Medicare battles fraud nationwide with analytics

Medicare computer sifts healthcare big data for clues

By John L. Guerra

Editor, GRC & Fraud Software Journal

An FBI agent takes part in a Medicare fraud raid at a durable medical equipment provider.

An FBI agent takes part in a Medicare fraud raid at a durable medical equipment provider.

Aggressive Medicare fraud-busting units, sometimes accompanied by armed federal agents, are raiding suspect healthcare providers in an attempt to find evidence of overbilling crimes. To ensure that doesn’t happen, providers must ensure their documentation for billing goods and services to the Centers for Medicare & Medicaid Services (CMS) must be accurate and complete.

That’s the advice of Farlen Halikman, head of the long-term care practice group at Moore Stephens Lovelace, a regional CPA firm with offices throughout Florida. Healthcare auditing, Medicare and Medicaid reimbursement and litigation support are among Halikman’s specialties. He also helps healthcare providers defend themselves against accusations of inappropriate billing practices.

Though Halikman agrees healthcare fraud is a serious national problem, he criticizes the federal Medicare squads known as Zone Program Integrity Contractors (ZPICs). The CMS-hired contract auditors sometimes use intimidation and coercion to get information from medical staff at facilities that are guilty only of being flagged by CMS’ fraud analytics software, he says.

According to CMS, the ZPIC squad mission is to "Identify cases of suspected fraud and take appropriate corrective actions." When necessary, the squads are accompanied by local or federal law enforcement agents and can notify the U.S. Justice Department of suspect firms, CMS says.

"I have strong feelings about this, the way the government uses their analytics in the healthcare space," said Halikman, a certified public accountant and certified healthcare fraud examiner. "They have certain rules of thumb they’ve devised that looks at a bell curve and normal [payment] distributions. If you fall outside that bell curve in either direction, they target you for payment fraud."

Intimidation, coercion?

"The government knocks on your door and they arrive expecting you to be a criminal, and they behave like that," Halikman said. "Sometimes, they show up at a nursing home or a physician’s office with badges and guns, put the administrator in this room, the assistant administrator in that room, the director of nursing in another room and interview them."

"If the administrator healthcare provider refuses to cooperate, the ZPIC has broad authority to put you on 100 percent payment review.’"

That means any future claims the doctor, nursing home or medical equipment provider files with CMS will be treated as suspect and must run the course of CMS examination. The payment review might take 45 days. If the payment is approved, CMS has another 30 days to write the check.

"You cannot make payroll and pay other bills during that time," Halikman said.

"And it is all because you fell as an outlier on the government’s data analytics and now they treat you like a criminal."

CMS' big, bad anti-fraud machine

CMS has been fighting a losing battle against fraud for years. Medicare fraud is big business, ranging from $17-$54 billion a year in taxpayer money. To combat the tidal wave of theft, CMS installed its hyperactive Fraud Prevention System (FPS) to catch fraud before it pays claims.

CMS described the fraud-prevention software program in its 2014 Report to Congress:

"Since June 30, 2011, the FPS has run predictive algorithms and other sophisticated analytics nationwide against all Medicare fee-for-service claims prior to payment," the report states. "For the first time in the history of the program, CMS is systematically applying advanced analytics against Medicare claims on a streaming, nationwide basis as part of its comprehensive program integrity strategy."

One form of predictive analysis the system uses: Fraud modeling based on prior false CMS benefit claims. By mimicking unique characteristics of fraudulent Medicare claims from past years, CMS can search for those attributes on new claims to determine which healthcare providers should be investigated.

According to CMS, the software also compares billing patterns against Medicare parts A and B claims and is meshed with the center’s claims processing system. It probes big data, including the Compromised Numbers Checklist of stolen provider identification numbers and the Fraud Investigation Database.

Read more

EMV can’t solve CNP Fraud


By Donald Bush, Kount

Hailed as a solution to increase security, how much will the new “chip and PIN” technology really cut down on fraud?

For the last year or so, consumers receiving a new credit card may have noticed a slight change in their card – a new chip on the front – but may not have thought much of it. Little did they realize that they’re part of the larger shift to EMV (Europay, Mastercard, and Visa), in which traditional magnetic strips are slowly being phased out with EMV chip technology that reduces card-present fraud.

Come October of this year, U.S. businesses will join counterparts in Europe, Canada, Latin America and the Asia/Pacific region in making EMV mandatory. Those who have not adopted these new standards will be deemed liable for fraud and assume the costs. Merchants and consumers alike need to be prepared and aware of what is transpiring with this shift, including understanding what will and what won’t happen as a result.

What the EMV standard will do

The shift to EMV is a good first step in combatting fraud – specifically for card-present transactions. With EMV, card-present fraud will potentially decrease. While credit cards using a magnetic strip provide the same data for each transaction, EMV chips create a unique code for every transaction made.

This dynamic authentication is anticipated not only to increase security and reduce fraud for in-person transactions, but also enable the use of future value-added applications such as remote chip authentication, loyalty programs, and information-based programs. EMV will make card duplication much harder, cutting down on counterfeiting fraud or fraud at the Point of Sale.

What the chip and PIN technology will not accomplish

EMV will not eliminate fraud or prevent data breaches. Instead, it will lead fraudsters to adjust their tactics and targets, leading to a surge in Card-Not-Present (CNP) fraud. We know this because every market that EMV has been implemented in the fraud has gone up dramatically. The UK experienced a 350-percent increase in CNP fraud losses from the adoption of EMV in 2001 to 2008.

CNP fraud usually doubles in the announcement phase, doubles in the implementation phase and continues to go up. The potential amount of CNP fraud for the US will likely be even greater as it is undergoing this transition after e-commerce has grown exponentially and minimized friction.

As the shift to EMV continues, businesses need to prepare for the in-person changes – including adopting EMV-friendly payment processors and receiving updated credit cards. Merchants also must be ready for the potential increase in fraud online, where the card is not present for the merchant to see.

Businesses and consumers must not only prepare for different procedures for credit card transactions, but have systems in place to combat evolving fraud.

Fighting fraud requires a collaborative effort from all players in the payment chain, and tackling fraud at the top of the chain (payment service providers, banks and acquirers) will make the biggest difference. Anti-fraud solutions and capabilities must operate seamlessly together in real-time. A truly comprehensive platform that operates in real-time is not a luxury – but a necessity.

Donald Bush is the vice president of marketing for Kount. He can be reached at