February 12, 2020

The Texas Medicaid Vendor Drug Program requests the OIG perform continuous audits of pharmacies enrolled in the program. If you are a Medicaid or CHIP provider and are notified to expect an audit by the OIG, here is the process you can expect.

Audit planning and fieldwork

OIG Audit staff will notify you of the audit and then conduct a site visit to gather information about business operations and billing practices. You’ll get to know the audit team and learn the audit’s goals, testing methodology, timelines and document requirements. Typical audit objectives include determining whether an managed care organization (MCO) or pharmacy benefit manager (PBM) is effectively delivering pharmacy benefits and compliant with applicable contract requirements or if the pharmacy follows the process to dispense the correct drugs at the correct time.

Providing documentation

Pharmacies are generally asked to provide original prescriptions, daily logs and invoices for drug purchases from a specific period of time, typically three years. Auditors interview selected staff and perform onsite tests of transactions to fulfill the audit objective, such as whether services were authorized and billing was supported. Prior to leaving the site, auditors will provide a list of outstanding items and notify the provider of any potential issues.

Audit report preparation

In its draft report, the audit staff provides detailed information and recommendations for each area that is not in compliance or would benefit from improvement. The OIG distributes the draft report to the applicable HHS program area and the audited entity for review and comment. Formal responses from the HHS program area and/or audited entity will be included in the final audit report.

Audit outcomes

Audits may identify overpayments and disallowed costs or other issues, and they may offer recommendations to improve performance, mitigate risks, address control weaknesses, and address privacy and IT security vulnerabilities. Auditors may refer potential fraud cases to another OIG program area.

Example findings

Common exceptions discovered during pharmacy audits include:

  • Billing for a different NDC than dispensed.
  • Lacking invoices to verify NDCs billed to VDP.
  • Dispensing medication in quantities or a strength other than prescribed.
  • Filling prescriptions with incorrect issuance dates.

Final audit reports are published on the OIG website: ReportTexasFraud.com.  The OIG produced an informational report on the role of PBMs in delivering Medicaid and Chip pharmacy benefits, available here: https://tinyurl.com/PBMinfo.

For more information on how to prepare for an audit, contact the OIG Audit Division at OIG.AuditDivision@hhsc.state.tx.us, or call 512-491-2000.