Combating health care fraud as CMS loosens rules to respond to coronavirus

In the midst of a raging, all-hands-on-deck battle, the rules of engagement tend to change fast. That’s one way to understand the move by the Centers for Medicare and Medicaid Services (CMS) to relax their standard rules in the face of the health care response to COVID-19, on everything from licensing to reimbursements and well beyond. CMS is looking for every possible way to make it easier for care providers to respond to this once-in-a-lifetime challenge.

When the rules are relaxed, however, it’s also easier for fraudsters to seize a once-in-a-lifetime opportunity to cheat the system. While fraud in health care presents a persistent, year-over-year challenge (more than $68 billion per year according to the National Health Care Anti-Fraud Association) to state governments seeking to balance quality care with effective cost management, the scale of potential fraud opened up in the wake of these changes to CMS rules is simply beyond anything our health care infrastructure and state governments have encountered before. This fraudulent activity occurs at a moment when health care providers (from entire hospital systems to individual providers) are encountering a steep drop in incoming revenue as the virus response dominates health care. On top of everything else, now many have to worry whether they can stay afloat over the long term.

All these factors point to fraud emerging as one of the top “second-wave” challenges in the months following the initial battle to contain the virus. While governors and their staffs are focused on securing beds and ventilators today, tomorrow they’ll be focused on containing massive, system-wide fraud.

Conducting manual reviews and audits in this environment, at this scale, is an unrealistic goal. Which is one reason why governors are implementing AI- and machine-learning enabled analytics capabilities for identifying the faint signals of fraud hidden in massive amounts of readily available data.

Advertisement

What does fraud look like in this new, relaxed-rules environment? And how can analytics tools be used to identify, anticipate, and actively reduce fraud? Here are a few prime examples of fraud that governors and Medicaid directors should expect to encounter very soon – and the analytics techniques that can help.

Overbilling for medical equipment and supplies

CMS is lifting many critical auditing requirements for these expenses, making it much easier to fraudulently overcharge the system for them. If a provider charges for unused oxygen canisters, for example, what is the likelihood they will be found if auditing isn’t mandated? What if they’re providing equipment that isn’t medically necessary to achieve healthy patient outcomes? In this new environment, it will quickly become even more difficult to know.

Applying analytics can help review billing anomalies based on volume, social networking, frequency, maintenance and repair modifiers and identify fraudulent activity that would otherwise go undetected.

Overbilling for telehealth/telemedicine

Before the virus hit, CMS required providers who were delivering services remotely using telehealth capabilities to rely on video livestreams, recorded and documented for auditing purposes. Today, those rules have been waived, making it very difficult to compare what providers report to what they actually did. For those intent on committing fraud, this is a significant opportunity to increase billings exponentially.

Analytics can also help here by analyzing billing practices by frequency, location and time of day using medicare telehealth visits codes, virtual check-in codes and e-visit data to evaluate whether there has been abuse in billing from activity that never actually happened.

Collusion in hospital discharges

Under normal circumstances, hospitals are required to provide discharged patients with options for continuing care – at rehab facilities or nursing homes, for example. Today, however, to help expedite discharges, CMS has loosened the rules and does not require formal discharge procedures to be in place. The result? Discharged patients could be directed only to facilities owned by the hospital system, which has a direct financial interest in them – or to a facility that has established a fraudulent relationship with hospital employees.

Leveraging analytics to execute a comprehensive review of social networking data for facilities recommended in patient discharge plans could help more accurately confirm or deny if collusion occurred. Additionally, monitoring of data on facilities used compared to facilities recommended by hospitals could lead to evidence of collusion or kickback violations.

Combating fraud

These are only a few quick examples to show the depth, range and scale of potential fraud in the wake of loosening CMS rules, requirements, and guidelines. As CMS has rolled out individual rule changes, we have identified a growing list of fraud “hot spots,” with detailed plans for analytics-enabled remediations.

There are many organizations quickly ramping up to help states manage these new challenges. For instance, SAS and Intel are working together with state governments to operationalize analytics capabilities at scale, and to prepare for the significant data volumes on the way, to help reduce fraud as states rise to meet these new challenges.

Why is this so important now? Because state governments must ensure that citizens in need get the help they require as quickly as possible, which will require all the financial resources at their disposal – fighting fraud along the way helps ensure that the full amount allocated for citizens makes its way to them. It is particularly important to identify and stamp out fraud as early as possible, before it takes a significant financial toll on state budgets.

Marty Bobroske is an advisory solutions architect in the SAS Global Security Intelligence practice.