The Centers for Medicare and Medicaid Services is falling short in busting potential fraud by not verifying physician addresses and making sure they are currently licensed, according to a new Government Accountability Office report.
For example, the Tuesday report claimed a mailbox within a UPS store was being used by an applicant as a practice location. CMS contractors inaccurately verified the address as authentic, under CMS's new guidance which allows contractors to use phone calls as the primary method for screening addresses, according to the GAO.
The GAO found 147 out of about 1.3 million physicians had been singled out by a state medical board for financial crimes and other types of felonies that were either not revoked from the Medicare program until months after the adverse action or never kicked out at all.
[Also: Running list of notable 2015 healthcare frauds]
In 2014, an estimated $60 billion out of $554 billion Medicare paid for healthcare and related services was paid improperly, according to the report.
GAO recommends that CMS incorporate flags into its software to help identify potentially questionable addresses, revise its 2014 guidance for verifying practice locations and collect additional license information.
The Department of Health and Human Services backed two of the three recommendations, but did not agree with the recommendation to revise its guidance to allow contractors to use phone calls to verify addresses, according to the GAO.
Of the four screenings steps examined by the GAO, CMS is doing a good job of ensuring that applicants are not on lists of deceased persons or those no longer allowed to be paid by Medicare, according to the report.
Since the adoption of the Affordable Care Act and its requirement for the CMS to take additional steps to prevent fraud, CMS has removed 28,000 questionable providers from Medicare, the GAO report said. Using new programs funded in the ACA, the agency prevented $820 million in fraudulent payments in the past three years.
[Also: CMS fraud unit uncovers $820 million in healthcare scams in past 3 years]
Medicare providers are required to submit the address of the actual practice location from which they offer services. In 2013, about 23,400 of 105,234, or 22 percent of practice location addresses, were potentially ineligible, according to the GAO.
This is because the computer software CMS uses as a method to validate applicants' addresses does not flag potentially ineligible addresses, the GAO report said.
In addition, in March 2014, CMS initiated guidance that has reduced the amount of independent verification conducted by contractors, thereby increasing the program's vulnerability to potential fraud, it said.
Follow Healthcare Finance on Twitter and LinkedIn.
Secondly, physicians applying to participate in the Medicare program must hold an active license in the state they plan to practice and self-report final adverse actions, such as a suspension or revocation by any state licensing authority. CMS requires its contractors to verify final adverse actions.
In March 2014, CMS began providing a report to its Medicare contractors to improve their oversight of physician license reviews. However, the report only includes the medical license numbers providers use to enroll into the Medicare program, not the adverse-action history or other medical licenses a provider may have in other states that were not used to enroll into Medicare.
Twitter: @SusanMorseHFN