[Federal Register: April 6, 2004 (Volume 69, Number 66)]
[Notices]
[Page 18083-18085]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr06ap04-113]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Centers for Medicare & Medicaid Services
Privacy Act of 1974; Computer Matching Program (Match No. 2003-
02)
AGENCY: Centers for Medicare & Medicaid Services (CMS), Department of
Health and Human Services (HHS).
ACTION: Notice of Computer Matching Program (CMP).
-----------------------------------------------------------------------
SUMMARY: In accordance with the requirements of the Privacy Act of
1974, as amended, this notice announces the establishment of a CMP that
CMS plans to conduct with the Texas Health and Human Services
Commission (HHSC). We have provided background information about the
proposed matching program in the SUPPLEMENTARY INFORMATION section
below. Although the Privacy Act requires only that CMS provide an
opportunity for interested persons to comment on the proposed matching
program, CMS invites comments on all portions of this notice. See
EFFECTIVE DATES section below for comment period.
EFFECTIVE DATES: CMS filed a report of the CMP with the Chair of the
House Committee on Government Reform and Oversight, the Chair of the
Senate Committee on Governmental Affairs, and the Administrator, Office
of Information and Regulatory Affairs, Office of Management and Budget
(OMB) on March 23, 2004. We will not disclose any information under a
matching agreement until 40 days after filing a report to OMB and
Congress or 30 days after publication. We may defer implementation of
this matching program if we receive comments that persuade us to defer
implementation.
ADDRESSES: The public should address comments to: Director, Division of
Privacy Compliance Data Development (DPCDD), Enterprise Databases
Group, Office of Information Services, CMS,
[[Page 18084]]
Mail stop N2-04-27, 7500 Security Boulevard, Baltimore, Maryland 21244-
1850. Comments received will be available for review at this location,
by appointment, during regular business hours, Monday through Friday
from 9 a.m.-3 p.m., eastern daylight time.
FOR FURTHER INFORMATION CONTACT: Lourdes Grindal Miller, Health
Insurance Specialist, Centers for Medicare & Medicaid Services, Office
of Financial Management, Program Integrity Group, Mail-stop C3-02-16,
7500 Security Boulevard, Baltimore Maryland 21244-1850. The telephone
number is (410) 786-1022 and e-mail is lgrindalmiller@cms.hhs.gov.
SUPPLEMENTARY INFORMATION:
I. Description of the Matching Program
A. General
The Computer Matching and Privacy Protection Act of 1988 (Public
Law (Pub. L.) 100-503), amended the Privacy Act (5 U.S.C. 552a) by
describing the manner in which computer matching involving Federal
agencies could be performed and adding certain protections for
individuals applying for and receiving Federal benefits. Section 7201
of the Omnibus Budget Reconciliation Act of 1990 (Pub. L. 100-508)
further amended the Privacy Act regarding protections for such
individuals. The Privacy Act, as amended, regulates the use of computer
matching by Federal agencies when records in a system of records are
matched with other Federal, state, or local government records. It
requires Federal agencies involved in computer matching programs to:
1. Negotiate written agreements with the other agencies
participating in the matching programs;
2. Obtain the Data Integrity Board approval of the match
agreements;
3. Furnish detailed reports about matching programs to Congress and
OMB;
4. Notify applicants and beneficiaries that the records are subject
to matching; and,
5. Verify match findings before reducing, suspending, terminating,
or denying an individual's benefits or payments.
B. CMS Computer Matches Subject to the Privacy Act
CMS has taken action to ensure that all CMPs that this Agency
participates in comply with the requirements of the Privacy Act of
1974, as amended.
Dated: March 23, 2004.
Dennis Smith,
Acting Administrator, Centers for Medicare & Medicaid Services.
Computer Match No. 2003-02
NAME:
``Computer Matching Agreement Between the Centers for Medicare &
Medicaid Services (CMS) and the State of Texas Health and Human
Services Commission (HHSC) for Disclosure of Medicare and Medicaid
Information.''
SECURITY CLASSIFICATION:
Level Three Privacy Act Sensitive
PARTICIPATING AGENCIES:
The Centers for Medicare & Medicaid Services, and State of Texas
Health and Human Services Commission
AUTHORITY FOR CONDUCTING MATCHING PROGRAM:
This CMA is executed to comply with the Privacy Act of 1974 (Title
5 United States Code (U.S.C.) 552a), (as amended by Public Law (Pub.
L.) 100-503, the Computer Matching and Privacy Protection Act (CMPPA)
of 1988), the Office of Management and Budget (OMB) Circular A-130,
titled ``Management of Federal Information Resources'' at 65 Federal
Register (FR) 77677 (December 12, 2000), and OMB guidelines pertaining
to computer matching at 54 FR 25818 (June 19, 1989).
This Agreement provides for information matching fully consistent
with the authority of the Secretary of the Department of Health and
Human Services (Secretary). Section 1816 of the Social Security Act
(the Act) permits the Secretary to contract with fiscal intermediaries
to ``make such audits of the records of providers as may be necessary
to insure that proper payments are made under this part,'' and to
``perform such other functions as are necessary to carry out this
subsection'' (42 U.S.C. 1395h (a)).
Section 1842 of the Act provides that the Secretary may contract
with entities known as carriers to ``make such audits of the records of
providers of services as may be necessary to assure that proper
payments are made'' (42 U.S.C. 1395u(a)(1)(C)); ``assist in the
application of safeguards against unnecessary utilization of services
furnished by providers of services and other persons to individuals
entitled to benefits'' (42 U.S.C. 1395u(a)(2)(B)); and ``to otherwise
assist * * * in discharging administrative duties necessary to carry
out the purposes of this part'' (42 U.S.C. 1395u(a)(4)).
Furthermore, section 1874(b) of the Act authorizes the Secretary to
contract with any person, agency, or institution to secure on a
reimbursable basis such special data, actuarial information, and other
information as may be necessary in the carrying out of his functions
under this title (42 U.S.C. 1395kk(b)).
Section 1893 of the Act establishes the Medicare Integrity Program,
under which the Secretary may contract with eligible entities to
conduct a variety of program safeguard activities, including fraud
review employing equipment and software technologies that surpass the
existing capabilities of Fiscal Intermediaries and carriers (42 U.S.C.
1395ddd)). The contracting entities are called Program Safeguards
Contractors (PSC).
HHSC is charged with the administration of the Medicaid program in
Texas and is the single state agency for such purpose (Texas Government
Code (TGC) 531.021). HHSC may act as an agent or representative of the
Federal government for any purpose in furtherance of HHSC's functions
or administration of the Federal funds granted to the state (TGC
531.021). In Texas, HHSC provides qualifying individuals with health
care and related remedial or preventive services, including both
Medicaid services and services authorized under state law that are not
provided under Federal law. The program to provide all such services is
known as the Texas Medical Assistance Program. (TGC 531.021).
HHSC's disclosure of the Texas Medicaid Program (TMP) data pursuant
to this agreement is for purposes directly connected with the
administration of the TMP program, in compliance with Texas Human
Resources Code sections 12.003 and 21.012, and CFR 431.300 through
431.307. Those purposes are the detection, prosecution and deterrence
of fraud and abuse (F&A) in the TMP, and the enforcement of state law
relating to the provisions of program services (TGC 531.102).
PURPOSE (S) OF THE MATCHING PROGRAM:
The purpose of this agreement is to establish the conditions,
safeguards, and procedures under which the Centers for Medicare &
Medicaid Services (CMS) will conduct a computer matching program with
the State of Texas Health and Human Services Commission (HHSC) to study
claims, billing, and eligibility information to detect suspected
instances of Medicare and Medicaid fraud and abuse (F&A) in the State
of Texas. CMS and HHCS will provide TriCenturion, a CMS contractor
(hereinafter referred to as the
[[Page 18085]]
``Custodian''), with Medicare and Medicaid records pertaining to
eligibility, claims, and billing which the Custodian will match in
order to merge the information into a single database. Utilizing fraud
detection software, the information will then be used to identify
patterns of aberrant practices requiring further investigation. The
following are examples of the type of aberrant practices that may
constitute F&A by practitioners, providers, and suppliers in the State
of Texas expected to be identified in this matching program: (1)
billing for provisions of more than 24 hours of services in one day,
(2) providing treatment and services in ways more statistically
significant than similar practitioner groups, and (3) up-coding and
billing for services more expensive than those actually performed.
DESCRIPTION OF RECORDS TO BE USED IN THE MATCHING PROGRAM:
The release of the data for CMS are maintained in the following
SOR: National Claims History (NCH), System No. 09-70-0005 was most
recently published in the Federal Register, at 67 FR 57015 (September
6, 2002). NCH contains records needed to facilitate obtaining Medicare
utilization review data that can be used to study the operation and
effectiveness of the Medicare program. Matched data will be released to
HHSC pursuant to the routine use as set forth in the system notice.
Carrier Medicare Claims Record, System No. 09-70-0501 published in
the Federal Register at 67 FR 54428 (August 22, 2002). Matched data
will be released to HHSC pursuant to the routine use as set forth in
the system notice.
Enrollment Database, System No. 09-70-0502 (formerly known as the
Health Insurance Master Record) published at 67 FR 3203 (January 23,
2002). Matched data will be released to HHSC pursuant to the routine
use set forth in the system notice.
Intermediary Medicare Claims Record, System No. 09-70-0503
published in the Federal Register at 67 FR 65982 (October 29, 2002).
Matched data will be released to HHSC pursuant to the routine use as
set forth in the system notice.
Unique Physician/Provider Identification Number (formerly known as
the Medicare Physician Identification and Eligibility System), System
No. 09-70-0525, was most recently published in the Federal Register at
53 FR 50584 (Dec 16, 1988). Matched data will be released to HHSC
pursuant to the routine use as set forth in the system notice.
Medicare Supplier Identification File, System No. 09-70-0530 was
most recently published in the Federal Register, at 67 FR 48184 (July
23, 2002). Matched data will be released to HHSC pursuant to the
routine use as set forth in the system notice.
Medicare Beneficiary Database, System No. 09-70-0536 published in
the Federal Register at 67 FR 63392 (December 6, 2001). Matched data
will be released to HHSC pursuant to the routine use as set forth in
the system notice.
The data for HHSC are maintained in the following data files: The
data that the Texas Medicaid Fraud and Abuse Detection System (MFADS)
receives from the acute care claims processor comprises over 320 files.
These files include not only the claims data, but also all other data
necessary to process the claim such as client, provider, and reference
information. The Texas Medicaid claims administrator vendor utilizes a
real-time transaction processing system to adjudicate the claims and
therefore, has organized the data to facilitate efficient transaction
processing. This data organization results in the data being parsed out
over a number of data tables. It is these data tables that are
extracted for processing by the MFADS. As these files are received,
they are organized or reassembled into an Oracle relational database to
support access using the MFADS tools.
In addition to the organization of the data, there are numerous
updates that take place during the monthly load process. The monthly
acute extracts that are received contain data that has finalized during
the month. Therefore, these files must be applied to the multi-year
database, changing some of the data through an update process as well
as adding additional records. It is due to these reasons that the data
will be extracted from the MFADS database rather than from incoming
data sources. All or part of these elements may be used in this data-
matching program.
INCLUSIVE DATES OF THE MATCH:
The CMP shall become effective no sooner than 40 days after the
report of the Matching Program is sent to OMB and Congress, or 30 days
after publication in the Federal Register, which ever is later. The
matching program will continue for 18 months from the effective date
and may be extended for an additional 12 months thereafter, if certain
conditions are met.
[FR Doc. 04-7630 Filed 4-5-04; 8:45 am]
BILLING CODE 4120-03-P