State Medicaid Fraud Control Units; Data Mining, 14637-14641 [2011-6012]

Download as PDF WReier-Aviles on DSKGBLS3C1PROD with PROPOSALS-1 Federal Register / Vol. 76, No. 52 / Thursday, March 17, 2011 / Proposed Rules • E-mail: a-and-r-docket@epa.gov. Attention Docket ID Number EPA–HQ– OAR–2004–0305. • Fax: (202) 566–9744. Attention Docket ID Number EPA–HQ–OAR– 2004–0305. • Mail: U.S. Postal Service, send comments to: EPA Docket Center (6102T), EPA West (Air Docket), Attention Docket ID Number EPA–HQ– OAR–2004–0305, U.S. Environmental Protection Agency, Mailcode 2822T, 1200 Pennsylvania Ave., NW., Washington, DC 20460. Please include a total of two copies. In addition, please mail a copy of your comments on the information collection provisions to the Office of Information and Regulatory Affairs, Office of Management and Budget, Attn: Desk Officer for EPA, 725 17th St., NW., Washington, DC 20503. • Hand Delivery: U.S. Environmental Protection Agency, EPA West (Air Docket), Room 3334, 1301 Constitution Avenue, NW., Washington, DC 20004, Attention Docket ID Number EPA–HQ– OAR–2004–0305. Such deliveries are only accepted during the Docket’s normal hours of operation, and special arrangements should be made for deliveries of boxed information. Please include a total of two copies. Instructions: Direct your comments to Docket ID No. EPA–HQ–OAR–2004– 0305. EPA’s policy is that all comments received will be included in the public docket without change and may be made available online at http:// www.regulations.gov, including any personal information provided, unless the comment includes information claimed to be Confidential Business Information (CBI) or other information whose disclosure is restricted by statute. Do not submit information that you consider to be CBI or otherwise protected through http:// www.regulations.gov or e-mail. The http://www.regulations.gov Web site is an ‘‘anonymous access’’ system, which means EPA will not know your identity or contact information unless you provide it in the body of your comment. If you send an e-mail comment directly to EPA without going through http:// www.regulations.gov, your e-mail address will be automatically captured and included as part of the comment that is placed in the public docket and made available on the Internet. If you submit an electronic comment, EPA recommends that you include your name and other contact information in the body of your comment and with any disk or CD–ROM you submit. If EPA cannot read your comment due to technical difficulties and cannot contact you for clarification, EPA may not be able to consider your comment. VerDate Mar<15>2010 14:47 Mar 16, 2011 Jkt 223001 Electronic files should avoid the use of special characters, any form of encryption, and be free of any defects or viruses. Docket: All documents in the docket are listed in the http:// www.regulations.gov index. Although listed in the index, some information is not publicly available, e.g., CBI or other information whose disclosure is restricted by statute. Certain other material, such as copyrighted material, will be publicly available only in hard copy. Publicly available docket materials are available either electronically in http:// www.regulations.gov or in hard copy at the EPA Docket Center, EPA West, Room 3334, 1301 Constitution Ave., NW., Washington, DC. The Public Reading Room is open from 8:30 a.m. to 4:30 p.m., Monday through Friday, excluding legal holidays. The telephone number for the Public Reading Room is (202) 566–1744, and the telephone number for the Docket Center is (202) 566–1742. FOR FURTHER INFORMATION CONTACT: Questions concerning the proposed rule should be addressed to Mr. Nathan Topham, Office of Air Quality Planning and Standards, Sector Policies and Programs Division, Metals and Inorganic Chemicals Group (D243–02), Environmental Protection Agency, Research Triangle Park, NC 27711, telephone number: (919) 541–0483; fax number: (919) 541–3207; e-mail address: topham.nathan@epa.gov. For the reasons noted above, the public comment period will now end on April 19, 2011. SUPPLEMENTARY INFORMATION: How can I get copies of the proposed rule and other related information? The proposed rule titled, National Emission Standards for Hazardous Air Pollutants: Primary Lead Smelting, was published February 17, 2011 (76 FR 9410). EPA has established the public docket for the proposed rulemaking under docket ID No. EPA–HQ–OAR– 2004–0305, and a copy of the proposed rule is available in the docket. We note that, since the proposed rule was published, additional materials have been added to the docket. Information on how to access the docket is presented above in the ADDRESSES section. Dated: March 10, 2011. Gina McCarthy, Assistant Administrator. [FR Doc. 2011–6218 Filed 3–16–11; 8:45 am] BILLING CODE 6560–50–P PO 00000 Frm 00046 Fmt 4702 Sfmt 4702 14637 DEPARTMENT OF HEALTH AND HUMAN SERVICES Office of Inspector General 42 CFR Part 1007 [OIG–1203–P] State Medicaid Fraud Control Units; Data Mining Office of Inspector General (OIG), HHS. ACTION: Proposed rule. AGENCY: This proposed rule amends a provision in HHS regulations that prohibits State Medicaid Fraud Control Units (MFCU) from using Federal matching funds to identify fraud through screening and analyzing State Medicaid claims data, known as data mining. To support and modernize MFCU efforts to effectively pursue Medicaid provider fraud, we propose to permit Federal Financial Participation (FFP) in the costs of defined data mining activities under specified conditions. In addition, we propose that MFCUs annually report the costs and results of approved data mining activities to OIG. DATES: To ensure consideration, public comments must be delivered to the address provided below no later than 5 p.m. on May 16, 2011. ADDRESSES: In commenting, please refer to file code OIG–1203–P. Because of staff and resource limitations, we cannot accept comments by facsimile (FAX) transmission. You may submit comments in one of three ways (please choose only one of the ways listed): 1. Electronically. You may submit electronic comments on specific recommendations and proposals through the Federal eRulemaking Portal at http://www.regulations.gov. (Attachments should be in Microsoft Word, if possible.) 2. By regular, express, or overnight mail. You may send written comments to the following address: Office of Inspector General, Department of Health and Human Services, Attention: OIG– 1203–P, Room 5541, Cohen Building, 330 Independence Avenue, SW., Washington, DC 20201. Please allow sufficient time for mailed comments to be received before the close of the comment period. 3. By hand or courier. If you prefer, you may deliver, by hand or courier, your written comments before the close of the comment period to Office of Inspector General, Department of Health and Human Services, Cohen Building, SUMMARY: E:\FR\FM\17MRP1.SGM 17MRP1 14638 Federal Register / Vol. 76, No. 52 / Thursday, March 17, 2011 / Proposed Rules 330 Independence Avenue, SW., Washington, DC 20201. Because access to the interior of the Cohen Building is not readily available to persons without Federal Government identification, commenters are encouraged to schedule their delivery with one of our staff members at (202) 619–1343. For information on viewing public comments, please see the SUPPLEMENTARY INFORMATION section. FOR FURTHER INFORMATION CONTACT: Richard Stern, Department of Health & Human Services, Office of Inspector General, (202) 619–0480. SUPPLEMENTARY INFORMATION: Inspection of Public Comments: All comments received before the end of the comment period are available for viewing by the public, including any personally identifiable or confidential business information that is included in a comment. All comments will be posted on http://www.regulations.gov as soon as possible after they have been received. Comments received timely will also be available for public inspection as they are received, generally beginning approximately 3 weeks after publication of a document, at Office of Inspector General, Department of Health and Human Services, Cohen Building, 330 Independence Avenue, SW., Washington, DC 20201, Monday through Friday of each week from 10 a.m. to 5 p.m. To schedule an appointment to view public comments, phone (202) 619–1368. WReier-Aviles on DSKGBLS3C1PROD with PROPOSALS-1 I. Background In 1977, the Medicare-Medicaid AntiFraud and Abuse Amendments (Pub. L. 95–142) were enacted to strengthen the capability of the Government to detect, prosecute, and punish fraudulent activities under the Medicare and Medicaid programs. Section 17(a) of the statute amended section 1903(a) of the Social Security Act (the Act) to provide for Federal participation in the costs attributable to establishing and operating an MFCU. The requirements for operating an MFCU appear at section 1903(q) of the Act. Regulations implementing the MFCU authority appear at 42 CFR part 1007 and were promulgated in 1978. Section 1903(a)(6) of the Act requires the Secretary of Health and Human Services (the Secretary) to pay FFP to a State for MFCU costs ‘‘found necessary by the Secretary for the elimination of fraud in the provision and administration of medical assistance provided under the State plan.’’ Under the section, States receive 90 percent FFP for an initial 3 year period for the VerDate Mar<15>2010 14:47 Mar 16, 2011 Jkt 223001 costs of establishing and operating a MFCU, including the costs of training, and 75 percent FFP thereafter. Presently, all States with MFCUs receive FFP at a 75 percent rate. General administrative costs of operating a State Medicaid program are reimbursed at a rate of 50 percent, although enhanced FFP rates are available for other activities, including those associated with Medicaid management information systems (MMIS). To increase MFCU effectiveness in eliminating Medicaid fraud, we propose to modify an existing prohibition on the payment of FFP for activities generally known as ‘‘data mining.’’ We discuss the reasons for this proposed modification below. For the purposes of this proposed rule, we are using the term ‘‘data mining’’ to refer specifically to the practice of electronically sorting Medicaid claims through statistical models and intelligent technologies to uncover patterns and relationships contained within the Medicaid claims activity and history to identify aberrant utilization and billing practices that are potentially fraudulent. Routine program monitoring activities, including data mining, are conducted through analysis of Medicaid data and have historically been the responsibility of each State Medicaid agency. This practice places the sole burden of identifying potentially fraudulent practices based on this type of analysis on the State Medicaid agencies and requires the MFCUs to remain highly dependent on referrals from State Medicaid agencies and other external sources. While MFCUs may have access to Medicaid data, which currently may be used for the purposes of individual case development, they do not have the authority to claim FFP to conduct data mining to identify potential Medicaid fraud and, therefore, are limited to relying on referrals from State Medicaid agencies based on the State agencies’ analysis methods, tools, and techniques. Many MFCUs work actively with a variety of State agencies and private referral sources, such as individual providers and private citizens, to identify possible fraud or cases of patient abuse and neglect and to undertake detection activities. We believe that amending the existing regulation to permit FFP in data mining activities will be an efficient use of available resources. At the Federal level, analysis of claims data has increased OIG’s effectiveness in deploying law enforcement resources and proactively identifying suspected fraud. Using data analysis, Medicare Fraud Strike Forces PO 00000 Frm 00047 Fmt 4702 Sfmt 4702 operated by HHS and the U.S. Department of Justice have identified seven ‘‘hot spots’’ based on high indicators of fraud against the Medicare program. The Strike Forces analyze Medicare data to identify unexplained high-billing levels in concentrated areas so that interagency teams can target emerging or migrating schemes along with chronic fraud. By using data mining and other law enforcement tools to efficiently focus Federal law enforcement activities, Medicare Fraud Strike Force efforts have resulted in hundreds of criminal charges, convictions and more than $355 million in court-ordered restitutions, fines and penalties for fraud against the Medicare program since 2007. We could not attribute these results directly to use of data mining and data analysis techniques alone. Moreover, we would not expect individual State MFCUs to produce results comparable to the combined efforts of HHS and DOJ in a high priority national Medicare investigative and prosecutorial effort. However, we anticipate that data mining by MFCUs at the State level could enhance the MFCU’s ability to counter new and existing fraud schemes by more effectively identifying early fraud indicators. In addition, data mining would equip MFCUs with more modern tools that have been shown at the Federal level to help increase the numbers of credible investigative leads, pursue recoveries, and detect emerging fraud and abuse schemes and trends. The 1978 publication of the final rule now codified in 42 CFR part 1007 addressed in some detail the relationship between the MFCUs and the State Medicaid agency. In response to a comment that MFCUs should be responsible for the ‘‘investigation of non-fraudulent program abuse,’’ the preamble to the final rule noted that functions such as ‘‘claims processing, utilization control and other reviews or analysis’’ are already subject to incentive funding as part of the mechanized claims processing systems operated by the State Medicaid agency (43 FR 32078, 32080–32081 (July 24, 1978)). The preamble stated that ‘‘there is no indication that Congress intended an overlap of funding for such matters’’ (43 FR 32081). Data mining is one such function that may be conducted as part of the State Medicaid agency’s mechanized claims processing system and is subject to Federal reimbursement received by State Medicaid agencies. Since issuance of the 1978 rule, tools and methods for identifying aberrant patterns in claims data have advanced significantly and become more widely available. At the same time, health care E:\FR\FM\17MRP1.SGM 17MRP1 WReier-Aviles on DSKGBLS3C1PROD with PROPOSALS-1 Federal Register / Vol. 76, No. 52 / Thursday, March 17, 2011 / Proposed Rules fraud schemes have become more sophisticated. Use of data mining technology is a strategy that is routinely used by law enforcement agencies to identify billing patterns and provider linkages that may have been previously undetected with traditional methods of claims review. We believe that allowing MFCUs the ability to receive funding for use of sophisticated data mining technology would allow them to marshal their resources more effectively and take full advantage of their expertise in detecting and investigating Medicaid fraud. It would also allow the MFCUs to operate without relying solely on individual case referrals from a Medicaid program integrity unit or from other sources. ‘‘Review contractors’’ selected by the CMS Medicaid Integrity Group also may perform data mining as part of their activities. Therefore, MFCUs that receive approval to conduct data mining as part of their respective memorandums of understanding would need to coordinate their activities both with State Medicaid agencies and the review contractors. All review contractors already operate under a ‘‘Joint Operating Agreement’’ with each of the States in which they are operating. Review contractors are also required to share with MFCUs, as well as with other interested law enforcement or oversight agencies, the algorithms they are using and the identity of any targets that are identified as a result of their data mining activities. A 2007 OIG study identified variability among States in the level of cooperation in identifying cases of potential fraud and in the number and quality of referrals from State Medicaid agencies to MFCUs (Suspected Medicaid Fraud Referrals, OEI–07–04–00181, January 2007). Based on the variability found in this study, we believe that allowing MFCUs to claim FFP to conduct data mining, performed in cooperation with the State Medicaid agencies, would reduce such variability and increase the level of referrals in some States. We believe that three elements are critical to ensuring the effective use of data mining by MFCUs. First, we believe that MFCUs and State Medicaid agencies must fully coordinate the MFCUs’ use of data mining and the identification of possible provider fraud. For example, MFCUs should not pursue fraud investigations without determining whether the State Medicaid agency is considering an overpayment or other administrative action for the same provider. Second, programmatic changes (for example, changes in billing VerDate Mar<15>2010 14:47 Mar 16, 2011 Jkt 223001 codes) may result in certain data appearing aberrant when in fact they are not. In such situations, MFCU staff conducting data mining would need to rely on the programmatic knowledge of State Medicaid agency staff to appropriately identify possible instances of fraud. Third, we believe that MFCU staff would need to be properly trained in data mining techniques. For these reasons, we are proposing to include additional language in 42 CFR section 1007.20 that establishes the following conditions under which an MFCU may claim FFP in costs of data mining: (1) The MFCU describes the duration of the data mining activity and the amount of staff time to be expended; (2) the MFCU identifies the methods of cooperation between the MFCU and Medicaid agency, and between the MFCU and review contractors selected by the CMS Medicaid Integrity Group; and (3) MFCU employees engaged in data mining receive specialized training in data mining techniques. We are also proposing that the agreement between the MFCU and Medicaid agency, required under section 1007.9(d) of the regulations, describe how the MFCU will satisfy these conditions and that OIG, as the oversight agency for the MFCUs, must approve this part of the agreement. OIG would review and approve proposed agreements in consultation with CMS. FFP will only be available to those States that satisfy the conditions at section 1007.20 and receive approval from OIG. Including the terms of an MFCU’s data mining in the existing agreement with the Medicaid agency would be logical and efficient. Data mining has been the traditional province of State Medicaid agencies and depends upon access to data maintained by the Medicaid agencies. Thus, data mining requires unique coordination of the resources and expertise of both an MFCU and a State Medicaid agency to avoid duplication and to leverage each agency’s resources. We do not intend that this coordination, as part of the agreement between the agencies, interfere with an MFCU’s independence or its separate and distinct identity. As before, a Medicaid agency may not provide ongoing scrutiny or review of an MFCU’s data mining activities and under no circumstances would a State Medicaid agency be able to prevent or prohibit an MFCU from initiating, carrying out or completing an investigation or prosecution that may result from data mining. We are also proposing to add a provision that requires those MFCUs approved to claim FFP and engage in PO 00000 Frm 00048 Fmt 4702 Sfmt 4702 14639 data mining to include the following information in their annual report: Costs associated with expenditures attributed to data mining activities; the number of cases generated from those data mining activities; the outcome and status of those cases; and monetary recoveries resulting from those activities. This information will be used by OIG in conducting its oversight and monitoring of the MFCUs. II. Provisions of the Proposed Regulation Federal regulations at 42 CFR 1007.19(e)(2) specify that State MFCUs are prohibited from using Federal matching funds to conduct ‘‘efforts to identify situations in which a question of fraud may exist, including the screening of claims, analysis of patterns of practice, or routine verification with recipients of whether services billed by providers were actually received.’’ The prohibition on Federal matching for ‘‘screening of claims [and] analysis of patterns of practice’’ is commonly interpreted as a prohibition on Federal matching for the costs of data mining by MFCUs. We propose to amend section 1007.19(e) to provide for an exception to this general prohibition on FFP under conditions described in new section 1007.20. We propose to add a new section 1007.20 that would describe the conditions under which the Federal share of data mining costs would be available to MFCUs. We would also amend section 1007.1 (Definitions) by adding a definition of data mining for the purposes of this rule. Finally, the proposed rule would amend 42 CFR section 1007.17 (Annual Report) to include additional reporting requirements by MFCUs to capture costs associated with expenditures attributed to data mining activities; the number of cases generated from those data mining activities; the outcome and status of those cases; and monetary recoveries resulting from those activities. III. Regulatory Impact Statement A. Regulatory Analysis We have examined the impacts of this proposed rule as required by Executive Order 12866, the Unfunded Mandates Reform Act of 1995, and the Regulatory Flexibility Act of 1980 (RFA) (Pub. L. 96–354). Executive Order 12866 Executive Order 12866 directs agencies to assess all costs and benefits of available regulatory alternatives and, when regulation is necessary, to select regulatory approaches that maximize E:\FR\FM\17MRP1.SGM 17MRP1 WReier-Aviles on DSKGBLS3C1PROD with PROPOSALS-1 14640 Federal Register / Vol. 76, No. 52 / Thursday, March 17, 2011 / Proposed Rules net benefits (including potential economic, environmental, public health, and safety effects; distributive impacts; and equity). A regulatory impact analysis must be prepared for major rules with economically significant effects ($100 million or more in any given year). Since this proposed regulation will not have a significant effect on program expenditures and as there are no additional substantive costs to implement the resulting provision, we do not consider this to be a major rule. The proposed rule would allow MFCUs to obtain Federal matching funds to conduct data mining in efforts to detect potential fraudulent activity. We believe that the aggregate economic impact of this rule will be minimal and will have no significant effect on the economy or on Federal or State expenditures. However, since MFCUs have until this year not conducted data mining, we have only limited information about costs and benefits at the State level. One State MFCU, Florida, received approval from the Secretary of Health and Human Services to conduct data mining as a demonstration project under section 1115 of the Social Security Act that commenced on August 1, 2010. Any economic impact from reimbursing State MFCU data mining activities will likely result in savings of both State and Federal dollars. For the MFCU community as a whole, the return on investment from MFCU activities (calculated from the ratio of total reported dollar value of civil and criminal recoveries to the total dollar value of Federal and State expenditures for all MFCUs) exceeded 6.0 for the last 3 available years, Federal Fiscal Years (FYs) 2007, 2008, and 2009. This ratio does not reflect the considerable output of the MFCUs related to their criminal prosecutions that do not result in monetary recoveries, including more than 1,200 criminal convictions for each of FYs 2007, 2008, and 2009. We anticipate that the return on investment from data mining activities by the MFCUs will enhance the ability of MFCUs to effectively target and deploy existing enforcement resources, which is expected to result in increased numbers of enforcement actions and recoveries. To the extent that there is any economic impact, that impact will likely result in savings of Federal and State dollars. Unfunded Mandates Reform Act Title II of the Unfunded Mandates Reform Act of 1995 (UMRA) (2 U.S.C. 1531–1538) establishes requirements for Federal agencies to assess the effects of VerDate Mar<15>2010 14:47 Mar 16, 2011 Jkt 223001 their regulatory actions on State, local, and tribal governments and the private sector. Under UMRA, before issuing any rule that may result in costs greater than $110 million to State, local, or tribal governments, in the aggregate, or to the private sector, agencies must assess the rule’s anticipated costs and benefits. This proposed rule does not impose any Federal mandates on any State, local, or tribal government or the private sector within the meaning of UMRA, and thus, a full analysis under UMRA is not necessary. Regulatory Flexibility Act The Regulatory Flexibility Act (RFA) (5 U.S.C. 601 et seq.) generally requires an agency to conduct a regulatory flexibility analysis of any rule subject to notice and comment rulemaking requirements unless the agency certifies that the rule will not have a significant economic impact on a substantial number of small entities. For the purposes of RFA, small entities include small businesses, certain nonprofit organizations, and small government jurisdictions. Individuals and States are not included in this definition of a small entity. This proposed rule would revise regulations that prohibit State MFCUs from using Federal matching funds to conduct ‘‘efforts to identify situations in which a question of fraud may exist, including the screening of claims, analysis of patterns of practice, or routine verification with recipients of whether services billed by a provider were actually received.’’ These revisions impose no significant economic impact on a substantial number of small entities. Therefore, the undersigned certifies that this rule will not have a significant impact on a substantial number of small entities. Executive Order 13132 Executive Order 13132 (entitled ‘‘Federalism’’) prohibits, to the extent practicable and permitted by law, an agency from promulgating a regulation that has federalism implications and either imposes substantial direct compliance costs on State and local governments and is not required by statute, or preempts State law, unless the relevant requirements of section 6 of the Executive Order are met. This rule does not have federalism implications and does not impose substantial direct compliance costs on State and local governments or preempt State law within the meaning of the Executive Order. B. Paperwork Reduction Act Under the Paperwork Reduction Act (PRA) of 1995, before a collection-of- PO 00000 Frm 00049 Fmt 4702 Sfmt 4702 information requirement is submitted to Office of Management and Budget (OMB) for review and approval, we are required to provide a 60-day notice in the Federal Register and solicit public comment. We propose to require that MFCUs report annually on the costs of data mining and the outcomes of cases identified, including monetary recoveries. In order to evaluate fairly whether this information collection should be approved by OMB, section 3506(c)(2)(A) of the PRA requires that we solicit comment on the following issues: • The need for the information collection and its usefulness in carrying out the proper functions of our agency; • The accuracy of our estimate of the information collection burden; • The quality, utility, and clarity of the information to be collected; and • Recommendations to minimize the information collection burden on the affected public, including automated collection techniques. Under the PRA, the time, effort, and financial resources necessary to meet the information collection requirements referenced in this section are to be considered. We explicitly seek, and will consider, public comment on our assumptions as they relate to the PRA requirements summarized in this section. Comments on these information collection activities should be sent to the following address within 60 days following the Federal Register publication of this proposed rule: OIG Desk Officer, Office of Management and Budget, Room 10235, New Executive Office Building, 725 17th Street, NW., Washington, DC 20053. IV. Public Inspection of Comments and Response to Comments Comments will be available for public inspection beginning May 16, 2011, in Room 5541, Office of External Affairs, Office of Inspector General, at 330 Independence Avenue, SW., Washington, DC 20201, from Monday through Friday of each week (Federal holidays excepted) between the hours of 10 a.m. and 5 p.m., (202) 619–1368. Because of the large number of items of correspondence we normally receive on Federal Register documents published for comment, we are not able to acknowledge or respond to them individually. We will consider all comments we receive by the date and time specified in the DATES section of this preamble, and will respond to the comments in the preamble of the final rule. E:\FR\FM\17MRP1.SGM 17MRP1 Federal Register / Vol. 76, No. 52 / Thursday, March 17, 2011 / Proposed Rules § 1007.20 Conditions under which data mining is permissible and approval by HHS Office of Inspector General. List of Subjects in 42 CFR Part 1007 Administrative practice and procedure, Fraud, Grant programs— health, Medicaid, Reporting and recordkeeping requirements. Accordingly, 42 CFR part 1007 is proposed to be amended as set forth below: PART 1007—[AMENDED] 1. Revise the authority citation to part 1007 to read as follows: Authority: 42 U.S.C. 1396b(a)(6), 1396b(b)(3), 1396b(q), and 1302. 2. In § 1007.1, add in alphabetical order the definition for ‘‘data mining’’ to read as follows: § 1007.1 Definitions. * * * * * Data mining is defined as the practice of electronically sorting Medicaid claims through statistical models and intelligent technologies to uncover patterns and relationships contained within the Medicaid claims activity and history to identify aberrant utilization and billing practices that are potentially fraudulent. * * * * * 3. In § 1007.17, add paragraph (i) to read as follows: § 1007.17 Annual report. * * * * * (i) All costs expended that year attributed to data mining activities under § 1007.20; the number of cases generated from those data mining activities; the outcome and status of those cases, including the expected and actual monetary recoveries (both Federal and non-Federal share); and any other relevant indicia of return on investment from such activities. * * * * * 4. In § 1007.19, revise paragraph (e)(2) to read as follows: § 1007.19 (FFP). Federal financial participation WReier-Aviles on DSKGBLS3C1PROD with PROPOSALS-1 * * * * * (e) * * * (2) Routine verification with recipients of whether services billed by providers were actually received, or, except as provided in section 1007.20, efforts to identify situations in which a question of fraud may exist, including the screening of claims and analysis of patterns of practice that involve data mining as defined in section 1007.1; * * * * * 5. Add § 1007.20 to read as follows: VerDate Mar<15>2010 14:47 Mar 16, 2011 Jkt 223001 (a) Notwithstanding § 1007.19(e)(2), a unit may engage in data mining and receive Federal Financial Participation only under the three following conditions: (1) The activity has a defined duration and staff time devoted to the activity is described; (2) The MFCU identifies the methods of cooperation between the MFCU and State Medicaid agency as well as a primary point of contact for data mining at the two agencies; and (3) MFCU employees engaged in data mining receive specialized training in data mining techniques. (b) The MFCU shall describe how it will comply with each of the conditions described in paragraph (a) of this section as part of the agreement required by § 1007.9(d). (c) The Office of Inspector General, Department of Health and Human Services, in consultation with the Centers for Medicare & Medicaid Services, approves in advance the provisions of the agreement as defined in paragraph (b) of this section. Dated: May 14, 2010. Daniel R. Levinson, Inspector General. Dated: October 15, 2010. Kathleen Sebelius, Secretary, Department of Health and Human Services. Editorial Note: This document was received in the Office of the Federal Register on March 10, 2011. [FR Doc. 2011–6012 Filed 3–16–11; 8:45 am] BILLING CODE 4152–01–P DEPARTMENT OF DEFENSE Defense Acquisition Regulations System 48 CFR Parts 209 and 252 Defense Federal Acquisition Regulation Supplement; Identification of Critical Safety Items (DFARS Case 2010–D022) Defense Acquisition Regulations System, Department of Defense (DoD). ACTION: Proposed rule. AGENCY: DoD is proposing to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to add a contract clause that clearly identifies any items being purchased that are critical safety items so that the proper SUMMARY: PO 00000 Frm 00050 Fmt 4702 Sfmt 4702 14641 risk-based surveillance can be performed. DATES: Comments on the proposed rule should be submitted in writing to the address shown below on or before May 16, 2011, to be considered in the formation of the final rule. ADDRESSES: Submit comments identified by DFARS Case 2010–D022, using any of the following methods: Æ Regulations.gov: http:// www.regulations.gov. Submit comments via the Federal eRulemaking portal by inputting ‘‘DFARS Case 2010–D022’’ under the heading ‘‘Enter keyword or ID’’ and selecting ‘‘Search.’’ Select the link ‘‘Submit a Comment’’ that corresponds with ‘‘DFARS Case 2010–D022.’’ Follow the instructions provided at the ‘‘Submit a Comment’’ screen. Please include your name, company name (if any), and ‘‘DFARS Case 2010–D022’’ on your attached document. Æ E-mail: dfars@osd.mil. Include DFARS Case 2010–D022 in the subject line of the message. Æ Fax: 703–602–0350. Æ Mail: Defense Acquisition Regulations System, Attn: Meredith Murphy, OUSD(AT&L)DPAP(DARS), Room 3B855, 3060 Defense Pentagon, Washington, DC 20301–3060. Comments received generally will be posted without change to http:// www.regulations.gov, including any personal information provided. To confirm receipt of your comment(s), please check http://www.regulations.gov approximately two to three days after submission to verify posting (except allow 30 days for posting of comments submitted by mail). FOR FURTHER INFORMATION CONTACT: Meredith Murphy, Defense Acquisition Regulations System, OUSD (AT&L) DPAP (DARS), Room 3B855, 3060 Defense Pentagon, Washington, DC 20301–3060. Telephone 703–602–1302; facsimile 703–602–0350. SUPPLEMENTARY INFORMATION: I. Background This DFARS case was initiated at the request of the Defense Contract Management Agency so that when DoD requiring activities identify procurements involving critical safety items, the buying activities will include a clause in the solicitation and resulting contract that identifies specific items in the procurement that are critical safety items. The National Defense Authorization Act for Fiscal Year 2004 (Pub. L. 108– 136), section 802, entitled ‘‘Quality Control in Procurement of Aviation Critical Safety Items and Related E:\FR\FM\17MRP1.SGM 17MRP1

Agencies

[Federal Register Volume 76, Number 52 (Thursday, March 17, 2011)]
[Proposed Rules]
[Pages 14637-14641]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2011-6012]


-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Office of Inspector General

42 CFR Part 1007

[OIG-1203-P]


State Medicaid Fraud Control Units; Data Mining

AGENCY: Office of Inspector General (OIG), HHS.

ACTION: Proposed rule.

-----------------------------------------------------------------------

SUMMARY: This proposed rule amends a provision in HHS regulations that 
prohibits State Medicaid Fraud Control Units (MFCU) from using Federal 
matching funds to identify fraud through screening and analyzing State 
Medicaid claims data, known as data mining. To support and modernize 
MFCU efforts to effectively pursue Medicaid provider fraud, we propose 
to permit Federal Financial Participation (FFP) in the costs of defined 
data mining activities under specified conditions. In addition, we 
propose that MFCUs annually report the costs and results of approved 
data mining activities to OIG.

DATES: To ensure consideration, public comments must be delivered to 
the address provided below no later than 5 p.m. on May 16, 2011.

ADDRESSES: In commenting, please refer to file code OIG-1203-P. Because 
of staff and resource limitations, we cannot accept comments by 
facsimile (FAX) transmission.
    You may submit comments in one of three ways (please choose only 
one of the ways listed):
    1. Electronically. You may submit electronic comments on specific 
recommendations and proposals through the Federal eRulemaking Portal at 
http://www.regulations.gov. (Attachments should be in Microsoft Word, 
if possible.)
    2. By regular, express, or overnight mail. You may send written 
comments to the following address: Office of Inspector General, 
Department of Health and Human Services, Attention: OIG-1203-P, Room 
5541, Cohen Building, 330 Independence Avenue, SW., Washington, DC 
20201. Please allow sufficient time for mailed comments to be received 
before the close of the comment period.
    3. By hand or courier. If you prefer, you may deliver, by hand or 
courier, your written comments before the close of the comment period 
to Office of Inspector General, Department of Health and Human 
Services, Cohen Building,

[[Page 14638]]

330 Independence Avenue, SW., Washington, DC 20201. Because access to 
the interior of the Cohen Building is not readily available to persons 
without Federal Government identification, commenters are encouraged to 
schedule their delivery with one of our staff members at (202) 619-
1343.
    For information on viewing public comments, please see the 
SUPPLEMENTARY INFORMATION section.

FOR FURTHER INFORMATION CONTACT: Richard Stern, Department of Health & 
Human Services, Office of Inspector General, (202) 619-0480.

SUPPLEMENTARY INFORMATION:
    Inspection of Public Comments: All comments received before the end 
of the comment period are available for viewing by the public, 
including any personally identifiable or confidential business 
information that is included in a comment. All comments will be posted 
on http://www.regulations.gov as soon as possible after they have been 
received. Comments received timely will also be available for public 
inspection as they are received, generally beginning approximately 3 
weeks after publication of a document, at Office of Inspector General, 
Department of Health and Human Services, Cohen Building, 330 
Independence Avenue, SW., Washington, DC 20201, Monday through Friday 
of each week from 10 a.m. to 5 p.m. To schedule an appointment to view 
public comments, phone (202) 619-1368.

I. Background

    In 1977, the Medicare-Medicaid Anti-Fraud and Abuse Amendments 
(Pub. L. 95-142) were enacted to strengthen the capability of the 
Government to detect, prosecute, and punish fraudulent activities under 
the Medicare and Medicaid programs. Section 17(a) of the statute 
amended section 1903(a) of the Social Security Act (the Act) to provide 
for Federal participation in the costs attributable to establishing and 
operating an MFCU. The requirements for operating an MFCU appear at 
section 1903(q) of the Act. Regulations implementing the MFCU authority 
appear at 42 CFR part 1007 and were promulgated in 1978.
    Section 1903(a)(6) of the Act requires the Secretary of Health and 
Human Services (the Secretary) to pay FFP to a State for MFCU costs 
``found necessary by the Secretary for the elimination of fraud in the 
provision and administration of medical assistance provided under the 
State plan.'' Under the section, States receive 90 percent FFP for an 
initial 3 year period for the costs of establishing and operating a 
MFCU, including the costs of training, and 75 percent FFP thereafter. 
Presently, all States with MFCUs receive FFP at a 75 percent rate. 
General administrative costs of operating a State Medicaid program are 
reimbursed at a rate of 50 percent, although enhanced FFP rates are 
available for other activities, including those associated with 
Medicaid management information systems (MMIS).
    To increase MFCU effectiveness in eliminating Medicaid fraud, we 
propose to modify an existing prohibition on the payment of FFP for 
activities generally known as ``data mining.'' We discuss the reasons 
for this proposed modification below.
    For the purposes of this proposed rule, we are using the term 
``data mining'' to refer specifically to the practice of electronically 
sorting Medicaid claims through statistical models and intelligent 
technologies to uncover patterns and relationships contained within the 
Medicaid claims activity and history to identify aberrant utilization 
and billing practices that are potentially fraudulent.
    Routine program monitoring activities, including data mining, are 
conducted through analysis of Medicaid data and have historically been 
the responsibility of each State Medicaid agency. This practice places 
the sole burden of identifying potentially fraudulent practices based 
on this type of analysis on the State Medicaid agencies and requires 
the MFCUs to remain highly dependent on referrals from State Medicaid 
agencies and other external sources.
    While MFCUs may have access to Medicaid data, which currently may 
be used for the purposes of individual case development, they do not 
have the authority to claim FFP to conduct data mining to identify 
potential Medicaid fraud and, therefore, are limited to relying on 
referrals from State Medicaid agencies based on the State agencies' 
analysis methods, tools, and techniques. Many MFCUs work actively with 
a variety of State agencies and private referral sources, such as 
individual providers and private citizens, to identify possible fraud 
or cases of patient abuse and neglect and to undertake detection 
activities.
    We believe that amending the existing regulation to permit FFP in 
data mining activities will be an efficient use of available resources. 
At the Federal level, analysis of claims data has increased OIG's 
effectiveness in deploying law enforcement resources and proactively 
identifying suspected fraud. Using data analysis, Medicare Fraud Strike 
Forces operated by HHS and the U.S. Department of Justice have 
identified seven ``hot spots'' based on high indicators of fraud 
against the Medicare program. The Strike Forces analyze Medicare data 
to identify unexplained high-billing levels in concentrated areas so 
that interagency teams can target emerging or migrating schemes along 
with chronic fraud. By using data mining and other law enforcement 
tools to efficiently focus Federal law enforcement activities, Medicare 
Fraud Strike Force efforts have resulted in hundreds of criminal 
charges, convictions and more than $355 million in court-ordered 
restitutions, fines and penalties for fraud against the Medicare 
program since 2007. We could not attribute these results directly to 
use of data mining and data analysis techniques alone. Moreover, we 
would not expect individual State MFCUs to produce results comparable 
to the combined efforts of HHS and DOJ in a high priority national 
Medicare investigative and prosecutorial effort. However, we anticipate 
that data mining by MFCUs at the State level could enhance the MFCU's 
ability to counter new and existing fraud schemes by more effectively 
identifying early fraud indicators. In addition, data mining would 
equip MFCUs with more modern tools that have been shown at the Federal 
level to help increase the numbers of credible investigative leads, 
pursue recoveries, and detect emerging fraud and abuse schemes and 
trends.
    The 1978 publication of the final rule now codified in 42 CFR part 
1007 addressed in some detail the relationship between the MFCUs and 
the State Medicaid agency. In response to a comment that MFCUs should 
be responsible for the ``investigation of non-fraudulent program 
abuse,'' the preamble to the final rule noted that functions such as 
``claims processing, utilization control and other reviews or 
analysis'' are already subject to incentive funding as part of the 
mechanized claims processing systems operated by the State Medicaid 
agency (43 FR 32078, 32080-32081 (July 24, 1978)). The preamble stated 
that ``there is no indication that Congress intended an overlap of 
funding for such matters'' (43 FR 32081). Data mining is one such 
function that may be conducted as part of the State Medicaid agency's 
mechanized claims processing system and is subject to Federal 
reimbursement received by State Medicaid agencies.
    Since issuance of the 1978 rule, tools and methods for identifying 
aberrant patterns in claims data have advanced significantly and become 
more widely available. At the same time, health care

[[Page 14639]]

fraud schemes have become more sophisticated. Use of data mining 
technology is a strategy that is routinely used by law enforcement 
agencies to identify billing patterns and provider linkages that may 
have been previously undetected with traditional methods of claims 
review. We believe that allowing MFCUs the ability to receive funding 
for use of sophisticated data mining technology would allow them to 
marshal their resources more effectively and take full advantage of 
their expertise in detecting and investigating Medicaid fraud. It would 
also allow the MFCUs to operate without relying solely on individual 
case referrals from a Medicaid program integrity unit or from other 
sources.
    ``Review contractors'' selected by the CMS Medicaid Integrity Group 
also may perform data mining as part of their activities. Therefore, 
MFCUs that receive approval to conduct data mining as part of their 
respective memorandums of understanding would need to coordinate their 
activities both with State Medicaid agencies and the review 
contractors. All review contractors already operate under a ``Joint 
Operating Agreement'' with each of the States in which they are 
operating. Review contractors are also required to share with MFCUs, as 
well as with other interested law enforcement or oversight agencies, 
the algorithms they are using and the identity of any targets that are 
identified as a result of their data mining activities.
    A 2007 OIG study identified variability among States in the level 
of cooperation in identifying cases of potential fraud and in the 
number and quality of referrals from State Medicaid agencies to MFCUs 
(Suspected Medicaid Fraud Referrals, OEI-07-04-00181, January 2007). 
Based on the variability found in this study, we believe that allowing 
MFCUs to claim FFP to conduct data mining, performed in cooperation 
with the State Medicaid agencies, would reduce such variability and 
increase the level of referrals in some States.
    We believe that three elements are critical to ensuring the 
effective use of data mining by MFCUs. First, we believe that MFCUs and 
State Medicaid agencies must fully coordinate the MFCUs' use of data 
mining and the identification of possible provider fraud. For example, 
MFCUs should not pursue fraud investigations without determining 
whether the State Medicaid agency is considering an overpayment or 
other administrative action for the same provider. Second, programmatic 
changes (for example, changes in billing codes) may result in certain 
data appearing aberrant when in fact they are not. In such situations, 
MFCU staff conducting data mining would need to rely on the 
programmatic knowledge of State Medicaid agency staff to appropriately 
identify possible instances of fraud. Third, we believe that MFCU staff 
would need to be properly trained in data mining techniques.
    For these reasons, we are proposing to include additional language 
in 42 CFR section 1007.20 that establishes the following conditions 
under which an MFCU may claim FFP in costs of data mining: (1) The MFCU 
describes the duration of the data mining activity and the amount of 
staff time to be expended; (2) the MFCU identifies the methods of 
cooperation between the MFCU and Medicaid agency, and between the MFCU 
and review contractors selected by the CMS Medicaid Integrity Group; 
and (3) MFCU employees engaged in data mining receive specialized 
training in data mining techniques. We are also proposing that the 
agreement between the MFCU and Medicaid agency, required under section 
1007.9(d) of the regulations, describe how the MFCU will satisfy these 
conditions and that OIG, as the oversight agency for the MFCUs, must 
approve this part of the agreement. OIG would review and approve 
proposed agreements in consultation with CMS. FFP will only be 
available to those States that satisfy the conditions at section 
1007.20 and receive approval from OIG.
    Including the terms of an MFCU's data mining in the existing 
agreement with the Medicaid agency would be logical and efficient. Data 
mining has been the traditional province of State Medicaid agencies and 
depends upon access to data maintained by the Medicaid agencies. Thus, 
data mining requires unique coordination of the resources and expertise 
of both an MFCU and a State Medicaid agency to avoid duplication and to 
leverage each agency's resources. We do not intend that this 
coordination, as part of the agreement between the agencies, interfere 
with an MFCU's independence or its separate and distinct identity. As 
before, a Medicaid agency may not provide ongoing scrutiny or review of 
an MFCU's data mining activities and under no circumstances would a 
State Medicaid agency be able to prevent or prohibit an MFCU from 
initiating, carrying out or completing an investigation or prosecution 
that may result from data mining.
    We are also proposing to add a provision that requires those MFCUs 
approved to claim FFP and engage in data mining to include the 
following information in their annual report: Costs associated with 
expenditures attributed to data mining activities; the number of cases 
generated from those data mining activities; the outcome and status of 
those cases; and monetary recoveries resulting from those activities. 
This information will be used by OIG in conducting its oversight and 
monitoring of the MFCUs.

II. Provisions of the Proposed Regulation

    Federal regulations at 42 CFR 1007.19(e)(2) specify that State 
MFCUs are prohibited from using Federal matching funds to conduct 
``efforts to identify situations in which a question of fraud may 
exist, including the screening of claims, analysis of patterns of 
practice, or routine verification with recipients of whether services 
billed by providers were actually received.'' The prohibition on 
Federal matching for ``screening of claims [and] analysis of patterns 
of practice'' is commonly interpreted as a prohibition on Federal 
matching for the costs of data mining by MFCUs. We propose to amend 
section 1007.19(e) to provide for an exception to this general 
prohibition on FFP under conditions described in new section 1007.20.
    We propose to add a new section 1007.20 that would describe the 
conditions under which the Federal share of data mining costs would be 
available to MFCUs. We would also amend section 1007.1 (Definitions) by 
adding a definition of data mining for the purposes of this rule. 
Finally, the proposed rule would amend 42 CFR section 1007.17 (Annual 
Report) to include additional reporting requirements by MFCUs to 
capture costs associated with expenditures attributed to data mining 
activities; the number of cases generated from those data mining 
activities; the outcome and status of those cases; and monetary 
recoveries resulting from those activities.

III. Regulatory Impact Statement

A. Regulatory Analysis

    We have examined the impacts of this proposed rule as required by 
Executive Order 12866, the Unfunded Mandates Reform Act of 1995, and 
the Regulatory Flexibility Act of 1980 (RFA) (Pub. L. 96-354).
Executive Order 12866
    Executive Order 12866 directs agencies to assess all costs and 
benefits of available regulatory alternatives and, when regulation is 
necessary, to select regulatory approaches that maximize

[[Page 14640]]

net benefits (including potential economic, environmental, public 
health, and safety effects; distributive impacts; and equity). A 
regulatory impact analysis must be prepared for major rules with 
economically significant effects ($100 million or more in any given 
year). Since this proposed regulation will not have a significant 
effect on program expenditures and as there are no additional 
substantive costs to implement the resulting provision, we do not 
consider this to be a major rule.
    The proposed rule would allow MFCUs to obtain Federal matching 
funds to conduct data mining in efforts to detect potential fraudulent 
activity. We believe that the aggregate economic impact of this rule 
will be minimal and will have no significant effect on the economy or 
on Federal or State expenditures. However, since MFCUs have until this 
year not conducted data mining, we have only limited information about 
costs and benefits at the State level. One State MFCU, Florida, 
received approval from the Secretary of Health and Human Services to 
conduct data mining as a demonstration project under section 1115 of 
the Social Security Act that commenced on August 1, 2010.
    Any economic impact from reimbursing State MFCU data mining 
activities will likely result in savings of both State and Federal 
dollars. For the MFCU community as a whole, the return on investment 
from MFCU activities (calculated from the ratio of total reported 
dollar value of civil and criminal recoveries to the total dollar value 
of Federal and State expenditures for all MFCUs) exceeded 6.0 for the 
last 3 available years, Federal Fiscal Years (FYs) 2007, 2008, and 
2009. This ratio does not reflect the considerable output of the MFCUs 
related to their criminal prosecutions that do not result in monetary 
recoveries, including more than 1,200 criminal convictions for each of 
FYs 2007, 2008, and 2009.
    We anticipate that the return on investment from data mining 
activities by the MFCUs will enhance the ability of MFCUs to 
effectively target and deploy existing enforcement resources, which is 
expected to result in increased numbers of enforcement actions and 
recoveries. To the extent that there is any economic impact, that 
impact will likely result in savings of Federal and State dollars.
Unfunded Mandates Reform Act
    Title II of the Unfunded Mandates Reform Act of 1995 (UMRA) (2 
U.S.C. 1531-1538) establishes requirements for Federal agencies to 
assess the effects of their regulatory actions on State, local, and 
tribal governments and the private sector. Under UMRA, before issuing 
any rule that may result in costs greater than $110 million to State, 
local, or tribal governments, in the aggregate, or to the private 
sector, agencies must assess the rule's anticipated costs and benefits. 
This proposed rule does not impose any Federal mandates on any State, 
local, or tribal government or the private sector within the meaning of 
UMRA, and thus, a full analysis under UMRA is not necessary.
Regulatory Flexibility Act
    The Regulatory Flexibility Act (RFA) (5 U.S.C. 601 et seq.) 
generally requires an agency to conduct a regulatory flexibility 
analysis of any rule subject to notice and comment rulemaking 
requirements unless the agency certifies that the rule will not have a 
significant economic impact on a substantial number of small entities. 
For the purposes of RFA, small entities include small businesses, 
certain nonprofit organizations, and small government jurisdictions. 
Individuals and States are not included in this definition of a small 
entity. This proposed rule would revise regulations that prohibit State 
MFCUs from using Federal matching funds to conduct ``efforts to 
identify situations in which a question of fraud may exist, including 
the screening of claims, analysis of patterns of practice, or routine 
verification with recipients of whether services billed by a provider 
were actually received.'' These revisions impose no significant 
economic impact on a substantial number of small entities. Therefore, 
the undersigned certifies that this rule will not have a significant 
impact on a substantial number of small entities.
Executive Order 13132
    Executive Order 13132 (entitled ``Federalism'') prohibits, to the 
extent practicable and permitted by law, an agency from promulgating a 
regulation that has federalism implications and either imposes 
substantial direct compliance costs on State and local governments and 
is not required by statute, or preempts State law, unless the relevant 
requirements of section 6 of the Executive Order are met. This rule 
does not have federalism implications and does not impose substantial 
direct compliance costs on State and local governments or preempt State 
law within the meaning of the Executive Order.

B. Paperwork Reduction Act

    Under the Paperwork Reduction Act (PRA) of 1995, before a 
collection-of-information requirement is submitted to Office of 
Management and Budget (OMB) for review and approval, we are required to 
provide a 60-day notice in the Federal Register and solicit public 
comment. We propose to require that MFCUs report annually on the costs 
of data mining and the outcomes of cases identified, including monetary 
recoveries. In order to evaluate fairly whether this information 
collection should be approved by OMB, section 3506(c)(2)(A) of the PRA 
requires that we solicit comment on the following issues:
     The need for the information collection and its usefulness 
in carrying out the proper functions of our agency;
     The accuracy of our estimate of the information collection 
burden;
     The quality, utility, and clarity of the information to be 
collected; and
     Recommendations to minimize the information collection 
burden on the affected public, including automated collection 
techniques.
    Under the PRA, the time, effort, and financial resources necessary 
to meet the information collection requirements referenced in this 
section are to be considered. We explicitly seek, and will consider, 
public comment on our assumptions as they relate to the PRA 
requirements summarized in this section. Comments on these information 
collection activities should be sent to the following address within 60 
days following the Federal Register publication of this proposed rule: 
OIG Desk Officer, Office of Management and Budget, Room 10235, New 
Executive Office Building, 725 17th Street, NW., Washington, DC 20053.

IV. Public Inspection of Comments and Response to Comments

    Comments will be available for public inspection beginning May 16, 
2011, in Room 5541, Office of External Affairs, Office of Inspector 
General, at 330 Independence Avenue, SW., Washington, DC 20201, from 
Monday through Friday of each week (Federal holidays excepted) between 
the hours of 10 a.m. and 5 p.m., (202) 619-1368.
    Because of the large number of items of correspondence we normally 
receive on Federal Register documents published for comment, we are not 
able to acknowledge or respond to them individually. We will consider 
all comments we receive by the date and time specified in the DATES 
section of this preamble, and will respond to the comments in the 
preamble of the final rule.

[[Page 14641]]

List of Subjects in 42 CFR Part 1007

    Administrative practice and procedure, Fraud, Grant programs--
health, Medicaid, Reporting and recordkeeping requirements.

    Accordingly, 42 CFR part 1007 is proposed to be amended as set 
forth below:

PART 1007--[AMENDED]

    1. Revise the authority citation to part 1007 to read as follows:

    Authority:  42 U.S.C. 1396b(a)(6), 1396b(b)(3), 1396b(q), and 
1302.

    2. In Sec.  1007.1, add in alphabetical order the definition for 
``data mining'' to read as follows:


Sec.  1007.1  Definitions.

* * * * *
    Data mining is defined as the practice of electronically sorting 
Medicaid claims through statistical models and intelligent technologies 
to uncover patterns and relationships contained within the Medicaid 
claims activity and history to identify aberrant utilization and 
billing practices that are potentially fraudulent.
* * * * *
    3. In Sec.  1007.17, add paragraph (i) to read as follows:


Sec.  1007.17  Annual report.

* * * * *
    (i) All costs expended that year attributed to data mining 
activities under Sec.  1007.20; the number of cases generated from 
those data mining activities; the outcome and status of those cases, 
including the expected and actual monetary recoveries (both Federal and 
non-Federal share); and any other relevant indicia of return on 
investment from such activities.
* * * * *
    4. In Sec.  1007.19, revise paragraph (e)(2) to read as follows:


Sec.  1007.19  Federal financial participation (FFP).

* * * * *
    (e) * * *
    (2) Routine verification with recipients of whether services billed 
by providers were actually received, or, except as provided in section 
1007.20, efforts to identify situations in which a question of fraud 
may exist, including the screening of claims and analysis of patterns 
of practice that involve data mining as defined in section 1007.1;
* * * * *
    5. Add Sec.  1007.20 to read as follows:


Sec.  1007.20  Conditions under which data mining is permissible and 
approval by HHS Office of Inspector General.

    (a) Notwithstanding Sec.  1007.19(e)(2), a unit may engage in data 
mining and receive Federal Financial Participation only under the three 
following conditions:
    (1) The activity has a defined duration and staff time devoted to 
the activity is described;
    (2) The MFCU identifies the methods of cooperation between the MFCU 
and State Medicaid agency as well as a primary point of contact for 
data mining at the two agencies; and
    (3) MFCU employees engaged in data mining receive specialized 
training in data mining techniques.
    (b) The MFCU shall describe how it will comply with each of the 
conditions described in paragraph (a) of this section as part of the 
agreement required by Sec.  1007.9(d).
    (c) The Office of Inspector General, Department of Health and Human 
Services, in consultation with the Centers for Medicare & Medicaid 
Services, approves in advance the provisions of the agreement as 
defined in paragraph (b) of this section.

    Dated: May 14, 2010.
Daniel R. Levinson,
Inspector General.
    Dated: October 15, 2010.
Kathleen Sebelius,
Secretary, Department of Health and Human Services.

    Editorial Note: This document was received in the Office of the 
Federal Register on March 10, 2011.
[FR Doc. 2011-6012 Filed 3-16-11; 8:45 am]
BILLING CODE 4152-01-P