Topics
More on Compliance & Legal

Digital transformation demands a whole new level oversight to avoid healthcare fraud

AMA Washington Counsel Paul Westfall says systems need controls, policies and procedures and digital health requires strict technical oversight.

Beth Jones Sanborn, Managing Editor

The federal government estimates that over $36 billion in improper fee-for-service Medicare payments have been racked up and the industry overall is wrought with fraud and abuse. Part of it is the nature of the business, said Paul H. Westfall, Washington Counsel for the American Medical Association.  It's a very high-transaction and high-volume sector that also carries very fragmented delivery, payment and legal systems.  So there is a lot that could potentially not get caught.

Systems often don't have the right internal controls, policies and procedures in place to safeguard an asset, provide reliable financial information, promote efficient effective operations and ensure policy compliance.

"Part of it is also the lack of education that providers and suppliers do not really know what a fraud scheme looks like or whether they are unknowingly participating in one," Westfall said.

Those gaps are among the topics Westfall will address in an upcoming session at HIMSS19 called "Applying the Fraud and Abuse Laws in Digital Health."

Everything has a vulnerability to fraud, he said, and he will elaborate on how the traditional landscape of fraud, waste and abuse compares to the digital landscape of fraud waste and abuse.

For one thing, though digital health technologies are being used to increase value and better coordinate care for Medicare beneficiaries, which is good thing, providers can run afoul of the fraud and abuse laws especially if they aren't operating under a fraud and abuse waiver.

"Currently we don't have any broad stark or anti kickback waiver to cover value-based care," he said.

The biggest tool to combat or prevent fraud? An effective compliance program, Westfall says. But be aware that a compliance program is not a one size fits all despite the set-in-stone requirements. It really depends on the resources of the organization and what they are focused on.

For healthcare technology, stakeholders should focus on who has access, who authenticates it, who has authorization over the use of that tool and the connection to the portal and make sure you have strong management and internal controls. And if you can, build your compliance program before you actually "need it."

"I think it is always great to have one. Obviously there are some administrative costs but it's very good to see that you are being proactive so that you can try to detect and prevent fraud waste and abuse from happening so you don't have the enforcement angle come after you."

Westfall will delve more deeply into the fraud and abuse landscape at HIMSS19 in a session titled "Applying the Fraud and Abuse Laws in Digital Health." It's scheduled for Thursday, February 14, from 1:00-2:00 p.m. in room W307A.