VOLUME 2, ISSUE 2: Keep Your Practice's Data Secure

Perfecting Your Practice

How to Maximize Your Medical Practice Operations to Prevent Fraud, Waste, and Abuse

Plan ahead, be aware of common methods of fraud, and stay vigilant.

Kenneth T. Hertz, FACMPE

At A Glance
  • There are many methods of committing fraud in medical practice, including submitting false claims, billing for unnecessary medical services, and charging excessive amounts for medical services.
  • Fraud can be committed by anyone, from health care providers, patients, and insurance companies, to organized crime groups.
  • Being aware of the potential areas of weakness in your practice and implementing guidelines and procedures to address them will help protect your practice and your patients from fraud, waste, and abuse.

Every year, health care–related fraud, waste, and abuse drain millions of dollars from the health care industry. According to the Office of the Inspector General’s (OIG’s) 2018 National Health Care Fraud Takedown report, the fraud and abuse offenses committed by the individuals charged in the takedown cost our nation’s health care programs about $2 billion.1

Fraud, waste, and abuse come in many forms, from submitting false claims, billing for unnecessary medical services or charging excessive amounts for medical services, to the financial mismanagement of a medical practice by its employees. All of these drain the health care ecosystem, increasing costs to government, health care providers, medical practices, and patients through higher premiums, higher payroll taxes, and higher operating costs. Financial losses aren’t the only negative consequence of health care fraud; it can also physically harm patients who receive inadequate care or unnecessary services.

Health care fraud, waste, and abuse can be committed by providers, insurance companies, patients, and organized crime groups alike. Although committed by a very small percentage of people, these activities can wreak havoc on a health care operation and all of the parties involved in it. Schemes to commit fraud are constantly evolving as people seek out new ways to cheat the system and take advantage of opportunities.


Fraud, Waste, and Abuse

This article addresses several of the most common methods of health care fraud, waste, and abuse. It is not intended as an exhaustive list.

Fraudulent Billing or Claims

This form of fraud involves billing or submitting claims for services that were not performed or for more expensive services than were performed. It occurs when individuals, health care organizations, insurance companies, or government entities (eg, Medicare and Medicaid) are involved in fraudulent activities related to submitting incorrect information for financial gain.

Falsifying a Diagnosis

A health care provider purposefully submits an incorrect claim or payment.

Submitting Claims for Waived Charges

This method of fraud involves waiving patient deductibles or copayments on a regular basis but submitting claims for the money anyway.


An individual or entity receives benefits—financial or otherwise—in exchange for doing a favor.

Unnecessary Prescriptions and False Claims

A medical professional prescribes medications to patients who do not need them and submits falsified claims for those unnecessary medications.

Medical Identity Theft

An individual gains access to someone else’s personal information without consent, in order to submit a false medical claim.


Health care administrators should think about fraud, waste, and abuse broadly in their day-to-day operations. Taking the time to look closely at the activities and people at the core of their financial operations may help prevent fraudulent activity and protect their practices in the long term.

Fraud, waste, and abuse occur on the financial and operations sides of a medical practice. More often than not, these illicit activities involve mismanagement of a practice’s finances, theft, and, in worst-case scenarios, embezzlement.


Medical practices, regardless of their size, can take a few simple business operational steps to build barriers against fraud, waste, and abuse.

No. 1: Financial Background Checks

Conduct background checks on the individuals within the practice who handle money, billing processes, and any other aspect of your practice’s finances. This is a simple way to ensure that your practice’s financial operations are being managed by responsible, honest, and financially fit individuals. Your practice’s certified public accountant or legal counsel can direct your practice administrator to companies who specialize in conducting employee background checks, which can uncover the educational background, criminal record, credit score, and employment history of an employee, among other things.

No. 2: Zero Tolerance Policy

Create a policy of zero tolerance for fraudulent and dishonest activities in your practice and be up front about your high expectations with new employees. Meeting with all staff on a quarterly basis is an effective way of reminding your employees of your expectations.

No. 3: Protect Your Assets

Create a healthy workplace with an open-door policy and an environment in which employees feel empowered to discuss questionable activities. Ensure that all staff members are bonded and covered by fidelity bonds so that your practice is protected in the event that an employee commits fraud. Your practice administrator can use resources available on the internet to educate himself or herself about fidelity and surety bonds.

Before purchasing a bond, speak to a commercial insurance agent who can point you in the right direction, instruct your practice administrator to speak to your practice’s certified public accountant about the available resources in your area, or contact your local professional association for assistance.

No. 4: Create Checks and Balances

Be sure that more than one individual is responsible for conducting your practice’s financial- and billing-related operations.

No. 5: Implement Daily and Monthly Reconciliations

Reconcile cash receipts daily and review your monthly bank reconciliations every month to ensure that the cash received on a daily or monthly basis matches the cash receipts on the practice management system. If the system balance and the actual cash balance don’t match, dig deeper. Something may be amiss!

No. 6: Create Safe Data Storage Options

Design and implement a plan for effective health care data storage in your practice. Consider all of the data storage options available to you, including onsite and cloud options, to ensure that all patient data are stored safely and securely. You should also train employees who are responsible for handling patient data and payment information on how to safely store data. Be clear about possible repercussions from a data breach. Read this issue’s feature story, Cybersecurity for the Ophthalmic Practice, for more information on this topic.

No. 7: Conduct Surprise Employee Checks

Regularly perform unscheduled checks of your employees to ensure they are performing their duties as required. Just because you implement new guidelines and procedures doesn’t mean all of your employees are adhering to these rules. Never let your guard down. By conducting surprise checks, you can avoid large mistakes in the future.

No. 8: Audit

Practices that have the financial resources to do so should have an external party perform a thorough audit every few years. For example, if you’ve had the same person managing financial operations for 10 years, it’s likely time to have an audit.


Taking the steps I have outlined will help you identify potential security risks in your practice and mitigate the potential fallout from dishonest or fraudulent activities that may be taking place. The goal of putting these procedures in place is to discourage people from taking advantage of your systems in the future. Implementing all of these steps at once could be overwhelming for a small medical practice. Start by taking some simple steps to scale these procedures up based on your staff availability and internal business objectives and priorities.

If you are looking for assistance from experts on fraud prevention within the health care industry and community, see Additional Support for a list of options.

Additional Support
  • State associations for medical practice managers can be a valuable resource.
  • Retired certified public accountants in your area may serve as community volunteers who can to lend expertise.
  • A consultant can create a full compliance plan and/or conduct compliance training for you and your employees.
  • National organizations such as Medical Group Management Association or American Medical Group Association can offer additional assistance and information.
  • The Centers for Medicare and Medicaid Services has several resources on its website: cms.gov/outreach-and-education/medicare-learning-network-mln/mlnproducts/providercompliance.html or bit.ly/Hertz0519.
  • The Office of the Inspector General is another online resource that can be accessed here: https://oig.hhs.gov/compliance/ or bit.ly/OIG0519.
  • Many law firms that specialize in health care offer assistance for developing compliance plans on their websites.

1. Office of the Inspector General. 2018 National health care fraud takedown. oig.hhs.gov/newsroom/media-materials/2018/takedown/2018HealthCareTakedown_FactSheet.pdf. Accessed May 1, 2019.