Shifts in federal focus on healthcare fraud during the COVID-19 pandemic

A public health emergency is a ripe opportunity for potential fraud schemes in the healthcare industry, and the evolving threat is continually being assessed and combated by the federal government.

In an Aug. 31 MGMA webinar, “Protect Your Practice: Healthcare Fraud and the Federal Perspective,” Kathleen McGinty, JD, deputy director of the Investigations & Fraud Prevention Partnerships Group (IFPPG) of the Centers for Medicare & Medicaid Services’ (CMS) Center for Program Integrity (CPI), noted that fraud schemes targeting medical practices and federal programs have changed during the COVID-19 pandemic.

The CPI’s mission focuses on protecting the resources for national healthcare programs, as well as the health and well-being of beneficiaries of CMS programs. “Never has this mission been more important than during the COVID-19 public health emergency, where we saw rapidly rising fraud schemes that directly impacted the health and well-being of our beneficiaries, as well as the public at large,” McGinty said.

McGinty, who spent time as a critical care nurse in addition to working in healthcare fraud investigations, said it’s been important to understand the impact that fraud investigations can have on providers in such a stressful time. McGinty called it a “delicate balance” of trying to avoid overburdening healthcare providers with records requests and investigations during the public health emergency (PHE) yet still addressing emerging fraud schemes. “We did see bad actors exploit some of our waivers that we put in place.”

Did you know?

The Center for Program Integrity (CPI) — with a primary focus on deterring, reducing and eliminating improper payments, fraud, waste and abuse in Medicare and Medicaid programs — has the following core functions:

• Protect beneficiaries and safeguard taxpayer dollars while balancing provider burden
• Promote the integrity of the Medicare and Medicaid programs and CHIP through provider/contractor audits and policy reviews
• Identify, monitor and resolve program vulnerabilities
• Oversee all CMS interactions and collaboration with key stakeholders relating to program integrity (i.e., U.S. Department of Justice, DHHS Office of Inspector General, state law enforcement agencies, other federal entities, CMS components)
• Reduce improper payments across Medicare and Medicaid programs
• Increase savings from prevention and recovery
• Improve patient safety by ensuring appropriate healthcare services.

Getting to root causes

The CPI’s goal of identifying, monitoring and resolving program integrity vulnerabilities requires several different groups to approach investigations with a wide lens to spot troubling trends and what prompted them. “You can’t stop fraud one investigation at a time,” McGinty said. “You really have to have a comprehensive approach to addressing fraud, waste and abuse,” which means looking for root causes of fraud schemes.

“We have to get at the root problem,” which can then lead to prepay reviews that can mitigate problems before they turn into improper payments that need recovery, McGinty said.

In many respects, the role of provider enrollment and oversight within CPI is an important first effort to “keep bad actors out” of CMS programs. “Background checks and screenings are done on all of our program integrity providers, and then we have systems that consistently check for license issues or healthcare fraud convictions,” McGinty added.

Another way in which CPI works to mitigate fraud is through a data analytics and systems group that looks over all Medicare claims to spot “improper or aberrant billing behaviors” and prevent future improper payments, McGinty added.

For McGinty’s group — which has oversight over all the investigative processes for the Medicare program — the work is focused on developing a national fraud, waste and abuse strategy, as well as serving as primary liaison for law enforcement and overseeing the five regional unified program integrity contractors (UPICs) that perform investigations.

Investigations and case coordination

There are thousands of investigations conducted each year by CPI. “Since 2018, we’ve seen more than 3,000 cases from our UPICs and our I-MEDIC (investigations Medicare drug integrity contractor) … and we’ve seen about 2,000 law enforcement referrals and thousands of program integrity administrative actions,” McGinty said.

But even outside the scope of the COVID-19 pandemic, McGinty said the goal for investigations and case coordination is “to use the right tool, at the right time, in the right order … you don’t want to use a hammer when you can just push a thumbtack in” to avoid overly burdening providers. In many cases, education for providers is needed more than any type of enforcement action, such as payment suspensions or law enforcement referrals, she added.

Pre-pandemic successes in healthcare fraud takedowns

In April 2019, Operation Brace Yourself resulted in federal indictments and other law enforcement actions for illegal kickbacks and bribes involving 24 defendants across five telemedicine companies and more than 100 of durable medical equipment (DME) companies involved in about $1.2 billion in fraudulent losses.¹ The scheme involved companies billing for medically unnecessary DME after using international telemarketing networks, with call centers in the Philippines and Latin America working to exploit hundreds of thousands of elderly and disabled patients. Doctors were paid to provide DME either without patient interaction or merely a brief telephone conversation, and the proceeds were laundered through international shell companies.

The Appalachian Regional Prescription Opioid (ARPO) Strike Force had two significant takedowns in 2019. The first (in April) resulted in charges against 60 individuals for more than 350,000 fraudulent prescriptions for opioids and other controlled substances.² Another takedown in September charged 13 people (including 11 physicians) of overprescribing via “pill mill” clinics that resulted in more than 17 million pills being distributed.³

The evolution of fraud during the pandemic

The arrival of the pandemic brought the added threat of new fraud schemes associated to it. “As soon as COVID-19 became a part of the United States, so did the emerging fraud schemes,” McGinty said. Overall, more than 1,000 investigations have been launched during the PHE, McGinty said, and overall investigations have increased by 50%.

Especially with the rapid expansion of Medicare telehealth offerings during the PHE, fraud in the realm of telehealth became a major concern for CPI in the past year and a half.

In some telemedicine fraud schemes, false and fraudulent claims were submitted for telemedicine encounters that did not occur, or services were misrepresented (e.g., upcoding a brief call by billing for 60 minutes), McGinty said. There also were issues of downstream billing associated with medical professionals being paid bribes in exchange for the referral of medically unnecessary items or services (e.g., orthotic braces, genetic testing).

In September 2020, the Department of Justice (DOJ) announced its largest healthcare fraud and opioid enforcement action in history: 345 individuals were charged with submitting more than $6 billion in false and fraudulent claims, of which more than $4.5 billion was connected to various telemedicine fraud schemes.⁴

This takedown effort built on what was learned from the DME and telemedicine fraud scheme from Operation Brace Yourself. More specifically, the September 2020 takedown involved telemedicine executives allegedly paying doctors and nurse practitioners to order unnecessary DME, genetic and other diagnostic testing and pain medications, either without any patient interaction or with only a brief telephone conversation with patients they had never met or seen. The DME companies and participating labs and pharmacies purchased those orders in exchange for illegal kickbacks and bribes and submitted false and fraudulent claims to government payers.⁵

McGinty noted that the 2020 takedown focused heavily on the medical professionals who made the orders and referrals. “These fraud schemes really can’t happen unless someone is turning the key and opening the door,” she said. “Unless a physician or someone authorized to write an order for a service does that, these schemes would not be able to move forward.”

More recently, a coordinated law enforcement effort brought criminal charges against 14 individuals in May 2021 for alleged COVID-19-related healthcare fraud that resulted in more than $143 million in false billings.⁶

In this instance, multiple defendants were alleged to have offered COVID-19 tests to Medicare beneficiaries to induce them to provide their personal identifying information and a saliva or blood sample, which led to the alleged misuse of the information and samples to submit claims to Medicare for unrelated, medically unnecessary and far more expensive laboratory tests, including cancer genetic testing, allergy testing and respiratory pathogen panel tests.⁷ Beyond the cost to taxpayers, the COVID-19 test results often weren’t provided to beneficiaries in a timely fashion or were not reliable. In some cases, results were never provided to patients or their primary care doctors.

Schemes of concern

While false and fraudulent claims are a key to many of these schemes, McGinty cautioned that identity theft increasingly is being designed into fraud attempts to use beneficiaries’ information to bill government programs.

McGinty said some of the primary methods used by healthcare fraudsters to steal personal information include:

• Use of telemarketers cold-calling beneficiaries
• Text messaging
• Internet/social media advertising
• Door-to-door solicitations and marketers in high-visibility locations (e.g., store and church parking lots)
• Fake drive-through COVID-19 testing sites and fake websites.

Most recently, McGinty pointed to new COVID-19 vaccine and testing fraud schemes, involving offers to sell or buy fake vaccination cards, illegitimate COVID-19 contact tracers who steal identities, as well as illegitimate COVID-19 tests and vaccination/testing sites.

Taking action

McGinty stressed that CMS, DOJ, the Department of Health & Human Services (HHS) Office of Inspector General (OIG) and FBI will issue alerts when fraud schemes are identified, and that healthcare providers should pay close attention to these alerts.
Key areas to report tips include:

• The HHS-OIG hotline: 1-800-HHS-TIPS or tips.hhs.gov
• The FBI hotline: 1-800-CALL-FBI or ic3.gov
• The CMS/Medicare hotline: 1-800-MEDICARE.

As the CPI groups have built strong collaborations with law enforcement and other federal agencies, McGinty said there’s no bad channel to use to report suspected fraud.

Notes:

1. DOJ. “Federal Indictments & Law Enforcement Actions in One of the Largest Health Care Fraud Schemes Involving Telemedicine and Durable Medical Equipment Marketing Executives Results in Charges Against 24 Individuals Responsible for Over $1.2 Billion in Losses.” April 9, 2019. Available from: bit.ly/3mSKJTH.
2. DOJ. “Appalachian Regional Prescription Opioid (ARPO) Strike Force Takedown Results in Charges Against 60 Individuals, Including 53 Medical Professionals.” April 17, 2019. Available from: bit.ly/2WGPlS3.
3. DOJ. “Second Appalachian Region Prescription Opioid Strikeforce Takedown Results in Charges Against 13 Individuals, Including 11 Physicians.” Sept. 24, 2019. Available from: bit.ly/3gSKRPe.
4. DOJ. “National Health Care Fraud and Opioid Takedown Results in Charges Against 345 Defendants Responsible for More than $6 Billion in Alleged Fraud Losses.” Sept. 30, 2020. Available from: bit.ly/3yC9TZd.
5. Ibid.
6. DOJ. “DOJ Announces Coordinated Law Enforcement Action to Combat Health Care Fraud Related to COVID-19.” May 26, 2021. Available from: bit.ly/3yCqwne.
7. Ibid.