Health IT Must Target Fraud, Group Says

By M.L. Baker  |  Posted 10-17-2005
Health information technology can—and should—be designed to prevent fraud. Such are the conclusions of two studies announced Monday by the AHIMA.

Introducing the researchers Monday, national health IT czar David Brailer said he'd commissioned the studies in part because of widespread assumptions that health IT could promote fraud by automating fake claims.

The researchers examined fraud prevention techniques in the highly automated and interconnected financial services sector for ones that could apply to health care. They also interviewed vendors and federal agencies who monitor health care fraud.

Copies of the reports are available here.

In the financial services sector, said Linda Kloss, CEO of AHIMA (American Health Information Managers Association), fraud costs 7 cents for every $100 processed.

In health care, an estimated 3 percent to 10 percent of all paid claims are believed to be a fraudulent, costing the health care industry between $51 billion and $170 billion each year.

Fraud takes many forms, such as incorrectly reporting procedures and diagnoses to boost payments and billing for services that weren't performed.

It is committed by patients, providers, and several kinds of intermediaries.

One study examined how fraud could be impacted by computer-assisted coding, or software that automatically generates codes from physicians' documentation of patient visits.

It is generally used when the kind of documentation varies little, like endoscopies.

The report says that data profiling, advanced analytic models, and rank scoring methods could be used by artificial neural networks to detect fraud.

However, savings will not be realized until the level of EHR adoption and common standards reach a higher threshold.

That's partly because the fraud detection systems would rely on national statistics to find fraudulent behavior.

In addition, the report concludes that coding products should be certified for consistency and reliability.

The conclusions, Brailer said, were heartening.

"Coding systems have the potential to prevent fraud, not just detect it."

Kloss said that fraud preventing systems should not be tailored to quash known scams because swindlers would quickly adapt.

Instead, she said, systems must be built to inherently proactively detect and prevent fraud.

She implied that much of the techniques to prevent fraud would also be those required to enhance security, such as the ability to audit who saw which patient and who coded in diagnosis information.

"There aren't magic bullets; it's a whole set of practices, many of which are good health management practices," she said.

Brailer said that many feel that fraud can be prevented if patients have unique health identifiers to track their health care.

However, he said, the use of such identifiers is unlikely because many patients feel more secure with "federated identities," or separate identifiers in separate health systems.

The notion of a voluntary patient ID system, however, is being explored.

As part of the second study, researchers developed a set of principles necessary to make health information technology proactively resist fraud.

1. The NHIN (Nationwide Health Information Network) policies, procedures and standards must proactively prevent, detect and reduce health care fraud rather than be neutral to it.

2. EHRs and information available through the NHIN must fully comply with applicable federal and state laws and meet the requirements for reliability and admissibility of evidence.

3. A standard minimum definition of an LHR (Legal Health Record) must be adopted for EHRs (electronic health records).

4. Comprehensive Healthcare Fraud Management programs must enable rather than inhibit nationwide EHR adoption.

5. Health care fraud management is the responsibility of all health care stakeholders.

6. Increased consumer awareness of health care fraud and the role health information technology and EHRs play in its reduction can improve the effectiveness of health care fraud management programs.

7. EHR standards must define requirements to promote fraud management and minimize opportunities for fraud and abuse, consistent with the use of EHRs for patient care.

8. Standardized reference terminology and up-to-date classification systems that facilitate the automation of clinical coding are essential to the adoption of interoperable EHRs and the associated IT enabled health care fraud management programs.

9. Fully integrate and implement fraud management programs and advanced analytics software in interoperable EHRs and the NHIN to achieve all of the estimated potential economic benefits.

10. Data required from the NHIN for monitoring fraud and abuse must be derived from its operations and not require additional data transactions.