Catching health care fraud with statistical graphics

When Florida Governor Ron DeSantis banned all nonemergency medical procedures in the state in early 2020 to help battle rising COVID-19 cases, Physician Partners of America LLC (PPOA) searched for other ways to compensate for falling revenue. The solution? The health care provider allegedly required its physicians to schedule unnecessary telemedicine visits every 14 days instead of each month. It then overbilled Medicare and Medicaid, the U.S. federal insurance systems for older and low-income Americans, by submitting overvalued evaluation and management (E&M) codes that compensated PPOA more than was warranted by the patients’ visits.

PPOA’s alleged scams didn’t stop there. The U.S. Department of Justice (DOJ) accused it of submitting claims to Medicare for unnecessary urine drug testing and illegally incentivizing its physicians to order such tests by paying them a percentage of the revenue garnered from such illicit activity. And to top it off, PPOA also lied to the U.S. Small Business Administration about its illicit activity to obtain a $5.9 million loan from the Paycheck Protection Program. In April, PPOA’s founder, Rodolfo Gari, and its former chief medical officer, Dr. Abraham Rivera, agreed to pay $24.5 million to resolve those allegations. (See “PPOA Settlement Agreement,” Phillips and Cohen, March 23, 2022 and “Physician Partners of America to Pay $24.5 Million to Settle Allegations of Unnecessary Testing, Improper Remuneration to Physicians and a False Statement in Connection with COVID-19 Relief Funds,” DOJ, April 12, 2022.)

Medicare and Medicaid use codes like the ones in the above case to determine how much to pay insurers and health care providers. The agencies continue to be easy targets for fraudsters seeking to scam the state insurance system. Codes are used to categorize procedures, diagnoses and equipment. The billing system for these areas can seem complicated and arcane, which of course makes them vulnerable to fraud. The manipulation of diagnosis codes, for example, recently has been particularly prevalent, resulting in some large legal cases. (See “Everything you need to get started in medical billing & coding,” MB&CC and “Introduction to Billing Code Systems,” ASHA.)

[See sidebar: “Cracking down on diagnosis coding”.]

Upcoding is an ongoing and costly problem

While firm numbers on the cost of upcoding fraud are hard to come by, some experts estimate that billions of dollars are lost to this type of fraud annually. According to a 2020 article in the American Medical Association (AMA) Journal of Ethics, fraud related to upcoding costs a whopping $100 billion a year. (See “What Should Health Care Organizations Do to Reduce Billing Fraud and Abuse?” by Katherine Drabiak, JD, and Jay Wolfson, DrPH, JD, AMA Journal of Ethics, March 2020.)

What’s clear is that incorrect coding has been in the crosshairs of the Office of Inspector General (OIG) for the U.S. Department of Health and Human Services for quite some time. OIG estimated that 55% of claims in 2010 for E&M services alone were incorrectly coded and/or lacked proper documentation, leaving Medicare out of pocket by $6.7 billion for such claims that year. (See “Improper Payments for Evaluation and Management Services Cost Medicare Billions in 2010,” by Daniel R. Levinson, Inspector General, May 2014.)

Although improper coding doesn’t always necessarily equate to fraud, it’s clearly on the rise in certain corners of the health care system and worthy of fraud examiners’ attention. Last year, the OIG found that billing for inpatient hospital stays at the “highest severity” — and costliest — coding levels jumped 20% from 2014 to 2019. (High severity involves the diagnosis of patients with major complications such as acute respiratory failure or sepsis.) Stays billed at the highest severity level accounted for nearly half of the $109.8 billion Medicare spent on inpatient hospital stays during fiscal year 2019. And that was before the COVID-19 pandemic strained the capacity of many hospitals. Perhaps more suspicious is that the OIG found that nearly a third of those high-severity stays lasted a particularly short time and over half only had one diagnosis qualifying them. (See “Trend Toward More Expensive Inpatient Hospital Stays in Medicare Emerged Before COVID-19 and Warrants Further Scrutiny,” U.S. Department of Health and Human Services, Office of Inspector General, February 2021.)

Use of visual representations

Sifting through what often are copious billing requests to uncover fraud is challenging, but the visual representation of data analytics can help. Here we examine how fraud agencies have used graphic representations of numeric E&M health care codes to identify providers that were potentially defrauding the Medicaid program. We used billing data from doctors in a 14-state area of the Western U.S., which one of the authors used in real-life investigations while working at AdvancedMed Corporation, a company that provides services to detect and prevent fraud in the Medicare system. A variety of physicians use E&M codes to bill public and private health care insurance companies for hospital, office and home visits as well as preventive care services. Codes are based on the total time devoted to patient care on a specific date whether in the office or in another outpatient setting. (See “E&M Codes,” Foresee Medical.)

While the data came from the Medicaid program, our experience and that of involved law enforcement investigators have shown that many providers who knowingly and willfully commit fraud against the Medicaid system will also submit false reimbursement claims to other health care programs. 

These unscrupulous providers comprise only a small percent of licensed U.S. physicians, but many of them have found a seemingly easy way to pad their reimbursements much like PPOA’s case described earlier. Inflating, or upcoding, the E&M codes results in a higher reimbursement than the provider is due. In addition to filing false claims, committing health care and wire fraud — and possible money-laundering violations — these providers are committing ethical violations of their esteemed profession.

Digging into the data

Fraud investigators can use statistical analysis to identify potential health care fraud in any health care program database where reliable data is available. Here, we focused on the upcoding of office visit codes in Medicaid by analyzing the overall billing patterns of a specific group of Medicaid providers and identifying those who claimed significantly higher reimbursements than other similar practitioners in the same geographical area. Following this identification, we used statistical analyses to look for potential fraud in other areas of medical billing.

Medicaid providers send their reimbursement claims directly to the Medicaid administrator in their state without initial review or control by the patients who received the services. (Sometimes, a brief listing of medical services claimed by the provider may be subsequently sent to the patient.) When a state Medicaid office receives a claim, a computer analyzes it for completeness. Very little additional review occurs. Medicaid assumes that the services provided are medically necessary, honestly described on the filed claim and that the provider maintains accurate records sufficient to support the claim as filed. Under those circumstances, the computer automatically pays the claim. Currently the Medicaid system primarily identifies fraudulent providers through routine audits conducted by state Medicaid administrators, outside agencies or the more controversial undercover auditors known as secret shoppers who pose as patients. (See “Medicare and Medicaid audits and investigations: Digging into the details,” by Francis J. Serbaroli, ALM Benefits Pro, May 18, 2021 and “Your Next ‘Patient’ May be an Undercover Secret Shopper Performing a Medicare Audit on Your Practice,” by Robert Liles, Liles Parker, April 10, 2010.)

With hundreds of thousands of Medicaid claims submitted each month, it’s extremely difficult for the system to identify fraudulent claims. The estimates of accepted claims suggest that the majority of health care provider billings are accurate and honest. But there remain those who undermine the integrity of the program by submitting inflated codes on the hope that the sheer volume of health care reimbursement claims will hide their wrongdoing. It quickly becomes apparent that poring through volumes of computer printouts and endless Excel spreadsheets may not be the most effective way to identify potential fraud. Statistical graphics provides a solution to that problem. A single graphic can represent thousands of claims and hundreds of pages of printed data. As one Medicaid investigator noted, “If a picture is worth a thousand words, a statistical graphic is worth at least 100 pages of printout."

To identify potential fraud using statistical graphics, we clustered provider specialties so that physicians were compared with a homogeneous group of their peers (i.e., pediatricians to pediatricians, etc.). Graphics and algorithms were then developed to analyze specific provider specialties. Here we focus solely on one type of fraud: upcoding for patient office visits by family practice physicians.

The table below shows the E&M procedure codes for patient office visits, the suggested amount of time required for different levels of service and the average maximum one-time payment allowed by Medicaid for each level of office visits at the time of these visits. These payments change over time but remain consistent in how they relate to the level of service. Services range from minimal services where the provider may give an injection or take a blood pressure reading to comprehensive services where the provider spends an hour or more with the patient. Medicaid pays more as the levels of service increase. This increasing payment tempts some physicians to upcode by billing Medicaid for extended or comprehensive office visits when only minimal or brief services were provided.

The first step in identifying this type of fraud was to create a standard distribution of the five office visit codes for all family practice physicians in our 14-state sample. Next, we calculated the overall percent of each office-visit code that providers billed over a specific period of time, in this case from 2000 to 2016. The aggregates became the standard to which each individual provider was compared to the entire group. We used side-by-side bar charts to show the comparisons. 

Peer-to-peer comparisons

We selected family practice providers for these examples because they have the largest percent of office visits among specialty types and therefore provide a very robust database for comparison to individual providers. If a particular provider’s billing pattern approximates the group norm, they’re considered in line with all peers and not of concern to investigators. Figure 1 below illustrates one such family practice provider using a side-by-side bar chart to compare the doctor (light green bar) with the overall distribution of all family practice providers (dark green bar). In this case the provider’s billing is statistically similar to peer billings. 

Figure 2 below is an example of a family practice provider who billed Medicaid almost exclusively at the comprehensive level of service. This level of billing may be justified if the medical practice deals primarily with more seriously ill patients. A review of a sample of the patient’s medical records and other billings (medications, therapy, etc.) will support or disprove a serious diagnosis. If the deviation from the norm occurs only in the level of service claimed, not in the medical practice, the provider may indeed be overcharging Medicaid. The deviation from the norm is obvious when the data is presented graphically as it is in Figure 2.

Catching the fraudster

An example of an actual case that emerged from the statistical graphics used in Figure 2 involved a family practice provider who billed almost exclusively in the comprehensive category. Further investigation was warranted, so the case was assigned to fraud investigators. They were provided with a copy of the statistical graph (Figure 2) and a random sample of the names of 20 of the provider’s Medicaid recipients. 

The investigating team visited the family practice office and reviewed the case files for the 20 patients who’d been selected through random sampling. The patients didn’t have more extensive medical problems than normally occur in most family practices. Nor did the physician specialize in a specific type of family practice that required extended patient visits.

When investigators asked the physician to explain why the billing was mostly comprehensive when there seemed to be no justification in the records for that level of billing, the physician fainted. He subsequently pleaded guilty. Similar evidence has been enough to make other physicians confess to their crimes. 

The family practitioner in this case was banned from the Medicaid program and required to reimburse the total estimated amount of fraud. The physician was also ordered to pay three times the amount of the identified fraud (treble damages).

An important advantage to a statistical graphics approach to locating billing outliers is that multiple providers can be compared with peers in a very short period of time. Those practitioners identified as least similar to the group can then be singled out for further review and analysis. 

Broader look at the data

A limitation in the use of side-by-side bar charts is that they summarize all the data over a selected period of time. Summaries may hide important information that can only be detected by looking at data in the context of time intervals. Figure 3 below eliminates that problem by summarizing the various E&M codes by month. The percentages are then plotted and the points joined to show a general trend for all family practice doctors. It becomes clear that the level of service for family practice office visits is very stable over time. For example, Figure 3 reveals that almost 50% of all office visit billings are for intermediate-level services, with only random fluctuations over time. The extended level of service was claimed for about 40% of office visits, while less than 5% of billings were for the comprehensive level of service.

Once the standard level of service for a particular specialty has been determined, we can then compare all individual doctors with the standard to determine which practitioners are noticeably different from their peers (outliers) and therefore merit further investigation.

Figure 4 below shows that using a line graph instead of a bar chart allows investigators to see when changes occur in a particular provider’s billing practice. At about halfway through this time period, a change occurred in either the provider’s medical practice or billing practice. This change shows that the percent of intermediate billings took a steep decline while the percent of comprehensive billings increased sharply. A random sample of patient records before and after that change would show whether it was the medical practice that changed or only the billing practice. Ideally, some of the same patients should be compared in both time periods as part of further investigations. 

Doctors whose billing patterns indicate possible fraud are asked for justification for billing changes. They sometimes have legitimate reasons for the changes, but in other cases they have given a variety of explanations invented to cover up their fraud.

Dramatic difference: a case study

In another case using the same data, investigators identified another family practitioner whose line graph changed dramatically over time. They followed up by visiting the doctor’s office armed with a random sample of names from the practice to examine specific Medicaid records. 

After examining the Medicaid files from the random sample, investigators found no justification for the change in billing codes. Services rendered, as described in the files, remained about the same. However, the records showed that the amount of time documented for the same services increased. 

When investigators asked the provider about this discrepancy, they said a new billing clerk had been hired who might not yet understand the billing requirements. In a subsequent interview, the referenced billing clerk denied knowing anything about billing with medical codes and was only billing the way the doctor had instructed. Further, this billing clerk suggested that the investigators would benefit by interviewing the former billing clerk. 

The investigators located the previous billing clerk, who advised them that the provider had directly told her to change the billing codes to bill office visits for a higher level of service. The former billing clerk had tried to explain to the physician that such a change was illegal. The former billing clerk refused to follow the new instructions. Thereafter, she was dismissed from her job and replaced by a clerk who lacked her experience and knowledge of billing. This family practitioner was convicted of fraud and excluded from the Medicaid program for five years.

Being proactive

Proactive identification of E&M upcoding is one of many statistical procedures that fraud investigators can use to find potential medical fraud. It’s also only the beginning step in determining and proving criminality. Once investigators have identified a provider’s potentially fraudulent billing patterns, they must review a random sample of all the provider’s claims for accuracy and honesty. A full investigation may also include interviews with former employees of the medical practice and consulting with the attorney general’s office about potential prosecution. It should also involve comparing other suspected coding errors with the overall dataset of providers to see if additional fraudulent claims may have been submitted. 

Medical practitioners are among the highest paid and most trusted professionals in the U.S. It would seem unnecessary for them to augment their incomes fraudulently at the risk of being caught and punished. Unfortunately, some are willing to take that risk. We hope that as more fraud is identified, attempts to defraud Medicaid and other health care programs will decrease, leaving previously stolen funds available to meet actual beneficiary needs.

The use of statistical graphics has been growing in popularity in many technical disciplines. Such graphics are very useful for detecting medical billing fraud as well. They’re particularly powerful for examining extremely large financial databases, and they pack an abundance of information into a few simple forms. Powerful computers using sophisticated software can now easily generate statistical graphics. This should encourage health care fraud examiners to incorporate statistical sampling and analyses along with graphic displays into their investigations of potential medical billing fraud.

Terry Allen, Ph.D., is an adjunct professor at Weber State University in Utah. Contact him at terryallen3@weber.edu.

William McBee, CFE, LPI, is executive vice president and chief compliance officer at Provider Resources, Inc., a federal health care expert. Contact him at wmcbee@provider-resources.com.

Cracking down on diagnosis coding

Late last year, the U.S. Department of Justice (DOJ) accused Kaiser Permanente, a California-based managed care consortium, of defrauding Medicare of $1 billion by submitting inaccurate diagnosis codes through the federal health insurance system’s Advantage Plan. (See “Kaiser Permanente Defrauded Medicare of $1 Billion, DOJ Alleges,” by Lydia Wheeler, Bloomberg Law, Oct. 26, 2021.)

Kaiser has denied the accusations and oral arguments on motions to dismiss the case were scheduled to take place on October 14, 2022. But the case has helped shed a light on how some health providers have been abusing and fraudulently extracting money from Medicare and Medicaid’s managed care plans through sophisticated upcoding schemes. And they’re increasingly using the power of technology to help them. (See “California Federal Court Sets Oral Argument In Medicare Advantage False Claims Act Suit Against Healthcare Giant Kaiser Permanente,” by John E. Kelly, Jacquelyn Papish and A.J. Bolan, The National Law Review, June 30, 2022.)

The DOJ filed the complaint against Kaiser Permanente last year after six whistleblowers spoke up about what they said was a multiyear scheme to upcode patients’ diagnoses so they could receive high-value payments from Medicare. The health care firm allegedly used algorithms to data mine and identify high-value codes and “then determined the diagnoses its doctors would need to make to support the [codes] Kaiser wanted to submit for Medicare reimbursement,” according to the court filing. (See “United States ex rel. Osinek v. Permanente Med. Grp.,” Casetext, May 5, 2022.)

Kaiser is not the only health care provider accused of using data mining to these ends. Last year, the DOJ accused New York health provider Independent Health and an affiliated medical analytics company, DxID, of using unsupported risk codes to scam Medicare’s Advantage Program. This marked the first civil suit by the U.S. government targeting a data miner for this kind of fraud. (See “The DOJ Says A Data Mining Company Fabricated Medical Diagnoses To Make Money,” by Fred Schulte, NPR, Sept. 14, 2021.)

Medicare and Medicaid’s managed care plans, such as Medicare Advantage, have been subject to considerable abuse in recent years. Experts have been sounding the alarm, and the DOJ has started to crack down on this type of fraud. (See “ DOJ and OIG ramp up enforcement of risk adjustment coding: 5 compliance tips for providers,” by Nicole Jobe and Catherine Feorene, Thompson Coburn LLP, Jan. 27, 2022; “Medicare Advantage Upcoding, Overpayments Require Attention,” by Paul N. Van de Water, Center on Budget and Policy Priorities, Oct. 30, 2018; and “The Coming Explosion Of Medicare Advantage Fraud And Penalties,” by David Lareau, Forbes, Aug. 19, 2022.)

Through these plans, private insurers known as managed care organizations (MCOs) like Kaiser Permanente and Independent Health offer Medicare and Medicaid beneficiaries insurance plans and in turn contract with health care providers, such as doctors and hospitals as part of this service. The Centers for Medicare and Medicaid Services (CMS), an agency of the U.S. Department of Health & Human Services, pays MCOs a fixed monthly amount, which they determine through risk scores based on different factors such as demographics and the diagnosis of each patient. Health care providers bill MCOs based in part on diagnostic codes meant to gauge the degree of the patient’s health now and into the future. Those codes determine risk scores and how much the CMS pays MCOs and in turn health providers each month. With CMS providing higher compensation for sicker patients, there is a strong temptation to upcode and commit fraud. (See “Managed Care Fraud,” Whistleblower Law Collaborative.)