The Department of Health and Human Services (HHS) Office of Inspector General (OIG) recently issued its annual report on solutions to reduce fraud, waste, and abuse in HHS programs. The report addresses the top 25 unimplemented recommendations that the OIG identified through audits and evaluations performed in accordance with the amended Inspector General Act of 1978. These recommendations are grouped together by HHS operating division and focus on improving cost savings, program effectiveness and efficiency, and public health and safety.
The OIG’s top 25 unimplemented recommendations include the following:
Centers for Medicare & Medicaid Services (CMS) – Medicare Parts A & B
- CMS should analyze the potential impacts of counting time spent as an outpatient toward the 3-night requirement for Skilled Nursing Facility (SNF) services so that beneficiaries receiving similar hospital care have similar access to these services.
- CMS should implement the statutory mandate requiring surety bonds for home health agencies that enroll in Medicare and consider implementing the requirement for other providers.
- CMS should continue to ensure that medical device-specific information is included on claim forms and require hospitals to use certain condition codes on claim forms for reporting device replacement procedures.
- CMS should seek statutory authority to establish additional remedies for hospices with poor performance.
- CMS should seek legislative authority to comprehensively reform the hospital wage index system.
- CMS should reevaluate the inpatient rehabilitation facility (IRF) payment system, which could include seeking legislative authority to make any changes necessary to more closely align IRF payment rates and costs.
- CMS should periodically review claims for replacement positive airway pressure device supplies and take remedial action for suppliers that consistently bill improperly.
- CMS should consider seeking legislative authority to implement least costly alternative policies for Part B drugs under appropriate circumstances.
CMS – Medicare Parts C & D
- CMS should collect comprehensive data from plan sponsors, including data on potential fraud and abuse, to improve its oversight of their efforts to identify and investigate potential fraud and abuse.
- CMS should require Medicare Advantage plans to include ordering and referring provider identifiers in their encounter data.
- CMS should strengthen oversight of Part D payments for compounded topical drugs to prevent fraud, waste, and abuse while maintaining appropriate access.
CMS – Medicaid
- CMS should ensure that national Medicaid data are complete, accurate, and timely.
- CMS and the Health Resources and Services Administration should ensure that states can pay correctly for 340B-purchased drugs billed to Medicaid, by requiring claim-level methods to identify 340B drugs and sharing the official 340B ceiling prices.
- CMS should require states to either enroll Personal Care Attendants (PCS) as providers or require PCS attendants to register with their state Medicaid agencies and assign each attendant a unique identifier.
- CMS should facilitate state Medicaid agencies’ efforts to screen new and existing providers by ensuring the accessibility and quality of Medicare’s enrollment data.
- CMS should improve MCOs’ identification and referral of cases of suspected fraud or abuse.
- CMS should develop policies and procedures to improve the timeliness of recovering Medicaid overpayments and uncollected amounts identified by OIG’s audits.
- CMS should re-evaluate the effects of the healthcare-related tax safe-harbor threshold and the associated 75/75 requirement to determine whether modifications are needed.
Administration for Children and Families (ACF)
- ACF should develop a comprehensive strategy to improve states’ compliance with requirements related to treatment planning and medication monitoring for children prescribed psychotropic medication.
Food and Drug Administration (FDA)
- FDA should ensure effective and timely processes for facility inspections and food recalls.
Indian Health Service (IHS)
- IHS should implement a quality-focused compliance program for IHS hospitals.
- IHS should assess the continuity of operations programs for all IHS facilities and ensure that each facility has a tested and viable program to respond to and recover from a range of disasters.
National Institutes of Health (NIH)
- NIH should require security training and security plans for principal investigators (PI) and entities and verify that they have fulfilled these requirements before granting them access to genomic data.
- HHS should address non-compliance with the Improper Payments Information Act, as amended, for programs deemed susceptible to significant improper payments.
- HHS should ensure that all future web application developments incorporate security requirements from an industry recognized web application security standard.
The OIG report is available at: