TOOLS FOR FRAUD DETERRENCE AND DETECTION DIAGNOSING HEALTH CARE FRAUD What is the true cost of health care fraud, and how does it differ from fraud in other industries? This session will introduce you to different types of health care fraud and specific investigation techniques used to detect them. You will also explore the use of data analytics in identifying health care fraud, as well as the positive effect on billing patterns by creating awareness in specific areas. MARIUS M. SMIT, CFE Head of Group Forensic Services Discovery Group Sandton, South Africa Marius Smit holds a Diploma in Criminal Justice and Forensic Auditing, as well as an Advanced Certificate in Fraud Examination. He is Head of Group Forensic Services for the Discovery Group of companies, an international insurance organization with their head office based in Sandton, South Africa, a position he has held since 1999. He has been serving on the Board of the ACFE South African Chapter since 2008 and is the current Chapter President. Association of Certified Fraud Examiners, Certified Fraud Examiner, CFE, ACFE, and the ACFE Logo are trademarks owned by the Association of Certified Fraud Examiners, Inc. The contents of this paper may not be transmitted, re-published, modified, reproduced, distributed, copied, or sold without the prior consent of the author. 2014
Diagnosing Health Care Fraud With the cost of health care continuing to increase way above general inflation globally, more and more governments are taking the issue of health care fraud and abuse more seriously. This paper aims to provide an overview of the challenges faced by health care systems across the world and the complexities within health care systems which make it particularly susceptible to fraud and abuse. It will deal with some examples of the more common types of frauds experienced as well as the role of data analytics in developing an effective fraud identification system, with reference to specific examples. Lastly, it will show the results of an effective awareness program, how to implement it, and some of the challenges that need to be taken into consideration. When dealing with health care fraud, the investigator must be able to look beyond the traditional white-collar crimes of fraud and corruption and also take into consideration aspects of abuse, perverse incentives, and fraud under the guise of error. Abuse can be defined as the exploitation of health care benefits beyond what is considered to be medically necessary or appropriate. Perverse incentives within the health care sector include aspects such as unlawful kickbacks, rebates, and other undesirable business practices. Errors also contribute significantly to the cost of health care, and the investigator will be challenged to distinguish between legitimate errors and fraud under the guise of error. In the Financial Cost of Healthcare Fraud Report 2011, it is estimated that health care fraud globally (private and public sectors) ranges between 3% 15.4% of the total spend on health care. If these estimates are applied to the U.S. total health care spend for 2012, anything between $84 billion to $432 billion was lost in the United States alone to fraud and 2014 1
abuse during 2012. During the ACFE International Conference in 2012, Dr. Wells identified health care fraud as one of the four major threats for the next decade. At the same time, during a seminar of the International Association of Special Investigation Units in Europe, emphasis was placed on all types of medical fraud which seemed to be the most prevalent problem in Europe and the United States. In order to effectively deal with this scourge, the fraud examiner must understand the complexities within the health care sector as well as the aspects that make the health care sector different from other sectors in relation to its exposure to fraud. Health care accounts for a significant portion of most countries GDP (18.7 percent in the United States in 2012), making it a very lucrative sector for fraudsters to target. Your health care fraudsters will, therefore, most likely answer like bank robber Willie Sutton: Go where the money is and go there often. Many of the health care funding models used globally contain elements of a third-party payment system. In these systems, the consumer of the health care service is not directly involved in the billing and payment of the service, resulting in ample opportunity for fraud and abuse to occur. These systems also demonstrate a lack of consumerism, which make it further vulnerable to fraud and abuse. Within health care billing, we find various complexities, creating many opportunities for the fraudster to exploit. Examples of these complexities are the coding structures (ICD10, CPT, etc.) and the fraud examiner must understand how these are used in order to effectively identify the fraud, as well as prevent similar occurrences. Another challenge with health care fraud is that a large part of the frauds perpetrated are part of otherwise valid 2014 2
transactions or events. A patient might have been admitted to a hospital for legitimate reasons; however, what is billed might include services or items that were never provided to the patient. Who then are the potential perpetrators of health care fraud? In a lot of frauds, we do find a health care provider involved in some way or another; however, the fraud can also be perpetrated by policyholders or the insured, brokers selling health care insurance, staff working for insurers, and then obviously organized syndicates, targeting health care insurers. It is quite common to find some level of collusion between one or more individuals in most incidences. Some of the more common types of fraud perpetrated include the following: False Claims These are simply claims for services never rendered. As previously stated, the fraudulent aspects are usually part of an otherwise legit claim, making it harder to effectively identify. Mostly the insured, or patient, will not be aware of these fraudulent charges; however, in some examples, the insured will collude with the health care provider in order to fraudulently claim for these services. Merchandising Merchandising is a term used to describe a scam where the policyholder receives items not related to health care services at all, after which a claim/bill for health care services are submitted to the insurer in order to pay for these services. This type of fraud requires collusion between both the health care provider and the beneficiary, which make it particularly difficult to identify in certain instances. 2014 3
ATM Scams These scams are similar to the merchandising scams, but instead of the insured receiving merchandise, they receive cash from the health care provider, after which a claim/bill is submitted to the insurer for health care services. Card Farming This is a type of identity fraud where someone who is not a beneficiary on a particular policy pretends to be a beneficiary, in order to make use of certain benefits. Cosmetic Surgery This surgery is generally not a covered benefit under most health care insurance policies, since they are classified as not medically necessary procedures. Due to the popularity of cosmetic procedures, some health care providers will perform these procedures and then misrepresent them to the insurer as a medically necessary procedure in order to secure payment. Code Gaming Code gaming is also referred to as creative accounting. The health care provider uses a more complex and costly code in order to claim for a service rendered. This includes aspects of up coding or unbundling. Non-Disclosure This generally happens where a policyholder withholds information regarding pre-existing conditions from the insurer during underwriting in order to claim for this, once the policy has been activated. Dispensing Fraud Dispensing fraud is perpetrated by claiming for a brand name drug (more expensive), while actually dispensing a 2014 4
generic drug. Drugs account for roughly 25 percent of the total health care expenditure, thus this type of fraud does contribute significantly to the overall cost of fraud. Cross Merchandising Agreements Data analytics should play a significant part in any health care fraud management strategy due to the complexities previously mentioned, as well as the vast volume of transactions processed every day. An example of a questionable practice identified through analyzing utilization patterns of certain medical devices is cross merchandising agreements (CMAs). These are agreements between health care providers and suppliers of medical devices. As part of these agreements, the health care provider receives the medical device for free, or at a nonmarket-related price. In return, the health care provider then agrees to buy a certain amount of consumables per month at a pre-arranged price. This way, the supplier then ensures that they recoup the cost of the actual equipment. This type of agreement potentially violates various ethical rules. It increases utilization since the use of the device is no longer determined by the medical appropriateness, rather by what is stipulated in the agreement. Secondly, depending on which billing structure is used, the insurer ends up paying twice for the same equipment once through the consumables, which includes the cost of the equipment, and again through an equipment charge, which might be billed by the health care provider. Monitoring utilization patterns can assist in identifying the existence of these agreements. Multiple Datasets BMI Modifier Analysis Effective data analytics require analysis across more than one dataset. If you do profiling of an individual s claims by looking at it in isolation of other potential datasets, you will only get a one-dimensional view of reality. An example of such an analysis is looking at the usage of the BMI 2014 5
modifier. The BMI modifier in this example is similar to modifier 22, where the BMI modifier can be added to the procedure code, where the patients BMI is higher than 35 (morbidly obese). This will entitle the surgeon for instance to charge 50 percent more for the procedure, since the procedure takes longer and is considered to be more complex than what it would have been with a patient of average weight. Analysis of the usage of this modifier identified some suspicious transactions, where the frequency seemed disproportional to the norm. By combining the results of this analysis with a dataset (vitality) where the actual BMI of the patients are known to the insurer, the fraudulent transactions can quite easily be identified. Multiple Datasets Anesthetics Another example of combining different datasets would be to combine claims received from anesthetists with those received from the hospitals where the procedures were done. The first approach would be to compare the anesthetic time with the theater time. The hospital theater time should technically never be longer than the anesthetic time. In order to identify instances where the anesthetist bills fraudulently, a model can be built, allowing a variance in time, based on the particular procedure performed. This type of analysis can also assist in identifying emergency modifier abuse, as well as claiming for deliberate blood pressure control. Spike Reports Spike reports provide an effective mechanism in order to continually monitor behavior over time. A spike report looks at a rolling 24-month period and compares the practice behavior on cost and utilization. The time period can be adjusted as required. 2014 6
Code Pairing and RVU Analysis A code pairing analysis is done by comparing the codes a provider used for a particular procedure with those of his peers. This is very effective in identifying unbundling of codes, as well as scope of practice issues. Relative value unit analysis uses the RVU value of the codes as the basis of the analysis rather than the actual code itself. This analysis is very effective in order to identify cases of upcoding. Time in Day Analysis Time in day analysis considers the time spent on a particular procedure and then determines the likelihood of doing x number of those procedures in a particular timeframe. These analyses are quite effective in situations where certain data sharing agreements exists. A lot of consultation codes are time based, which make it a relative simple analysis to do. Cash Plans A cash plan is an insurance product that pays a brand value per day that the policyholder spends in the hospital. These products can be problematic for health care insurance products since they effectively provide an incentive for the policyholder to get admitted to hospital more often, and then stay there for longer periods than necessary. Where this type of fraud/abuse is suspected, length of stay (LOS) and admission rate analysis are very effective in identifying it. Changing Behavior through Effective and Appropriate Awareness Creating awareness through the identification and investigation of fraud can act as an effective deterrence. This can, however, have unintended consequences if the 2014 7
insurance fraud spiral theory is not taken into consideration. The fraud spiral refers to situations in which individuals, having a negative attitude toward insurance, are found to be more tolerant of fraudulent behavior, thus resulting in higher levels of fraud. In response to higher levels of fraud, more and more claims are repudiated by insurers, which could further fuel negative perceptions of insurance. Consequently, individuals exhibit an everincreasing tolerance to fraud. This is most likely to be the outcome when insurers fail to effectively communicate to the target market, and the reasons for the increase in the proportion of claims being repudiated. Awareness, therefore, must facilitate buy-in from service providers, customers, and the public in order to avoid the consequences of the fraud spiral. This is particularly true when it comes to health care fraud, since it is considered to be a grudge purchase in most instances. 2014 8