Maryland Department of Health Medical Care Programs Administration Audit Report
Learn how the AI-generated research projects were createdOverall Conclusion
MCPA’s accountability and compliance level was unsatisfactory.
Source Document
Audit Scope
Fiscal period August 1, 2018 through March 31, 2022; MDH – Medical Care Programs Administration (MCPA); focus on Medicaid Management Information System II (MMIS II) security and controls, recipient and provider eligibility, third-party recoveries, hospital and nursing facility payments, Community First Choice and Medical Day Care; excludes MDH – Office of the Secretary and Other Units; results include ransomware incident impact and related redactions; methodology described in the report.
Key Findings Summary
MCPA did not monitor the utilization control agent contractor to ensure continued stay reviews of Medicaid recipients receiving services from nursing facilities were performed timely.
MCPA did not have an established process to ensure costly recipient ventilator care claims submitted by nursing facilities were valid, as required by State regulations.
Redacted cybersecurity-related finding.
View the Findings tab to see all 10 findings
AI-Assisted
AI Scope Summary
Build on this audit by strengthening Medicaid integrity across third-party liability interfacing, questionable payments recovery, recipient eligibility processing, and program oversight (CFC, MDC, and hospital claims), while ensuring robust information security practices and rapid remediation following security incidents in future audits.
AI-Generated Insight
The Maryland MCPA audit identifies significant gaps in third-party liability interfacing, eligibility and payment controls, and oversight of waivers and hospital claims, compounded by a ransomware incident that disrupted operations and documentation. The public redaction of cybersecurity findings underscores ongoing risks that require strengthening controls and timely corrective actions in future audits.