The United States Department of Health and Human Services Office of the Inspector General (HHS OIG) recently released its Semiannual Report to Congress. Within the Report, HHS OIG noted that it expects to recover more than $3.44 billion in fiscal year 2023 from investigations into fraud and misspent funds in Medicare, Medicaid, and other government health programs.
The report referenced 707 criminal enforcement actions and 746 civil actions – including false claims, unjust-enrichment lawsuits, and civil monetary penalty settlements – from October 1, 2022, through September 30, 2023. During that same time period, HHS OIG banned more than 2,000 people and entities from participating in federal health care programs.
Psychotherapy Services
One issue that the report touched upon was that of billing psychotherapy services in Medicare – including care provided via telemedicine.
The report notes that for 84 of the 216 sampled enrollee days, providers met Medicare requirements. However, for 128 sampled enrollee days, providers did not meet these requirements (e.g., psychotherapy time was not documented) and for 54 sampled enrollee days, providers did not meet Medicare guidance (e.g., providers’ signatures were missing). HHS OIG did not review four sampled enrollee days and treated them as non-errors, as they were already part of other HHS OIG reviews.
According to the report, out of the $1 billion paid by Medicare, providers received $580 million in improper payments, including for failure to meet requirements for billing for psychotherapy services. The $580 million in improper payments included $348 million for virtual care/telemedicine.
Managed Care
The HHS OIG report also calls out managed care programs as an area of interest to the agency, noting that an “alarming area of abuse involves manipulation of managed care programs to maximize Medicare and Medicaid payments to insurance plan sponsors while minimizing care rendered to enrollees.” As Medicare and Medicaid enrollees increasingly rely on managed care, HHS-OIG plans to prioritize oversight and enforcement to ensure that managed care programs operate as intended.
Cybersecurity
Another area of concern is cybersecurity, as healthcare data breaches continue to increase and expose the sensitive information of patient health care records. Earlier this year, HHS OIG found multiple security controls at the Centers for Medicare and Medicaid Services (CMS) that were not running effectively, and that the agency also did not consistently identify threats that could lead to potential breaches.
COVID-19
As one might expect, only a few years out from the COVID-19 pandemic, there were still issues surrounding COVID-19 payments. For example, the Health Resources and Services Administration (HRSA) implemented a program to distribute funds to providers for COVID-19 testing and treatment for uninsured individuals. However, HHS OIG found that HRSA made payments to providers through that program for claims for COVID-19 testing and treatment services that did not comply with the federal requirements for program payment.
HHS OIG suggested that HRSA recover almost $300,000 in improper payments identified in the sample and identify additional improper payments, which HHS OIG estimated to be nearly $784 million.