CBO projects federal subsidies for health insurance coverage

The Congressional Budget Office (CBO) and the staff of the Joint Committee on Taxation has released a report which updates the CBO’s baseline 2018 to 2028 projections of the number of noninstitutionalized people under age 65 with health insurance and the federal costs associated with subsidizing this coverage through various programs and tax provisions. It is anticipated that these projections will be as the benchmark for assessing proposed legislation’s effects on the federal subsidies (CBO Report, May 24, 2018).


The CBO report provides projections for noninstitutionalized people under the age of 65 with health insurance and the federal costs associated with each kind of subsidy. Health insurance is subsidized by the federal government through a variety of programs and tax provisions. Medicaid and the Children’s Health Insurance Program accounts for 40 percent of federal spending on subsidized health insurance. Medicare accounts for 10 percent. Additional federal spending on health insurance is for coverage obtained through the marketplaces established by the Patient Protection and Affordable Care Act (ACA) (P.L. 111-148), as well as subsidies in the form of tax benefits for work-related insurance.

Cost projections

According to the CBO report, about 244 million noninstitutionalized Americans will have health insurance in an average month in 2018, while 29 million will not. By 2028, it projects that 243 million noninstitutionalized Americans will have health insurance while 35 million will be uninsured. In 2018, net federal subsidies for insured people will cost $685 billion, according to the CBO report. By 2028, federal spending will reach $1.2 trillion.

The following represents the 2018 cost projections for federal subsidies for noninstitutionalized people under the age of 65 in the below categories:

  • Work-related coverage: $272 billion
  • Medicaid and CHIP: $296 billion
  • Nongroup coverage and the Basic Health Program: $55 billion
  • Medicare: $82 billion
  • Taxes and Penalties: $21 billion

The projected expenditures over the 2019 to 2028 period under current law:

  • Work-related coverage: $3.7 trillion
  • Medicaid and CHIP: $4 trillion
  • Nongroup coverage and the Basic Health Program: $760 billion
  • Medicare: $1 trillion
  • Taxes and Penalties: $313 billion

Comparing previous projections

A comparison of the CBO’s latest 10-year projection to its comparable 2017 projections indicates the federal government will pay less money on subsidized health insurance and the number of uninsured people will increase. In September 2017, the CBO issued a detailed report comparable to this one. A comparison indicates that the projections have shifted. The CBO lowered its 2018 to 2027 net federal subsidies for health insurance by 5 percent.

Also, the projected number of people with subsidized coverage in 2027 under the ACA is projected to fall by 3 million. The elimination of the penalty associated with the individual mandate is expected to account for roughly half of the projected reduction in work-related coverage over the next decade. It is projected that 2 million fewer people will enroll in work-related coverage in most years after 2018. The CBO has modified its 2017 projections to estimate that 5 million more people will be uninsured in 2027.

Burden on submitter of quality data to verify successful transmittal

When a provider is required to submit data to CMS by entering data into a system that verifies the data and then transmits it to CMS, it is the provider’s duty to ensure that the data is actually transmitted to CMS. The Provider Reimbursement Review Board (PRRB) held that it is not enough to simply input information into the system when there are mechanisms in place to confirm that the data was successfully transmitted to CMS (Horizon Home Care & Hospice v. National Government Services, PRRB Hearing, Dec. No. 2018-D30, Case No. 16-0143, March 29, 2018).


A hospice provider submitted admission and discharge data files to CMS via the Quality Improvement Evaluation System (QIES) as required under the Social Security Act (the Act). After submitting the information, the system provided a message indicating that the submission file was being processed for errors and a Final Validation Report would be available in the CASPER Reporting application once the data was transmitted to CMS. The hospice provider assumed that the submission was accepted and never accessed the CASPER Reporting application to obtain a copy of the Final Validation report.

The Patient Protection and Affordable Care Act (ACA) (P.L. 111-148) ties submission of certain mandatory quality data to a provider’s eligibility for the annual Medicare hospice benefit increase or market basket update. It also mandates that a hospice’s market basket update be reduced by 2 percent if it failed to report the required quality data. Per this mandate, the Medicare contractor notified the hospice provider that its Annual Payment Update was being reduced by 2 percent.

After checking the CASPER system, the hospice provider discovered that the final validation report indicated that the data contained a facility identifier error and was never transmitted to CMS. The hospice provider requested that CMS reconsider its decision. CMS upheld its payment reduction and the hospice provider appealed the reconsideration decision to the Board.

QRP rule

The hospice provider argues that the plain language of the Quality Reporting Program (QRP) Rule requires that a hospice provider submit the data to CMS but does not require that the CASPER system receive the data from QIES. The Medicare contractor argues that the rule clearly states that the quality “data must be submitted in a form and manner, and at a time, as specified by the Secretary.” The Medicare contractor further argues that it is the provider’s duty to submit the data accurately, completely and timely.

The QIES system notified the hospice provider that it should obtain a validation report from the CASPER system. The Hospice Item Set manual and submission user’s guide both warn that if fatal errors are found, the record will be rejected and a validation report should be run to ensure the data was successfully transmitted. In the 2014 Guidance Manual, CMS warns that the system will provide fatal error and/or warning messages on the Final Validation Report for submitted data that does not meet the requirements.


The PRRB held that the provider is not required to review and printout its final validation report, however it is in the provider’s best interest to run the validation reports to confirm that the data was input correctly and transmitted from QIES to CASPER. The hospice provider did not perform the recommended steps prior to the submission deadline to assure that the quality data it entered into QIES was error free and transferred to CASPER. Therefore, the hospice provider did not submit the quality data in the form and manner and at the time required by the Act.

CBO, JCT share methods for analyzing legislative proposals impacting health insurance coverage

The Congressional Budget Office (CBO) and the Joint Committee on Taxation (JCT) revealed in a recent report how they jointly analyze proposed legislation that would impact health insurance coverage for individuals younger than age 65, detailing how they develop analytic strategies, model a proposal’s effect, and finalize their analysis (CBO Report, February 2018).

Analytic strategy development

First, the CBO and JCT put together an analytic strategy. The agencies formally develop their strategy once the proposed legislation’s specifications become available, an official request for analysis has been made, and the CBO and JCT arrange the time to commence the analysis. However, the agencies also often work informally with Congressional staff during development of the proposal. The agencies begin by reviewing the policy specifications. The CBO and JCT consider how the proposed legislation would impact existing law and how the proposed legislation is different from earlier proposal drafts. The agencies work to verify that the Congressional staff’s intent is reflected in the language and then estimate the legislative effect by, namely, identifying how the proposal could affect health insurance coverage and the federal budget.

The CBO and JCT focus on the policy changes most likely to impact health insurance coverage or cost, ranging from the straight-forward to the more complex. Another key aspect the agencies consider is timing and what additional “administrative infrastructure” is necessary to bring about the changes of the proposed legislation—and how long it would take to do so. The timing element includes estimates of how other stakeholders (state governments, insurers, employers, etc.) would respond and how long it would take for them to implement the proposed changes. To help with their estimates, the agencies rely on past cases of legislative reform programs. Further, the agencies seek input from outside experts and existing evidence while maintaining the required confidentiality of a proposal.

Proposal effect modeling

Second, the CBO and JCT undertake modelling the impact of the proposed legislation. Primarily, the agencies rely on CBO’s health insurance simulation model (HISIM), Medicaid enrollment and cost models, and JCT’s individual tax model. These models use data on health insurance coverage information for everyone younger than 65, Medicaid enrollment and expenditures, and detailed tax return information. The agencies also draw estimates based on information HISIM cannot project, namely, the behavior of states, employers, and insurers. These initial projections are incorporated as inputs into HISIM (state, employer, and individual enrollee behavior) or assessed outside HISIM (insurer behavior). CBO and JCT also use HISIM to estimate stakeholder responses to new coverage options. Medicaid enrollment and cost projections use HISIM estimates in addition to a more detailed Medicaid model and other methods. JCT usually provides estimates of proposed tax liability changes using its individual tax model.


Finally, both the CBO and JCT engage in rigorous review of their respective analysis results in order to ensure objectivity and proper analysis. Specifically, they examine results of one or more years out of the 10-year projection period to ensure that the analysis is being computed as intended and compare results against previous analyses. The agencies also inspect for programming errors or unexplained results. The CBO and JCT consider changes to the results if there were different critical inputs. The agencies prepare a formal written estimate and explanation thereof and, before releasing it to Congress and the public, agency staff carefully review the report.

Kusserow on Compliance: Ongoing auditing and monitoring of high risk areas—16 tips for compliance officers

By Steve Forman, CPA

In its various guidance documents, the OIG has repeated stressed the importance of ongoing monitoring and auditing of high-risk areas, yet there remains considerable confusion regarding the differences between the two; and who has responsibility for them. The following addresses this issue and provide tips for consideration by compliance officers in meeting the challenge of this key compliance program element.

Ongoing monitoring

Ongoing monitoring is a program manager’s responsibility, not the compliance officer’s. It entails establishing and maintaining controls and metrics to determine on a continuous basis whether operations comply with established policies, procedures, regulations or laws and whether significant risks are being adequately addressed and mitigated. This includes keeping current with changes in rules, regulations, and applicable laws; developing internal controls, policies, and procedures to comply with them; training staff on these rules; and taking active steps in monitoring or verifying compliance with these new guidelines. Ongoing monitoring should be designed to test for inconsistencies, duplication, errors, policy violations, missing approvals, incomplete data, dollar or volume limit errors, or other possible breakdowns in internal controls. Monitoring techniques may include sampling protocols that permit program managers to identify and review variations from an established baseline.

Ongoing auditing

Ongoing auditing is reviewing the ongoing monitoring process. In essence, it is a spot check. The review must be independent and objective, which means that it should be done by people external to the program area being audited. The compliance office, internal or external audits, other program managers, outside consultants, or any combination thereof can be used to conduct ongoing auditing. The objective of the audit should be to verify that program managers are properly carrying out their monitoring responsibilities and to recommend where internal control mechanisms can be improved. This includes confirming that controls are in place and functioning as they were intended or identifying weaknesses in the program that need to be addressed. In any case, the compliance officer should ensure that both the monitoring and auditing is taking place and doing what it should be doing. The compliance officer should also verify that corrective actions taken as a result of audits are timely, effective, and sustainable.  This should also be an ongoing focus of any management level compliance committee or board level compliance committee.

Tips: 16 Questions for compliance officers

  1. Has a compliance audit plan been developed to verify that ongoing monitoring and auditing are addressing compliance high-risk areas?
  2. Have program managers identified and listed all compliance high-risks areas related to their operational areas? Many such risks are found in the OIG guidance, work-plans, fraud alerts, advisory opinions, audits, and enforcement priorities. In addition it is useful to monitor Medicare contractor activities (e.g. RACs, ZPICs, etc.), industry news, PERM reports, and PEPPER data, etc.
  3. Are program managers engaged in assessing high-risk areas within their operations?
  4. Are high-risk areas ranked in terms of level of risk, probability of risk exposure, and impact or damage from a risk area?
  5. Do you also consider high impact, low probability risks?
  6. Have program managers developed and implemented monitoring plans to address all identified risk areas?
  7. Are all compliance risks areas being tested and reviewed on an ongoing basis?
  8. Is there priority given to address areas of highest risk?
  9. Have program managers calculated the potential damage for a risk failure, including the potential scale of direct and indirect financial consequences (i.e., liability, penalties, etc.), as well as whether they have established the likelihood of a risk event, taking into consideration whether the area is a current enforcement priority (e.g., improper physician arrangements)?
  10. Does ongoing auditing verify monitoring by program managers is taking place to addresses adequacy of the internal controls (e.g. policies/procedures) to reduce likelihood of that an unwanted event will occur in high risk areas?
  11. Has ongoing auditing validated that ongoing monitoring is effective in achieving the desired objectives?
  12. Have corrective action plans have been instituted for all risk area deficiencies identified by ongoing monitoring or auditing?
  13. Is there a process by which corrective action measures taken are working as intended?
  14. Are results of monitoring and auditing included as regular agenda items for management and board level compliance committees?
  15. Have compliance experts been engaged to independently evaluate the effectiveness of a compliance program, inasmuch as the OIG identifies it as a program that should be part of ongoing auditing. Place special emphasis in the scope of work on reviewing whether high-risk areas are being properly addressed.
  16. Do you periodically evaluate that effectiveness of the risk assessment program?


Steve Forman, CPA is the Senior Vice President of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening. His comments in this blog reflect experience of over 35 years, having served as Director of Management Operations for the OIG, 10 years as VP for Audit and Compliance for a major health system, and as a compliance consultant for many healthcare organizations. Mr. Forman has published widely on this subject.


Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of SM.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.