A review of the risk that health insurers are exposed to, especially when reimbursing claims

Health insurers are exposed to a variety of risks that may affect their financial performance or reputation. These risks include fraud risk, underpayment risk, legal liabilities, and reputational risk.

  • Fraud risk refers to the risk that a healthcare provider engages in fraudulent activities to increase reimbursement from the insurer.
  • Underpayment risk refers to the risk that insurers do not receive the full amount of payment that they are entitled to for the medical services or procedures provided to their customers.
  • Legal liabilities refer to the potential legal liabilities that an insurer face as a result of its actions or conduct.
  • Reputational risk refers to the risk that an insurer suffer harm to its reputation or credibility as a result of its actions or conduct.

This article provide an in-depth look at the various risks that health insurers are exposed to, identifying each risk, defining it, giving examples, and outlining the array of strategies that health insurers may implement to prevent those risks to materialise.

fraud risk

upcoding, unbundling, phantom billing, and identify theft

Upcoding. A common type of fraud is known as upcoding. It occurs when a healthcare provider bills an insurance company for a more expensive service than actually provided. For instances, a provider may bill a surgical procedure when only a simple medical examination is performed, or a provider may bill a higher level of care than the one actually provided.

UPCODING MEDICARE: IS HEALTHCARE FRAUD AND ABUSE INCREASING? - PubMed
Medicare fraud has been the cause of up to $60 billion in overpaid claims in 2015 alone. Upcoding occurs when a healthcare provider has submitted codes for more severe conditions than diagnosed for the patient to receive higher reimbursement. The purpose of this study was to assess the impact of Med…

Unbundling is another type of health insurance fraud in which a healthcare provider submits individual charges for procedures or services instead of billing a package or bundled rate, thereby aiming to increase reimbursement from insurance companies. For instances, a provider might submit individual charges for each step of a surgical procedure, instead of billing for the entire procedure as a single charge, or charges for each diagnostic test, instead of billing for the tests as a package.

SELECTED CASES
This is archived content from the U.S. Department of Justice website. The information here may be outdated and links may no longer function. Please contact webmaster@usdoj.gov if you have any questions about the archive site.

Phantom billing is a type of health insurance fraud in which a provider bills for medical services or procedures that were not actually provided to the patient. It is often committed by providers to create fake or fictitious claims in order to increase their reimbursement from insurance companies. For instances, a provider may bill for a medical procedure that was not performed on the patient (a surgical procedure or diagnostic test), for medical supplies or equipment that were not used on the patient (medications or durable medical equipment), for services or procedures that were not medically necessary (unnecessary tests or treatments).

To address upcoding fraud, unbundling fraud, and phantom billing fraud, health insurers may:

  1. develop and implement clear billing guidelines and policies for providers;
  2. audit and review the billing practice of providers;
  3. educate providers on proper billing practices and on the consequences of fraud;
  4. implement advanced data analytics and machine learning;
  5. work with law enforcement or other organisations to investigate and prosecute instances of fraud.
💡
In 2007 in Miami, Florida, the Medicare Fraud Strike Force (with the Department of Health and Human Services' Office of Inspector General and the FBI) conducted an operation that discovered several healthcare providers that submitted false or inflated claims to Medicare (the US government healthcare program for seniors and disabled individuals), for services that were not provided or were medically unnecessary. The false claims sent to Medicare represented $100 million. It resulted in the indictment of over 40 individuals, including doctors, nurses, and other healthcare providers. 
#07-339: 05-09-07 Strike Force Formed to Target Fraudulent Billing of Medicare Program by Health Care Companies

Identity theft is a type of fraud in which an individual uses another person's personal information like their name, Social Security number, or insurance policy number, without their knowledge or permission. For instances, a fraud perpetrator may use use someone else's identity and insurance policy to obtain medical services or procedures without paying for them, or submit false claims of medical expenses or benefits that were not actually incurred. Alternatively, a fraud perpetrator may sell or trade personal health information on the black market.

In addition to the strategies applying to the other types of fraud mentioned previously, health insurers may prevent prevent identity theft by implementing robust security measures to protect the data of their customers, notably by using encryption and secure authentication protocols.

Anthem: Hacked Database Included 78.8 Million People
The health insurer said the database that was penetrated in a previously-disclosed hacker attack included personal information for 78.8 million people.

underpayment

claim denial and claim adjustment

Underpayment risk is the risk that a health insurance company does not receive the full amount of payment that it's entitled to for the medical services or procedures that are provided to its customers. We identify two types of underpayment risk, namely claim denial and claim adjustment.

When a provider's claim for payment is denied by the insurance company, because the claim is incomplete, inaccurate, or because the services or procedures were not covered under the customer's insurance policy, then that's an instance of claim denial.

On the other hand, claim adjustment is a type of underpayment risk that occurs when a provider's claim for payment is adjusted downward by the insurance company, either because the provider charged too much for the services or procedures, or because the services or procedures were not medically necessary.

To prevent claims from being denied or adjusted, health insurers may resort to strategies similar to those used to manage fraud  risk. For instances, they may:

  • make sure that claims are complete and accurate by having clear billing guidelines;
  • address proactively any issue or concern with the provider's billing practice by conducting regular audits and reviews;
  • prevent claims from being denied or adjusted by ensuring that providers understand their obligations and responsibilities;
  • deter providers from engaging in fraudulent or abusive billing practices, by working with law enforcement and other organizations to investigate and prosecute instances of fraud.

breach of contract, discrimination, unfair trade practice, privacy violations, and professional liability

Health insurer are exposed to a variety of legal liabilities, which depend on the case's specific circumstances. Some of the most common legal liabilities an health insurer faces are breach of contract, discrimination, unfair trade practices, privacy violoations, and professional liability.

A breach of contract arises when an insurer fails to fulfil its obligations under the terms of an insurance contract, e.g., failing to pay a claim that's valid, or providing inadequate coverage.

Discrimination liabilities arise when an insurer treats certain individuals or groups unfairly or differently based on characteristics such as race, gender, age, or disability.

Unfair trade practices may occur when insurers engage in deceptive or fraudulent business practices, such as misrepresenting the terms of an insurance policy or failing to disclose important information to customers.

Privacy violations are yet another instance of legal liability where insurers  to adequately protect the personal information of their customers, e.g., by allowing the information to be accessed by unauthorized parties, or to be disclosed without consent.

Finally, professional liability arise when an insurer is held responsible for the negligent or wrongful actions of its employees or agents like claims adjusters or medical professionals.

Legal liabilities have serious consequences for health insurers. Health insurers may incur financial losses — by being required to pay damages or other compensation to those harmed by the insurer's actions or conduct, reputational damage — by suffering harm to the reputation and credibility, which may result in a loss of business or customer trust, legal costs — by having to pay significant legal fees or settlement costs after legal actions and investigations, regulatory penalties — by facing fines or other penalties imposed by regulatory authorities, and even criminal prosecution — for their actions or conduct.

To avoid all these consequences, health insurers implement compliance programs and work closely with legal counsel to identify and address potential risks.

reputational risk

regulatory risk, litigation risk, financial risk, operational risk, and customer service risk

For a health insurer, reputational risk is the risk that its organization suffers harm to its reputation or credibility as a result of its actions or conduct. The reputation of a health insurer is at risk for reasons of different natures, like regulatory, litigation, financial, operational, or customer service risk.

A regulatory risk arises when an insurer violates laws or regulations that govern its insurance industry, such as those related to consumer protection, privacy, or fair business practices.

Litigation risk occurs when an insurer is involved in legal proceedings, such as lawsuits or investigations, which has an impact on its reputation, notably if it is found to be at fault.

Financial risk happens when an insurer is (perceived to be) in financial distress, especially if it experiences financial losses or bankruptcy. In that situation, a health insurer's reputation and credibility may suffer.

Operational risk arises when the insurer experiences operational failures or disruptions, e.g., in case of a technical failure, or if their supply chain is disrupted. In such situations, the health insurer's reputation and credibility may also suffer.

Finally, customer service risk arises when an insurer is perceived to provide inadequate customer service, like failing to promptly pay claims or to providing inadequate coverage.