There are three key laws that govern health care provider Medicare fraud: the Anti-Kickback Statute (AKS), the Stark Law and the False Claims Act (FCA). According to the U.S. Department of Justice (DOJ), recoveries from health care fraud amounted to $2.3 billion in 2014, marking five straight years that the DOJ has recovered more than $2 billion in cases of fraud against federal health care programs such as Medicare, Medicaid and TRICARE, the health care program for the military. The majority of the fraud claims and their associated recoveries come from recognized, industry-leading pharmaceutical companies, hospitals and pharmacies. In the 2013 fiscal year, the Centers for Medicare and Medicaid Services (CMS) took administrative action against 938 providers and suppliers.

Common Medicare Fraud Scheme Examples

Since 2009, the DOJ has recovered more than $14 billion through the FCA, AKS and Stark. There are multiple schemes perpetrated against the government by individuals and health care-related businesses. Some of these include:

  • Billing for services not rendered: Charging for services, treatments, tests, devices and pharmaceuticals that were never provided to patients or attributed to patients who did not exist.
  • Kickbacks: Receiving fees or remuneration for patient referrals for services payable by a government health care program.
  • Upcoding: Misrepresenting services and treatments performed by using billing codes that represent more expensive services than what was actually done.
  • Unbundling: Certain procedures and tests are typically performed as one and billed as such (e.g., a complete blood count test). Unbundling involves billing each step in a procedure or test individually.
  • Other misrepresentations: Falsifying patient records to justify tests or nonmedical procedures as medically necessary to collect payments qualifies as fraudulent.

How Does the CMS Identify Fraudulent Claims?

The CMS uses an advanced predictive analysis program that was put in place in June 2011. According the CMS Report to Congress focusing on antifraud efforts in 2014, the Fraud Prevention System (FPS) is a state-of-the-art fraud system that runs predictive analytic algorithms against all Medicare claims prior to payment. As of June 2014, the CMS had taken action against over 900 providers based on unusual billing behavior identified via the FPS. The value of the prevention and detection actions from June 2013 to June 2014 was over $210 million, resulting in a return on investment of $5 to $1.

Recent Health Care Fraud Takedowns

In June, the Medicare Fraud Strike Force led the U.S. Department of Health and Human Services (HHS), DOJ and FBI in a far-reaching sweep across 17 districts that resulted in charging 243 individuals in Medicare fraud schemes. Included in that number were 46 physicians, nurses and other licensed medical professionals. Along with many fraud-related charges, the defendants were accused of violations of the AKS. The takedown represents the largest health care fraud action to date.

HHS Secretary Sylvia Mathews Burwell said in a statement that with increased resources and new tools, including “advanced predictive modeling technology, we have managed to better find and fight fraud as well as stop it before it starts.”

The combined public and private health care insurance industries generate trillions of dollars each year. There is no known amount of fraud and abuse, but it is safe to say that it is in the hundreds of billions per year — and that’s likely in improper billings alone. The CMS has shown that advanced analytics and improved processes can provide an excellent return on investment while also fighting these crimes.

Lessons for Private Industry

Government agencies don’t usually lead the way in matters such as fraud prevention. However, in this case, private insurers can potentially learn a great deal from the investments made by the CMS.

Intelligence technology such as predictive analytics, forensic analytics and unstructured data analysis tools can help insurers identify unknown or hidden relationships between claimants and recognize patterns of behavior that may predict or indicate fraudulent activity.

Fraud investigation groups within insurance companies do not typically have intelligence functions. Technology and human capital investments into an intelligence function that can leverage an insurer’s data may be able to provide substantial returns on investment, much like CMS has done.

More from Government

Updated SBOM guidance: A new era for software transparency?

3 min read - The cost of cyberattacks on software supply chains is a growing problem, with the average data breach costing $4.45 million in 2023. Since President Biden’s 2021 executive order, software bills of materials (SBOMs) have become a cornerstone in protecting supply chains.In December 2023, the National Security Agency (NSA) published new guidance to help organizations incorporate SBOMs and combat the threat of supply chain attacks.Let’s look at how things have developed since Biden’s 2021 order and what these updates mean for…

Roundup: Federal action that shaped cybersecurity in 2023

3 min read - As 2023 draws to a close, it’s time to look back on our top five federal cyber stories of the year: a compilation of pivotal moments and key developments that have significantly shaped the landscape of cybersecurity at the federal level.These stories highlight the challenges federal agencies faced in securing digital infrastructure in the past year and explore the evolving nature of cyber threats, as well as the innovative responses required to address them.New White House cybersecurity strategyThe White House’s…

ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware

12 min read - As of December 2023, IBM X-Force has uncovered multiple lure documents that predominately feature the ongoing Israel-Hamas war to facilitate the delivery of the ITG05 exclusive Headlace backdoor. The newly discovered campaign is directed against targets based in at least 13 nations worldwide and leverages authentic documents created by academic, finance and diplomatic centers. ITG05’s infrastructure ensures only targets from a single specific country can receive the malware, indicating the highly targeted nature of the campaign. X-Force tracks ITG05 as…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today