Download: docx | pdf

1. Justification

1. Need and Legal Basis

Section 1857(d) of the Social Security Act (Act), added by the Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (MMA) and implementing regulations at 42 CFR 422.503 and 422.504 state that CMS must oversee a Medicare Advantage (MA) organization’s continued compliance with the requirements for a MA organization.

Section 1860D-12 of the Act, added by MMA and implementing regulations at 42 CFR

423.504 and 423.505 state that CMS must oversee a Part D plan sponsor’s continued compliance with the requirements for a Part D plan sponsor.

The data collected by way of the audit protocols included in this package allow CMS to conduct a comprehensive review of MA and Part D organizations’ compliance within specific program areas. CMS uses the data collected to test an organization’s compliance with the following federal requirements:

• Compliance Program Effectiveness—42 CFR, §§422.503 and 423.504

• Part D Formulary and Benefit Administration—42 CFR, Part 423, Subpart C

• Part D Coverage Determinations, Appeals, and Grievances—42 CFR, Part 423, Subpart M

• Part C Organization Determinations, Appeals, and Grievances—42 CFR, Part 422, Subpart M

• Special Needs Plan Care Coordination —42 CFR §§ 422.4(a)(iv), 422.101(f), and 422.152(g)

2. Information Users

The information gathered during this program audit will be used by the Medicare Parts C and D Oversight and Enforcement Group (MOEG) within the Center for Medicare (CM) and CMS Regional Offices to assess sponsoring organizations’ compliance with Medicare program requirements. Specifically, as part of its FA review, MOEG reviews samples of rejected claims to ensure that the point-of-sale rejections are appropriate; its purpose is to ensure Part D organizations are administering their formulary and transition benefit in accordance with their CMS-approved formulary and the overriding regulations. MOEG’s ODAG and CDAG reviews focus on the timeliness of coverage decisions and grievances related to requests for services and drugs. ODAG and CDAG universes are collected and reviewed at the universe level to ensure organizations are meeting the notification and effectuation timeframe requirements outlined in regulation, and samples are reviewed to ensure proper procedures are followed in processing these requests, such as providing appeal rights for denied requests, ensuring the appropriate

level of review when initial requests are denied for lack of medical necessity, etc. As part of its CPE review, MOEG uses audit universes and information collected via questionnaires to assess the extent to which Part C and Part D organizations have adopted and implemented an effective compliance program, inclusive of measures that prevent, detect, and correct non-compliance with CMS' program requirements. And finally, if the audited MA organization offers a SNP, MOEG’s review evaluates a sample of SNP enrollees to ensure the SNP is coordinating care, administering health risk assessments, updating individual care plans, and assigning interdisciplinary care teams in accordance with the CMS-approved model of care.

If outliers or other data anomalies are detected, MOEG requires audited organizations to provide impact analyses to better understand and report the scope of the noncompliance. These MA and Part D organizations then receive their audit results, are required to implement corrective actions, and to demonstrate correction of all conditions cited in the final audit report by undergoing a validation audit. If the validation audit demonstrates substantial correction of the conditions, MOEG will communicate its decision to close the audit in a letter to the MA and Part D organization. Any new or isolated issues of non-compliance that remain will be referred to the CMS Account Manager for follow- up. Regional Offices will work in collaboration with MOEG and other divisions within CMS for resolution.

3. Use of Information Technology

Sponsoring organizations are able to produce approximately 65 percent of requested information from their internal systems. CMS is able to obtain the remaining 30 percent via our internal systems. The remaining 5 percent of data is manually entered by the sponsoring organizations in response to questionnaires or other audit requests.

Information collected from the sponsoring organizations for use in the audit is obtained electronically via the Health Plan Management System (HPMS), a system that was developed and is maintained by CMS and to which all sponsoring organizations have access. This system is also secure, requiring users to request and gain access via CMS personnel and then must create and maintain a secure user id and password.

Our routine program audits are conducted remotely using secure webinar technology. This saves CMS and audited sponsoring organizations time, money, and other resources needed to complete the audit.

4. Duplication of Efforts

This information collection does not duplicate any other effort and the information cannot be obtained from any other source.

5. Small Businesses

This collection does not impose a significant impact on small businesses and other entities.

6. Less Frequent Collection

42 CFR part 423 subpart K and 422 subpart K stipulate that CMS must oversee a sponsoring organization’s continued compliance with CMS requirements. In general, CMS attempts to audit coverage for at least 95 percent of MA and Part D covered enrollees by conducting program audits at the parent organization level within a given audit cycle. Each audit cycle averages 4 years in duration, and organizations with the most MA and Part D enrollees tend to be audited at the beginning of each audit cycle. Organizations with less MA and Part D enrollees, or organizations that have never been subject to a program audit, tend to be scheduled in the latter half of the cycle. Given the variance in total enrollment, the number of audits conducted each year can range from 13 to 40 audits, and the frequency with which an audit occurs can also be influenced by the identification of compliance issues, referral for program audit, a spike in the size of an organization, and the amount of time since the last audit. In addition, CMS conducts annual timeliness monitoring of Part C organization determinations and appeals³. Less frequent collection of the data from sponsoring organizations would severely limit CMS’ ability to perform accurate and timely oversight, monitoring, compliance, and auditing activities around the Parts C and D Medicare benefits and could result in an increased potential for harm to Medicare beneficiaries.

7. Special Circumstances

42 CFR 422.504(d) and 423.505(d) stipulate that records are to be maintained for 10 years. CMS could potentially require clarification around, or validation of, submitted data and, therefore need to contact Medicare Part D plan sponsors and Medicare Advantage organizations within 30 days of data submission. Ad hoc audits initiated in response to an audit referral could also require immediate action providing a sponsoring organization less than 30 days to respond to universe requests. However, in general, and as outlined in the five program area protocols, within 15 business days of receipt of the program audit Engagement Letter, each of the pre-audit collection instruments (i.e., all except the program area data request templates) must be populated and submitted to CMS. Sponsoring organizations are also required to provide responses to CMS requests for root cause analyses within two business days and impact analyses within ten business days of a request during and after program audit fieldwork. While these submissions are required in fewer than 30 days of receipt of the individual notices, these timeframes are necessary to complete the entire program audit process timely. Otherwise, there are no special circumstances that would require an information collection to be conducted in a manner that requires respondents to:

• Report information to the agency more often than quarterly;

³ In the Announcement of Calendar Year (CY) 2020 Medicare Advantage Capitation Rates and Medicare Advantage and Part D Payment Policies and Final Call Letter, CMS announced it will stop collection of Part D Timeliness Monitoring Project (TMP) data after the 2019 data are collected in 2020 for 2021 Star Ratings.

• Prepare a written response to a collection of information in fewer than 30 days after receipt of it;

• Submit more than an original and two copies of any document;

• Collect data in connection with a statistical survey that is not designed to produce valid and reliable results that can be generalized to the universe of study;

• Use a statistical data classification that has not been reviewed and approved by OMB;

• Include a pledge of confidentiality that is not supported by authority established in statute or regulation that is not supported by disclosure and data security policies that are consistent with the pledge, or which unnecessarily impedes sharing of data with other agencies for compatible confidential use; or

• Submit proprietary trade secret, or other confidential information unless the agency can demonstrate that it has instituted procedures to protect the information's confidentiality to the extent permitted by law.

8. Federal Register

Federal Register

The 60-day notice published in the Federal Register on December 6, 2019 (84 FR 66912). CMS received 42 public submissions, which included 662 comments. We then combined the 662 comments into 329 unique comments and provided responses in the comment and response summary that is included in this collection request. We adopted many of the commenters’ suggestions and believe that those corresponding edits simplify and clarify the collection instruments. First, we removed the rejected claims transition record layout for the previous contract year from the FA Data Request, as well as the Part B Drugs record layout from the ODAG Data Request to further streamline our review and data collection. Then, we identified additional opportunities to clarify and standardize field definitions and locations within the FA, CDAG, and ODAG record layouts. Next, we redefined field descriptions within the SNPE record layout, as found in the SNPCC Data Request, to align our data collection and evaluation with the 2020 Part C Reporting Requirements. Finally, we renamed the CPE Program Audit Protocol and Data Request document for consistency and clarification of the audit scope, and spelled out frequently used acronyms to reduce confusion within the CPE questionnaires. Please refer to the Crosswalk of Changes for a complete summary of updates made to this collection request since the December 6, 2019 publication. The 30-day notice published in the Federal Register on June 4, 2020 (85 FR 34450).

9. Payments/Gifts to Respondents

There are no payments or gifts to respondents associated with this information collection request. MA and Part D organizations are required to comply with CMS oversight (produce records for examination, etc.) and CMS could terminate a contract for failure to comply.

10. Confidentiality

CMS will adhere to all statutes, regulations, and agency policies regarding confidentiality. While sponsoring organizations are required to provide CMS access to records, data and

other beneficiary information, CMS will ensure that the information is maintained and used in a confidential format. Any sensitive or personal information will be transferred and/ or stored through the Health Plan Management System (HPMS) which is a secure site.

11. Sensitive Questions

There are no sensitive questions associated with this collection. Specifically, the collection does not solicit questions of a sensitive nature, such as sexual behavior and attitudes, religious beliefs, and other matters that are commonly considered private.

12. Burden Estimates (Hours & Wages) Wage Estimates

To derive average costs, we used data from the U.S. Bureau of Labor Statistics’ May 2019 National Occupational Employment and Wage Estimates for all salary estimates (www.bls.gov/oes/current/oes_nat.htm). In this regard, the following table presents the mean hourly wage, the cost of fringe benefits (calculated at 100 percent of salary), and the adjusted hourly wage. We selected the following personnel for our burden estimate based on our previous experiences conducting similar Part C and Part D program audits.

National Occupational Mean Hourly Wage and Adjusted Hourly Wage

Occupation Title	Occupation Code	Mean Hourly Wage ($/hr.)	Fringe Benefit ($/hr.)	Adjusted Hourly Wage ($/hr.)
General and Operations Managers (Program Director)	11-1021	59.15	59.15	118.30
Compliance Officer	13-1041	35.03	35.03	70.06
Management Analysts	13-1111	45.94	45.94	91.88
Project Management Specialists and Business Operations Specialists, All Other	13-1199 13-1198	38.57	38.57	77.14
Computers and Information Systems Manager	11-3021	75.19	75.19	150.38
Administrative Assistants	43-6014	18.84	18.84	37.68
Lead Claims Analyst	13-1031	33.15	33.15	66.30

As indicated, we are adjusting our employee hourly wage estimates by a factor of 100 percent. This is necessarily a rough adjustment, both because fringe benefits and overhead costs vary significantly from employer to employer, and because methods of estimating these costs vary widely from study to study. Nonetheless, there is no practical alternative, and we believe that doubling the hourly wage to estimate total cost is a reasonably accurate estimation method.

Wage Estimates for Program Audits

Based on the table above, we then added the estimated hourly rate (rounded to the nearest whole dollar) for each position and divided by the total number of positions to get the average hourly rate.

4 Program Directors	$118/hr x 4	$472
1 Compliance Officer	$70/hr x 1	70
6 Management Analysts	$92/hr x 6	552
6 Quality Assurance Specialists	$77/hr x 6	462
5 Computer & Information Systems Managers	$150/hr x 5	750
6 Administrative Assistants	$38/hr x 6	228
4 Claims Analysts	$66/hr x 4	264
Total		$2,798

Taking the average of the above rates, we estimate an average hourly rate of $87/hr ($2,798/32 positions).

Wage Estimates for Industry-Wide Timeliness Monitoring Project (TMP)

We also created a burden estimate for the industry- wide TMP using the same table above.

2 Computer & Information Systems Managers	$150/hr x 2	300
2 Administrative Assistants	$38/hr x 2	76
2 Claims Analysts	$66/hr x 2	132
Total		$508

Taking the average of the above rates, we estimate an average hourly rate of $85/hr

($508/6 positions). Burden Estimates

Program Audits

Based on our audit strategy, routine program audits are defined as the audits scheduled throughout the year. Ad hoc audits could be added to the annual audit plan based on referral, should an immediate need arise to address emergent issues of noncompliance. For each sponsoring organization, we estimate an average of 200 hours for administrative and systemic work to assemble the requested information, 60 hours to review the information for completeness, 30 minutes to submit the information to CMS, 160 hours for the actual administration of the audit, 40 hours to respond to audit documentation requests, 40 hours to review and respond to the draft audit report and 10 minutes to complete the optional post-audit survey. The total burden equals 500 hours and 40 minutes, rounded up to 501 hours. We estimate the annual number of parent organizations that will undergo an annual program audit to be 25.

Each organization selected for program audit will also incur validation and close out activity burden. We estimate an additional 200 hours for these activities, regardless of whether the sponsoring organization is required to hire an independent auditing firm (in accordance with 42 CFR 422.503 (d)(2)(B)(iv) and 423.504 (d)(2)(B)(iv)) or rely on CMS to conduct the validation audit. In general, a sponsoring organization with more than five non-CPE conditions identified in its final audit report may be required to hire an independent auditing firm. We estimate that annually, 21 of the 25 sponsoring organizations (84 percent of audited organizations) will be required to hire independent auditing firms.

For each sponsoring organization that will be required to hire an independent auditing firm, we estimate an average of 55 hours to populate the validation work plan, 8 hours to respond to CMS input, 35 hours for administrative and systemic work in assembling/reviewing the required information, 10 hours reviewing the information for completeness, 50 hours participating in the independent audit, 10 hours responding/requesting validation audit documentation, 30 hours to drafting/reviewing the validation audit report and 2 hours to submit the information to CMS. In addition to burden hours, sponsoring organizations that will be required to hire an independent auditing firm will incur the auditing firm’s fee. While those costs will vary, we estimate the average cost is $150,000.

For each sponsoring organization that will be required to undergo a CMS-led validation audit, we estimate an average of 200 hours in assembling, reviewing and submitting data to CMS, participating in the audit with CMS, and responding to CMS’ requests for additional information. Sponsoring organizations that undergo a CMS-led validation audit do not incur the independent auditing firm expense.

Combining the program audit and validation audit burden, we estimate a total of approximately 701 hours for each sponsoring organization. We have included this cost in the total audit estimate.

We recognize that sponsoring organizations will need to update systems to accommodate this collection request. Therefore, CMS has applied a one-time labor-related transition burden associated with reprogramming data extracts, developing new processes for quality assurance testing, general business owner testing, compliance review, etc. This burden is estimated at 340 hours per sponsoring organization. To implement the changes, we estimate that each sponsoring organization would require 50 hours of Program Director resources ($118/hr x 50 =

$5,900); 40 hours of Compliance Officer resources ($70/hr x 40 = $2,800); 100 hours of Management Analyst resources ($92/hr x 100 = $9,200); 50 hours of Quality Assurance Specialist resources ($77/hr x 50 = $3,850); and 100 hours of Computer & Information Systems’ Managers’ resources ($150/hr x 100 = $15,000). In summary, the estimated average labor cost per organization is $108/hour x 340 hours = $36,720 x 190 sponsoring organizations for an overall, one-time transition burden of $6,976,800. Although we understand that First- Tier Downstream and Related Entities (FDRs) connected to the sponsoring organizations would also incur a transition burden we have no way of estimating the number of impacted FDRs and welcome comment on that burden.

We have also added a one-time, labor related transition burden for each independent validation auditing firms that will be updating their systems and processes. This burden is estimated at 100 hours per auditing firm. Based on CMS experience with independent auditing firms to date, we estimate that 20 firms would incur this one-time burden. To implement the changes, we estimate that each independent auditing firm would require 50 hours of Program Director resources ($118/hr x 50 = $5,900) and 50 hours of Computer & Information Systems Manager resources ($150/hr x 50 = $7,500). In summary, the estimated average labor cost per organization is $134/hour x 100 hours = $13,400 x 20 independent validation auditing firms for an overall, one-time transition burden of $268,000.

We believe that cost associated with implementing this collection request is primarily related to labor (e.g., programming, developing processes, quality assurance testing, compliance review, etc.) As a result, we have not included systems’ costs such as hardware or software.

Yearly Industry-Wide Timeliness Monitoring Project (TMP)

We estimate that a total of 154 Part C organizations will incur burden associated with the annual TMP. This number is based on the average, annual number of Part C organizations who have undergone a TMP audit in recent years. For this effort, we estimate an average of 80 hours

for administrative and systemic work to assemble the requested information, 24 hours to review the information for completeness, 30 minutes to submit the information to CMS, and 16 hours to conduct validation webinars to ensure accurate information. This is a total of approximately

120.5 hours for each sponsoring organization.

Burden Summary

Information Collection	Respondents	Responses (per Respondent)	Total Responses	Burden per Response (hours)	Total Annual Burden (hours)	Labor Cost of Reporting ($/hr)	Total Cost
Program Audits	25	1	25	701	17,525	$87.00	$1,524,675*

Information Collection	Respondents	Responses (per Respondent)	Total Responses	Burden per Response (hours)	Total Annual Burden (hours)	Labor Cost of Reporting ($/hr)	Total Cost
Yearly Timeliness Monitoring	154	1	154	120.5	18,557	$85.00	$1,577,345
Total	179	1 - 2	179**	Varies	36,082	Varies	$3,102,020*

*This total does not account for costs of hiring an independent auditing firm. We estimate that organizations that hire independent auditing firms to conduct validation audits will incur an additional $150,000.

**The total accounts for 1 -2 annual responses per respondent.

Total Annual Costs ($)
Program Audits	1,524,675
Independent Auditing (21 x 150,000)	3,150,000
Timeliness Monitoring	1,577,345
Total	6,252,020

One-Time Transition Burden
Information Collection	Number of Entities	Burden per Entity (hours)	Total One-Time Burden (hours)	Labor Cost of Reporting ($/hr)	Total Cost ($)
Sponsoring Organization Transition Burden	190	340	64,600	$108*	$6,976,800
Independent Validation Auditing Firm Transition Burden	20	100	2,000	$134*	$268,000
Total	210	440	Varies	Varies	7,244,800

*Average across staff required to implement changes.

13. Capital Costs

There is no capital cost associated with this collection.

14. Cost to Federal Government

The costs to the federal government include staff time to participate in the audit, travel expenses and money used to fund two audit support contracts that are used as staff extenders during audits, but that also perform a host of other audit and enforcement activities outside of activities related to this collection effort.

Staff Time*

CMS staff serve as either team leads (TLs) or team members, or auditors-in-charge (AICs).

Team leads run their portion of the audit (e.g., CDAG, ODAG, FA, etc.) by administering the protocol and evaluating that portion of the sponsoring organization’s operation. They are assisted by team members who document all audit findings in the internal audit work papers.

The AIC oversees the entire audit and is the sponsoring organization’s primary point of contact throughout the audit process. The AIC issues the audit start notice, hosts the entrance, status and exit conference calls, oversees the audit process, and travels onsite to the sponsoring organizations’ location. The AIC is also responsible for the final review and issuance of the draft and final audit report.

The average annual number of CMS staff conducting program audits is 137. The average number of hours that each CMS staff member spends on an audit is 170. Most CMS auditing staff are GS-12s or GS-13s, with varying step level and locality adjustments. The median total base salary plus locality adjustment for a CMS staff member is roughly

$52.00/hr ($108,811 annually)⁴.

Costs to the government for CMS staff time is as follows:

137 CMS staff x 170 hours/audit = 23,290 hours 23,290 hours x $52/hour = $1,211,080

For two protocols, CDAG and ODAG, CMS is assisted by either a CMS Medical Director or a contracted medical director during the Clinical Decision Making portion of the audit, this portion of the audit generally lasts one to two days. The average number of hours a medical director spends on an audit is 8 hours. There are 2 medical directors per audit, meaning a total of 90 medical directors. Due to limited resources, only 10 of the 90 slots are staffed by a CMS Medical Director, the remaining 80 come from contracted resources and will be included in the section discussing the budget to fund these contracts. The average hourly rate for a CMS Medical Director is $79.00/hr.

⁴ 2020 Salary Table (general schedule) (see https://www.opm.gov/policy-data-oversight/pay-leave/salaries-wages/2020/general- schedule/) average GS-12 and -13 step 5- 6 plus locality adjustment.

Costs to the government for the medical director’s time is as follows:

10 Medical Directors x 8 hours per audit = 80 hours 80 hours x $79.00/hr = $6,320

Total costs to the government for staff time:

CMS staff cost	$1,211,080
MD cost	+ 6,320
Total cost	$1,217,400

Travel Costs

The total costs of travel for audits has been minimized due to CMS’ use of webinar technology. Only the CPE audit team and AIC travel during the third week of the audit to the sponsoring organization’s location. The total travel costs to the federal government are

$84,000.

Contractor Costs

As previously mentioned, CMS has two audit support contractors that perform a variety of duties beyond just the performance of the audit. The duties performed related to this collection effort include performing AIC duties, performing TL duties, acting as the documenter (i.e., documenting all audit findings) for each audit team, providing the medical director for the CDAG and ODAG portions of the audit, receiving, analyzing and ensuring completeness of all audit data collected from sponsoring organizations and draft and final audit report generation and any subsequent validation activities. Based on invoices received by the government. Each audit costs CMS approximately $268,000 in contracted resources. Consequently, the total cost to the government in contracted resources is as follows:

$268,000 per audit x 25 audits = $6,700,000

For the Part C timeliness monitoring project, the duties from the contractor include receiving, analyzing and ensuring the completeness of all of the data collected from 154 sponsoring organizations annually. Additionally, contractors will run validation webinars with the sponsoring organizations to ensure that the data in each universe contain accurate information. Finally, the contractor will conduct timeliness tests on the universes and report out on the results. We estimate that the cost to the contractors will be $512,000 for this monitoring effort per year. Therefore, we estimate the total contractor costs of this package to be:

$6,700,000 + $512,000 = $7,212,000

Adding up the costs to the government of staff time, travel and contractor costs we can estimate total Cost to the government as follows:

Staff Cost	$1,217,400
Travel Cost	84,000
Contractor Costs	7,212,000
Total Cost	$8,513,400

15. Changes to Burden

As indicated in Section 8 above, we adopted many of the technical changes that were suggested in public comment in the interest of simplifying and clarifying the collection instruments. First, we removed the rejected claims transition record layout for the previous contract year from the FA Data Request, as well as the Part B Drugs record layout from the ODAG Data Request to further streamline our review and data collection. Then, we identified additional opportunities to clarify and standardize field definitions and locations within the FA, CDAG, and ODAG record layouts.

Next, we redefined field descriptions within the SNPE record layout, as found in the SNPCC Data Request, to align our data collection and evaluation with the 2020 Part C Reporting Requirements. Finally, we renamed the CPE Program Audit Protocol and Data Request document for consistency and clarification of the audit scope, and spelled out frequently used acronyms to reduce confusion within the CPE questionnaires. These changes resulted in no change to burden.

As summarized in the 60-day collection request, we estimate the total hourly burden for routine program audits at 701 hours to reflect the entirety of the audit process. The total number of routine program audits is estimated at 25 and the corresponding total burden is 17,525 hours.

The total hourly burden for the industry wide timeliness monitoring project remains at 120.5 hours per respondent. As described above, the number of respondents for this timeliness monitoring project is 154 sponsoring organizations per year. Consequently, the total burden for the industry wide monitoring effort is 18,557 hours.

16. Publication/Tabulation Dates

The information collected during audits will be compiled and CMS may detail the information at an aggregate level in an annual audit report. The information regarding Part C and Part D program audit results is available on the CMS website at: https://www.cms.gov/Medicare/Compliance-and-Audits/Part-C-and-Part-D-Compliance- and-Audits/ProgramAuditResults.html

17. Expiration Date

The expiration date will be displayed on the following documents:

• CPE protocol;

• FA protocol;

• CDAG protocol;

• ODAG protocol;

• SNPCC protocol;

• Pre-audit issue summary template;

• CPE Compliance Officer questionnaire;

• CPE FDR questionnaire;

• CPE organizational structure and governance template;

• FA questionnaire;

• SNPCC questionnaire;

• Root cause analysis template⁵;

• Independent validation audit work plan template

1. Certification Statement There are no exceptions.

2. Collections of Information Employing Statistical Methods

No statistical methods are applied to any of the audit information collected.

⁵ For use as needed.

File Type	application/vnd.openxmlformats-officedocument.wordprocessingml.document
File Title	Supporting Statement – Part A
Subject	Program Audit PRA Package
Author	CMS
File Modified	0000-00-00
File Created	2021-01-22