Claim Denied? Fraud Score May Be to Blame

The push for health care reform has produced a new layer of bureaucracy in the processing of health insurance claims that may expose patients’ medical records and delay payments to medical providers.

The political pressure to reduce health-care costs is forcing many health-insurance companies to reconsider how they detect and combat fraud. Health insurance fraud is estimated to cost insurers at least $68 billion to $70 billion a year, or 3% of total health care spending, according to the National Health Care Anti-Fraud Association, or NHCAA, an industry group. (Fraud includes health-care providers billing insurance companies for procedures that were never performed, performing services that are not medically necessary or overcharging for services.)

To detect fraud, insurers have historically used a so-called pay-and-chase method: They reviewed claims after paying them, and if fraud was suspected, they tried to recover their money. It was no easy task -- the worst case scenario could involve expensive collections efforts or lengthy courtroom battles.

Now, insurers are increasingly focusing on a new method to fight fraud that they say is more effective and less expensive. They’re trying to detect fraud before paying a claim, says Louis Saccoccio, the executive director of NHCAA.

How do they do that? The same way credit card companies try to predict the risk that a consumer will fail to pay their bills: They analyze huge databases of information to generate numeric scores.

Before a claim is approved, it is scored for the likelihood that it is fraudulent. The higher the score, the bigger its risk for fraud, waste or abuse.

The technology has been in the making for the past five to ten years, but health care reform has made it a more sought-after product by companies eager to show they are doing all they can to cut costs.

“Health care reform is a tremendous lift to our business,” says Russell Schreiber, a global vice president at FICO, the Minneapolis-based company that calculates the popular FICO credit scores. “The market is taking off like gangbusters with incredible pent-up demand to get this waste out of the system.”

FICO’s product, FICO Insurance Fraud Manager 3 – Health Care edition, scans enormous volumes of claims data and looks for patterns and abnormalities within the numbers. For example, if a claim contains charges for procedures that are deemed too expensive based on other records in an insurer’s database, the claim will be flagged with a high score prompting further investigation by the insurer.

Many businesses, including lenders, utility companies and wireless service providers, already use such technology to calculate identity scores, measuring the risk that a credit application or transaction is fraudulent. And much in the same way their efforts can inconvenience consumers – your application for credit may be flagged if you moved recently and you may be required to present additional proof of identity – the claims-scoring technology can impact patients, as well.

Steve Biafore, the executive vice president of analytics at San Diego-based Global Analytics, says that such models are more prone to error when applied to health care than when used by lenders. In the financial industry, companies can easily build a database of known valid and fraudulent transactions, but that’s not the case with health care claims where most fraud goes undetected. (In contrast, most fraudulent credit-card transactions are detected when card holders check their monthly statements.)

“What that means is if I’m a guy who’s trying to build a model today, I’m at a bit of a disadvantage,” says Biafore, who built a similar program for Australia’s state-run health system.

Billing fraud or abuse is also difficult to establish because it can be subjective. “It may be fraud, but it may also be a doctor delivering unusually good care,” Biafore says. “It’s not really the case that you can automate this problem as you can with credit cards.”

Insurance companies that use this technology already say that flagged accounts are never denied outright and fraud alerts are always vetted by a human being. “We don’t just take data, jump on it and make an accusation which may or may not be founded,” says Michael Brandt, who now leads the special investigations team at Blue Shield of California. “It’s only a program that points us in a direction.”

But a false positive, a legitimate claim flagged as potential fraud, may delay payment to the health provider who could then bill the patient. In many cases, the patient may be interrogated by the insurer about the types of medical services they received.

And if you thought your medical records were private, think again: HIPAA, the Health Information Privacy Protection Act, does not apply when fraud investigations are conducted by insurance companies or third-party investigation services providers.

“We call it the anti-fraud loophole,” says Pam Dixon, the executive director of the World Privacy Forum, a San Diego-based nonprofit group that studies the accessibility of personal information. “Anti-fraud is a really big area where there are just no privacy protections.”

NHCAA’s Saccoccio says health insurance contractors are subject to the same HIPAA requirements as health insurers themselves. And if a contractor violates HIPAA, the insurer would also be held responsible.

The developers of these models say they don’t use individuals’ identifying information in their analysis. FICO says the company’s models analyze information on medical providers and procedures and ignores individual names or Social Security numbers. Ingenix, an Eden Prairie, Minn.-based subsidiary of UnitedHealth (UNH), also uses anonymous information, according to Christopher Dorn, a senior executive with the company. But the Ingenix model does incorporate a patient’s address; one of the factors that increase a claim’s score is whether a patient travels to receive medical care.

“There’s routine monitoring of your bank accounts, credit cards, health-care claims data, and a million other things about you,” says Malcolm Sparrow, a Harvard University professor and author of "License to Steal: Why Fraud Plagues America's Health Care System." “A universe of data gets scanned every day and that shouldn’t be a surprise.”