AGs request Medicaid policy change to fight in-home elderly abuse, neglect

The Centers for Disease Control and Prevention’s (CDC) estimate that one in 10 people aged 65 and over who live at home will become the victim of abuse has drawn the attention of the National Association of Attorneys General (NAAG). Millions of people in this age group are enrolled in Medicaid and the NAAG believes that a change in policy allowing federal funds to investigate more abuse and neglect cases—even those that occur in the home—will help.

Medicaid Fraud Control Units (MFCUs) are charged with investigating and prosecuting state Medicaid provider fraud as well as resident abuse and neglect complaints at Medicaid-funded health care facilities, and can choose to look into complaints at board and care facilities. The MFCUs usually operate within the state attorney general’s office. Because there are strict limitation on the use of MFCU funds to investigate fraud and abuse, the NAAG is now asking Secretary of HHS, Tom Price, to replace or eliminate the “outdated” policies. Instead NAAG provided two recommendations to the Secretary: (1) allow MFCU funds to investigate and prosecute abuse and neglect of Medicaid beneficiaries in non-institutionalized settings; or (2) allow use of MFCU funds to freely screen or review any and all complaints or reports of whatever type, in whatever setting.

The May 10, 1017, letter to Price was signed by attorneys general of 37 states and the District of Columbia. Montana Attorney General Tim Fox noted “abuse and neglect in the home takes many forms, including physical abuse, sexual abuse, and drug diversion. Abuse and neglect is perpetrated by family, friends, and caregivers alike. The requested change in policy would allow our MFCU to investigate reports…regardless of where they reside, whether it’s a home or in a healthcare facility.” David Y. Chin, Attorney General of Hawaii, cited “[the Hawaii MFCU] receives thousands of complaints relating to fraud and abuse and neglect every year…We hope that the federal government will hear our concerns and support our efforts to protect Hawaii’s most vulnerable residents.”

HELP committee advances public health bills

Among a series of bills voted on by the Senate Health, Education, Labor and Pensions (HELP) committee on April 26, 2017 were bills focused on access to medications in emergency situations (Protecting Patient Access to Emergency Medications Act of 2017 (S. 916)) and hearing loss screening for children (Early Hearing Detection and Intervention Act (S. 652)). Also sent to the Senate floor were two other public health bills which would create a national commission on clinical care (S. 920) and better prepare the public health community for Zika and other mosquito-borne diseases (S. 849).

S. 916

The Protecting Patient Access to Emergency Medications Act seeks to amend the Controlled Substances Act to make it easier for first responders and those providing emergency medical services to have access to “time-sensitive and life-saving treatments.” The bill is sponsored by Sen. Bill Cassidy (R-La) and co-sponsored by Sens. Michael F. Bennet (D-Colo), Roy Blunt (R-Mo), and Al Franken (D-Minn).

S. 652

The Early Hearing Detection and Intervention Act is sponsored by Sen. Rob Portman (R-Ohio) and co-sponsored by Sens. Tim Kaine (D-Va), Sheldon Whitehouse (D-RI), John Cornyn (R-Texas, Sherrod Brown (D-Ohio), and Richard Blumenthal (D-Conn). The bill aims to improve state-based efforts to screen newborns, infants, and young children with hearing loss screening and link them to follow-up care if needed by amending sec. 399M of the Public Health Service Act. The Health Resources and Services Administration (HRSA), the Centers for Disease Control and Preventions, and the National Institutes of Health would need to coordinate and collaborate these efforts with those administering such programs as the Medicaid Early and Periodic Screening, Diagnosis and Treatment (EPSDT) program, for example.

OIG reviews MassHealth and its Medicaid data and information system safeguards

MassHealth failed to adequately safeguard data and information systems through its Medicaid Management Information System (MMIS) according to an audit by the HHS’ Office of Inspector General (OIG) undertaken to determine whether Massachusetts safeguarded MMIS data as required under federal requirements.

What is MMIS?

The MMIS is “an integrated group of procedures and computer processing operations (subsystems) developed at the general design level to meet principal objectives” which are: Title XIX program control and administrative costs; service to recipients, providers and inquiries; operations of claims control and computer capabilities; and management reporting for planning and control. States receive 90 percent federal financial participation (FFP) for design, development, or installation of MMIS and 75 percent FFP for operation of state mechanized claims processing and information retrieval systems.

MassHealth MMIS

The Massachusetts Executive Office of Health and Human Services is responsible for administering the state Medicaid program, commonly known as MassHealth, and information technology architecture, maintenance, and support is provided by the Massachusetts Office of Information Technology. Application support is provided through a contract with Hewlett-Packard.

The audit

Audits of information security controls are performed routinely on states’ computer systems used to administer HHS-funded programs and states are required to implement computer system security requirements and review them biennially. The OIG’s audit of MassHealth’s MMIS included MassHealth’s websites, databases, and other supporting information systems. The review was limited to security control areas and controls in place at the time of the visit. Specifically, the OIG looked at MassHealth’s implementation of federal requirements and National Institute of Standards and Technology guidelines regarding: system security plan, risk assessment, data encryption, web applications, vulnerability management, and database applications. Preliminary findings were communicated directly to MassHealth prior to the report’s issuance.

OIG’s findings

The OIG found MassHealth did not safeguard MMIS data and supporting systems as required by federal requirements. Vulnerabilities were discovered related to security management, configuration management, system software controls, and website and database vulnerability scans. Should exploitation of the vulnerabilities have occurred (and there was no evidence that it had), sensitive information could have been accessed and disclosed and operations of MassHealth could have been disrupted. Sufficient controls must be implemented over MassHealth Medicaid data and information systems.

Specific vulnerabilities uncovered were not detailed in the report because of the sensitive nature of the information. However, specific details were provided to MassHealth so it may address the issues. In response to the report, MassHealth described corrective actions it had taken or planned to take in response to the vulnerabilities.

Home health owner/operator pleads guilty to Texas-sized Medicaid fraud

Billed as the largest provider attendant services (PAS) fraud in Texas history, the owner/operator of five Houston-area home health agencies pleaded guilty in a $17 million fraud conspiracy case, the last conspirator in the scheme to plead guilty. The owner/operator pleaded guilty to two counts of conspiring to defraud Medicare and the Texas Medicaid-funded home and community-based service and primary home care programs and one count of conspiring to launder money. His sentencing is scheduled for June 22, 2017.

The owner/operator, whose co-conspirators included his daughter and other family members, admitted to the following:

1. obtaining patients for the home health agencies by paying illegal kickbacks to patient recruiters and office employees;
2. paying cash, checks, Western Union, and Moneygram funds to Medicare and Medicaid patients for receiving services from the home health agencies in exchange for using their Medicare and Medicaid numbers to bill for home health and PAS services;
3. paying patients for recruiting other Medicaid and Medicaid patients to the home health agencies;
4. paying physicians illegal kickbacks for referring and certifying Medicare and Medicaid patients for home health and PAS services; and
5. using fraudulently-obtained money from Medicare and Medicaid to pay the illegal kickbacks to promote the conspiracies and to ensure that they would continue.

Over $17 million in fraudulent claims were submitted to Medicare and Medicaid and the conspirators received approximately $16 million in payments from the programs.