Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it's official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you're on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

UPICs Hold Promise To Enhance Program Integrity Across Medicare and Medicaid, But Challenges Remain


Unified Program Integrity Contractors (UPICs) are CMS's only program integrity contractors that safeguard both the Medicare fee-for-service (FFS) and the Medicaid programs from fraud, waste, and abuse. Combined, Medicare and Medicaid provided health care coverage to 139 million people at a cost of $1.5 trillion in 2020. Given the cost and scope of these Federal health care programs, it is essential that UPICs successfully detect and deter fraud, waste, and abuse.


We requested and analyzed workload data related to program integrity activities for each of the five UPICs in 2019. In addition, we sent a survey to each UPIC to ask about the challenges it faced in performing these activities. From CMS, we requested and reviewed certain deliverables that UPICs submitted related to their program integrity activities conducted in 2019. We also sent CMS a questionnaire asking about the effects of the unification of Medicare and Medicaid program integrity activities; how CMS measures the effectiveness of UPICs; and any challenges UPICs face in conducting their work. We also asked both UPICs and CMS about the effects of the COVID-19 pandemic on UPICs' work.


In 2016, CMS began consolidating its Medicare and Medicaid program integrity activities to enhance its ability to detect and deter fraud, waste, and abuse across both programs. UPICs conducted substantially more Medicare FFS program integrity work in 2019 compared to that for Medicaid. The UPICs also conducted only minimal activities related to Medicaid managed care, even though most Medicaid enrollees receive services through managed care. UPICs reported no data analysis projects completed or vulnerabilities identified related to Medicaid managed care in 2019. Further, they reported only a single Medicaid managed care fraud referral. Overall, UPICs conducted disproportionately fewer Medicaid activities compared to the levels of funding they received from CMS for Medicaid program integrity activities.

UPICs faced several challenges that could have contributed to the lower levels of program integrity activities in Medicaid. These challenges included problems with Medicaid data availability and quality, and differences across States' Medicaid policies and regulations.

We found wide unexplained disparities in program integrity activities across UPICs, even after adjusting for the size of their respective oversight responsibilities. Further, strategies that unify Medicare and Medicaid data to improve program integrity have not yet produced significant results.

At the same time, CMS and UPICs have laid a foundation for improvements. The development of collaborative processes, analytical tools, and new technologies across the UPICs-including the Unified Case Management (UCM) system and Major Case Coordination (MCC) initiative-helps to achieve the benefits of unifying program integrity activities. Lastly, despite challenges caused by the COVID-19 pandemic, UPICs were able to identify vulnerabilities related to the pandemic and continue program integrity activities with some limitations.


We recommend that CMS (1) implement a plan to increase UPICs' Medicaid program integrity activities, particularly related to managed care; (2) make improvements to the UCM system; (3) implement a plan to help ensure the success of the MCC for Medicaid referrals; and (4) identify the reasons for the unexplained variation in program integrity activities across UPICs. CMS concurred with all our recommendations.