A new state audit reveals shortcomings in the procedure used to approve doctors and other providers offering services for patients on Medicaid, the state’s health system for the poor and disabled. Department of Health and Human Services procedures are “wide open for fraud,” State Auditor Beth Wood said.

The report, released Thursday by Wood’s office, shows a lack of documentation supporting the approval of providers whose applications had been flagged when questions arose during background checks.

“We’re sort of a pay-and-chase state,” Wood said, explaining that the state tries to make timely Medicaid payments but has to take the initiative to recapture the payments if providers fail to deliver promised services. A key way of preventing fraud would be to qualify providers before they were paid.

“If you can get the bad players out of the game early on, you don’t have to wait until later to get your money back,” Wood said. “We found that the system [DHHS has] in place is sorely deficient.”

The report quotes the federal Office of Inspector General emphasizing the importance of making sure providers are above board:

“Provider enrollment is the first line of defense in the fight against fraud and abuse. Keeping unqualified and unscrupulous providers from gaining access to Medicaid systems not only protects patients but also lowers administrative costs and protects program assets.”

The response by Dr. Aldona Wos, secretary of DHHS, generally agreed with the audit’s findings and recommendations. Even so, on at least four occasions, the audit said, “The Department response misleads the reader. …”

Another citation from Wood’s office chides DHHS, saying its response “minimizes the significance of the procedural weaknesses identified in this audit.”

Wos was scolded for stating, “I am pleased that [the Office of State Auditor] did not find any approved providers that were inappropriately enrolled in the North Carolina Medicaid Program.”

The audit notes that essential documentation and justification to determine the eligibility of providers didn’t always exist. As a result, it was difficult to verify whether many of the applications could be verified.

“Therefore, [the auditor’s office] and the division do not know if approximately 4,701 providers approved in 2012 were qualified,” the report says.

A department spokesman refused to comment about accusations that the department was misleading the public. The spokesman instead referred Carolina Journal to a previous statement from Kevin Howell, another department spokesman.

“The State Auditor did not find any approved providers that were inappropriately enrolled in the North Carolina Medicaid Program,” Howell said. “Most of the procedural weaknesses identified during 2012 have already been corrected as part of a larger effort to strengthen Medicaid operations across the board.

“As evidenced by Secretary Wos’ expansion of our internal audit staff, DHHS values audits that strengthen our processes and increase accountability.”

Wood said that state auditors were unable to replicate the approval process DHHS staff used to confirm that many providers were eligible to participate in Medicaid.

“There is no documentation that says how they took somebody with red flags and determined them to be a provider,” Wood said.

Wood said that the problem isn’t compliance with department policies, it’s the policies themselves.

“I just don’t think they get it,” Wood said. “[The department’s] policy is bad.”

A contractor, Computer Sciences Corporation Inc., provides much of the application review process for Medicaid providers. CSC received $4.6 million for the 2011-12 fiscal year and $5.3 million for the 2012-13 fiscal year.

The department and CSC use a number of lists when reviewing providers, including criminal background checks, along with state and federal databases of providers that have been cited for problems, such as fraud.

The state’s Medicaid program spends about $13.5 billion annually in federal and state funds.

The audit found:

• Deficiencies in the enrollment process increase the risk that unqualified providers will participate in the Medicaid program.

• Documentation supporting the applications of higher risk providers often is not available or insufficient to support approving the application.

• CSC’s enrollment review procedures do not provide reasonable assurance that only qualified providers are approved to participate in the state’s Medicaid program.

• CSC does not always have evidence supporting that mandatory verification checks were completed.

• Quality assurance reviews were not conducted or were ineffective.

• The contract with CSC lacks adequate performance measures holding it accountable for processing applications accurately and reliably.

Recommendations include setting specific evidence requirements for determining and documenting the eligibility of providers, requiring that documentation in the contract between the state and Computer Sciences Corporation Inc., and conducting systematic reviews of the enrollment process.

Barry Smith (@Barry_Smith) is an associate editor of Carolina Journal.