Audit snapshot

Why did we do this audit?

  • The Health Benefit Compliance program aims to support the integrity of Australia’s publicly subsidised health funding schemes by identifying and treating incorrect claiming, inappropriate practice and fraud by health providers.

Key facts

  • In 2018–19, Health recovered $49.3 million in claims which should not have been paid.
  • In 2018–19, Health reported that it achieved $123.4 million in estimated savings through changes in claiming behaviour of providers.

What did we find?

  • The Department of Health’s approach to health provider compliance was partially effective.
  • Health had not taken a risk-based approach to its compliance activity but was in the process of implementing a revised model that includes risk-based processes and structures.
  • While Health undertook internal monitoring and reporting of the health provider compliance case outcomes, external program performance measurement and reporting was not based on a robust methodology.
  • There was limited evidence that compliance project outcomes were systematically monitored and assessed.

What did we recommend?

  • The Auditor-General made two recommendations to Health focussed on costing its compliance activities and improving its performance reporting.
  • The Department of Health agreed to both recommendations.

$36.6 billion

2018–19 expenditure on three key health schemes and incentive program.

205.1 million

prescriptions in
2018–19.

424.2 million

Medicare services paid in 2018–19.

Summary and recommendations

Background

1. In 2018–19, the Australian Government spent $36.6 billion on three key public health funding schemes and a health incentive program. 98 per cent of this expenditure ($35.9 billion) was for the Medicare Benefits Scheme (MBS) and the Pharmaceutical Benefits Scheme (PBS). The Department of Health (Health) has been responsible for compliance by health providers with the requirements of three key public health funding schemes and a health incentive program since 2015.1

Rationale for undertaking the audit

2. The Health Benefit Compliance program aims to support the integrity of Australia’s publicly subsidised health funding schemes by identifying and treating incorrect claiming, inappropriate practice and fraud by health providers. Where applicable, this can include the recovery of funds which have been incorrectly claimed. Given the large volume and value of health care providers’ claims, it is important to assess whether Health has an effective approach to the prevention, identification and treatment of incorrect claiming, inappropriate practice and fraud by health care providers and suppliers.

Audit objective and criteria

3. The audit objective was to assess the effectiveness of the Department of Health’s approach to health provider compliance.

4. To form a conclusion against the audit objective, the following high-level criteria were adopted:

  • approaches to identify, prioritise and treat non-compliance are appropriate; and
  • oversight arrangements for monitoring health provider compliance outcomes are appropriate and inform future compliance approaches.

5. The audit did not examine Health’s passive compliance activities, such as education, or debt recovery processes.

Conclusion

6. The Department of Health’s approach to health provider compliance was partially effective.

7. In the period examined, Health’s approaches to identifying, prioritising and treating non-compliance were partially appropriate. The absence of a risk-based approach in identifying and prioritising which compliance projects were selected for operational activity limited the effectiveness of the approach. Health advised that it is in the process of implementing a revised compliance model that includes risk-based processes and structures.

8. Health’s oversight arrangements for monitoring health provider compliance outcomes were partially appropriate. While Health undertook internal monitoring and reporting of the health provider compliance case outcomes by treatment type, external program performance measurement and reporting was not based on a robust methodology. There was limited evidence that compliance project outcomes were systematically monitored and assessed.

Supporting findings

9. Health appropriately applied a number of methods to identify non-compliance and used a number of analytical tools in support of this work. A risk-based approach was not applied in identifying and prioritising which compliance projects were referred on for operational activity. This limited the effectiveness of the approach taken. At the time of the audit, Health had identified the need for a risk-based approach and advised that it was in the process of implementing a revised compliance model that included risk-based processes.

10. From the population of projects that were approved in 2018–19 for compliance action, the proportion of compliance activity treatment types applied was largely consistent with Health’s hierarchy of compliance responses. The proportion of cases found to be non-compliant was around half for the totality of compliance activity treatment types. Health did not cost compliance projects to inform the required resources and expected returns of the activity.

11. Health undertakes external and internal reporting of the health provider compliance program performance outcomes. The compliance program performance measure had changed over three periods and the method used to calculate the performance outcome was not based on a robust methodology for measuring and assessing performance.

12. Health undertakes internal monitoring and reporting of the health provider compliance case outcomes by treatment type. There was limited evidence that compliance project outcomes were systematically monitored, assessed, and captured to inform future compliance activity.

Recommendations

Recommendation no.1

Paragraph 2.42

The Department of Health cost health provider compliance activities to:

  1. inform if the allocation of resources are targeted to the areas requiring the most attention; and
  2. enable calculation of the net return on investment in compliance activities.

Department of Health response: Agreed.

Recommendation no.2

Paragraph 3.23

The Department of Health review the methodology for selecting and calculating the health provider compliance program performance measure to ensure it accurately reflects the planned performance outcome and the result achieved.

Department of Health response: Agreed.

Summary of entity response

The Department of Health (department) welcomes the findings in the report and accepts the recommendations directed to the department. The department is committed to effective implementation of Australian National Audit Office (ANAO) recommendations and has already taken steps to address the issues identified in this audit.

It was pleasing to note that the Department’s introduction of a revised compliance operating model and the subsequent implementation of a risk-based approach has been acknowledged. Improvements to the Department’s compliance approach are coming to fruition following the implementation of this new model, including a strengthened governance approach and framework.

The audit found some shortcomings in the Department’s approach to costing health provider compliance and highlighted shortfalls with the current methodology used to select and calculate the health provider compliance program performance measure. To address these findings the Department is exploring alternative costing models, in the context of the Department’s legal obligations to respond to particular risks of non-compliance that will allow costing activities to be enhanced to better inform the allocation of resources and calculate the net return on investment in compliance activities. The Department further acknowledges the benefits of implementing a more robust model to measure and assess the health provider compliance program performance measure and will seek to identify and improve an appropriate performance target that will help to ensure that future reporting of non-compliance rates is provided with a more indicative indication, for practitioners and stakeholders, that the Department’s compliance program is being appropriately targeted.

Key messages from this audit for all Australian Government entities

Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Risk management

Performance and impact measurement

Program design

1. Background

Introduction

1.1 The Department of Health (Health) has been responsible for compliance by health providers with the requirements of three key public health funding schemes and a health incentive program since 2015.2 The 2018–19 combined expenditure of the health schemes and program was $36.6 billion, representing about half of all Australian government expenditure on health.3 The relevant public health funding schemes and incentive program are outlined in Table 1.1.4

Table 1.1: Department of Health: health funding schemes and incentive programs

Scheme

Year established

Purpose

2018–19 expenditure

Medicare Benefits Scheme (MBS)

1975

Guarantees all Australians (and some overseas visitors) access to a wide range of health and hospital services at low or no cost. The Medicare Benefits Schedule is part of the MBS, and lists medical and health practitioner services that are subsidised by the government.

$24.1 billion

Pharmaceutical Benefits Scheme (PBS)

1948

Subsidises prescription medicines listed under the schedule of Pharmaceutical Benefits. The PBS gives all Australian residents and eligible overseas visitors affordable access to some prescription medicine.

$11.8 billion

Practice Incentive Program (PIP)

1998

Aimed at supporting general practice activities that encourage continuing improvements and quality care, enhance capacity and improve access and health outcomes for patients.

$352.1 million

Child Dental Benefits Scheme (CDBS)

2014

Provides access under the Child Dental Benefits Schedule to benefits for basic dental services for eligible children aged between 2 and 17 years.

$321.9 million

Total 

$36.6 billion

       

Source: ANAO and Department of Health.

1.2 The relative expenditure on the public health funding schemes and incentive program in 2018–19 can be seen in Figure 1.1.

Figure 1.1: Public health funding schemes and incentive program: expenditure as proportion of total, 2018–19

 

Source: ANAO.

1.3 Figure 1.2 shows the number of Medicare services and benefits paid (MBS) and the number of prescriptions and government expenditure (PBS) for the last ten years (PIP and CDBS are not shown due to their comparatively minor expenditure).

Figure 1.2: Key statistics, MBS and PBS 2009–10 to 2018–19

 
 

Source: ANAO from Department of Health data.5

1.4 The Provider Benefits Integrity Division (PBID) in the department is responsible for the health provider compliance program. PBID’s 2019–20 budgeted expenses were $106.1 million, and the estimated average staffing level in the same period was 337. The objective of the health provider compliance program is6:

To support the integrity of health benefit claims through prevention, early identification and treatment of incorrect claiming, inappropriate practice, fraud and prohibited practices.

1.5 The Health Insurance Act 1973, National Health Act 1953 and Dental Benefits Act 2008 set out a legislative framework that guides the provision and claiming of services and benefits, and allows for post payment compliance activities to be undertaken, to identify incorrect claiming and recover debts. There has been a range of legislative changes aimed at improving health provider compliance arrangements, and to strengthen debt recovery arrangements as outlined in Table 1.2.

Table 1.2: Health provider compliance: key legislative changes

Legislative changes

Details

The Health Legislation Amendment (Improved Medicare Compliance and Other Measures) Act 2018 — came into effect on 1 July 2018.

Amendments to the:

  1. Health Insurance Act 1973, to introduce a shared debt recovery scheme that provides where contractual or other arrangements exist between a practitioner and an employer or corporate entity, both can be held responsible for the repayment of a compliance debt (with the Shared Debt Recovery Scheme subsequently commencing on 1 July 2019); and
  2. Health Insurance Act 1973, Dental Benefits Act 2008 and National Health Act 1953: to streamline and make more consistent the record keeping requirements for practitioners, create greater consistency in the compliance regime by introducing administrative penalties and strengthen debt recovery powers.

The Health Legislation Amendment (Data-matching and Other Matters) Act 2019 — came into effect on 13 December 2019.

Amended the National Health Act 1953 and the Health Insurance Act 1973 to provide data matching for Medicare program integrity purposes and to improve the Commonwealth’s ability to deal with fraud, inappropriate practice and systematic incorrect claiming.

   

Source: Australian Parliament House, Parliamentary Business Bills and Legislation, and The Federal Register of Legislation.

1.6 The government’s requirements for fraud control are contained in the 2017 Commonwealth Fraud Control Framework7 pursuant to the Public Governance, Performance and Accountability Act 2013 (PGPA Act). The Framework comprises three tiered documents — the fraud rule, fraud policy and fraud guidance. As a non-corporate Commonwealth entity, Health must comply with the fraud rule and the fraud policy. Health assesses health providers’ possible non-provision of a service, or non-supply of a medication, initially as an investigation for possible fraud in accordance with the government’s requirements for fraud control.

Previous ANAO audits

1.7 The ANAO conducted an audit in 2013–14 that examined the effectiveness of then Department of Human Services’ management of Medicare compliance audits.8 The audit found that performance had been mixed. Whilst a program of compliance audits and related compliance activities were delivered, helping to reinforce health professionals’ awareness of their compliance obligations, the administration of Medicare compliance audits was found to have a range of shortcomings. Areas identified where Human Services could have improved its administration of Medicare compliance audits included:

  • while the department had processes in place to identify risks to the Medicare program, historically it had not routinely undertaken preliminary analysis of emerging risks in a timely way. Consequently, a large number of identified risks had not been substantively analysed to determine whether their treatment should be given priority and factored into Human Services’ compliance planning;
  • there were inconsistent approaches within Human Services to calculating debts, with variability in the standards of proof accepted by different compliance officers in calculating debts;
  • between 2008–09 and 2012–13, Human Services raised a total of $49.2 million in debts and recovered $18.9 million from Medicare compliance audits. There was a $128.3 million shortfall in the savings achieved by the department, in the form of monies actually recovered, against the target set by a budget initiative — some 87 per cent less than the $147.2 million in expected savings. Since the introduction of the budget measure, the compliance audits performed by the department, including those performed under the department’s enhanced legislative powers, were delivered at a net cost to government;
  • Human Services did not develop or implement its proposal to monitor and report on savings and achievements against the budget measure; and
  • the department only met its key performance indicator — 2500 completed Medicare audit and review cases per year — once in 2011–12, when it reported completing 2549 Medicare audits and reviews. While the annual target had been agreed by Ministers in the 2008–09 Budget context, during 2012–13 Human Services altered the mix of compliance activities it counted towards the target, by including 500 less onerous ‘targeted feedback letters’, as well as compliance activities directed towards members of the public rather than health professionals. The department subsequently reported completing a total of 2819 Medicare compliance cases in 2012–13, against the revised activity mix. If the additional compliance activities were excluded, the number of Medicare compliance audits and reviews completed in 2012–13 (against the Ministerially agreed target) was 2073. While acknowledging the department’s advice that targeted feedback letters were a valid compliance treatment intended to encourage voluntary compliance, their inclusion resulted in inaccurate performance reporting for the budget measure, as well as inaccurate and inflated internal reporting of its compliance coverage rate.

Rationale for undertaking the audit

1.8 The Health Provider Compliance Program aims to support the integrity of Australia’s publicly subsidised health funding schemes and incentive program (see Table 1.1) by identifying and treating incorrect claiming, inappropriate practice and fraud by health providers. This can include the recovery of funds which have been incorrectly claimed. Given the large volume and value of health providers’ claims, it is important to assess whether Health has an effective approach to the prevention, identification and treatment of incorrect claiming, inappropriate practice and fraud by health care providers and suppliers.

Audit approach

Audit objective, criteria and scope

1.9 The audit objective was to assess the effectiveness of the Department of Health’s approach to health provider compliance.

1.10 To form a conclusion against the audit objective, the following high-level criteria were adopted:

  • approaches to identify, prioritise and treat non-compliance are appropriate; and
  • oversight arrangements for monitoring health provider compliance outcomes are appropriate and inform future compliance approaches.

1.11 The audit did not examine Health’s ‘passive’ compliance activities, such as education, or debt recovery processes.

Factors influencing the audit scope

1.12 A number of factors have influenced the audit scope, including:

  • Health advised that health provider compliance and debt recovery activities were suspended on 24 December 2019 in bushfire disaster declared areas, except in instances of serious non-compliance or investigations of fraudulent behaviour. During the audit, on 18 February 2020, the Australian Government activated the Emergency Response Plan for Novel Coronavirus (COVID-19).9 From early 2020, health provider compliance and debt recovery activities were nationally suspended to reduce the impact on health providers contributing to Australia’s response to the COVID-19 pandemic. Compliance activities continued where there were instances of serious non-compliance or investigations of fraudulent behaviour. Health further advised that compliance activities have been progressively recommenced throughout the second half of 2020 for all provider groups. In recommencing compliance activities, Health is monitoring and responding to any changes in, or escalation of, the COVID-19 pandemic, including reassessing the potential impact on health providers and adjusting activities as required.10
  • As noted in this report, there have been changes in PBID’s compliance operating model since 2017. This made examination of the compliance model prior to this date of limited relevance. While Health has advised that it has commenced activities to implement a new compliance model from early 2020, the suspension of health provider compliance meant that it was not possible to verify and test the effectiveness of Health’s implementation of the new model.

1.13 As a result of these factors, this audit principally focused on PBID’s 2018–19 activity and reported results.

Audit methodology

1.14 The audit methodology included:

  • examination and analysis of departmental records; and
  • interviews with relevant departmental staff.

1.15 The audit was open to citizen contributions, and received 30 contributions from a range of health providers, peak bodies and other interested persons.

1.16 The audit was conducted in accordance with ANAO auditing standards at a cost to the ANAO of approximately $520,000.

1.17 The team members for this audit were Julian Mallett, Christine Preston, Anne Kent, Erica Sekendy, Samuel Painting, Brendan Gaudry, David Brunoro and Peta Martyn.

2. Identifying, prioritising and treating non-compliance

Areas examined

The ANAO examined Health’s approaches to identifying, prioritising and treating non-compliance to assess whether they are appropriate.

Conclusion

In the period examined, Health’s approaches to identifying, prioritising and treating non-compliance were partially appropriate. The absence of a risk-based approach in identifying and prioritising which compliance projects were selected for operational activity limited the effectiveness of the approach. Health advised that it is in the process of implementing a revised compliance model that includes risk-based processes and structures.

Area for improvement

The ANAO made one recommendation aimed at Health costing compliance activities.

2.1 Given the value and scale of the three public health funding schemes and incentive program, it is important that Health’s compliance activities are targeted towards the areas of greatest risk, that non-compliance concerns are appropriately identified and prioritised, and that compliance activities or treatments are undertaken commensurate with the identified risk, required resources and expected returns of this activity.

2.2 To assess Health’s approaches to identifying, prioritising and treating non-compliance, the ANAO planned to examine Health’s compliance model, strategy and procedures for health provider compliance. As Health did not have a compliance strategy, the ANAO based its analysis on:

  • criteria sourced from similar ANAO compliance program audits11; and
  • Health’s 2018–19 compliance activity and results.

The compliance model

2.3 Compliance programs are a coordinated program of:

  • compliance monitoring;
  • activities to promote compliance and reduce the risk of inadvertent non-compliance;
  • the detection and identification of non-compliance; and
  • remedying non-compliance through enforcement activity, including the selection of an appropriate non-compliance treatment.

2.4 To best target compliance activities, many government entities have adopted a model commonly known as the compliance ‘pyramid’ as shown in Figure 2.1.

Figure 2.1: The compliance pyramid

This figure shows the compliance pyramid which shows, at the bottom, a large number of people willing to do the right thing and at the top a smaller number of people who choose to deliberately not comply with the rules.

Source: ANAO Report No.41 2016–17, Management of Selected Fraud Prevention and Compliance Budget Measures, reproduction of the then Department of Human Services compliance model.

2.5 The compliance pyramid recognises that amongst the population from which compliance is sought, the majority are willing to comply with the ‘rules’ and only fail to do so inadvertently (for example, if the rules are unclear). For this group of the population, an appropriate ‘treatment’ may be to provide assistance, education, encouragement or guidance on their compliance obligations — or to make the obligations themselves clearer. Further up the pyramid, increasingly smaller proportions of the population may display a greater disinclination to comply and stronger treatments are required to oblige compliance, particularly where there may be a significant financial benefit in not complying. In the smallest proportion of the population, where there may be deliberate (or repeated) non-compliance or fraud, prosecution may be the only appropriate treatment.

2.6 Health has adapted the generic compliance pyramid as shown in Figure 2.1 for the health provider compliance program as shown in Figure 2.2.

Figure 2.2: Health provider compliance model

This figure shows the compliance pyramid adapted to the health compliance environment.

This figure shows the compliance pyramid adapted to the health compliance environment.

Source: Department of Health.

2.7 Since responsibility for MBS compliance moved to Health, the health provider compliance operating model and PBID’s procedures had been reviewed and amended on several occasions. A December 2016 report by the Boston Consulting Group12 resulted in Health introducing a market segment approach to identifying non-compliance. Implementation of this approach began in October 2017 when 66 provider groups were identified by PBID. The number of provider groups was revised by PBID in October 2018 to 92, to be more closely aligned with the way the health industry categorised provider specialities.

2.8 In July 2018, an internal audit noted that PBID designed a methodology for prioritisation and planning of compliance activities that involved the sequential creation of a Provider Group Profile (to be developed over 25 weeks) and a Provider Group Strategy (to be developed over 22 weeks). The internal audit report commented that ‘this planning time is largely comprised of conducting research, analysing data and identifying areas of concern’ and that adoption of the market segment model had led to a disproportionate level of effort in the planning of compliance activity:

…the large amount of lead time and effort in planning may not be proportional to the achievement of compliance objectives and risk mitigation to meet the timeframes expected by key stakeholders.

2.9 As at November 2019, 30 provider profiles (associated with 34 health provider groups) had been developed, and 17 provider strategies approved.

2.10 A December 2019 internal discussion paper noted the internal audit findings and proposed the introduction of a ‘hybrid risk-based’ model to be known as 1CAB in order to ‘reduce development timeframes and advance high risk/value concerns to treatment faster’. Health advised in September 2020 that the 1CAB operating model had been approved and became ‘incrementally operational’ in early 2020.

Estimates of the cost of health provider non-compliance

2.11 Estimating the financial cost of non-compliance can inform the performance and integrity amongst the population from which compliance is sought. Determining levels of willing participation in the population and significant shifts in compliance can guide priority risks, and better inform where to invest compliance resources.

2.12 Table 2.1 shows the estimates of the costs of health provider non-compliance from a number of consultant reports commissioned by Health based on benchmarking with international comparators and applying research methodologies. This shows the potential financial implications range between $366 million and $2.2 billion.

Table 2.1: Estimates of the costs of health provider non-compliance 2018–19

Source

Detail

2018–19 PBS/MBS non-compliance implication ($ million)a

Health Provider Compliance Division Strategy and Operating Model Summary (Boston Consulting Group, 2016)

Global examples suggest that a compliance division such as [PBID] should be able to recover 1–4% of total healthcare spend.

366 to 1,464

Analytics in Health Provider Compliance at Department of Health (McKinsey, 2016)

6% is considered a reasonable estimate of improper payment rate.

2,196

PBID Audit Review (Boston Consulting Group, 2018)

Industry heuristics and research…show total non-compliance likely to be between 3% and 5% of total payments made.

1,098 to 1,830

Medicare compliance: what providers need to know (Health, 2019)b

It is estimated that two to five per cent of claiming may be non-compliant.

732 to 1,830

     

Note a: Calculations are based on $36.6 billion expenditure in 2018–19 on the three health funding schemes and an incentive program.

Note b: Article on Australian Medical Association website, authored by Department of Health (https://ama.com.au/aus med/medicare-compliance%C2%A0-what-providers-need-know).

2.13 The 2016 Analytics in Health Provider Compliance at Department of Health report referred to in Table 2.1 further stated that $600 million per annum in debt recovery and prevention of future non-compliance was ‘realistically achievable’. Health advised that the quantum of the savings identified in the report had not been agreed to as a target by the department or the government, and was dependant on a number of assumptions which had not been realised.13 However, Health used the analysis in the Health Provider Compliance Division Strategy and Operating Model Summary report as a basis for further approaches to government to support funding for additional health provider compliance measures.

Health provider non-compliance treatments

2.14 Health applied a range of ‘passive’ or ‘active’ compliance treatments for health provider non-compliance. Health describes its passive treatments in the Guideline – for the application of treatment types, estimated savings and priority scores when developing compliance strategies, as including:

  • policy clarification for providers on the appropriate use of particular MBS/PBS items;
  • education where initiatives such as ‘education drives’ can assist providers in changing their behaviour; and
  • proposing changes to compliance legislation which may lead to improved compliance.

2.15 Active compliance treatment types and the number completed by each type in 2018–19 are shown in Table 2.2.

Table 2.2: Active compliance treatments completed 2018–19

Treatment type

Description

No. completed in 2018–19

Targeted Letter (TL)

Used to encourage providers to review and correct billing practices through voluntary compliance. TLs are a lower resource intensity compliance approach and are the most conciliatory compliance option for providers.

12,061

Audit

Desk or face-to-face audits of providers’ suspected high value non-compliant claiming, which does not meet legal requirements. Compliance officers are able to issue a Notice to Produce, which directs providers to supply relevant documents supporting their claims.

288

Practitioner Review Program (PRP)a

Used to improve provider compliance and reduce the number of identified practitioners with unexplained variances in rendering or initiating Medicare services. The PRP process is intensive and relies on the clinical expertise of departmental medical, dental and optometric advisers.

457

Investigation

Used for investigating allegations of serious and intentional misuse and fraudulent obtaining of Medicare benefits.

57

Total 

12,863

     

Note a: PRP interventions are carried out by health professional advisers employed by Health. The PRP involves reviewing services provided by practitioners and corporate entities to consider whether there may have been inappropriate practice. Where concerns are not able to be resolved by the department, a delegate of the Chief Executive Medicare may request the Director of Professional Services Review, an independent authority, conduct a review of the provision of services.

Source: ANAO analysis of Department of Health data.

2.16 Health’s operating model and supporting procedures for health provider compliance have changed as a result of it commencing to implement in 2017 a model in response to the Boston Consulting Group report. However, these changes had not been well documented and there was not a compliance strategy that guided how compliance activities were conducted.

Does Health identify potential non-compliance appropriately and use an effective approach to prioritise projects?

Health appropriately applied a number of methods to identify non-compliance and used a number of analytical tools in support of this work. A risk-based approach was not applied in identifying and prioritising which compliance projects were referred on for operational activity. This limited the effectiveness of the approach taken. At the time of the audit, Health had identified the need for a risk-based approach and advised that it was in the process of implementing a revised compliance model that included risk-based processes.

2.17 Figure 2.3 shows the PBID compliance process.

Figure 2.3: Provider Benefits Integrity Division process

This figure shows the functional organisation of the components of the Provider Benefits Integrity Division.

Source: ANAO analysis.

2.18 In the period of PBID activity examined in 2018–19, from the population of 31 approved compliance projects (see Table 2.4), the majority were developed by data analytics (21 project briefs or 68 per cent). The remaining projects were developed from market segment analysis (nine project briefs or 29 per cent), and one project brief stemmed from tip-off analysis (one project brief or three per cent).

Identification of potential compliance projects

2.19 Compliance Targeting aims to identify ‘areas of concern’ to inform the development of recommendations for compliance activity. Areas of concern may have their genesis through tip-offs14, but are principally generated as a result of analysis of MBS and PBS claims.

2.20 Compliance Targeting used a number of data models, analytical tools and data visualisation methods15 to identify anomalies or outliers for further analysis as to whether they indicate potential non-compliance. A technical analysis of these methods was undertaken from September to November 2019. The data models, tools and visualisations were found to be: risk-based and covered the entire population of the providers; supported by appropriate documentation and user guides; and subject to appropriate quality assurance and validation processes. Health also engaged the services of external data analysis providers.16

2.21 When potential compliance projects17 have been developed, they are first considered by the Analytics Working Group (AWG).18 The AWG was established to identify, develop and approve high value analytics-identified case work for progression to the Case Flow Committee (CFC). The AWG’s Terms of Reference state that the purpose is to ‘only progress analysis where suitable treatment is agreed by the working group’.

2.22 Analysis of AWG meeting records from the 19 meetings held from July 2018 to November 2019 identified that 42 project proposals were considered during this period. Nine proposals were recommended for progression to the CFC (21 per cent), 26 proposals were returned to the project owner requiring further work (62 per cent), and seven proposals were agreed to not progress further (17 per cent). In the period examined, the AWG processes therefore refined compliance project proposals.

2.23 Recommended compliance projects are submitted to the CFC in the form of project briefs. The CFC’s Terms of Reference state PBID is the ‘decision-making body that provides strategic oversight and direction for the case flow in the division to ensure the seamless flow of cases from Compliance [Targeting] Branch to Compliance Operations Branch’. The CFC is chaired by the PBID First Assistant Secretary, and comprises all of the division’s Senior Executive Service officers, a number of Directors from each branch, and a Senior Medical Advisor.

2.24 Analysis of CFC meeting records from the 12 meetings held in 2018–19, and analysis of PBID data, identified 31 project briefs that were endorsed for action in the period. The 31 project briefs that were endorsed for action in 2018–19 are shown in Table 2.4.19

2.25 In addition to an absence of priority areas being identified in a compliance strategy, project briefs did not include information about the relative project priority to other compliance projects. Further, there was no evidence that PBID had undertaken a risk analysis across the four public health funding schemes and incentive program population to inform decisions about where best to focus its efforts and resources. Focusing compliance and enforcement activity on areas of higher risk ensures that resources are targeted to the areas requiring the most attention. This is particularly relevant where an entity has insufficient resources to undertake compliance treatment of all instances of suspected non-compliance.

2.26 A risk-based approach also provides the flexibility for compliance programs to adapt to changes. Risks are assessed differently over time as external and internal events occur, context and knowledge change, and new risks emerge, while pre-existing risks may change or cease to be present. Ongoing monitoring of compliance program risks ensures that the compliance strategy remains current and well targeted.

2.27 The ‘market segment’ approach sought to gain a detailed knowledge of the characteristics of provider groups and Health developed and implemented business rules and weightings to prioritise different specialist sub-groups. In December 2019, the CFC considered a paper that proposed a ‘hybrid risk-based approach’, recognising that while it remained ‘critical to understand what is happening at provider group levels, it is recommended that [the] approach to risk analysis continue to evolve’. The outcome was the 1CAB model that Health advised became incrementally operational in early 2020 (see paragraph 2.10).20

Identifying expected savings from compliance projects

2.28 Apart from recovering funds which should not have been paid, PBID’s work is to change the behaviour of non-compliant providers with the aim of reducing the number of payments which were incorrect, or should not have been paid (on the basis that prevention is preferable to enforcement). In developing proposals to treat potential non-compliance, both ‘direct’ and ‘indirect’ savings are therefore considered.

2.29 Direct savings are defined as ‘the potential dollar value of non-compliance expected to be recovered from providers due to identified incorrect payments’ and indirect savings are ‘potential savings resulting from a provider’s change in future claiming behaviour as a result of compliance intervention’. Direct savings are payments which have already been made which should be recovered if a provider is found to have claimed incorrectly.

2.30 The formulae used to calculate savings depending on the treatment type selected are shown in Table 2.3.

Table 2.3: Formulae used to calculate potential savings

Treatment type

Direct savings

Indirect savings

Targeted Letter

 

Five per cent of the benefit value of each MBS/PBS item identified as being potentially non-compliant within the selected data period.a

Ten per cent of the benefit value of each MBS/PBS item identified as being potentially non-compliant within 12 months following intervention with the provider.

Audit

PRP

$77,350 x 0.05 x number of cases) + ($13,666 x 0.05 x number of cases).b

$184,500 per case over a 12 month period.c

Investigation

100 per cent of claiming for the items of concern, assuming non-provision (MBS) or non-supply (PBS) is proved.

There is no estimation of potential expenditure reduction for investigations cases as often there are too few cases to ensure accurate analysis can be conducted.

     

Note a: Health advised that exceptions apply to this rule where items are claimed that are not provided for in the supporting legislation. In these instances, 100 per cent of the claimed item amount is used in the direct savings calculation.

Note b: This calculation is based on PRP outcomes from Business Approaches in 2014–15. In that year, five per cent of PRPs resulted in repayment orders averaging $77,350 per case. A further five per cent of PRP cases submitted a voluntary acknowledgement (the provider volunteered that they made an incorrect claim either before, or as a result of, compliance activity), averaging $13,666 per case.

Note c: This figure was adopted based on outcomes from PRP interventions in 2016–17.

Source: Department of Health.

2.31 The formulae shown in Table 2.3 applied at the time the 31 project briefs were endorsed for action in 2018–19, with 18 of the project briefs applying the formulae. In the remaining 13 projects, one project brief noted the formulae did not apply in the treatment type recommended (investigation), and the relevant formulae were not applied in the remaining 12 project briefs (with four briefs detailing the reason why the formulae had not been applied and why another methodology had been used). More prevalent patterns of CFC approval of project briefs that did not consistently apply the formulae to calculate potential savings was observed in projects with recommended treatment type of:

  • audit: where five of the 11 projects (45 per cent) did not calculate indirect savings, with the direct savings in these projects calculated to range from $0.3 million to $3.7 million; and
  • PRP: where three of the 18 projects (17 per cent) did not calculate direct savings, with the indirect savings in these projects calculated to range from $2.0 million to $4.2 million.

2.32 Health advised that the basis for estimating potential behavioural savings was reviewed in 2019 and the formulae were superseded in 2020, with a new approach using completed case data over three financial years from 2016–17.

2.33 Table 2.4 details the estimated savings included in the 2018–19 approved compliance project briefs totalled $90.8 million.

Are Health’s actions to treat non-compliance proportionate?

From the population of projects that were approved in 2018–19 for compliance action, the proportion of compliance activity treatment types applied was largely consistent with Health’s hierarchy of compliance responses. The proportion of cases found to be non-compliant was around half for the totality of compliance activity treatment types. Health did not cost compliance projects to inform the required resources and expected returns of the activity.

2.34 Determining the appropriate enforcement activity where non-compliance is identified minimises the burden on those providers who are voluntarily compliant, and ensures that enforcement action is proportionate and undertaken only when necessary. The proportionality of compliance activities or treatments was examined to see if they were commensurate with the hierarchy of compliance treatment types, required resources and expected returns of the activity.

2.35 Table 2.4 shows a summary of the 31 project briefs that were approved by CFC for compliance action in 2018–19. In order to preserve confidentiality, a reference number has been assigned to each brief.

Table 2.4: Summary of 2018–19 Case Flow Committee approved projects

Brief no.

Number of treatments agreed

Estimated savings ($)

 

TL

Audit

PRP

Investigation

Total

1

0

0

14

0

2,646,711

2

0

47

0

0

1,431,228

3

305

4

0

0

3,670,831

4

175

0

41

0

1,678,269

5

0

22

0

0

2,057,617

6

0

0

12

0

324,721

7

0

63

0

0

653,256

8

0

50

0

0

881,908

9

0

0

19

0

3,505,500

10

101

0

4

0

1,600,925

11

127

0

0

0

1,255,274

12

0

0

11

0

2,024,000

13

0

0

23

0

4,242,500

14

0

0

0

2

28,651

15

0

0

2

0

378,102

16

0

87

0

0

293,600

17

0

10

0

0

1,819,690

18

0

5

0

0

71,706

19

78

0

0

0

83,571

20

117

0

40

0

12,289,598

21

339

30

0

0

1,001,820

22

49

33

17

0

4,844,392

23

55

0

7

0

1,705,500

24

0

0

3

0

621,762

25

181

84

9

0

8,200,000

26

307

0

0

0

2,810,500

27

269

0

59

0

17,282,220

28

0

0

28

0

5,293,422

29

377

0

32

0

6,955,000

30

0

0

4

0

756,203

31

0

0

2

0

378,102

Total

2480

435

327

2

90,786,579

           

Source: ANAO analysis of Department of Health data.

2.36 Table 2.4 shows that the proportion of compliance activity treatment types approved in the period was largely consistent with Health’s hierarchy of compliance treatment types (see Table 2.2) with greater use of targeted letters (76.4 pe r cent), equivalent application of audits and PRPs (13.4 per cent and 10.1 per cent respectively); and lowest use of investigations (0.1 per cent).

2.37 Targeted letters are used for minor non-compliance (see Figure 2.2 and Table 2.2), while investigations are reserved for serious and intentional misuse and possible fraud. Concurrently applying the same scale from a light touch to more intensive compliance responses, would result in a targeted letter campaign being more administratively efficient, less resource-intensive and therefore lower cost, and an investigation being more resource-intensive and therefore higher cost. The proportion of cases found to be non-compliant would also be higher in more intensive compliance response, with a tied relationship between compliance activity costs versus outcome.

2.38 The proportionality of the savings estimated to be achieved, against the hierarchy of treatment types is detailed in Table 2.5. This shows the total estimated savings (including direct and indirect savings) according to the recommended treatment type, from the 31 project briefs approved in 2018–19.

Table 2.5: 2018–19 approved project briefs: estimated total savings by treatment type

Treatment type

No. of projects with treatment type

No. of cases with treatment type

Estimated savings ($ total)

Total estimated average savings per case ($)

Targeted Letter

12

2175

22,886,056

10,522

Audit

10

431

10,406,716

24,146

PRP

18

327

53,962,486

165,023

Investigation

1

2

28,651

14,326

Total

41

2935

87,283,909

29,739

         

Notes: One project was not included in this analysis as the brief recommended multiple treatment types but did not provide a breakdown of the estimated expected savings for each treatment type. As a result, the total figures in this table are not equal to those in Table 2.4. The total number of projects with treatment types exceeds the number of project briefs (31). This is due to 21 briefs recommending a single treatment type, seven briefs recommending the use of two treatment types and two briefs recommending the use of three treatment types.

Source: ANAO analysis of Department of Health data.

2.39 Noting the limitations observed in Health’s consistent application of the methodology to calculate potential savings in the 31 project briefs (as discussed in paragraph 2.31), the relative amount of the estimated total savings for cases using targeted letters, audits and PRP are broadly consistent, where the estimated savings per case are greater for the more resource-intensive treatment types. However, the estimated total saving for the single project (comprising two cases) using investigation as a treatment type was not commensurate with the most resource-intensive compliance approach.21

2.40 Analysis of whether enforcement action is proportionate and effectively targets those providers whose claiming is non-compliant is detailed in Table 2.6. This shows the number of 2018–19 approved project briefs with completed cases as of 30 June 2020, by treatment type and the proportion found to be non-compliant. The methodology used by Health to calculate the non-compliance rate is discussed further at paragraph 3.15 to 3.22.

Table 2.6: 2018–19 approved project briefs: completed cases by treatment type

Treatment typea

Number of completed cases

Non-compliant cases

Proportion non-compliant (%)

Targeted Letter

1642

821

50.0

Audit

257

223

86.8

PRP

242

151

62.4

Investigation

None completed

None completed

None completed

Total

2141

1195

55.8

       

Note a: This table only includes completed compliance cases by treatment type that were included in compliance projects that were approved in 2018–19. Case completion data has been drawn from the 2018–19 and 2019–20 periods to include in the table. The figures in this table differ from those in Table 3.3, due to Table 3.3 including all compliance cases by treatment type that were completed in the 2018–19 period, as calculated by Health, including cases that originated from tip-offs (see footnote 15) and projects approved in different periods.

Source: ANAO analysis of Department of Health data.

2.41 Health did not estimate or monitor the cost of its compliance activities and consequently cannot determine if resources are targeted to the areas requiring the most attention (or to manage particular risks), or calculate the net return on the investment in compliance activities.

Recommendation no.1

2.42 The Department of Health cost health provider compliance activities to:

  1. inform if the allocation of resources are targeted to the areas requiring the most attention; and
  2. enable calculation of the net return on investment in compliance activities.

Department of Health response: Agreed.

2.43 The Department will continue to address risks of potential non-compliance using a proportional approach so to allow appropriate options for the treatment of risks to be determined in accordance with the gravity of the concern and the degree of potential noncompliance. The Department of Health acknowledges the importance of evaluation in determining future compliance activities and is examining improved options for how to better cost health provider compliance activities. Costing model options will be considered in the context of the Department’s legislative obligations to respond to and appropriately treat specific concerns of non-compliance, particularly those which are related to cases of potential fraud or inappropriate practice. In such circumstances it will need to be recognised that the cost of compliance treatment types may be irrelevant to targeting areas that require the most attention and that in such situations resources will need to be allocated as required.

3. Oversight and monitoring, and informing future compliance approaches

Areas examined

The ANAO examined Health’s oversight arrangements for monitoring health provider compliance outcomes to assess whether they were appropriate and inform future compliance approaches.

Conclusion

Health’s oversight arrangements for monitoring health provider compliance outcomes were partially appropriate. While Health undertook internal monitoring and reporting of the health provider compliance case outcomes by treatment type, external program performance measurement and reporting was not based on a robust methodology. There was limited evidence that compliance project outcomes were systematically monitored and assessed.

Area for improvement

The ANAO made one recommendation aimed at reviewing the methodology for calculating the health provider compliance program performance measure.

3.1 The Public Governance Performance and Accountability Act 2013 (PGPA Act) provides the basis for the Commonwealth performance framework, which allows an assessment of entities’ progress against their purpose. The PGPA Act requires that performance information should demonstrate the extent to which a Commonwealth entity is meeting its purposes through the activities it undertakes. Alignment across the elements of the Commonwealth performance framework is intended to improve the line of sight between the use of public resources and the results achieved by entities.

3.2 The ANAO examined Health’s monitoring of the performance framework for the health provider compliance program, reporting of program performance and whether lessons learned from the compliance activities result in program improvements.

Does Health monitor whether the expected outcomes of the compliance program are being achieved?

Health undertakes external and internal reporting of the health provider compliance program performance outcomes. The compliance program performance measure had changed over three periods and the method used to calculate the performance outcome was not based on a robust methodology for measuring and assessing performance.

3.3 In each of the four budgets since 2016–17, the Health provider compliance program has received additional funds for compliance activity through budget measures, with a government expectation that the provision of additional funds would lead to additional compliance savings. The additional funds were provided to strengthen Health’s compliance and debt recovery powers to support the government’s objectives of ensuring the integrity of Medicare and protecting patients from inappropriate practice, which often results in sub-optimal health outcomes. Details of the four budget measures are shown in Table 3.1.

Table 3.1: Health Provider Compliance Program: budget measures 2016–17 to 2019–20

Year and name of measure

Details

Additional funds provided ($m)

Estimated net savings ($m)

2016–17 Healthier Medicare — enhanced Medicare compliance program

The Government will achieve efficiencies of $66.2 million over four years from 2016–17 through enhancements to the Medicare compliance program. Efficiencies will be achieved by introducing an advanced data analytics capability to better target providers who make Medicare claims that are inconsistent with existing rules and introducing changes to improve low rates of debt recovery from providers.

48.0

66.2

2017–18 Guaranteeing Medicare — Medicare Benefits Schedule – improved compliance

The Government will improve the Medicare Benefits Schedule (MBS) compliance arrangements and debt recovery practices. This will result in combined savings of $103.8 million over four years from 2017–18.

103.8

2018–19 Guaranteeing Medicare — improving quality and safety through stronger compliance

The Government will invest $9.5 million over five years from 2017–18 to continue to improve Medicare compliance arrangements and debt recovery practices to ensure Medicare services are targeted at serving the health needs of Australian patients.

This measure includes better targeting investigations into fraud, inappropriate practice and incorrect claiming and will use data analytics and behavioural driven approaches to compliance.

9.5

a

2019–20 Guaranteeing Medicare — improving quality and safety through stronger compliance

The Government will invest $105.9 million over five years from 2018–19 to continue to improve Medicare compliance arrangements and debt recovery practices to ensure Medicare services are targeted at serving the health needs of Australian patients.

This measure includes better targeting of investigations into fraud, inappropriate practice and incorrect claiming by working with relevant government agencies and behavioural driven approaches to compliance.

105.9

a

    

Note a: Savings estimates associated with these measures were not announced.

Source: Budget Papers, Portfolio Budget Statements.

Health’s reporting against targets and program performance outcomes

3.4 The range of external and internal reporting of the health provider compliance program performance outcomes is examined below.

External reporting of compliance program outcomes

3.5 The Commonwealth Performance Framework — a key element of the resource management framework that governs the use and management of public resources within the Commonwealth public sector — ‘aims to improve the line of sight between what was intended and what was delivered’. The role of key publications in the framework is as follows:

  • Portfolio Budget Statements (PBS), released in May simultaneously with the budget (the primary financial planning document for entities);
  • Corporate Plans, released by 31 August each year (the primary non-financial planning document for entities); and
  • Annual Reports, released by 31 October each following year (incorporating the audited financial statements and the Annual Performance Statements of entities, which report respectively on the financial and non-financial results achieved by entities).

3.6 In each of these documents, entities report on their activities and performance on an outcome and program basis against performance criteria and targets/measures. In the 2018–19 period, Program 4.7 Health Benefit Compliance (ensuring the integrity of health provider claiming)22 formed part of the department’s Outcome 4.23

3.7 The performance criteria and targets/measures for Program 4.7 have changed three times since Health assumed responsibility for MBS compliance:

  • in 2016–17, the criterion was to complete audits and reviews of health providers:
    • including general audits, practitioner reviews and criminal investigations (2500)
    • focussed on high risk/complex compliance issues (500).
  • in 2017–18, the criterion was to improve health provider compliance through a contemporary program that utilises advanced analytics and behavioural economics to identify irregular payments and behaviours, measured through:
    • value of debts recovered ($15.6 million)
    • behavioural change from activities from prior years ($13.0 million).
  • from 2018–19, the criterion was to:
    • deliver a quality health provider compliance program that prevents non-compliance where possible and ensures audits and reviews are targeted effectively to those providers whose claiming is non-compliant, so that the following proportions of audits and reviews that are undertaken by the Department find non-compliance (>90%).

3.8 Health advised that it was appropriate in the context of new budget measures to review the appropriateness of the health provider compliance program performance target. Health considered that the non-compliance rate provides an indication to practitioners and stakeholders if the compliance program is appropriately targeted.

3.9 The details of the performance criterion and the reported results are shown in Table 3.2.

Table 3.2: Program 4.7: performance criterion and reported estimated results 2017–18 and 2018–19

Performance criterion

2017–18a estimated result

2018–19 estimated result

Deliver a quality health provider compliance program that prevents non-compliance where possible and ensures audits and reviews are targeted effectively to those providers whose claiming is non-compliant, so that greater than 90% of audits and reviews that are undertaken by the Department find non-compliance.

Met

Met

   

Note a: In the 2017–18 Annual Report, Health reported against the dollar value criterion that applied in the period, stating that it met the target.

Source: Portfolio Budget Statements 2018–19 and 2019–20.

3.10 The Department of Finance’s Developing good performance information Resource Management Guide No. 13124 identifies that performance measures should enable an entity to demonstrate its performance in achieving its purposes or key activities over time. Generally, trends in performance measured on a consistent basis over time will be more informative than standalone or discontinuous measurement of performance.25 Once a program or activity is ongoing, it will generally be appropriate for performance measures to be developed that measure effectiveness or impact and, for activities that are transactional in nature, measures that assess efficiency. There would be benefit in Health maintaining consistency in how the health provider compliance program performance is measured.

3.11 For 2018–19, PBID reported that the proportion of compliance activities that detected non-compliance was 95.4 per cent as shown in Table 3.3.

Table 3.3: Reported non-compliance rate by compliance activity type, 2018–19

Treatment typea

Total cases

Non-compliant cases

Proportion non-compliant (%)

Targeted Letters (TL)

2923

2923

100.0

Audit

287

225

78.4

Practitioner Review Program (PRP)

457

301

65.9

Investigation

57

32

56.1

Voluntary Acknowledgementsb

1587

1587

100.0

Total

5311

5068

95.4

    

Note a: This table includes all compliance cases by treatment type that were completed in the 2018–19 period, as calculated by Health. This includes cases that originated from tip-offs (see footnote 15) and projects (including cases from the 31 project briefs approved by the CFC in 2018–19, and other cases from projects that commenced prior to those approved by CFC in 2018–19). The figures in this table differ from those in Table 2.6, due to Table 2.6 only including completed compliance cases by treatment type that were included in compliance projects that were approved in 2018–19. Table 2.6 also includes case completion data that has been drawn from the 2018–19 and 2019–20 periods to include in the table.

Note b: Health’s inclusion of voluntary acknowledgements in the non-compliance rate calculation is explained and discussed at paragraphs 3.12 to 3.14.

Source: PBID data used to derive reported result.

3.12 Voluntary acknowledgements enable providers to voluntarily correct billing practices and can originate from health provider’s self-reporting that they incorrectly claimed a MBS item, pharmaceutical benefit or dental benefit that they should not have received. A voluntary acknowledgment can also be provided by a health provider in response to compliance activity.

3.13 Health’s internal management reporting recorded a total of 1587 voluntary acknowledgments were completed in 2018–19. A breakdown between voluntary acknowledgements that were self-reported and those that resulting from compliance activities was not provided in the reporting. The majority of voluntary acknowledgements included in Health’s internal management reporting and shown in Table 3.3 were self-reported (1449 cases (92 per cent)), and the remaining 134 cases (eight per cent) were the result of an admission of incorrect claiming as the result of a PRP compliance activity.26

3.14 The majority of voluntary acknowledgements were not categorised or defined as an active compliance treatment (see paragraph 2.15 and Table 2.2), but have been included by Health in the calculation of the number of audits and reviews undertaken to determine the result against the performance measure. Health should review the approach to internally reporting voluntary acknowledgements to provide more information about their source, as well as their inclusion in the non-compliance rate calculation for the performance measure. Health advised that it was developing enhancements to internal management reporting to enable the reporting of the number of voluntary acknowledgments by the source.

3.15 In November 2018, the PBID First Assistant Secretary agreed to the use of an existing methodology to calculate the proportion of compliance activities that were non-compliant to enable measurement and reporting against the new performance indicator for Program 4.7 for the 2018–19 period. For audits, investigations and PRPs, the non-compliance rate calculation is determined by dividing the number of closed cases from the relevant financial year where the provider was found to be non-compliant by the total number of closed cases. For targeted letters and voluntary acknowledgements, only the closed cases from the relevant financial year that were recorded as having a debt recovery amount were used in the calculation, rather than all closed cases.

3.16 The internal minute that set out the performance measure calculation methodology identified challenges with calculating the rate consistently across the five categories given that the different interventions differ in approach and the burden of proof required. It was also acknowledged that including the targeted campaigns cases with a debt recovery amount and excluding the cases without them may also be misleading for reporting in the Annual Report. The minute advised that the non-compliance rate result would be 95.1 per cent as at 31 October 2018 applying the existing methodology, compared to a non-compliance rate result of 21.7 per cent if all cases were included in the calculation. It was recommended and agreed that the methodology used remain in the interim and that a further review be undertaken to determine if an alternative should be considered. Health advised that a review of the methodology has not been conducted as it remains obliged to report against the Portfolio Budget Statements Key Performance Indicator.

3.17 Using PBID data, the ANAO recalculated the non-compliant rate using all completed cases in the 2018–19 period as shown in Table 3.4. Counting the number of cases completed in the period that were recorded by Health as ‘non-compliant’ and the total population of compliance cases recorded as completed to calculate the ‘proportion non-compliant’ across all completed case categories results in 35 per cent. Excluding voluntary acknowledgements from the calculation (see paragraph 3.12) would result in a non-compliance rate result of 27 per cent.

Table 3.4: Recalculated non-compliance rate by compliance activity type, 2018–19, using all completed cases

Treatment type

Total cases

Non-compliant cases

Proportion non-compliant (%)

Targeted Letters

12,061

2951

24.5

Audit

288

225

78.4

Practitioner Review Program

457

301

65.9

Investigation

57

32

56.1

Voluntary Acknowledgements

1683

1591

94.5

Total

14,546

5100

35.2

    

Note: The reason for the difference in figures in Table 3.3 and Table 3.4 are:

  • Targeted Letter and Voluntary Acknowledgements, is because some cases were recorded by PBID as non-compliant, but were not recorded as having a debt recovery amount and were therefore excluded in PBIDs count in Table 3.3. The ANAO has included these cases in Table 3.4.
  • Audit cases, is because PBID’s formula used for the calculation of the compliance rate counted one case as a voluntary acknowledgement rather than as an audit in Table 3.3. The ANAO has counted this case as an audit and not a voluntary acknowledgement in Table 3.4.

Source: ANAO analysis of Department of Health data.

3.18 Health defines health provider compliance ‘audits and reviews’ to be:

An audit is an evidence-based assessment of a provider’s compliance with relevant requirements in relation to the payment of a benefit. A review of decision is where an independent decision maker reviews the result of a compliance audit and reconsiders the evidence (or considers new evidence) and confirms, varies or revokes the original decision.27

3.19 Targeted letters are used to encourage providers to review and correct billing practices through voluntary compliance (see Table 2.2), and do not involve a Health official reviewing the result of the compliance activity to confirm, vary or revoke a determination of non-compliance. Targeted letters are not consistent with Health’s definition of an ‘audit or review’ that are included in the performance measure description. Excluding voluntary acknowledgements and targeted letters from the performance measure calculation would result in a non-compliance rate result of 70 per cent.

3.20 The Department of Finance’s Developing good performance information Resource Management Guide No. 13128 identifies that performance statements should provide relevant context to the performance results reported and an analysis of factors that contributed to, or restricted, the delivery of it purposes within the reporting period. The current approach to reporting the program performance target for the Health Provider Compliance Program does not apply an unbiased basis for the measurement and assessment of performance29, because the methodology used to calculate the target does not include all activities completed for the reporting period and selectively excludes some activities that would lower the overall achievement of the target if captured.

3.21 Health receives responses to targeted letters from providers where they make representations that their claiming behaviour is compliant. As discussed in paragraph 3.35, Health has assessed in project closure reports that the non-response rate to targeted letter campaigns was 47.2 per cent, and in 71 per cent of these cases providers acknowledged non-compliance and returned a voluntary acknowledgement.

3.22 Health should review the Health Provider Compliance Program’s external performance reporting in the Annual Report. Consideration should be given to how the department can accurately reflect the results of relevant compliance audit and review activities undertaken in the period, and if performance measures allow for the assessment and reporting of the effectiveness or impact of activities undertaken.

Recommendation no.2

3.23 The Department of Health review the methodology for selecting and calculating the health provider compliance program performance measure to ensure it accurately reflects the planned performance outcome and the results achieved.

Department of Health response: Agreed.

3.24 The Department is currently operating under a performance criteria that was established in full recognition of the methodology that was to be applied to calculate the proportion of noncompliance and as such has provided a true reflection of the performance measures in its external reporting (i.e. Annual Report). It notes that the alternate performance measures, included in this report, have been derived using a methodology that does not reflect that which is currently used by the Department and that the subsequent use of an alternative methodology has fundamentally changed the approach to this calculation without commensurate reconsideration and resetting of the performance measure.

3.25 The Department acknowledges that the methodology for selecting and calculating the health provider compliance program performance measure can be strengthened and options for a more robust model for the measurement and assessment of performance are being explored. The Department agrees that going forward it will seek to strengthen the appropriateness of the performance target so to ensure non-compliance rates provide a more indicative indication for practitioners and stakeholders that the Department’s compliance program is appropriately targeted.

Internal reporting of compliance program outcomes

3.26 Health has committed in successive budget measures to increasing the compliance savings that it will achieve (see Table 3.1). PBID has combined the total value of these commitments and uses these as internal targets against which it reports. The PBID ‘dashboard’ reported on the monitoring and tracking of savings achieved, as well as other metrics such as compliance cases completed, the number of tip-offs approved and number of compliance activities in the ‘pipeline’.

3.27 Behaviour change savings calculations measure the changes to claiming patterns for providers, pharmacists and practices (for PIP payments only) following compliance interventions. A lag in time between completion of a compliance activity and the estimation of behaviour change savings is required in order to measure the impact the activity has had on the claiming pattern. Health’s estimation of behaviour change savings commences a minimum of 12 months following the completion of a compliance project. On this basis, the estimation of behaviour change savings in 2018–19 are based on activities initiated in 2017–18. In September 2020, Health advised the result against the savings targets as shown in Table 3.5.

Table 3.5: Health reported savings results against targets: 2016–17 to 2019–20

 

2016–17

2017–18

2018–19

2019–20

 

Reported savings ($m)

Result against target

Reported savings ($m)

Result against target

Reported savings ($m)

Result against target

Reported savings ($m)

Result against target

Direct savings (debts recovered)

>13.0

Met

22.1

Met

49.3

Not Met

52.3

Not Met

Indirect savings (from behaviour change)

148.5

Met

123.4

Met

309.5

Not Met

Total savings

>13.0

Met

170.6

Met

172.7

Met

361.8

Not Met

         

Note: As noted at Table 3.1, the amount of expected savings arising from 2018–19 and 2019–20 budget measures were not announced. For this reason, the ANAO has not published the actual target figures for the 2016–17 to 2019–20 period.

Source: Department of Health.

3.28 Health’s 2018–19 Annual Report records the total cost of Program 4.7 (Health Provider Compliance Program) in 2018–19 was $101.1 million. This means that the net compliance savings in this period were $71.6 million.

Does Health have appropriate mechanisms in place to oversight health provider compliance and do lessons learned from the compliance activities result in program improvements?

Health undertakes internal monitoring and reporting of the health provider compliance case outcomes by treatment type. There was limited evidence that compliance project outcomes were systematically monitored, assessed, and captured to inform future compliance activity.

Oversight mechanisms

3.29 The functional structure of PBID in the period examined over 2018–19 is shown in Figure 2.3. The department’s intranet also shows that the division’s governance framework includes a Divisional Executive Meeting (DEM) (meeting weekly) and a Divisional Leadership Group (DLG) (meeting monthly). The intranet records the purpose of as these groups, with the DEM’s role being to ‘consider high level strategic, policy, operational and risk matters’ and the DLG’s as ‘to provide a body where a range of strategic, leadership and operational matters may be considered’. There was no evidence that these bodies have formal terms of reference. The Case Flow Committee (CFC) is also referred to as part of PBID’s governance framework, although the Analytics Working Group (AWG) was not.

3.30 At the compliance project management level, a Compliance Project Governance document was endorsed by the DEM in January 2018. This document details the key steps in the development, management, and evaluation of compliance projects within PBID, including approvals and ownership. The document was process-oriented in nature and did not outline the oversight or governance arrangements for the Health Provider Compliance Program. Several elements of this framework have also now been superseded.

3.31 A July 2018 internal audit of the Health Provider Compliance program noted:

‘….it would be prudent to develop a matrix or map of the key interrelationships, dependencies and critical success pathways at the whole of program level. This will avoid a situation where ‘silos’ can develop where busy sub-programs tend to concentrate on their own requirements without sufficient consideration of the program as a whole. These risks are exacerbated in an environment where the program is rapidly ramping up its capacity and capability.’

3.32 At the time of audit, there was no current compliance program governance framework in place that outlined the roles of the different compliance branches, the interrelationships between them, and the various decision points in the compliance process. Health advised that with the implementation of the new operating model, PBID will have a clear documented framework which outlines the governance processes applied across the Division.

Reports on lessons learned and outcomes from compliance project activity

3.33 As discussed at paragraph 3.26, a PBID ‘dashboard’ monitored and tracked metrics such as compliance cases completed, the number of tip-offs approved and number of compliance activities in the ‘pipeline’. Internal compliance monitoring and reporting was largely at the program and case level, with the exception of a master list maintained by PBID for the purpose of supporting Case Flow Committee processes. PBID reports which summarise compliance project outcomes for 2018–19 (as distinct from program outcomes which are discussed at paragraph 3.4 above), comprised a total of 12 reports (ten project closure reports, and two project performance assessments).

Project Closure Reports

3.34 Project closure reports are prepared for projects where the selected treatment was targeted letters. Health advised that as PRP and Investigations focus on individual provider’s behaviours and actions, records of these compliance outcomes are maintained in case management notes and recordkeeping folders. Project closure reports only assess direct savings (see paragraph 2.29) as they are completed three months after letters were sent out, which was an insufficient amount of time for changes in providers’ future claiming behaviour to become apparent. Of the ten project closure reports, one was noted as not being expected to achieve direct savings because the project assessed the eligibility of the selected providers to claim a Practice Incentive Program (PIP) (see Table 1.1) payment in the future. This project closure report has been excluded from the analysis. Results of the analysis of the outcomes from the remaining nine project closure reports is shown in Table 3.6.

Table 3.6: Project closure reports 2018–19: results

No. of cases

Non-response rate (%)

No. of voluntary acknowledgments

Estimated direct savings ($m)

Debts raised ($m)

2,974

47.2

999

7.8

12.5

     

Note: Each project has multiple cases (with each case representing a single provider or practice). The number of cases in the nine projects varied from 52 to 1155.

As noted at Table 3.3, a voluntary acknowledgement is where a provider acknowledges they claimed incorrectly for benefits and other payments made.

Source: ANAO analysis of PBID data.

3.35 Analysis of the nine reports completed in the period indicated:

  • a wide range of outcomes in terms of debts raised, varying between ten per cent and almost 800 per cent of the estimated direct savings30, with the total debts raised exceeding the total of the estimate of direct savings;
  • almost half of providers did not respond to the targeted letters they received. In eight of the nine cases, the report stated that contacting ‘non-responders’ was ‘out of scope’ of the project31; and
  • 999 out of 1,405 of providers who did respond (71 per cent), acknowledged non-compliance and returned a voluntary acknowledgement, with the largest single repayment being $264,266. This may indicate that PBID’s selection of providers for treatment was effective.

3.36 The nine project closure reports contained ‘lessons learned’, or recommendations, or both, but there was no evidence that these were routinely or systematically captured as part of a feedback loop to inform future compliance activity.

Project Performance Assessments

3.37 As noted at paragraph 3.30 above, a Compliance Project Governance document was endorsed by the DEM in January 2018. The document identifies the completion of a project performance assessment as one of seven stages of a compliance project which must be completed prior to a project being closed. The requirement for a project performance assessment to be completed had existed for more than two years, however PBID advised in March 2020 that only two PPAs had ever been completed. The limited number of project performance assessment reports completed by PBID in 2018–19 meant that it was not possible to conduct reliable analysis on the usefulness of the reports in informing future compliance activity.

3.38 When a project based compliance model is applied, summarising and reporting on compliance project outcomes is useful to continually strengthen the compliance approach. Analysing the outcomes of compliance projects to determine the impact and quality of the original compliance activity proposal is a useful basis to inform continuous improvement activities. Continuous improvement is expected to be an ongoing, long-term approach to improving processes that support and implement changes to make compliance activities of a better quality, more cost-effective and result in improved outcomes.

3.39 Health advised that the 1CAB operating model evaluation function includes two points of review for projects endorsed by CFC. The first point of review will focus on process evaluation shortly after a project is endorsed, providing an opportunity for timely feedback. Twelve to 15 months after the project is completed, a further impact evaluation will be completed, including consideration of whether the project achieved the expected direct and indirect savings.

Appendices

Appendix 1 Entity response

Response from the Secretary of the Department of Health, Dr Brendan Murphy. See Summary of entity response in the Summary and recommendations chapter for a summary of the response.

Footnotes

1 Following the Government’s Healthier Medicare Initiative announcement in April 2015, the Administrative Arrangements Order on 30 September 2015 transferred responsibility for Medicare provider compliance from the then Department of Human Services to the Department of Health.

2 Following the Government’s Healthier Medicare Initiative announcement in April 2015, the Administrative Arrangements Order on 30 September 2015 transferred responsibility for Medicare provider compliance from the then Department of Human Services to the Department of Health.

3 In September 2019, the Australian Institute of Health and Welfare reported that in 2017-18, the Australian Government spent $77.1 billion on health, comprising: $46.5 billion in direct expenditure on programs such as the MBS and PBS; $21.7 billion in National Health Reform funding (including National Partnership payments to states and territories); $5.9 billion in rebates and subsidies for privately insured persons; $3.0 billion for goods and services provided to eligible veterans and their dependants; and $0.01 billion for the medical expenses tax rebate. Australian Institute of Health and Welfare, Health expenditure Australia 2017-18, September 2019.

4 Services Australia (formerly the Department of Human Services) administers the schemes on behalf of Health and makes payments. Health is responsible for the legislation and policy for the schemes and enforcing compliance of provider billing.

5 Department of Health [Internet], available from: https://www1.health.gov.au [accessed 3 August 2020], and https://www.pbs.gov.au [accessed 3 August 2020].

6 Portfolio Budget Statements 2019-20, Budget Related Paper No. 1.9, Health Portfolio, p98.

7 Attorney-General’s Department, Commonwealth Fraud Control Framework, AGD, 2017.

8 Auditor-General Report No.26 2013–14 Medicare Compliance Audits, available from: https://www.anao.gov.au/work/performance-audit/medicare-compliance-audits [accessed on 17 August 2020]. Auditor-General Report No.15 2018–19 Human Services’ Compliance Strategies, examined Medicare customer compliance activities that the then department of Human Services was responsible for in 2016-17 and 2017-18, and not health provider compliance activities that were the responsibility of the Department of Health. Available from https://www.anao.gov.au/work/performance-audit/human-services-compliance-strategies [accessed 17 August 2020].

9 Department of Health, Australian Health Sector Emergency Response Plan for Novel Coronavirus (COVID-19) [Internet], Department of Health, available from https://www.health.gov.au/resources/publications/australian-health-sector-emergency-response-plan-for-novel-coronavirus-covid-19 [accessed 17 August 2020].

10 Department of Health, Health Professional Compliance [Internet], Department of Health, available from https://www1.health.gov.au/internet/main/publishing.nsf/Content/health-compliance [accessed 17 August 2020].

11 Auditor-General Report No.26 2013–14 Medicare Compliance Audits, available from: https://www.anao.gov.au/work/performance-audit/medicare-compliance-audits.

Auditor-General Report No.15 2018–19 Human Services’ Compliance Strategies, available from: https://www.anao.gov.au/work/performance-audit/human-services-compliance-strategies.

Auditor-General Report No. 48 2017–18 Compliance with Foreign Investment Obligations for Residential Real Estate, available from: https://www.anao.gov.au/work/performance-audit/compliance-foreign-investment-obligations-residential-real-estate.

12Health Provider Compliance Division Strategy and Operating Model, Boston Consulting Group, December 2016.

13 The dependencies included: passage of data matching legislation which came into effect in December 2019; access to real-time Medicare data which is not expected to be delivered until late 2020; the scale of resource investment by Government required to support the delivery of the capabilities outlined in the report; and that prioritisation of high value or impact cases risks focusing and narrowing compliance activities on a small number of provider groups.

14 Tip-offs refer to issues primarily raised anonymously. In 2018-19 Health identified 1644 potential non-compliance cases from 2189 reported tip-offs. Tip-offs are typically investigated as individual cases, but concerns of a similar topic may be batched into a project to remedy non-compliance through enforcement activity. In 2018-19, the majority of tip-offs were recommended to be treated through the Practitioner Review Program (70 per cent), followed by audit (13 per cent), investigation (12 per cent) and targeted letter (5 per cent).

15 These include the Non-compliance Detection Tool (NCDT), SAS (a proprietary statistical analysis tool) and Rshiny, a proprietary data visualisation tool.

16 The current provider, Quantium Health, was engaged in July 2019 for a two year contract with a value of $19.6 million. The previous provider, Lorica, was engaged from April 2017 to June 2019 for $22.3 million.

17 A project has a unifying theme: for example, a project may relate to suspected misuse of one or more MBS or PBS schedule items, or it may relate to possible patterns of non-compliant claiming by a specific group (or sub-group) of health providers. A project can include either a single or multiple cases: a case relates to a compliance activity/treatment type for a single provider.

18 The AWG membership comprised the Director of the Data Analytics Section (DAS) as Chair, PBID’s external Data Analytics partners, and Directors from of a number of relevant PBID sections.

19 The number of CFC endorsed compliance projects in the 2018–19 period was greater than the number recommended by the AWG. This is due in part to the AWG being established in 2018, with its first meeting held in June 2018. As the compliance program operates on a rolling program of compliance activity, the CFC received project recommendations in late 2017–18 before the AWG was established that were approved in the 2018–19 period. The ANAO was not able to confirm the source of all CFC endorsed compliance projects in the 2018–19 period.

20 The 1CAB model introduced a compliance program strategy to be formed based on ‘researched intelligence inputs that identified and defined risks’. The new model also established a Risk Identification Section in the PBID structure with a role of overseeing a risk register. As discussed at paragraph 1.12, it was not possible to verify and test the effectiveness of Health’s implementation of the new model.

21 Health advised that this may be due to a smaller representation of investigation cases included in this sample, which were identified as being suitable for treatment in a project, where investigation cases result mainly from tip-offs (see footnote 15).

22 The purpose of Program 4.7 is: To support the integrity of health benefit claims through prevention, early identification and treatment of incorrect claiming, inappropriate practice, fraud and prohibited practices.

23 The purpose of Outcome 4 is: Access to cost-effective medicines, medical, dental and hearing services, and improved choice in health services, including through the Pharmaceutical Benefits Scheme, Medicare, targeted assistance strategies and private health insurance.

24 Department of Finance Developing good performance information Resource Management Guide No. 131 [Internet] available from: https://www.finance.gov.au/sites/default/files/2020-05/RMG%20131%20-%20Developing%20good%20performance%20information_0.pdf [accessed 18 August 2020].

25 The Public Governance, Performance and Accountability Rule 2014 sets out in Section 16EA the requirements that all performance measures must meet. Subsection 16EA(f) sets out that performance measures should provide a basis for an assessment of the entity’s performance over time.

26 Health extracted data in February 2020 to enable the confirmation of the makeup of the 1587 completed voluntary acknowledgment cases. Health advised that due to debt adjustments and subsequent case reclassifications, the total number of voluntary acknowledgment was 1583 which was four cases less than the 1587 cases identified in the original data extracted in July 2019 used to confirm the performance measure results.

27 Department of Health [internet], available from: https://www1.health.gov.au/internet/main/publishing.nsf/Content/compliance-audits-and-review [accessed 14 October 2020].

28 Department of Finance Developing good performance information Resource Management Guide No. 131 [Internet] available from: https://www.finance.gov.au/sites/default/files/2020-05/RMG%20131%20-%20Developing%20good%20performance%20information_0.pdf [accessed 18 August 2020].

29 The Public Governance, Performance and Accountability Rule 2014 sets out in Section 16EA the requirements that all performance measures must meet. Subsection 16EA(c) sets out that the performance measures should provide an objective basis for assessment. This means that performance measures, together with the details of data sources and methodologies, should provide confidence to a reader that the basis of measurement is free from bias.

30 In one case, the pre-treatment estimate of savings was $596,866.40, and the debts raised were $4,697,303.00.

31 Health advised that as there is no legal basis to compel providers to respond to a targeted letter, and as it is assumed that most providers will self-remedy incorrect or inappropriate billing after receiving a letter, follow up is not routinely conducted for providers who do not respond. Non-responders are only followed up if they are identified as having continued concerning behaviour or worsening behaviour through the case escalation process.