2012 Top Management & Performance Challenges

Annually, the Office of Inspector General (OIG) prepares a summary of the most significant management and performance challenges facing the Department of Health and Human Services (HHS). We refer to this summary as the Top Management Challenges (TMC). These challenges reflect continuing vulnerabilities that OIG has identified for HHS over recent years as well as new and emerging issues that HHS will face in the coming year. This summary fulfills OIG's requirement under the Reports Consolidation Act of 2000, Public Law 106-531 to identify these management challenges, assess the Department's progress in addressing each challenge, and submit this statement to the Department annually. The assessment is included as an appendix to the publicly available HHS annual Agency Financial Report.

Management Issue 1: Implementing the Affordable Care Act

Why This Is a Challenge

The work of the Department of Health and Human Services (HHS or the Department) in implementing the Affordable Care Act (ACA) continues. Although much has been accomplished, significant provisions remain to be implemented, most notably the Affordable Insurance Exchanges (the Exchanges), which add a new dimension to the Department's program landscape. While implementing the Exchanges, the Department must concurrently focus on sound administration of a wide range of new and modified program responsibilities covering reforms to private insurance, Medicare, Medicaid, the Children's Health Insurance Program, public health service programs, and others. Notable reforms include those that seek to transform Medicare and Medicaid by changing from volume-driven to value-driven payment mechanisms and by focusing on achieving better health and lower costs through promoting coordinated rather than fragmented care.

As with any new initiative, the Department faces substantial challenges in ensuring efficient and effective implementation and administration of the ACA so that the programs achieve their objectives and operate free from fraud waste, and abuse. Developing effective oversight strategies to prevent, detect, and correct any problems that occur is critical. The large number of new and complex program responsibilities under the ACA makes achieving these twin goals challenging.

Responsibility for implementing ACA provisions, administering new and changed programs, and overseeing ACA funding rests with Operating Divisions (OpDiv) and Staff Divisions (StaffDiv) across the Department. Many programs, including the Exchanges, also require close coordination and sharing of sensitive data between the Department and other Federal and State agencies, necessitating effective management of intergovernmental relationships and infrastructure. In addition, the Department will be forging new relationships with private insurers, providers, employers and consumers, all of whom will need clear information about benefits and responsibilities under ACA programs.

Progress in Addressing the Challenge

The Department and its Government partners have issued and will continue to issue regulations and other guidance for ACA programs. Numerous informational resources are available to inform the public about ACA programs. The Department has taken steps to foster the integrity of new programs, as illustrated by the regulations for the Medicare Shared Savings Program (MSSP), which incorporate a number of specific safeguards intended to mitigate potential vulnerabilities. Although it is too early to assess the outcome of these particular regulations, the Centers for Medicare & Medicaid Services' (CMS) efforts to integrate program integrity into the initial design of the MSSP is a promising approach that should be replicated in other programs.

The Office of Inspector General (OIG) has provided technical assistance on identifying risks and preventing fraud, waste, and abuse.

OIG has ongoing and planned work assessing a range of ACA programs, including the Exchanges, the Early Retiree Reinsurance Program, and the Prevention and Public Health Fund

What Needs To Be Done

The Department and its partners should be vigilant in identifying and addressing existing and emerging fraud, waste, and abuse risk areas across all ACA-related programs. This will require a comprehensive approach to program integrity that integrates effective front-end program gatekeeping, sound payment design, the promotion of provider compliance, vigilant monitoring of program operations and outcomes, and rapid remediation of detected problems. The Department should continue to apply lessons learned about accountability, transparency, compliance, and risk management from its experience with the American Recovery and Reinvestment Act of 2009 (Recovery Act) and other programs. Staff overseeing ACA grants and contracts should be trained on effective internal controls and best practices for preventing and detecting fraud, waste, and abuse. Data systems supporting ACA programs must be scrutinized for accuracy and completeness, as well as compliance with security and privacy rules. The Department should continue its efforts to provide stakeholders with clear guidance about ACA programs.

A number of specific ACA-related challenges are addressed elsewhere in these top Management Challenges

Management Issue 2: Identifying and Reducing Improper Payments

Why This Is a Challenge

Improper payments cost Federal programs billions of dollars annually. An improper payment is any payment that should not have been made or that was made in an incorrect amount and includes overpayments and underpayments. For FY 2011, the Department reported improper payments totaling more than $64 billion in the Medicare and Medicaid programs and $754 million in Administration for Children and Families (ACF) programs.

The Office of Management and Budget (OMB) identified nine HHS programs as susceptible to significant improper payments: Medicare fee-for-service (FFS or Parts A and B), Medicare Advantage (Part C), the Medicare Prescription Drug Benefit (Part D), Medicaid, the Children's Health Insurance Program (CHIP), Foster Care, Head Start, Temporary Assistance for Needy Families (TANF), and the Child Care and Development Fund.

Despite departmental efforts to reduce improper payments, OIG has found vulnerabilities in the Department's ability to identify and eliminate improper payments. CMS relies largely on contractors to prevent and identify improper payments in Medicare and Medicaid. Challenge 6, Ensuring Efficiency and Effectiveness of Medicare and Medicaid Program Integrity Contractors, addresses specific issues associated with contractor oversight and effectiveness. OIG's analyses of Medicare and Medicaid claims data have revealed improper billing patterns and payments for many services. For instance, OIG found that improper payments to skilled nursing facilities cost Medicare $1.5 billion in 2009. Skilled nursing facilities frequently billed for more intensive services than were provided or needed by beneficiaries. In another example, OIG identified hundreds of millions of dollars in improper Medicaid payments for personal care services across several States.

In addition, the Department did not fully comply with Executive Order 13520 in its fiscal year 2010 quarterly reports on high-dollar improper payments. The Department's quarterly reports were incomplete and therefore cannot be used to adequately assess the level of risk of each of the Department's programs or to determine the extent of existing oversight activities.

Progress in Addressing the Challenge

Because of statutory prohibitions that may hinder reporting for TANF and CHIP, the Department did not report improper payment estimates for 2011 as required, and the Department also had two programs with improper payment rates exceeding 10 percent. OIG found that as a result, the Department was not in substantial compliance with the Improper Payments Elimination and Recovery Act of 2010 (IPERA). However, OIG also found that the Department was in compliance with elements of OMB's guidance for IPERA reporting for five of the nine programs deemed to be susceptible to significant improper payments: Medicare FFS, Medicare Part D, Medicaid, Foster Care, and Head Start. The Medicare Prescription Drug Benefit program reported an error rate for the first time in FY 2011. The Department reported reductions in improper payment rates for five of the six programs for which it previously reported improper payment rates (i.e., Medicare FFS, Medicare Advantage, Medicaid, Head Start, and the Child Care and Development Fund). Although the Department reduced the improper payment rate for Medicare Advantage from 14.1 percent to 11 percent and for the Child Care and Development Fund from 13.3 percent to 11.2 percent, rates for both programs remain above 10 percent.

The Department has taken actions to address some improper payment vulnerabilities. CMS uses the Comprehensive Error Rate Testing (CERT) program as a way to measure the Medicare FFS error rate and as a guide in developing corrective actions to reduce improper payments. CMS analyzes the CERT improper payment data and uses the results to provide feedback to Medicare contractors to enhance their medical reviews, focus on high-risk areas, and reduce improper payments. Additionally, Medicare's automated systems have edits in place to detect and reject payment for medical services that are physically impossible, such as a hysterectomy for a male beneficiary, and medically unlikely, such as services claimed for which the quantity billed exceeds acceptable clinical limits. OIG is examining the extent to which Medicare contractors meet error rate reduction plan requirements and the extent to which implementation of these plans affects overall contractor evaluation. Error rate reduction plans describe the corrective actions that contractors plan to take to lower the CERT paid-claims error rate and provider-compliance error rate in their jurisdictions.

To prevent recurrence of improper payments, CMS has made policy and manual changes and has implemented local system edits and CMS Medicare Administrative Contractors have conducted local provider education. Moreover, the ACA expanded the Recovery Audit Contractors (RAC) program from Medicare FFS to identify improper payments in Medicaid and Medicare Parts C and D for recovery and corrective action. OIG work underway is evaluating the results of the RAC program in Medicare.

The Department is also examining techniques used by private sector entities to identify improper payments. In 2011, CMS implemented the Fraud Prevention System (FPS), which is an advanced predictive analytic technology used to conduct data analysis and predictive modeling, to identify improper payment claims as they enter the payment system, and to detect and generate alerts for suspicious billing behavior across provider types. (See Challenge 3, Preventing and Detecting Medicare and Medicaid Fraud, for more discussion of FPS and predictive analytics.) Additionally, CMS recently started a demonstration to require prior authorizations for certain power mobility devices in seven States with high populations of fraud and error-prone providers. CMS is also exploring ways to leverage existing compliance programs within the provider community to educate providers about payment vulnerabilities.

CMS developed the Payment Error Rate Measurement (PERM) program to review improper payments for Medicaid and CHIP FFS claims, managed care claims, and beneficiary eligibility. Though causes of improper Medicaid payments vary from State to State, PERM helps CMS identify trends and common errors across States. On the basis of PERM results, States are required to submit Corrective Action Plans (CAP) 90 days after they are notified by CMS of their error rates. Many States' CAPs focus on provider education to reduce improper payment rates.

In addition, the Department is strengthening its program integrity efforts by working with its OpDivs and StaffDivs to identify and prioritize programmatic risks. (See Challenge 7, Grants Management and Administration of Contract Funds, for additional information regarding improper payments.)

What Needs To Be Done

The Department is slated to publish a projected error rate for CHIP in the 2012 reporting period. The Department should continue to develop error rates for additional programs, including TANF, to comply with IPERA requirements.

HHS has developed CAPs for the programs for which it reports improper payment rates that, if implemented as designed, could be effective in further reducing improper payments. OIG has recommended that HHS consider changes to its quarterly reporting on high-dollar overpayments that include developing a comprehensive list of overpayments using all potential sources of information and reporting any high-dollar overpayments made by the five State-administered programs (i.e., Medicaid, CHIP, TANF, Foster Care, and the Child Care and Development Fund.) Further, the Department should use historical improper payment data to identify the root causes of improper payments. In addition, for Medicare FFS claims, CMS should continue to monitor its payment systems to identify additional edits and prepayment reviews that could identify suspicious claims and prevent improper payments.

The Department should continue to identify best practices in the private sector that it can use to further prevent improper payments. It should also expand its provider education efforts around program requirements and improper payment vulnerabilities. Implementation of planned program integrity initiatives, such as evaluating and monitoring risks, identifying and addressing cross-cutting issues, resolving reported grantee audit findings, and sharing best practices across HHS, will help the Department achieve its goal of integrating program integrity into all aspects of its operations and culture.(See Challenge 7, Grants Management and Administration of Contract Funds, for additional information regarding improper payments.)

Management Issue 3: Preventing and Detecting Medicare and Medicaid Fraud

Why This Is a Challenge

Perpetrators of schemes to defraud Medicare and Medicaid range from criminals who masquerade as bona fide health care providers and suppliers but who do not provide legitimate services or products to Fortune 500 companies that pay kickbacks to physicians in return for referrals. Fraud is a crime of deception, and perpetrators design their schemes to avoid detection. The Department faces multiple challenges in preventing and detecting these frauds, including:

• effectively using CMS's provider enrollment and payment suspension authorities against those providers and suppliers that have exploited weaknesses to commit fraud rather than provide legitimate patient care;
• managing the Department's expanding use of data analysis;
• collecting and maintaining complete and accurate data, particularly Medicaid data from diverse State programs and systems, to support CMS and OIG oversight and enforcement activities;
• monitoring Medicare and Medicaid benefits delivered by private plans for fraud; and
• excluding individuals and entities from Federal health care programs to protect the programs and beneficiaries.

Many of CMS's essential program integrity activities are carried out by contractors. (See also Challenge 6, Ensuring Efficiency and Effectiveness of Medicare and Medicaid Program Integrity Contractors, for information on issues specific to CMS contractor oversight and effectiveness.)

Progress in Addressing the Challenge

Enrollment and Payment. In February 2011, CMS published a final rule implementing the ACA provisions concerning screening of providers and suppliers on the basis of fraud risk. CMS's enhanced payment suspension regulations took effect in March 2011. In this rule and subsequent regulations, CMS established three levels of screening for providers (limited, moderate, and high) and designated categories of providers and suppliers to each level. In December 2011, CMS launched its Automated Provider Screening (APS) system, which is designed to identify ineligible providers or suppliers prior to their enrollment or revalidation. CMS completed the procurement of a national contractor to increase efficiency and standardization of provider site visits, and this contractor began performing these visits in January 2012. In addition, CMS plans to increase the frequency of unannounced out-of-cycle site visits.

Data Analysis and Data Quality. Enhanced data analysis made possible the impressive enforcement results of the nine Medicare Fraud Strike Forces, which are part of the Health Care Fraud Prevention and Enforcement Action Team (HEAT). The strike forces are interagency teams of prosecutors and special agents that focus enforcement resources on geographic areas at high risk for fraud. CMS has made claims data available more quickly and efficiently by providing law enforcement increased access to data, including real-time data. Through HEAT, these data are analyzed and inform the deployment of Strike Force teams.

CMS uses FPS to risk-score Medicare FFS claims prepayment and has awarded a contract to develop and test new predictive models for inclusion in the FPS. Additionally, CMS opened its Command Center, which provides a collaborative, multidisciplinary environment for investigators, data analysts, clinicians, and subject-matter experts to work on cases, drive innovation and improvement in predictive modeling, and monitor progress. CMS established the Medicaid and Children's Health Insurance Program Business Information and Solutions (MACBIS) Council, which provides leadership for the development and deployment of enterprisewide improvements in the accuracy and availability of data for Medicaid program integrity and oversight. To improve the quality of data collected from States in the Medicaid Statistical Information System (MSIS), CMS has undertaken a pilot test of 10 States (2 States have subsequently joined the pilot test; however, they have not yet contributed data) to expand the MSIS data set (called Transformed-MSIS, or T-MSIS) and allow CMS to review the completeness and quality of State MSIS submittals as they are received. CMS states that it plans to launch national implementation of T-MSIS in 2014.

Monitoring Medicare and Medicaid Benefits Delivered by Private Plans. CMS has strengthened its oversight of Parts C and D program integrity by auditing Part D sponsors' compliance plans; issuing guidance regarding Parts C and D sponsors' program integrity training responsibilities, including identifying invalid prescriber identifiers; and hosting its first annual program integrity conference for Parts C and D sponsors. In 2010, CMS began implementing a broad set of Medicaid initiatives focused on assessing and improving States' performance in meeting regulatory requirements and ensuring that managed care systems deliver accessible, available, and appropriate services to Medicaid beneficiaries.

Accountability. CMS's imposition of payment suspensions is one example of the Department's increased focus on using its administrative tools to ensure accountability. Each year, OIG excludes thousands of individuals and entities from participating in Federal health care programs for a variety of reasons set forth in law, ranging from health care fraud convictions to loss of medical license for professional incompetence. OIG issued guidance on its authority to pursue exclusion of responsible corporate officers of sanctioned providers and suppliers that may otherwise view civil penalties and fines as the cost of doing business. OIG and its law enforcement partners, including the Medicaid Fraud Control Units, also investigate suspected fraud and refer cases to the Department of Justice for criminal and civil adjudication.

What Needs To Be Done

CMS has additional opportunities to strengthen the enrollment system, including adopting a more flexible screening approach, tailoring screening measures to fraud risks, and classifying reenrolling durable medical equipment (DME) and home health providers as "high risk" when appropriate. CMS should also focus enrollment scrutiny on providers such as independent diagnostic testing facilities (IDTF) and comprehensive outpatient rehabilitation facilities (CORF), as OIG found that IDTFs and CORFs did not comply with basic Medicare requirements to maintain open and accessible physical locations as reported to and on file with CMS. In addition, CMS should consider instituting temporary enrollment moratoria for certain types of providers in geographic areas at significant risk for fraud, such as home health providers in Florida and Texas.

The Department should continue to collect and maintain more robust data sets, particularly for State Medicaid programs, as well as further facilitate law enforcement's access to data. OIG and the Department must also ensure that OIG has the capacity to handle the volume of new fraud referrals that can be expected from CMS's expansion into predictive modeling and that CMS and OIG coordinate closely on such referrals. CMS should also strengthen fraud and abuse prevention efforts by issuing regulations for mandatory provider compliance plans under sections 6102 and 6401 of the ACA.

CMS must also continue to monitor Medicare Advantage and Part D plans' implementation of integrity safeguards, provision of covered services to all eligible beneficiaries, and compliance with marketing rules. CMS will also need to oversee plans' compliance with medical loss ratios and ensure that plans are not inflating their direct health care costs. As States increasingly use managed care to deliver Medicaid services, CMS should require that State contracts with managed care entities (MCEs) include a method to verify with beneficiaries whether services billed by providers were received, and CMS should update guidelines to reflect current concerns expressed by MCEs and States.

The Department should continue to focus on accountability for fraud. In addition, OIG will continue to use its exclusion authority to protect the Department's programs and beneficiaries, including considering cases in which excluding responsible corporate officers of sanctioned providers and suppliers is appropriate and monitoring the effect of such an exclusion on recidivism.

Management Issue 4: Ensuring Patient Safety and Quality of Care

Why This Is a Challenge

As a purchaser of health care for over 100 million Americans, the Department faces challenges in ensuring the quality of care rendered to Federal health care program beneficiaries. Despite increased attention to patient safety, quality problems persist. According to the Joint Commission, 40 wrong-site surgeries are performed in U.S. hospitals and surgicenters every week. In a 2010 report, OIG found that 13.5 percent of hospitalized Medicare beneficiaries suffered harm from adverse events (i.e., patient harm resulting from medical care) during their hospital stays. Forty-four percent of these adverse events were preventable and were caused by care failures, such as medical error, substandard care, or inadequate monitoring. OIG continues to conduct followup work on studying adverse events, including determining the extent to which adverse events occur in other care settings, such as nursing homes.

Other OIG work has raised concerns about overmedication with atypical antipsychotic drugs in nursing homes; more than 20 percent of atypical antipsychotic drugs claimed for Medicare patients in nursing homes violated Federal standards to protect nursing home residents from unnecessary drug use. OIG also found that nursing homes generally were not meeting all requirements for care plans and resident assessments when administering antipsychotics. OIG has also identified concerns with the licensure and qualifications of health care providers across various health care settings.

Quality of nursing home care remains a critical challenge. OIG investigations have uncovered various problems, including inadequate staffing, failure to provide adequate nutrition and hydration, patients' development of preventable or untreated pressure wounds (bedsores), inappropriate medication practices, and other serious deficiencies. Other enforcement actions target nursing homes that maximize reimbursement by rendering excessive therapy services that are medically unnecessary or even harmful to beneficiaries.

Progress in Addressing the Challenge

The Department has taken steps to improve quality of care and promote patient safety, both targeting specific populations, such as improving care coordination for Medicare beneficiaries with multiple chronic conditions, and improving care for all patients. The Department has committed up to $1 billion in ACA funding to the Partnership for Patients Initiative, a public-private partnership to keep patients from becoming injured or sicker while undergoing treatment and to help patients heal without added complication. Two specific partnership goals are to reduce hospital readmissions by 20 percent and reduce preventable harm to hospital patients by 40 percent by the end of 2013.

CMS awarded $218 million to State, regional, national, or hospital system organizations to establish Hospital Engagement Networks to make health care safer and less costly by targeting and reducing preventable injuries. Pursuant to the ACA, CMS specifically committed $500 million towards a Community Based Care Transition Program to improve patient outcomes following hospital discharge.

The Department is also testing and implementing new care delivery models in the Medicare and Medicaid programs designed to improve the quality of care by enhancing provider accountability for quality and improving coordination of care and care transitions. The Department continues to provide incentives for improved quality of care through its value-based payment policies, including policies that link payment to quality measures and that address hospital-acquired conditions. The Department also continues to promote the adoption of electronic health records and electronic prescribing, which promise to improve quality of care, reduce medication errors, and otherwise promote patient safety. The Department established tools to help beneficiaries compare facility-specific quality indicators to better inform their decisions regarding where to seek treatment. (See also Challenge 5, Avoiding Waste and Promoting Value in Health Care, for more discussion of promoting value and coordination in health care and Challenge 9, Integrity and Security of Health Information Systems and Data, for more discussion of electronic health records.)

The Five Star Quality Rating System and Nursing Home Compare report on many important quality measures for nursing homes. Recent regulation has also targeted therapy utilization in nursing facilities. In March 2012, CMS launched a new initiative aimed at improving behavioral health and safeguarding nursing home residents from unnecessary antipsychotic drug use. A primary goal is to reduce antipsychotic drug use in nursing homes 15 percent by the end of 2012. Additionally, CMS' Nursing Home Value-Based Purchasing demonstration is currently testing ways to improve care for this population.

OIG continues to pursue enforcement actions against health care providers that render substandard care. OIG maintains corporate integrity agreements with several nursing homes, hospitals, assisted-living facilities, and dental clinics that include quality-monitoring provisions. CMS and OIG continue to work closely with law enforcement partners at the Department of Justice and through the Federal Elder Justice Interagency Working Group to promote better care for elderly persons and to prosecute providers that subject them to abuse or neglect.

What Needs To Be Done

The Department should continue to prioritize quality of care and patient safety and build upon its past efforts, including continuing to implement the quality improvement provisions of the ACA and achieving the goals set by the Partnership for Patients and the National Quality Strategy. OIG has offered recommendations that can assist the Department in this mission. For example, OIG suggested enhancements to nursing home oversight to ensure that Medicare does not pay nursing homes to overmedicate or otherwise inappropriately medicate beneficiaries. OIG also suggested enhancements to outpatient prescription drug claims that could help the Department ensure that Medicare and Medicaid beneficiaries receive only the drugs that are appropriate for their medical indications. The Department should also continue denying payments for services of such low quality that they are virtually worthless and work with OIG to exclude providers that have rendered grossly substandard care, thereby preventing additional harm to vulnerable beneficiaries.

The Department must also ensure that health care professionals working in all sites of service, such as hospitals, nursing homes, school-based facilities, and beneficiaries' homes, meet qualification and licensure requirements before they treat Federal health care program beneficiaries.

Management Issue 5: Avoiding Waste and Promoting Value in Health Care

Why This Is a Challenge

In an era of fiscal belt-tightening and expanding enrollment of "baby boomers" into the Medicare system, the Department must be vigilant in reducing waste and increasing value in its health care programs. The Institute of Medicine (IOM) estimated that about 30 percent of U.S. health spending in 2009-roughly $750 billion-was wasted. Waste in health care programs is a multidimensional problem. The IOM report identified six major areas of waste: unnecessary services, inefficient delivery of care, excess administrative costs, inflated prices, prevention failures, and fraud.

As described in Challenge 3, Preventing and Detecting Medicare and Medicaid Fraud, curbing fraud is vital to conserving scarce health care resources, and the Department must continue to direct all necessary resources toward fraud prevention, detection, and remediation. However, while all fraud is waste, not all waste is fraud. Challenge 2, Identifying and Reducing Improper Payments, and Challenge 4, Ensuring Patient Safety and Quality of Care, describe opportunities to address waste and increase value by reducing improper payments and ensuring patient safety and quality of care. Maximizing efficiencies and value derived in health care requires the Department to continue to focus on other areas prone to waste as well.

One area is payment inefficiency. OIG has found, for example, payment inefficiencies in Medicare's bundled payment for global surgery fees, which has not been adjusted to reflect evolving physician practices that result in fewer services' typically being provided than assumed in the payment model. Similarly, OIG work in evaluating Medicare payment for two medications used to treat wet age-related macular degeneration revealed substantial opportunities for Medicare to save money by paying on the basis of the cost of the less expensive drug, which is equally effective according to preliminary results of a clinical study. OIG work on evaluating drug pricing showed shifts in utilization patterns for drugs coinciding with changes in Medicare payment and coding policies. Utilization of a more expensive respiratory drug increased when Medicare's reimbursement for that drug was more favorable to suppliers compared to reimbursement for a less expensive alternative drug and decreased when Medicare changed its pricing policy.

The Department is implementing a variety of policy changes designed to shift from volume-driven payment to value-driven payment. These include, for example, the Hospital Value-Based Purchasing Program, the Readmissions Reduction Program, the Hospital Acquired Conditions Program, and the End Stage Renal Disease (ESRD) Prospective Payment System. They also include broader delivery reforms that pair payment incentives with changes aimed at producing better coordinated, higher quality, and more efficient and effective care. Examples include the MSSP, as well as models being tested under the auspices of the Center for Medicare and Medicaid Innovation (CMMI), such as the Pioneer ACO Program, the Independence at Home Program, and the Bundled Payment for Care Initiative.

These reforms rely significantly on complex data, advanced health information technology, and sophisticated quality and performance measurement. To ensure reliable results, data must be accurate, complete, and timely. Measures must be appropriate and meaningful. Outcomes must be correctly assessed to ensure correct payment. The growing linkage of payment with quality presents new challenges for administering Medicare and Medicaid payment systems.

The Hospital Acquired Conditions Program provides an example of the challenges in designing and implementing initiatives in ways that achieve their goals. OIG reviewed the incidence of adverse events among hospitalized Medicare beneficiaries and found that very few of the events that beneficiaries experienced were covered by the Hospital Acquired Conditions policy. Further, for the few incidents that were covered by the policy, none of the events in OIG's review were documented in the claims data in a way that would enable CMS to identify them as hospital-acquired conditions and apply appropriate payment denial for increased costs associated with those events.

Opportunities afforded by innovations in science and information technology and advances in evidence-based medicine and quality measurement are fueling transformations in health care aimed at improving care and lowering costs. To meet this challenge, the Department must design and oversee payment systems that produce the greatest health benefits to patients at the lowest cost.

Progress in Addressing the Challenge

The Department is implementing policy changes, including a number of ACA-related changes, designed to reduce waste and increase value in the health care programs through enhanced payments for positive patient outcomes and/or financial penalties for negative patient outcomes. For example, the Hospital Value-Based Program provides financial incentives to hospitals for achievements and improvements in measures related to patient outcomes, patient experiences, and processes of care. CMS issued a final rule to implement its Hospital Readmissions Reduction Program, effective October 1, 2012, under which Medicare payments may be reduced to applicable hospitals with high patient readmission rates. In that same final rule, CMS also continued its list of existing hospital-acquired conditions with some updated billing codes and added two new conditions to this list. The Department continues to administer the MSSP and to foster a variety of payment and delivery models in the Medicare and Medicaid programs. CMS intends to learn from the Nursing Home Value-Based Purchasing demonstration to inform improved payment in this postacute care setting.

In addition, the Department continues to implement the Competitive Bidding Program for DME, which holds promise for addressing prior OIG findings that Medicare paid significantly more than market prices for many types of DME.

What Needs To Be Done

The Department should continue to seek opportunities to harness the promise of value-driven payment. The Department should continuously evaluate the effectiveness of payment policies and scrutinize payment systems to ensure that quality, efficiency, and payment accuracy goals are met. For example, the Department could strengthen its Hospital-Acquired Conditions policy by improving compliance with present-on-admission coding rules and, if supported by evidence of effectiveness, further expanding the list of hospital-acquired conditions. Timely implementation of the new payment adjustment under ACA section 3008 for conditions acquired in hospitals, slated to go into effect in 2015, will further strengthen the Department's efforts to improve patient care and reduce wasteful expenditures on hospital-acquired conditions. The Department should also consider revising its payment policy for the drugs used to treat wet age-related macular degeneration and apply the lessons learned from the utilization changes in the respiratory drugs to design payments and monitor billing to avoid unintended consequences.

For newly implemented programs, such as the MSSP and CMMI demonstration programs, the Department must vigilantly monitor implementation, ensure efficient and effective operations, evaluate program outcomes, and assess the effectiveness of oversight strategies. The Department should implement a comprehensive and flexible oversight strategy, with robust tools to prevent, detect, and remedy instances of fraud, waste, and abuse.

Management Issue 6: Ensuring Efficiency and Effectiveness of Medicare and Medicaid
Program Integrity Contractors

Why This Is a Challenge

CMS relies on a number of program integrity contractors to identify and respond to fraud, abuse, and improper payments in the Medicare and Medicaid programs. These contractors include Medicare Drug Integrity Contractors (MEDIC), Program Safeguard Contractors (PSC), Zone Program Integrity Contractors (ZPIC), RACs, Review Medicaid Integrity Contractors (MIC), and Audit MICs. OIG work has raised concerns about contractors' performance in protecting Medicare and Medicaid from fraud, waste, and abuse and has identified barriers that may limit their ability to perform successfully.

Questionable Contractor Performance. Recent OIG reports examining early MIC efforts revealed limited success and negative return on investment. Review MICs initially identified over 113,000 providers with potential overpayments of $282 million, but after performing audits, the Audit MICs found actual overpayments to only 25 of these providers, totaling less than $300,000. In FY 2010, CMS paid MICs more than $32 million, but MIC efforts in 2010 yielded less than $14 million in identified overpayments. Similarly, in 2007 and 2008, CMS spent $60 million on the Medicare-Medicaid Data Match program (Medi-Medi Program), administered by the PSCs, but the program recovered or avoided expenditures totaling just under $58 million.

OIG work has also raised concerns about the variability in performance results among integrity contractors, which was not necessarily linked to relative budget size or oversight responsibilities. In addition, OIG found that RACs made few fraud referrals to CMS under a demonstration project, despite having identified more than $1 billion in improper payments.

Inadequate Program Data. The integrity contractors rely heavily on data to conduct program integrity tasks, yet OIG work has found significant limitations in the Medicare and Medicaid data available to contractors. For example, the MSIS is the only national database of Medicaid claims and beneficiary eligibility information. However, OIG has found that MSIS data are not complete, accurate, or timely and do not capture all data elements that can assist in the detection of fraud, waste, and abuse. These factors contributed to MICs' misidentification of potential overpayments and the Medi-Medi Program's limited identification of Medicaid overpayments and potential fraud. Furthermore, ZPICs' and MEDICs' lack of access to Medicare claims data and, in the case of MEDICs, to medical records and prescriptions has hindered or delayed their ability to identify possible fraud and abuse.

CMS Oversight Challenges. OIG has also identified weaknesses in CMS's management and oversight of its integrity contractors. For example, CMS uses contractor-reported workload statistics to oversee performance. However, the data contractors report is not always accurate or uniform, hindering the ability to make meaningful comparisons. In addition, CMS has not always held contractors accountable for the tasks outlined in their contracts.

Progress in Addressing the Challenge

CMS has made some progress toward addressing the above challenges as it works with its contractors to implement the new anti-fraud authorities provided in the ACA and the Small Business Jobs Act of 2010. Additionally, several information technology initiatives aim to improve the quality, availability, and meaningful use of data, including the FPS and the recently launched pilot project to improve Medicaid data, the Transformed MSIS initiative. CMS has also reported actions to improve the Medi-Medi and MIC programs consistent with OIG recommendations, such as assigning more Medicaid audits through the collaborative process, which showed greater success than the traditional process. Further, CMS told OIG that it is realigning Review MICs, enabling it to discontinue three of five Review MIC task orders for options years that were scheduled to be renewed at the end of FY 2012.

In addition, MEDICs now have access to Part D data to conduct analyses and to identify and investigate potential fraud. CMS has also increased the quantitative data it collects on contractors; however, inaccuracies and inconsistencies in reporting persist.

What Needs To Be Done

As its programs continue to expand, CMS must do more to ensure that integrity contractors are fully equipped and are performing at levels that do not waste taxpayer dollars. OIG has offered a number of recommendations to CMS about improving the quality, accuracy, and availability of data, particularly for the Medicaid program. CMS's initiatives offer promise and will require sustained focus and resources at the Federal and State levels to deliver improved results.

CMS should continue to build on its progress in addressing contractor performance and oversight challenges. For example, OIG continues to recommend that CMS pursue authority to allow MEDICS to collect information directly from pharmacies, pharmacy benefit managers, and physicians. CMS should also continue to improve contractor performance data so that they are accurate and consistent and then use the data to more effectively evaluate contractor performance.

Management Issue 7: Grants Management and Administration of Contract Funds

Why This Is a Challenge

HHS is the largest grant-making organization in the Federal Government, and its funding of health and human services programs touches the lives of almost all Americans. In FY 2011, the Department awarded over 82,000 grants totaling approximately $382 billion. Of these, approximately 80,000 grants and $91 billion were for programs other than Medicare or Medicaid. These grants include those added to the HHS grant portfolio by the ACA and the Recovery Act, thus expanding the oversight necessary by grant managers and project officers.

HHS is also the third largest contracting agency in the Federal Government; in 2011, HHS awarded over $19 billion in contracts across all program areas. Additionally, four HHS OpDivs fund SBIR (Small Business Innovation Research) and STTR (Small Business Technology Transfer) grants and contracts. In 2010, HHS spent $690 million on these programs. HHS is the second largest funder of grants and contracts under these programs (the Department of Defense is the first).

Oversight and management of both new and continuing grant programs is crucial to the Department's mission and to the health and well-being of the public. However, OIG has found internal control deficiencies, problems with financial stability, inadequate organizational structures, inadequate procurement and property management policies, and inadequate personnel policies and procedures among grantees. For example, recent audits of Recovery Act grantees determined that grantees did not (1) maintain financial management systems that accounted for grants separately, (2) appropriately allocate direct and indirect costs, or (3) maintain documentation to support property records and actual personnel costs charged to the grant awards.

The Department also faces challenges with monitoring its HIV/AIDS relief grant funds awarded to foreign and domestic recipients. Through the President's Emergency Plan for AIDS Relief (PEPFAR) program, the Department received over $10 billion in grant funding to prevent, treat, and combat HIV/AIDS, tuberculosis, and malaria-with the majority allocated to the Centers for Disease Control and Prevention (CDC). OIG's review of CDC's oversight found that while some monitoring had been performed, it was not consistent. OIG found that grant-related files and documentation were not maintained in accordance with departmental and other Federal requirements.

With respect to contracts, OIG focused on the National Institutes of Health's (NIH) use of appropriations to fund 21 longer term contracts. We have reported instances of improper funding on 11 of the 18 completed audits. Audits of the remaining three contracts are ongoing. In FY 2011, HHS reported a departmentwide violation of the Antideficiency Act that involved 47 HHS contracts from NIH and other OpDivs that were awarded between 2004 and 2009. As OIG continues to review grants and contracts oversight vulnerabilities across the Department, we plan to assess the effectiveness of the remedial actions taken by the Department to properly fund its contracts and prevent future violations of the Antideficiency Act.

Progress in Addressing the Challenge

To conduct grant oversight, the Department continues to work with OIG to address audit findings, implement recommendations, and provide updated information on recoveries of unallowable costs related to grant programs. In addition, the Department is strengthening its program integrity efforts by working with its OpDivs and StaffDivs to identify programmatic risk utilizing a uniform risk management approach. This approach will enable the Department to look across programs for commonalities and solutions, as well as to consistently evaluate the results. For example, in 2010, the Health Resources and Services Administration (HRSA) launched its Program Integrity Initiative (PII) to identify and reduce risks through new or enhanced oversight activities while sharing new and best practices across programs. In 2011 OIG provided training to 200 HRSA grants management and program officials. In 2012, two PII Webinars were held; one focused on risk and fraud generally and the other addressed risk and fraud within the 340B Discount Drug Program. In total, more than 500 grantee participants and 200 HRSA staff attended the first Webinar and 400 participants including HRSA staff, grantees, and A-133 auditors attended the second Webinar.

With respect to systemic contract funding problems, the Department, as required by law, reported multiple violations of the Antideficiency Act; issued detailed policy guidance; developed and mandated a departmentwide appropriations law training course for all budget, finance, program, and contracting officials; developed an online reference tool for contract funding, formation, and appropriations law compliance; and is conducting appropriations law compliance reviews of all contract actions exceeding $5 million or $10 million, depending on the type of requirement reviewed and the awarding OpDiv or StaffDiv. CMS ensures that all employees involved in the acquisition process receive the necessary training to ensure that grants and contracts management policies and procedures are followed. Additionally, in May 2012, the Department issued Suspension and Debarment Procedures. In June 2012, the HHS Suspension and Debarment Official and her staff began holding monthly coordination meetings with representatives from OIG, the Office of Research Integrity, and the Office of the General Counsel (OGC). These meetings provide an opportunity for discussion of pending referrals as well as other operational and implementation activities either being considered or underway.

The Department has also taken steps to improve monitoring of its HIV/AIDS relief programs. For example, CDC is developing additional standard operating procedures for monitoring recipients. CDC also established a multi-disciplinary team from CDC headquarters to conduct reviews at its offices in various countries.

What Needs To Be Done

Sustained focus by the Department is needed to address vulnerabilities in its grant programs and contract administration. With respect to grant oversight, OpDivs need to continue to be vigilant in monitoring grant resources stemming from the Recovery Act, the ACA, PEPFAR, and other grant programs. Implementation of planned program integrity initiatives, such as evaluating and monitoring risks, identifying and addressing cross-cutting issues, resolving reported grantee audit findings, and sharing best practices across the Department, will better position HHS to integrate program integrity into all aspects of its operations and culture. Additionally, OIG has found that OpDivs vary in their grant oversight processes. The Department should work toward making the grants management function more consistent across OpDivs.

With respect to contract funding, the Department has advised that it is heavily focused on preventing new violations and that it is taking legally appropriate actions to ensure that there are no further violations of the Antideficiency Act among ongoing contracts. OIG continues to recommend that the Department correct the improper funding of contracts that resulted in appropriations violations and continue to ensure that appropriate officials attend mandated training, that future contracts are funded properly, and that policy guidance is consistently followed. The Department also needs to fully implement its Suspension and Debarment Procedures, including operationalizing the referral and decision process and setting up a departmentwide tracking system.

Management Issue 8: Protecting Consumers of Food, Drugs, and Medical Devices

Why This Is a Challenge

The Department, through the Food and Drug Administration (FDA), is responsible for protecting the public's health by ensuring the safety, efficacy, and security of drugs, medical devices, biologics, and much of our Nation's food supply. The Department must ensure that once a drug, biologic, or device has been approved for use, it is marketed appropriately. During a food emergency, the Department is also responsible for finding the contamination source and overseeing the removal by manufacturers of these products from the market. However, OIG work has revealed weaknesses in FDA's ability to adequately oversee the safety of drugs, biologics, medical devices, and food. These challenges include:

Inadequate Food Facility Inspections and Recordkeeping. OIG found that FDA was conducting food facility inspections infrequently many food facilities went 5 years or longer without an FDA inspection. FDA took action against less than half of food facilities after the agency found conditions that warranted its most severe inspection classification. FDA relies upon States to conduct food facility inspections under contract; however, FDA has failed to ensure that States completed all required inspections, that the completed inspections were properly classified, or that all violations were remedied.

Similarly, food facilities' failure to comply with FDA's recordkeeping requirements impedes the Department's ability to ensure the safety of the Nation's food supply. We found that 59 percent of selected food facilities did not comply with FDA's recordkeeping requirements. Additionally, in reviews of food safety recalls, we found that FDA often did not follow its own procedures for ensuring that the recall process operated efficiently and effectively. Further, FDA's procedures for monitoring recalls were not always adequate.

Ensuring Compliance With Marketing Requirements. Manufacturers of drugs, biologics, and medical devices gain approval for sale of their products for specific uses once FDA determines that the products are safe and effective for those uses. Once these items are approved for sale, qualified medical providers may prescribe them for any uses on the basis of their medical judgment. However, manufacturers are prohibited from promoting products for uses for which FDA has not specifically approved them (known as off-label uses). OIG works with its law enforcement partners, including FDA's Office of Criminal Investigations, and has investigated many instances in which manufacturers have illegally promoted products for off-label uses. Off-label promotion can undermine the system intended to ensure that drugs are safe and effective and can put patients at risk. FDA faces ongoing challenges in adequately monitoring and preventing illegal off-label promotional activities. Additionally, illegal off-label promotion may increase fraudulent claims for payment submitted to Federal health care programs, including Medicare and Medicaid.

Inadequate Procedures and Monitoring. OIG has found vulnerabilities in FDA's oversight of regulatory decisions and monitoring of drugs and medical devices. For example, OIG found weaknesses in FDA's management of internal scientific disagreements related to regulatory decisions for medical devices under agency review. Other concerns include weaknesses in ensuring the adequate monitoring of adverse-event reporting for medical devices and the accuracy of FDA's National Drug Code Directory.

OIG is reviewing FDA's progress in reclassifying high-risk devices cleared under the 510(k) process. OIG is also reviewing FDA's monitoring of the Risk Evaluation and Mitigation Strategies (REMS) that sponsors are required to submit for drugs associated with known or potential risks that may outweigh a drug's benefits.

Progress in Addressing the Challenge

In September 2009, FDA required food facilities to report to a new registry all instances when there is a reasonable probability that a food might cause serious adverse health consequences and to investigate the causes of any adulteration reported if the adulteration may have originated with the food facility. The Food Safety Modernization Act (FSMA), signed into law in January 2011, provides FDA important new authorities to better protect the Nation's food supply.

OIG will continue to oversee the Department's management of food safety issues and FSMA implementation. In ongoing work, OIG is examining whether the structure/function claims made by manufacturers of dietary supplements may be misleading to consumers and whether dietary supplement companies have registered as required with the Food Facility Registry so that FDA may contact companies in an emergency.

OIG is working with law enforcement partners to investigate and prosecute drug and device manufacturers that engage in illegal activity. For example, GlaxoSmithKline recently agreed to plead guilty to misbranding charges, pay more than $3 billion in criminal fines, enter into a civil settlement, and enter into a corporate integrity agreement with OIG to resolve criminal, civil, and administrative liability resulting from various types of conduct, such as unlawful promotion of certain drugs and failure to report safety data on a particular drug to FDA. In November 2011, Medtronic, Inc., agreed to pay $23.9 million to resolve allegations under the Civil False Claims Act that it caused false claims to be submitted to Medicare and Medicaid by inducing doctors to implant the company's pacemakers and defibrillators in patients in exchange for payments to those doctors.

What Needs To Be Done

The Department and FDA will need to focus on implementing the new Food and Drug Administration Safety and Innovation Act, which was signed into law in July 2012. In addition, FDA will need to continue its efforts to fully implement FSMA to better protect the Nation's food supply. FSMA addresses many of OIG's recommendations; however, we continue to recommend that FDA vigorously use its new authorities to remedy identified weaknesses in its inspections and recall procedures. FDA should also ensure that States properly conduct contracted food facility inspections.

The Department also needs to focus on eliminating off-label promotion to protect patients and HHS health care programs.

Management Issue 9: Integrity and Security of Health Information Systems and Data

Why This Is a Challenge

As health care providers modernize their medical recordkeeping and billing systems, the adoption of electronic health records (EHR) and other innovations offer opportunities for improved patient care and more efficient practice management. However, as growing quantities of personal medical information are stored in electronic format, protecting the privacy and security of these data and ensuring the integrity of EHRs is critical. In addition, ensuring the integrity, privacy, and security of sensitive data will be critical to the successful administration of the ACA Exchanges and related programs, including the premium tax credit program.

Data Security. A series of OIG audits revealed that some hospitals lack sufficient security features, potentially exposing patients' electronic protected health information to unauthorized access. Vulnerabilities included unsecured wireless access, inadequate encryption, authentication failures, and other access control vulnerabilities. OIG also found security breaches in data stored by CMS's contractors.

Over 5,000 Medicare physician identifiers and almost 300,000 Medicare beneficiary numbers are known to be compromised. Protecting beneficiaries' and providers' identifiers is critical because fraud perpetrators often use stolen beneficiary and/or physician identities to submit false claims. For example, OIG investigated fraudulent medical clinics in California that used stolen physician identifiers to falsely bill Medicare for equipment the physicians did not order and services the physicians did not render. The perpetrators pleaded guilty to Medicare fraud and the operation was shut down.

Integrity of EHRs and EHR Investments. Between 2009 and 2021, the Federal Government will spend over $20 billion on the Medicare and Medicaid EHR incentive programs. The Department must ensure that recipients of Medicare and Medicaid EHR incentive payments truly qualify for payment and that policies effectively promote desirable technological practices and outcomes. OIG found shortcomings in Medicaid agencies' ability to ensure the integrity of their EHR incentive programs and eligibility of providers receiving incentive payments. More than half of Medicare physicians currently use electronic health record systems. Beginning in 2015, the Department must implement Medicare payment reductions for physicians who cannot demonstrate meaningful use of certified EHR systems.

Finally, EHRs should facilitate more accurate billing and support better quality of care but, when misused, may promote fraudulent billing or inappropriate care. For example, cut-and-paste features and auto-fill templates can reduce paperwork burdens, but can also be misused to fabricate information, generating improper payments and corrupting patients' records with inaccurate and potentially dangerous information. Similarly, well-designed decision support tools can help physicians select the best care for their patients, but inappropriately designed decision support tools can promote waste and inappropriate care.

Progress in Addressing the Challenge

The Department has promulgated various rules that address privacy and security of patient information, encourage health care providers to use EHRs, and ensure that record systems are interoperable and facilitate accurate and secure exchange of information between authorized users. The Department has provided guidance to help covered entities comply with privacy and security rules mandated by the Health Insurance Portability and Accountability Act of 1996 and pursued enforcement actions against entities that have failed to do so.

The Department has also addressed, in limited ways, privacy and security matters in its regulations governing Medicare and Medicaid EHR incentive payments. The Department has developed and shared with the States a pre- and post-payment audit toolkit to help States verify eligibility for incentive payments under the Medicaid EHR program.

The Department has implemented numerous recommendations to make its own electronic data more secure. The Department has educated physicians on protecting their provider identifiers and preventing unauthorized individuals from using the physicians' credentials to order or bill for services. The Department established databases to track compromised beneficiary and provider identifiers and implemented a new remediation process to assist physicians whose identities were stolen and used to submit false bills to Medicare and Medicaid.

In addition, OIG has undertaken educational initiatives, including direct outreach by special agents and dissemination of an identity theft brochure, to help beneficiaries and providers protect themselves from medical identity theft.

What Needs To Be Done

The Department needs to heighten its focus on oversight and enforcement of privacy and security protections to ensure that health care providers and the Department's own systems and contractors effectively safeguard individuals' protected health and other sensitive personal information. This should entail continued compliance reviews to ensure adoption of adequate privacy and security standards. The Department should also increase protections for provider and beneficiary identifiers to prevent medical identity theft and better assist beneficiaries whose identifiers have been compromised.

The Department should also provide additional guidance on information technology security standards and best practices that the health care industry should adopt for EHRs. As providers increasingly claim financial incentives for adoption of electronic record and prescribing technologies, strict oversight, including prepayment verification and postpayment auditing, will be essential.

Management Issue 10: Fostering an Ethical and Transparent Environment

Why This Is a Challenge

Conflicts of interest in the health care system and in Government have been the subject of scrutiny by Congress, the medical community, and the media. With a heightened focus on transparency in the Federal Government and the imperative to use resources efficiently and appropriately, the Department must ensure that employees, grantees, and contractors are free of conflicts of interest or other ethics concerns. However, our work indicates that the Department can do more to ensure that ethics vulnerabilities and transparency issues related to potential conflicts of interest in the health care arena are identified and addressed.

OIG has found that the Department provides limited oversight of conflicts of interest of FDA clinical investigators, NIH grantees, and Federal employees. For example, in a 2011 report, OIG found that 56 percent of the HHS employees' conflict-of-interest waivers in our review were not documented as recommended in Governmentwide Federal ethics regulations, guidance, and the Secretary's instructions. In another review, we found that only 70 of 156 responding NIH grantee institutions had written policies and procedures for addressing institutional conflicts of interest (these policies are not required by law).

CMS continues to rely on an extensive network of contractors to perform essential program functions, and relationships among those contractors and their relationships with CMS raise potential concerns. For instance, OIG found that entities that applied to be CMS's ZPICs, referred to as "offerers, " often had business and contractual relationships with CMS and with CMS contractors performing other functions, such as Medicare claims processors. Offerors, subcontractors, and CMS identified 1,919 business and contractual relationships as involving possible conflicts and 16 as involving actual conflicts. CMS does not have a written policy for reviewing conflict and financial interest information submitted by offerors, and such information provided by offerors was not always consistent or complete. For example, some offerors and subcontractors failed to provide requisite information regarding financial interests in other entities, making a fully informed decision difficult, if not impossible.

Under the ACA, HHS has new responsibilities with respect to promoting transparency in the health care industry. For example, under section 6002, HHS will operate a "sunshine" database of information disclosed by applicable manufacturers and group purchasing organizations identifying financial relationships with physicians and teaching hospitals. The ACA also includes provisions that heighten transparency of hospital ownership, nursing facility ownership and management, drug sampling, and drug rebates, as well as provisions that foster more robust consumer information.

Progress in Addressing the Challenge

OGC has issued guidance concerning waivers to HHS component ethics officials as well as partially implemented a planned increase in both the number of waivers issued to Special Government Employees under 18 U.S.C. §208(b)(3) subject to preclearance by OGC and the scope of the review of such waivers.

To better address identified vulnerabilities related to FDA's clinical investigators FDA now requires companies applying to market drugs, devices, and biologics to submit a complete list of clinical investigators and either certify the absence of a financial conflict of interest or disclose the nature of the financial arrangement to FDA for each clinical investigator. Additionally, FDA updated the Compliance Program Guidance Manual chapter on clinical investigator inspections to help ensure that clinical investigators submit required financial information to sponsors.

Similarly, NIH has taken actions to address conflict-of-interest vulnerabilities identified among NIH grantees. For instance, NIH published a final rule on August 25, 2011, revising 1995 regulations covering financial conflicts of interest for investigators. It addresses a number of issues related to promoting objectivity in research and addresses an OIG recommendation to require grantee institutions to provide details regarding the nature of financial conflicts of interest and the ways in which they are managed, reduced, or eliminated. Additionally, CMS is drafting a standardized, formal written policy to evaluate potential organizational conflicts of interest.

What Needs To Be Done

To encourage an environment of transparency and accountability among contractors, OIG has recommended that CMS: (1) provide clearer guidance in the Request for Proposal to offerors and subcontractors regarding which business and contractual relationships should be identified as actual conflicts and which should be identified as possible conflicts; (2) require offerors and subcontractors to distinguish those business and contractual relationships that they deem to be actual conflicts from those that they deem to be possible conflicts; (3) state whether offerors and subcontractors need to report income amounts, periods of performance, and types of work performed for their contracts with CMS and income amounts generated from key personnel's other employment; (4) create a standardized format for reporting information in the Organizational Conflict of Interest Certificate and require its use by offerors and subcontractors; and (5) develop a formal written policy outlining how conflict-of-interest information provided by offerors should be reviewed by CMS staff.

OIG also recommended that NIH develop regulations governing institutional conflicts of interest, but the final rule did not address our concerns. Instead, in the final rule, NIH states that "[w]e continue to believe that further careful consideration is necessary before PHS [Public Health Service] regulations could be formulated that would address the subject of institutional conflict of interest..." OIG continues to recommend that NIH issue regulations requiring institutions to have a written policy on institutional conflicts. This would provide consistency and clarity to institutions.

The Department should ensure compliance with the Secretary's guidance on conflict-of-interest waivers and their documentation. The Department must issue final regulations and develop effective and efficient operational and technology structures to implement and administer the ACA transparency provisions, including the database required by ACA section 6002. In regard to implementation of section 6002 of the ACA, CMS continues to assess the requirements for this program. CMS should use the additional time it has built into the process by changing the start date for required data collection by applicable manufacturers and group purchasing organizations to January 1, 2013, enabling it to address operational and implementation issues.

---