Request for Information (RFI) Related to Comprehensive Regulations To Uncover Suspicious Healthcare (CRUSH)

Issuing agencies

Abstract

This request for information (RFI) solicits stakeholder feedback on potential regulatory changes that might be included in a potential upcoming CRUSH proposed rule, as well as other programmatic changes that could be implemented to make CMS more effective in crushing fraud to protect taxpayer dollars and the Americans we serve.

Full Text

<html>
<head>
<title>Federal Register, Volume 91 Issue 39 (Friday, February 27, 2026)</title>
</head>
<body><pre>
[Federal Register Volume 91, Number 39 (Friday, February 27, 2026)]
[Proposed Rules]
[Pages 9803-9808]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2026-03968]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Centers for Medicare & Medicaid Services

42 CFR Part 424

[CMS-6098-NC]
RIN 0938-AV97


Request for Information (RFI) Related to Comprehensive 
Regulations To Uncover Suspicious Healthcare (CRUSH)

AGENCY: Centers for Medicare & Medicaid Services (CMS), Department of 
Health and Human Services (HHS).

ACTION: Request for information.

-----------------------------------------------------------------------

SUMMARY: This request for information (RFI) solicits stakeholder 
feedback on potential regulatory changes that might be included in a 
potential upcoming CRUSH proposed rule, as well as other programmatic 
changes that could be implemented to make CMS more effective in 
crushing fraud to protect taxpayer dollars and the Americans we serve.

DATES: To be assured consideration, comments must be received at one of 
the addresses provided below, by March 30, 2026.

FOR FURTHER INFORMATION CONTACT:  Kathleen O'Malley, (410) 786-8987.

ADDRESSES: In commenting, refer to file code CMS-6098-NC.
    Comments, including mass comment submissions, must be submitted in 
one of the following three ways (please choose only one of the ways 
listed):
    1. Electronically. You may submit electronic comments on this 
regulation to <a href="http://www.regulations.gov">http://www.regulations.gov</a>. Follow the ``Submit a 
comment'' instructions.
    2. By regular mail. You may mail written comments to the following 
address ONLY: Centers for Medicare & Medicaid Services, Department of 
Health and Human Services, Attention: CMS-6098-NC, P.O. Box 8013, 
Baltimore, MD 21244-8013.
    Please allow sufficient time for mailed comments to be received 
before the close of the comment period.
    3. By express or overnight mail. You may send written comments to 
the following address ONLY: Centers for Medicare & Medicaid Services, 
Department of Health and Human Services, Attention: CMS-6098-NC, Mail 
Stop C4-26-05, 7500 Security Boulevard, Baltimore, MD 21244-1850.
    [Note: This ZIP code is for express mail or courier delivery only. 
This ZIP code specifies the agency's physical location.]
    For information on viewing public comments, see the beginning of 
the SUPPLEMENTARY INFORMATION section.

SUPPLEMENTARY INFORMATION: 
    Inspection of Public Comments: All comments received before the 
close of the comment period are available for viewing by the public, 
including any personally identifiable or confidential business 
information that is included in a comment. We post all comments 
received before the close of the comment period on the following 
website as soon as possible after they have been received: <a href="http://www.regulations.gov">http://www.regulations.gov</a>. Follow the search instructions on that website to 
view public comments. CMS will not post on <a href="http://Regulations.gov">Regulations.gov</a> public 
comments that make threats to individuals or institutions or suggest 
that the commenter will take actions to harm an individual. CMS 
continues to encourage individuals not to submit duplicative comments. 
We will post acceptable comments from multiple unique commenters even 
if the content is identical or nearly identical to other comments. CMS 
encourages commenters to include supporting facts,

[[Page 9804]]

research, and evidence in their comments. When doing so, commenters are 
encouraged to provide citations to the materials referenced, including 
active hyperlinks. Likewise, commenters who reference materials that 
have not been published are encouraged to upload relevant data 
collection instruments, data sets, and detailed findings as a part of 
their comment. Providing such citations and documentation will assist 
CMS in analyzing the comments.

I. Background

    On June 6, 2025, President Trump issued a Presidential Memorandum 
on Eliminating Waste, Fraud, and Abuse in Medicaid expressing this 
Administration's commitment to preserve and protect the integrity of 
government programs. Similarly, President Trump, U.S. Department of 
Health and Human Services (HHS) Secretary Kennedy, and Centers for 
Medicare & Medicaid Services (CMS) Administrator Oz have strongly 
demonstrated this administration's dedication to crushing fraud in 
Medicare, Medicaid, the Children's Health Insurance Program (CHIP), and 
the Marketplace. In alignment with this strategic objective, CMS is 
issuing this RFI to solicit stakeholder feedback on potential 
regulatory changes that might be included in a potential future 
proposed rule, as well as other programmatic changes that could be 
implemented to make CMS more effective in crushing fraud to protect 
taxpayer dollars and the Americans we serve.

II. Solicitation of Public Comments

    While CMS invites all relevant input, we are specifically inviting 
responses on the following topics listed in this section of this RFI. 
This RFI does not necessarily solicit comments on the full scope of 
topics that could be included in a potential, future CRUSH Rule.

A. Modifications to Program Integrity Requirements

    CMS takes a variety of actions to crush fraud, waste and abuse, 
including provider enrollment screening, suspending payments when there 
is a credible allegation of fraud or reliable indication of 
overpayment, data analytics of claims, imposing automatic pre-payment 
claims edits, conducting investigations and audits, post-payment review 
of medical records, revocations, re-enrollment bans, coordinating with 
law enforcement partners on enforcement actions, and providing 
education to reduce improper payments. CMS is looking for ways to 
strengthen its fraud-fighting toolbox and invites public comments on 
how to achieve this. Specifically, we seek comments on the following 
questions and related topics around CMS' existing program integrity 
authorities and processes:
    <bullet> Are there ways in which CMS could better use existing 
statutory authorities to expeditiously prevent bad actors from engaging 
in fraud, waste, and abuse?
    <bullet> Are there ways to modify provider enrollment (including 
revocation), medical review, investigation, audit, payment suspension, 
and other program integrity oversight policies to provide CMS with 
increased authority and flexibility to expeditiously prevent bad actors 
from engaging in fraud, waste, and abuse? (See, for example, Title 42 
Code of Federal Regulations (CFR) 405.371 et seq. (payment suspension), 
part 424, Subpart P, especially 424.510 (general requirements), 424.516 
(additional requirements), 424.530 (enrollment denial), 424.535 
(revocation), and 424.540 (deactivation of billing privileges).)
    <bullet> Are there existing requirements or policies, including 
those issued through regulations, memoranda, administrative orders, 
subregulatory guidance documents, or policy statements that could be 
altered to increase CMS' ability to promote payment accuracy and 
efficiency to protect the integrity of Medicare, Medicaid, CHIP, and 
the Health Insurance Marketplace[supreg]? \1\
---------------------------------------------------------------------------

    \1\ Health Insurance Marketplace[supreg] is a registered service 
mark of the U.S. Department of Health & Human Services. The Health 
Insurance Marketplace[supreg] is also known as the Federally 
facilitated Exchange, which we use synonymously later in this 
document.
---------------------------------------------------------------------------

    <bullet> What changes could CMS or its contractors make to existing 
processes to promote their ability to effectively deter fraud, waste, 
and abuse and promote payment accuracy and efficiency, including by 
more expeditiously gathering actionable information?
    <bullet> What types of analytics, methodologies, or data-driven 
approaches would be most effective in identifying indicators of 
potential fraud, waste, or abuse? We welcome feedback on specific 
analytical techniques, models, technologies, mechanisms, or data 
sources that could strengthen our ability to proactively detect and 
prevent fraudulent activity.
    <bullet> A core component of crushing fraud to protect taxpayer 
dollars is transparency to the Americans we serve about CMS' program 
integrity undertakings. How can CMS improve its transparency about its 
oversight and enforcement activities?
    <bullet> CMS currently does not have an affirmative, regulatory 
authority to direct Medicare Advantage (MA) organizations and Part D 
plan sponsors to suspend payments to providers and suppliers that 
operate exclusively in Part C or Part D or both. Should CMS establish 
regulatory requirements that allow MA organizations and Part D sponsors 
to implement payment suspensions under circumstances similar to the 
payment suspension authority that exists for Traditional Medicare under 
42 CFR 405.371, and require suspensions when directed by CMS?

B. Enhanced Identity Proofing and Ownership Requirements

    CMS has identified significant concerns that Medicare fraud is 
increasingly perpetrated through international fraud schemes 
characterized by opacity of ownership structures. These schemes often 
involve owners who reside outside of the United States, owners who are 
not permanent residents or U.S. citizens, and individuals who operate 
beyond the reach of U.S. law enforcement authorities. The lack of 
robust identity verification and the ability of non-U.S. residents to 
maintain ownership in Medicare-enrolled entities creates substantial 
program integrity vulnerabilities and impedes fraud investigation and 
prosecution efforts. CMS is seeking stakeholder feedback on potential 
provisions that would require enhanced identity proofing of individuals 
associated with Medicare-enrolled entities and impose citizenship or 
legal residency requirements for ownership.
    <bullet> What would be the impact on Medicare-enrolled entities if 
CMS established a requirement for U.S. citizenship or legal permanent 
residency for all individuals with an ownership or control interest of 
5 percent or greater in a Medicare-enrolled provider or supplier?
    <bullet> CMS currently requires fingerprinting and criminal 
background checks for all individuals with a 5 percent or greater 
ownership interest in a provider/supplier organization that is part of 
the ``high'' risk category as described in 42 CFR 424.518. Should this 
be expanded to include, for instance, the provider's managing 
employees, less than 5 percent owners, or other individuals who are 
affiliated with or working for the organization?
    <bullet> What alternative identity proofing measures could 
effectively verify the identity and location of owners while balancing 
program integrity objectives

[[Page 9805]]

with the operational needs of legitimate Medicare providers and 
suppliers?
    <bullet> Are there specific provider or supplier types for which 
enhanced identity proofing and citizenship or residency requirements 
would be most critical to preventing fraud?
    <bullet> Are there additional individuals on the enrollment record 
for whom enhanced identity proofing and citizenship or residency 
requirements would help prevent fraud?
    <bullet> What challenges would these requirements create for 
entities with foreign parent companies, international investors, or 
legitimate cross-border business structures?

C. Preclusion List and Medicare Advantage Enrollment Requirements

    CMS has identified significant deficits in the effectiveness of the 
preclusion list in preventing fraudulent billing in MA. Under current 
policy, providers and suppliers that are revoked from Traditional 
Medicare for reasons not considered ``detrimental to the best interests 
of the Medicare program'' are not included on the preclusion list. CMS 
has observed that providers and suppliers revoked from Traditional 
Medicare for these reasons often shift their billing operations to MA 
plans, where they can continue to submit claims and receive payment. 
This gap in the preclusion list undermines program integrity efforts 
and allows bad actors to circumvent CMS oversight. CMS is seeking 
feedback from MA organizations and other stakeholders on potential 
improvements to the preclusion list and whether requiring enrollment in 
Traditional Medicare could enhance program integrity.
    <bullet> What changes could CMS make to better effectuate the 
preclusion list to prevent Traditional Medicare-revoked providers and 
suppliers from continuing to bill MA plans?
    <bullet> Does the current preclusion list adequately serve the 
needs of MA organizations in identifying and preventing payments to 
providers and suppliers that pose fraud, waste, or abuse risks?
    <bullet> Would MA plans support a requirement for all providers and 
suppliers to enroll in the Traditional Medicare (Fee-for-Service) 
program as a condition of billing MA plans?
    <bullet> Should such a requirement apply only to high-risk provider 
and supplier types?
    <bullet> What operational, administrative, and financial impacts 
would a requirement to enroll in the Traditional Medicare program have 
on providers and suppliers that currently only bill MA plans?
    <bullet> Are there alternative mechanisms that could achieve 
similar program integrity objectives without requiring enrollment in 
Traditional Medicare?

D. Reducing Medicare Fraud Related to Laboratory Tests Including 
Genetic Tests and Molecular Diagnostic Tests

    In 2024, Medicare Part B or Traditional Medicare spending on 
clinical diagnostic laboratory tests (lab tests) totaled $8.4 billion--
a five percent increase over the previous year per a January 2026 U.S. 
Department of Health and Human Services' Office of the Inspector 
General (OIG) Report.\2\ Part B spending on lab tests has been shifting 
increasingly toward genetic tests, including tests related to cancer, 
infections, and epilepsy.\3\ Although genetic tests represented only 5 
percent of lab tests paid under Part B in 2024, they accounted for 43 
percent ($3.6 billion) of Part B lab spending. The OIG and the 
Department of Justice have issued multiple reports \4\ and fraud 
alerts,\5\ and have engaged in multiple enforcement actions \6\ related 
to fraud in lab tests, particularly genetic tests, including molecular 
diagnostic tests. CMS is concerned about fraud, waste, and abuse 
related to lab tests and has targeted this as a focus area through its 
Fraud Defense Operations Center (FDOC), which is a high-tech unit 
formed in 2025 that utilizes cross-functional teams to target fraud in 
real time and has expedited the issuance of payment suspensions, 
resulting in $1.8 billion in taxpayer savings in 2025, over $100 
million of which was related to suspect laboratories.
---------------------------------------------------------------------------

    \2\ Total Medicare Part B Spending on Lab Tests Rose in 2024, 
Driven by Increased Spending on Genetic Tests. OIG Report Number 
OEI-09-25-00330. January 23, 2026. Available at: <a href="https://oig.hhs.gov/reports/all/2026/total-medicare-part-b-spending-on-lab-tests-rose-in-2024-driven-by-increased-spending-on-genetic-tests/">https://oig.hhs.gov/reports/all/2026/total-medicare-part-b-spending-on-lab-tests-rose-in-2024-driven-by-increased-spending-on-genetic-tests/</a>.
    \3\ Id.
    \4\ Id. See also: OIG Semiannual Report to Congress. October 1, 
2024 to March 31, 2025.
    \5\ Fraud Alert: Genetic Testing Scam. Last updated September 
27, 2019. Available at: <a href="https://oig.hhs.gov/fraud/consumer-alerts/fraud-alert-genetic-testing-scam/">https://oig.hhs.gov/fraud/consumer-alerts/fraud-alert-genetic-testing-scam/</a>.
    \6\ Lab Operator Convicted of $4M Medicare Fraud Scheme. 
February 25, 2025. Available at: <a href="https://oig.hhs.gov/fraud/enforcement/lab-operator-convicted-of-4m-medicare-fraud-scheme/">https://oig.hhs.gov/fraud/enforcement/lab-operator-convicted-of-4m-medicare-fraud-scheme/</a>. See 
also: Federal Law Enforcement Action Involving Fraudulent Genetic 
Testing Results in Charges Against 35 Individuals Responsible for 
Over $2.1 Billion in Losses in One of the Largest Health Care Fraud 
Schemes Ever Charged. September 27, 2019. Available at: <a href="https://www.justice.gov/archives/opa/pr/federal-law-enforcement-action-involving-fraudulent-genetic-testing-results-charges-against">https://www.justice.gov/archives/opa/pr/federal-law-enforcement-action-involving-fraudulent-genetic-testing-results-charges-against</a>.
---------------------------------------------------------------------------

    <bullet> What new statutory or regulatory authorities would empower 
CMS to more effectively prevent, identify, and address fraud in lab 
tests, including genetic tests and molecular diagnostic tests?
    <bullet> What types of tools, data analytics, and methods would 
assist CMS to increase program integrity related to lab tests, 
including genetic tests and molecular diagnostic tests?
    In 2011, the Molecular Diagnostic Services Program (MolDX Program), 
administered by Palmetto GBA on behalf of CMS, was established to 
determine and streamline coverage and reimbursement for molecular 
diagnostic tests on behalf of the Medicare program. It aims to provide 
uniform policies across multiple Medicare Administrative Contractors 
(MACs) and currently spans 28 states.
    CMS is interested in understanding if a requirement to register in 
the MolDX program, that other payors may have, has had an impact on the 
risk of fraud, waste and abuse related to laboratory testing. CMS also 
wants to understand the rationale as to why other payors and MA 
organizations require laboratories to be registered in MolDX even when 
they are not located in a MolDX state.
    <bullet> What prompted other payors and MA organizations to require 
registration in the MolDX program?
    <bullet> What safeguards or challenges has the MolDX program 
provided to your organization regarding laboratory testing?

E. Reducing Risks From Non-Participating Durable Medicare Equipment, 
Prosthetics, Orthotics and Supplies (DMEPOS) <SUP>7</SUP> Suppliers in 
Medicare Advantage
---------------------------------------------------------------------------

    \7\ Examples of DMEPOS include: mobility aids (wheelchairs, 
walkers, canes, scooters), respiratory aids (oxygen, CPAP machines, 
ventilators), hospital beds, prosthetic limbs/eyes, orthopedic 
braces, diabetes supplies (meters, strips, lancets), ostomy supplies 
(bags, pouches), and infusion pumps, that serve recurring medical 
needs at home.
---------------------------------------------------------------------------

    There is a significant risk of fraud, waste, and abuse with certain 
high-risk services, including the provision of DMEPOS. The OIG and MA 
organizations have identified that non-participating DMEPOS suppliers 
\8\ are fraudulently billing MA plans for millions of dollars of 
services not rendered and not needed.\9\ We would

[[Page 9806]]

like the public's feedback on solutions related to non-participating 
DMEPOS suppliers in MA.
---------------------------------------------------------------------------

    \8\ Medicare ``participation'' means that the supplier agrees to 
accept assignment on all claims for all Medicare-covered services 
furnished to the supplier's patients. By accepting assignment, the 
supplier agrees to accept Medicare-allowed amounts as payment in 
full. The supplier cannot collect more from the patient than the 
applicable Medicare deductible and coinsurance or copayment. See 
<a href="https://www.cms.gov/medicare-participation">https://www.cms.gov/medicare-participation</a> for more information.
    \9\ HHS OIG Work Plan for ``Durable Medical Equipment Fraud and 
Safeguards in Medicare,'' Project Number: OEI-02-24-00310. (``Each 
year, Medicare payments for durable medical equipment, prosthetics, 
orthotics, and supplies (DMEPOS) top more than $7 billion in 
traditional Medicare alone. Although CMS has a number of safeguards 
in place to prevent bad actors from billing DMEPOS in Medicare, 
fraudulent billing for DMEPOS continues to be a major concern. 
Recent cases demonstrate that DMEPOS continues to be a target of 
fraudulent billing and that new schemes have developed. OIG's review 
will provide information about current fraud schemes and the 
safeguards and monitoring that CMS has to prevent fraud, waste, and 
abuse. These findings will result in multiple products. The first 
product will look at billing for DMEPOS in Medicare Advantage, 
specifically by suppliers that are not enrolled in Medicare fee-for-
service.'') Available at: <a href="https://oig.hhs.gov/reports/work-plan/browse-work-plan-projects/durable-medical-equipment-fraud-and-safeguards-in-medicare/">https://oig.hhs.gov/reports/work-plan/browse-work-plan-projects/durable-medical-equipment-fraud-and-safeguards-in-medicare/</a>.
---------------------------------------------------------------------------

    <bullet> What changes would MA organizations need to make to 
existing processes to promote the ability to effectively deter fraud, 
waste, and abuse and promote payment accuracy for non-participating 
DMEPOS suppliers?
    <bullet> Are there existing requirements (including those issued 
through regulations, memoranda, administrative orders, guidance 
documents, contracts, or policy statements) that could be altered to 
increase MA organizations' ability to promote payment accuracy and 
efficiency to protect the integrity of the program for non-
participating DMEPOS suppliers?
    <bullet> What types of analytics, methodologies, or data-driven 
approaches are most effective in identifying indicators of potential 
fraud, waste, or abuse for non-participating DMEPOS suppliers? We 
welcome feedback on specific analytical techniques, models, or data 
sources that could strengthen MA organizations' ability to proactively 
detect and prevent fraudulent activity.
    <bullet> Would MA organizations prefer DMEPOS suppliers to be 
accredited and enrolled similar to Traditional Medicare, ensuring 
suppliers meet minimum supplier standards?

F. Reducing Fraudulent Medicare Parts A and B (Traditional Medicare) 
Claim Submissions

    Due to the significant risk of fraud, waste, and abuse with certain 
high-risk items and services (for example, DMEPOS), CMS is seeking 
feedback about the impact of reducing the Medicare Parts A and B 
(Traditional Medicare) 1-calendar year claim filing deadline for high-
risk items and services, including but not limited to DMEPOS. Ensuring 
claims are filed more promptly will assist CMS in evaluating data and 
reduce the ability of providers to back-bill for fraudulent claims.
    <bullet> How would a claim filing deadline of 90 to 180 calendar 
days, which is consistent with private industry norms, impact your 
practice?
    <bullet> Are there certain claim or provider types for which these 
deadlines would not be feasible?
    <bullet> What would be the best way to implement a shorter claim 
filing deadline for certain high-risk items and services? What are the 
benefits or drawbacks of imposing a shorter claim filing deadline for 
all of the following:
    ++ All claims filed by specific high-risk provider or supplier 
types (for example DMEPOS suppliers).
    ++ All claims filed for specific high-risk items or services.
    ++ All claims filed by specific providers who are high-risk.
    ++ Some other method(s).
    <bullet> Would it be beneficial to apply this standard to all items 
and services rather than only to high-risk items and services to reduce 
unnecessary administrative complexity?
    <bullet> Would the current flexibilities in 42 CFR 424.44 or 
additional flexibilities for a shorter claim filing deadline be 
appropriate to support such a change, and if so, what would those 
flexibilities be?

G. Artificial Intelligence in Medicare Advantage Coding Oversight and 
Hospital Billing

    CMS is seeking input from stakeholders about the availability, use, 
efficacy, and cost of using artificial intelligence (AI), based on 
machine learning and other methods, to assist with accurately and 
efficiently abstracting diagnoses from medical record documentation as 
part of a medical records review. More specifically, CMS is seeking 
input on the following topics:
    <bullet> What types of AI solutions (including commercial off-the-
shelf (COTS) products) are most effective and efficient for assisting 
human coders with large volumes of records?
    <bullet> What key features and learning capabilities should an AI 
solution include to improve accuracy, incorporate coder feedback, and 
prevent errors or ``hallucinations''?
    <bullet> How should AI-generated coding recommendations be 
displayed to human reviewers, and what compliance risks should be 
considered and mitigated?
    <bullet> What lessons have been learned from implementing AI 
solutions, including pricing structures and use within cloud-based IT 
environments?
    <bullet> Are there AI solutions that address coding issues related 
to overpayments and underpayments, and can those AI solutions be used 
for compliance oversight?
    <bullet> How could AI be used to increase the efficiency and 
accuracy of hospital billing?

H. Beneficiary Solicitation

    Medicare beneficiaries are often subject to unsolicited outreach by 
unscrupulous individuals seeking to obtain their personally 
identifiable information to submit fraudulent Medicare claims. 
Beneficiaries are sometimes offered free money, items, or services in 
exchange for their information. There is currently a prohibition 
against unsolicited contact via telephone by DMEPOS suppliers (see 
section 1834(a)(17) of the Social Security Act (the Act) and 42 CFR 
424.57(c)(11)). We are seeking feedback from stakeholders about the 
impact of expanding this prohibition to other types of providers and 
suppliers through legislation and expanding the existing DMEPOS 
regulation to other forms of communication, such as email, text 
message, or social media.
    <bullet> What means of communication do Medicare beneficiaries find 
are being used to solicit them for their Medicare information? How do 
beneficiaries respond when they have been contacted by an inappropriate 
direct solicitation?
    <bullet> If the prohibition on unsolicited contact via telephone by 
DMEPOS suppliers was expanded to other forms of communication, what 
obstacles would that create for DMEPOS suppliers that could hinder your 
ability to effectively serve Medicare beneficiaries? In what ways could 
CMS mitigate those concerns while still expanding protections for 
beneficiaries?
    <bullet> If CMS were to pursue a legislative proposal to expand the 
prohibition against unsolicited contact by DMEPOS suppliers to other 
provider and supplier types, are there other provider or supplier types 
that should be included?
    <bullet> In what other ways should CMS expand the prohibition on 
unsolicited contact via telephone by DMEPOS suppliers? For example, 
should CMS explicitly prohibit DMEPOS suppliers from collaborating with 
marketing agencies or other third parties acting on their behalf to 
perform solicitation?

I. Beneficiary Contact

    CMS encourages Medicare beneficiaries or their authorized legal 
representatives to review their Medicare Summary Notices (MSNs) and 
other CMS-issued materials, such as the Medicare & You handbook (see 
page 105 available at <a href="http://www.medicare.gov/publications/10050-medicare-and-you.pdf">www.medicare.gov/publications/10050-medicare-and-you.pdf</a>) and the CMS website to

[[Page 9807]]

identify services or items that may be incorrect, unfamiliar, or 
potentially fraudulent. These communications include instructions on 
how beneficiaries can report suspected fraud, waste, or abuse, 
including contacting CMS, the MACs, or the OIG. While these existing 
efforts provide important information and reporting pathways, we are 
interested in understanding whether additional or alternative 
communication methods could further improve beneficiary awareness, 
trust, and ease of reporting. Accordingly, we are exploring whether and 
how other approaches or tools could be utilized to better support 
beneficiaries in identifying and reporting potentially suspicious 
Traditional Medicare claims.
    <bullet> How would beneficiaries prefer to be contacted by CMS or 
its contractors about potentially suspicious claims? Would they prefer 
that this contact occur before or after processing the claim?
    <bullet> What concerns, if any, would beneficiaries have regarding 
privacy, burden, or confusion related to prepayment verification 
outreach? In what ways could CMS distinguish these communications to 
make them easy to identify and to make it clear that they are 
legitimate and trustworthy communications and that beneficiaries need 
to take action? What form(s) of communication (for example, telephone, 
mail, secure electronic communication) would beneficiaries find 
acceptable for such verification?
    <bullet> What could CMS be doing that it is not already doing to 
make it easier for beneficiaries to report a potentially suspicious 
claim?

J. Surety Bonds

    In accordance with section 1834(a)(16) of the Act (and as codified 
in 42 CFR 424.57(d)), DMEPOS suppliers are required to maintain a 
surety bond of at least $50,000 in order to enroll and maintain 
enrollment in Medicare. We request public feedback on means of 
strengthening our existing surety bond requirement. We are especially 
interested in suggestions on how CMS should use its surety bond 
authorities to be more effective in the fight against fraud, such as 
increasing the required bond amount, expanding the types of Medicare 
providers and suppliers that must maintain a surety bond, or taking 
tougher actions against bond companies that are not meeting their 
obligations when fraud is found. In addition, how can CMS strengthen 
surety bond requirements in Medicaid and CHIP, for example, with 
respect to Medicaid and CHIP home health providers?

K. Medicaid and CHIP

    Recently, CMS has taken bold steps to address significant, systemic 
Medicaid fraud that has been discovered in multiple states. CMS is 
continuously refining its oversight actions and capabilities to ensure 
that states are proactive in crushing fraudulent activities in these 
programs. We are seeking stakeholder feedback on how to expand CMS' 
regulatory authority to act expeditiously to prevent, identify, and 
address instances of fraud, waste, and abuse in Medicaid and CHIP. We 
are also soliciting suggestions about cutting-edge technological tools 
that could be harnessed to advance this work.
    <bullet> Is there any way that CMS should better leverage or expand 
its statutory or regulatory program integrity oversight authority?
    <bullet> In order to strengthen program integrity oversight of 
provider enrollment, should CMS require that states require their high-
risk providers to revalidate more frequently than every 5 years, and if 
so, how frequently?
    <bullet> What tools or technologies can CMS or states use to 
enhance program integrity in Medicaid, CHIP managed care, and fee-for-
service programs?
    <bullet> What tools or guidance can CMS give to states to enhance 
program integrity in the Medicaid and CHIP managed care and fee-for-
service programs?
    <bullet> What ways can CMS improve the prevention, identification, 
and resolution of fraud, waste, and abuse related to non-federal share 
financing sources, including intergovernmental transfers (IGT)?
    <bullet> How can CMS better prevent, identify, and address Medicaid 
and CHIP fraud, waste, and abuse in the context of individuals who do 
not have satisfactory immigration status for full Medicaid or CHIP 
benefits who are accessing services inappropriately?
    <bullet> How can CMS better prevent fraud, waste, and abuse 
associated with the differential payment of public and private 
providers?
    <bullet> What data and information should states report to CMS to 
ensure that fraud, waste, and abuse is being identified, investigated, 
and resolved?
    <bullet> What best practices and standardized processes should 
states implement when responding to recovery audit contractor (RAC) 
findings?
    <bullet> What data or information should be made publicly available 
that would allow for transparency in Medicaid by states, health plans, 
and providers?
    <bullet> How can CMS help states to better prevent, identify, and 
address Medicaid and CHIP fraud, waste, and abuse related to service 
areas that have been identified as high risk for fraud in certain 
states, such as the following:
    ++ Housing stabilization services.
    ++ Behavioral health services.
    ++ Personal care assistant (PCA) services.
    ++ Nonemergency medical transportation.
    <bullet> How can CMS further enhance the Healthcare Fraud 
Prevention Partnership (HFPP) to strengthen fraud detection within 
state agencies and law enforcement?
    <bullet> What are the best practices for integrating artificial 
intelligence with existing technologies to maximize effectiveness?

L. State-Specific Medicaid and CHIP Questions

    <bullet> What statutory or regulatory changes are needed to 
strengthen states' ability to effectively reduce fraud, waste, and 
abuse in Medicaid and CHIP?
    <bullet> What regulatory or administrative changes could CMS make 
to empower states to--(a) pursue bad actors; and (b) better coordinate 
program integrity efforts with the federal government, law enforcement, 
and other states?
    <bullet> What data or tools would facilitate state program 
integrity activities?
    <bullet> Would further use of federal databases, such as Do Not Pay 
(DNP), or non-federal databases provide states with more complete 
information to move further away from a pay-and-chase model and towards 
pre-pay review?
    <bullet> What successful strategies have certain states implemented 
that others can replicate as best practices?
    <bullet> What is the best way for states to learn about the most up 
to date technology or data analytic tools available to effectively 
reduce fraud, waste, and abuse in Medicaid and CHIP?
    <bullet> How can CMS help states better prevent, identify, and 
address fraud, waste, and abuse related to supplemental payments (for 
example, disproportionate share hospital (DSH) payments) or state 
directed payments?
    <bullet> How can CMS help states better prevent, identify, and 
address fraud, waste, and abuse in section 1915 waiver programs or 
section 1115 demonstration programs?
    <bullet> What incentives could be put in place for states to 
proactively engage in program integrity efforts, and what new penalties 
might be necessary to address non-compliance by states?

[[Page 9808]]

M. Federally Facilitated Exchange (FFE) and State-Based Exchanges 
(SBEs)

    <bullet> How could CMS strengthen program integrity, including 
fraud prevention and consumer protection, in both the FFE and SBEs by--
(1) better leveraging existing regulatory oversight authority; and (2) 
identifying areas where additional regulatory authority may be needed?
    <bullet> How could CMS improve regulations to strengthen oversight 
of agents, brokers, web-brokers, and direct enrollment entities 
including compliance standards, training, and fraud prevention in both 
the FFE and SBEs?
    <bullet> How could CMS expand its regulatory authority to 
incentivize insurance agencies to thoroughly vet assigned agents, 
brokers, and web-brokers assisting consumers with enrollment in FFE 
plans and hold agencies accountable for activities relating to these 
individuals?
    <bullet> What specific measures could CMS implement to better 
curtail the ability of fraudulent agents, brokers, and web-brokers to 
enroll or change the enrollment of consumers without their knowledge or 
consent?
    <bullet> How can CMS strengthen its enforcement activities to 
better address fraud, waste, and abuse in the FFE and SBEs?
    <bullet> How could CMS strengthen its standards for corrective 
action and for suspension or termination of agents', brokers', and web 
brokers' Exchange Agreements \10\ and what circumstances should trigger 
each type of action? Should CMS consider additional use of civil money 
penalties? If so, under what circumstances?
---------------------------------------------------------------------------

    \10\ Exchange Agreements are also called Marketplace Agreements.
---------------------------------------------------------------------------

    <bullet> How could CMS improve the accuracy, timeliness, fraud 
prevention, and any other aspects related to program integrity in 
income verification for FFE enrollees?
    <bullet> What successful anti-fraud measures already implemented in 
SBEs should be adopted in the FFE and vice versa?
    <bullet> How could CMS enhance <a href="http://HealthCare.gov">HealthCare.gov</a> to prevent fraud at 
the point of enrollment and reduce reliance on post-payment recovery 
(commonly referred to as ``pay-and-chase''), and how could CMS most 
effectively encourage SBEs to adopt best practices for such fraud 
prevention within their legal and other authority?
    <bullet> How could CMS expand its regulatory authority to enhance 
oversight of enhanced direct enrollment (EDE) partners?
    <bullet> How could CMS expand its authority to monitor the activity 
of agents/brokers on EDE platforms?
    <bullet> How could CMS better detect and mitigate improper dual 
enrollment in Medicaid/CHIP and subsidized Exchange plans?
    <bullet> How could CMS leverage advanced technologies, such as AI, 
to prevent, detect, and address fraud, waste, and abuse in both the FFE 
and SBEs?

III. Collection of Information Requirements

    This is an RFI only. In accordance with the implementing 
regulations of the Paperwork Reduction Act of 1995 (PRA), specifically 
5 CFR 1320.3(h)(4), this general solicitation is exempt from the PRA. 
Facts or opinions submitted in response to general solicitations of 
comments from the public, published in the Federal Register or other 
publications, regardless of the form or format thereof, provided that 
no person is required to supply specific information pertaining to the 
commenter, other than that necessary for self-identification, as a 
condition of the agency's full consideration, are not generally 
considered information collections and therefore not subject to the 
PRA.
    This RFI is issued solely for information and planning purposes; it 
does not constitute a Request for Proposal (RFP), applications, 
proposal abstracts, or quotations. This RFI does not commit the U.S. 
Government to contract for any supplies or services or make a grant 
award. Further, we are not seeking proposals through this RFI and will 
not accept unsolicited proposals. Responders are advised that the U.S. 
Government will not pay for any information or administrative costs 
incurred in response to this RFI; all costs associated with responding 
to this RFI will be solely at the interested party's expense. We note 
that not responding to this RFI does not preclude participation in any 
future procurement, if conducted. It is the responsibility of the 
potential responders to monitor this RFI announcement for additional 
information pertaining to this request. In addition, we note that CMS 
will not respond to questions about the policy issues raised in this 
RFI.
    We will actively consider all input as we develop future regulatory 
proposals or future subregulatory policy guidance. We may or may not 
choose to contact individual responders. Such communications would be 
for the sole purpose of clarifying statements in the responders' 
written responses. Contractor support personnel may be used to review 
responses to this RFI. Responses to this notice are not offers and 
cannot be accepted by the Government to form a binding contract or 
issue a grant. Information obtained as a result of this RFI may be used 
by the Government for program planning on a non-attribution basis. 
Respondents should not include any information that might be considered 
proprietary or confidential. This RFI should not be construed as a 
commitment or authorization to incur cost for which reimbursement would 
be required or sought. All submissions become U.S. Government property 
and will not be returned. In addition, we may publicly post the public 
comments received, or a summary of those public comments.

    Mehmet Oz, Administrator of the Centers for Medicare & Medicaid 
Services, approved this document on February 20, 2026.
Robert F. Kennedy, Jr.,
Secretary, Department of Health and Human Services.
[FR Doc. 2026-03968 Filed 2-25-26; 4:15 pm]
BILLING CODE 4120-01-P


</pre></body>
</html>