There are three key laws that govern health care provider Medicare fraud: the Anti-Kickback Statute (AKS), the Stark Law and the False Claims Act (FCA). According to the U.S. Department of Justice (DOJ), recoveries from health care fraud amounted to $2.3 billion in 2014, marking five straight years that the DOJ has recovered more than $2 billion in cases of fraud against federal health care programs such as Medicare, Medicaid and TRICARE, the health care program for the military. The majority of the fraud claims and their associated recoveries come from recognized, industry-leading pharmaceutical companies, hospitals and pharmacies. In the 2013 fiscal year, the Centers for Medicare and Medicaid Services (CMS) took administrative action against 938 providers and suppliers.

Common Medicare Fraud Scheme Examples

Since 2009, the DOJ has recovered more than $14 billion through the FCA, AKS and Stark. There are multiple schemes perpetrated against the government by individuals and health care-related businesses. Some of these include:

  • Billing for services not rendered: Charging for services, treatments, tests, devices and pharmaceuticals that were never provided to patients or attributed to patients who did not exist.
  • Kickbacks: Receiving fees or remuneration for patient referrals for services payable by a government health care program.
  • Upcoding: Misrepresenting services and treatments performed by using billing codes that represent more expensive services than what was actually done.
  • Unbundling: Certain procedures and tests are typically performed as one and billed as such (e.g., a complete blood count test). Unbundling involves billing each step in a procedure or test individually.
  • Other misrepresentations: Falsifying patient records to justify tests or nonmedical procedures as medically necessary to collect payments qualifies as fraudulent.

How Does the CMS Identify Fraudulent Claims?

The CMS uses an advanced predictive analysis program that was put in place in June 2011. According the CMS Report to Congress focusing on antifraud efforts in 2014, the Fraud Prevention System (FPS) is a state-of-the-art fraud system that runs predictive analytic algorithms against all Medicare claims prior to payment. As of June 2014, the CMS had taken action against over 900 providers based on unusual billing behavior identified via the FPS. The value of the prevention and detection actions from June 2013 to June 2014 was over $210 million, resulting in a return on investment of $5 to $1.

Recent Health Care Fraud Takedowns

In June, the Medicare Fraud Strike Force led the U.S. Department of Health and Human Services (HHS), DOJ and FBI in a far-reaching sweep across 17 districts that resulted in charging 243 individuals in Medicare fraud schemes. Included in that number were 46 physicians, nurses and other licensed medical professionals. Along with many fraud-related charges, the defendants were accused of violations of the AKS. The takedown represents the largest health care fraud action to date.

HHS Secretary Sylvia Mathews Burwell said in a statement that with increased resources and new tools, including “advanced predictive modeling technology, we have managed to better find and fight fraud as well as stop it before it starts.”

The combined public and private health care insurance industries generate trillions of dollars each year. There is no known amount of fraud and abuse, but it is safe to say that it is in the hundreds of billions per year — and that’s likely in improper billings alone. The CMS has shown that advanced analytics and improved processes can provide an excellent return on investment while also fighting these crimes.

Lessons for Private Industry

Government agencies don’t usually lead the way in matters such as fraud prevention. However, in this case, private insurers can potentially learn a great deal from the investments made by the CMS.

Intelligence technology such as predictive analytics, forensic analytics and unstructured data analysis tools can help insurers identify unknown or hidden relationships between claimants and recognize patterns of behavior that may predict or indicate fraudulent activity.

Fraud investigation groups within insurance companies do not typically have intelligence functions. Technology and human capital investments into an intelligence function that can leverage an insurer’s data may be able to provide substantial returns on investment, much like CMS has done.

More from Government

NIST’s security transformation: How to keep up

4 min read - One thing that came out of the pandemic years was a stronger push toward an organization-wide digital transformation. Working remotely forced companies to integrate digital technologies, ranging from cloud computing services to AI/ML, across business operations to allow workers to keep up high production and efficiency standards. Now that businesses and consumers have adjusted to the new normal of digital transformation, it is time to develop a security transformation strategy. Coping with the speed of change A constantly evolving tech…

Cyber experts applaud the new White House cybersecurity plan

4 min read - First, there was a strategy. Now, there’s a plan. The Biden Administration recently released its plan for implementing the highly anticipated national cybersecurity strategy published in March. The new National Cybersecurity Strategy Implementation Plan (NCSIP) lays out specific deadlines and responsibilities for the White House’s vision for cybersecurity. The plan is being managed by the White House’s Office of the National Cyber Director (ONCD). Cybersecurity experts have applauded the Administration’s plan as well as the new implementation calendar. For example,…

How the FBI Fights Back Against Worldwide Cyberattacks

5 min read - In the worldwide battle against malicious cyberattacks, there is no organization more central to the fight than the Federal Bureau of Investigation (FBI). And recent years have proven that the bureau still has some surprises up its sleeve. In early May, the U.S. Department of Justice announced the conclusion of a U.S. government operation called MEDUSA. The operation disrupted a global peer-to-peer network of computers compromised by malware called Snake. Attributed to a unit of the Russian government Security Service,…

How NIST Cybersecurity Framework 2.0 Tackles Risk Management

4 min read - The NIST Cybersecurity Framework 2.0 (CSF) is moving into its final stages before its 2024 implementation. After the public discussion period to inform decisions for the framework closed in May, it’s time to learn more about what to expect from the changes to the guidelines. The updated CSF is being aligned with the Biden Administration’s National Cybersecurity Strategy, according to Cherilyn Pascoe, senior technology policy advisor with NIST, at the 2023 RSA Conference. This sets up the new CSF to…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today