Part 1 in a 2 Part Series
The news is awash with headlines that paint a grim picture of healthcare in the United States. From the politicizing of the Affordable Care Act (aka Obamacare) to the Veteran Affairs scandal, and now new reports that rank the US dead last in quality of its health care system when compared with 10 other western, industrialized nations, it’s clear the U.S. is in the midst of a national healthcare crisis.
One of the driving factors behind the crisis is fraud. While fraud currently represents a smaller slice of a greater institutional issue, it has been the medical world’s dirty little secret for years, and is only getting worse.
Healthcare expenditures in the U.S. total $2.7 trillion (that’s 17 percent of GDP), with nearly $1 trillion going to annual Medicare and Medicaid spending on fraud and the rules and inspections required to fight it. There are no current estimates on how much of that is embezzled, and despite some 2,000 active healthcare probes, the industry continues to be an easy target for criminals.
Just last month, law enforcement authorities announced the arrest of 90 people (including 16 doctors and nurses) charged with separate Medicare scams that collectively billed the taxpayer-funded program for roughly $260 million in fraudulent charges. Healthcare fraud is so common in the U.S. that in some cases doctors, pharmacies and patients conspire together, making the scam harder to identify.
For example, elderly patients can receive kickbacks if they sell their details to a pharmacist, who then provide them generic drugs while billing Medicare for the more expensive brands. Clinics are frequently turned into “pill mills” where a “croaker” writes prescriptions for drugs which are then sold on the street. In New York a clinic was recently charged with fraudulently producing prescriptions for more than five million oxycodone tablets, which were sold locally for $30-$90 each.
In 2011, twenty individuals, including three doctors, owners of assisted living facilities, and marketers, were charged in Florida for various healthcare fraud, kickback and money laundering charges related to their alleged participation in a fraud scheme involving approximately $205 million in Medicare billing for purported mental health services.
Following the verdict, U.S. Attorney Wifredo A. Ferrer stated, “Healthcare fraud has come to permeate every level of the healthcare industry, from the owners and managers of dirty clinics, to complicit doctors, program directors, therapist, and patient recruiters.”
Fraud is unpredictable. It moves, it morphs, it evolves. Criminal operations targeting the healthcare industry are becoming more sophisticated and complex. Organized crime groups are taking notice; it’s even been reported that Medicare investigators have found weapons caches when making arrests.
Healthcare scams are so lucrative, in fact, that some cocaine traffickers have shifted to prescription drug fraud because the risk is lower and the reward still high. In particular, patient identity theft has become more profitable than credit card theft, as that information can be used to obtain prescriptions for controlled substances.
As private patient information continues to make its way from file cabinets to databases, federal regulations like ACA and the HIPPA Final Rule have required healthcare organizations to make significant progress towards complying with privacy and security guidelines to better safeguard patient information.
Yet while ACA has helped to introduce tighter screening policies to prevent fraudulent billing, the law has actually increased risk to patients with insecure exchanges, databases and various registration websites, according to a report by the Ponemon Institute.
It takes time for major organizations and agencies to adopt and coordinate new standards and procedures, and cybercriminals have already started to prey on this vulnerable state of catch-up, turning to coordinated cyber-attack methods which involve complex networks of individuals, accounts and events to carry out their scams.
Agencies and organizations already receive far more tips than they can investigate closely. Manual desk audits of thousands of records are intensive, prone to error and take too much time. Adding to the confusion, more Medicare and Medicaid beneficiaries are moving to privately administered plans so federal investigators have less access to that data, leading to fewer fraud-related recoveries. And with the proliferation of networked medical devices, cloud services, online medical record storage and mobile apps, fraud investigations will become even more complex due to the sheer volume of data to sift through.
Healthcare fraud has entered a new digital frontier. Criminal organizations are more professional, better organized and more technologically advanced than ever before. As a result, both public and private sectors are seeking counteractive measures to crunch massive amounts of data, track patterns and ultimately catch fraud earlier, or before it happens.
Next week, we continue our two-part report on healthcare fraud in the U.S. turning to the staggering and increasing impact of cybercrime on businesses and government organizations and what is being done to stop it.