims Act. 72 U.S. General Accounting Office, State Efforts to Control Improper Payments Vary, 24. The U.S. Department of Health and Human Services provides a general list of Medicaid fraud statutes at http://cms.hhs.gov/states/fraud/mfs/state_ select. asp. 73 Sparrow, Innovations and Obstacles, 42. 74 Minn. Stat. (2002) §62J. 23 requires the Commissioner of Health to adopt rules restricting financial relationships or payment arrangements involving health care providers. The rules must be similar to the federal Medicare anti-kickback statute. As of July 2003, the Commissioner of Health had not adopted these rules. Interim provisions allow the state to assess administrative fines of $1,000 or 110 percent of the estimated financial benefit for the referral. However, the provision has rarely, if ever, been used.

75 National Association of Medicaid Fraud Control Units, Model Managed Care Civil Statutes, (Washington DC: March 2000); and National Association of Medicaid Fraud Control Units, Model

Criminal Enforcement Statutes for Managed Care, (Washington, DC: March 2000).

DHS often changes its payment control system when it becomes aware of weaknesses, but the department does not comprehensively and proactively assess and revise the system. On many occasions, DHS has revised its system after discovering weaknesses in it. For example, in its investigations of special transportation services, SIRS staff noted that some transportation providers, particularly small providers, had for years been paid for transportation services without appropriate physician certification. (MA does not cover special transportation services unless a physician certifies that the MA recipient needs these services.) To avoid paying for uncertified services, DHS changed its procedures to require that certificates be given to DHS before it would pay for special transportation services.

While DHS does make changes to the payment control system as problems arise, we identified several areas in which DHS does not comprehensively and proactively assess its control system. For example, it does not assess the size and nature of the improper payment problem so that it can make appropriate adjustments to its control structure. In addition, as discussed earlier, DHS does not run a regular report that shows the frequency with which each of its claim processing edits accept, suspend, or reject claims. Such a report could be used to identify edits that are no longer useful—those that always, or nearly always, accept claims. Furthermore, DHS monitors only on a limited basis which payment control activities are the most cost effective. For example, SIRS assesses the costs and savings achieved by its pharmacy project by operating the project with a revolving fund. (According to SIRS staff, the program easily pays for itself.) In addition, SIRS is currently examining the cost savings attributable to the program that restricts recipients who abuse MA services. DHS could conduct similar analyses in other areas. Payment control activities that have a high cost-savings or rate-of-return are good candidates for additional investments. Of course, if DHS tracks the benefits of each activity, it should consider the value of benefits that it may not be able to fully measure, such as deterrence and prevention.

A staffing decision that DHS made in the mid-1990s highlights the need for periodic assessment and revision. In 1994, DHS cut the investigative staff of SIRS from 14 (including 2 supervisors) to 7 (including 1 supervisor). We estimate that this saved DHS approximately $350,000 per year. 76 However, after the staff cuts, DHS' improper payment settlements with providers dropped by $1.7 million per year, going from $2.3 million per year during 1991-93 to $0.6 million per year during 1994-96. While several factors could help explain this reduction in settlements, the fact that the staff reduction occurred at the same time raises questions about the cost effectiveness of this decision. In addition, as of June 2003, SIRS had roughly the same number of investigators as it had after this reduction.

Sometimes weaknesses persist even after DHS recognizes them. For example, the department runs "exception" reports to identify unusual billing and service patterns for possible investigation. The computer program that generates these reports has not been updated since it was created in 1994. The program is inflexible and cannot be easily adapted as fraud schemes change or as SIRS learns more about suspicious billing and service patterns. In addition, the staff members who work with these reports do not fully understand how the program works and is prioritizing cases for investigation. According to the SIRS manager, DHS is planning to fix this problem in the near future.

In 1994, DHS made a questionable staffing decision when it reduced its investigative staff.

In fiscal year 1996, SIRS' expended roughly $47,000 per full-time employee equivalent. Thus, a reduction of 7 employees would save DHS just over $300,000 per year.

CONCLUSION Overall, Minnesota has a reasonable approach to controlling improper MA payments. The state's payment control system meets federal requirements and has many elements that are recommended in the national payment control literature. Nevertheless, we think that the state's approach to controlling improper MA payments needs more strategic direction and focus. This involves assessing the size and nature of the payment control problem in Minnesota and evaluating the effectiveness of existing and prospective payment controls. Without this information, DHS does not know whether it is over-or under-investing in its payment control system or whether it is allocating resources in the right areas. Furthermore, DHS needs to make payment control and program integrity a department-wide goal and objective.

Recommendations SUMMARY The Department of Human Services (DHS) and the Attorney General's Office should develop a comprehensive, statewide strategy for controlling fraud, abuse, and other types of improper payments in the Medical Assistance (MA) program. As a first step, the state should estimate the size and nature of the improper payment problem in Minnesota. The state should also periodically evaluate the effectiveness of existing and prospective payment controls. This information will help determine how much the state should invest in payment controls and where to allocate these resources. DHS should also clearly emphasize in its department-wide objectives and goals the importance that payment control plays in the department's operations. In the meantime, DHS should provide the 2004 Legislature with an action plan detailing how it will develop and implement a comprehensive, system-wide payment control strategy.

In Chapter 2, we reported that the state's payment control effort needs more strategic direction and focus. Consequently, in this chapter we make five recommendations for improving the state's payment control strategy. RECOMMENDATION DHS, with the direct input of the Attorney General's Office, should develop a comprehensive, system-wide strategy for controlling fraud, abuse, and other types of improper payments. In addition, DHS should provide the 2004 Legislature with an action plan for how it will develop and implement this strategy.

In Chapter 2, we reported that Minnesota does not have a comprehensive, system-wide strategy to guide its payment control efforts. When we asked officials from DHS to articulate its payment control strategy for the MA program, they told us that it is largely implicit in the control efforts that we discussed and evaluated in Chapters 1 and 2. DHS has written parts of the strategy in (1) the overall Medicaid plan that its sends to the federal government, (2) DHS' provider manual, which describes the state health care programs, the billing process, and the responsibilities of the providers, and (3) the job descriptions and work plans of the various payment control sections. However, there is no document that pulls all the pieces together and lays out the overall strategic plan. Minnesota's strategy should address each of the ten key components of a comprehensive strategy discussed in Chapter 2 and identify objectives, goals, and performance measures for the payment control system.

The state needs a comprehensive strategy for controlling improper MA payments.

RECOMMENDATION DHS should increase its efforts to periodically assess the amount and nature of improper payments that are slipping through the MA payment control system.

The state's payment control strategy should be guided by the size and nature of the improper payment problem in Minnesota. If it turns out that a substantial amount of improper payments are slipping through the state's payment control system, DHS and the Attorney General's Office should investigate and implement steps to substantially improve the system. Conversely, if it turns out that improper payments are not a significant problem, the state would not need to make substantial changes. The U.S. General Accounting Office, after evaluating Medicaid and several other large federal programs, concluded:

With billions of dollars at risk, agencies will need to continuously and closely safe guard those resources entrusted to them and as sign a high priority to reducing fraud, waste, and abuse. A first step for some agencies will involve developing mechanisms to identify, estimate, and report the nature and extent of improper payments annually. With out this fundamental knowledge, agencies can not be fully in formed about the magnitude, trends, and types of pay ment errors occurring within their pro grams. As a result agencies can not make in formed cost-benefit decisions about strengthening their internal controls to minimize future improper payments or effectively develop goals and strategies to reduce them. 1

The best way to assess the size and nature of the improper payment problem is to carry out a detailed audit of a random sample of MA payments. However, as discussed in the first section of Chapter 2, a comprehensive, program-wide audit can be difficult to do well and cost up to $1 million. Nevertheless, such an audit can provide valuable insights and direction and help ensure that the state is appropriately spending $4.1 billion annually. (The federal government will pay for half of the cost of state efforts to estimate the improper payment problem.)

There are less-expensive alternatives to a comprehensive, program-wide audit. For example, DHS could carry out a series of smaller targeted audits that estimate the amount of improper payments for provider types that are suspected to be a problem, such as personal care assistants (PCA). These audits would not only help guide DHS' payment control efforts but also help determine if DHS should devote more resources to this type of research. If the targeted audits provide a lot of useful information, there would be additional justification for doing a comprehensive, program-wide audit.

A detailed claims audit can provide valuable insights and direction.

1 U.S. General Accounting Office, Financial Management: Increased Attention Needed to Prevent Billions in Improper Payments (Washington, DC: October 1999), 41-42.

RECOMMENDATION DHS should increase its efforts to evaluate the effectiveness of existing and prospective payment controls.

Decisions about how to improve the state's payment control system should be guided by the effectiveness of existing and prospective payment control activities. However, as we discussed in Chapter 2, DHS does not comprehensively and proactively assess its payment control activities. While evaluating the effectiveness of activities that prevent or deter improper claims from even being submitted can be difficult, DHS should do more to assess its detection and enforcement activities. For example:

The claims processing section could test new edits and see how many improper claims they catch that would have otherwise gone undetected.

SIRS could carry out more of the cost-savings analyses of the type it has already done for its pharmacy project. SIRS could analyze the rates-of-return for the methods it uses to identify cases for investigation, such as the various aberrant billing pattern analyses or the different sources of tips and case referrals. This would allow SIRS to determine which methods are the most effective at generating productive leads.

SIRS could analyze the rate-of-return for investigating cases that are beyond the threshold of its existing investigation resources. For example, in several areas, including the pharmacy and recipient abuse projects, investigators work their way down various lists that rank providers or recipients according to specified selection criteria. The investigators work as far down the list as time permits. By investigating a sample of cases that are beyond the point they would normally stop and tracking the results, DHS could determine whether increasing the resources of SIRS and investigating more cases would be cost effective. As we mentioned in Chapter 2, the reduction in SIRS staff in 1994 appears to have had a negative impact on the recovery of improper payments.

SIRS could do cost-savings analyses for new ways of identifying suspicious claims. For example, it could test changes in its case-selection criteria by tracking and summarizing the outcomes of its investigations. SIRS could give a vendor of data-mining software a sample of MA claims to see if the software can identify improper payments that the current detection system is missing. DHS and the Attorney General's Office could calculate the recidivism rate for people who obtain improper payments.

There are several analyses that DHS could conduct to improve its assessment of the state's payment control system. RECOMMENDATION DHS should improve its automated system for tracking improper payment investigations so that it can effectively evaluate its detection and enforcement efforts.

In order to assess and revise its payment control system, the state needs good information about the activities and outcomes of it detection and enforcement efforts. For each investigation, the state should track:

The payment control procedure that identified the improper payment, The provider's name and billing number, The type of provider, The investigator, The nature and amount of the improper payment, The type of settlement (criminal, civil, or administrative), The settlement amount, The amount actually recovered, and The use of sanctions and penalties. As we discussed in Chapter 2, while DHS' current case tracking system records some of this information, it does not consistently record each of them. For example, while SIRS staff record the amount of the settlement, the actual recoveries are tracked in a separate system. In addition, SIRS staff do not consistently record in the system the source of the original tip for each investigation.

RECOMMENDATION
DHS should clearly emphasize in its department-wide objectives and goals the importance that payment control plays in the department's operations.

Having clear goals and objectives is a key component of any strategy to get staff working toward a common outcome. However, as we discussed in Chapter 2, DHS does not specifically mention controlling improper payments in its department-wide objectives and goals. Yet, the objectives and goals do focus on serving recipients of government assistance. For example, one of DHS' four core values states, "We focus on people, not programs." 2 This imbalance between serving clients and program controls has created some tension within DHS. For example, staff who investigate improper payments want to increase the department's billing oversight for personal care assistants (PCAs). However, the supervisors who oversee and manage the PCA services said that additional oversight is unnecessary and would potentially restrict access to health care by dissuading PCAs from participating in MA. While these divergent goals may reflect the different roles that these staff play within the MA program, the staff are still part of the payment control team and should be working toward a common outcome. In addition, when the state is administering a $4.1 billion program, it must give proper priority to program integrity and payment control.

DHS needs to better track key investigative information.

2 Department of Human Services, "About DHS: Department Overview;" www.dhs.state.mn.us/AboutDHS/overview.htm; accessed May 5, 2003.

Further Reading

Centers for Medicare and Medicaid Services, U.S. Department of Health and Human Services. Guidelines for Constructing a Compliance Program for Medicaid Managed Care Organizations and PrePaid Health Plans. Atlanta, GA: May 2002.

Medicaid Payment Accuracy Measurement Project: Year 1 Pilot Results and Assessment. Washington, DC: December 2002.

Resource Guide of State Fraud and Abuse Systems. Washington, DC: October 2001.

Review of State Medicaid Program Integrity Procedures: State of Minnesota. Atlanta, GA: June 2001.

Review of State Medicaid Program Integrity Procedures: National Report, Fiscal Year 2000. Atlanta, GA: June 2001.

Review of State Medicaid Program Integrity Procedures: National Report, Fiscal Year 2001. Atlanta, GA: May 2002.

Committee of Sponsoring Organizations of the Treadway Commission. Internal Control-Integrated Framework. Jersey City, NJ: American Institute of Certified Public Accountants, 1992.

Health Care Financing Administration (now called the Centers for Medicare and Medicaid Services), U.S. Department of Health and Human Services. Guidance and Best Practices Relating to the States' Surveillance and Utilization Review Functions. Washington, DC: Undated.

Guidelines for Addressing Fraud and Abuse in Medicaid Managed Care. Washington, DC: October 2000.

Review of State Medicaid Program Integrity Procedures: State of Illinois. Atlanta, GA: August 2000.

Health Insurance Association of America. Health Insurers' Anti-Fraud Programs: Research Findings 1999. Washington, DC: Health Insurance Association of America, 1999.

Illinois Department of Public Aid. Payment Accuracy Review of the Illinois Medical Assistance Program: A Blueprint for Continued Improvement. August 1998. Illinois Department of Public Aid, Office of the Inspector General. Fraud Prevention Investigations: FY 00—Cost Benefit Analysis. November 2000.

2002 Annual Report. December 2002. Kansas Medical Policy Department. Payment Accuracy Review of the Kansas Medical Assistance Program: Final Report. www.srskansas.org/payment_ accuracy_ review.htm. Accessed February 12, 2002.

National Association of Medicaid Fraud Control Units. Model Criminal Enforcement Statutes for Managed Care. Washington, DC: National Association of Medicaid Fraud Control Units, October 1996.

Model Managed Care Civil Statutes. Washington, DC: National Association of Medicaid Fraud Control Units, March 2000.

Medicaid Fraud and Abuse Technical Advisory Group. White Paper: Payment Accuracy Measurement. August 2002.

Meyer, Jack A. Fighting Medicare Fraud: More Bang for the Federal Buck. Washington, DC: Taxpayers Against Fraud Education Fund, June 2003.

Meyer, Jack A., and Stephanie E. Anthony. Reducing Health Care Fraud: An Assessment of the Impact of the False Claims Act. Washington, DC: Taxpayers Against Fraud, September 2001.

North Carolina Department of Health and Human Services. Adult Medicaid: Calculation of Overpayments and Hidden Assets (paper presented at the 1997 annual training conference of the United Council on Welfare Fraud). Raleigh, NC: September 1997.

Office of the Inspector General, U.S. Department of Health and Human Services. Annual Report: State Medicaid Fraud Control Units—Fiscal Years 1997, 1998, and 1999. Washington, DC: June 2000.

Audit of Medicaid Costs Claimed For Personal Care Services by the Minnesota Department of Human Services: October 1, 1998 Through September 30, 1999. Chicago, IL: April 2002.

Medicaid: Claims Processing Safeguards. Chicago, IL: July 2000.

Medicaid Managed Care Fraud and Abuse. Kansas City, MO: June 1999.

Medicaid: Proactive Safeguards. Chicago, IL: July 2000. Medicaid: Post Payment Safeguards. Chicago, IL: July 2000. Surveillance and Utilization Review Subsystems' Case Referrals to Medicaid Fraud Control Units. Washington, DC: November 1996.

Schneider, Andy. Reducing Medicaid Fraud: The Potential for the False Claims Act. Washington, DC: Taxpayers Against Fraud Education Fund, June 2003.

Sparrow, Malcolm K. Controlling Fraud and Abuse in Medicaid: Innovations and Obstacles—A Report from the "Executive Seminars on Fraud and Abuse in Medicaid" Sponsored by HCFA. September 24, 1999.

Fraud and Abuse Detection and Control in the Florida Medicaid Program: A Strategic Review of AHCA's Program Integrity Operations. Florida Agency for Health Care Administration, September 2001.

License to Steal: How Fraud Bleeds America's Health Care System (Updated Edition). Boulder, CO: Westview Press, 2000.

Texas Office of the Comptroller General. Health Care Claims Study. January 2001.

U.S. House Committee on the Budget, Task Force on Health. Blowing Smoke on the Invisible Man: Measuring Fraud, Payment Errors in Medicare and Medicaid. Washington, DC: U.S. Government Printing Office, 2000.

U.S. House Subcommittee on Oversight and Investigations of the Committee on Commerce. Medicaid Provider Enrollment: Assessing State Efforts to Prevent Fraud. Washington, DC: U.S. Government Printing Office, 2000.

Medicaid Fraud and Abuse: Assessing State and Federal Responses. Washington, DC: U.S. Government Printing Office, 1999.

U.S. General Accounting Office. Financial Management: Increased Attention Needed to Prevent Billions in Improper Payments. Washington, DC: 1999.

Health Care Fraud: Schemes Committed by Career Criminals and Organized Criminal Groups and Impact on Consumers and Legitimate Health Care Providers. Washington, DC: October 1999.

Health Care Fraud: Schemes to Defraud Medicare, Medicaid, and Private Health Care Insurers. Washington, DC: July 2000.

Internal Revenue Service: Efforts to Identify and Combat Abuse Tax Schemes Have Increased, but Challenges Remain. Washington, DC: May 2002.

Medicaid: Federal and State Leadership Needed to Control Fraud and Abuse. Washington, DC: November 1999.

Medicaid Managed Care: Four States' Experiences With Mental Health Carveout Programs. Washington, DC: September 1999.

Medicaid: State Efforts to Control Improper Payments Vary. Washington, DC: June 2001.

Medicare: Program Safeguard Activities Expanded, but Results Difficult to Measure. Washington, DC: August 1999.

Strategies to Manage Improper Payments: Learning from Public and Private Sector Organizations. Washington, DC: October 2001.

Tax Administration: Impact of Compliance and Collection Program Declines on Taxpayers. Washington, DC: May 2002.

Tax Administration: IRS Should Continue to Expand Reporting on Its Enforcement Efforts. Washington, DC: January 2003.

Tax Administration: New Compliance Research Effort is on Track, but Important Work Remains. Washington, DC: June 2002.

U.S. Department of Health and Human Services and U.S. Department of Justice. Synopsis of Proceedings: Combating Health Care Fraud and Abuse: Technologies and Approaches for the 21 st Century. Washington, DC: 2000.

U.S. Office of Management and Budget. OMB Circular A-133: Compliance Supplement, March 2003. www.whitehouse.gov/omb/circular/a133_compliance/03/93toc.html. Accessed May 30, 2003.

August 6, 2003 James Nobles Office of the Legislative Auditor Program Evaluation Division Centennial Building, Suite 140 658 Cedar Street St. Paul, MN 55155

Dear Mr. Nobles: Thank you for the opportunity to review and comment upon your draft report on Controlling Improper Payments in the Medical Assistance Program. Please extend our thanks to the review team for its professional and thorough review. I am pleased with the breadth of your review. It recognizes the complexity of this subject. Your review of our integrity components, found in all four administrations within nine divisions of the Department of Human Services, comports with our view that it is essential to build integrity throughout our health care purchasing system. Integrity must be a priority from recipient eligibility, to provider enrollment, to claims processing and editing, and culminating with post-payment review and the imposition of appropriate legal remedies.

As your report states, our approach to payment integrity meets all federal requirements and is reasonable. I am proud of the efforts of department staff in tackling fraud and abuse within the Medical Assistance program; reducing improper payments continues to be a DHS priority. The report identifies areas of our integrity program that need improvement and we fully intend to address them. I will evaluate each of your recommendations and determine those that can be implemented promptly. Some of your recommendations can be addressed only with additional monetary and staff resources. In this time of reduced resources, we will need to determine which recommendations are most effective and efficient in accomplishing the goal of controlling improper payments.

Again, thank you for the opportunity to comment on the draft report. I look forward to receiving the final report. Yours sincerely, /s/ Wes Kooistra for Kevin Goodno Commissioner

Recent Program Evaluations

Residential Facilities for Juvenile Offenders, February 1995 95-01
Health Care Administrative Costs, February 1995 95-02
Guardians Ad Litem, February 1995 95-03 Early Retirement Incentives, March 1995 95-04
State Employee Training: A Best Practices Review, April 1995 95-05
Snow and Ice Control: A Best Practices Review, May 1995 95-06
Pollution Control Agency's Use of Administrative Penalty Orders, Update July 1995 95-07
Development and Use of the 1994 Agency Performance Reports, July 1995 PR95-22
State Agency Use of Customer Satisfaction Surveys, October 1995 PR95-23
Funding for Probation Services, January 1996 96-01 Department of Human Rights, January 1996 96-02
Trends in State and Local Government Spending, February 1996 96-03
State Grant and Loan Programs for Businesses February 1996 96-04
Post-Secondary Enrollment Options Program, March 1996 96-05
Tax Increment Financing, March 1996 96-06 Property Assessments: Structure and Appeals,
A Best Practices Review, May 1996 96-07 Recidivism of Adult Felons, January 1997 97-01
Nursing Home Rates in the Upper Midwest, January 1997 97-02
Special Education, January 1997 97-03 Ethanol Programs, February 1997 97-04
Statewide Systems Project, February 1997 97-05 Highway Spending, March 1997 97-06
Non-Felony Prosecution, A Best Practices Review, April 1997 97-07
Social Service Mandates Reform, July 1997 97-08 Child Protective Services, January 1998 98-01
Remedial Education, January 1998 98-02 Transit Services, February 1998 98-03
State Building Maintenance, February 1998 98-04 School Trust Land, March 1998 98-05
9-1-1 Dispatching: A Best Practices Review, March 1998 98-06
Minnesota State High School League, June 1998 98-07
State Building Code, January 1999 99-01 Juvenile Out-of-Home Placement, January 1999 99-02
Metropolitan Mosquito Control District, January 1999 99-03
Animal Feedlot Regulation, January 1999 99-04 Occupational Regulation, February 1999 99-05
Directory of Regulated Occupations in Minnesota, February 1999 99-05b
Counties' Use of Administrative Penalties for Violations of Solid and Hazardous
Waste Ordinances, February 1999 99-06 Fire Services: A Best Practices
Review, April 1999 99-07 State Mandates on Local Governments,
January 2000 00-01 State Park Management, January 2000 00-02
Welfare Reform, January 2000 00-03 School District Finances, February 2000 00-04
State Employee Compensation, February 2000 00-05 Preventive Maintenance for Local Government
Buildings: A Best Practices Review, April 2000 00-06
The MnSCU Merger, August 2000 00-07 Early Childhood Education Programs,
January 2001 01-01 District Courts, January 2001 01-02
Affordable Housing, January 2001 01-03 Insurance for Behavioral Health Care,
February 2001 01-04 Chronic Offenders, February 2001 01-05
State Archaeologist, April 2001 01-06 Recycling and Waste Reduction, January 2002 02-01
Minnesota Pollution Control Agency Funding, January 2002 02-02
Water Quality: Permitting and Compliance Monitoring, January 2002 02-03
Financing Unemployment Insurance, January 2002 02-04
Economic Status of Welfare Recipients, January 2002 02-05
State Employee Health Insurance, February 2002 02-06 Teacher Recruitment and Retention: Summary
of Major Studies, March 2002 02-07 Local E-Government: A Best Practices Review,
April 2002 02-08 Managing Local Government Computer Systems:
A Best Practices Review, April 2002 02-09 State-Funded Trails for Motorized Recreation,
January 2003 03-01 Professional/Technical Contracting,
January 2003 03-02 MinnesotaCare, January 2003 03-03
Metropolitan Airports Commission, January 2003 03-04 Preserving Housing: A Best Practices Review,
April 2003 03-05 Charter School Financial Accountability,
June 2003 03-06 Controlling Improper Payments in the Medical
Assistance Program, August 2003 03-07 Higher Education Tuition Reciprocity,
September 2003 03-08

Evaluation reports can be obtained free of charge from the Legislative Auditor's Office, Program Evaluation Division, Room 140, 658 Cedar Street, Saint Paul, Minnesota 55155, 651/296-4708. Full text versions of recent reports are also available at the OLA web site: http://www.auditor.leg.state.mn.us