Transitioning 13 Million Medicare Beneficiaries

Until this year, all Medicare cards carried the beneficiary’s Health Insurance Claim Number (HICN) which included the Social Security number (SSN). SSNs had been used as Medicare identifiers since the program’s inception in 1965. However, the Medicare and CHIP (Children’s Health Insurance Program) Reauthorization Act, passed in 2015, mandated the removal of SSNs on the cards. Instead, each of the 60 million Medicare beneficiaries would get a randomly assigned 11-digit Medicare Beneficiary Identifier (MBI). The Act also required that Medicare cards no longer include the person’s gender or signature — all measures designed to help protect privacy and reduce the risk of identity theft.

A lost or stolen Medicare card could be used to steal Social Security checks or fraudulently access bank accounts, medical services or prescription drugs. Older adults have been the particular target of phone scams and identity theft focused on Medicare cards and the Social Security numbers they carried.

The Centers for Medicare and Medicaid Services (CMS) began to distribute cards with the new identifiers in April, with the final mailing targeted for completion a year later. In order to provide a grace period for those affected by the change, either the new or old card can be used with providers through December 31, 2019.

When announcing the change, CMS advised health and drug plans to look at their systems and business processes and determine what changes would need to be made and tested in order to ensure that beneficiaries would have a smooth transition. In March 2018, one month before the first wave of cards was mailed, the agency sent an initial file showing HICNs and the corresponding MBIs to all plans. The file sent by CMS represented past (back to 2006) and present membership. Thereafter, CMS sends a file every month with any new enrollment changes.

Goal: No Interruption of Service

CVS Health immediately recognized the significance and potential consequences for our clients, beneficiary plan members, and the organization itself. Between SilverScript and our health plan pharmacy benefit clients, we provide prescription benefit services to over 13 million Medicare beneficiaries. In addition, we have records on six million inactive beneficiaries. Moreover, our retail, specialty, and long-term care pharmacies also serve Medicare beneficiaries. We wanted to provide a smooth transition with no interruption or delay in prescription service for all beneficiaries. We set a goal of having all systems across CVS Health fully ready to process beneficiary prescriptions with new MBIs on April 1, the CMS target date. The first cards hit the mail in April.

CVS Health began planning the transition in late 2016, soon after the CMS announcement, in order to be as proactive as possible and stay ahead of the change curve. Early on, the project team identified the systems that use identifiers and would be affected — more than 1,300 across the enterprise. Millions and millions of historical records would need to be updated to ensure easy processing of new claims.

This enterprise-wide initiative was managed as one program, eventually engaging over 900 CVS Health colleagues and requiring 74,000 information technology (IT) hours to complete. This proactive approach paid dividends externally as well as internally. Team members worked with pharmacy benefit management (PBM) clients to thoroughly review implications and identify and mitigate risk. We automated HICN change processes that were previously manual for clients. Due to our proactive approach, we were able to share best practices throughout the change period with plans and stakeholders, even influencing CMS itself by proposing solutions and making recommendations.

The core CVS Health team focused on early system deployments in late 2017 and early 2018 to minimize risk and ensure preparation for the transition to the new MBIs on April 1. We conducted extensive testing to ensure quality, performing more than four thousand test cases with only a 0.7 percent significant or critical defect rate. All defects were immediately triaged and resolved, helping CVS Health outperform on all CMS metrics.

For the actual transition in April, the core team developed an hour-by-hour plan with built-in contingency levers and no downtime, ensuring 24-hour coverage for the first several days. The team’s work and planning paid off. There were minimal issues during the transition and no spikes in customer calls. Further, CVS Health worked closely with CMS to obtain an industry-wide 10-day waiver of certain compliance standards for enrollment and disenrollment transactions to allow plans the appropriate time to update their systems and to begin to process the CMS daily files with the new MBIs.

Even after the April 1 transition, the core team continued to monitor key metrics to identify unusual trends and scheduled routine update calls to check status of the changeover with stakeholders. We continue to monitor CMS mailings as they proceed state-by-state. We also review CMS memos and regulatory announcements on an ongoing basis for any significant changes or impacts to the program. The core team will continue to monitor client updates throughout the grace period, which ends December 31, 2019.

The success of this initiative reflects careful planning with a focus on contingencies as well as precision in implementation. A strong team of cross-functional colleagues were dedicated to ensuring a smooth transition for the beneficiaries and clients we serve. The team worked seamlessly together at every level internally and with outside stakeholders, including CMS, to not only successfully complete this project, but also provide a model for navigating large-scale transitions in the future.