CBS journalists recently investigated the prevalence of Medicare fraud and its relationship to rising data breaches.
What happened
A CBS news team took six months to speak with over a dozen Medicare recipients who had reported fraudulent activity on their accounts. The investigation focused on Texas residents and the years-long impact fraud can have on their credit and access to care.
CBS said, “Instead of funding healthcare, [medicare fraud] money has become an income stream for suspected criminals.”
The team exposed one company in Grand Prairie Texas that was suspected of over $200 million in fraudulent billings. Once the company was exposed, those in charge disappeared, leaving patients to deal with the ramifications.
CBS uncovered multiple stories of victims who had been billed for months of fraudulent claims and then told those claims could take years to resolve.
Although the majority of fraudulent companies were based in Texas, they targeted residents across the nation, with some residing in Philadelphia.
In June, the U.S. Justice Department cracked down on healthcare fraud and charged 193 individuals with claims that totaled over $2.7 billion. None of the Texas companies were part of the crackdown, meaning that many individuals may still be victimized by these schemes.
Going deeper
According to government reports, it’s estimated that $60 billion is lost annually because of Medicare fraud.
In order to submit Medicare claims, those submitting need a patient’s Medicare account number and the National Provider Identifier (NPI), which is a number identifying the provider.
As breaches increase–it’s estimated that the healthcare sector is the number one target of ransomware attacks–fraudulent billing incidents have also skyrocketed. CBS reported that earlier this year, Medicare suspended the accounts of 11 medical suppliers suspected of fraudulent billing. These companies alone were estimated to have billed $3 billion for urinary catheters.
Cybersecurity expert Ben Singleton, who owns NetGenius, said there is likely a connection between Medicare fraud and increased data breaches. Singleton believes these hacks are the result of the medical sector having extremely weak cybersecurity rules. “Until a breach happens and your medical information gets disseminated online, there’s no enforcement of HIPAA regulations,” he said.
The big picture
Medicare fraud points to the larger concerns within the healthcare sector regarding cybersecurity.
When healthcare companies face data breaches, it’s common for them to warn victims about the potential for fraud and identity theft. While these warnings are helpful, it can be difficult for victims to prevent theft or fraud if the process has already begun.
With repercussions that can take years to resolve, healthcare companies should be mindful of not only how data breaches impact their company, but how these breaches can impact their patients.
Related: HIPAA Compliant Email: The Definitive Guide
Abby Grifno
