Skip to Content

We invite you to try out our new beta eCFR site at We’ve made big changes to make the eCFR easier to use. Be sure to leave feedback using the 'Help' button on the bottom right of each page!


Privacy Act of 1974; Matching Program

This document has a comment period that ends today. (10/19/2020) Submit a formal comment

Document Details

Information about this document as published in the Federal Register.

Document Statistics
Document page views are updated periodically throughout the day and are cumulative counts for this document. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.
Enhanced Content

Relevant information about this document from provides additional context. This information is not part of the official Federal Register document.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble


Centers for Medicare and Medicaid Services, Department of Health and Human Services.


Notice of a new matching program.


In accordance with the Privacy Act of 1974, as amended, the Department of Health and Human Services, Centers for Medicare & Medicaid Services (CMS) is providing notice of a new agreement re-establishing the “Do Not Pay Initiative” matching program between CMS and the Department of Treasury, Bureau of Fiscal Service (Fiscal Service).


The deadline for comments on this notice is October 19, 2020. The matching program will commence not sooner than 30 days after publication of this notice, provided no comments are received that warrant a change to this notice. Pursuant to 31 U.S.C. 3354(d)(1)(C), the matching program will be conducted for an initial term of 36 months (approximately October 13, 2020 to October 12, 2023) and within three months of expiration may be renewed for three additional years if the parties make no change to the matching program and certify that the program has been conducted in compliance with the matching agreement.


Interested parties may submit written comments on this notice to the CMS Privacy Act Officer by mail at: Division of Security, Privacy Policy & Governance, Information Security & Privacy Group, Office of Information Technology, Centers for Medicare & Medicaid Services, Location: N1-14-56, 7500 Security Blvd., Baltimore, MD 21244-1850, or email

Start Further Info


If you have questions about the matching program, you may contact John Sofokles, Government Technical Lead, Center for Program Integrity, Centers for Medicare & Medicaid Services, at 410-786-6373, by email at, or by mail at 7500 Security Blvd., Baltimore, MD 21244.

End Further Info End Preamble Start Supplemental Information


The Privacy Act of 1974, as amended (5 U.S.C. 552a), provides certain protections for individuals applying for and receiving payments under federal benefit programs. The law governs the use of computer matching by federal agencies when records in a system of records (meaning, federal agency records about individuals retrieved by name or other personal identifier) are matched with records of other federal or non-federal agencies. The Privacy Act requires agencies involved in a matching program to:

1. Enter into a written agreement, which must be prepared in accordance with the Privacy Act, approved by the Data Integrity Board of each source and recipient federal agency, provided to Congress and the Office of Management and Budget (OMB), and made available to the public, as required by 5 U.S.C. 552a(o), (u)(3)(A), and (u)(4).

2. Notify the individuals whose information will be used in the matching program that the information they provide is subject to verification through matching, as required by 5 U.S.C. 552a(o)(1)(D).

3. Verify match findings before suspending, terminating, reducing, or making a final denial of an individual's benefits or payments or taking other adverse action against the individual, as required by 5 U.S.C. 552a(p).

4. Report the matching program to Congress and the OMB, in advance and annually, as required by 5 U.S.C. 552a(o)(2)(A)(i), (r), and (u)(3)(D).

5. Publish advance notice of the matching program in the Federal Register as required by 5 U.S.C. 552a(e)(12).

This matching program meets these requirements.

Start Signature

Barbara Demopulos.

Privacy Advisor, Division of Security, Privacy Policy and Governance, Office of Information Technology, Centers for Medicare & Medicaid Services.

End Signature


The Department of Health and Human Services (HHS), Centers for Medicare & Medicaid Services (CMS) is the recipient agency, and the Department of the Treasury (Treasury), Bureau of Fiscal Service (Fiscal Service) is the source agency.


The statutory authorities for the matching program are Executive Order 13520 “Reducing Improper Payments” Start Printed Page 58063(Nov. 20, 2009); Presidential Memorandum on Enhancing Payment Accuracy through a “Do Not Pay List” (June 18, 2010); 31 U.S.C. 3351 et seq.; OMB Memorandum M-18-20 Transmittal of Appendix C to OMB Circular A-123, Requirements for Payment Integrity Improvement (June 16, 2018), and 5 U.S.C. 552a.


The purpose of the matching program is to provide CMS with information from Treasury's Working System which CMS will use to identify Medicare providers and suppliers who are ineligible for Medicare enrollment; to promptly suspend or revoke the Medicare billing privileges of the identified disqualified providers and suppliers; to enable recoupment of past payments made to those providers and suppliers; to assist CMS in detecting and preventing fraud, waste, abuse and in avoiding making future improper payments to disqualified providers and suppliers; and to enhance patient safety for beneficiaries in CMS programs.


The categories of individuals involved in the matching program are individual providers and suppliers who bill Medicare for payment.


The categories of records used in the matching program are identifying data, and payment eligibility status data. To request information from Treasury's Working System, CMS will provide Fiscal Service with the following information about a Medicare provider or supplier: Tax Identification Number (TIN), Business Name, Person First Name, Person Middle Name, Person Last Name, Address, City Name, State Code, Person Date of Birth, Person Sex, Vendor/Payee Phone Number, Vendor/Payee Email Address.

When Fiscal Service is able to match the TIN and other identifying data provided by CMS, Fiscal Service will disclose to CMS the following information about that provider or supplier:

Record Code.

Payee Identifier.

Agency Location Code.

Tax Identification Type.

Tax Identification Number.

Business or Individual or Government.

DUNS Number.

Payee Business Name.

Payee Business DBA Name.

Person Full Name.

Person First Name.

Person Middle Name.

Person Last Name.


Person Date of Birth.

Person Sex.

Vendor/Payee Status.

Phone Type.

Vendor/Payee Phone Number.

Vendor/Payee Fax Number.

Vendor/Payee Email Address.

Vendor/Payee Active Date.

Vendor/Payee Expiration Date.

Agency Record Grouping.

Other Agency Data.

Match Type.

Match Source.

Match Level.

Match Date/Time.

Matched Party Type.

Matched Tax ID Number.

Matched Tax ID Type Code (alternate).

Matched Tax ID Number (alternate).

Match DUNS Number.

Matched Full Name.

Matched First Name.

Matched Middle Name.

Matched Last Name.

Matched Business Name.

Matched DBA Business Name.

Matched Birth Date.

Matched Death Date.

Matched List Status Code.

Matched List Status Code Description.

Matched List Effective Date.

Matched Address.

Matched City.

Matched State Code.

Matched Zip Code.

Matched Country Code.


The records used in this matching program will be disclosed from the following systems of records, as authorized by relevant routine uses published in the System of Records Notices (SORNs) cited below:

A. System of Records Maintained by CMS:

  • The Provider Enrollment, Chain, and Ownership System (PECOS), System No. 09-70-0532, 71 FR 60536 (Oct. 13, 2006), 78 FR 32257 (May 29, 2013) and 83 FR 6591 (Feb. 14, 2018).

B. System of Records Maintained by Fiscal Service:

  • The Department of the Treasury, Bureau of the Fiscal Service .017—Do Not Pay Payment Verification Records, 85 FR 11776 at 11803 (Feb. 27, 2020).
End Supplemental Information

[FR Doc. 2020-19956 Filed 9-16-20; 8:45 am]