Category Archives: Medicaid Fraud

Your Friendly Pharmacy

The tragic consequences of the currently raging opioid epidemic are splashed across the headlines and vividly displayed in television documentaries every day and yet, unless they specialize in the healthcare sector, I’ve found that most CFEs and forensic accountants are relatively unfamiliar with the mechanics of prescription drug and pharmacy fraud.

The reality is that, in many communities across America today, obtaining illegal prescriptions and the related controlled drugs of choice can be as easy as ordering a sandwich. Licensed physicians in every part of the country are daily arrested for on-demand prescribing of Oxycontin, Vicodin and Xanax. The resulting grand jury indictments usually feature some version of charges related to ‘prescribing drugs outside the usual course of professional practice and without a legitimate medical purpose’.

According to the Centers for Disease Control and Prevention (CDC), U.S. non-medical use of prescription painkillers results in more than $72.5 billion annually in direct healthcare costs and identifies prescription drugs as the second most-abused category of drugs after marijuana. In addition, the U.S. Department of Justice Office of Inspector General (OIG) has released several reports on prescription drug fraud in the Medicaid and Medicare Part D populations.

This epidemic has not only led to an increase in prescription drug fatalities, it’s also fueled opportunities for a host of ethically challenged individuals. This category of fraudsters has many faces: patients, patients’ family members, prescribers, pharmacy staff, medical employees, service contractors, recruiters and countless others are continuously involved in ever-mutating prescription drug fraud schemes.

Patients who commit prescription fraud often do so to acquire drugs to support their own addictions. But prescription drugs are a commodity with a high resale value, so fraudsters also divert prescription drugs for profit. Fraudsters illegally sell Oxycontin for $1 to $2 per milligram on the street. Some retirees on fixed incomes visit physicians complaining of phantom pain just so they can receive prescriptions for controlled drugs to re-sell for additional income.

Sometimes medical services’ employees, patients, family members, family friends and others fraudulently acquire prescription pads. In a recently reported case, owners of a professional cleaning service stole prescription pads and an ink signature pad from a doctor’s office they were hired to clean.

Some bypass obtaining prescriptions entirely by stealing controlled substances directly from pharmacies. Many pharmacies in hard hit areas no longer carry selected drugs or have increased their security.

Here are other common examples of the various ways individuals have chosen to defraud the system:
• Doctor shopping: visiting multiple doctors in search of prescriptions.
• Pharmacy shopping: filling prescriptions at multiple pharmacies to avoid being denied service.
• Prescription alteration: increasing dosage, quantity or refills on existing prescriptions.
• Washed prescriptions: washing ink off written prescriptions to create blanks and re-writing new fraudulent prescriptions.
• Forged prescriptions: using copy machines or computers to create fake prescriptions.
• Fax and phone prescriptions: faxing fraudulent prescriptions to pharmacies or phoning pharmacies to call in and/or verify prescriptions.
• Illegal market: acquiring drugs from illegal sources.

Regarding providers, some medical providers have turned to selling prescriptions to patients or anyone willing to pay their fees, even when there’s no medical justification for the drug therapies; this activity might or might not take place in the prescribers’ place of business.

As the ACFE indicates, prescribers of large volumes of pain drugs risk being identified as “pill mill” operators. Pain clinics, legitimate and otherwise, often prescribe large volumes of controlled pain drugs. In typically reported cases, patients line up outside the pain clinics prior to their opening because they know they can easily obtain prescriptions for controlled drugs.

Prescribers who knowingly commit prescription fraud have turned to some of the following schemes to defraud the system:

• Medically unnecessary prescribing.
• Internet prescribing.
• Self-prescribing.
• Diversion.
• Collusion.

Like enterprising patients and prescribers, pharmacies that participate in fraud schemes often do so for enhanced profit. In a recent case which received enhanced media coverage, a pharmacist, a doctor and others were among the a number arrested for “prescription harvesting”. The accused fraudsters stole patients’ identities to bill Medicare and Medicaid for $18 million in illegitimate prescriptions. Approximately $7.3 million in taxpayer dollars was lost in this scheme.

Other prosecuted pharmacy schemes have included:

• False claims: submitting claims for payment for which no prescription or authorization exists.
• Buy-backs: buying back prescriptions from patients – often at a discount.
• Kickbacks: receiving or providing monetary incentive for selling certain prescriptions.
• Shell or vanishing pharmacies: operating pharmacies in name only – or operating pharmacies just long enough to submit false claims for profit.
• Shell ownership: masking pharmacies’ ownership to hide identities of the true owners.
• Online pharmacies: selling controlled substances illegally with relative anonymity.
• Counterfeit products: knowingly dispensing counterfeit drugs.

Recruiters are intermediaries who engage partners to carry out fraudulent activity. In most cases, recruiters conspire with prescribers and/or pharmacies to enlist patients to carry out their fraudulent billings and/or diversion schemes. Documented cases show that patients, prescribers, pharmacies and recruiters have conspired to submit false claims, and to support buy-backs, kickbacks and diversions.

More than 80 pharmacists, physicians and others in a large metropolitan area conspired to establish a network of pill mills that issued prescriptions, many for controlled drugs such as hydrocodone and oxycodone, to patients without a legitimate need. The patients used Medicaid, Medicare or private insurance coverage to pay for the drugs. The principal pharmacist owned and operated 26 different pharmacies; following prosecution, he was sentenced to 17 years in prison.

Many U.S. federal, state and private organizations are now vigorously data mining prescription activity to detect fraud at all levels. Federal examples include the Drug Enforcement Agency, the DOJ OIG and routine Federal analysis of vendor contracts. Each U.S. state (except Missouri) now has a Prescription Drug Monitoring Program, which receives all information on prescription drug activity for controlled substances from both cash and insurance provider imbursed prescription transactions. Also, state law enforcement and vendors provide detection activities. Health care entities in the private sector, such as health plans and other payers, sometimes perform the data mining themselves or work with vendors. Private citizens frequently act as whistleblowers to expose fraudsters.

The entities charged with exposing schemers now use numerous methods to detect fraud and are developing new approaches every day just to keep up with all the evolving scenarios. Audits can be an effective detection method when conducted by trained, knowledgeable staff. Those who are called upon to perform desk and onsite audits must be cognizant of current activities and patterns and ensure that involved investigative groups are working together so leads from these audits can be directed to the appropriate law enforcement entities.

To identify aberrant behaviors, investigators utilize a number of different detection processes including:

• Sending confirmation letters to patients or prescribers to validate services received or rendered.
•Analyzing patient, prescriber, pharmacy and drug activities to identify aberrant utilization, prescribing, dispensation and/or processing patterns.
• Analyzing drug utilization by therapy classification and/or risk category.
• Reviewing prescribers by medical specialty to identify individuals prescribing outside the normal scope of their specialties.
• Focusing on geographic areas where fraud is an issue.
• Applying geospatial analyses to determine distances traveled by patients and to identify clusters.
• Searching for historical and current patterns to anticipate future fraudulent behaviors.
• Expert fraud examiners can assist in many ways in the performance of different types of analytics on prescription claim data. They use public and private data sources and sophisticated algorithms for retrospective, predictive and geospatial analyses.

Prescription drug fraud goes far beyond the headlines about controlled drugs. The ACFE reports that fraudsters also target high-dollar retail drugs of all kinds. These medications are used for the treatment of HIV, mental health issues, diabetes and cancer and can all command high fees from desperate patients.

It’s imperative for CFEs, forensic accountants and other assurance professionals to be aware of past and present drug diversion schemes and mindful of the changing health care environment and its associated vulnerabilities no just to keep pace with fraudsters but, more importantly to more effectively support the law enforcement professionals who rely on us for the high quality investigative materials so vital to successful prosecutions.

The Healthcare Fraud Circus

The trade press indicates that healthcare expenditures are again on the rise while the ACFE tells us that approximately $25 million dollars per hour is stolen, wasted or abused in the provision of healthcare services in the US alone. Not surprisingly, our Chapter members, CFEs and forensic accountants, employed by both governmental and private institutions, are being increasingly called upon to grapple with the fallout.

The Centers for Medicare and Medicaid Services (CMS) defines healthcare fraud as the intentional deception or misrepresentation that an individual knows, or should know, to be false, or does not believe to be true, and makes, knowing the deception could result in some unauthorized benefit to himself or some other person(s). The Health Insurance Portability and Accountability Act (HIPAA) is more specific, defining the term federal healthcare offense as “a violation of, or a criminal conspiracy to violate” specific provisions of the U.S. Code, “if the violation or conspiracy relates to a health care benefit program” 18 U.S.C. § 24(a).

The statute goes on to define a health care benefit program as any public or private plan or contract, affecting commerce, under which any medical benefit, item, or service is provided to any individual, and includes any individual or entity who is providing a medical benefit, item, or service for which payment may be made under the plan or contract. Finally, health care fraud is defined as knowingly and willfully executing a scheme to defraud a healthcare benefit program or obtaining, by means of false or fraudulent pretenses, representations, or promises, any of the money or property owned by. . . any healthcare benefit program. HIPAA establishes specific criminal sanctions for offenses against both private and public health insurance programs. These offenses are consistent with the common definitions of fraud in that they involve false statements, misrepresentations, or deliberate omissions that are critical to the determination of benefits payable and which may obstruct fraud investigations.

Practitioners new to fraud examination and forensic accounting in the healthcare arena need to develop a familiarity with the players involved in the provision of and payment for healthcare services if they are to effectively investigate identified instances of fraud, waste, and abuse in this ever-expanding sector of the economy.

Healthcare fraud differs from healthcare abuse. CMS says that abuse refers to incidents or practices that are not consistent with the standard of medical care (in other words, with substandard care)

–Unnecessary costs to a program, caused either directly or indirectly;
–Improper payment or payment for services that fail to meet professional standards;
–Medically unnecessary services;
–Substandard quality of care (e.g., in nursing homes);
–Failure to meet coverage requirements.

Healthcare fraud, in comparison, typically takes one or more of the following forms:

–False statements or claims;
–Elaborate schemes;
–Cover-up strategies;
–Misrepresentations of value;
–Misrepresentations of service.

It’s important to appreciate that healthcare is a dynamic and segmented market among parties that deliver or facilitate the delivery of health information, healthcare resources, and the financial transactions that underly and support the functioning of all the many components of the total business process. To fully appreciate what healthcare fraud looks like, it’s important to understand traditional and nontraditional players. The patient is the individual who actually receives a healthcare service. The provider is an individual or entity that delivers or executes the healthcare service. The payer is the entity that processes the financial transaction. The plan sponsor is the party that funds the transaction. Plan sponsors include private self-insurance programs, employer-based premium programs, and government programs such as Medicare and Medicaid. A vendor is any entity that provides a professional service or materials used in the delivery of patient care. Complicating matters is that each one of these player entities has a distinct perspective and point of view of the overall process which can differ significantly from that of each of the others.

So, what does healthcare fraud look like from the individual patient’s perspective? The patient may submit a false claim with no participation from any other party. The patient may exaggerate a workers’ compensation claim or allege that an injury took place at work when in fact it occurred outside of work. The patient may participate in collusive fraudulent behavior with other parties. A second party may be a physician who fabricates a service for liability compensation. The patient may be involved in an established crime ring that involves extensive collusive behavior, such as staging an auto accident. The schemes typically repeat themselves as well as constantly evolve in the creativity they demonstrate.

And from the provider’s perspective? The fraud schemes can vary from simple false claims to complex financial arrangements. The traditional scheme of submitting false claims for services not rendered has always been and continues to be a problem. Other maneuvers, such as submitting duplicate claims or not acknowledging duplicate payments, are issues as well.

Some schemes manifest great complexity and sophistication in their understanding of payer systems. One example is the rent-a-patient scheme where criminals pay “recruiters” to organize and recruit beneficiaries to visit clinics owned or operated by the criminals. For a fee, recruiters “rent,” or “broker,” the beneficiaries to the criminals. Recruiters often enlist beneficiaries at low-income housing projects, retirement communities, or employment settings of low-income wage earners. Detecting complicated misrepresentations that involve contractual arrangements with third parties or cost report manipulations submitted to government programs requires a niche expertise for identification representing an opportunity for anti-fraud practitioners expert in data mining.

And from the payer’s perspective? The fraud schemes perpetrated by this group tend to be pursued mostly in response to transactions between the payer and a government plan sponsor. They include misrepresentations of performance guarantees, not answering beneficiary questions on claims status, bad-faith claim transactions, and financial transactions that are not contractually based. Other fraudulent activities include altering or reassigning the diagnosis or procedure codes submitted by the provider. Auditing payer activities also requires a niche expertise involving operational as well as contractual issues.

Healthcare fraud schemes perpetrated by employers include underreporting the number of employees, employee classifications, and payroll information; failing to pay insurance premiums, which results in no coverage; creating infrastructures that make employees pay for coverage via payroll deductions; engaging in management activities that discourage employees from seeking medical treatment; and referring employees to a medical facility and in turn receiving compensation for the referrals.

Vendor perpetrated schemes furnishes numerous examples involving a range of participants, from professional healthcare subcontractors to suppliers of equipment, products, services, and pharmaceuticals. These schemes include false claims, claims for altered products, counterfeit medications, and services from unlicensed professionals. They include collusive behavior among several entities as well as between individual professionals.

In summary, the take away for anti-fraud professionals is that Healthcare fraud is growing at an accelerated rate in the United States. Traditional schemes include false claim submissions, care that lacks medical necessity, controlled substance abuse, upcoding (billing for more expensive procedures), employee-plan fraud, staged-accident rings, waiver of copayments and deductibles, billing experimental treatments as nonexperimental ones, agent-broker fraud relationships, premium fraud, bad-faith claim payment activities, quackery; overutilization (rendering more services than are necessary), and kickbacks. Evolved schemes include complex rent-a-patient activities, 340 B program abuse activities (setting aside discounted drugs, making them unavailable to those in need), pill-mill schemes (schemes to falsely bill prescriptions), counterfeit drug activities, and organized criminal schemes.

CFEs and forensic accountants have a significant role in combating all of this. The good news is that much information is available to guide practitioners from both governmental and private sources.

The Complex Non-Profit

Our Chapter was contacted several weeks ago by the management of a not-for-profit organization seeking a referral to a CFE for conduct of an examination of suspected fraud.  Following a lively discussion with the requester’s corporate counsel, we made the referral which, we’ve subsequently learned, is working out well.  Our discussion of the case with counsel brought the following thoughts to mind. When talking not-for-profits, we’re talking programs; projects that are not funded through the sale of a product or service, but projects that obtain outside funding via the government, charitable grants, or donations to achieve a specific outcome. These outcomes can be any of a variety of things, from a scientific research study to find a cure for a catastrophic illness or federally legislated programs to provide health care to the indigent and elderly, as with the Medicaid and Medicare programs, respectively; or a not-for-profit charity that provides several programs, each funded from different sources, but all providing services to the elderly such as delivered meals, community center operations, adult daycare, and wellness programs. Typically, these outcomes are a social benefit. Some of these programs are of a specific duration, while others are renewed on a periodic basis depending on continued funding and the successful management of the program to achieve the desired outcomes.

In an examination for fraud in such entities, it’s typically not the core projects or programs themselves that are the object of the review; it’s the management of the program. Managers are engaged to operate such programs consistent with the program’s scope and budget. The opportunity for fraud in these programs will vary in several specific aspects: by the independence provided to the program manager, by the organizational structure of the program, and by the level of oversight by the funding source. These three elements make the conduct of a fraud examination of program management different from that of investigations for fraud in the typical core business functions of enterprises like those involved in manufacturing or retail trade. The fraud schemes will be similar because of the ACFE defined primary fraud classifications that apply to almost all organizations, but the key is how they’ve been adapted by program management.

The three primary classifications of fraud that are most common in program management fraud are schemes related to asset misappropriation, corruption, and financial statement reporting.

With asset misappropriation, the fraudulent action most commonly involved is embezzlement, not just simple theft of funds.  While they are both criminal actions, embezzlement has a specific meaning. Black’s Law Dictionary states it best: “the fraudulent taking of private property with which one has been entrusted, especially as a fiduciary.” It really is a matter of intent.
Examples of some inherent fraud schemes and of how these schemes are carried out within a program are:

False expenditures:

— The program is not being conducted, but funds are being expended. This sounds like the classic shell company scam, except a program rather than a for profit business is being exploited. The program by itself is legitimate, but it’s the intent of management that makes it a fraud;

–The program is not performed to its completion; however, the funds are fully expended. The decision to be made is whether the intent was to embezzle funds throughout the program or if there are other underlying reasons as to why the program wasn’t completed that resulted in the embezzlement of the funds;

–The program budget does not allow for program completion. Is this a case of bad budgeting or the use of budgeting with the intent to embezzle;

–The work plan is partially or wholly fictitious. It’s important for the examiner to keep in mind that some programs involve work that is so technologically or scientifically complex that it can be difficult for the examiner to understand just what the objective is.

Overbilling:

Unlike false expenditures, the use of overbilling within programs is more of a means to commit the fraudulent act of embezzlement within the program’s specific functions rather than within the overall program as with false expenditures. Specifically, overbilling schemes are found associated with misuse of time or assets by staff or with expenditures not used in an approved manner. For example:

–Staff members are performing non-program duties. Often, personnel are pulled from one program to work on another. There are many reasons for why this decision is made, but was the funding for that amount of personnel intentionally requested with the purpose of using personnel on another program that is not entitled to receive the funding for additional staff members?

–Staff members are misrepresenting the performance of the program. Often, staff will show the project to be operating on a level that seemingly should require more resources. The project is really operating on a lower level of resources, and whoever has the authority to bill uses that authority to overbill.

–Staff members are hired who are not qualified to perform program duties. Many times, often with large grant monies involved, the program manager hires friends or relatives, or perhaps there is such a strict time frame involved with the funding that management will hire a warm body just to fill the approved slot. In both cases, proper vetting procedures should be in place, even though the granting authority may not require them.

–As with staffing, funds are often redirected to other programs for similar reasons.

–Funds expended are not consistent with the proposed budget. The CFE should ask why the budget is out of line with expenditures? Is the approved budget in use, or was it just prepared as window-dressing for a grant proposal?

–Funds are expended that are not consistent with the governing cost principles. The classic example is the outrageous amounts the military spends on commonly used items, like the $5,000 toilet seat the ACFE originally told us about.

–The program is not completed, but the funding has been expended. Embezzlement can occur within the framework of asset misappropriation or overbilling, but because programs can differ in their objectives to a large degree, the vulnerability is greater to asset misappropriation schemes than to schemes involving overbilling.

Program Reporting:

Financial reporting and program reporting are two different things. Financial reporting can be a component of program reporting, but not the other way around. Many funded projects have strict guidelines on how to report project performance.  Like a disease that goes undetected because everything checked out in a physical exam, ethically challenged program managers find subtle ways to misrepresent performance, either to hide misuse of funds or just to indicate program success when there is none.
For example:

–The status of the project is falsely reported. This type of program reporting misstatement is typically done to give the illusion that the project’s objectives will be met to continue the objective of an uninterrupted steam of funding.

–The program results are falsely reported. The difference between project status and program results may not be apparent at first glance. The motivation is the same in that both are done to hide fraud. The false reporting of program status is typically done to keep funds ongoing throughout the project; the falsification of program results is typically done to ensure renewal of funding for another year or for a period of years. The project type will typically determine the likelihood of which type of false reporting is occurring.

–Improper criteria are used to measure performance. This concerns overall performance as opposed to financial performance. Given that funded projects can be difficult to understand considering the complexity of the activity being performed, performance measurement criteria can be manipulated because of the inherently complicated nature of the basic project. No one understands the project, so how can anyone know whether it’s succeeding? This phenomenon is commonly encountered if the project is divided into so many subparts that no one person, except the project manager, knows with certainty just how it’s proceeding.

–Program accomplishments are falsely reported. How many times have newspapers parroted the declaration from a non-profit that their program provided such and such a level of service to the indigent?  How do readers know if the program’s actual goal (and related funding) wasn’t to provide services to a level of recipients three times the amount reported?

–Operating statistics are manipulated to provide false results. Operating statistics are not financial statistics. An example would be a program that provides meals to the homebound elderly. An amount of payment by those receiving the meals is suggested. However, the government reimbursement for those meals deducts any amount contributed by the elderly being served. The project manager may manipulate the statistics to give more weight to the fixed-income, city-dwelling elderly it services, because such recipients are usually unable to pay anything for their delivered meals.

In summary, in approaching the fraud examination of non-profit entities, it’s not the overall programs themselves that are typically fraudulent, meaning that examinations don’t have to start with a determination of whether the entity is real or a shell. Fraud is committed by people, not programs or business systems; they are the tools of fraud. The ultimate funding source of programs are people as well, whether taxpayers (in the case of Federal or State governments) or private citizens (in the case of private charities).   It is not only the vast amount of funding that can flow to not-for-profit programs that constitutes the justification for combating fraud committed by the management of such programs. Programs that rely on funding as non-profits are typically entities that are established to provide a public benefit; to fill in the gaps for services and products not provided through any other means. So, the occurrence of fraud in these programs, no matter the size of the program or the fraud, is an especially heinous act given the loss of social benefit that results. For that reason alone, the examination of program management by CFEs is vital to the public interest.

Dr. Fraudster & the Billing Anomaly Continuum

healthcare-fraudThis month’s member’s lecture on Medicare and Medicaid Fraud triggered a couple of Chapter member requests for more specifics about how health care fraud detection analytics work in actual practice.

It’s a truism within the specialty of data analytics having to do with health care billing data that the harder you work on the front end, the more successful you’ll be in materializing information that will generate productive results on the back end.  Indeed, in the output of health care analytics applications, fraud examiners and health care auditors now have a new set of increasingly powerful tools to use in the audit and investigation of all types of fraud generally and of health care fraud specifically; I’m referring, of course, to analytically supported analysis of what’s called the billing anomaly continuum.

The use of the anomaly continuum in the general investigative process starts with the initial process of detection, proceeds to investigation and mitigation and then (depending on the severity of the case) can lead to the follow-on phases of prevention, response and recovery.   We’ll only discuss the first three phases here as most relevant for the fraud examination process and leave the prevention, response and recovery phases for a later post.

Detection is the discovery of clues within the data.  The process involves taking individual data segments related to the whole health care process (from the initial provision of care by the health care provider all the way to the billing and payment for that care by the insurance provider) and blending them into one data source for seamless analysis.  Any anomalies in the data can then be noted.  The output is then evaluated for either response or for follow-up investigation.  It is these identified anomalies that will go on at the end of the present investigative process to feed the detection database for future analysis.

As an example of an actual Medicare case, let’s say we have a health care provider whom we’ll call Dr. Fraudster, some of whose billing data reveals a higher than average percentage of complicated (and costly) patient visits. It also seems that Dr. Fraudster apparently generated some of this billings while travelling outside the country.  There were also referred patient visits to chiropractors, acupuncturists, massage therapists, nutritionists and personal trainers at a local gym whose services were also billed under Dr. Fraudster’s tax ID number as well as under standard MD Current Procedural Terminology (CPT) visit codes.  In addition, a Dr. Outlander, a staff physician, and an unlicensed doctor, was on Dr. Fraudster’s staff and billed for $5 an hour.  Besides Outlander, a Dr. Absent was noted as billing out of Dr. Fraudster’s clinic even though he was no longer associated with the clinic.

First off, in the initial detection phase, its seems Dr. Fraudster’s high-volume activity flagged an edit function that tracks an above-average practice growth rate without the addition of new staff on the claim form.  Another anomalous activity picked up was the appearance of wellness services presented as illness based services.  Also the billed provision of services while travelling is also certainly anomalous.

The following investigation phase involves ascertaining whether various activities or statements are true.  In Dr. Fraudster’s case, evidence to collect regarding his on-staff associate, Dr. Outlander, may include confirmation of license status, if any; educational training, clinic marketing materials and payroll records.  The high percentage of complicated visits and the foreign travel issues need to be broken down and each activity analyzed separately in full detail.  If Dr. Fraudster truly has a high complication patient population, most likely these patients would be receiving some type of prescription regime.  The lack of a diagnosis requirement with associated prescriptions in this case limited the scope of the real-life investigation.  Was Dr. Fraudster prescribing medications with no basis?  If he uses an unlicensed Doctor on his staff, presents wellness services as illness related services, and sees himself (perhaps) as a caring doctor getting reluctant insurance companies to pay for alternative health treatments, what other alternative treatment might he be providing with prescribed medications?  Also, Dr. Fraudster had to know that the bills submitted during his foreign travels were false.  Statistical analysis in addition to clinical analysis of the medical records by actual provider and travel records would provide a strong argument that the doctor had intent to misrepresent his claims.

The mitigation phase typically builds on issues noted within the detection and investigation phases.  Mitigation is the process of reducing or making a certain set of circumstances less severe.  In the case of Dr. Fraudster, mitigation occurred in the form of prosecution.  Dr. Fraudster was convicted of false claims and removed from the Medicare network as a licensed physician, thereby preventing further harm and loss.  Other applicable issues that came forward at trial were evidence of substandard care and medical unbelievability patterns (CPE codes billed that made no sense except to inflate the billing).  What made this case even more complicated was tracking down Dr. Fraudster’s assets.  Ultimately, the real-life Dr. Fraudster did receive a criminal conviction; civil lawsuits were initiated, and he ultimately lost his license.

From an analytics point of view, mitigation does not stop at the point of conviction of the perpetrator.  The findings regarding all individual anomalies identified in the case should be followed up with adjustment of the insurance company’s administrative adjudication and edit procedures (Medicare was the third party claims payer in this case).  What this means is that feedback from every fraud case should be fed back into the analytics system.  Incorporating the patterns of Dr. Fraudster’s fraud into the Medicare Fraud Prevention Model will help to prevent or minimize future similar occurrences, help find currently on-going similar schemes elsewhere with other providers and reduce the time it takes to discover these other schemes.  A complete mitigation process also feeds detection by reducing the amount of investigative time required to make the existence of a fraud known.

As practicing fraud examiners, we are provided by the ACFE with an examination methodology quite powerful in its ability to extend and support all three phases of the health care fraud anomaly identification process presented above.  There are essentially three tools available to the fraud examiner in every health care fraud examination, all of which can significantly extend the value of the overall analytics based health care fraud investigative process.  The first is interviewing – the process of obtaining relevant information about the matter from those with knowledge of it.  The second is supporting documents – the examiner is skilled at examining financial statements, books and records.   The examiner also knows the legal ramifications of the evidence and how to maintain the chain of custody over documents.  The third is observation – the examiner is often placed in a position where s/he can observe behavior, search for displays of wealth and, in some instances, even observe specific offenses.

Dovetailing the work of the fraud examiner with that of the healthcare analytics team is a win for both parties to any healthcare fraud investigation and represents a considerable strengthening of the entire long term healthcare fraud mitigation process.

Frauds Targeting Private Company Employee Health Insurance Plans

MedicalBookOur last post presented a short list of the chief fraud threats targeting government run health programs.  We thought it might be useful to practitioners to balance it with one on frauds directed at private company health insurance plans.  From one perspective, many of the schemes, as you’d expect, are similar; but there are significant differences. Losses due to fraud in both public and private health-care spending are notoriously difficult to estimate but amount to more than US $6o billion annually, according to a statement made by U.S. Attorney General Eric Holder several years ago at a National Institutes of Health summit.  Like all fraud, by definition, health-care fraud involves deception or misrepresentation that results in an unauthorized benefit.  In the private sector, it increases the cost of providing benefits to employees company-wide, which in turn increases the overall cost of doing business – regardless of industry. And while only a slight percentage of health-care providers and consumers deliberately engage in fraud, that small amount can raise the cost of doing business significantly. The increased costs appear in the form of higher premiums and out-of-pocket expenses or reduced benefits or coverage for employees and affect small businesses disproportionately.

But the news isn’t all bad.  The good news is that, especially with the rise of fraud prevention approaches based on data analytics, companies have more and more tools at their disposal to help combat this problem. Most important, perhaps, are the contributions the fraud examiner profession is making and the unique expertise it brings to health care fraud-fighting efforts. With the right approach and technology tools, fraud risk assessors can help identify control weaknesses that leave the organization susceptible to health-care fraud and track down potential indicators that such fraud may have occurred or is in progress. Working with management as well as with other assurance professionals and external parties, fraud examiners can help meet this challenge and even prevent it by applying well designed system edits that identify fraudulent insurance claims on the front end, preventing them from even being paid (pre-payment prevention as opposed to the traditional post-payment pay and chase).

Every fraud examiner and forensic accountant knows that access to the right information is critical to combating the ever mutating array of health-care frauds targeting both the private and governmental sectors. Asking the appropriate questions and carefully sifting through relevant data can reveal potentially fraudulent activity and shed light on abuses that otherwise may never even  be found. Much of the needed health-care information often resides with an organization’s health insurance provider or third-party claims administrators (TPAs) – fraud examiners and company management should work cooperatively with these parties to obtain an understanding of the details of payment transactions. Specifically, employers should hold regular discussions with their coverage providers or TPAs to collaborate on anti-fraud activities and understand their approach. Providers should share the details of their anti-fraud efforts with organizational management. They should also explain their, often proprietary, techniques used to detect fraud and abuse scenarios and provide specific examples of potential frauds recently identified.  Companies also don’t realize that they have access to employee historical health claims databases through their insurance provider or their TPA. Analysis should be performed by these parties, and it generally should focus on identifying unusual patterns or trends as such findings could signal fraudulent activity in the claims data; the objective in doing so is to develop payment system edits targeting specific fraud schemes so that claims related to the schemes are prevented by the edits from paying the related health service claims.  Even if the data does not contain indicators of potential fraud schemes, fraud examiners should still recommend that it be mined continually to ferret out potential mistakes.

If it’s not already part of your client company’s regular human resource (HR) administration process, simply matching employee data with the TPA’s files could also shed light on potential problems. Some employees, for instance, may be in the wrong plan or have the wrong coverage. Moreover, former employees may still be listed as covered.  Which brings us to the big problem of dependent eligibility; I say ‘big’ because dependent eligibility is a costly issue for all employee health plans because providing costly health insurance coverage to the ineligible dependents of company employees can quickly prove a budget buster for enterprises of all sizes.

To determine a client’s risk of exposure to ineligible dependents, fraud risk assessors should start with an assessment of the controls built into the benefits enrollment process. If the organization doesn’t require proof of eligibility during the initial enrollment process, the risk of exposure increases. Risk also increases if proof is required upon initial enrollment but not thereafter, such as when covered children reach a certain age. Based on the level of risk identified, examiners, in conjunction with HR, can select one of several approaches to the next phase of their review.

–Low Risk: Offer employees an amnesty period. The organization should remind employees of the benefit plan requirements and let them know that a review of eligibility will be performed. They should be given a reasonable amount of time to adjust their coverage as necessary without any repercussions – sometimes this alone can result in a significant level of compliance.
–Medium Risk: Require eligibility certification. In addition to the steps associated with low risk, the organization should require employees to complete an affidavit that certifies all of their covered dependents are eligible under the benefit plan requirements.
–High Risk: Audit employee eligibility. The company’s audit function should perform a full eligibility audit after the organization completes the steps associated with low and medium risk situations.

As this blog and the ACFE have repeated over and over again, employee awareness can be the best fraud prevention tool available. Fraud Examiners working in every industry should learn more about health-care fraud scenarios and their effect on their client’s businesses and pursue opportunities to educate management on the cost drivers and the impact of fraud on their companies. If the organization’s compliance program includes employee training and distribution of periodic educational updates, this would be a logical medium into which to integrate employee health coverage awareness messaging. At a minimum, Fraud Examiners should be sure that any new employee orientation sessions cover basic healthcare benefits guidance:
–Don’t provide personal health coverage information to strangers. If the employee is uncertain why a third party is requesting certain personal information, they should be instructed to contact their company’s benefits administrator.
–Don’t loan an insurance card to anyone not listed on the card as a covered individual.
–Employees need to familiarize themselves with the conditions under which health coverage is being extended to them and to their dependents.

Given the complexities of health benefits administration, an organization almost cannot provide too much information to its employees about their coverage. Taking the guesswork out of the administration process can’t help but result in lower costs and happier employees in the long run.  Although many anticipate long-term benefits from U.S. health-care reforms contained in the Affordable Care Act, in the short term most employers will be required to expand coverage offerings for employees and their dependents, thereby increasing costs. All of these factors point to an opportunity for health-care fraud to continue growing for private companies and, consequently, for Fraud Examiners and for fraud risk assessors to continue playing an expanded role in keeping this relentless source of monetary loss at bay.

Basic Fraud Schemes Targeting Government Health Care Programs

MedicalSome of our newer Chapter members working in the insurance industry report confronting instances of Medicaid and Medicare fraud for the first time.  I thought it might be helpful to present some of the more common health care fraud scenarios that beginning fraud examiners are likely to confront in actual practice in the governmental health care space.  Abuses of the Medicaid and Medicare programs exist in myriad shapes and sizes and continue to evolve constantly. While Medicaid and Medicare fraud, waste and abuse appear to be the most egregious program issues, incidental and accidental waste also threaten program integrity, including outright criminal exploitation of governmental health care payments. Altogether, the overpayment of Medicaid and Medicare dollars represents the largest portion of misused government money, accounting for 59 percent of the $102.2 billion the government improperly distributed among all its agencies in 2014 (ACFE). Issues involving these exorbitantly expensive improper payments can be attributed, in part, to the complexities of the programs themselves and to ever-changing policies among the various states.

It’s important for new anti-fraud practitioners to remember that while Medicaid and Medicare are considered universal programs, each state is able to operate its own version of the programs autonomously and independent of any collective standard. This autonomy creates wide-ranging policy inconsistencies due to the differences among states, and, in many ways, embodies the ideals of American federalism. How states administer programs like Medicaid and Medicare is largely influenced by the bureaucratic style employed by the state legislature. These variations and inconsistencies can facilitate inaccuracies and misunderstandings in every aspect of both programs, from recipient eligibility, billing protocols, coding standards and licensure requirements. Doctors offering Medicaid or Medicare services are not easily able to transfer their practices from one state to another without first exploring expectations and requirements of the new state. These hard state boundaries create the potential for provider, beneficiary and administrative confusion, which ultimately equates to billions of program dollars misappropriated each year.

Beyond the innocent misappropriation of program dollars are the much more serious problems with the Medicaid and Medicare programs manifesting in the form of illicit and purposeful instances of fraud, waste and abuse perpetrated by recipients and providers. Medicaid and Medicare identity theft (instances of which have been recently investigated by one of our Chapter members) much like general identify theft, has continually resurfaced as a bane since both programs’ inception. It is estimated that three percent of $50 billion of the nation’s annual identity theft losses is associated with some type of medical identity theft. Because of their likelihood of being enrolled in government-facilitated insurance programs like Medicare or Medicaid, individuals aged 50 or older are most likely to fall victim to this type of identity theft. Fraudsters steal these identities to access services, such as prescriptions for drugs with high black-market value i.e. OxyContin, Fentanyl and morphine, intended for legally enrolled, authorized recipients. Once the prescription is obtained, the thieves sell the drugs for cash or abuse them themselves.

A similar identity theft scheme involves the sale of durable medical equipment prescribed to recipients. By stealing a beneficiary’s Medicaid or Medicare number, the perpetrator can place orders for equipment i.e. slings or braces, all paid for through program dollars, and re-sell the goods online or via newspaper classifieds for cash.

Physicians participating in the Medicaid and Medicare programs also have access to a wide range of possible fraud, waste and abuse schemes. Double billing is a common provider fraud scheme that involves the submission of duplicate claims to Medicaid or Medicare in an attempt to receive double the amount of payment for services that were only provided once. Those physicians wise to the high detectability of billing duplicate claims to either program via simple data analysis will also often send one bill to a private insurance company and a duplicate bill to Medicaid or Medicare so that the duplication does not appear within one data set.  Other fraud schemes include up-coding bills to Medicare or Medicaid to represent more complex, lengthy or in-depth procedures when a simpler or lower-level service was actually provided or performed.

Usually, complex procedures are paid at a higher dollar amount than their simpler counterparts, which leads providers to be paid more money than what they actually earned during the office visit or procedure. This fraud scheme takes advantage of small but specific variations in the current procedural terminology (CPT) coding system standardized for both Medicaid and Medicare coverage.  Similar to up-coding is the fraudulent unbundling of CPT codes billed as individual entities that per regulation should be grouped together and billed under one umbrella code. Usually, the umbrella code pays a discounted rate for all the services combined. Each individual code gets paid an amount that, when totaled together, equals more than what the umbrella code pays.

Dishonest Medicaid and Medicare providers also bill for services that are not medically necessary. In this scheme, providers perform and bill for services and/or testing beyond what the patient need requires. Under this scheme, hospital stays are lengthened, additional diagnostic testing is ordered, entitled hospice enrollment is invoked too early, and equipment and tools are wasted for beneficiaries who really require less care and fewer services. This fraud scheme not only wastes program dollars but also strains other areas of the general healthcare system by inducing and allowing individuals to linger, thus monopolizing unnecessary services and care that could be better applied to other, more worthy, beneficiaries.  But please be aware … while Federal regulation does not contain a definition of medical necessity, states are granted authority to develop and apply medical necessity criteria as they see fit. Providing and billing for services beyond the required needs of the beneficiary may be intentional and/or fraudulent, but because of differing state criteria, instances where unnecessary services are provided and billed may also be simply accidental or well-intentioned.

Anti-fraud professionals of all kinds should also bear in mind that, while Medical identity theft, double billing, up-coding, unbundling and billing for services not medically necessary represent only a portion of the known problems and schemes that weaken the Medicaid and Medicare programs, there are many other types of program fraud, waste and abuse occurring on a daily basis that have yet to be discovered; in this area of practice, expect the unexpected.

According to the ACFE, in the past 27 years the Federal government has recovered approximately $24 billion in settlements or judgments against individuals and organizations who committed both accidental and purposeful healthcare fraud, waste and abuse. On a state level, another $15 billion has been recouped from criminal fines and civil settlements resulting from the prosecution of healthcare fraudsters.  While the $39 billion in recovered overpayments from the last 27 years is only enough to cover a small percentage of one year’s total program costs, the amount of overpayment dollars recovered each year by the Federal and state governments is growing exponentially.  On average only about $1.4 billion in overpayments was recovered during that time period. However, in 2013 alone, $3.1 billion in healthcare fraud judgments and settlements was recovered by the Federal government. As Medicaid and Medicare fraud, waste and abuse schemes and problems become more prevalent and their financial toll increases. Federal and state governments are also detecting and reclaiming money back on a larger scale. This increase can be attributed to developments in policy created to prevent and identify fraud, increased investigative and program integrity funding, and technological improvements in fraud detection programs, databases and software;  Certified Fraud Examiners (CFE’s) are at the forefront of all these efforts to strengthen health care program integrity at the Federal level and nationwide.