Audit protocols assist the Medicaid provider community in developing programs to evaluate compliance with Medicaid requirements under federal and state statutory and regulatory law, and administrative procedures issued by New York State Office For People With Developmental Disabilities (OPWDD). The protocols listed are intended solely as guidance in this effort. This guidance does not constitute rulemaking by OPWDD and may not be relied on to create a substantive or procedural right or benefit enforceable, at law or in equity, by any person. Furthermore, nothing in the protocols alters any statutory, regulatory or administrative requirement. In the event of a conflict between statements in the protocols and statutory, regulatory or administrative requirements, the requirements of the statutes, regulations and administrative procedures govern.
The audit protocols do not encompass all the current requirements for payment of Medicaid claims for a particular category of service or provider type and therefore are not a substitute for a review of the statutory and regulatory law or administrative procedures. A Medicaid provider's legal obligations are determined by the applicable federal and state statutory and regulatory law.
Audit protocols are applied to a specific provider or category of service(s) in the course of an audit and involve OPWDD’s application of articulated Medicaid agency policy and the exercise of agency discretion.
Protocols are amended as necessary. Reasons for amending protocols include, but are not limited to, responding to a hearing decision, litigation decision, or statutory or regulatory change.
OPWDD strives for consistency with the audit practices of the New York State Office of the Medicaid Inspector General (OMIG). As such, OPWDD will apply OMIG audit protocols in evaluating those services in which the OMIG has established protocols (Residential Habilitation, Day Habilitation, Supported Employment Services and Prevocational). When necessary, OPWDD has developed audit protocols to incorporate regulatory and administrative requirements that postdate OMIG protocols (i.e., Daily Residential Habilitation, Hourly Supported Employment Services, and Site/Community Based Prevocational Services). The appropriate protocol will be used depending on the criteria in effect for the date of service being reviewed.
OPWDD’s Office of Audit Services follows Generally Accepted Government Auditing Standards when performing its audits (issued by the United States Government Accountability Office). Those standards require that auditors obtain an understanding of internal control within the context of the audit before they begin their work. In addition, learning about internal controls provides auditors with an opportunity to develop recommendations that will improve organization performance and governance.
In each OPWDD audit, we assess internal controls using guidance provided by the Committee of Sponsoring Organizations (COSO) of the Treadway Commission, which provides a framework for understanding internal controls. Agencies should understand that auditors will be using the COSO framework as a basis for evaluation on each engagement and including the results of our evaluation in our reports.
Links to OPWDD audit protocols are listed below: