The Office of the Inspector General (OIG) is responsible for protecting the integrity of the programs in Health and Human Services against fraud, waste and abuse as well as recommending improvements to the system that would promote efficiency and efficacy within the limits of the health care laws.   Although OIG oversight includes programs such as Center for Disease Control, Food and Drug Administration and National Institute of Health, more than three-quarters of OIG funding is designated to Center for Medicare and Medicaid Services (CMS) oversight. The OIG Workplan is key to identify the target areas of risk for that fiscal year.

Under the direction of the OIG and the continued success of task forces such as Health Enforcement Action Team (HEAT), expected recoveries for FY 2015 are more than $3 billion. In addition to returning monies to the CMS, over 4000 exclusions from participation in Federal Healthcare Programs have been mandated, almost a quarter of which include criminal actions.

As described in the Workplan, the OIG has set out to determine the legitimacy of the Medicare Incentive Payments for Electronic Health Records (EHRs), totaling more than $20 billion for 2011-2016.   Auditing of these meaningful users will likely include security analysis of their certified EHR. The OIG will also oversee CMS plans for corrective action related to any identified erroneous payments.

CMS management of ICD-10 implementation and transition will assess claims processing, re-submissions, appeals and medical reviews. These first 12 months have allowed for some leniency with providers billing under Part B fee schedule regarding the specificity of the diagnosis code as long as it falls in the correct “family” of codes. The OIG will determine if certain chiropractic, physical therapy, sleep -testing, anesthesia, imaging and laboratory services as well as physician home visits met “reasonable and necessary” requirements for Medicare reimbursement.

Due to the history of over $1 billion in Medicare overpayments and/or fraud from Home Health Agencies, any newly enrolled HHAs will now be considered high- risk providers by CMS. Other post acute care facilities (SNF, IRF, and LTCHs) which account for a large percentage of Medicare costs will be evaluated for meeting admissions criteria and quality of care and safety requirements. Hospices will be under review for compliance with federal regulations regarding Medicare conditions of Participation (CoP).

Hospital billing and payments continue to come under scrutiny by the OIG for many different claims such as mechanical ventilation, duplicative graduate medical education payments, non-covered dental services, IMRT services and unsubstantiated diagnoses of kwashiorkor, a form of severe protein malnutrition not typically found in the United States.   Another significant risk area for hospitals related to the HIPAA Security Rule is contingency planning and disaster recovery of their EHR.

In their continued effort to combat fraud, waste and abuse, the OIG has reiterated the enforcement of the whistleblower protections. The Recovery Act extends this whistleblower protection to employees who report misuse of funds and fear retaliation by the employer. Any credible allegations of reprisals against employees will prompt criminal investigations.