Audit Release: Oregon Health Authority Should Improve Efforts to Detect and Prevent Improper Medicaid Payments

Report Highlights


Our audit found that Oregon Health Authority (OHA) recovery efforts are appropriate and reasonable, but the agency should strengthen efforts to detect and prevent improper payments in Oregon’s $9.3 billion per year Medicaid program. Prevention of improper payments is more cost-effective than attempting to recover improper payments. We also found that delays in processing eligibility for thousands of Oregon’s Medicaid recipients resulted in millions of dollars of avoidable Medicaid expenditures, a critical issue the agency failed to disclose until raised in a May 2017 Auditor Alert. Furthermore, OHA did not timely disclose relevant information, which impeded our audit work. OHA’s new management has been more proactive and transparent in addressing these issues.

Background

An improper payment is defined by the federal government as “any payment that should not have been made or was made in an incorrect amount (including overpayments and underpayments) under statutory, contractual, administrative, or other legally applicable requirements or where documentation is missing or not available.”

Purpose of Audit

The primary purpose of the audit was to determine if the Oregon Health Authority could improve processes to prevent, detect, and recover improper Medicaid payments. The secondary purpose was to follow-up on OHA’s progress to resolve issues we raised in our May 2017 Auditor Alert.

Key Findings

Within the context that Medicaid is a very complex and challenging program to administer, we found:

  1. OHA has gaps in procedures for preventing certain improper payments. Insufficient management of the agency’s processes for identifying and resolving payment and eligibility issues, prioritization of staffing resources, and efforts to address technology issues put taxpayer dollars at risk.
  2. OHA lacks well-defined, consistent, and agency-wide processes to detect certain improper payments, especially related to coordinated care. We identified approximately 31,300 questionable payments based on our review of 15 months of data. OHA needs to continue researching these claims to determine how many were improper; OHA reported that only a small percentage were improper based on preliminary research of 2,700 claims.
  3. OHA recovery efforts appear appropriate and reasonable, but may be underutilized due to OHA’s limited procedures for detecting improper payments.
  4. OHA reported completing the action plan to determine eligibility for the remaining backlog of 115,200 Medicaid recipients. Approximately 47,600 (41%) were deemed ineligible as a result, although this figure may decrease slightly through the end of November. Failure to address this issue in a timely fashion resulted in approximately $88 million in avoidable expenditures.

Recommendations

Drawing from national leading practices, our report includes eight recommendations to OHA focused on strengthening efforts to detect and prevent improper payments. Oregon Health Authority agrees with our recommendations. The agency’s response can be found at the end of the report.

Read full report here

 

Featured New Audit Release Performance Audit

DHS – Aging and People with Disabilities: Consumer-Employed Provider Program Needs Immediate Action to Ensure In-Home Care Consumers Receive Required Care and Services

Report Highlights


The Secretary of State’s Audits Division found that the Aging and People with Disabilities (APD) program should take immediate action to address gaps in program design and oversight in order to improve the safety and well-being of participants in the Consumer-Employed Provider (CEP) program.

Read full report here.

Background

Oregon is a leader in providing in-home long- term care options for older adults and people with disabilities. The most used in-home care program is the Consumer-Employed Provider program, which positions consumers as employers of their homecare worker.

Purpose

The purpose of this audit was to assess the policies and processes used by APD to ensure the needs of consumers in the CEP program are met.

Key Findings

The effectiveness of the Consumer-Employed Provider program is dependent on the consumer, the case manager, and the homecare worker. If each is capable, competent, and supported in their role, the current model can be successful. Our audit found:

1. Some consumers are not receiving the support necessary to ensure required employer duties are being performed, which adds to case managers’ and homecare workers’ responsibilities.
2. Case managers are not consistently contacting consumers, or monitoring services consumers receive due to excessive workloads.
3. Agency requirements do not ensure that homecare workers are prepared to provide the care and assistance consumers need.
4. Due to current data collection and utilization practices, it is difficult for APD to determine if consumers are safe and receiving the care and services they need.
5. Current deficiencies in the program may put consumers’ health and well-being at risk and keep the program from operating as intended.

To reach our findings, we conducted interviews and case file reviews, collected and analyzed CEP consumer data, and researched federal and state standards.

Recommendations

The report includes recommendations to improve Consumer-Employed Provider program implementation and support. Recommendations include consistently following existing monitoring policies, addressing case managers’ excessive workload and responsibilities, and providing more support to consumers and homecare workers.
The Department generally agreed with our findings and recommendations. Its response can be found at the end of the report.

Featured New Audit Release Performance Audit

Audit Release: Department of Administrative Services Should Enhance Succession Planning to Address Workforce Risks and Challenges

Report Highlights


The Secretary of State’s Audits Division found that the Department of Administrative Services (DAS) should play a stronger leadership role in addressing key workforce risks and challenges within the state executive branch, through enhanced workforce succession planning.

Read full report here

Background

This audit reviewed succession planning within the Oregon executive branch. Succession planning is an ongoing management process used to ensure workforce continuity and effectiveness, particularly in key leadership and technical functions.

Purpose

The purpose of the audit was to determine if and how the State of Oregon could better plan for future key workforce needs, including preparing state employees to fill key roles.

Key Findings

Within the context that effective succession planning is difficult, complex and is frequently not a priority within the public sector, we found:

  1. DAS has not developed or implemented a state-level succession planning framework, despite recognizing the importance of succession planning.
  2. The lack of a succession planning framework increases workforce risks, such as not developing or retaining knowledgeable and skilled employees to perform critical functions.
  3. These risks are exacerbated by demographic and economic trends, including increasing retirement rates, and a lack of formal succession planning processes within state agencies.
  4. State agencies also report challenges, including inaccessible workforce information, that may hinder strategic human capital management practices and should be addressed at a state level.

To reach our findings we conducted interviews, reviewed documents and reported practices, researched leading practices and analyzed workforce data.

Recommendations

Drawing from national leading practices and benchmarking with other states, the report includes eight recommendations to the Department of Administrative Services focused on implementing a succession planning framework in the Oregon executive branch. Recommendations include providing guidance to agencies, monitoring workforce risks, and working with agencies to identify and address barriers at a state level.

Featured New Audit Release Performance Audit

Audit Release- ODOT: The Oregon Fuels Tax System Accurately Assesses and Collects Fuels Taxes for Oregon and Local Jurisdictions

Report Highlights


The Secretary of State’s Audits Division found that the Oregon Fuels Tax System (OFTS) accurately assesses and collects fuels taxes for Oregon and local jurisdictions, collecting over $564 million in 2016. However, processes for issuing fuels tax refunds and system design flaws result in minor overpayments and reporting inaccuracies. Additionally, ODOT should enhance processes for testing system backup files, granting and monitoring user access, setting user password parameters, implementing safeguards over personally identifiable information, and identifying security weaknesses.

Read full report here.

Background

In 2013, ODOT contracted with Avalara to implement a new fuels tax system for $2.8 million, replacing an outdated paper based system previously used to handle Oregon Fuels Tax returns.

Purpose

The purpose of our audit was to review and evaluate the effectiveness of key general and application controls that protect and ensure the integrity of the Oregon Fuels Tax System and its data.

Key Findings

1. OFTS accurately calculates, assesses, and collects fuels tax for the state of Oregon and local jurisdictions, but manual processes governing refund payments should be improved to ensure accurate refund payments.
2. Application design flaws result in a small number of refund overpayments and minor reporting inaccuracies.
3. Changes to OFTS computer code are appropriately managed to reasonably ensure that the system and its data will not be compromised as the result of a code change.
4. System back-up processes have never been tested to ensure system data can be restored in the event of a disruption.
5. Security weaknesses exist in processes for granting and reviewing system access, monitoring activities of internal and third-party users with significant system access, and identifying and remediating system security vulnerabilities. In addition, password parameters should be more robust, and safeguards protecting some Personally Identifiable Information (PII) need improving.

Recommendations

The report includes nine recommendations to the Oregon Department of Transportation focused on addressing weaknesses in the refund review processes, fixing system design flaws, testing backups, and correcting security weaknesses.

Featured IT Audit New Audit Release

State of Oregon Financial Condition Report: Fiscal Year 2016

The Oregon Secretary of State Audits Division releases an annual financial condition report for the previous fiscal year, which covers revenues and expenditures and reports on the State’s overall fiscal health. Enjoy our summary below, or read the full report here.

Featured Financial Audit New Audit Release

Audit Release: Automated Medicaid eligibility is processed appropriately at OHA, yet manual input accuracy and eligibility override monitoring need improvement

AUDIT PURPOSE

In Oregon, over one million individuals have Medicaid coverage. Medicaid expenditures totaled $9.3 billion in fiscal year 2016, including $1.2 billion in state general funds. We conducted this audit to determine if two critical automated computer programs managed by the Oregon Health Authority accurately verify Medicaid client eligibility and accurately issue payments to healthcare providers. If these programs do not function properly, clients may inappropriately receive, or be denied, Medicaid benefits.

FINDINGS IMPACT

Manual input errors and lack of monitoring of overrides can cause inappropriate eligibility determinations and payments to providers. If agency leadership implements more effective monitoring of caseworker eligibility overrides and improves manual input accuracy, the state will better comply with eligibility requirements and increase accuracy of payments. Inaction will allow overrides and manual input errors to continue causing inappropriate payments to providers.

Read full report here.

KEY FINDINGS

  • Two critical automated computer programs appropriately determined eligibility, enrolled Medicaid clients in coordinated care organizations, and made appropriate payments to those organizations based on eligibility information received.
  • Automated computer processes appropriately validated the Social Security number and citizenship status of applicants over 99.7% of the time in our review of over 425,000 records.
  • We reviewed 30 eligibility determinations and found seven (23%) had manual input errors. While only one error resulted in a client being determined eligible when they were not, each of the errors related to application information that could have resulted in inappropriate eligibility determinations.
  • Although their volume has significantly decreased over time, overrides of eligibility are not sufficiently monitored, meaning unauthorized overrides of Medicaid eligibility could occur.
  • Our review of 72 overridden eligibility segments showed caseworkers did not take proper action to clear 25 (35%). Overridden segments are not subject to automated processes that redetermine eligibility for certain clients.
  • Our 2011 audit recommendations to OHA and DHS concerning access to the Medicaid Management Information System have not been fully implemented, increasing security risk.

RECOMMENDATIONS SUMMARY

  • OHA should continue efforts to improve caseworker manual input accuracy through additional training, and implement a review process for input where errors negatively affect eligibility determination.
  • OHA managers should monitor eligibility overrides to prevent unauthorized validation and ensure state resources are spent appropriately.
  • OHA and DHS should fully implement our 2011 audit logical access recommendations.
Featured IT Audit New Audit Release Performance Audit