- ABA Groups
- Resources for Lawyers
- Career Center
- About Us
Introduction to Health Care Fraud
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) established a national Health Care Fraud and Abuse Control Program (HCFAC or the Program), under the joint direction of the Attorney General and the Secretary of the Department of Health and Human Services (HHS), acting through the Department's Inspector General (HHS/OIG), designed to coordinate federal, state and local law enforcement activities with respect to health care fraud and abuse 1. The most common kind of fraud involves a false statement, misrepresentation or deliberate omission that is critical to the determination of benefits payable. 2 Unfortunately, because there are so many creative ways to commit fraud in the healthcare industry, and especially where Medicare or Medicaid is involved, it is encumbent upon health insurance companies, hospitals, pharmacies and all forms of payors to actively pursue and detect healthcare fraud through: employee training, claim surveys, and outside tips either through anonymous toll free or web based reporting. Health care fraud is punished federally with criminal and civil penalties, as well as state criminal and civil penalties. Moreover, some states impose nuanced practices among their healthcare payor organizations to create special investigative units ("SIU") to detect and report fraud. Theses "SIU"s have the responsibility of referring all suspected or at the very least allegedly actionable activity to the state's fraud division. Medicare Advantage HMO's in those states would follow the state's mandates, but pursuant to federal pre-emption would be obligated to report any suspected fraud to Medicare, and at the very least dual notify.
Recent cases involving Fraud, Waste and Abuse (FWA) 3
Some examples of fraud are billing for services that were not furnished and/or supplies that were not provided; or offering, soliciting or accepting bribes, kickbacks, or discounts for the referral of patients or order of services or items. Likewise abuse sometimes may be characterized by charging in excess for services or supplies; or providing services that do not meet professionally recognized standards.
However, a more cogent example was when Tenet Healthcare Corporation, which operates the nation's second largest hospital chain, entered a five-year CIA and agreed to pay more than $900 million to settle charges that it engaged in unlawful billing practices in violation of the FCA, in 2006. The alleged unlawful behavior included receiving inflated outlier payments, paying kickbacks to physicians, and upcoding. 4
In 2007, East Tennessee Heart Consultants (ETHC), a cardiology practice, agreed to pay $2.9 million and enter a five-year CIA to settle allegations that it violated the FCA 5 (42 U.S.C. §1320a-7b(a)) and a state false claims statute. 6 Allegedly, the practice had a policy to retain overpayments received from government health care programs and not pay refunds unless specifically requested. The government claimed that ETHC had submitted false claims because it had knowingly submitted claims while aware of its legal obligation to return overpayments on prior claims.
Recently, a whistleblower 7 case netted $671 million to settle claims that Merck overcharged Medicaid programs for four drugs, including Vioxx and Zocor, and to resolve allegations of improper marketing to doctors.
How big is the problem?
According to the National Healthcare Anti-Fraud Association (NHCAA), the United States spends more than $2 trillion on health care every year. Of that amount, NHCAA estimates conservatively that at least more than $60 billion each year is lost to fraud. 8 According to the joint Department of Health and Human Services and Department of Justice Health Care Fraud and Abuse Control Program Annual Report, during FY 2005, the Federal Government won or negotiated approximately $1.47 billion in judgments and settlements, and it attained additional administrative impositions in health care fraud cases and proceedings. The HCFAC account has returned over $8.85 billion to the Medicare Trust Fund since the inception of the program in 1997. 9
The Importance of a Compliance Plan
Because of rampant fraud and abuse issues committed by either a person or entity, Compliance Programs provide a solid framework for structuring a comprehensive range of compliance activities that are designed to:
An effective Compliance Program reflects a company's good faith commitment to identify and reduce risk and FWA. It also reflects the commitment to improve internal controls, and establish standards to which the company shall adhere. As such, a company should develop and distribute a written Code of Conduct, as well as written policies and procedures that promote commitment to compliance. Accordingly, the company should designate a Compliance Officer and Compliance Department charged with the responsibility of operating and monitoring the Compliance Program, including activities relating to the detection of FWA.
A key component to any compliance plan is auditing and monitoring on a regular basis. But no compliance plan is completely effective without training and education. Therefore, each company should make sure that each employee receives compliance training at the outset of their employment and specific job related training, at least annually.
What are the components of Anti-Fraud Plan?
The components of an anti-fraud plan can be generally stated as: detection and investigation of possible fraudulent insurance acts; reporting of possible fraudulent insurance acts 10; and education regarding the applicable laws 11.
Most companies establish and monitor a Fraud Hotline and allow for internal and external website referrals. Health plans and Medicare Advantage Prescription Drug plans, specifically, randomly select and audit claims, including pharmacy claims; and survey member population through explanation of benefits and payment (EOBs or EOPs) throughout the year for verification of services rendered and/or pharmaceuticals prescribed and received. Yet, no compliance plan or anti-fraud plan is complete without random audits of participating entities as necessary. These audits let a company know whether their delegates are performing their duties satisfactorily and allow the company to correct problems through Corrective Action Plans (CAPs) before a state or federal agency conducts its own audit. If a company does not catch suspected issues first, a state or federal agency will issue a CAP and depending on the severity of the issue may sue the company, or mandate a corporate integrity agreement, impose civil monetary penalties (42 U.S.C. §1320a-7a) 12, and/or exclude 13 the company from federal programs, such as Medicare and Medicaid.
What are the penalties for committing FWA?
Because it is a federal crime to defraud the United States Government or any of its programs, an individual may be sent to prison, fined, or both. Criminal convictions usually include restitution and significant fines. In some states, providers, and healthcare organizations may also lose their licenses. Convictions may result in exclusion from Medicare for a specific length of time. Depending on the case, the U.S. Attorney's Office may use a variety of statutes to indict and prosecute the individuals and/or entities involved. Sometimes, a combination of two or more of the statutes may be used.
The U.S. Attorney may file a civil suit, or may decide that the interest of the government is best served by settling a case. In these situations, the amount of damages plus additional money is paid to the government in the form of penalties and fines. These penalties may also include a permissive exclusion, which translates into not being permitted to bill Medicare and Medicaid for a specified number of years.
In FY 2005, U.S. Attorneys' Offices opened 935 new criminal health care fraud investigations involving 1,597 potential defendants. Federal prosecutors had 1,689 health care fraud criminal investigations pending, involving 2,670 potential defendants, and filed criminal charges in 382 cases involving 652 defendants. A total of 523 defendants were convicted for health care fraud-related crimes during the year. Also in FY 2005, the Department of Justice (DOJ) opened 778 new civil health care fraud investigations, and had 1,334 civil health care fraud investigations pending at the end of the fiscal year. DOJ filed complaints or intervened in 266 civil health care cases in FY 2005. 14
The majority of cases involve violations of the Anti-Kickback Statute (42 U.S.C. §1320a-7b(b)) and Anti-Kickback Act of 1974 (74 O. S. 1991, § 3401, et seq. ) and Stark (I, II, and III) provisions. The Anti-Kickback Statute establishes criminal penalties for offering, providing and/or receiving inducements for the referral of business reimbursable under federal health care programs (Medicare, Medicaid, VA, etc). Discounts, rebates, or other reductions in price may violate the anti-kickback statute because such arrangements induce the purchase of items or services payable by Medicare or Medicaid. However, certain arrangements are clearly permissible if they fall within a "safe harbor." 15 The Stark provision, in a nutshell, prohibits physicians from making referrals for designated health services (DHS) payable by Medicare to an entity in which he/she (or a family member) has a financial relationship. Some federally reimbursed DHS are: lab services, radiology and imaging, radiation therapy, nutrition therapy, home health services, outpatient prescriptions, and in and out-patient hospital services.
While there are many individual statutes under which the Federal government may prosecute, it is important to note that the government will attempt to use all its tools against a potential offender. This article was intended as a primer into fraud, waste and abuse. Additionally, I hope that the attorney, new to this field, understands the importance of a solid compliance plan that addresses: the laws, promotes constant vigilance, an open door policy to detect potential wrong-doing, and/or rehabilitate, remediate the matter, and lastly trains and educates a company's employees on the above concerns.
1 The Department of Health and Human Services and The Department of Justice Health Care Fraud and Abuse Control Program Annual Report For FY 2005
2 National Healthcare Anti-Fraud Association http://www.nhcaa.org/eweb/StartPage.aspx
3 Preferred Care Partners, Inc., Fraud Waste and Abuse Training Manual and Compliance Plan
4 (18 U.S.C. §1347) The Health Care Fraud Statute provides for criminal and civil penalties for anyone who executes a scheme to defraud any healthcare benefit program, or obtain, by means of false pretenses or fraudulent pretenses, any money or property
5 The False Claims Act prohibits knowingly filing a false or fraudulent claim for payment to the government, knowingly using a false record or statement to obtain payment on a false or fraudulent claim paid by the government, or conspiring to defraud the government by getting a false or fraudulent claim allowed or paid. See 31 U.S.C. 3729(a) of the Act for additional details, exclusions, and statutory exceptions.
6Civil False Claims Act (31 U.S.C. §3729); Criminal False Claims Act (18 U.S.C. § 286, §287)
7Whistle Blower, or qui tam provision as it is formally called, allows persons having knowledge of a false claim against the government to bring a civil action against the suspected wrong doer on behalf of the United States Government. Any person who files a qui tam suit on behalf of the government, known as a "relator," may share a percentage of the recovery realized from a successful action.
8National Healthcare Anti-Fraud Association http://www.nhcaa.org/eweb/StartPage.aspx
9 The Department of Health and Human Services and The Department of Justice Health Care Fraud and Abuse Control Program Annual Report For FY 2005
10 First Coast, Florida's Medicare carrier
11 Compiled from Preferred Care Partners, Inc., Fraud Waste and Abuse Training Manual and Compliance Plan and First Coast, Florida's Medicare carrier
12The Medicare and Medicaid Patient and Program Protection Act of 1987 authorizes the imposition of civil monetary penalties when it is determined that a person or entity has violated Medicare laws. Typically, penalties involve assessments of significant damages such as civil monetary penalties up to $10,000 per violation and exclusion from the Medicare program for a minimum of five years or more.
13The OIG has the authority to exclude providers who have been convicted of healthcare related offenses. A mandatory exclusion exists if there is a conviction of fraud. In the absence of a conviction, the OIG may permissively exclude providers if certain conditions and requirements have been met. Even when the U.S. Attorney's Office declines to prosecute a case, the OIG may take action to exclude the provider from the Medicare program. Exclusion means that for a designated period, Medicare, Medicaid, and other government programs will not pay the provider for services performed.
14 The Department of Health and Human Services and The Department of Justice Health Care Fraud and Abuse Control Program Annual Report For FY 2005
15 Safe harbor provisions protect certain individuals, providers, or entities from criminal prosecution and/or civil sanctions (when certain requirements are met) for actions that may appear as unlawful or inappropriate according to Medicare law. The Department of Health and Human Services established the Safe Harbors for Protecting Health Plans in accordance with the Medicare and Medicaid Patient and Program Protection Act of 1987 (42 CFR 1001.92). The safe harbors are updated annually to consider changes to medical delivery systems and new financial relationships.
About the Author
Alicia M. Robles is staff attorney at Preferred Care Partners, Inc., a Medicare Advantage Organization, in Miami, Florida. She may be reached at firstname.lastname@example.org.