Section 353.6 - Audit of Managed Care Organizations(a) The Health and Human Services Commission (HHSC), through the Medicaid and CHIP Services Division, the Office of Inspector General (OIG), and Health and Human Services (HHS) Internal Audit Division, is responsible for audits of MCOs and any entity with which an MCO contracts.(b) For purposes of this rule, "MCO" includes any entity with which an MCO contracts.(c) HHSC conducts audits of MCOs, including financial audits, performance audits, compliance audits, and agreed upon procedures:(1) with the scope and frequency necessary to provide information to allow for the effective oversight and control of the MCOs; and(2) as necessary to comply with all federal and state laws.(d) Medicaid and CHIP Services Division's roles and responsibilities for audits of MCOs include: (1) determining, based on coordination with OIG about MCO audits, which audits to assign to contracted audit firms in order to eliminate duplication of audit effort and reduce the impact of potentially duplicative audits on the MCOs;(2) coordinating with HHS Internal Audit Division to obtain delegated authority, from the State Auditor's Office (SAO), to procure audit services as required by Texas Government Code § RSA 321.020;(3) facilitating and determining the extent of work to be performed in agreed upon procedures and audits of MCOs, through the use of contracted audit firms as part of the integrated business processes used to oversee and monitor MCOs;(4) providing final reports of agreed upon procedures and audits to OIG, along with other information relevant to quantifying MCO performance under the contract with HHSC, including results of on-site monitoring visits, and other relevant MCO-related performance information;(5) providing all deliverables, such as contracts, contract amendments, and audit reports, for contracted audit related engagements to HHS Internal Audit Division for delivery to the SAO; and(6) ensuring actions planned to address audit recommendations are implemented, including actions planned by the Medicaid and CHIP Services Division or by an MCO.(e) The OIG's roles and responsibilities, related to performing audits of MCOs, are as outlined in § RSA 371.37 of this title (relating to Audit of Managed Care Organizations).(f) HHS Internal Audit Division's roles and responsibilities, related to audits of MCOs, are: (1) auditing the Medicaid and CHIP Services Division and OIG, as part of its established audit authority and risk-based audit coverage, including auditing the effectiveness of coordination between the Medicaid and CHIP Services Division and OIG on the performance of MCO audits;(2) notifying and conferring with the Medicaid and CHIP Services Division and OIG before initiating an audit of an MCO contained in the audit plan approved by the HHS Executive Commissioner;(3) coordinating with Medicaid and CHIP Services Division when audit services need to be procured to ensure HHSC obtains the appropriate authority to procure audit services from the SAO; and(4) coordinating with Medicaid and CHIP Services Division to ensure that all appropriate documents related to contracted audit services are obtained and provided to the SAO. These documents include executed contracts, contract amendments, and audit reports.1 Tex. Admin. Code § 353.6
Adopted by Texas Register, Volume 41, Number 28, July 8, 2016, TexReg 5038, eff. 7/14/2016; Amended by Texas Register, Volume 45, Number 33, August 14, 2020, TexReg 5623, eff. 8/17/2020