Recently the Office of Inspector General provided a video on fraud in the DMEPOS world. To say that this is a surprise, one would have had to live under a rock for the last decade. Medicare fraud is especially rampant in DME, genetic testing and home health. Unfortunately, many patients (myself included) have become victims of Medicare fraudsters because it is just too easy to obtain PHI and it takes the government too long to stop and prosecute these cases. By the time many fraudulent schemes are identified, they and/or their funds have long left the country.
Providers play an integral role in stopping or reducing the incidence of fraud across all insurance platforms. This can be done by following the following recommendations:
Provide all your patients with a statement of what will be billed to their insurance carrier at the time the service is provided. Let them know that they can always contact your office if they suspect that some entity is using your provider and office identifiers (NPI, PTAN etc.) This is especially true if they are not familiar with the referring entities’ name and/or they were not in your office on that date. If necessary, their third-party insurance customer service number can always be contacted after they speak with you or a staff member. Remind patients that this information may be found on their insurance company’s identification card. Medicare beneficiaries can call 1800Medicare.
Be sure that all your staff understand the need to keep PHI confidential Each employee must have their own username and password into your electronic health record system (EHR). Access to various parts of the EHR and/or billing records must be limited based on their responsibilities.
Be sure that Wi-Fi for the practice’s computer system is not shared with patients, sales representatives, the public or your employees. Cell phones, tablets and all digital communication tools not used for the practice should have separate Wi-Fi access points (if any).
Antiviral and robust encryption software should be used on all workstations, servers, etc. to make these systems as “bullet/hack proof” as possible.
If you moved or closed a practice, be sure and contact Medicare or your third-party payer to disenroll that location. The use of stolen PTANs or infrequently used PTAN is not unusual.
The result of these fraudulent activities to honest providers includes significant hurdles in the enrollment process especially for Medicare DMEPOS, prior authorization programs and both pre and post payment audits from a vast array of carriers. All of this has created additional costs for every ethical and honest DMEPOS provider and it has also interfered with patient care.
You, the provider, play an essential role in reducing fraud and abuse. Your patients have entrusted you with their PHI and it’s your obligation to protect it. Stolen PHI is worth anywhere between $250-$1,000 on the dark market or dark web.
If you know the rules and follow them, then proper documentation will allow you to easily pass audits. By passing a pre-payment Target Probe and Educate (TPE) audit, Medicare will grant you immunity from similar TPE audits for 365 days. Passing audits can reinforce that you are following the rules and providing excellent care, all the while saving the system money. After all, isn’t that what we all signed up for when going into practice? Providing ethical and effective care that allows us to sleep at night; while allowing us to live a comfortable lifestyle and knowing we not only did no harm but provided our patients with the best possible outcomes!
