Identifying Medicare fraud and abuse
Last fall, CMS published a booklet, “Medicare Fraud & Abuse: Prevention, Detention, and Reporting.” It was prepared by the CMS Office of Inspector General to assist in combatting fraud and abuse in federal health care programs. The identified target audience is the Medicare fee-for-service program, which is an unidentified, uncertain audience. The text is directed to “you”: “you” play a vital role, “you” can help fight fraud, “you” can protect the Medicare Program, “you” can help protect your patients, “you” can protect yourself.
Generally, the booklet, which was published as part of the “Medicare Learning Network,” provides a good refresher course.
Fraud is described as typically including:
- Knowingly submitting false claims to obtain payment,
- Knowingly soliciting, receiving, or paying to induce or reward referrals for items or services reimbursed by federal health care programs,
- Making prohibited referrals for designated health services.
The OIG notes that organized crime has infiltrated the Medicare Program and masqueraded as Medicare providers and suppliers. Examples of fraud schemes are:
- Billing Medicare for appointments that the patient failed to keep,
- Knowingly billing for services at a level of complexity higher than services actually provided or documented,
- Knowingly billing for services not furnished, supplied, or provided, and falsifying records,
- Paying for referrals of government health care program patients.
In the booklet, “abuse” is described in terms of practices that result in unnecessary costs to the Medicare Program. It includes any practice inconsistent with providing patients with medically necessary services meeting professionally recognized standards. The OIG provides examples, which include billing for unnecessary medical services, charging excessively for services or supplies, or misusing codes on a claim, such as upcoding or unbundling.
The OIG states that “program integrity” encompasses a range of activities targeting various causes of improper payments, such as mistakes, inefficiencies, bending the rules, or intentional deception.
Key laws governing Medicare fraud and abuse include:
- False Claims Act – protects the federal government from being overcharged and imposes liability for knowingly submitting false claims.
- Anti-Kickback Statute – prohibits knowingly and willfully offering, paying, soliciting, or receiving anything of value, directly or indirectly, to induce or reward referrals of items or services reimbursable by a federal health care program.
- Stark Law – prohibits a physician from referring specified health services payable by Medicare to any entity in which the physician has an ownership or investment interest or a compensation arrangement, unless an exception to the prohibition is available.
- Other laws, including provisions of the Social Security Act, criminal health care statutes, the Civil Monetary Penalties law, and other laws.
The booklet is instructive about reporting suspected fraud. It identifies categories of parties who might submit complaints to report fraud and provides details for reporting. For example, the information provided for submitting complaints by Medicare beneficiaries includes phone and fax numbers, hotlines, online forms, and a mailing address. Similarly, information given to physicians and other Medicare providers includes phone and fax numbers, online forms, a mailing address, and other means of contact. Also, information is provided for submitting complaints anonymously.
Despite the explanatory content, the booklet attempts to simplify extremely complex laws that apply in a multifaceted healthcare context. For years, physicians, hospital executives, and other industry participants advocated for clarification of laws that placed healthcare industry clients in jeopardy. It is frequently problematic and frustrating to them to understand and apply laws and regulations that affect their ordinary transactions and course of conduct. Experienced and knowledgeable healthcare attorneys often find it challenging to provide legal guidance to clients due to uncertainties built into the healthcare legal framework. And if you’re a doctor, the threats and fears, along with all of the different types of audits, investigations, fines, and penalties, might cause you to lose a decade off of your life expectancy.
The OIG booklet depicts an oversimplified approach. As stated in one federal court decision, the Medicare and Medicaid statutes are “among the most completely impenetrable texts within human experience.” Rehabilitation Association of Virginia v. Kozlowski, 42 F.3d 1444 (4th Cir. 1994).
The booklet doesn’t describe investigations, raids, or other indispensable elements of a true crime drama – FBI agents storming a medical clinic with guns and crowbars, agents flashing badges, a handcuffed nurse, a lead FBI operative, agents seizing laptops and cell phones bypassing PIN numbers and passwords, orange boxes marked “FBI evidence” carried out through patient waiting rooms and reception areas, statements to patients about kickbacks. The booklet doesn’t mention due process rights of physicians and other healthcare industry participants. It doesn’t describe the “unwarranted, unjustified, unconscionable, and probably unconstitutional” forfeiture of rights and property “sufficient in proportion and irrationality to deter any prudent business from providing services and products to a government armed with the untethered and hair-trigger artillery” of the False Claims Act. (See, U.S. District Judge Steven D. Merryday, overriding a $350 million False Claims Act verdict against a nursing home operator. U.S. ex rel. Ruckh v. CMC II LLC, et al. Case No. 8:11-cv-01303, Middle District, Florida.) Primarily, the booklet focuses on how terrible physicians and healthcare industry executives are.
In addition to traditional methods of healthcare fraud detection that are described in the OIG booklet, government payers are looking to technology solutions to detect fraud. Predictive analytics are used to identify patterns of potentially fraudulent conduct using sets of rules to flag claims. Government enforcement agencies use predictive modeling, link analysis (to detect relationships among healthcare providers and claims), risk scoring to evaluate claims and analyze bills, duplicate testing to uncover matching transactions for payments, time-trend verification of automated entry dates, analysis of factors falling outside of trends, claims data mining, outlier analysis, algorithm clustering with classifications, and other technology solutions. Visualization dashboards and analytics platforms assist with detecting patterns of fraud activity to determine the prevalence of fraud. Provider fraud metrics are used to identify fraud cases by type, priority, financial risk, and implications. PhD-level consultants and statisticians on staff manage data-mining processes to find links and leads, breaking it down to make it incredibly granular.
Data analytics convert large databases into useful information. They are used to extract thousands of claims and identify smaller subsets of claims for assessment. Government agencies use the information to brand and identify “high risk physicians,” who face higher scrutiny. As an example, studies on physicians focus on evidence-based diagnosis and treatment approaches toward fraudulent or abusive behaviors. Translating this into reality, suspicious or high-risk billing providers have been identified in south Texas, parts of California and Florida, Arizona, Mississippi, all around Louisiana, and northern and eastern Oklahoma.
Detection and reporting are only a part of the government’s continuing effort to combat fraud, abuse, and waste by healthcare providers. Interestingly, we found few studies that apply traditional methods and technological solutions for detecting payer fraud.