Traditionally, February is the time of the year when CMS releases the Medicare Part C and D performance audit process and protocols for the current audit year. However, 2016 will be different since the protocols were released in October 2015! This was largely due to the February 2015 protocols containing revisions that raised numerous questions and created many challenges for plans and CMS alike. Based upon audit experience and feedback from the industry, CMS re-issued the 2015 audit protocols with revisions last October and stated this version will remain in effect for 2016.
One of the most significant and welcomed revisions to the protocols are the modifications to the universe record layouts. These revisions provide plans with greater clarity and additional instructions needed to create the required audit universes. While these record layouts serve as a blueprint for universe creation, plans will still need to execute them. This will require re-programming of universes queries and comprehensive quality assurance testing. Many challenges lie ahead for plans such as interpreting the information within the record layouts, concatenating data from multiple systems, or manually consolidating data stored in multiple fields into a single field.
A critical aspect about universes that is continuing into 2016 is the “3-strikes” policy CMS created to pressure plans for accurate and timely universes. Failure to provide accurate and timely universes within the maximum three attempts will result in a new audit condition, “Invalid Data Submission” (IDS). Worth 1 audit point each, an IDS condition will be cited relative to every element that cannot be tested, creating the potential for a “snowball” effect for the rapid accumulation of audit points (fewer is better).
In the 2015 version, plans were required to submit a beneficiary impact analysis with each previously disclosed or self-identified issue. The multiple and different types of beneficiary impact analyses drew huge complaints from the industry. For 2016, CMS will only require an Impact Analysis (IA) for certain types of issues discovered during the audit. While this will cut down on the number of IA’s required at the beginning of an audit, plans must be ready to create one quickly during the audit using the template provided by CMS.
To test the seven elements of an effective compliance department in 2015, CMS required plans to submit five tracer samples, but they did not provide plans with a template for plans to follow until mid-way through the audit year. As a result, plans often struggled to create a comprehensive tracer sample. For 2016, key procedural updates to the Compliance Program Effectiveness (CPE) protocols include an increase in the number of tracer samples for review, modifications to the compliance interview process, and a CPE tracer template. However, compiling the information for a tracer sample can be quite complex and challenging, even with a template. In order to succeed, plans should routinely practice building tracer samples before receiving notice of an audit.
With corrective actions, civil monetary penalties, and other compliance actions levied by CMS for issues of non-compliance, plans must start preparing for an audit immediately. The latest publically available data on Part D audit results showed that over 70% of sponsors audited in 2014 received an enforcement action, including over $3.7 million in civil monetary penalties stemming from violations identified by CMS during the audit.
You can find more detailed information about the revised protocols and the potential impacts of your plan in my article titled, “Take 2: Revised Audit Protocols for Medicare Plans”. It appeared in the December 2015 issue of the American Journal of Pharmacy Benefits (AJPB).