The Case for Program Integrity in Medicaid Managed Care

Part Two: Understanding the Link Between Program Integrity and Managed Care Contracts — and Why It Matters to States

In our first installment, Part One – The Case For Program Integrity in Medicaid Managed Care: The Current Landscape and Industry Issues, we looked at current managed care and program integrity (PI) headline topics that are both concerning and prevalent in the government health and human-services industry. Fraud, waste, and abuse (FWA) are eroding public trust, wasting taxpayer money, compromising outcomes for Medicaid beneficiaries – among the nation’s most fragile populations – and creating improper stewardship of the public good that agencies are entrusted to safeguard. In this post, we look at one of the cornerstones of addressing FWA within managed care organizations (MCOs) – MCO contracts, their language, and subsequent proper PI enforcement.

“If it isn’t in the contract, it isn’t required.” Simple statement, but for those responsible for oversight of a managed care program, there are multiple levels of contracts, each with its own language, that may be determining what is (or is not) a requirement of each contract.

There may be a tendency to focus only on the chain of contracts between a health and/or human-services provider delivering services to a Medicare/Medicaid member enrolled in a managed care organization (MCO) plan and the plan itself. However, in the care delivery system that leverages managed care, there can be a chain of contracts between:

The state and the MCO plan.
The Centers for Medicare & Medicaid Services (CMS) and the MCO plan.
The MCO plan and its delegated vendor.
The delegated vendor and provider organization (the hospital, the group of providers, etc.).
The provider organization and an individual provider delivering services.

So, when CMS or a Medicaid agency changes a contract requirement, how do those charged with providing oversight ensure that MCOs address those provisions and that they flow down accurately, while also ensuring those responsible for contract compliance truly are?

As this scenario shows, there are many variations to consider … and significant implications at stake. At each level, ambiguous or missing contract requirements have real and sometimes potentially disastrous consequences. Billions of taxpayer dollars are misappropriated – and more importantly, millions of members may not receive the care they need.

Amid these layers of complexity, how is PI integrated into these scenarios at every level, and what does it look like to make sure MCOs are doing their due diligence? Are MCOs performing adequate PI over their provider community? Are MCOs providing adequate oversight of their delegates such as the pharmacy benefit manager (PBM)? For example, does a PBM have adequate incentives to perform PI over pharmacies it may own? It is becoming clear that compliance risk is driven by contract review, an important consideration that is sometimes overlooked.

For those responsible for managed care PI oversight, there are multiple contract levels that may be determining requirements in ways that are vague or lack enforceable benchmarks. Imposing PI performance can be difficult or impossible without strong, clear contractual language. Missing or ambiguous contract language ultimately results in unnecessary costs through improper payments from FWA of taxpayer-funded programs. Improving contract language is an essential first step for ensuring quality care for fragile individuals, proper stewardship of taxpayer dollars, and clear and actionable PI for ongoing compliance.

In this post, we will discuss a variety of contractual challenges faced by individuals responsible for managed care oversight, the implications of inadequate contractual requirements, and how we help ensure that contractual changes are effectively implemented to fully capture requirements and drive compliance.

When Contracts Lack Clarity: Compliance and Integrity Suffer

Oftentimes, obligations one might assume to be contractually required are not treated as such by the MCO plans and their network providers, resulting in perceived non-compliance. This raises critical questions: How do we ensure compliance and enforcement of programmatic stewardship and expectations? Is contract management the missing link?

The Myers and Stauffer Benefit/PI (BPI) team has seen a range of examples of how MCO contract issues, such as unclear language, lack of consistency, absence of flow-down to the provider level, and more, all adversely affecting PI and program compliance. How is it possible to ensure proper oversight without explicit language that clearly defines expectations and delineates responsibilities at every level? Indeed, we have observed instances of a contract that explicitly says to follow state and federal regulations, but neglects to provide details about those regulations, making requirements vague and enforcement difficult or perhaps impossible.

Federal and state governments are discovering that MCOs might not be spending the resources necessary to analyze their claims data and investigate aberrant providers for potential FWA. While MCO contract requirements for these efforts exist, we can begin to ease the risk of improper costs to the Medicare and Medicaid programs by further developing and clarifying MCO PI contract language with clear and measurable standards that create accountability.

For example, some contracts specify that an MCO must operate a special investigations unit (SIU) but fail to define terms of their performance. If the contract does not provide specific required SIU elements, how will MCOs know the minimum level of effort required by the SIU, and how will state PI oversight know when to apply penalties for missing metrics? It is important to clarify standards, because lack of clear responsibilities can mean higher rates of improper payments or failure to identify quality-of-care issues.

Unclear contract language can generate numerous conflicting ways to interpret standards that aren’t clearly defined, not only leading to improper payments but also improper denials for necessary services. In another HHS-OIG report, High Rates of Prior Authorization Denials by Some Plans and Limited State Oversight Raise Concerns About Access to Care in Medicaid Managed Care, the OIG sampled seven MCO parent companies representing more than 100 MCOs across 37 states, having total enrollment of nearly 30 million people. The OIG found that one in every eight pre-authorization requests (for treatments such as cancer, cardiac issues, or therapies for elderly or disabled individuals) were denied. Furthermore, among the 115 MCOs in the study, 12 had rates of denials for pre-authorization that were as high as 25 percent – twice the overall rate. The OIG stated:

“Despite the high number of denials, most State Medicaid agencies reported that they did not routinely review the appropriateness of a sample of MCO denials of prior authorization requests, and many did not collect and monitor data on these decisions. The absence of robust mechanisms for oversight of MCO decisions on prior authorization requests presents a limitation that can allow inappropriate denials to go undetected in Medicaid managed care.”

These issues lead to concern that some members may not receive proper benefits or care for medically necessary services that are intended to be covered. Indeed, ample oversight of contract compliance and performance metrics for MCOs has become essential to make certain that care is being provided as paid for.

Non-Compliance Fuels Funding Gaps and Fewer Resources for the Neediest

As the federal reports and our own experience clearly show, vague contract language and potentially substandard program integrity efforts by MCOs can have far-reaching consequences at every level. A contract that is vague, fails to define terms, or clarify standards becomes an ineffective document that obstructs care, compliance, and PI…at every level.

Broadly speaking, this translates into failing to meet standards, which punches a hole in the states’ budgets, because at the federal level, agencies think states are not achieving contract compliance, which means non-compliance by default and therefore non-reimbursement.

PI cannot enforce unclear requirements and thus cannot intervene or remedy the situation to ensure ongoing care for people who depend on public-health and human-services programs. Ultimately, all these things represent improper stewardship of taxpayer dollars intended to help fragile populations across the country who then don’t get the care they need and deserve.

It is also important to note the critical effect of non-compliance on the medical loss ratio (MLR), how the MLR can in turn be affected by waste, and how that waste ultimately impacts capitation and rate setting, which holds consequences for state budgets…all critical considerations.

Identifying, reporting, and recovering FWA dollars by MCO PI activities could negatively impact the MCO by potentially reducing allowable expenditures, therefore risking meeting MLR thresholds and lowering future calculated capitation rates.

Sidebar: A Case Study: When MCOs DO NOT Conduct PI According to the Contract

A recent Texas Office of Inspector General (OIG) audit found that one MCO and their SIU did not properly perform PI and FWA-prevention activities as required by contractual agreements. The OIG headline finding reported it this way:

“The Wellpoint Texas (Wellpoint) Special Investigative Unit (SIU) did not consistently comply with certain state and contractual requirements related to (a) preventing, detecting, and investigating fraud, waste, and abuse and (b) reporting reliable information on SIU activities, results, and recoveries to the Texas Health and Human Services (HHS) Office of Inspector General (OIG).

While Wellpoint did commit 10 full-time staff and one full-time manager to its SIU for Texas Medicaid and had processes in place to complete fraud, waste, and abuse investigations, these resources and processes were not effective and resulted in reported recoveries of $426,467. Wellpoint paid medical claims of $12.8 billion for the audit period.”

The OIG noted that Medicaid and Children’s Health Insurance Programs (CHIP) cost taxpayers roughly $34 billion each year, and that estimates of fraud range from three to 10 percent of all health care spending. Texas MCOs reported recoveries of seven million in 2022 and four million in 2023. For those same years, the Texas Health and Human Services Commission paid Wellpoint nearly $15 billion in capitation payments to provide Medicaid/CHIP programs and services to an average of 1,029,971 Texas members per month.

The findings state that although Wellpoint did proactively perform data analytics to detect FWA, it did NOT, among other things, complete its investigations, properly maintain documentation, or meet specified deadlines. The SIU also did not properly document and report its FWA investigations. In effect, the MCO provided incomplete reporting to the OIG, which showed 413 investigations in 2022 with overpayments for those same years totaling $12 million, while the SIU showed a total of 418 investigations and identified overpayments of $17 million, suggesting that Wellpoint did not disclose to the State all of the money they recovered.

Clearly, the MCOs and their SIUs must better meet contractual obligations, demonstrate better stewardship of their investigations, and correctly document and report findings and overpayments. The Texas OIG provided specific mandates for doing these things, including improving processes and controls, performing all data analytics, providing proper reporting, and even fully training personnel.

Those charged with PI oversight of MCOs are an integral part of such efforts to improve programs and the intended outcomes – improved outcomes for the nation’s most needy people.

In our next installment, we look at capitation and rate setting and how PI figures into that equation within the realm of MCO oversight. We will discuss the intersection of BPI, MC contract issues, FWA, and the attendant challenges in capitation rate setting and in recovering overpayments.

How Myers and Stauffer Can Help

Full Suite of BPI Services

Myers and Stauffer brings extensive experience in a full complement of BPI services to help CMS, the Department of Justice, state Medicaid agencies, and state Medicaid fraud control units. Our program integrity services include contract consulting, audit/reviews of MCO reporting of PI performance (their analytics, investigations, and recoveries), and PI contract compliance. We also work on investigative support/expert witness testimony and program integrity consulting.

We help our clients achieve resource maximization, improved outcomes, and overall program effectiveness. And we have significant insight into each individual state’s MCO program, and no conflicting relationships or engagements with MCOs, which means we are well positioned to help anywhere we are needed across the nation.

Moreover, Myers and Stauffer’s teams integrate across the firm, providing significant benefits to our clients. Our structure of subject matter expertise-based teams under a common banner, each having a distinctive identity and a specific fluency across the full spectrum of compliance topics and government agency programs, gives us an edge.

This depth and breadth of knowledge and experience affords us the opportunity to provide our clients the best possible combination of talent, proximity, experience, and resources for any project. In practice, this means our team of experts collaborates to deliver superior results for clients seeking assistance with managed care contract and compliance issues.

Why Myers and Stauffer

Purpose driven. Exclusive focus. Government programs.

Established in 1977, Myers and Stauffer is a nationally based consulting and certified public accounting firm. For nearly 50 years, we have worked exclusively with local, state, and federal government health and human-services agencies to help them accomplish their most critical goals for the nation’s most fragile people. We are here to answer any questions and help with any health and human services needs your agency may be encountering.