CMS Expands Medicaid Fraud Initiative to All 50 States — Hospitals May Be Exempt, but Their Community Partners May Not Be
CMS Administrator Mehmet Oz sent a letter directing all 50 state Medicaid directors and governors to revalidate providers participating in the program.
Dr. Oz requested that states submit a "high-risk provider" revalidation timetable earlier this month and a broader plan later this month. States can define 'high-risk' providers, but definitions must include providers without National Provider Identifiers (NPIs) per CMS. If states focus exclusively on non-NPI providers, hospitals may avoid audits — but there's no guarantee of exemption under the letter's current language.
The move expands a fraud crackdown that had previously targeted mostly Democratic-led states like California, Illinois, Minnesota, and New York There’s also arguably a broader political logic at play: casting Medicaid as fraud-ridden to build the case for further cuts, as seen in last year’s OBBBA legislation.
Even with a hospital carve-out, the audits could squeeze the smaller partners' health systems depend on — FQHCs, rural clinics, home health agencies, and behavioral health providers, to name a few — whose thinner margins and limited compliance infrastructure leave them more exposed.