​​Caught in the Medicare Fraud Sweep

U.S. health and law enforcement agencies are seeing results from stepped-up efforts to fight billing fraud.

Comments Views

​In what it calls its largest criminal health-care fraud sweep, the U.S. Department of Justice (DOJ) has charged 243 people — including 43 doctors, nurses, and other medical professionals — with submitting false bills to the U.S. Medicare program totaling US$712 million. The charges involve schemes such as false claims for treatments that were medically unnecessary or never provided, Reuters reports. In one case, a Miami ment​al health facility billed nearly US$64 million for psychotherapy sessions, when it actually just moved patients to a different location, the DOJ said. With these arrests, the DOJ has charged more than 2,300 people with Medicare billing fraud totaling more than US$7 billion since 2007.

Lessons Learned

According to numerous sources, the U.S. spends about 17 percent of its gross domestic product on health care annually. In 2012, this amounted to approximately US$3.8 trillion. The sizable US$712 million lost to fraudulent activity in this story is part of an overall total of US$3.3 billion in fraud uncovered in 2014. While losses in this case represent less than 0.1 percent of that total, it appears that the DOJ may have only uncovered the tip of the iceberg of health-care fraud. In 2014 alone, the U.S. Department of Health and Human Services' (HHS') Office of the Inspector General (OIG) undertook 867 criminal and 529 civil actions against individuals and organizations for false claims, penalty recoveries, and other related matters, according to the 2014 DOJ/HHS annual report (PDF) on the Health Care Fraud and Abuse Control Program.

It seems evident that HHS and its OIG are taking a disciplined, systematic approach to its fraud risk assessment and detection activities. Let's take a closer look at the key elements of that approach, along with some suggestions on how it might be even further strengthened in light of ongoing implementation of the U.S. Patient Protection and Affordable Care Act (ACA).

  • Data Analysis and Data Quality. Enhanced data analysis made possible the impressive enforcement results in this story. Claims data is being made available more quickly and efficiently, providing law enforcement increased access to data — including real-time data — and helping focus enforcement resources on high-risk geographic, organizational, and individual cluster groups. Risk scoring of Medicare claims prepayment is performed and predictive models are being tested. Moreover, investigators, data analysts, clinicians, and subject-matter experts work on cases in a multidisciplinary environment. There also is an emphasis on enterprisewide improvements in the accuracy and availability of data for Medicaid program integrity and oversight.

    An area for further attention by the OIG and HHS is to ensure that it is capable of handling the changing pattern and volume of new fraud referrals that can be expected from ongoing implementation of the ACA. Also, while the HHS clearly has whistleblower programs in place, it is not clear to what extent these programs are contributing to its overall fraud prevention and detection effectiveness. Results from a new pilot program to estimate the overall probable level of program fraud are expected beginning in 2016, which may provide a clearer indication of the overall size of the health-care fraud "iceberg." ​
  • Enrollment and Payment. Since the adoption of the ACA, stronger provisions concerning screening of providers and suppliers on the basis of fraud risk have been implemented, with three risk levels for providers (limited, moderate, and high). A goal is to identify ineligible providers or suppliers before their enrollment or revalidation through provider site visits by increasing the scope and coverage of high-risk providers and suppliers such as home health providers, independent diagnostic testing facilities, and outpatient rehabilitation providers. Increasing the frequency of surprise out-of-cycle site visits could enhance the effectiveness of this element in detecting potential fraud. A temporary new enrollment moratorium for certain types of providers in high-risk geographic areas such as Florida and Texas, has been instituted but may need expansion.
  • Monitoring Benefits Delivered by Third Parties. Third-party sponsors and state governments comprise a large part of the risk landscape for delivery of health-care benefits and services. Greater oversight has resulted from auditing sponsors' compliance plans and strengthening their program integrity training responsibilities. More recent assessments have reviewed the states' performance in meeting regulatory requirements and ensuring that managed care systems deliver accessible, available, and appropriate services to Medicaid beneficiaries. Federal health-care agencies are issuing clear regulations and guidance for mandatory provider compliance plans under the ACA, but these have not been completed. Another gap to be filled is requiring state contracts with managed care entities to include a method to verify with beneficiaries whether services billed by providers were actually received.
  • Accountability. Payment suspensions are one example of an increased focus on using administrative tools to ensure accountability. Each year, HHS' OIG excludes thousands of individuals and entities from participating in federal health-care programs for a variety of reasons ranging from health-care fraud convictions to loss of medical license for professional incompetence. Since the adoption of the ACA, some 1.5 million providers have been asked to resubmit for validation of their eligibility, some 470,000 enrollments have been deactivated, and nearly 28,000 enrollments have been revoked to prevent these providers from billing the Medicare program. The HHS' OIG and its law enforcement partners also investigate suspected fraud and refer cases to the DOJ for criminal and civil adjudication. The HHS should continue to focus on accountability for fraud. In addition, its OIG should continue to use its exclusion authority to protect the department's programs and beneficiaries, including considering cases in which excluding responsible corporate officers of sanctioned providers and suppliers is appropriate and monitoring the effect of such exclusions on recidivism.
Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to remove comments.

 

 

Comment on this article

comments powered by Disqus
  • IIA AuditBoard_Nov 2019_Premium 1
  • IIA GAM_Nov 2019_Premium 2
  • IIA OnRisk_Nov_Premium 3