Rolling the dice

According to the Department of Health and Human Services (HHS), Medicare Advantage (MA) enrollment is anticipated to grow 11 percent. Regardless of the politics behind the message, more beneficiaries than ever will be enrolled in MA products. Most organizations cannot keep up with all of CMS’ requirements. As evidenced in their best practice reviews of 5-star plans, no plan is perfect. Common findings included improper formulary administration, denial of transition fills, and lack of an effective monitoring and auditing system. These findings have a high impact on MA enrollees.

I, like other consultants, am often asked what the financial penalty is for non-compliance. While we have a reach into many clients and colleagues, the answer is not simple and we anticipate it never will be.

Within the last twelve months, for example, we have seen CMS impose financial penalties on organizations who did not comply with marketing requirements. We also know that some organizations have been subject to Immediate Correction is Required (ICARs). These are situations where CMS deems ICARs are necessary while the audit occurs or soon after the exit conference. It is a challenge to put a dollar amount on a situation where a department needs to drop everything and fix something immediately, as the ICAR must be completed within 72 hours. It’s one thing to update a work flow to ensure members are contacted about their Coverage Determinations; it is another thing entirely to re-vamp Part D claims payment logic.

Medicare Compliance Officers who attended CMS’ Compliance Officer Training in April have the list of compliance actions that CMS can take, in order of severity. To evaluate how those steps translate into dollars is not easy, but it’s just like many other things we interpret. Various suppressions and exclusions could be short or long term. A Corrective Action Plan could take weeks or months.

The moral of the story is: don’t let non-compliance get to that point. If an organization has an effective system to detect, correct, and prevent, then chances of enforcement actions are reduced. If one of the pitfalls is a lack of an effective monitoring and auditing system (whether due to expertise, outdated technology, or something else), consider it a high risk. The cost of this can roughly be translated into lower quality scores, CMS compliance actions, and poor retention, with membership going to well-performing counterparts. Why gamble when the stakes are that high?