CMS plans to award a contract early next year to a company that will conduct fingerprint-based background checks for thousands of Medicare providers and suppliers each year. The contract will come nearly three years after the agency released a final rule on the screening, which is one of several provisions in the Patient Protection and Affordable Care Act giving HHS new tools to crack down on Medicare fraud, particularly in areas of the program that have proved most vulnerable to abuse. Republicans have criticized the administration for not rolling them out faster. It’s unclear why the CMS has waited three years to implement the provision. An agency spokesman would say only that the agency “was not prepared at the time of the final rule’s effective date.” He added that fingerprinting won’t begin until two months after the CMS releases additional guidance on the issue, and he did not say when that would be.The winning firm will process the fingerprints within five business days and will report the results as pass, incomplete or fail findings for the CMS’ review, according to agency documents.

Tony Rodgers, a principal at the consulting firm Health Management Associates and the former deputy administrator for strategic planning at the CMS, attributed the delay to ironing out technical issues that could trigger liability for the government. These include making sure that the agency has the correct fingerprints, for the correct provider or supplier and making sure the process is fast enough that businesses aren’t forced to wait inordinate amounts of time to get paid for services.

The CMS rule on background checks divided Medicare providers and suppliers into three categories based on the risk of fraud. Those in the high-risk category, the CMS said, would be subject to the background checks. They include executives who have at least 5% direct or indirect ownership of newly enrolled home healthcare agencies and durable medical equipment agencies. Those businesses have been significant and persistent sources of Medicare fraud. In fiscal 2011, Medicare spent $18.4 billion on home healthcare and $81 billion on DME.

The industry, eager to shed that reputation, is welcoming the scrutiny. Michael Hamilton, executive director of Alabama Durable Medical Equipment Association, said “it’s about time” the fingerprinting provision was beginning. Most DME fraud, he said, is perpetrated by a small group of bad actors “looking to make a quick buck” while the vast majority of companies and their executives are above board. The American Association for Homecare, which represents home health providers and DME suppliers, supports fingerprinting and any provision that would cut down on fraud, a spokesman said.

The background checks are expected to affect as many as 7,500 executives each year, according to the CMS. If they fail, they and their companies could be prohibited from participating in Parts A and B of the Medicare program. To pass, an executive must not have been convicted in the last 10 years of a felony charge for crimes such as murder, rape, extortion, embezzlement, tax evasion and any act that endangers Medicare beneficiaries.

The strength of the screening measure, Rodgers said, lies in public awareness: As word spreads that the CMS is performing the checks, criminals may think twice about attempting to enroll.But Medicare fraud expert Jim Frogue, a partner in the consulting firm FrogueClark, had mixed feelings about the usefulness of the initiative. “CMS has innumerable technological tools it can leverage in 2014 to target Medicare fraud, including pre-payment billing analysis and real-time public records searches,” Frogue said. “Fingerprinting belongs more in the Spy Museum.” Still, he acknowledged it “could have a positive sentinel effect in weeding out questionable characters from areas particularly prone to fraud like home health and durable medical equipment.”