Nuts & bolts of health care fraud examinations

Health care fraud examinations can be laborious. Discovery of evidence can be elusive. You need the most reliable sources and resources. Here’s a practical sampling of some of the best places to start from a fraud examiner who’s worked scores of cases.

Excerpted and adapted from Healthcare Fraud Investigation Guidebook, CRC Press, by Charles E. Piper, CFE, pages 85-97. Available at the ACFE Bookstore, Amazon.

Years ago, I conducted a highly complex financial fraud examination of a contractor. I relied on an experienced auditor and accountant to review and analyze cost and expense reports. He was patient and better at the numbers than me. Because of his expertise in accounting, I later asked him to review a list of questions I planned on asking the chief financial officer (CFO) of the suspect company. The auditor said, “We don’t need to ask these questions because we already know the answers to them.”

What the auditor didn’t understand was that we weren’t playing a game of “whodunit?” Although we already knew the answers to the questions, that was immaterial. I was trying to put together a strong case in which information could be corroborated by several different sources. By corroborating the information, I (and a potential jury) could be confident that 1) the information was accurate and 2) the suspect’s defense attorney would have a more difficult time trying to refute the information. In short, the more sources from which you obtain the same information, the more likely that information will be considered credible and reliable.

This is just one of the many lessons fraud examiners can learn when conducting health care fraud examinations. Fraud examiners might have access to numerous sources and resources, so it’s important to know how and when to use them. In the case above, I used the help of an auditor (my resource) to glean enough information to put together a proper list of questions for the suspect company. And while his approach to interviewing didn’t match mine, fraud examiners should collaborate when working to their end goals.

Information you want and need is often available from more than one source. Of course, you’ll consider some sources more reliable than others, and some will be the “most reliable.” But don’t make the mistake of thinking there’s only one place to legally obtain the documentation and/or information you need. Sometimes investigators tend to think “either or” when they could or should be thinking, “both,” “many” or “all of the above.” Obtaining information from more than one source helps corroborate that information.

Health care fraud examinations, as I discovered early, can be grueling ordeals. So, I want to share some of the nuts and bolts of sources and resources I’ve used in the many cases I’ve worked.

Locations of documents and records

Most of the information in this article applies to those who have the authority to conduct health care fraud examinations — not the public. As you know, members of the public don’t always have access to the same sources and/or information as do fraud examiners, law enforcement officers and insurance investigators.

[Members of the public are permitted to make open source and public information requests, and Freedom of Information Act Requests (FOIA). They also can check open court documents and other records, and perform internet searches. Their attorneys might be able to issue subpoenas and take additional steps to obtain information.]

Don’t expect quick responses when requesting documents or information from the government, and do expect that you might have to pay the costs of copying and research. A private citizen’s requests for information might be denied if the release of that information isn’t permitted. Sometimes it’s worth appealing denials.

Here are the types of documents and records that fraud examiners often need when conducting health care provider examinations:

• Patient files (including lab and other related files).
• Treatment/service files.
• Insurance claim forms.
• Proof of payment (or lack of payment).
• Explanation of Benefit (EoB) forms.
• Appointment books (for patients).
• Sign-in logs (for patients).
• Employee personnel files.
• Provider and health care facility files (described above).
• Emails.
• Financial records (suspect bank accounts and other assets).

Below is a list of a few sources where you can obtain much of the above information during health care provider fraud examinations. Obviously, an insurance company or government health care program won’t have the financial records of a suspect provider, but they probably have the provider’s direct deposit bank information. (Of course, always obtain all such documents in a lawful manner.)

Health care facilities

The best source to obtain many of the documents and records listed above will be at the health care facility where the patients were examined and treated, or by the entity that submitted the claim forms. Of course, if you start there, they’ll know an investigation is taking place, which might or might not be one of your concerns. If a patient was treated at a doctor’s office and a hospital, both should have records about the services provided.

Keep in mind that many health care providers that provide services at hospitals aren’t employees of the hospitals. Many sign contracts with the hospitals to provide services there.

Insurance companies and government insurance programs

The best source from which to obtain any health care claim or related payment information will be the insurance companies or government programs responsible for receiving and paying those claims.

Don't expect quick responses when requesting documents or information from the government.

Because most large-scale health care fraud examinations involve claims submitted over several years, make sure any material rule changes were actually in effect when the claims were submitted. For example: a rule change implemented in 2015 might not have pertained to claims submitted in 2014 or earlier. Rest assured that a good health care fraud defense attorney will notice that if you didn’t.

Third Party Administrators and fiscal intermediaries

Insurance companies and government programs often utilize other entities to conduct payment reviews and to process reimbursements. Those entities are sometimes called Third Party Administrators (TPA) or fiscal intermediaries. The program integrity office of the insurance company or government program will be able to tell you if they use a TPA or fiscal intermediary, where those records are maintained and how to request the records.

Outsourced claims filing services

Similarly, the health care providers might also outsource their insurance claim billings. If so, the subcontractors should have documents you’re interested in.

You’ll need to ascertain who and where claims forms were generated. The claims for payment might be generated at a completely different location than where the services were provided and by a completely different entity.

A common defense strategy of health care providers when caught or accused of submitting false claims is to blame whoever typed and submitted the claim forms. Some providers employ their own in-house coders who determine those codes to list on claim forms. Other providers might outsource this procedure.

Many providers will throw their own employees and their subcontractors under the bus to try to get themselves off the hook. Sometimes those providers will be correct; it might be the fault of the coders for listing incorrect information on the claim forms. But sometimes the coders just do what they’re told to do by their employers.

Collection agencies

Sometimes health care providers and/or their entities hire collection agencies to audit their claims and payment records to seek funds that haven’t been paid yet. Those entities usually receive a percentage of the funds they collect and might intentionally or unintentionally submit requests for payments that have already been paid. Make sure you know who submitted the claims for payment and from where they were submitted.

Anytime you see claim dates that are long after the actual service dates you should try to determine if the claims have already been paid because those might be double billings. Those collection agencies might also have documents that are of interest to your investigation.

Law enforcement and program integrity units

An often-overlooked source for documents and records are local, state and federal law enforcement organizations. Your suspect could’ve been investigated for similar or other offenses in the past. Those organizations have records of their previous investigations even if there weren’t convictions. The program integrity office for the insurance companies and government programs should know whether there were any previous investigations of the suspects involving their programs. In fact, sometimes the suspect was previously officially warned not to do it again, but they do it again anyway.

The government program or private insurance company’s payment offices or program integrity office should also be able to sort and filter the claims and payment data and provide it in a spreadsheet format. You’ll want it in this format before asking for copies of all paper or electronic claims. As a courtesy, don’t ask other people to do extra work unless you’re sure it’s necessary.

Here are other notable entities you should consider:

• Patients: Former and current patients (and/or the policy holders) will often have copies of EoB forms and records of payment, including any co-payments or receipts.
• Employees: Current and former employees of suspect entities sometimes bring documents and records home as evidence of fraud because they don’t want to be wrongly accused.
• Email: Previously sent and received emails are often valuable to investigators. Once in a while you find a “smoking gun” to prove your case.
• Financial record locations: We must respect others’ legal right to financial privacy. We should seek, store and share financial records in accordance with existing laws. As a private investigator, I often obtain financial information on individuals and business entities by utilizing various subscriptions to information brokers and collection type agencies. Subpoenas, search warrants and legally obtained credit reports are also good starting points.
• Others: Ambulance, pharmacist, durable medical equipment and other suppliers also have their own unique records and documents. Documents are often located at their facilities, but don’t assume that’s always the case.

Using software and professional relationships

During one of my examinations, the owner of a medical equipment supply company was suspected of paying bribes to a government contracting officer in exchange for awarding contracts to him. The supplier was also suspected of having falsified proofs of U.S. mail return receipt cards. I later found evidence that the owner shipped bribery payments through an overnight private carrier to the contracting officer’s home address. I visited a U.S. post office and learned postal return receipt cards that the owner gave me to prove he’d make the shipments were forgeries.

Many providers will throw their own employees and their subcontractors under the bus to try to get themselves off the hook.

Analytics and data mining

Companies, investigative analysts and others can create and use software to conduct data analytics and data mining to identify potential health care fraud. These software packages can find information about irregular or questionable billings, prescriptions written or received, patient visits, etc. 

Audits and compliance reviews

Government insurance programs and private insurance companies can officially ask providers for supportive documentation regarding questionable claims. Sometimes submitted claims contain administrative errors. Questionable billings often can easily be cleared up when the provider responds to these requests — not every questionable billing or series of questionable billings warrants referral for investigation.

Private insurance companies

Private insurance companies’ special investigation units and federal and state law enforcement organizations often communicate with each other and will share useful information.

Federal and state investigative agencies

Private insurance companies and federal and state investigative agencies often work closely with other federal investigative agencies. For example, if an investigator from a private insurance company asks the FBI for assistance, the FBI might then contact HHS-OIG to determine if Medicare was also a victim.

National Practitioner Data Bank (NPDB)

The NPDB is a U.S. government program that collects negative information on health care providers. It includes information such as: medical malpractice payments, adverse clinical privileging actions and adverse professional society memberships, health care related civil judgments and criminal convictions, exclusions from federal or state health care programs, and negative findings by state licensing or certification authorities.

Although members of the public can’t access this information, it can (perhaps with some limitations) be accessed by the U.S. attorney general and other law enforcement, state Medicaid fraud units, state agencies that administer state health care programs, state licensing and certification authorities, agencies or contractors that administer federal health care programs, hospitals, other health care entities with formal peer review and select others. For additional information, visit: npdb.hrsa.gov.

RAT-STATS (Statistical Software)

The Health and Human Services, Office of Inspector General’s website reports that it uses statistical software called “Rat-Stats.” The following information was reprinted from HHS-OIG’s website in June 2015:

“RAT-STATS is a free statistical software package that providers can download to assist in a claims review. The package, created by OIG in the late 1970s, is also the primary statistical tool for OIG’s Office of Audit Services.

Among other tasks, the software assists the user in selecting random samples and estimating improper payments. We have attempted to make RAT-STATS as user-friendly as possible, keeping in mind the program uses technical statistical terms. OIG does not provide technical support for RAT-STATS.

Although OIG does not require the use of RAT-STATS, many providers download the software in their efforts to fulfill the claims review requirements for corporate integrity agreements or provider self-disclosure protocol.”

For more information, visit: oig.hhs.gov/compliance/rat-stats.

Other professionals

Here are other professionals who might assist a health care fraud examination:

• Nurses and other healthcare professionals.
• Program integrity and risk management personnel.
• Internal and external auditors.
• Analysts.
• Computer forensic examiners. 
• Information Technology (IT) personnel (recover email, internet histories, etc.).
• Certified Public Accountants.
• Forensic laboratory personnel (question documents, handwriting, etc.).
• Hotline call recipients.
• Human Resources (HR) personnel.
• Accredited Health Care Fraud Investigators.

Don’t let your tools collect dust

These are just some of the many sources and resources that health care fraud examiners have at their disposal. Working together with other health care professionals and seeking out the information to fill in the blanks will help you navigate the complex health care system.

Read about another health care fraud prevention tool in Audio recording physicians’ exams to prevent fraud, by Kathleen A. Nicholls, Associate Member. — ed.

Charles E. Piper, CFE, CRT, is the owner of Charles Piper’s Professional Services in West Tennessee. He had a 30-year career in law enforcement, including 20 years as special agent-criminal investigator with the U.S. Department of Defense. Piper was the recipient of the ACFE’s Hubbard Award in 2014. His email address is: pipercfe@cs.com.