Lessons Learned
Another attempt to reform the U.S. health-care regime appears to be on the horizon. Whatever system is adopted, it needs a strong focus on continuously strengthening controls over fraudulent activity, whether from physicians, health-care professionals, operators of health-care facilities, or patients.
The U.S. Department of Health and Human Services (HHS) and its Office of the Inspector General are taking a disciplined, systematic approach to the department's fraud risk assessment and detection activities. Here are some suggestions to strengthen these efforts.
- Enhanced Data Analysis and Data Quality. Medicare and Medicaid are making billing and claims data available more quickly and efficiently, providing law enforcement increased access to data — including real-time data. This data also helps focus enforcement resources on high-risk geographic, organizational, and individual cluster groups.
Authorities perform risk scoring of Medicare claims billing and payment, and test predictive models. This kind of data needs to be assessed carefully to identify cases where clusters of physicians refer patients to the same health-care provider.
Moreover, investigators, data analysts, clinicians, and subject-matter experts work on cases in a multidisciplinary environment. There also needs to be a continuing emphasis on enterprisewide improvements of the accuracy and availability of data for Medicaid program integrity and oversight.
- Whistleblower programs. While the HHS clearly has whistleblower programs in place, it is not clear to what extent these programs are contributing to its overall fraud prevention and detection effectiveness. It also is not apparent how the programs might be reviewed for improvements. Results from a recent pilot program to estimate the overall probable level of program fraud have been delayed.
- Enrollment and Payment Controls. HHS should continue to implement stronger measures to screen providers and suppliers on the basis of fraud risk, with three risk levels for providers (limited, moderate, and high). The department should add the target population to this determination of risk level. For example, elderly and infirm individuals are typically more susceptible to fraudulent exploitation.
One goal of such assessments is to identify ineligible providers or suppliers before they are enrolled or revalidated by conducting provider site visits. HHS can do this by increasing the scope and coverage of high-risk providers and suppliers such as nursing home and assisted-living facilities, independent diagnostic testing facilities, and outpatient rehabilitation providers.
Matching billing data to payment data also is important. Increasing the frequency of surprise out-of-cycle site visits will enhance the effectiveness of this element in detecting potential fraud. And, more than just surprise visits need to happen. HHS should audit facilities and their records, particularly where the provider has been operating over a long time.
- Human Resources Management. Related to inspections, surprise or not, there should be policies and processes in place to review the placement and rotation of inspectors according to a risk-based assessment. In addition, HHS should regularly update background checks of inspectors to uncover suspicious lifestyle changes
